Date
Dec. 6, 2024, 3:11 p.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 23.499472] ================================================================== [ 23.501207] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 23.502586] Write of size 16 at addr ffff888101b3cc80 by task kunit_try_catch/174 [ 23.503978] [ 23.504223] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.505763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.506545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.507719] Call Trace: [ 23.508068] <TASK> [ 23.508348] dump_stack_lvl+0x73/0xb0 [ 23.508785] print_report+0xd1/0x640 [ 23.509847] ? __virt_addr_valid+0x1db/0x2d0 [ 23.510730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.511221] kasan_report+0x102/0x140 [ 23.512458] ? kmalloc_oob_16+0x454/0x4a0 [ 23.513174] ? kmalloc_oob_16+0x454/0x4a0 [ 23.514396] __asan_report_store16_noabort+0x1b/0x30 [ 23.515377] kmalloc_oob_16+0x454/0x4a0 [ 23.515694] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 23.516679] ? __pfx_read_tsc+0x10/0x10 [ 23.517562] ? ktime_get_ts64+0x86/0x230 [ 23.518703] kunit_try_run_case+0x1b3/0x490 [ 23.519542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.520260] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.521131] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.522186] ? __kthread_parkme+0x82/0x160 [ 23.523552] ? preempt_count_sub+0x50/0x80 [ 23.524020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.524533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.525098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.525628] kthread+0x257/0x310 [ 23.526797] ? __pfx_kthread+0x10/0x10 [ 23.527136] ret_from_fork+0x41/0x80 [ 23.528243] ? __pfx_kthread+0x10/0x10 [ 23.528640] ret_from_fork_asm+0x1a/0x30 [ 23.530189] </TASK> [ 23.530425] [ 23.530618] Allocated by task 174: [ 23.531520] kasan_save_stack+0x3d/0x60 [ 23.531953] kasan_save_track+0x18/0x40 [ 23.533140] kasan_save_alloc_info+0x3b/0x50 [ 23.533545] __kasan_kmalloc+0xb7/0xc0 [ 23.534151] __kmalloc_cache_noprof+0x184/0x410 [ 23.535234] kmalloc_oob_16+0xa9/0x4a0 [ 23.536233] kunit_try_run_case+0x1b3/0x490 [ 23.536615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.538095] kthread+0x257/0x310 [ 23.538452] ret_from_fork+0x41/0x80 [ 23.538784] ret_from_fork_asm+0x1a/0x30 [ 23.539686] [ 23.540110] The buggy address belongs to the object at ffff888101b3cc80 [ 23.540110] which belongs to the cache kmalloc-16 of size 16 [ 23.541425] The buggy address is located 0 bytes inside of [ 23.541425] allocated 13-byte region [ffff888101b3cc80, ffff888101b3cc8d) [ 23.543657] [ 23.543869] The buggy address belongs to the physical page: [ 23.544238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 23.545087] flags: 0x200000000000000(node=0|zone=2) [ 23.546563] page_type: f5(slab) [ 23.547384] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.548190] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.548894] page dumped because: kasan: bad access detected [ 23.549506] [ 23.550360] Memory state around the buggy address: [ 23.551220] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 23.551640] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 23.553331] >ffff888101b3cc80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.554909] ^ [ 23.555240] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.556426] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.557265] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 23.412691] ================================================================== [ 23.413180] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 23.413593] Read of size 1 at addr ffff8881009a4c00 by task kunit_try_catch/172 [ 23.417232] [ 23.417731] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.418537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.419300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.421232] Call Trace: [ 23.422021] <TASK> [ 23.422591] dump_stack_lvl+0x73/0xb0 [ 23.423319] print_report+0xd1/0x640 [ 23.423806] ? __virt_addr_valid+0x1db/0x2d0 [ 23.424814] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.425492] kasan_report+0x102/0x140 [ 23.426774] ? krealloc_uaf+0x53e/0x5e0 [ 23.427772] ? krealloc_uaf+0x53e/0x5e0 [ 23.428187] __asan_report_load1_noabort+0x18/0x20 [ 23.429174] krealloc_uaf+0x53e/0x5e0 [ 23.430151] ? __pfx_krealloc_uaf+0x10/0x10 [ 23.431303] ? finish_task_switch.isra.0+0x153/0x700 [ 23.432454] ? __switch_to+0x5d9/0xf60 [ 23.433097] ? __schedule+0xc70/0x27e0 [ 23.433583] ? __pfx_read_tsc+0x10/0x10 [ 23.434006] ? ktime_get_ts64+0x86/0x230 [ 23.434686] kunit_try_run_case+0x1b3/0x490 [ 23.436272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.437039] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.437683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.438387] ? __kthread_parkme+0x82/0x160 [ 23.438916] ? preempt_count_sub+0x50/0x80 [ 23.439523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.440317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.441076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.441984] kthread+0x257/0x310 [ 23.443441] ? __pfx_kthread+0x10/0x10 [ 23.444352] ret_from_fork+0x41/0x80 [ 23.444687] ? __pfx_kthread+0x10/0x10 [ 23.445515] ret_from_fork_asm+0x1a/0x30 [ 23.446219] </TASK> [ 23.446519] [ 23.447575] Allocated by task 172: [ 23.448162] kasan_save_stack+0x3d/0x60 [ 23.449102] kasan_save_track+0x18/0x40 [ 23.449598] kasan_save_alloc_info+0x3b/0x50 [ 23.450166] __kasan_kmalloc+0xb7/0xc0 [ 23.451343] __kmalloc_cache_noprof+0x184/0x410 [ 23.451851] krealloc_uaf+0xbc/0x5e0 [ 23.452316] kunit_try_run_case+0x1b3/0x490 [ 23.453468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.454534] kthread+0x257/0x310 [ 23.455383] ret_from_fork+0x41/0x80 [ 23.455793] ret_from_fork_asm+0x1a/0x30 [ 23.456317] [ 23.456699] Freed by task 172: [ 23.457045] kasan_save_stack+0x3d/0x60 [ 23.458300] kasan_save_track+0x18/0x40 [ 23.458777] kasan_save_free_info+0x3f/0x60 [ 23.460052] __kasan_slab_free+0x56/0x70 [ 23.461017] kfree+0x123/0x3f0 [ 23.461468] krealloc_uaf+0x13e/0x5e0 [ 23.461898] kunit_try_run_case+0x1b3/0x490 [ 23.462668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.463722] kthread+0x257/0x310 [ 23.464847] ret_from_fork+0x41/0x80 [ 23.465559] ret_from_fork_asm+0x1a/0x30 [ 23.466152] [ 23.466777] The buggy address belongs to the object at ffff8881009a4c00 [ 23.466777] which belongs to the cache kmalloc-256 of size 256 [ 23.468814] The buggy address is located 0 bytes inside of [ 23.468814] freed 256-byte region [ffff8881009a4c00, ffff8881009a4d00) [ 23.470796] [ 23.471054] The buggy address belongs to the physical page: [ 23.471432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a4 [ 23.473378] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.474343] flags: 0x200000000000040(head|node=0|zone=2) [ 23.474707] page_type: f5(slab) [ 23.475400] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.476395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.477743] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.479167] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.480009] head: 0200000000000001 ffffea0004026901 ffffffffffffffff 0000000000000000 [ 23.480910] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.482111] page dumped because: kasan: bad access detected [ 23.482925] [ 23.483215] Memory state around the buggy address: [ 23.484528] ffff8881009a4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.485687] ffff8881009a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.486711] >ffff8881009a4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.487356] ^ [ 23.488904] ffff8881009a4c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.489743] ffff8881009a4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.490342] ================================================================== [ 23.335412] ================================================================== [ 23.336311] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 23.337452] Read of size 1 at addr ffff8881009a4c00 by task kunit_try_catch/172 [ 23.338078] [ 23.338411] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.340788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.341286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.341854] Call Trace: [ 23.342097] <TASK> [ 23.342405] dump_stack_lvl+0x73/0xb0 [ 23.342830] print_report+0xd1/0x640 [ 23.343747] ? __virt_addr_valid+0x1db/0x2d0 [ 23.344310] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.344726] kasan_report+0x102/0x140 [ 23.346134] ? krealloc_uaf+0x1b9/0x5e0 [ 23.346928] ? krealloc_uaf+0x1b9/0x5e0 [ 23.347424] ? krealloc_uaf+0x1b9/0x5e0 [ 23.347920] __kasan_check_byte+0x3d/0x50 [ 23.349234] krealloc_noprof+0x3f/0x340 [ 23.349871] krealloc_uaf+0x1b9/0x5e0 [ 23.350215] ? __pfx_krealloc_uaf+0x10/0x10 [ 23.350890] ? finish_task_switch.isra.0+0x153/0x700 [ 23.351260] ? __switch_to+0x5d9/0xf60 [ 23.352041] ? __schedule+0xc70/0x27e0 [ 23.352449] ? __pfx_read_tsc+0x10/0x10 [ 23.352855] ? ktime_get_ts64+0x86/0x230 [ 23.355254] kunit_try_run_case+0x1b3/0x490 [ 23.355953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.356370] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.357127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.358489] ? __kthread_parkme+0x82/0x160 [ 23.359456] ? preempt_count_sub+0x50/0x80 [ 23.359924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.361260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.361813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.363096] kthread+0x257/0x310 [ 23.363476] ? __pfx_kthread+0x10/0x10 [ 23.363791] ret_from_fork+0x41/0x80 [ 23.364671] ? __pfx_kthread+0x10/0x10 [ 23.365523] ret_from_fork_asm+0x1a/0x30 [ 23.366080] </TASK> [ 23.366402] [ 23.366656] Allocated by task 172: [ 23.366955] kasan_save_stack+0x3d/0x60 [ 23.368325] kasan_save_track+0x18/0x40 [ 23.368807] kasan_save_alloc_info+0x3b/0x50 [ 23.369300] __kasan_kmalloc+0xb7/0xc0 [ 23.369687] __kmalloc_cache_noprof+0x184/0x410 [ 23.371561] krealloc_uaf+0xbc/0x5e0 [ 23.372986] kunit_try_run_case+0x1b3/0x490 [ 23.373459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.374417] kthread+0x257/0x310 [ 23.375841] ret_from_fork+0x41/0x80 [ 23.376348] ret_from_fork_asm+0x1a/0x30 [ 23.376622] [ 23.376898] Freed by task 172: [ 23.378070] kasan_save_stack+0x3d/0x60 [ 23.378547] kasan_save_track+0x18/0x40 [ 23.379140] kasan_save_free_info+0x3f/0x60 [ 23.379958] __kasan_slab_free+0x56/0x70 [ 23.380366] kfree+0x123/0x3f0 [ 23.380959] krealloc_uaf+0x13e/0x5e0 [ 23.381849] kunit_try_run_case+0x1b3/0x490 [ 23.382735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.383528] kthread+0x257/0x310 [ 23.384308] ret_from_fork+0x41/0x80 [ 23.384672] ret_from_fork_asm+0x1a/0x30 [ 23.385638] [ 23.385883] The buggy address belongs to the object at ffff8881009a4c00 [ 23.385883] which belongs to the cache kmalloc-256 of size 256 [ 23.387326] The buggy address is located 0 bytes inside of [ 23.387326] freed 256-byte region [ffff8881009a4c00, ffff8881009a4d00) [ 23.390388] [ 23.391335] The buggy address belongs to the physical page: [ 23.392020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a4 [ 23.393181] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.393835] flags: 0x200000000000040(head|node=0|zone=2) [ 23.395134] page_type: f5(slab) [ 23.396516] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.397402] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.398604] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.399868] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.401314] head: 0200000000000001 ffffea0004026901 ffffffffffffffff 0000000000000000 [ 23.402965] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.403634] page dumped because: kasan: bad access detected [ 23.405196] [ 23.405477] Memory state around the buggy address: [ 23.405996] ffff8881009a4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.406868] ffff8881009a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.408024] >ffff8881009a4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.409216] ^ [ 23.410065] ffff8881009a4c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.410568] ffff8881009a4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.411295] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 23.130462] ================================================================== [ 23.131665] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 23.133581] Write of size 1 at addr ffff888102aba0d0 by task kunit_try_catch/170 [ 23.134638] [ 23.134782] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.135302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.135558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.136052] Call Trace: [ 23.137177] <TASK> [ 23.137848] dump_stack_lvl+0x73/0xb0 [ 23.138488] print_report+0xd1/0x640 [ 23.138718] ? __virt_addr_valid+0x1db/0x2d0 [ 23.138924] ? kasan_addr_to_slab+0x11/0xa0 [ 23.139245] kasan_report+0x102/0x140 [ 23.139970] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 23.140419] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 23.141759] __asan_report_store1_noabort+0x1b/0x30 [ 23.142268] krealloc_less_oob_helper+0xe25/0x11d0 [ 23.142802] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.143808] ? finish_task_switch.isra.0+0x153/0x700 [ 23.144352] ? __switch_to+0x5d9/0xf60 [ 23.144742] ? __schedule+0xc70/0x27e0 [ 23.145052] ? __pfx_read_tsc+0x10/0x10 [ 23.146845] krealloc_large_less_oob+0x1c/0x30 [ 23.147406] kunit_try_run_case+0x1b3/0x490 [ 23.148296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.149034] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.149558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.150076] ? __kthread_parkme+0x82/0x160 [ 23.151193] ? preempt_count_sub+0x50/0x80 [ 23.151638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.152323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.153015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.153586] kthread+0x257/0x310 [ 23.154059] ? __pfx_kthread+0x10/0x10 [ 23.154410] ret_from_fork+0x41/0x80 [ 23.154817] ? __pfx_kthread+0x10/0x10 [ 23.155341] ret_from_fork_asm+0x1a/0x30 [ 23.155710] </TASK> [ 23.156048] [ 23.157232] The buggy address belongs to the physical page: [ 23.157911] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 23.158760] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.159752] flags: 0x200000000000040(head|node=0|zone=2) [ 23.160276] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.162033] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.163014] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.163874] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.164572] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.166160] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.166829] page dumped because: kasan: bad access detected [ 23.167360] [ 23.167533] Memory state around the buggy address: [ 23.168087] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.169211] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.169912] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.170535] ^ [ 23.172049] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.172684] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.173399] ================================================================== [ 22.617182] ================================================================== [ 22.618750] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 22.620582] Write of size 1 at addr ffff8881003978c9 by task kunit_try_catch/166 [ 22.621239] [ 22.621486] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.623788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.624234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.626436] Call Trace: [ 22.627319] <TASK> [ 22.627484] dump_stack_lvl+0x73/0xb0 [ 22.628740] print_report+0xd1/0x640 [ 22.629199] ? __virt_addr_valid+0x1db/0x2d0 [ 22.630312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.631815] kasan_report+0x102/0x140 [ 22.632222] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 22.633584] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 22.635071] __asan_report_store1_noabort+0x1b/0x30 [ 22.635592] krealloc_less_oob_helper+0xd72/0x11d0 [ 22.636119] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.636618] ? finish_task_switch.isra.0+0x153/0x700 [ 22.638690] ? __switch_to+0x5d9/0xf60 [ 22.639223] ? __schedule+0xc70/0x27e0 [ 22.640168] ? __pfx_read_tsc+0x10/0x10 [ 22.640916] krealloc_less_oob+0x1c/0x30 [ 22.642310] kunit_try_run_case+0x1b3/0x490 [ 22.642667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.643878] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.644924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.646544] ? __kthread_parkme+0x82/0x160 [ 22.647023] ? preempt_count_sub+0x50/0x80 [ 22.648257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.649492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.650156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.651290] kthread+0x257/0x310 [ 22.651968] ? __pfx_kthread+0x10/0x10 [ 22.653450] ret_from_fork+0x41/0x80 [ 22.653861] ? __pfx_kthread+0x10/0x10 [ 22.654319] ret_from_fork_asm+0x1a/0x30 [ 22.655789] </TASK> [ 22.656174] [ 22.656438] Allocated by task 166: [ 22.656796] kasan_save_stack+0x3d/0x60 [ 22.658161] kasan_save_track+0x18/0x40 [ 22.659043] kasan_save_alloc_info+0x3b/0x50 [ 22.660418] __kasan_krealloc+0x190/0x1f0 [ 22.661300] krealloc_noprof+0xf3/0x340 [ 22.662198] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.663233] krealloc_less_oob+0x1c/0x30 [ 22.663523] kunit_try_run_case+0x1b3/0x490 [ 22.664424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.665882] kthread+0x257/0x310 [ 22.666988] ret_from_fork+0x41/0x80 [ 22.667860] ret_from_fork_asm+0x1a/0x30 [ 22.668152] [ 22.668329] The buggy address belongs to the object at ffff888100397800 [ 22.668329] which belongs to the cache kmalloc-256 of size 256 [ 22.671132] The buggy address is located 0 bytes to the right of [ 22.671132] allocated 201-byte region [ffff888100397800, ffff8881003978c9) [ 22.673350] [ 22.673554] The buggy address belongs to the physical page: [ 22.674267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 22.674887] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.677021] flags: 0x200000000000040(head|node=0|zone=2) [ 22.677551] page_type: f5(slab) [ 22.678155] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.679803] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.680612] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.681454] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.684010] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 22.685322] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.686790] page dumped because: kasan: bad access detected [ 22.688060] [ 22.688258] Memory state around the buggy address: [ 22.688540] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.690072] ffff888100397800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.690919] >ffff888100397880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.693012] ^ [ 22.693719] ffff888100397900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.695165] ffff888100397980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.696421] ================================================================== [ 22.698189] ================================================================== [ 22.699002] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 22.699659] Write of size 1 at addr ffff8881003978d0 by task kunit_try_catch/166 [ 22.700378] [ 22.700568] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.702508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.702992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.705851] Call Trace: [ 22.706114] <TASK> [ 22.706789] dump_stack_lvl+0x73/0xb0 [ 22.707477] print_report+0xd1/0x640 [ 22.708520] ? __virt_addr_valid+0x1db/0x2d0 [ 22.708973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.709924] kasan_report+0x102/0x140 [ 22.711231] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 22.712446] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 22.713643] __asan_report_store1_noabort+0x1b/0x30 [ 22.715025] krealloc_less_oob_helper+0xe25/0x11d0 [ 22.716057] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.716473] ? finish_task_switch.isra.0+0x153/0x700 [ 22.717027] ? __switch_to+0x5d9/0xf60 [ 22.717815] ? __schedule+0xc70/0x27e0 [ 22.718195] ? __pfx_read_tsc+0x10/0x10 [ 22.718818] krealloc_less_oob+0x1c/0x30 [ 22.719151] kunit_try_run_case+0x1b3/0x490 [ 22.720582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.721287] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.721690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.722865] ? __kthread_parkme+0x82/0x160 [ 22.723265] ? preempt_count_sub+0x50/0x80 [ 22.724583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.725273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.726020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.726752] kthread+0x257/0x310 [ 22.728168] ? __pfx_kthread+0x10/0x10 [ 22.728614] ret_from_fork+0x41/0x80 [ 22.729407] ? __pfx_kthread+0x10/0x10 [ 22.729756] ret_from_fork_asm+0x1a/0x30 [ 22.730514] </TASK> [ 22.730749] [ 22.731432] Allocated by task 166: [ 22.731993] kasan_save_stack+0x3d/0x60 [ 22.732466] kasan_save_track+0x18/0x40 [ 22.732920] kasan_save_alloc_info+0x3b/0x50 [ 22.734377] __kasan_krealloc+0x190/0x1f0 [ 22.735263] krealloc_noprof+0xf3/0x340 [ 22.735718] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.736573] krealloc_less_oob+0x1c/0x30 [ 22.736912] kunit_try_run_case+0x1b3/0x490 [ 22.738082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.738608] kthread+0x257/0x310 [ 22.739482] ret_from_fork+0x41/0x80 [ 22.739793] ret_from_fork_asm+0x1a/0x30 [ 22.740765] [ 22.741099] The buggy address belongs to the object at ffff888100397800 [ 22.741099] which belongs to the cache kmalloc-256 of size 256 [ 22.742134] The buggy address is located 7 bytes to the right of [ 22.742134] allocated 201-byte region [ffff888100397800, ffff8881003978c9) [ 22.744849] [ 22.745466] The buggy address belongs to the physical page: [ 22.746254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 22.747031] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.748497] flags: 0x200000000000040(head|node=0|zone=2) [ 22.750128] page_type: f5(slab) [ 22.750862] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.751603] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.753504] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.754561] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.755581] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 22.756037] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.756433] page dumped because: kasan: bad access detected [ 22.756654] [ 22.756748] Memory state around the buggy address: [ 22.757052] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.758816] ffff888100397800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.759848] >ffff888100397880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.761011] ^ [ 22.761370] ffff888100397900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.761801] ffff888100397980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.762638] ================================================================== [ 23.174334] ================================================================== [ 23.175070] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 23.175984] Write of size 1 at addr ffff888102aba0da by task kunit_try_catch/170 [ 23.177497] [ 23.177802] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.179680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.180013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.181027] Call Trace: [ 23.182365] <TASK> [ 23.182649] dump_stack_lvl+0x73/0xb0 [ 23.182995] print_report+0xd1/0x640 [ 23.183723] ? __virt_addr_valid+0x1db/0x2d0 [ 23.184690] ? kasan_addr_to_slab+0x11/0xa0 [ 23.185305] kasan_report+0x102/0x140 [ 23.186489] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 23.186984] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 23.187680] __asan_report_store1_noabort+0x1b/0x30 [ 23.188304] krealloc_less_oob_helper+0xec8/0x11d0 [ 23.188819] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.189383] ? finish_task_switch.isra.0+0x153/0x700 [ 23.189880] ? __switch_to+0x5d9/0xf60 [ 23.190363] ? __schedule+0xc70/0x27e0 [ 23.190819] ? __pfx_read_tsc+0x10/0x10 [ 23.191347] krealloc_large_less_oob+0x1c/0x30 [ 23.191710] kunit_try_run_case+0x1b3/0x490 [ 23.192335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.192793] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.193178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.193822] ? __kthread_parkme+0x82/0x160 [ 23.195331] ? preempt_count_sub+0x50/0x80 [ 23.196051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.196406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.196800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.197845] kthread+0x257/0x310 [ 23.198415] ? __pfx_kthread+0x10/0x10 [ 23.198731] ret_from_fork+0x41/0x80 [ 23.199269] ? __pfx_kthread+0x10/0x10 [ 23.200744] ret_from_fork_asm+0x1a/0x30 [ 23.201292] </TASK> [ 23.201701] [ 23.201984] The buggy address belongs to the physical page: [ 23.202331] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 23.203313] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.205338] flags: 0x200000000000040(head|node=0|zone=2) [ 23.206244] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.206995] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.208035] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.209297] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.210145] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.211803] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.212583] page dumped because: kasan: bad access detected [ 23.213640] [ 23.213885] Memory state around the buggy address: [ 23.215356] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.216334] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.216910] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.217751] ^ [ 23.219359] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.219817] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.220718] ================================================================== [ 23.222244] ================================================================== [ 23.223780] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 23.225059] Write of size 1 at addr ffff888102aba0ea by task kunit_try_catch/170 [ 23.226302] [ 23.226594] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.227895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.229140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.230467] Call Trace: [ 23.231066] <TASK> [ 23.231471] dump_stack_lvl+0x73/0xb0 [ 23.232298] print_report+0xd1/0x640 [ 23.233406] ? __virt_addr_valid+0x1db/0x2d0 [ 23.234271] ? kasan_addr_to_slab+0x11/0xa0 [ 23.234782] kasan_report+0x102/0x140 [ 23.235104] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 23.236141] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 23.236573] __asan_report_store1_noabort+0x1b/0x30 [ 23.238409] krealloc_less_oob_helper+0xe92/0x11d0 [ 23.239298] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.240233] ? finish_task_switch.isra.0+0x153/0x700 [ 23.240763] ? __switch_to+0x5d9/0xf60 [ 23.242280] ? __schedule+0xc70/0x27e0 [ 23.243071] ? __pfx_read_tsc+0x10/0x10 [ 23.243761] krealloc_large_less_oob+0x1c/0x30 [ 23.244222] kunit_try_run_case+0x1b3/0x490 [ 23.245386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.245997] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.247296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.248278] ? __kthread_parkme+0x82/0x160 [ 23.248588] ? preempt_count_sub+0x50/0x80 [ 23.249262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.249710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.251280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.252069] kthread+0x257/0x310 [ 23.252454] ? __pfx_kthread+0x10/0x10 [ 23.253494] ret_from_fork+0x41/0x80 [ 23.254070] ? __pfx_kthread+0x10/0x10 [ 23.254706] ret_from_fork_asm+0x1a/0x30 [ 23.255461] </TASK> [ 23.255792] [ 23.256094] The buggy address belongs to the physical page: [ 23.256501] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 23.257861] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.259203] flags: 0x200000000000040(head|node=0|zone=2) [ 23.260253] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.261284] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.261692] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.264332] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.265765] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.266765] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.267537] page dumped because: kasan: bad access detected [ 23.268434] [ 23.268680] Memory state around the buggy address: [ 23.270072] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.270813] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.272204] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.273545] ^ [ 23.274635] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.275592] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.276656] ================================================================== [ 22.892338] ================================================================== [ 22.893213] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 22.894034] Write of size 1 at addr ffff8881003978eb by task kunit_try_catch/166 [ 22.894904] [ 22.895238] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.896696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.897225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.898441] Call Trace: [ 22.898770] <TASK> [ 22.899022] dump_stack_lvl+0x73/0xb0 [ 22.899350] print_report+0xd1/0x640 [ 22.900518] ? __virt_addr_valid+0x1db/0x2d0 [ 22.901212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.902226] kasan_report+0x102/0x140 [ 22.902845] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 22.903318] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 22.904393] __asan_report_store1_noabort+0x1b/0x30 [ 22.904757] krealloc_less_oob_helper+0xd49/0x11d0 [ 22.905387] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.907023] ? finish_task_switch.isra.0+0x153/0x700 [ 22.907854] ? __switch_to+0x5d9/0xf60 [ 22.908355] ? __schedule+0xc70/0x27e0 [ 22.909275] ? __pfx_read_tsc+0x10/0x10 [ 22.910281] krealloc_less_oob+0x1c/0x30 [ 22.910820] kunit_try_run_case+0x1b3/0x490 [ 22.911295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.912245] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.912921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.913556] ? __kthread_parkme+0x82/0x160 [ 22.914841] ? preempt_count_sub+0x50/0x80 [ 22.915336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.916018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.916732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.917743] kthread+0x257/0x310 [ 22.918148] ? __pfx_kthread+0x10/0x10 [ 22.919117] ret_from_fork+0x41/0x80 [ 22.919540] ? __pfx_kthread+0x10/0x10 [ 22.920091] ret_from_fork_asm+0x1a/0x30 [ 22.920960] </TASK> [ 22.921260] [ 22.921740] Allocated by task 166: [ 22.922539] kasan_save_stack+0x3d/0x60 [ 22.923661] kasan_save_track+0x18/0x40 [ 22.923993] kasan_save_alloc_info+0x3b/0x50 [ 22.924550] __kasan_krealloc+0x190/0x1f0 [ 22.925434] krealloc_noprof+0xf3/0x340 [ 22.925742] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.927355] krealloc_less_oob+0x1c/0x30 [ 22.927969] kunit_try_run_case+0x1b3/0x490 [ 22.928552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.929307] kthread+0x257/0x310 [ 22.929904] ret_from_fork+0x41/0x80 [ 22.930365] ret_from_fork_asm+0x1a/0x30 [ 22.930824] [ 22.931061] The buggy address belongs to the object at ffff888100397800 [ 22.931061] which belongs to the cache kmalloc-256 of size 256 [ 22.932178] The buggy address is located 34 bytes to the right of [ 22.932178] allocated 201-byte region [ffff888100397800, ffff8881003978c9) [ 22.934213] [ 22.934536] The buggy address belongs to the physical page: [ 22.935091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 22.936002] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.936680] flags: 0x200000000000040(head|node=0|zone=2) [ 22.937401] page_type: f5(slab) [ 22.937802] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.939657] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.940854] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.942581] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.943498] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 22.944139] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.945234] page dumped because: kasan: bad access detected [ 22.946257] [ 22.946610] Memory state around the buggy address: [ 22.947856] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.948867] ffff888100397800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.950164] >ffff888100397880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.950794] ^ [ 22.953050] ffff888100397900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.953858] ffff888100397980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.954636] ================================================================== [ 23.278462] ================================================================== [ 23.279388] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 23.280830] Write of size 1 at addr ffff888102aba0eb by task kunit_try_catch/170 [ 23.281716] [ 23.282180] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.284161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.284645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.286869] Call Trace: [ 23.287500] <TASK> [ 23.287864] dump_stack_lvl+0x73/0xb0 [ 23.288975] print_report+0xd1/0x640 [ 23.289438] ? __virt_addr_valid+0x1db/0x2d0 [ 23.290092] ? kasan_addr_to_slab+0x11/0xa0 [ 23.290981] kasan_report+0x102/0x140 [ 23.291630] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 23.292879] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 23.293552] __asan_report_store1_noabort+0x1b/0x30 [ 23.294557] krealloc_less_oob_helper+0xd49/0x11d0 [ 23.295347] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.296471] ? finish_task_switch.isra.0+0x153/0x700 [ 23.297521] ? __switch_to+0x5d9/0xf60 [ 23.298357] ? __schedule+0xc70/0x27e0 [ 23.298874] ? __pfx_read_tsc+0x10/0x10 [ 23.299534] krealloc_large_less_oob+0x1c/0x30 [ 23.300887] kunit_try_run_case+0x1b3/0x490 [ 23.301304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.302008] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.302313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.302622] ? __kthread_parkme+0x82/0x160 [ 23.302818] ? preempt_count_sub+0x50/0x80 [ 23.303093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.303578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.305873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.306570] kthread+0x257/0x310 [ 23.307263] ? __pfx_kthread+0x10/0x10 [ 23.307908] ret_from_fork+0x41/0x80 [ 23.309419] ? __pfx_kthread+0x10/0x10 [ 23.310196] ret_from_fork_asm+0x1a/0x30 [ 23.310545] </TASK> [ 23.310837] [ 23.311056] The buggy address belongs to the physical page: [ 23.311899] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 23.312507] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.313875] flags: 0x200000000000040(head|node=0|zone=2) [ 23.314640] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.315294] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.316265] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.316884] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.318989] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.321062] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.321878] page dumped because: kasan: bad access detected [ 23.322395] [ 23.322995] Memory state around the buggy address: [ 23.323925] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.325195] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.325849] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.326739] ^ [ 23.327265] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.327791] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.328530] ================================================================== [ 22.829356] ================================================================== [ 22.830381] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 22.831066] Write of size 1 at addr ffff8881003978ea by task kunit_try_catch/166 [ 22.831791] [ 22.832434] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.834043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.834573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.835259] Call Trace: [ 22.836018] <TASK> [ 22.836406] dump_stack_lvl+0x73/0xb0 [ 22.837010] print_report+0xd1/0x640 [ 22.838048] ? __virt_addr_valid+0x1db/0x2d0 [ 22.838591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.839512] kasan_report+0x102/0x140 [ 22.840369] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 22.841743] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 22.842337] __asan_report_store1_noabort+0x1b/0x30 [ 22.842966] krealloc_less_oob_helper+0xe92/0x11d0 [ 22.843995] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.844372] ? finish_task_switch.isra.0+0x153/0x700 [ 22.845635] ? __switch_to+0x5d9/0xf60 [ 22.846349] ? __schedule+0xc70/0x27e0 [ 22.846830] ? __pfx_read_tsc+0x10/0x10 [ 22.847393] krealloc_less_oob+0x1c/0x30 [ 22.847846] kunit_try_run_case+0x1b3/0x490 [ 22.848671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.849074] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.850545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.851299] ? __kthread_parkme+0x82/0x160 [ 22.851867] ? preempt_count_sub+0x50/0x80 [ 22.852474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.853293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.853925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.855082] kthread+0x257/0x310 [ 22.855467] ? __pfx_kthread+0x10/0x10 [ 22.855860] ret_from_fork+0x41/0x80 [ 22.856742] ? __pfx_kthread+0x10/0x10 [ 22.857063] ret_from_fork_asm+0x1a/0x30 [ 22.857983] </TASK> [ 22.858797] [ 22.859049] Allocated by task 166: [ 22.859289] kasan_save_stack+0x3d/0x60 [ 22.860432] kasan_save_track+0x18/0x40 [ 22.861222] kasan_save_alloc_info+0x3b/0x50 [ 22.861647] __kasan_krealloc+0x190/0x1f0 [ 22.861990] krealloc_noprof+0xf3/0x340 [ 22.862887] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.863704] krealloc_less_oob+0x1c/0x30 [ 22.864384] kunit_try_run_case+0x1b3/0x490 [ 22.864746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.865474] kthread+0x257/0x310 [ 22.865899] ret_from_fork+0x41/0x80 [ 22.867407] ret_from_fork_asm+0x1a/0x30 [ 22.868089] [ 22.868294] The buggy address belongs to the object at ffff888100397800 [ 22.868294] which belongs to the cache kmalloc-256 of size 256 [ 22.869981] The buggy address is located 33 bytes to the right of [ 22.869981] allocated 201-byte region [ffff888100397800, ffff8881003978c9) [ 22.870804] [ 22.872110] The buggy address belongs to the physical page: [ 22.872497] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 22.873757] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.874702] flags: 0x200000000000040(head|node=0|zone=2) [ 22.875920] page_type: f5(slab) [ 22.877105] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.878071] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.878695] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.879754] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.880764] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 22.882099] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.883245] page dumped because: kasan: bad access detected [ 22.884108] [ 22.884301] Memory state around the buggy address: [ 22.885017] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.886602] ffff888100397800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.887280] >ffff888100397880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.887973] ^ [ 22.889022] ffff888100397900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.889562] ffff888100397980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.890377] ================================================================== [ 23.079029] ================================================================== [ 23.079992] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 23.082408] Write of size 1 at addr ffff888102aba0c9 by task kunit_try_catch/170 [ 23.083249] [ 23.083594] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.085277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.086422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.087499] Call Trace: [ 23.087653] <TASK> [ 23.087786] dump_stack_lvl+0x73/0xb0 [ 23.088099] print_report+0xd1/0x640 [ 23.088397] ? __virt_addr_valid+0x1db/0x2d0 [ 23.089161] ? kasan_addr_to_slab+0x11/0xa0 [ 23.090467] kasan_report+0x102/0x140 [ 23.090889] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 23.091739] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 23.092868] __asan_report_store1_noabort+0x1b/0x30 [ 23.093360] krealloc_less_oob_helper+0xd72/0x11d0 [ 23.094318] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.095675] ? finish_task_switch.isra.0+0x153/0x700 [ 23.096513] ? __switch_to+0x5d9/0xf60 [ 23.097121] ? __schedule+0xc70/0x27e0 [ 23.097767] ? __pfx_read_tsc+0x10/0x10 [ 23.098516] krealloc_large_less_oob+0x1c/0x30 [ 23.099699] kunit_try_run_case+0x1b3/0x490 [ 23.100193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.100671] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.102037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.102565] ? __kthread_parkme+0x82/0x160 [ 23.102998] ? preempt_count_sub+0x50/0x80 [ 23.103363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.103773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.105094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.106171] kthread+0x257/0x310 [ 23.106582] ? __pfx_kthread+0x10/0x10 [ 23.107200] ret_from_fork+0x41/0x80 [ 23.107764] ? __pfx_kthread+0x10/0x10 [ 23.108120] ret_from_fork_asm+0x1a/0x30 [ 23.108658] </TASK> [ 23.109610] [ 23.110505] The buggy address belongs to the physical page: [ 23.110999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 23.111729] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.112903] flags: 0x200000000000040(head|node=0|zone=2) [ 23.113559] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.114371] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.115424] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.116384] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.118089] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.119378] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.120089] page dumped because: kasan: bad access detected [ 23.120619] [ 23.120981] Memory state around the buggy address: [ 23.121986] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.122405] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.124217] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.124732] ^ [ 23.125232] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.126097] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.127345] ================================================================== [ 22.764718] ================================================================== [ 22.766154] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 22.767146] Write of size 1 at addr ffff8881003978da by task kunit_try_catch/166 [ 22.768398] [ 22.768584] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.769369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.770635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.771528] Call Trace: [ 22.771832] <TASK> [ 22.772089] dump_stack_lvl+0x73/0xb0 [ 22.772576] print_report+0xd1/0x640 [ 22.772891] ? __virt_addr_valid+0x1db/0x2d0 [ 22.773641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.774082] kasan_report+0x102/0x140 [ 22.775307] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 22.776222] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 22.776866] __asan_report_store1_noabort+0x1b/0x30 [ 22.777821] krealloc_less_oob_helper+0xec8/0x11d0 [ 22.778381] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 22.779037] ? finish_task_switch.isra.0+0x153/0x700 [ 22.779465] ? __switch_to+0x5d9/0xf60 [ 22.779923] ? __schedule+0xc70/0x27e0 [ 22.781331] ? __pfx_read_tsc+0x10/0x10 [ 22.781745] krealloc_less_oob+0x1c/0x30 [ 22.782520] kunit_try_run_case+0x1b3/0x490 [ 22.782907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.783471] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.784029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.785171] ? __kthread_parkme+0x82/0x160 [ 22.785958] ? preempt_count_sub+0x50/0x80 [ 22.786682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.787338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.788438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.790064] kthread+0x257/0x310 [ 22.790514] ? __pfx_kthread+0x10/0x10 [ 22.791551] ret_from_fork+0x41/0x80 [ 22.792356] ? __pfx_kthread+0x10/0x10 [ 22.792999] ret_from_fork_asm+0x1a/0x30 [ 22.794466] </TASK> [ 22.794737] [ 22.794956] Allocated by task 166: [ 22.795206] kasan_save_stack+0x3d/0x60 [ 22.795712] kasan_save_track+0x18/0x40 [ 22.796276] kasan_save_alloc_info+0x3b/0x50 [ 22.796738] __kasan_krealloc+0x190/0x1f0 [ 22.798155] krealloc_noprof+0xf3/0x340 [ 22.798771] krealloc_less_oob_helper+0x1ab/0x11d0 [ 22.799780] krealloc_less_oob+0x1c/0x30 [ 22.801072] kunit_try_run_case+0x1b3/0x490 [ 22.801611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.803251] kthread+0x257/0x310 [ 22.803659] ret_from_fork+0x41/0x80 [ 22.803923] ret_from_fork_asm+0x1a/0x30 [ 22.804774] [ 22.805006] The buggy address belongs to the object at ffff888100397800 [ 22.805006] which belongs to the cache kmalloc-256 of size 256 [ 22.806329] The buggy address is located 17 bytes to the right of [ 22.806329] allocated 201-byte region [ffff888100397800, ffff8881003978c9) [ 22.808343] [ 22.808639] The buggy address belongs to the physical page: [ 22.809116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 22.810359] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.811907] flags: 0x200000000000040(head|node=0|zone=2) [ 22.812483] page_type: f5(slab) [ 22.812834] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.813971] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.815689] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.816423] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.817425] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 22.818403] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.820028] page dumped because: kasan: bad access detected [ 22.820619] [ 22.820791] Memory state around the buggy address: [ 22.821430] ffff888100397780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.822464] ffff888100397800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.823863] >ffff888100397880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 22.824695] ^ [ 22.825823] ffff888100397900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.826483] ffff888100397980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.827784] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 23.019386] ================================================================== [ 23.020032] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 23.022772] Write of size 1 at addr ffff888102aba0f0 by task kunit_try_catch/168 [ 23.023476] [ 23.024357] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.025612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.026801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.028252] Call Trace: [ 23.029018] <TASK> [ 23.029234] dump_stack_lvl+0x73/0xb0 [ 23.029506] print_report+0xd1/0x640 [ 23.030247] ? __virt_addr_valid+0x1db/0x2d0 [ 23.030846] ? kasan_addr_to_slab+0x11/0xa0 [ 23.031317] kasan_report+0x102/0x140 [ 23.031719] ? krealloc_more_oob_helper+0x7ed/0x930 [ 23.032223] ? krealloc_more_oob_helper+0x7ed/0x930 [ 23.032728] __asan_report_store1_noabort+0x1b/0x30 [ 23.034567] krealloc_more_oob_helper+0x7ed/0x930 [ 23.035860] ? __schedule+0xc70/0x27e0 [ 23.036731] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 23.037352] ? finish_task_switch.isra.0+0x153/0x700 [ 23.037827] ? __switch_to+0x5d9/0xf60 [ 23.038807] ? __schedule+0xc70/0x27e0 [ 23.040018] ? __pfx_read_tsc+0x10/0x10 [ 23.040523] krealloc_large_more_oob+0x1c/0x30 [ 23.041584] kunit_try_run_case+0x1b3/0x490 [ 23.042644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.043084] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.044120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.044910] ? __kthread_parkme+0x82/0x160 [ 23.045278] ? preempt_count_sub+0x50/0x80 [ 23.045999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.046400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.047320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.048557] kthread+0x257/0x310 [ 23.049146] ? __pfx_kthread+0x10/0x10 [ 23.049582] ret_from_fork+0x41/0x80 [ 23.049950] ? __pfx_kthread+0x10/0x10 [ 23.050311] ret_from_fork_asm+0x1a/0x30 [ 23.050744] </TASK> [ 23.051333] [ 23.052170] The buggy address belongs to the physical page: [ 23.052992] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 23.053927] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.054867] flags: 0x200000000000040(head|node=0|zone=2) [ 23.056092] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.056695] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.057272] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.059071] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.060587] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.061079] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.062642] page dumped because: kasan: bad access detected [ 23.064024] [ 23.064386] Memory state around the buggy address: [ 23.064877] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.065525] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.066273] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 23.067329] ^ [ 23.068602] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.069458] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.070559] ================================================================== [ 22.458416] ================================================================== [ 22.459282] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 22.459730] Write of size 1 at addr ffff8881009a4aeb by task kunit_try_catch/164 [ 22.460193] [ 22.460475] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.462356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.463218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.464286] Call Trace: [ 22.465466] <TASK> [ 22.466196] dump_stack_lvl+0x73/0xb0 [ 22.466857] print_report+0xd1/0x640 [ 22.467427] ? __virt_addr_valid+0x1db/0x2d0 [ 22.468028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.468966] kasan_report+0x102/0x140 [ 22.469552] ? krealloc_more_oob_helper+0x823/0x930 [ 22.470358] ? krealloc_more_oob_helper+0x823/0x930 [ 22.470734] __asan_report_store1_noabort+0x1b/0x30 [ 22.471356] krealloc_more_oob_helper+0x823/0x930 [ 22.471880] ? __schedule+0xc70/0x27e0 [ 22.473017] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 22.473446] ? finish_task_switch.isra.0+0x153/0x700 [ 22.474076] ? __switch_to+0x5d9/0xf60 [ 22.475003] ? __schedule+0xc70/0x27e0 [ 22.475830] ? __pfx_read_tsc+0x10/0x10 [ 22.477384] krealloc_more_oob+0x1c/0x30 [ 22.478063] kunit_try_run_case+0x1b3/0x490 [ 22.478915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.479736] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.480629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.482062] ? __kthread_parkme+0x82/0x160 [ 22.482646] ? preempt_count_sub+0x50/0x80 [ 22.483646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.484144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.485509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.486432] kthread+0x257/0x310 [ 22.487099] ? __pfx_kthread+0x10/0x10 [ 22.488485] ret_from_fork+0x41/0x80 [ 22.488961] ? __pfx_kthread+0x10/0x10 [ 22.489947] ret_from_fork_asm+0x1a/0x30 [ 22.490427] </TASK> [ 22.490967] [ 22.491167] Allocated by task 164: [ 22.491794] kasan_save_stack+0x3d/0x60 [ 22.492707] kasan_save_track+0x18/0x40 [ 22.494097] kasan_save_alloc_info+0x3b/0x50 [ 22.494585] __kasan_krealloc+0x190/0x1f0 [ 22.495363] krealloc_noprof+0xf3/0x340 [ 22.496079] krealloc_more_oob_helper+0x1aa/0x930 [ 22.496818] krealloc_more_oob+0x1c/0x30 [ 22.497209] kunit_try_run_case+0x1b3/0x490 [ 22.498305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.498755] kthread+0x257/0x310 [ 22.499359] ret_from_fork+0x41/0x80 [ 22.500468] ret_from_fork_asm+0x1a/0x30 [ 22.501290] [ 22.501469] The buggy address belongs to the object at ffff8881009a4a00 [ 22.501469] which belongs to the cache kmalloc-256 of size 256 [ 22.503775] The buggy address is located 0 bytes to the right of [ 22.503775] allocated 235-byte region [ffff8881009a4a00, ffff8881009a4aeb) [ 22.506154] [ 22.506599] The buggy address belongs to the physical page: [ 22.507466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a4 [ 22.508351] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.509922] flags: 0x200000000000040(head|node=0|zone=2) [ 22.510487] page_type: f5(slab) [ 22.510841] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.511581] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.513441] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.514895] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.515707] head: 0200000000000001 ffffea0004026901 ffffffffffffffff 0000000000000000 [ 22.516460] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.517907] page dumped because: kasan: bad access detected [ 22.518767] [ 22.519050] Memory state around the buggy address: [ 22.519910] ffff8881009a4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.521189] ffff8881009a4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.522030] >ffff8881009a4a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 22.523112] ^ [ 22.524094] ffff8881009a4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.524950] ffff8881009a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.526602] ================================================================== [ 22.962852] ================================================================== [ 22.964333] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 22.965633] Write of size 1 at addr ffff888102aba0eb by task kunit_try_catch/168 [ 22.966349] [ 22.966593] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.969018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.969710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.971254] Call Trace: [ 22.971574] <TASK> [ 22.972569] dump_stack_lvl+0x73/0xb0 [ 22.973343] print_report+0xd1/0x640 [ 22.973820] ? __virt_addr_valid+0x1db/0x2d0 [ 22.974445] ? kasan_addr_to_slab+0x11/0xa0 [ 22.975011] kasan_report+0x102/0x140 [ 22.975530] ? krealloc_more_oob_helper+0x823/0x930 [ 22.976104] ? krealloc_more_oob_helper+0x823/0x930 [ 22.976579] __asan_report_store1_noabort+0x1b/0x30 [ 22.978172] krealloc_more_oob_helper+0x823/0x930 [ 22.978824] ? __schedule+0xc70/0x27e0 [ 22.979337] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 22.980065] ? finish_task_switch.isra.0+0x153/0x700 [ 22.980527] ? __switch_to+0x5d9/0xf60 [ 22.980831] ? __schedule+0xc70/0x27e0 [ 22.981512] ? __pfx_read_tsc+0x10/0x10 [ 22.982997] krealloc_large_more_oob+0x1c/0x30 [ 22.983403] kunit_try_run_case+0x1b3/0x490 [ 22.984504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.985062] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.985618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.986067] ? __kthread_parkme+0x82/0x160 [ 22.986598] ? preempt_count_sub+0x50/0x80 [ 22.988084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.988826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.990497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.990796] kthread+0x257/0x310 [ 22.990997] ? __pfx_kthread+0x10/0x10 [ 22.991556] ret_from_fork+0x41/0x80 [ 22.993113] ? __pfx_kthread+0x10/0x10 [ 22.994377] ret_from_fork_asm+0x1a/0x30 [ 22.995561] </TASK> [ 22.995867] [ 22.996100] The buggy address belongs to the physical page: [ 22.997590] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8 [ 22.999331] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.001114] flags: 0x200000000000040(head|node=0|zone=2) [ 23.001703] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.002449] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.004473] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.004969] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.006585] head: 0200000000000002 ffffea00040aae01 ffffffffffffffff 0000000000000000 [ 23.007247] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.008358] page dumped because: kasan: bad access detected [ 23.009733] [ 23.009924] Memory state around the buggy address: [ 23.011025] ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.012224] ffff888102aba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.013828] >ffff888102aba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 23.014754] ^ [ 23.015771] ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.017487] ffff888102aba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.018151] ================================================================== [ 22.529015] ================================================================== [ 22.530668] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 22.532085] Write of size 1 at addr ffff8881009a4af0 by task kunit_try_catch/164 [ 22.532698] [ 22.532920] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.535672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.535988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.537658] Call Trace: [ 22.538012] <TASK> [ 22.538389] dump_stack_lvl+0x73/0xb0 [ 22.540132] print_report+0xd1/0x640 [ 22.540604] ? __virt_addr_valid+0x1db/0x2d0 [ 22.541426] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.542469] kasan_report+0x102/0x140 [ 22.542748] ? krealloc_more_oob_helper+0x7ed/0x930 [ 22.543026] ? krealloc_more_oob_helper+0x7ed/0x930 [ 22.544899] __asan_report_store1_noabort+0x1b/0x30 [ 22.545687] krealloc_more_oob_helper+0x7ed/0x930 [ 22.546761] ? __schedule+0xc70/0x27e0 [ 22.547847] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 22.548822] ? finish_task_switch.isra.0+0x153/0x700 [ 22.549819] ? __switch_to+0x5d9/0xf60 [ 22.550354] ? __schedule+0xc70/0x27e0 [ 22.550805] ? __pfx_read_tsc+0x10/0x10 [ 22.551907] krealloc_more_oob+0x1c/0x30 [ 22.552926] kunit_try_run_case+0x1b3/0x490 [ 22.553415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.554530] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.555547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.556501] ? __kthread_parkme+0x82/0x160 [ 22.557471] ? preempt_count_sub+0x50/0x80 [ 22.558156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.558652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.559792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.561323] kthread+0x257/0x310 [ 22.562348] ? __pfx_kthread+0x10/0x10 [ 22.562638] ret_from_fork+0x41/0x80 [ 22.563559] ? __pfx_kthread+0x10/0x10 [ 22.564304] ret_from_fork_asm+0x1a/0x30 [ 22.564849] </TASK> [ 22.565360] [ 22.565650] Allocated by task 164: [ 22.566309] kasan_save_stack+0x3d/0x60 [ 22.567216] kasan_save_track+0x18/0x40 [ 22.568286] kasan_save_alloc_info+0x3b/0x50 [ 22.569051] __kasan_krealloc+0x190/0x1f0 [ 22.570575] krealloc_noprof+0xf3/0x340 [ 22.571053] krealloc_more_oob_helper+0x1aa/0x930 [ 22.572539] krealloc_more_oob+0x1c/0x30 [ 22.573365] kunit_try_run_case+0x1b3/0x490 [ 22.573643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.574521] kthread+0x257/0x310 [ 22.574981] ret_from_fork+0x41/0x80 [ 22.575363] ret_from_fork_asm+0x1a/0x30 [ 22.576548] [ 22.576854] The buggy address belongs to the object at ffff8881009a4a00 [ 22.576854] which belongs to the cache kmalloc-256 of size 256 [ 22.579321] The buggy address is located 5 bytes to the right of [ 22.579321] allocated 235-byte region [ffff8881009a4a00, ffff8881009a4aeb) [ 22.580628] [ 22.581668] The buggy address belongs to the physical page: [ 22.583687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009a4 [ 22.584427] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.586062] flags: 0x200000000000040(head|node=0|zone=2) [ 22.586823] page_type: f5(slab) [ 22.587353] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.588398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.589713] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 22.590866] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.592185] head: 0200000000000001 ffffea0004026901 ffffffffffffffff 0000000000000000 [ 22.592822] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 22.594829] page dumped because: kasan: bad access detected [ 22.595303] [ 22.595495] Memory state around the buggy address: [ 22.596714] ffff8881009a4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.598112] ffff8881009a4a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.600328] >ffff8881009a4a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 22.601523] ^ [ 22.603849] ffff8881009a4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.605802] ffff8881009a4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.607475] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 337.236815] WARNING: CPU: 0 PID: 2318 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 337.238695] Modules linked in: [ 337.239086] CPU: 0 UID: 0 PID: 2318 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241206 #1 [ 337.239939] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 337.241980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 337.243121] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 337.243877] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 337.245902] RSP: 0000:ffff888105077ce8 EFLAGS: 00010286 [ 337.246498] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 337.248162] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffac016814 [ 337.249143] RBP: ffff888105077d10 R08: 0000000000000000 R09: ffffed10204b9f80 [ 337.250250] R10: ffff8881025cfc07 R11: 0000000000000000 R12: ffffffffac016800 [ 337.251791] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105077da8 [ 337.252448] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 337.253921] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 337.254892] CR2: 00007ffff7ffe000 CR3: 00000000708b8000 CR4: 00000000000006f0 [ 337.255542] DR0: ffffffffadffc160 DR1: ffffffffadffc161 DR2: ffffffffadffc163 [ 337.257062] DR3: ffffffffadffc165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 337.257688] Call Trace: [ 337.258461] <TASK> [ 337.258956] ? show_regs+0x68/0x80 [ 337.259523] ? __warn+0xd5/0x260 [ 337.259842] ? drm_rect_calc_vscale+0x130/0x190 [ 337.261168] ? report_bug+0x278/0x2e0 [ 337.261935] ? handle_bug+0x5c/0xb0 [ 337.262391] ? exc_invalid_op+0x1c/0x50 [ 337.263144] ? asm_exc_invalid_op+0x1f/0x30 [ 337.263547] ? drm_rect_calc_vscale+0x130/0x190 [ 337.264991] drm_test_rect_calc_vscale+0x109/0x270 [ 337.266057] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 337.267051] ? __schedule+0xc70/0x27e0 [ 337.267968] ? __pfx_read_tsc+0x10/0x10 [ 337.268488] ? ktime_get_ts64+0x86/0x230 [ 337.269381] kunit_try_run_case+0x1b3/0x490 [ 337.270247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.271275] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 337.272035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 337.273285] ? __kthread_parkme+0x82/0x160 [ 337.274310] ? preempt_count_sub+0x50/0x80 [ 337.274873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.275424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 337.276138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 337.277437] kthread+0x257/0x310 [ 337.278021] ? __pfx_kthread+0x10/0x10 [ 337.278855] ret_from_fork+0x41/0x80 [ 337.279238] ? __pfx_kthread+0x10/0x10 [ 337.279750] ret_from_fork_asm+0x1a/0x30 [ 337.280145] </TASK> [ 337.280487] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 337.184562] WARNING: CPU: 1 PID: 2316 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 337.185714] Modules linked in: [ 337.186561] CPU: 1 UID: 0 PID: 2316 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241206 #1 [ 337.187429] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 337.188690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 337.190695] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 337.192100] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 337.195696] RSP: 0000:ffff8881051cfce8 EFLAGS: 00010286 [ 337.197260] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 337.198786] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffac0167dc [ 337.200657] RBP: ffff8881051cfd10 R08: 0000000000000000 R09: ffffed10204b9f60 [ 337.201264] R10: ffff8881025cfb07 R11: 0000000000000000 R12: ffffffffac0167c8 [ 337.202075] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881051cfda8 [ 337.203292] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 337.204681] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 337.205166] CR2: 00007ffff7ffd000 CR3: 00000000708b8000 CR4: 00000000000006f0 [ 337.205607] DR0: ffffffffadffc164 DR1: ffffffffadffc169 DR2: ffffffffadffc16a [ 337.206378] DR3: ffffffffadffc16b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 337.207048] Call Trace: [ 337.207264] <TASK> [ 337.207537] ? show_regs+0x68/0x80 [ 337.208242] ? __warn+0xd5/0x260 [ 337.208744] ? drm_rect_calc_vscale+0x130/0x190 [ 337.209220] ? report_bug+0x278/0x2e0 [ 337.210442] ? handle_bug+0x5c/0xb0 [ 337.210999] ? exc_invalid_op+0x1c/0x50 [ 337.212324] ? asm_exc_invalid_op+0x1f/0x30 [ 337.212830] ? drm_rect_calc_vscale+0x130/0x190 [ 337.213625] drm_test_rect_calc_vscale+0x109/0x270 [ 337.214102] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 337.214600] ? __schedule+0xc70/0x27e0 [ 337.214858] ? __pfx_read_tsc+0x10/0x10 [ 337.215677] ? ktime_get_ts64+0x86/0x230 [ 337.216190] kunit_try_run_case+0x1b3/0x490 [ 337.217941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.218427] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 337.220100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 337.220856] ? __kthread_parkme+0x82/0x160 [ 337.221320] ? preempt_count_sub+0x50/0x80 [ 337.222425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.223307] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 337.224961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 337.226018] kthread+0x257/0x310 [ 337.226407] ? __pfx_kthread+0x10/0x10 [ 337.227009] ret_from_fork+0x41/0x80 [ 337.227447] ? __pfx_kthread+0x10/0x10 [ 337.227897] ret_from_fork_asm+0x1a/0x30 [ 337.228299] </TASK> [ 337.229932] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 337.056706] WARNING: CPU: 0 PID: 2304 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 337.057856] Modules linked in: [ 337.059470] CPU: 0 UID: 0 PID: 2304 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241206 #1 [ 337.061738] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 337.062231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 337.063310] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 337.063796] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 337.065659] RSP: 0000:ffff8881051bfce8 EFLAGS: 00010286 [ 337.066110] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 337.066785] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffac0167e0 [ 337.067919] RBP: ffff8881051bfd10 R08: 0000000000000000 R09: ffffed10204b9e60 [ 337.068711] R10: ffff8881025cf307 R11: 0000000000000000 R12: ffffffffac0167c8 [ 337.069353] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881051bfda8 [ 337.071817] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 337.072868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 337.074028] CR2: 00007ffff7ffe000 CR3: 00000000708b8000 CR4: 00000000000006f0 [ 337.074664] DR0: ffffffffadffc160 DR1: ffffffffadffc161 DR2: ffffffffadffc163 [ 337.075294] DR3: ffffffffadffc165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 337.075782] Call Trace: [ 337.076813] <TASK> [ 337.077052] ? show_regs+0x68/0x80 [ 337.077523] ? __warn+0xd5/0x260 [ 337.077828] ? drm_rect_calc_hscale+0x125/0x190 [ 337.079214] ? report_bug+0x278/0x2e0 [ 337.079633] ? handle_bug+0x5c/0xb0 [ 337.080362] ? exc_invalid_op+0x1c/0x50 [ 337.080935] ? asm_exc_invalid_op+0x1f/0x30 [ 337.082078] ? drm_rect_calc_hscale+0x125/0x190 [ 337.082420] drm_test_rect_calc_hscale+0x109/0x270 [ 337.083323] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 337.084010] ? __schedule+0xc70/0x27e0 [ 337.084750] ? __pfx_read_tsc+0x10/0x10 [ 337.085346] ? ktime_get_ts64+0x86/0x230 [ 337.086470] kunit_try_run_case+0x1b3/0x490 [ 337.087695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.088346] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 337.089077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 337.090149] ? __kthread_parkme+0x82/0x160 [ 337.091328] ? preempt_count_sub+0x50/0x80 [ 337.092349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.093269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 337.094236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 337.095170] kthread+0x257/0x310 [ 337.095796] ? __pfx_kthread+0x10/0x10 [ 337.096156] ret_from_fork+0x41/0x80 [ 337.096728] ? __pfx_kthread+0x10/0x10 [ 337.097280] ret_from_fork_asm+0x1a/0x30 [ 337.098423] </TASK> [ 337.098937] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 337.106740] WARNING: CPU: 1 PID: 2306 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 337.108596] Modules linked in: [ 337.109432] CPU: 1 UID: 0 PID: 2306 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241206 #1 [ 337.110848] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 337.111360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 337.112422] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 337.113347] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 337.115158] RSP: 0000:ffff8881051b7ce8 EFLAGS: 00010286 [ 337.116660] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 337.117567] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffac016818 [ 337.118426] RBP: ffff8881051b7d10 R08: 0000000000000000 R09: ffffed1020681e80 [ 337.118937] R10: ffff88810340f407 R11: 0000000000000000 R12: ffffffffac016800 [ 337.119966] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881051b7da8 [ 337.121273] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 337.121758] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 337.123391] CR2: 00007ffff7ffd000 CR3: 00000000708b8000 CR4: 00000000000006f0 [ 337.124437] DR0: ffffffffadffc164 DR1: ffffffffadffc169 DR2: ffffffffadffc16a [ 337.125000] DR3: ffffffffadffc16b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 337.125968] Call Trace: [ 337.126261] <TASK> [ 337.126547] ? show_regs+0x68/0x80 [ 337.128549] ? __warn+0xd5/0x260 [ 337.128883] ? drm_rect_calc_hscale+0x125/0x190 [ 337.129311] ? report_bug+0x278/0x2e0 [ 337.129779] ? handle_bug+0x5c/0xb0 [ 337.130326] ? exc_invalid_op+0x1c/0x50 [ 337.131671] ? asm_exc_invalid_op+0x1f/0x30 [ 337.132562] ? drm_rect_calc_hscale+0x125/0x190 [ 337.133782] drm_test_rect_calc_hscale+0x109/0x270 [ 337.134293] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 337.134894] ? __schedule+0xc70/0x27e0 [ 337.135406] ? __pfx_read_tsc+0x10/0x10 [ 337.137166] ? ktime_get_ts64+0x86/0x230 [ 337.137541] kunit_try_run_case+0x1b3/0x490 [ 337.138603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.139399] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 337.140171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 337.140846] ? __kthread_parkme+0x82/0x160 [ 337.142009] ? preempt_count_sub+0x50/0x80 [ 337.142615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 337.143172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 337.144498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 337.145463] kthread+0x257/0x310 [ 337.146514] ? __pfx_kthread+0x10/0x10 [ 337.147388] ret_from_fork+0x41/0x80 [ 337.147850] ? __pfx_kthread+0x10/0x10 [ 337.148830] ret_from_fork_asm+0x1a/0x30 [ 337.149955] </TASK> [ 337.150170] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 335.467921] WARNING: CPU: 0 PID: 2112 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 335.468916] Modules linked in: [ 335.469878] CPU: 0 UID: 0 PID: 2112 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc1-next-20241206 #1 [ 335.470911] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 335.471640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 335.472431] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 335.473069] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 335.475182] RSP: 0000:ffff888108567ba0 EFLAGS: 00010246 [ 335.476000] RAX: dffffc0000000000 RBX: ffff888108567c98 RCX: 0000000000000000 [ 335.477234] RDX: 1ffff110210acf9c RSI: ffff888108567c98 RDI: ffff888108567ce0 [ 335.478161] RBP: ffff888108567be0 R08: ffff888102be7000 R09: ffffffffabfc33a0 [ 335.479368] R10: 0000000000000003 R11: 0000000031eeef80 R12: ffff888102be7000 [ 335.480220] R13: ffff888100317b20 R14: ffff888108567c18 R15: ffff888108567e28 [ 335.480948] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 335.482164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 335.483290] CR2: 00007ffff7ffe000 CR3: 00000000708b8000 CR4: 00000000000006f0 [ 335.484301] DR0: ffffffffadffc160 DR1: ffffffffadffc161 DR2: ffffffffadffc163 [ 335.485193] DR3: ffffffffadffc165 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 335.486821] Call Trace: [ 335.487654] <TASK> [ 335.488379] ? show_regs+0x68/0x80 [ 335.488988] ? __warn+0xd5/0x260 [ 335.489884] ? drm_framebuffer_init+0x44/0x300 [ 335.490461] ? report_bug+0x278/0x2e0 [ 335.491844] ? handle_bug+0x5c/0xb0 [ 335.492215] ? exc_invalid_op+0x1c/0x50 [ 335.493046] ? asm_exc_invalid_op+0x1f/0x30 [ 335.493697] ? drm_framebuffer_init+0x44/0x300 [ 335.494234] ? add_dr+0xc1/0x1d0 [ 335.495202] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 335.495914] ? add_dr+0x148/0x1d0 [ 335.496298] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 335.497490] ? __drmm_add_action+0x1a4/0x280 [ 335.498015] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 335.498973] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 335.499529] ? __drmm_add_action_or_reset+0x22/0x50 [ 335.500244] ? __schedule+0xc70/0x27e0 [ 335.500753] ? __pfx_read_tsc+0x10/0x10 [ 335.501339] ? ktime_get_ts64+0x86/0x230 [ 335.502434] kunit_try_run_case+0x1b3/0x490 [ 335.502941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 335.503292] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 335.503993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 335.505088] ? __kthread_parkme+0x82/0x160 [ 335.505477] ? preempt_count_sub+0x50/0x80 [ 335.506101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 335.506489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 335.507222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 335.507683] kthread+0x257/0x310 [ 335.508067] ? __pfx_kthread+0x10/0x10 [ 335.508737] ret_from_fork+0x41/0x80 [ 335.509103] ? __pfx_kthread+0x10/0x10 [ 335.509477] ret_from_fork_asm+0x1a/0x30 [ 335.510138] </TASK> [ 335.510467] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 335.391337] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 335.392822] WARNING: CPU: 1 PID: 2108 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 335.394761] Modules linked in: [ 335.395269] CPU: 1 UID: 0 PID: 2108 Comm: kunit_try_catch Tainted: G B D N 6.13.0-rc1-next-20241206 #1 [ 335.396201] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 335.397012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 335.397956] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 335.398730] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 a4 54 80 00 48 c7 c1 a0 e3 fb ab 4c 89 fa 48 c7 c7 00 e4 fb ab 48 89 c6 e8 ab de 84 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 335.400957] RSP: 0000:ffff888108f67bd8 EFLAGS: 00010282 [ 335.401220] RAX: 0000000000000000 RBX: ffff888108f67cb0 RCX: 1ffffffff59a4244 [ 335.401534] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 335.402711] RBP: ffff888108f67c00 R08: 0000000000000000 R09: fffffbfff59a4244 [ 335.403497] R10: 0000000000000003 R11: 0000000000027b58 R12: ffff888108f67c88 [ 335.404106] R13: ffff88810516b800 R14: ffff888104b8a000 R15: ffff888101e9f880 [ 335.405219] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 335.406334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 335.407079] CR2: 00007ffff7ffd000 CR3: 00000000708b8000 CR4: 00000000000006f0 [ 335.407808] DR0: ffffffffadffc164 DR1: ffffffffadffc169 DR2: ffffffffadffc16a [ 335.408476] DR3: ffffffffadffc16b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 335.409189] Call Trace: [ 335.409430] <TASK> [ 335.410060] ? show_regs+0x68/0x80 [ 335.410490] ? __warn+0xd5/0x260 [ 335.411303] ? drm_framebuffer_free+0x136/0x1b0 [ 335.412092] ? report_bug+0x278/0x2e0 [ 335.412407] ? drm_framebuffer_free+0x137/0x1b0 [ 335.413041] ? handle_bug+0x5c/0xb0 [ 335.413491] ? exc_invalid_op+0x1c/0x50 [ 335.414062] ? asm_exc_invalid_op+0x1f/0x30 [ 335.414960] ? drm_framebuffer_free+0x136/0x1b0 [ 335.415320] ? drm_framebuffer_free+0x135/0x1b0 [ 335.416086] drm_test_framebuffer_free+0x1ac/0x610 [ 335.416842] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 335.417342] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 335.418398] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 335.419278] ? __drmm_add_action_or_reset+0x22/0x50 [ 335.420202] ? __schedule+0xc70/0x27e0 [ 335.420846] ? __pfx_read_tsc+0x10/0x10 [ 335.421191] ? ktime_get_ts64+0x86/0x230 [ 335.421965] kunit_try_run_case+0x1b3/0x490 [ 335.422801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 335.423563] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 335.424490] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 335.425202] ? __kthread_parkme+0x82/0x160 [ 335.425882] ? preempt_count_sub+0x50/0x80 [ 335.426354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 335.427254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 335.428397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 335.429387] kthread+0x257/0x310 [ 335.430351] ? __pfx_kthread+0x10/0x10 [ 335.431235] ret_from_fork+0x41/0x80 [ 335.431675] ? __pfx_kthread+0x10/0x10 [ 335.432921] ret_from_fork_asm+0x1a/0x30 [ 335.434068] </TASK> [ 335.434393] ---[ end trace 0000000000000000 ]---
Failure - kunit - check_workingset_xarray
(no logs available)
Failure - kunit - check_xas_conflict_get_order_check_xa_alloc
(no logs available)
Failure - kunit - _kasan
_kasan fail
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 24.001021] ================================================================== [ 24.002662] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 24.004233] Read of size 64 at addr ffff888102919b04 by task kunit_try_catch/190 [ 24.005044] [ 24.005245] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.006516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.007501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.008880] Call Trace: [ 24.009365] <TASK> [ 24.009769] dump_stack_lvl+0x73/0xb0 [ 24.010461] print_report+0xd1/0x640 [ 24.011673] ? __virt_addr_valid+0x1db/0x2d0 [ 24.012373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.012662] kasan_report+0x102/0x140 [ 24.012890] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 24.013213] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 24.015008] kasan_check_range+0x10c/0x1c0 [ 24.015519] __asan_memmove+0x27/0x70 [ 24.016475] kmalloc_memmove_invalid_size+0x170/0x330 [ 24.017258] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 24.018130] ? __schedule+0xc70/0x27e0 [ 24.019097] ? __pfx_read_tsc+0x10/0x10 [ 24.019599] ? ktime_get_ts64+0x86/0x230 [ 24.020046] kunit_try_run_case+0x1b3/0x490 [ 24.021496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.022381] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.023366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.024505] ? __kthread_parkme+0x82/0x160 [ 24.025249] ? preempt_count_sub+0x50/0x80 [ 24.025737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.027586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.028192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.028713] kthread+0x257/0x310 [ 24.029083] ? __pfx_kthread+0x10/0x10 [ 24.030429] ret_from_fork+0x41/0x80 [ 24.031173] ? __pfx_kthread+0x10/0x10 [ 24.031475] ret_from_fork_asm+0x1a/0x30 [ 24.032348] </TASK> [ 24.032582] [ 24.033005] Allocated by task 190: [ 24.034090] kasan_save_stack+0x3d/0x60 [ 24.035280] kasan_save_track+0x18/0x40 [ 24.035653] kasan_save_alloc_info+0x3b/0x50 [ 24.036701] __kasan_kmalloc+0xb7/0xc0 [ 24.037451] __kmalloc_cache_noprof+0x184/0x410 [ 24.037817] kmalloc_memmove_invalid_size+0xad/0x330 [ 24.039162] kunit_try_run_case+0x1b3/0x490 [ 24.039522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.040300] kthread+0x257/0x310 [ 24.040817] ret_from_fork+0x41/0x80 [ 24.041671] ret_from_fork_asm+0x1a/0x30 [ 24.041994] [ 24.042205] The buggy address belongs to the object at ffff888102919b00 [ 24.042205] which belongs to the cache kmalloc-64 of size 64 [ 24.044003] The buggy address is located 4 bytes inside of [ 24.044003] allocated 64-byte region [ffff888102919b00, ffff888102919b40) [ 24.045703] [ 24.045922] The buggy address belongs to the physical page: [ 24.046811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102919 [ 24.048816] flags: 0x200000000000000(node=0|zone=2) [ 24.049349] page_type: f5(slab) [ 24.050106] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.050971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.052454] page dumped because: kasan: bad access detected [ 24.053060] [ 24.053802] Memory state around the buggy address: [ 24.054263] ffff888102919a00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.054876] ffff888102919a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.056456] >ffff888102919b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.057181] ^ [ 24.057646] ffff888102919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.058989] ffff888102919c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.059585] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 23.942173] ================================================================== [ 23.943273] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 23.944753] Read of size 18446744073709551614 at addr ffff888102470984 by task kunit_try_catch/188 [ 23.947672] [ 23.948157] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.950048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.950354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.952134] Call Trace: [ 23.952401] <TASK> [ 23.952714] dump_stack_lvl+0x73/0xb0 [ 23.954050] print_report+0xd1/0x640 [ 23.954531] ? __virt_addr_valid+0x1db/0x2d0 [ 23.955115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.955818] kasan_report+0x102/0x140 [ 23.956252] ? kmalloc_memmove_negative_size+0x172/0x330 [ 23.956804] ? kmalloc_memmove_negative_size+0x172/0x330 [ 23.957404] kasan_check_range+0x10c/0x1c0 [ 23.957907] __asan_memmove+0x27/0x70 [ 23.958638] kmalloc_memmove_negative_size+0x172/0x330 [ 23.959393] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 23.960050] ? __schedule+0xc70/0x27e0 [ 23.960667] ? __pfx_read_tsc+0x10/0x10 [ 23.961175] ? ktime_get_ts64+0x86/0x230 [ 23.961752] kunit_try_run_case+0x1b3/0x490 [ 23.962610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.963050] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.963814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.964261] ? __kthread_parkme+0x82/0x160 [ 23.964573] ? preempt_count_sub+0x50/0x80 [ 23.965496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.966045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.966672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.967091] kthread+0x257/0x310 [ 23.967489] ? __pfx_kthread+0x10/0x10 [ 23.968339] ret_from_fork+0x41/0x80 [ 23.969028] ? __pfx_kthread+0x10/0x10 [ 23.969920] ret_from_fork_asm+0x1a/0x30 [ 23.970464] </TASK> [ 23.970830] [ 23.971057] Allocated by task 188: [ 23.971384] kasan_save_stack+0x3d/0x60 [ 23.971699] kasan_save_track+0x18/0x40 [ 23.971994] kasan_save_alloc_info+0x3b/0x50 [ 23.972481] __kasan_kmalloc+0xb7/0xc0 [ 23.973370] __kmalloc_cache_noprof+0x184/0x410 [ 23.974126] kmalloc_memmove_negative_size+0xad/0x330 [ 23.974755] kunit_try_run_case+0x1b3/0x490 [ 23.975080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.975428] kthread+0x257/0x310 [ 23.975902] ret_from_fork+0x41/0x80 [ 23.976885] ret_from_fork_asm+0x1a/0x30 [ 23.977722] [ 23.978218] The buggy address belongs to the object at ffff888102470980 [ 23.978218] which belongs to the cache kmalloc-64 of size 64 [ 23.979925] The buggy address is located 4 bytes inside of [ 23.979925] 64-byte region [ffff888102470980, ffff8881024709c0) [ 23.980701] [ 23.981014] The buggy address belongs to the physical page: [ 23.981949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102470 [ 23.983392] flags: 0x200000000000000(node=0|zone=2) [ 23.984057] page_type: f5(slab) [ 23.984372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.984863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.987842] page dumped because: kasan: bad access detected [ 23.988593] [ 23.988814] Memory state around the buggy address: [ 23.989380] ffff888102470880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.989975] ffff888102470900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.990905] >ffff888102470980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 23.991992] ^ [ 23.992574] ffff888102470a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.993637] ffff888102470a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.994393] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 23.818150] ================================================================== [ 23.819184] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 23.819728] Write of size 8 at addr ffff888102472b71 by task kunit_try_catch/184 [ 23.821436] [ 23.822420] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.823997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.824700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.825372] Call Trace: [ 23.825841] <TASK> [ 23.826235] dump_stack_lvl+0x73/0xb0 [ 23.826963] print_report+0xd1/0x640 [ 23.827332] ? __virt_addr_valid+0x1db/0x2d0 [ 23.828029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.829094] kasan_report+0x102/0x140 [ 23.829523] ? kmalloc_oob_memset_8+0x167/0x330 [ 23.830047] ? kmalloc_oob_memset_8+0x167/0x330 [ 23.830580] kasan_check_range+0x10c/0x1c0 [ 23.831291] __asan_memset+0x27/0x50 [ 23.831889] kmalloc_oob_memset_8+0x167/0x330 [ 23.832358] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 23.833152] ? __schedule+0xc70/0x27e0 [ 23.833821] ? __pfx_read_tsc+0x10/0x10 [ 23.834378] ? ktime_get_ts64+0x86/0x230 [ 23.835522] kunit_try_run_case+0x1b3/0x490 [ 23.836288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.836974] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.837453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.838198] ? __kthread_parkme+0x82/0x160 [ 23.838836] ? preempt_count_sub+0x50/0x80 [ 23.839419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.840579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.841144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.841766] kthread+0x257/0x310 [ 23.842095] ? __pfx_kthread+0x10/0x10 [ 23.842570] ret_from_fork+0x41/0x80 [ 23.843355] ? __pfx_kthread+0x10/0x10 [ 23.843903] ret_from_fork_asm+0x1a/0x30 [ 23.844411] </TASK> [ 23.844789] [ 23.845065] Allocated by task 184: [ 23.845414] kasan_save_stack+0x3d/0x60 [ 23.846152] kasan_save_track+0x18/0x40 [ 23.847206] kasan_save_alloc_info+0x3b/0x50 [ 23.847999] __kasan_kmalloc+0xb7/0xc0 [ 23.848365] __kmalloc_cache_noprof+0x184/0x410 [ 23.849028] kmalloc_oob_memset_8+0xad/0x330 [ 23.849673] kunit_try_run_case+0x1b3/0x490 [ 23.850133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.850907] kthread+0x257/0x310 [ 23.851287] ret_from_fork+0x41/0x80 [ 23.851758] ret_from_fork_asm+0x1a/0x30 [ 23.853011] [ 23.853471] The buggy address belongs to the object at ffff888102472b00 [ 23.853471] which belongs to the cache kmalloc-128 of size 128 [ 23.854609] The buggy address is located 113 bytes inside of [ 23.854609] allocated 120-byte region [ffff888102472b00, ffff888102472b78) [ 23.855681] [ 23.855895] The buggy address belongs to the physical page: [ 23.856456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102472 [ 23.857375] flags: 0x200000000000000(node=0|zone=2) [ 23.858178] page_type: f5(slab) [ 23.859316] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.860146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.860910] page dumped because: kasan: bad access detected [ 23.861685] [ 23.861892] Memory state around the buggy address: [ 23.862336] ffff888102472a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.863194] ffff888102472a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.864501] >ffff888102472b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.865449] ^ [ 23.866166] ffff888102472b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.866870] ffff888102472c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.867460] ================================================================== [ 23.758399] ================================================================== [ 23.760237] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 23.761108] Write of size 4 at addr ffff88810291cf75 by task kunit_try_catch/182 [ 23.762041] [ 23.762503] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.764258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.764801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.765839] Call Trace: [ 23.766275] <TASK> [ 23.766568] dump_stack_lvl+0x73/0xb0 [ 23.767033] print_report+0xd1/0x640 [ 23.768245] ? __virt_addr_valid+0x1db/0x2d0 [ 23.768668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.769623] kasan_report+0x102/0x140 [ 23.770434] ? kmalloc_oob_memset_4+0x167/0x330 [ 23.771111] ? kmalloc_oob_memset_4+0x167/0x330 [ 23.772111] kasan_check_range+0x10c/0x1c0 [ 23.772390] __asan_memset+0x27/0x50 [ 23.772630] kmalloc_oob_memset_4+0x167/0x330 [ 23.774110] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 23.775241] ? __schedule+0xc70/0x27e0 [ 23.775460] ? __pfx_read_tsc+0x10/0x10 [ 23.775647] ? ktime_get_ts64+0x86/0x230 [ 23.775840] kunit_try_run_case+0x1b3/0x490 [ 23.776778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.778090] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.779467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.780339] ? __kthread_parkme+0x82/0x160 [ 23.781205] ? preempt_count_sub+0x50/0x80 [ 23.781812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.782212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.782809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.784099] kthread+0x257/0x310 [ 23.784811] ? __pfx_kthread+0x10/0x10 [ 23.785117] ret_from_fork+0x41/0x80 [ 23.785345] ? __pfx_kthread+0x10/0x10 [ 23.785537] ret_from_fork_asm+0x1a/0x30 [ 23.785743] </TASK> [ 23.785889] [ 23.786193] Allocated by task 182: [ 23.786887] kasan_save_stack+0x3d/0x60 [ 23.787647] kasan_save_track+0x18/0x40 [ 23.788510] kasan_save_alloc_info+0x3b/0x50 [ 23.789036] __kasan_kmalloc+0xb7/0xc0 [ 23.789985] __kmalloc_cache_noprof+0x184/0x410 [ 23.790734] kmalloc_oob_memset_4+0xad/0x330 [ 23.791456] kunit_try_run_case+0x1b3/0x490 [ 23.792208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.793046] kthread+0x257/0x310 [ 23.793662] ret_from_fork+0x41/0x80 [ 23.794231] ret_from_fork_asm+0x1a/0x30 [ 23.794952] [ 23.795324] The buggy address belongs to the object at ffff88810291cf00 [ 23.795324] which belongs to the cache kmalloc-128 of size 128 [ 23.796999] The buggy address is located 117 bytes inside of [ 23.796999] allocated 120-byte region [ffff88810291cf00, ffff88810291cf78) [ 23.798263] [ 23.798487] The buggy address belongs to the physical page: [ 23.799070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291c [ 23.799927] flags: 0x200000000000000(node=0|zone=2) [ 23.800590] page_type: f5(slab) [ 23.801051] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.801767] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.803087] page dumped because: kasan: bad access detected [ 23.803570] [ 23.803732] Memory state around the buggy address: [ 23.804214] ffff88810291ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 23.804966] ffff88810291ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.806223] >ffff88810291cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.807032] ^ [ 23.807801] ffff88810291cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.808422] ffff88810291d000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.809373] ================================================================== [ 23.875459] ================================================================== [ 23.877203] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 23.877992] Write of size 16 at addr ffff888102472c69 by task kunit_try_catch/186 [ 23.879998] [ 23.880205] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.882000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.882462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.884419] Call Trace: [ 23.884727] <TASK> [ 23.885059] dump_stack_lvl+0x73/0xb0 [ 23.886594] print_report+0xd1/0x640 [ 23.887043] ? __virt_addr_valid+0x1db/0x2d0 [ 23.888061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.889171] kasan_report+0x102/0x140 [ 23.889581] ? kmalloc_oob_memset_16+0x167/0x330 [ 23.891030] ? kmalloc_oob_memset_16+0x167/0x330 [ 23.892465] kasan_check_range+0x10c/0x1c0 [ 23.893132] __asan_memset+0x27/0x50 [ 23.893742] kmalloc_oob_memset_16+0x167/0x330 [ 23.894248] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 23.894749] ? __schedule+0xc70/0x27e0 [ 23.896468] ? __pfx_read_tsc+0x10/0x10 [ 23.897322] ? ktime_get_ts64+0x86/0x230 [ 23.897831] kunit_try_run_case+0x1b3/0x490 [ 23.898221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.899609] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.900110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.900506] ? __kthread_parkme+0x82/0x160 [ 23.901276] ? preempt_count_sub+0x50/0x80 [ 23.902452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.903148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.904003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.906213] kthread+0x257/0x310 [ 23.906564] ? __pfx_kthread+0x10/0x10 [ 23.907167] ret_from_fork+0x41/0x80 [ 23.907437] ? __pfx_kthread+0x10/0x10 [ 23.908017] ret_from_fork_asm+0x1a/0x30 [ 23.909443] </TASK> [ 23.909695] [ 23.910664] Allocated by task 186: [ 23.910967] kasan_save_stack+0x3d/0x60 [ 23.912047] kasan_save_track+0x18/0x40 [ 23.912503] kasan_save_alloc_info+0x3b/0x50 [ 23.913245] __kasan_kmalloc+0xb7/0xc0 [ 23.913568] __kmalloc_cache_noprof+0x184/0x410 [ 23.914582] kmalloc_oob_memset_16+0xad/0x330 [ 23.915133] kunit_try_run_case+0x1b3/0x490 [ 23.915489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.916729] kthread+0x257/0x310 [ 23.917420] ret_from_fork+0x41/0x80 [ 23.918016] ret_from_fork_asm+0x1a/0x30 [ 23.918772] [ 23.918994] The buggy address belongs to the object at ffff888102472c00 [ 23.918994] which belongs to the cache kmalloc-128 of size 128 [ 23.920776] The buggy address is located 105 bytes inside of [ 23.920776] allocated 120-byte region [ffff888102472c00, ffff888102472c78) [ 23.922669] [ 23.922848] The buggy address belongs to the physical page: [ 23.923800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102472 [ 23.924734] flags: 0x200000000000000(node=0|zone=2) [ 23.925072] page_type: f5(slab) [ 23.925792] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.926647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.927364] page dumped because: kasan: bad access detected [ 23.927856] [ 23.928074] Memory state around the buggy address: [ 23.928529] ffff888102472b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.930216] ffff888102472b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.931075] >ffff888102472c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.931989] ^ [ 23.932723] ffff888102472c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.933283] ffff888102472d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.934715] ================================================================== [ 23.697275] ================================================================== [ 23.698781] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 23.699520] Write of size 2 at addr ffff888102472877 by task kunit_try_catch/180 [ 23.700296] [ 23.700488] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.701194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.701889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.702970] Call Trace: [ 23.703221] <TASK> [ 23.703424] dump_stack_lvl+0x73/0xb0 [ 23.703732] print_report+0xd1/0x640 [ 23.705404] ? __virt_addr_valid+0x1db/0x2d0 [ 23.705954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.707405] kasan_report+0x102/0x140 [ 23.707879] ? kmalloc_oob_memset_2+0x167/0x330 [ 23.708290] ? kmalloc_oob_memset_2+0x167/0x330 [ 23.708805] kasan_check_range+0x10c/0x1c0 [ 23.709224] __asan_memset+0x27/0x50 [ 23.710068] kmalloc_oob_memset_2+0x167/0x330 [ 23.710673] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 23.711745] ? __schedule+0xc70/0x27e0 [ 23.712852] ? __pfx_read_tsc+0x10/0x10 [ 23.713184] ? ktime_get_ts64+0x86/0x230 [ 23.713553] kunit_try_run_case+0x1b3/0x490 [ 23.715789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.716563] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.716960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.717567] ? __kthread_parkme+0x82/0x160 [ 23.718383] ? preempt_count_sub+0x50/0x80 [ 23.719523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.720113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.720819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.721619] kthread+0x257/0x310 [ 23.722064] ? __pfx_kthread+0x10/0x10 [ 23.722436] ret_from_fork+0x41/0x80 [ 23.723110] ? __pfx_kthread+0x10/0x10 [ 23.724240] ret_from_fork_asm+0x1a/0x30 [ 23.725370] </TASK> [ 23.725711] [ 23.725889] Allocated by task 180: [ 23.726260] kasan_save_stack+0x3d/0x60 [ 23.726771] kasan_save_track+0x18/0x40 [ 23.727483] kasan_save_alloc_info+0x3b/0x50 [ 23.728035] __kasan_kmalloc+0xb7/0xc0 [ 23.728318] __kmalloc_cache_noprof+0x184/0x410 [ 23.728866] kmalloc_oob_memset_2+0xad/0x330 [ 23.729839] kunit_try_run_case+0x1b3/0x490 [ 23.730567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.731354] kthread+0x257/0x310 [ 23.731905] ret_from_fork+0x41/0x80 [ 23.732469] ret_from_fork_asm+0x1a/0x30 [ 23.733132] [ 23.733379] The buggy address belongs to the object at ffff888102472800 [ 23.733379] which belongs to the cache kmalloc-128 of size 128 [ 23.735065] The buggy address is located 119 bytes inside of [ 23.735065] allocated 120-byte region [ffff888102472800, ffff888102472878) [ 23.738083] [ 23.738276] The buggy address belongs to the physical page: [ 23.738568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102472 [ 23.738893] flags: 0x200000000000000(node=0|zone=2) [ 23.739200] page_type: f5(slab) [ 23.739452] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.740447] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.742237] page dumped because: kasan: bad access detected [ 23.742749] [ 23.743010] Memory state around the buggy address: [ 23.744409] ffff888102472700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.745423] ffff888102472780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.747044] >ffff888102472800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.747678] ^ [ 23.748003] ffff888102472880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.749350] ffff888102472900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.750093] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 27.279376] ================================================================== [ 27.280210] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 27.281513] Read of size 1 at addr ffff888102481690 by task kunit_try_catch/267 [ 27.282496] [ 27.282695] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.284724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.285655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.286868] Call Trace: [ 27.287326] <TASK> [ 27.287877] dump_stack_lvl+0x73/0xb0 [ 27.288657] print_report+0xd1/0x640 [ 27.289698] ? __virt_addr_valid+0x1db/0x2d0 [ 27.290788] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.291896] kasan_report+0x102/0x140 [ 27.292605] ? strnlen+0x73/0x80 [ 27.293018] ? strnlen+0x73/0x80 [ 27.293279] __asan_report_load1_noabort+0x18/0x20 [ 27.293585] strnlen+0x73/0x80 [ 27.293755] kasan_strings+0x4c3/0xb60 [ 27.294195] ? __pfx_kasan_strings+0x10/0x10 [ 27.295509] ? __schedule+0xc70/0x27e0 [ 27.296620] ? __pfx_read_tsc+0x10/0x10 [ 27.297342] ? ktime_get_ts64+0x86/0x230 [ 27.297898] kunit_try_run_case+0x1b3/0x490 [ 27.298351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.299326] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.299853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.301122] ? __kthread_parkme+0x82/0x160 [ 27.301558] ? preempt_count_sub+0x50/0x80 [ 27.302130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.303024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.303735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.304379] kthread+0x257/0x310 [ 27.304918] ? __pfx_kthread+0x10/0x10 [ 27.305829] ret_from_fork+0x41/0x80 [ 27.306482] ? __pfx_kthread+0x10/0x10 [ 27.307016] ret_from_fork_asm+0x1a/0x30 [ 27.307999] </TASK> [ 27.308197] [ 27.309436] Allocated by task 267: [ 27.309905] kasan_save_stack+0x3d/0x60 [ 27.310668] kasan_save_track+0x18/0x40 [ 27.311337] kasan_save_alloc_info+0x3b/0x50 [ 27.311774] __kasan_kmalloc+0xb7/0xc0 [ 27.312404] __kmalloc_cache_noprof+0x184/0x410 [ 27.312917] kasan_strings+0xb9/0xb60 [ 27.313981] kunit_try_run_case+0x1b3/0x490 [ 27.314648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.315158] kthread+0x257/0x310 [ 27.315594] ret_from_fork+0x41/0x80 [ 27.316224] ret_from_fork_asm+0x1a/0x30 [ 27.316562] [ 27.316819] Freed by task 267: [ 27.317330] kasan_save_stack+0x3d/0x60 [ 27.318545] kasan_save_track+0x18/0x40 [ 27.319149] kasan_save_free_info+0x3f/0x60 [ 27.319692] __kasan_slab_free+0x56/0x70 [ 27.320405] kfree+0x123/0x3f0 [ 27.320697] kasan_strings+0x13c/0xb60 [ 27.321246] kunit_try_run_case+0x1b3/0x490 [ 27.322246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.323541] kthread+0x257/0x310 [ 27.324047] ret_from_fork+0x41/0x80 [ 27.324485] ret_from_fork_asm+0x1a/0x30 [ 27.325129] [ 27.325396] The buggy address belongs to the object at ffff888102481680 [ 27.325396] which belongs to the cache kmalloc-32 of size 32 [ 27.327459] The buggy address is located 16 bytes inside of [ 27.327459] freed 32-byte region [ffff888102481680, ffff8881024816a0) [ 27.328993] [ 27.329333] The buggy address belongs to the physical page: [ 27.330218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102481 [ 27.331071] flags: 0x200000000000000(node=0|zone=2) [ 27.331700] page_type: f5(slab) [ 27.332454] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.333513] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.334605] page dumped because: kasan: bad access detected [ 27.335305] [ 27.335562] Memory state around the buggy address: [ 27.336053] ffff888102481580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.336634] ffff888102481600: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.337397] >ffff888102481680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.338522] ^ [ 27.340079] ffff888102481700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.340691] ffff888102481780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.342559] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 27.210483] ================================================================== [ 27.212244] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 27.212843] Read of size 1 at addr ffff888102481690 by task kunit_try_catch/267 [ 27.214544] [ 27.214711] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.215506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.216271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.216990] Call Trace: [ 27.217963] <TASK> [ 27.218672] dump_stack_lvl+0x73/0xb0 [ 27.219860] print_report+0xd1/0x640 [ 27.220901] ? __virt_addr_valid+0x1db/0x2d0 [ 27.221742] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.222136] kasan_report+0x102/0x140 [ 27.223365] ? strlen+0x8f/0xb0 [ 27.223881] ? strlen+0x8f/0xb0 [ 27.224221] __asan_report_load1_noabort+0x18/0x20 [ 27.224646] strlen+0x8f/0xb0 [ 27.225022] kasan_strings+0x425/0xb60 [ 27.226210] ? __pfx_kasan_strings+0x10/0x10 [ 27.226589] ? __schedule+0xc70/0x27e0 [ 27.226910] ? __pfx_read_tsc+0x10/0x10 [ 27.227404] ? ktime_get_ts64+0x86/0x230 [ 27.228556] kunit_try_run_case+0x1b3/0x490 [ 27.229027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.229625] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.230145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.232070] ? __kthread_parkme+0x82/0x160 [ 27.232534] ? preempt_count_sub+0x50/0x80 [ 27.233157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.233969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.235276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.236430] kthread+0x257/0x310 [ 27.236696] ? __pfx_kthread+0x10/0x10 [ 27.237902] ret_from_fork+0x41/0x80 [ 27.238375] ? __pfx_kthread+0x10/0x10 [ 27.238759] ret_from_fork_asm+0x1a/0x30 [ 27.239218] </TASK> [ 27.239515] [ 27.239698] Allocated by task 267: [ 27.241489] kasan_save_stack+0x3d/0x60 [ 27.241886] kasan_save_track+0x18/0x40 [ 27.242825] kasan_save_alloc_info+0x3b/0x50 [ 27.243367] __kasan_kmalloc+0xb7/0xc0 [ 27.244442] __kmalloc_cache_noprof+0x184/0x410 [ 27.245687] kasan_strings+0xb9/0xb60 [ 27.246271] kunit_try_run_case+0x1b3/0x490 [ 27.247390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.248210] kthread+0x257/0x310 [ 27.248577] ret_from_fork+0x41/0x80 [ 27.248810] ret_from_fork_asm+0x1a/0x30 [ 27.249078] [ 27.249423] Freed by task 267: [ 27.251182] kasan_save_stack+0x3d/0x60 [ 27.251555] kasan_save_track+0x18/0x40 [ 27.252332] kasan_save_free_info+0x3f/0x60 [ 27.252619] __kasan_slab_free+0x56/0x70 [ 27.253107] kfree+0x123/0x3f0 [ 27.253639] kasan_strings+0x13c/0xb60 [ 27.254013] kunit_try_run_case+0x1b3/0x490 [ 27.254521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.255362] kthread+0x257/0x310 [ 27.256622] ret_from_fork+0x41/0x80 [ 27.257150] ret_from_fork_asm+0x1a/0x30 [ 27.258224] [ 27.258488] The buggy address belongs to the object at ffff888102481680 [ 27.258488] which belongs to the cache kmalloc-32 of size 32 [ 27.259196] The buggy address is located 16 bytes inside of [ 27.259196] freed 32-byte region [ffff888102481680, ffff8881024816a0) [ 27.262208] [ 27.262435] The buggy address belongs to the physical page: [ 27.262789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102481 [ 27.264723] flags: 0x200000000000000(node=0|zone=2) [ 27.265215] page_type: f5(slab) [ 27.266466] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.267561] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.268081] page dumped because: kasan: bad access detected [ 27.269368] [ 27.270149] Memory state around the buggy address: [ 27.271167] ffff888102481580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.272153] ffff888102481600: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.273972] >ffff888102481680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.275046] ^ [ 27.275564] ffff888102481700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.277060] ffff888102481780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.277796] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 173.157111] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 63.508257] ================================================================== [ 63.508785] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 63.508785] [ 63.510101] Use-after-free read at 0x(____ptrval____) (in kfence-#178): [ 63.510673] test_krealloc+0x6fd/0xbe0 [ 63.511017] kunit_try_run_case+0x1b3/0x490 [ 63.511688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.512258] kthread+0x257/0x310 [ 63.512522] ret_from_fork+0x41/0x80 [ 63.512794] ret_from_fork_asm+0x1a/0x30 [ 63.513660] [ 63.514078] kfence-#178: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 63.514078] [ 63.515083] allocated by task 345 on cpu 1 at 63.507172s (0.007906s ago): [ 63.515962] test_alloc+0x35f/0x10d0 [ 63.516597] test_krealloc+0xae/0xbe0 [ 63.517242] kunit_try_run_case+0x1b3/0x490 [ 63.517675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.518571] kthread+0x257/0x310 [ 63.519020] ret_from_fork+0x41/0x80 [ 63.519584] ret_from_fork_asm+0x1a/0x30 [ 63.520055] [ 63.520634] freed by task 345 on cpu 1 at 63.507508s (0.013121s ago): [ 63.521648] krealloc_noprof+0x108/0x340 [ 63.522087] test_krealloc+0x227/0xbe0 [ 63.522396] kunit_try_run_case+0x1b3/0x490 [ 63.522744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.523078] kthread+0x257/0x310 [ 63.523308] ret_from_fork+0x41/0x80 [ 63.523541] ret_from_fork_asm+0x1a/0x30 [ 63.523796] [ 63.524261] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 63.524913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.525438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.526343] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 63.422276] ================================================================== [ 63.422863] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.422863] [ 63.423822] Use-after-free read at 0x(____ptrval____) (in kfence-#177): [ 63.424469] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 63.425090] kunit_try_run_case+0x1b3/0x490 [ 63.425769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.426378] kthread+0x257/0x310 [ 63.426673] ret_from_fork+0x41/0x80 [ 63.426974] ret_from_fork_asm+0x1a/0x30 [ 63.427315] [ 63.427564] kfence-#177: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 63.427564] [ 63.428352] allocated by task 343 on cpu 1 at 63.405088s (0.023259s ago): [ 63.428928] test_alloc+0x2a7/0x10d0 [ 63.429377] test_memcache_typesafe_by_rcu+0x170/0x670 [ 63.429969] kunit_try_run_case+0x1b3/0x490 [ 63.430546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.431119] kthread+0x257/0x310 [ 63.431416] ret_from_fork+0x41/0x80 [ 63.431848] ret_from_fork_asm+0x1a/0x30 [ 63.432385] [ 63.432626] freed by task 343 on cpu 1 at 63.405275s (0.027347s ago): [ 63.433214] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 63.433817] kunit_try_run_case+0x1b3/0x490 [ 63.434386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 63.434997] kthread+0x257/0x310 [ 63.435311] ret_from_fork+0x41/0x80 [ 63.435772] ret_from_fork_asm+0x1a/0x30 [ 63.436372] [ 63.436630] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 63.437321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 63.437875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 63.438839] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 27.141250] ================================================================== [ 27.141914] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 27.144474] Read of size 1 at addr ffff888102481690 by task kunit_try_catch/267 [ 27.145018] [ 27.145238] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.146313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.146602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.148372] Call Trace: [ 27.148611] <TASK> [ 27.149218] dump_stack_lvl+0x73/0xb0 [ 27.149682] print_report+0xd1/0x640 [ 27.150279] ? __virt_addr_valid+0x1db/0x2d0 [ 27.150594] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.152071] kasan_report+0x102/0x140 [ 27.152473] ? kasan_strings+0xa0c/0xb60 [ 27.152802] ? kasan_strings+0xa0c/0xb60 [ 27.153747] __asan_report_load1_noabort+0x18/0x20 [ 27.154167] kasan_strings+0xa0c/0xb60 [ 27.155205] ? __pfx_kasan_strings+0x10/0x10 [ 27.155951] ? __schedule+0xc70/0x27e0 [ 27.156273] ? __pfx_read_tsc+0x10/0x10 [ 27.157314] ? ktime_get_ts64+0x86/0x230 [ 27.157663] kunit_try_run_case+0x1b3/0x490 [ 27.159041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.160231] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.160660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.161681] ? __kthread_parkme+0x82/0x160 [ 27.162150] ? preempt_count_sub+0x50/0x80 [ 27.162583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.163066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.164658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.165155] kthread+0x257/0x310 [ 27.165581] ? __pfx_kthread+0x10/0x10 [ 27.167128] ret_from_fork+0x41/0x80 [ 27.168215] ? __pfx_kthread+0x10/0x10 [ 27.169106] ret_from_fork_asm+0x1a/0x30 [ 27.169989] </TASK> [ 27.170177] [ 27.170764] Allocated by task 267: [ 27.171278] kasan_save_stack+0x3d/0x60 [ 27.171919] kasan_save_track+0x18/0x40 [ 27.172705] kasan_save_alloc_info+0x3b/0x50 [ 27.173174] __kasan_kmalloc+0xb7/0xc0 [ 27.173562] __kmalloc_cache_noprof+0x184/0x410 [ 27.175410] kasan_strings+0xb9/0xb60 [ 27.175788] kunit_try_run_case+0x1b3/0x490 [ 27.176993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.178197] kthread+0x257/0x310 [ 27.178781] ret_from_fork+0x41/0x80 [ 27.180195] ret_from_fork_asm+0x1a/0x30 [ 27.180604] [ 27.180862] Freed by task 267: [ 27.181427] kasan_save_stack+0x3d/0x60 [ 27.182539] kasan_save_track+0x18/0x40 [ 27.183369] kasan_save_free_info+0x3f/0x60 [ 27.183882] __kasan_slab_free+0x56/0x70 [ 27.184983] kfree+0x123/0x3f0 [ 27.186013] kasan_strings+0x13c/0xb60 [ 27.186902] kunit_try_run_case+0x1b3/0x490 [ 27.187338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.187901] kthread+0x257/0x310 [ 27.188919] ret_from_fork+0x41/0x80 [ 27.189407] ret_from_fork_asm+0x1a/0x30 [ 27.190032] [ 27.190630] The buggy address belongs to the object at ffff888102481680 [ 27.190630] which belongs to the cache kmalloc-32 of size 32 [ 27.192591] The buggy address is located 16 bytes inside of [ 27.192591] freed 32-byte region [ffff888102481680, ffff8881024816a0) [ 27.194255] [ 27.194636] The buggy address belongs to the physical page: [ 27.195319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102481 [ 27.196294] flags: 0x200000000000000(node=0|zone=2) [ 27.197014] page_type: f5(slab) [ 27.198280] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.199386] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.200620] page dumped because: kasan: bad access detected [ 27.201082] [ 27.201456] Memory state around the buggy address: [ 27.202794] ffff888102481580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.203369] ffff888102481600: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.204050] >ffff888102481680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.205792] ^ [ 27.206103] ffff888102481700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.206953] ffff888102481780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.208352] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 27.068226] ================================================================== [ 27.072091] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 27.072741] Read of size 1 at addr ffff888102481690 by task kunit_try_catch/267 [ 27.074030] [ 27.075646] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.076524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.077067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.078477] Call Trace: [ 27.079612] <TASK> [ 27.079771] dump_stack_lvl+0x73/0xb0 [ 27.080059] print_report+0xd1/0x640 [ 27.080316] ? __virt_addr_valid+0x1db/0x2d0 [ 27.080586] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.081587] kasan_report+0x102/0x140 [ 27.082583] ? strcmp+0xb0/0xc0 [ 27.083738] ? strcmp+0xb0/0xc0 [ 27.084419] __asan_report_load1_noabort+0x18/0x20 [ 27.085672] strcmp+0xb0/0xc0 [ 27.086040] kasan_strings+0x2d3/0xb60 [ 27.086427] ? __pfx_kasan_strings+0x10/0x10 [ 27.087522] ? __schedule+0xc70/0x27e0 [ 27.088492] ? __pfx_read_tsc+0x10/0x10 [ 27.089745] ? ktime_get_ts64+0x86/0x230 [ 27.090201] kunit_try_run_case+0x1b3/0x490 [ 27.091516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.092041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.093268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.093881] ? __kthread_parkme+0x82/0x160 [ 27.095123] ? preempt_count_sub+0x50/0x80 [ 27.095547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.096164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.096838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.097980] kthread+0x257/0x310 [ 27.098966] ? __pfx_kthread+0x10/0x10 [ 27.100123] ret_from_fork+0x41/0x80 [ 27.101063] ? __pfx_kthread+0x10/0x10 [ 27.101472] ret_from_fork_asm+0x1a/0x30 [ 27.102230] </TASK> [ 27.103375] [ 27.103987] Allocated by task 267: [ 27.104572] kasan_save_stack+0x3d/0x60 [ 27.105044] kasan_save_track+0x18/0x40 [ 27.105427] kasan_save_alloc_info+0x3b/0x50 [ 27.105999] __kasan_kmalloc+0xb7/0xc0 [ 27.107441] __kmalloc_cache_noprof+0x184/0x410 [ 27.107901] kasan_strings+0xb9/0xb60 [ 27.108592] kunit_try_run_case+0x1b3/0x490 [ 27.109446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.110949] kthread+0x257/0x310 [ 27.111628] ret_from_fork+0x41/0x80 [ 27.112350] ret_from_fork_asm+0x1a/0x30 [ 27.112805] [ 27.114149] Freed by task 267: [ 27.114614] kasan_save_stack+0x3d/0x60 [ 27.115497] kasan_save_track+0x18/0x40 [ 27.116021] kasan_save_free_info+0x3f/0x60 [ 27.116392] __kasan_slab_free+0x56/0x70 [ 27.116841] kfree+0x123/0x3f0 [ 27.117232] kasan_strings+0x13c/0xb60 [ 27.117637] kunit_try_run_case+0x1b3/0x490 [ 27.118117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.118477] kthread+0x257/0x310 [ 27.118730] ret_from_fork+0x41/0x80 [ 27.120313] ret_from_fork_asm+0x1a/0x30 [ 27.121305] [ 27.121687] The buggy address belongs to the object at ffff888102481680 [ 27.121687] which belongs to the cache kmalloc-32 of size 32 [ 27.124108] The buggy address is located 16 bytes inside of [ 27.124108] freed 32-byte region [ffff888102481680, ffff8881024816a0) [ 27.126062] [ 27.126413] The buggy address belongs to the physical page: [ 27.127423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102481 [ 27.128005] flags: 0x200000000000000(node=0|zone=2) [ 27.128433] page_type: f5(slab) [ 27.128894] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.130222] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.131296] page dumped because: kasan: bad access detected [ 27.132290] [ 27.132658] Memory state around the buggy address: [ 27.133305] ffff888102481580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.134396] ffff888102481600: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.135319] >ffff888102481680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.136779] ^ [ 27.138292] ffff888102481700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.139110] ffff888102481780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.139859] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 26.995334] ================================================================== [ 26.996109] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 26.997119] Read of size 1 at addr ffff88810292db98 by task kunit_try_catch/265 [ 26.998541] [ 26.999002] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.000764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.002121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.002594] Call Trace: [ 27.002825] <TASK> [ 27.003147] dump_stack_lvl+0x73/0xb0 [ 27.004348] print_report+0xd1/0x640 [ 27.005319] ? __virt_addr_valid+0x1db/0x2d0 [ 27.005705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.006901] kasan_report+0x102/0x140 [ 27.007741] ? memcmp+0x1b4/0x1d0 [ 27.008104] ? memcmp+0x1b4/0x1d0 [ 27.008582] __asan_report_load1_noabort+0x18/0x20 [ 27.009212] memcmp+0x1b4/0x1d0 [ 27.009982] kasan_memcmp+0x190/0x390 [ 27.010901] ? trace_hardirqs_on+0x37/0xe0 [ 27.011612] ? __pfx_kasan_memcmp+0x10/0x10 [ 27.012172] ? finish_task_switch.isra.0+0x153/0x700 [ 27.012959] ? __switch_to+0x5d9/0xf60 [ 27.014166] ? __pfx_read_tsc+0x10/0x10 [ 27.014584] ? ktime_get_ts64+0x86/0x230 [ 27.015061] kunit_try_run_case+0x1b3/0x490 [ 27.015815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.016805] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.018300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.019052] ? __kthread_parkme+0x82/0x160 [ 27.020252] ? preempt_count_sub+0x50/0x80 [ 27.020688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.021751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.022341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.023505] kthread+0x257/0x310 [ 27.023807] ? __pfx_kthread+0x10/0x10 [ 27.024688] ret_from_fork+0x41/0x80 [ 27.025137] ? __pfx_kthread+0x10/0x10 [ 27.025756] ret_from_fork_asm+0x1a/0x30 [ 27.026250] </TASK> [ 27.027228] [ 27.027457] Allocated by task 265: [ 27.027758] kasan_save_stack+0x3d/0x60 [ 27.029029] kasan_save_track+0x18/0x40 [ 27.029584] kasan_save_alloc_info+0x3b/0x50 [ 27.031077] __kasan_kmalloc+0xb7/0xc0 [ 27.031701] __kmalloc_cache_noprof+0x184/0x410 [ 27.032024] kasan_memcmp+0xb8/0x390 [ 27.032507] kunit_try_run_case+0x1b3/0x490 [ 27.032999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.034690] kthread+0x257/0x310 [ 27.034989] ret_from_fork+0x41/0x80 [ 27.035421] ret_from_fork_asm+0x1a/0x30 [ 27.037147] [ 27.037308] The buggy address belongs to the object at ffff88810292db80 [ 27.037308] which belongs to the cache kmalloc-32 of size 32 [ 27.039030] The buggy address is located 0 bytes to the right of [ 27.039030] allocated 24-byte region [ffff88810292db80, ffff88810292db98) [ 27.040212] [ 27.041402] The buggy address belongs to the physical page: [ 27.042278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10292d [ 27.043255] flags: 0x200000000000000(node=0|zone=2) [ 27.043743] page_type: f5(slab) [ 27.044119] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.046357] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.047138] page dumped because: kasan: bad access detected [ 27.047541] [ 27.048327] Memory state around the buggy address: [ 27.049511] ffff88810292da80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.051353] ffff88810292db00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 27.051910] >ffff88810292db80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.052825] ^ [ 27.053192] ffff88810292dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.054513] ffff88810292dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.056163] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 23.632300] ================================================================== [ 23.634329] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 23.635334] Write of size 128 at addr ffff888102472700 by task kunit_try_catch/178 [ 23.636542] [ 23.636760] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.639102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.639535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.640394] Call Trace: [ 23.640687] <TASK> [ 23.642105] dump_stack_lvl+0x73/0xb0 [ 23.643178] print_report+0xd1/0x640 [ 23.644193] ? __virt_addr_valid+0x1db/0x2d0 [ 23.644638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.645607] kasan_report+0x102/0x140 [ 23.646377] ? kmalloc_oob_in_memset+0x160/0x320 [ 23.647313] ? kmalloc_oob_in_memset+0x160/0x320 [ 23.648531] kasan_check_range+0x10c/0x1c0 [ 23.648880] __asan_memset+0x27/0x50 [ 23.649627] kmalloc_oob_in_memset+0x160/0x320 [ 23.650402] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 23.651113] ? __schedule+0xc70/0x27e0 [ 23.652515] ? __pfx_read_tsc+0x10/0x10 [ 23.653086] ? ktime_get_ts64+0x86/0x230 [ 23.653569] kunit_try_run_case+0x1b3/0x490 [ 23.654987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.655659] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.656124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.656555] ? __kthread_parkme+0x82/0x160 [ 23.656989] ? preempt_count_sub+0x50/0x80 [ 23.657506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.658277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.659226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.660325] kthread+0x257/0x310 [ 23.660877] ? __pfx_kthread+0x10/0x10 [ 23.661466] ret_from_fork+0x41/0x80 [ 23.663160] ? __pfx_kthread+0x10/0x10 [ 23.664033] ret_from_fork_asm+0x1a/0x30 [ 23.664524] </TASK> [ 23.665236] [ 23.665427] Allocated by task 178: [ 23.665853] kasan_save_stack+0x3d/0x60 [ 23.667207] kasan_save_track+0x18/0x40 [ 23.667691] kasan_save_alloc_info+0x3b/0x50 [ 23.668091] __kasan_kmalloc+0xb7/0xc0 [ 23.669072] __kmalloc_cache_noprof+0x184/0x410 [ 23.669980] kmalloc_oob_in_memset+0xad/0x320 [ 23.670278] kunit_try_run_case+0x1b3/0x490 [ 23.670542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.670868] kthread+0x257/0x310 [ 23.671131] ret_from_fork+0x41/0x80 [ 23.671369] ret_from_fork_asm+0x1a/0x30 [ 23.672253] [ 23.672444] The buggy address belongs to the object at ffff888102472700 [ 23.672444] which belongs to the cache kmalloc-128 of size 128 [ 23.674698] The buggy address is located 0 bytes inside of [ 23.674698] allocated 120-byte region [ffff888102472700, ffff888102472778) [ 23.675342] [ 23.675508] The buggy address belongs to the physical page: [ 23.675826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102472 [ 23.676298] flags: 0x200000000000000(node=0|zone=2) [ 23.676622] page_type: f5(slab) [ 23.677410] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.679267] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.679911] page dumped because: kasan: bad access detected [ 23.680483] [ 23.680744] Memory state around the buggy address: [ 23.682493] ffff888102472600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.683152] ffff888102472680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.683769] >ffff888102472700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.685354] ^ [ 23.686393] ffff888102472780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.687552] ffff888102472800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.688324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 23.565415] ================================================================== [ 23.566637] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 23.567559] Read of size 16 at addr ffff888101fff6e0 by task kunit_try_catch/176 [ 23.568451] [ 23.568889] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 23.570879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.571487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.572212] Call Trace: [ 23.572974] <TASK> [ 23.573504] dump_stack_lvl+0x73/0xb0 [ 23.574335] print_report+0xd1/0x640 [ 23.574868] ? __virt_addr_valid+0x1db/0x2d0 [ 23.576017] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.576609] kasan_report+0x102/0x140 [ 23.577415] ? kmalloc_uaf_16+0x47d/0x4c0 [ 23.577708] ? kmalloc_uaf_16+0x47d/0x4c0 [ 23.578738] __asan_report_load16_noabort+0x18/0x20 [ 23.579646] kmalloc_uaf_16+0x47d/0x4c0 [ 23.579983] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 23.581083] ? __schedule+0xc70/0x27e0 [ 23.582020] ? __pfx_read_tsc+0x10/0x10 [ 23.582751] ? ktime_get_ts64+0x86/0x230 [ 23.583759] kunit_try_run_case+0x1b3/0x490 [ 23.585119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.585840] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.586114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.586349] ? __kthread_parkme+0x82/0x160 [ 23.586689] ? preempt_count_sub+0x50/0x80 [ 23.587171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.587470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.587850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.588798] kthread+0x257/0x310 [ 23.589901] ? __pfx_kthread+0x10/0x10 [ 23.590499] ret_from_fork+0x41/0x80 [ 23.591211] ? __pfx_kthread+0x10/0x10 [ 23.591603] ret_from_fork_asm+0x1a/0x30 [ 23.592171] </TASK> [ 23.592628] [ 23.593188] Allocated by task 176: [ 23.593895] kasan_save_stack+0x3d/0x60 [ 23.594373] kasan_save_track+0x18/0x40 [ 23.595758] kasan_save_alloc_info+0x3b/0x50 [ 23.596799] __kasan_kmalloc+0xb7/0xc0 [ 23.597132] __kmalloc_cache_noprof+0x184/0x410 [ 23.598086] kmalloc_uaf_16+0x15c/0x4c0 [ 23.598657] kunit_try_run_case+0x1b3/0x490 [ 23.599362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.600141] kthread+0x257/0x310 [ 23.600796] ret_from_fork+0x41/0x80 [ 23.601258] ret_from_fork_asm+0x1a/0x30 [ 23.601795] [ 23.602140] Freed by task 176: [ 23.602736] kasan_save_stack+0x3d/0x60 [ 23.603189] kasan_save_track+0x18/0x40 [ 23.603951] kasan_save_free_info+0x3f/0x60 [ 23.604259] __kasan_slab_free+0x56/0x70 [ 23.604724] kfree+0x123/0x3f0 [ 23.605364] kmalloc_uaf_16+0x1d7/0x4c0 [ 23.605986] kunit_try_run_case+0x1b3/0x490 [ 23.606610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.607592] kthread+0x257/0x310 [ 23.608138] ret_from_fork+0x41/0x80 [ 23.609113] ret_from_fork_asm+0x1a/0x30 [ 23.609472] [ 23.609639] The buggy address belongs to the object at ffff888101fff6e0 [ 23.609639] which belongs to the cache kmalloc-16 of size 16 [ 23.611079] The buggy address is located 0 bytes inside of [ 23.611079] freed 16-byte region [ffff888101fff6e0, ffff888101fff6f0) [ 23.612265] [ 23.612693] The buggy address belongs to the physical page: [ 23.613407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101fff [ 23.614457] flags: 0x200000000000000(node=0|zone=2) [ 23.614984] page_type: f5(slab) [ 23.615549] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.616830] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.618558] page dumped because: kasan: bad access detected [ 23.619343] [ 23.619542] Memory state around the buggy address: [ 23.620281] ffff888101fff580: fa fb fc fc 00 02 fc fc 00 02 fc fc 00 00 fc fc [ 23.621243] ffff888101fff600: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.622064] >ffff888101fff680: fa fb fc fc 00 04 fc fc 00 00 fc fc fa fb fc fc [ 23.622755] ^ [ 23.623442] ffff888101fff700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.624455] ffff888101fff780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.625373] ================================================================== [ 24.219009] ================================================================== [ 24.219858] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 24.220593] Read of size 1 at addr ffff888102470ca8 by task kunit_try_catch/196 [ 24.221284] [ 24.221664] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.222845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.223344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.224179] Call Trace: [ 24.224410] <TASK> [ 24.224966] dump_stack_lvl+0x73/0xb0 [ 24.225627] print_report+0xd1/0x640 [ 24.226095] ? __virt_addr_valid+0x1db/0x2d0 [ 24.226720] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.227225] kasan_report+0x102/0x140 [ 24.227833] ? kmalloc_uaf2+0x4aa/0x520 [ 24.228321] ? kmalloc_uaf2+0x4aa/0x520 [ 24.228733] __asan_report_load1_noabort+0x18/0x20 [ 24.229100] kmalloc_uaf2+0x4aa/0x520 [ 24.229679] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 24.230535] ? finish_task_switch.isra.0+0x153/0x700 [ 24.231129] ? __switch_to+0x5d9/0xf60 [ 24.231606] ? __schedule+0xc70/0x27e0 [ 24.231953] ? __pfx_read_tsc+0x10/0x10 [ 24.232725] ? ktime_get_ts64+0x86/0x230 [ 24.233381] kunit_try_run_case+0x1b3/0x490 [ 24.233887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.234416] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.234756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.235115] ? __kthread_parkme+0x82/0x160 [ 24.235625] ? preempt_count_sub+0x50/0x80 [ 24.236430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.237025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.237805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.238410] kthread+0x257/0x310 [ 24.238779] ? __pfx_kthread+0x10/0x10 [ 24.239271] ret_from_fork+0x41/0x80 [ 24.239945] ? __pfx_kthread+0x10/0x10 [ 24.240437] ret_from_fork_asm+0x1a/0x30 [ 24.240760] </TASK> [ 24.241074] [ 24.241466] Allocated by task 196: [ 24.242023] kasan_save_stack+0x3d/0x60 [ 24.242619] kasan_save_track+0x18/0x40 [ 24.243051] kasan_save_alloc_info+0x3b/0x50 [ 24.243673] __kasan_kmalloc+0xb7/0xc0 [ 24.244115] __kmalloc_cache_noprof+0x184/0x410 [ 24.244427] kmalloc_uaf2+0xc7/0x520 [ 24.244690] kunit_try_run_case+0x1b3/0x490 [ 24.245321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.246043] kthread+0x257/0x310 [ 24.246628] ret_from_fork+0x41/0x80 [ 24.247140] ret_from_fork_asm+0x1a/0x30 [ 24.247607] [ 24.247888] Freed by task 196: [ 24.248314] kasan_save_stack+0x3d/0x60 [ 24.248656] kasan_save_track+0x18/0x40 [ 24.248973] kasan_save_free_info+0x3f/0x60 [ 24.249271] __kasan_slab_free+0x56/0x70 [ 24.249556] kfree+0x123/0x3f0 [ 24.250003] kmalloc_uaf2+0x14d/0x520 [ 24.250622] kunit_try_run_case+0x1b3/0x490 [ 24.251190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.252100] kthread+0x257/0x310 [ 24.252514] ret_from_fork+0x41/0x80 [ 24.252786] ret_from_fork_asm+0x1a/0x30 [ 24.253236] [ 24.253485] The buggy address belongs to the object at ffff888102470c80 [ 24.253485] which belongs to the cache kmalloc-64 of size 64 [ 24.255262] The buggy address is located 40 bytes inside of [ 24.255262] freed 64-byte region [ffff888102470c80, ffff888102470cc0) [ 24.256692] [ 24.256879] The buggy address belongs to the physical page: [ 24.257516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102470 [ 24.258885] flags: 0x200000000000000(node=0|zone=2) [ 24.259263] page_type: f5(slab) [ 24.259528] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.260475] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.261834] page dumped because: kasan: bad access detected [ 24.262524] [ 24.262797] Memory state around the buggy address: [ 24.263372] ffff888102470b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.263791] ffff888102470c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.264980] >ffff888102470c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.265562] ^ [ 24.266381] ffff888102470d00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 24.267501] ffff888102470d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.268747] ================================================================== [ 24.067069] ================================================================== [ 24.068999] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 24.070559] Read of size 1 at addr ffff888101b3ccc8 by task kunit_try_catch/192 [ 24.071474] [ 24.072247] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.073524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.073991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.074824] Call Trace: [ 24.075964] <TASK> [ 24.076204] dump_stack_lvl+0x73/0xb0 [ 24.077044] print_report+0xd1/0x640 [ 24.078297] ? __virt_addr_valid+0x1db/0x2d0 [ 24.079021] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.079535] kasan_report+0x102/0x140 [ 24.080398] ? kmalloc_uaf+0x322/0x380 [ 24.081470] ? kmalloc_uaf+0x322/0x380 [ 24.082386] __asan_report_load1_noabort+0x18/0x20 [ 24.082879] kmalloc_uaf+0x322/0x380 [ 24.083460] ? __pfx_kmalloc_uaf+0x10/0x10 [ 24.084209] ? __pfx_kmalloc_uaf+0x10/0x10 [ 24.084856] kunit_try_run_case+0x1b3/0x490 [ 24.085517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.086119] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.086542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.087861] ? __kthread_parkme+0x82/0x160 [ 24.088181] ? preempt_count_sub+0x50/0x80 [ 24.088818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.089583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.090471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.091893] kthread+0x257/0x310 [ 24.092398] ? __pfx_kthread+0x10/0x10 [ 24.093022] ret_from_fork+0x41/0x80 [ 24.093822] ? __pfx_kthread+0x10/0x10 [ 24.095152] ret_from_fork_asm+0x1a/0x30 [ 24.095631] </TASK> [ 24.095897] [ 24.096410] Allocated by task 192: [ 24.097676] kasan_save_stack+0x3d/0x60 [ 24.098026] kasan_save_track+0x18/0x40 [ 24.099052] kasan_save_alloc_info+0x3b/0x50 [ 24.100185] __kasan_kmalloc+0xb7/0xc0 [ 24.100443] __kmalloc_cache_noprof+0x184/0x410 [ 24.100833] kmalloc_uaf+0xab/0x380 [ 24.101585] kunit_try_run_case+0x1b3/0x490 [ 24.102396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.103854] kthread+0x257/0x310 [ 24.104842] ret_from_fork+0x41/0x80 [ 24.105243] ret_from_fork_asm+0x1a/0x30 [ 24.105891] [ 24.106576] Freed by task 192: [ 24.107019] kasan_save_stack+0x3d/0x60 [ 24.108648] kasan_save_track+0x18/0x40 [ 24.108866] kasan_save_free_info+0x3f/0x60 [ 24.109808] __kasan_slab_free+0x56/0x70 [ 24.110842] kfree+0x123/0x3f0 [ 24.111135] kmalloc_uaf+0x12d/0x380 [ 24.112143] kunit_try_run_case+0x1b3/0x490 [ 24.112815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.113895] kthread+0x257/0x310 [ 24.114199] ret_from_fork+0x41/0x80 [ 24.114654] ret_from_fork_asm+0x1a/0x30 [ 24.115120] [ 24.115308] The buggy address belongs to the object at ffff888101b3ccc0 [ 24.115308] which belongs to the cache kmalloc-16 of size 16 [ 24.117441] The buggy address is located 8 bytes inside of [ 24.117441] freed 16-byte region [ffff888101b3ccc0, ffff888101b3ccd0) [ 24.119253] [ 24.119478] The buggy address belongs to the physical page: [ 24.120339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 24.121573] flags: 0x200000000000000(node=0|zone=2) [ 24.122097] page_type: f5(slab) [ 24.124962] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.125446] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.126724] page dumped because: kasan: bad access detected [ 24.127301] [ 24.128170] Memory state around the buggy address: [ 24.128458] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 24.130150] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 24.130799] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 24.132016] ^ [ 24.132526] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.133292] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.134152] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 40.020886] ================================================================== [ 40.022038] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 40.022038] [ 40.022858] Invalid read at 0x(____ptrval____): [ 40.024615] test_invalid_access+0xf1/0x210 [ 40.025066] kunit_try_run_case+0x1b3/0x490 [ 40.026346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.027187] kthread+0x257/0x310 [ 40.027734] ret_from_fork+0x41/0x80 [ 40.028480] ret_from_fork_asm+0x1a/0x30 [ 40.028870] [ 40.029318] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 40.030656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.031162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.031601] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 39.795345] ================================================================== [ 39.795866] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.795866] [ 39.796854] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#173): [ 39.798101] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.798689] kunit_try_run_case+0x1b3/0x490 [ 39.799287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.799825] kthread+0x257/0x310 [ 39.800158] ret_from_fork+0x41/0x80 [ 39.800705] ret_from_fork_asm+0x1a/0x30 [ 39.801419] [ 39.801650] kfence-#173: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.801650] [ 39.802806] allocated by task 333 on cpu 0 at 39.795024s (0.007777s ago): [ 39.803625] test_alloc+0x35f/0x10d0 [ 39.804171] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 39.804866] kunit_try_run_case+0x1b3/0x490 [ 39.805344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.806029] kthread+0x257/0x310 [ 39.806566] ret_from_fork+0x41/0x80 [ 39.807125] ret_from_fork_asm+0x1a/0x30 [ 39.807678] [ 39.807965] freed by task 333 on cpu 0 at 39.795209s (0.012752s ago): [ 39.808616] test_kmalloc_aligned_oob_write+0x251/0x340 [ 39.809156] kunit_try_run_case+0x1b3/0x490 [ 39.809510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.810050] kthread+0x257/0x310 [ 39.810401] ret_from_fork+0x41/0x80 [ 39.810783] ret_from_fork_asm+0x1a/0x30 [ 39.811244] [ 39.811439] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 39.812067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.812622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.813606] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.691339] ================================================================== [ 39.692030] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.692030] [ 39.693034] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#172): [ 39.694516] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.695046] kunit_try_run_case+0x1b3/0x490 [ 39.695715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.696426] kthread+0x257/0x310 [ 39.696743] ret_from_fork+0x41/0x80 [ 39.697056] ret_from_fork_asm+0x1a/0x30 [ 39.697593] [ 39.697812] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.697812] [ 39.698646] allocated by task 331 on cpu 0 at 39.691039s (0.007603s ago): [ 39.699223] test_alloc+0x35f/0x10d0 [ 39.699650] test_kmalloc_aligned_oob_read+0x106/0x570 [ 39.700261] kunit_try_run_case+0x1b3/0x490 [ 39.700663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.701062] kthread+0x257/0x310 [ 39.701483] ret_from_fork+0x41/0x80 [ 39.701915] ret_from_fork_asm+0x1a/0x30 [ 39.702396] [ 39.702597] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 39.703464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.703737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.704712] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 34.595370] ================================================================== [ 34.596296] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 34.596296] [ 34.597005] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#123): [ 34.599206] test_corruption+0x132/0x3e0 [ 34.599957] kunit_try_run_case+0x1b3/0x490 [ 34.600719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.601397] kthread+0x257/0x310 [ 34.601792] ret_from_fork+0x41/0x80 [ 34.602250] ret_from_fork_asm+0x1a/0x30 [ 34.602554] [ 34.602949] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.602949] [ 34.604360] allocated by task 321 on cpu 1 at 34.595171s (0.009181s ago): [ 34.605580] test_alloc+0x2a7/0x10d0 [ 34.606077] test_corruption+0xe7/0x3e0 [ 34.607097] kunit_try_run_case+0x1b3/0x490 [ 34.607680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.608806] kthread+0x257/0x310 [ 34.609123] ret_from_fork+0x41/0x80 [ 34.609841] ret_from_fork_asm+0x1a/0x30 [ 34.610350] [ 34.610568] freed by task 321 on cpu 1 at 34.595258s (0.015306s ago): [ 34.611569] test_corruption+0x132/0x3e0 [ 34.612365] kunit_try_run_case+0x1b3/0x490 [ 34.612852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.613822] kthread+0x257/0x310 [ 34.614041] ret_from_fork+0x41/0x80 [ 34.614312] ret_from_fork_asm+0x1a/0x30 [ 34.615481] [ 34.615704] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.617191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.617694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.618880] ================================================================== [ 34.387416] ================================================================== [ 34.388058] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 34.388058] [ 34.389096] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#121): [ 34.391468] test_corruption+0x2d4/0x3e0 [ 34.391828] kunit_try_run_case+0x1b3/0x490 [ 34.392821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.393517] kthread+0x257/0x310 [ 34.393902] ret_from_fork+0x41/0x80 [ 34.394175] ret_from_fork_asm+0x1a/0x30 [ 34.394615] [ 34.394823] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.394823] [ 34.396768] allocated by task 319 on cpu 0 at 34.387181s (0.009580s ago): [ 34.398101] test_alloc+0x35f/0x10d0 [ 34.398545] test_corruption+0xe7/0x3e0 [ 34.398991] kunit_try_run_case+0x1b3/0x490 [ 34.399630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.401035] kthread+0x257/0x310 [ 34.401449] ret_from_fork+0x41/0x80 [ 34.401963] ret_from_fork_asm+0x1a/0x30 [ 34.402470] [ 34.402639] freed by task 319 on cpu 0 at 34.387309s (0.015327s ago): [ 34.403624] test_corruption+0x2d4/0x3e0 [ 34.404079] kunit_try_run_case+0x1b3/0x490 [ 34.404715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.405724] kthread+0x257/0x310 [ 34.406214] ret_from_fork+0x41/0x80 [ 34.406717] ret_from_fork_asm+0x1a/0x30 [ 34.407117] [ 34.407433] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.408439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.408740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.410051] ================================================================== [ 34.803318] ================================================================== [ 34.804038] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 34.804038] [ 34.804638] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#125): [ 34.805229] test_corruption+0x217/0x3e0 [ 34.805792] kunit_try_run_case+0x1b3/0x490 [ 34.806867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.807966] kthread+0x257/0x310 [ 34.808619] ret_from_fork+0x41/0x80 [ 34.809216] ret_from_fork_asm+0x1a/0x30 [ 34.809705] [ 34.810063] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.810063] [ 34.811332] allocated by task 321 on cpu 1 at 34.803111s (0.008215s ago): [ 34.812143] test_alloc+0x2a7/0x10d0 [ 34.812452] test_corruption+0x1cc/0x3e0 [ 34.813195] kunit_try_run_case+0x1b3/0x490 [ 34.813570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.814335] kthread+0x257/0x310 [ 34.814686] ret_from_fork+0x41/0x80 [ 34.815095] ret_from_fork_asm+0x1a/0x30 [ 34.815509] [ 34.815705] freed by task 321 on cpu 1 at 34.803198s (0.012504s ago): [ 34.817369] test_corruption+0x217/0x3e0 [ 34.817905] kunit_try_run_case+0x1b3/0x490 [ 34.818235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.819344] kthread+0x257/0x310 [ 34.819722] ret_from_fork+0x41/0x80 [ 34.819913] ret_from_fork_asm+0x1a/0x30 [ 34.820301] [ 34.821222] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.822245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.822648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.823728] ================================================================== [ 34.491571] ================================================================== [ 34.492430] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 34.492430] [ 34.493083] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#122): [ 34.493691] test_corruption+0x2e1/0x3e0 [ 34.494571] kunit_try_run_case+0x1b3/0x490 [ 34.495449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.496230] kthread+0x257/0x310 [ 34.496710] ret_from_fork+0x41/0x80 [ 34.497373] ret_from_fork_asm+0x1a/0x30 [ 34.497851] [ 34.498065] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.498065] [ 34.498873] allocated by task 319 on cpu 0 at 34.491176s (0.007692s ago): [ 34.499679] test_alloc+0x35f/0x10d0 [ 34.500113] test_corruption+0x1cc/0x3e0 [ 34.500529] kunit_try_run_case+0x1b3/0x490 [ 34.501027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.501906] kthread+0x257/0x310 [ 34.502704] ret_from_fork+0x41/0x80 [ 34.503176] ret_from_fork_asm+0x1a/0x30 [ 34.503560] [ 34.503797] freed by task 319 on cpu 0 at 34.491320s (0.012472s ago): [ 34.505245] test_corruption+0x2e1/0x3e0 [ 34.505687] kunit_try_run_case+0x1b3/0x490 [ 34.507035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.507706] kthread+0x257/0x310 [ 34.508815] ret_from_fork+0x41/0x80 [ 34.509283] ret_from_fork_asm+0x1a/0x30 [ 34.509578] [ 34.509864] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.511443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.511895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.512367] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 34.179385] ================================================================== [ 34.180365] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 34.180365] [ 34.181804] Invalid free of 0x(____ptrval____) (in kfence-#119): [ 34.183022] test_invalid_addr_free+0x1e3/0x260 [ 34.183572] kunit_try_run_case+0x1b3/0x490 [ 34.184044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.185280] kthread+0x257/0x310 [ 34.185852] ret_from_fork+0x41/0x80 [ 34.186311] ret_from_fork_asm+0x1a/0x30 [ 34.187004] [ 34.187515] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.187515] [ 34.188312] allocated by task 315 on cpu 0 at 34.179190s (0.009117s ago): [ 34.189322] test_alloc+0x35f/0x10d0 [ 34.190249] test_invalid_addr_free+0xdc/0x260 [ 34.190486] kunit_try_run_case+0x1b3/0x490 [ 34.190679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.190906] kthread+0x257/0x310 [ 34.191189] ret_from_fork+0x41/0x80 [ 34.191458] ret_from_fork_asm+0x1a/0x30 [ 34.192083] [ 34.192373] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.193290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.193601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.194566] ================================================================== [ 34.283369] ================================================================== [ 34.284201] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 34.284201] [ 34.285520] Invalid free of 0x(____ptrval____) (in kfence-#120): [ 34.285842] test_invalid_addr_free+0xfc/0x260 [ 34.286165] kunit_try_run_case+0x1b3/0x490 [ 34.286801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.287636] kthread+0x257/0x310 [ 34.288302] ret_from_fork+0x41/0x80 [ 34.289655] ret_from_fork_asm+0x1a/0x30 [ 34.290654] [ 34.290905] kfence-#120: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.290905] [ 34.291728] allocated by task 317 on cpu 0 at 34.283196s (0.008526s ago): [ 34.292514] test_alloc+0x2a7/0x10d0 [ 34.293373] test_invalid_addr_free+0xdc/0x260 [ 34.293828] kunit_try_run_case+0x1b3/0x490 [ 34.295335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.295810] kthread+0x257/0x310 [ 34.296476] ret_from_fork+0x41/0x80 [ 34.297198] ret_from_fork_asm+0x1a/0x30 [ 34.297868] [ 34.298186] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.299784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.300681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.301951] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 34.075438] ================================================================== [ 34.076251] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 34.076251] [ 34.076910] Invalid free of 0x(____ptrval____) (in kfence-#118): [ 34.077586] test_double_free+0x113/0x260 [ 34.079033] kunit_try_run_case+0x1b3/0x490 [ 34.079517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.080105] kthread+0x257/0x310 [ 34.080518] ret_from_fork+0x41/0x80 [ 34.080926] ret_from_fork_asm+0x1a/0x30 [ 34.081592] [ 34.081804] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.081804] [ 34.082788] allocated by task 313 on cpu 0 at 34.075188s (0.007592s ago): [ 34.083636] test_alloc+0x2a7/0x10d0 [ 34.084152] test_double_free+0xdc/0x260 [ 34.084716] kunit_try_run_case+0x1b3/0x490 [ 34.085232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.085867] kthread+0x257/0x310 [ 34.086414] ret_from_fork+0x41/0x80 [ 34.086910] ret_from_fork_asm+0x1a/0x30 [ 34.087299] [ 34.087612] freed by task 313 on cpu 0 at 34.075272s (0.012336s ago): [ 34.088542] test_double_free+0xfb/0x260 [ 34.088868] kunit_try_run_case+0x1b3/0x490 [ 34.089276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.090059] kthread+0x257/0x310 [ 34.090563] ret_from_fork+0x41/0x80 [ 34.090965] ret_from_fork_asm+0x1a/0x30 [ 34.091375] [ 34.091723] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 34.092967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.093460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.094249] ================================================================== [ 33.971497] ================================================================== [ 33.972346] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 33.972346] [ 33.973084] Invalid free of 0x(____ptrval____) (in kfence-#117): [ 33.973605] test_double_free+0x1d5/0x260 [ 33.975003] kunit_try_run_case+0x1b3/0x490 [ 33.975957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.976609] kthread+0x257/0x310 [ 33.977493] ret_from_fork+0x41/0x80 [ 33.978269] ret_from_fork_asm+0x1a/0x30 [ 33.978706] [ 33.979292] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.979292] [ 33.980422] allocated by task 311 on cpu 0 at 33.971178s (0.009237s ago): [ 33.981559] test_alloc+0x35f/0x10d0 [ 33.982426] test_double_free+0xdc/0x260 [ 33.983098] kunit_try_run_case+0x1b3/0x490 [ 33.983649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.984993] kthread+0x257/0x310 [ 33.985432] ret_from_fork+0x41/0x80 [ 33.985832] ret_from_fork_asm+0x1a/0x30 [ 33.987003] [ 33.987479] freed by task 311 on cpu 0 at 33.971285s (0.016190s ago): [ 33.988909] test_double_free+0x1e2/0x260 [ 33.989506] kunit_try_run_case+0x1b3/0x490 [ 33.990288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.990786] kthread+0x257/0x310 [ 33.991254] ret_from_fork+0x41/0x80 [ 33.992041] ret_from_fork_asm+0x1a/0x30 [ 33.992529] [ 33.992771] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 33.994201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.994797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.996045] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 24.357995] ================================================================== [ 24.359447] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 24.360321] Free of addr ffff888101fff700 by task kunit_try_catch/200 [ 24.361043] [ 24.361235] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.362803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.363177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.364201] Call Trace: [ 24.364554] <TASK> [ 24.364866] dump_stack_lvl+0x73/0xb0 [ 24.365420] print_report+0xd1/0x640 [ 24.365703] ? __virt_addr_valid+0x1db/0x2d0 [ 24.367575] ? kfree_sensitive+0x2e/0x90 [ 24.367925] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.369031] ? kfree_sensitive+0x2e/0x90 [ 24.369442] kasan_report_invalid_free+0xc0/0xf0 [ 24.370016] ? kfree_sensitive+0x2e/0x90 [ 24.370504] ? kfree_sensitive+0x2e/0x90 [ 24.371033] check_slab_allocation+0x101/0x130 [ 24.371634] __kasan_slab_pre_free+0x28/0x40 [ 24.372056] kfree+0xf1/0x3f0 [ 24.372315] ? kfree_sensitive+0x2e/0x90 [ 24.372786] kfree_sensitive+0x2e/0x90 [ 24.373295] kmalloc_double_kzfree+0x19d/0x360 [ 24.374292] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 24.374700] ? __schedule+0xc70/0x27e0 [ 24.375236] ? __pfx_read_tsc+0x10/0x10 [ 24.375829] ? ktime_get_ts64+0x86/0x230 [ 24.376514] kunit_try_run_case+0x1b3/0x490 [ 24.376913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.378495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.378900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.379266] ? __kthread_parkme+0x82/0x160 [ 24.379747] ? preempt_count_sub+0x50/0x80 [ 24.380711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.381646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.382242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.383580] kthread+0x257/0x310 [ 24.383905] ? __pfx_kthread+0x10/0x10 [ 24.384642] ret_from_fork+0x41/0x80 [ 24.385108] ? __pfx_kthread+0x10/0x10 [ 24.385984] ret_from_fork_asm+0x1a/0x30 [ 24.386807] </TASK> [ 24.387095] [ 24.387352] Allocated by task 200: [ 24.387761] kasan_save_stack+0x3d/0x60 [ 24.388353] kasan_save_track+0x18/0x40 [ 24.388631] kasan_save_alloc_info+0x3b/0x50 [ 24.388989] __kasan_kmalloc+0xb7/0xc0 [ 24.390513] __kmalloc_cache_noprof+0x184/0x410 [ 24.391057] kmalloc_double_kzfree+0xaa/0x360 [ 24.391449] kunit_try_run_case+0x1b3/0x490 [ 24.391812] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.392181] kthread+0x257/0x310 [ 24.393132] ret_from_fork+0x41/0x80 [ 24.393641] ret_from_fork_asm+0x1a/0x30 [ 24.394360] [ 24.394595] Freed by task 200: [ 24.394833] kasan_save_stack+0x3d/0x60 [ 24.395155] kasan_save_track+0x18/0x40 [ 24.395612] kasan_save_free_info+0x3f/0x60 [ 24.396377] __kasan_slab_free+0x56/0x70 [ 24.396906] kfree+0x123/0x3f0 [ 24.397161] kfree_sensitive+0x67/0x90 [ 24.398004] kmalloc_double_kzfree+0x12c/0x360 [ 24.398833] kunit_try_run_case+0x1b3/0x490 [ 24.399210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.400610] kthread+0x257/0x310 [ 24.401125] ret_from_fork+0x41/0x80 [ 24.401404] ret_from_fork_asm+0x1a/0x30 [ 24.401753] [ 24.402179] The buggy address belongs to the object at ffff888101fff700 [ 24.402179] which belongs to the cache kmalloc-16 of size 16 [ 24.403448] The buggy address is located 0 bytes inside of [ 24.403448] 16-byte region [ffff888101fff700, ffff888101fff710) [ 24.404813] [ 24.405124] The buggy address belongs to the physical page: [ 24.405791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101fff [ 24.407539] flags: 0x200000000000000(node=0|zone=2) [ 24.408386] page_type: f5(slab) [ 24.408883] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.409580] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.410063] page dumped because: kasan: bad access detected [ 24.410593] [ 24.410822] Memory state around the buggy address: [ 24.411382] ffff888101fff600: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.412203] ffff888101fff680: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 24.413253] >ffff888101fff700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.413971] ^ [ 24.414555] ffff888101fff780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.415000] ffff888101fff800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.415408] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 24.283377] ================================================================== [ 24.284771] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 24.286015] Read of size 1 at addr ffff888101fff700 by task kunit_try_catch/200 [ 24.286565] [ 24.286747] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.287760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.288068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.290003] Call Trace: [ 24.290625] <TASK> [ 24.291217] dump_stack_lvl+0x73/0xb0 [ 24.292206] print_report+0xd1/0x640 [ 24.292860] ? __virt_addr_valid+0x1db/0x2d0 [ 24.293625] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.294394] kasan_report+0x102/0x140 [ 24.294900] ? kmalloc_double_kzfree+0x19d/0x360 [ 24.295520] ? kmalloc_double_kzfree+0x19d/0x360 [ 24.296620] ? kmalloc_double_kzfree+0x19d/0x360 [ 24.297098] __kasan_check_byte+0x3d/0x50 [ 24.297686] kfree_sensitive+0x22/0x90 [ 24.298385] kmalloc_double_kzfree+0x19d/0x360 [ 24.298870] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 24.299459] ? __schedule+0xc70/0x27e0 [ 24.300926] ? __pfx_read_tsc+0x10/0x10 [ 24.301269] ? ktime_get_ts64+0x86/0x230 [ 24.302495] kunit_try_run_case+0x1b3/0x490 [ 24.303339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.303677] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.304883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.305303] ? __kthread_parkme+0x82/0x160 [ 24.305882] ? preempt_count_sub+0x50/0x80 [ 24.306247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.307630] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.308365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.309164] kthread+0x257/0x310 [ 24.309841] ? __pfx_kthread+0x10/0x10 [ 24.310240] ret_from_fork+0x41/0x80 [ 24.310761] ? __pfx_kthread+0x10/0x10 [ 24.311468] ret_from_fork_asm+0x1a/0x30 [ 24.313021] </TASK> [ 24.313858] [ 24.314141] Allocated by task 200: [ 24.314422] kasan_save_stack+0x3d/0x60 [ 24.315461] kasan_save_track+0x18/0x40 [ 24.316522] kasan_save_alloc_info+0x3b/0x50 [ 24.317154] __kasan_kmalloc+0xb7/0xc0 [ 24.317558] __kmalloc_cache_noprof+0x184/0x410 [ 24.318043] kmalloc_double_kzfree+0xaa/0x360 [ 24.320337] kunit_try_run_case+0x1b3/0x490 [ 24.320881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.321890] kthread+0x257/0x310 [ 24.322261] ret_from_fork+0x41/0x80 [ 24.323255] ret_from_fork_asm+0x1a/0x30 [ 24.324154] [ 24.324269] Freed by task 200: [ 24.324419] kasan_save_stack+0x3d/0x60 [ 24.325407] kasan_save_track+0x18/0x40 [ 24.325973] kasan_save_free_info+0x3f/0x60 [ 24.326530] __kasan_slab_free+0x56/0x70 [ 24.327318] kfree+0x123/0x3f0 [ 24.327908] kfree_sensitive+0x67/0x90 [ 24.328919] kmalloc_double_kzfree+0x12c/0x360 [ 24.330068] kunit_try_run_case+0x1b3/0x490 [ 24.330957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.331793] kthread+0x257/0x310 [ 24.333236] ret_from_fork+0x41/0x80 [ 24.334406] ret_from_fork_asm+0x1a/0x30 [ 24.335140] [ 24.335763] The buggy address belongs to the object at ffff888101fff700 [ 24.335763] which belongs to the cache kmalloc-16 of size 16 [ 24.337161] The buggy address is located 0 bytes inside of [ 24.337161] freed 16-byte region [ffff888101fff700, ffff888101fff710) [ 24.339310] [ 24.339589] The buggy address belongs to the physical page: [ 24.341009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101fff [ 24.342093] flags: 0x200000000000000(node=0|zone=2) [ 24.343047] page_type: f5(slab) [ 24.343528] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.345183] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.347229] page dumped because: kasan: bad access detected [ 24.347972] [ 24.348430] Memory state around the buggy address: [ 24.349332] ffff888101fff600: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.350576] ffff888101fff680: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 24.352193] >ffff888101fff700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.353491] ^ [ 24.354121] ffff888101fff780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355544] ffff888101fff800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.357048] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 24.142317] ================================================================== [ 24.143137] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 24.143830] Write of size 33 at addr ffff888102470c00 by task kunit_try_catch/194 [ 24.144769] [ 24.144988] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.145686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.146108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.147226] Call Trace: [ 24.147450] <TASK> [ 24.147853] dump_stack_lvl+0x73/0xb0 [ 24.148742] print_report+0xd1/0x640 [ 24.149289] ? __virt_addr_valid+0x1db/0x2d0 [ 24.150248] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.150807] kasan_report+0x102/0x140 [ 24.152515] ? kmalloc_uaf_memset+0x1a4/0x360 [ 24.152894] ? kmalloc_uaf_memset+0x1a4/0x360 [ 24.153670] kasan_check_range+0x10c/0x1c0 [ 24.154453] __asan_memset+0x27/0x50 [ 24.154750] kmalloc_uaf_memset+0x1a4/0x360 [ 24.155737] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 24.156772] ? __schedule+0xc70/0x27e0 [ 24.157429] ? __pfx_read_tsc+0x10/0x10 [ 24.158153] ? ktime_get_ts64+0x86/0x230 [ 24.159691] kunit_try_run_case+0x1b3/0x490 [ 24.160455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.161750] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.162345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.162799] ? __kthread_parkme+0x82/0x160 [ 24.163792] ? preempt_count_sub+0x50/0x80 [ 24.164350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.164833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.165541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.167589] kthread+0x257/0x310 [ 24.168207] ? __pfx_kthread+0x10/0x10 [ 24.168652] ret_from_fork+0x41/0x80 [ 24.169391] ? __pfx_kthread+0x10/0x10 [ 24.171065] ret_from_fork_asm+0x1a/0x30 [ 24.171543] </TASK> [ 24.172097] [ 24.172978] Allocated by task 194: [ 24.173649] kasan_save_stack+0x3d/0x60 [ 24.174132] kasan_save_track+0x18/0x40 [ 24.174546] kasan_save_alloc_info+0x3b/0x50 [ 24.176604] __kasan_kmalloc+0xb7/0xc0 [ 24.177329] __kmalloc_cache_noprof+0x184/0x410 [ 24.178533] kmalloc_uaf_memset+0xaa/0x360 [ 24.179061] kunit_try_run_case+0x1b3/0x490 [ 24.179508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.180060] kthread+0x257/0x310 [ 24.181953] ret_from_fork+0x41/0x80 [ 24.182328] ret_from_fork_asm+0x1a/0x30 [ 24.183085] [ 24.183297] Freed by task 194: [ 24.183626] kasan_save_stack+0x3d/0x60 [ 24.184036] kasan_save_track+0x18/0x40 [ 24.184304] kasan_save_free_info+0x3f/0x60 [ 24.185739] __kasan_slab_free+0x56/0x70 [ 24.186816] kfree+0x123/0x3f0 [ 24.188180] kmalloc_uaf_memset+0x12c/0x360 [ 24.189143] kunit_try_run_case+0x1b3/0x490 [ 24.190110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.190606] kthread+0x257/0x310 [ 24.190980] ret_from_fork+0x41/0x80 [ 24.191984] ret_from_fork_asm+0x1a/0x30 [ 24.192293] [ 24.192429] The buggy address belongs to the object at ffff888102470c00 [ 24.192429] which belongs to the cache kmalloc-64 of size 64 [ 24.195025] The buggy address is located 0 bytes inside of [ 24.195025] freed 64-byte region [ffff888102470c00, ffff888102470c40) [ 24.197223] [ 24.197830] The buggy address belongs to the physical page: [ 24.199279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102470 [ 24.200384] flags: 0x200000000000000(node=0|zone=2) [ 24.200819] page_type: f5(slab) [ 24.201306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.203106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.203732] page dumped because: kasan: bad access detected [ 24.204771] [ 24.205104] Memory state around the buggy address: [ 24.205693] ffff888102470b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.208160] ffff888102470b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.208686] >ffff888102470c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.208991] ^ [ 24.209149] ffff888102470c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.209416] ffff888102470d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.209681] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 33.659377] ================================================================== [ 33.660090] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.660090] [ 33.660843] Use-after-free read at 0x(____ptrval____) (in kfence-#114): [ 33.661839] test_use_after_free_read+0x12a/0x270 [ 33.662710] kunit_try_run_case+0x1b3/0x490 [ 33.663055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.663815] kthread+0x257/0x310 [ 33.664547] ret_from_fork+0x41/0x80 [ 33.664966] ret_from_fork_asm+0x1a/0x30 [ 33.665464] [ 33.665662] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.665662] [ 33.666683] allocated by task 305 on cpu 1 at 33.659142s (0.007536s ago): [ 33.667368] test_alloc+0x2a7/0x10d0 [ 33.667667] test_use_after_free_read+0xdd/0x270 [ 33.668275] kunit_try_run_case+0x1b3/0x490 [ 33.668809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.669511] kthread+0x257/0x310 [ 33.669806] ret_from_fork+0x41/0x80 [ 33.670101] ret_from_fork_asm+0x1a/0x30 [ 33.670440] [ 33.670866] freed by task 305 on cpu 1 at 33.659236s (0.011626s ago): [ 33.671864] test_use_after_free_read+0xfc/0x270 [ 33.672562] kunit_try_run_case+0x1b3/0x490 [ 33.672912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.673693] kthread+0x257/0x310 [ 33.674094] ret_from_fork+0x41/0x80 [ 33.674531] ret_from_fork_asm+0x1a/0x30 [ 33.674811] [ 33.675040] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 33.676271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.676822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.677985] ================================================================== [ 33.555485] ================================================================== [ 33.556362] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.556362] [ 33.557244] Use-after-free read at 0x(____ptrval____) (in kfence-#113): [ 33.558017] test_use_after_free_read+0x12a/0x270 [ 33.558380] kunit_try_run_case+0x1b3/0x490 [ 33.558683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.559460] kthread+0x257/0x310 [ 33.559996] ret_from_fork+0x41/0x80 [ 33.560414] ret_from_fork_asm+0x1a/0x30 [ 33.561157] [ 33.561420] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.561420] [ 33.562334] allocated by task 303 on cpu 0 at 33.555166s (0.007163s ago): [ 33.563102] test_alloc+0x35f/0x10d0 [ 33.563392] test_use_after_free_read+0xdd/0x270 [ 33.563764] kunit_try_run_case+0x1b3/0x490 [ 33.564404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.565255] kthread+0x257/0x310 [ 33.565674] ret_from_fork+0x41/0x80 [ 33.566248] ret_from_fork_asm+0x1a/0x30 [ 33.566708] [ 33.566883] freed by task 303 on cpu 0 at 33.555249s (0.011630s ago): [ 33.567348] test_use_after_free_read+0x1e9/0x270 [ 33.567699] kunit_try_run_case+0x1b3/0x490 [ 33.568348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.569306] kthread+0x257/0x310 [ 33.569865] ret_from_fork+0x41/0x80 [ 33.570560] ret_from_fork_asm+0x1a/0x30 [ 33.570977] [ 33.571378] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 33.572086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.572368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.573290] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 32.931354] ================================================================== [ 32.932165] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 32.932165] [ 32.932962] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#107): [ 32.934164] test_out_of_bounds_write+0x10e/0x260 [ 32.935366] kunit_try_run_case+0x1b3/0x490 [ 32.936172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.936692] kthread+0x257/0x310 [ 32.937717] ret_from_fork+0x41/0x80 [ 32.938119] ret_from_fork_asm+0x1a/0x30 [ 32.938953] [ 32.939403] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.939403] [ 32.940249] allocated by task 299 on cpu 0 at 32.931167s (0.009076s ago): [ 32.941647] test_alloc+0x35f/0x10d0 [ 32.942073] test_out_of_bounds_write+0xd5/0x260 [ 32.942769] kunit_try_run_case+0x1b3/0x490 [ 32.943443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.944232] kthread+0x257/0x310 [ 32.944839] ret_from_fork+0x41/0x80 [ 32.945619] ret_from_fork_asm+0x1a/0x30 [ 32.946374] [ 32.946820] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.948025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.948998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.950029] ================================================================== [ 33.451229] ================================================================== [ 33.451975] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.451975] [ 33.452814] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#112): [ 33.453507] test_out_of_bounds_write+0x10e/0x260 [ 33.453965] kunit_try_run_case+0x1b3/0x490 [ 33.454435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.455133] kthread+0x257/0x310 [ 33.455451] ret_from_fork+0x41/0x80 [ 33.455731] ret_from_fork_asm+0x1a/0x30 [ 33.456234] [ 33.456556] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.456556] [ 33.457305] allocated by task 301 on cpu 0 at 33.451136s (0.006162s ago): [ 33.458258] test_alloc+0x2a7/0x10d0 [ 33.458566] test_out_of_bounds_write+0xd5/0x260 [ 33.458969] kunit_try_run_case+0x1b3/0x490 [ 33.459478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.460123] kthread+0x257/0x310 [ 33.460405] ret_from_fork+0x41/0x80 [ 33.460676] ret_from_fork_asm+0x1a/0x30 [ 33.461024] [ 33.461397] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 33.462553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.462847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.465170] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 32.619260] ================================================================== [ 32.620179] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 32.620179] [ 32.621628] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#104): [ 32.622602] test_out_of_bounds_read+0x127/0x4e0 [ 32.623002] kunit_try_run_case+0x1b3/0x490 [ 32.623876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.624515] kthread+0x257/0x310 [ 32.625454] ret_from_fork+0x41/0x80 [ 32.625863] ret_from_fork_asm+0x1a/0x30 [ 32.626638] [ 32.626815] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.626815] [ 32.628116] allocated by task 297 on cpu 1 at 32.619168s (0.008942s ago): [ 32.628762] test_alloc+0x2a7/0x10d0 [ 32.629301] test_out_of_bounds_read+0xee/0x4e0 [ 32.629643] kunit_try_run_case+0x1b3/0x490 [ 32.630306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.630758] kthread+0x257/0x310 [ 32.631331] ret_from_fork+0x41/0x80 [ 32.631773] ret_from_fork_asm+0x1a/0x30 [ 32.632297] [ 32.632647] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.633643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.634155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.635031] ================================================================== [ 32.827237] ================================================================== [ 32.828022] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 32.828022] [ 32.828710] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#106): [ 32.829681] test_out_of_bounds_read+0x217/0x4e0 [ 32.830096] kunit_try_run_case+0x1b3/0x490 [ 32.830775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.831227] kthread+0x257/0x310 [ 32.831491] ret_from_fork+0x41/0x80 [ 32.831765] ret_from_fork_asm+0x1a/0x30 [ 32.832360] [ 32.832658] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 32.832658] [ 32.833450] allocated by task 297 on cpu 1 at 32.827148s (0.006296s ago): [ 32.834329] test_alloc+0x2a7/0x10d0 [ 32.834620] test_out_of_bounds_read+0x1e3/0x4e0 [ 32.834964] kunit_try_run_case+0x1b3/0x490 [ 32.835261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.835824] kthread+0x257/0x310 [ 32.836270] ret_from_fork+0x41/0x80 [ 32.836760] ret_from_fork_asm+0x1a/0x30 [ 32.837530] [ 32.837753] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.838746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.839137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.840165] ================================================================== [ 32.307517] ================================================================== [ 32.308297] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 32.308297] [ 32.309230] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#101): [ 32.310044] test_out_of_bounds_read+0x217/0x4e0 [ 32.310601] kunit_try_run_case+0x1b3/0x490 [ 32.310961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.311321] kthread+0x257/0x310 [ 32.311840] ret_from_fork+0x41/0x80 [ 32.312301] ret_from_fork_asm+0x1a/0x30 [ 32.312831] [ 32.313103] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.313103] [ 32.313764] allocated by task 295 on cpu 1 at 32.307193s (0.006566s ago): [ 32.314265] test_alloc+0x35f/0x10d0 [ 32.314755] test_out_of_bounds_read+0x1e3/0x4e0 [ 32.315338] kunit_try_run_case+0x1b3/0x490 [ 32.315908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.316613] kthread+0x257/0x310 [ 32.317083] ret_from_fork+0x41/0x80 [ 32.317456] ret_from_fork_asm+0x1a/0x30 [ 32.317913] [ 32.318139] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.318860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.319398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.320585] ================================================================== [ 32.205050] ================================================================== [ 32.205811] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 32.205811] [ 32.206712] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#100): [ 32.207520] test_out_of_bounds_read+0x127/0x4e0 [ 32.207954] kunit_try_run_case+0x1b3/0x490 [ 32.208391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.208908] kthread+0x257/0x310 [ 32.209295] ret_from_fork+0x41/0x80 [ 32.209726] ret_from_fork_asm+0x1a/0x30 [ 32.210180] [ 32.210432] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.210432] [ 32.211227] allocated by task 295 on cpu 1 at 32.203182s (0.008040s ago): [ 32.211997] test_alloc+0x35f/0x10d0 [ 32.212442] test_out_of_bounds_read+0xee/0x4e0 [ 32.212854] kunit_try_run_case+0x1b3/0x490 [ 32.213338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.213788] kthread+0x257/0x310 [ 32.214232] ret_from_fork+0x41/0x80 [ 32.214579] ret_from_fork_asm+0x1a/0x30 [ 32.215058] [ 32.215367] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.216233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.216738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.217539] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 22.147451] ================================================================== [ 22.149498] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x289/0x530 [ 22.149498] [ 22.150799] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#55): [ 22.152843] kmalloc_track_caller_oob_right+0x289/0x530 [ 22.153464] kunit_try_run_case+0x1b3/0x490 [ 22.153851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.154539] kthread+0x257/0x310 [ 22.154878] ret_from_fork+0x41/0x80 [ 22.155439] ret_from_fork_asm+0x1a/0x30 [ 22.155835] [ 22.156602] kfence-#55: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 22.156602] [ 22.158068] allocated by task 150 on cpu 1 at 22.143637s (0.014259s ago): [ 22.159171] kmalloc_track_caller_oob_right+0x19b/0x530 [ 22.159734] kunit_try_run_case+0x1b3/0x490 [ 22.160226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.160853] kthread+0x257/0x310 [ 22.161309] ret_from_fork+0x41/0x80 [ 22.161673] ret_from_fork_asm+0x1a/0x30 [ 22.162401] [ 22.162881] freed by task 150 on cpu 1 at 22.146569s (0.016161s ago): [ 22.163852] kmalloc_track_caller_oob_right+0x289/0x530 [ 22.164459] kunit_try_run_case+0x1b3/0x490 [ 22.164847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.165492] kthread+0x257/0x310 [ 22.165917] ret_from_fork+0x41/0x80 [ 22.166374] ret_from_fork_asm+0x1a/0x30 [ 22.166999] [ 22.167314] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.168433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.168883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.169914] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 32.047331] ================================================================== [ 32.047989] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 32.048958] Write of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 32.050077] [ 32.050359] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.050975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.051255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.052434] Call Trace: [ 32.052829] <TASK> [ 32.053388] dump_stack_lvl+0x73/0xb0 [ 32.053895] print_report+0xd1/0x640 [ 32.054373] ? __virt_addr_valid+0x1db/0x2d0 [ 32.054966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.055701] kasan_report+0x102/0x140 [ 32.056570] ? strncpy_from_user+0x2e/0x1e0 [ 32.056955] ? strncpy_from_user+0x2e/0x1e0 [ 32.057544] kasan_check_range+0x10c/0x1c0 [ 32.059853] __kasan_check_write+0x18/0x20 [ 32.060666] strncpy_from_user+0x2e/0x1e0 [ 32.061066] ? __kasan_check_read+0x15/0x20 [ 32.061580] copy_user_test_oob+0x761/0x10f0 [ 32.062202] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.062551] ? finish_task_switch.isra.0+0x153/0x700 [ 32.063136] ? __switch_to+0x5d9/0xf60 [ 32.063446] ? __schedule+0xc70/0x27e0 [ 32.063998] ? __pfx_read_tsc+0x10/0x10 [ 32.064458] ? ktime_get_ts64+0x86/0x230 [ 32.065038] kunit_try_run_case+0x1b3/0x490 [ 32.066138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.066580] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.067042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.067403] ? __kthread_parkme+0x82/0x160 [ 32.067906] ? preempt_count_sub+0x50/0x80 [ 32.068414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.068992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.069715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.070893] kthread+0x257/0x310 [ 32.071573] ? __pfx_kthread+0x10/0x10 [ 32.072041] ret_from_fork+0x41/0x80 [ 32.072513] ? __pfx_kthread+0x10/0x10 [ 32.072967] ret_from_fork_asm+0x1a/0x30 [ 32.073514] </TASK> [ 32.074123] [ 32.074345] Allocated by task 293: [ 32.074618] kasan_save_stack+0x3d/0x60 [ 32.075026] kasan_save_track+0x18/0x40 [ 32.075601] kasan_save_alloc_info+0x3b/0x50 [ 32.076231] __kasan_kmalloc+0xb7/0xc0 [ 32.076521] __kmalloc_noprof+0x1c4/0x500 [ 32.077064] kunit_kmalloc_array+0x25/0x60 [ 32.077670] copy_user_test_oob+0xac/0x10f0 [ 32.078161] kunit_try_run_case+0x1b3/0x490 [ 32.078728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.079117] kthread+0x257/0x310 [ 32.079427] ret_from_fork+0x41/0x80 [ 32.080167] ret_from_fork_asm+0x1a/0x30 [ 32.081091] [ 32.081296] The buggy address belongs to the object at ffff888102933c00 [ 32.081296] which belongs to the cache kmalloc-128 of size 128 [ 32.082697] The buggy address is located 0 bytes inside of [ 32.082697] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 32.083964] [ 32.084129] The buggy address belongs to the physical page: [ 32.084712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 32.086277] flags: 0x200000000000000(node=0|zone=2) [ 32.086873] page_type: f5(slab) [ 32.087799] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.088780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.089635] page dumped because: kasan: bad access detected [ 32.090725] [ 32.090977] Memory state around the buggy address: [ 32.092018] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.093446] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.094465] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.095199] ^ [ 32.096397] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.097239] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.097871] ================================================================== [ 32.099956] ================================================================== [ 32.100870] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 32.102433] Write of size 1 at addr ffff888102933c78 by task kunit_try_catch/293 [ 32.103025] [ 32.103594] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 32.105135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.105572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.107269] Call Trace: [ 32.107618] <TASK> [ 32.107844] dump_stack_lvl+0x73/0xb0 [ 32.108265] print_report+0xd1/0x640 [ 32.108666] ? __virt_addr_valid+0x1db/0x2d0 [ 32.109700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.110296] kasan_report+0x102/0x140 [ 32.111167] ? strncpy_from_user+0x1a7/0x1e0 [ 32.111799] ? strncpy_from_user+0x1a7/0x1e0 [ 32.112481] __asan_report_store1_noabort+0x1b/0x30 [ 32.112724] strncpy_from_user+0x1a7/0x1e0 [ 32.112953] copy_user_test_oob+0x761/0x10f0 [ 32.113266] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.114324] ? finish_task_switch.isra.0+0x153/0x700 [ 32.114769] ? __switch_to+0x5d9/0xf60 [ 32.115506] ? __schedule+0xc70/0x27e0 [ 32.115928] ? __pfx_read_tsc+0x10/0x10 [ 32.116408] ? ktime_get_ts64+0x86/0x230 [ 32.116957] kunit_try_run_case+0x1b3/0x490 [ 32.117473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.118713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.119147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.119778] ? __kthread_parkme+0x82/0x160 [ 32.120169] ? preempt_count_sub+0x50/0x80 [ 32.121446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.121919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.122875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.123520] kthread+0x257/0x310 [ 32.124358] ? __pfx_kthread+0x10/0x10 [ 32.124713] ret_from_fork+0x41/0x80 [ 32.125039] ? __pfx_kthread+0x10/0x10 [ 32.125593] ret_from_fork_asm+0x1a/0x30 [ 32.126168] </TASK> [ 32.126576] [ 32.126853] Allocated by task 293: [ 32.127138] kasan_save_stack+0x3d/0x60 [ 32.127696] kasan_save_track+0x18/0x40 [ 32.128239] kasan_save_alloc_info+0x3b/0x50 [ 32.128691] __kasan_kmalloc+0xb7/0xc0 [ 32.129123] __kmalloc_noprof+0x1c4/0x500 [ 32.129682] kunit_kmalloc_array+0x25/0x60 [ 32.130200] copy_user_test_oob+0xac/0x10f0 [ 32.130721] kunit_try_run_case+0x1b3/0x490 [ 32.131272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.131689] kthread+0x257/0x310 [ 32.132233] ret_from_fork+0x41/0x80 [ 32.132675] ret_from_fork_asm+0x1a/0x30 [ 32.132991] [ 32.133220] The buggy address belongs to the object at ffff888102933c00 [ 32.133220] which belongs to the cache kmalloc-128 of size 128 [ 32.134135] The buggy address is located 0 bytes to the right of [ 32.134135] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 32.135964] [ 32.136255] The buggy address belongs to the physical page: [ 32.136912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 32.137991] flags: 0x200000000000000(node=0|zone=2) [ 32.138572] page_type: f5(slab) [ 32.139074] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.139917] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.140922] page dumped because: kasan: bad access detected [ 32.141809] [ 32.142145] Memory state around the buggy address: [ 32.143003] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.144264] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.145077] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.145804] ^ [ 32.146925] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.148541] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.149126] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 31.889238] ================================================================== [ 31.891006] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 31.891586] Read of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 31.892349] [ 31.892739] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.894259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.894859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.895763] Call Trace: [ 31.896081] <TASK> [ 31.896504] dump_stack_lvl+0x73/0xb0 [ 31.897393] print_report+0xd1/0x640 [ 31.897848] ? __virt_addr_valid+0x1db/0x2d0 [ 31.898597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.899390] kasan_report+0x102/0x140 [ 31.899820] ? copy_user_test_oob+0x4ab/0x10f0 [ 31.900329] ? copy_user_test_oob+0x4ab/0x10f0 [ 31.900837] kasan_check_range+0x10c/0x1c0 [ 31.901253] __kasan_check_read+0x15/0x20 [ 31.901647] copy_user_test_oob+0x4ab/0x10f0 [ 31.902437] ? __pfx_copy_user_test_oob+0x10/0x10 [ 31.902917] ? finish_task_switch.isra.0+0x153/0x700 [ 31.903473] ? __switch_to+0x5d9/0xf60 [ 31.903913] ? __schedule+0xc70/0x27e0 [ 31.904364] ? __pfx_read_tsc+0x10/0x10 [ 31.904782] ? ktime_get_ts64+0x86/0x230 [ 31.905307] kunit_try_run_case+0x1b3/0x490 [ 31.905870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.906619] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.907075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.907786] ? __kthread_parkme+0x82/0x160 [ 31.908265] ? preempt_count_sub+0x50/0x80 [ 31.908881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.909551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.910204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.910845] kthread+0x257/0x310 [ 31.911350] ? __pfx_kthread+0x10/0x10 [ 31.911817] ret_from_fork+0x41/0x80 [ 31.912164] ? __pfx_kthread+0x10/0x10 [ 31.912717] ret_from_fork_asm+0x1a/0x30 [ 31.913329] </TASK> [ 31.913530] [ 31.913692] Allocated by task 293: [ 31.914227] kasan_save_stack+0x3d/0x60 [ 31.914822] kasan_save_track+0x18/0x40 [ 31.915363] kasan_save_alloc_info+0x3b/0x50 [ 31.915682] __kasan_kmalloc+0xb7/0xc0 [ 31.916123] __kmalloc_noprof+0x1c4/0x500 [ 31.916699] kunit_kmalloc_array+0x25/0x60 [ 31.917377] copy_user_test_oob+0xac/0x10f0 [ 31.917851] kunit_try_run_case+0x1b3/0x490 [ 31.918567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.919024] kthread+0x257/0x310 [ 31.919542] ret_from_fork+0x41/0x80 [ 31.919899] ret_from_fork_asm+0x1a/0x30 [ 31.920224] [ 31.920522] The buggy address belongs to the object at ffff888102933c00 [ 31.920522] which belongs to the cache kmalloc-128 of size 128 [ 31.922073] The buggy address is located 0 bytes inside of [ 31.922073] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 31.923214] [ 31.923525] The buggy address belongs to the physical page: [ 31.924157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.924829] flags: 0x200000000000000(node=0|zone=2) [ 31.925464] page_type: f5(slab) [ 31.925714] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.926477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.926916] page dumped because: kasan: bad access detected [ 31.927861] [ 31.928067] Memory state around the buggy address: [ 31.928559] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.929018] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.930112] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.930604] ^ [ 31.931645] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.933321] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.933917] ================================================================== [ 31.836924] ================================================================== [ 31.837757] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 31.838397] Write of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 31.839305] [ 31.839506] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.839912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.841202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.842615] Call Trace: [ 31.842981] <TASK> [ 31.843740] dump_stack_lvl+0x73/0xb0 [ 31.844140] print_report+0xd1/0x640 [ 31.844508] ? __virt_addr_valid+0x1db/0x2d0 [ 31.844985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.845902] kasan_report+0x102/0x140 [ 31.846570] ? copy_user_test_oob+0x3fe/0x10f0 [ 31.847031] ? copy_user_test_oob+0x3fe/0x10f0 [ 31.847755] kasan_check_range+0x10c/0x1c0 [ 31.848974] __kasan_check_write+0x18/0x20 [ 31.849491] copy_user_test_oob+0x3fe/0x10f0 [ 31.850008] ? __pfx_copy_user_test_oob+0x10/0x10 [ 31.850737] ? finish_task_switch.isra.0+0x153/0x700 [ 31.851099] ? __switch_to+0x5d9/0xf60 [ 31.851553] ? __schedule+0xc70/0x27e0 [ 31.852067] ? __pfx_read_tsc+0x10/0x10 [ 31.852417] ? ktime_get_ts64+0x86/0x230 [ 31.852913] kunit_try_run_case+0x1b3/0x490 [ 31.854058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.854800] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.855423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.856348] ? __kthread_parkme+0x82/0x160 [ 31.856721] ? preempt_count_sub+0x50/0x80 [ 31.857470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.858170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.858810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.859493] kthread+0x257/0x310 [ 31.859832] ? __pfx_kthread+0x10/0x10 [ 31.860327] ret_from_fork+0x41/0x80 [ 31.860706] ? __pfx_kthread+0x10/0x10 [ 31.861916] ret_from_fork_asm+0x1a/0x30 [ 31.862343] </TASK> [ 31.862902] [ 31.863413] Allocated by task 293: [ 31.863667] kasan_save_stack+0x3d/0x60 [ 31.864571] kasan_save_track+0x18/0x40 [ 31.865056] kasan_save_alloc_info+0x3b/0x50 [ 31.865848] __kasan_kmalloc+0xb7/0xc0 [ 31.866334] __kmalloc_noprof+0x1c4/0x500 [ 31.867177] kunit_kmalloc_array+0x25/0x60 [ 31.867854] copy_user_test_oob+0xac/0x10f0 [ 31.868474] kunit_try_run_case+0x1b3/0x490 [ 31.868902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.869739] kthread+0x257/0x310 [ 31.870422] ret_from_fork+0x41/0x80 [ 31.870910] ret_from_fork_asm+0x1a/0x30 [ 31.871724] [ 31.871922] The buggy address belongs to the object at ffff888102933c00 [ 31.871922] which belongs to the cache kmalloc-128 of size 128 [ 31.873256] The buggy address is located 0 bytes inside of [ 31.873256] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 31.875159] [ 31.875496] The buggy address belongs to the physical page: [ 31.876116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.877399] flags: 0x200000000000000(node=0|zone=2) [ 31.878080] page_type: f5(slab) [ 31.878556] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.879755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.880342] page dumped because: kasan: bad access detected [ 31.881161] [ 31.881417] Memory state around the buggy address: [ 31.882229] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.882926] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.884176] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.884800] ^ [ 31.885248] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.886486] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.887486] ================================================================== [ 31.992696] ================================================================== [ 31.995170] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 31.996577] Read of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 31.997833] [ 31.998522] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.999650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.000429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.001830] Call Trace: [ 32.002843] <TASK> [ 32.003148] dump_stack_lvl+0x73/0xb0 [ 32.003763] print_report+0xd1/0x640 [ 32.004435] ? __virt_addr_valid+0x1db/0x2d0 [ 32.005112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.006047] kasan_report+0x102/0x140 [ 32.006508] ? copy_user_test_oob+0x605/0x10f0 [ 32.006975] ? copy_user_test_oob+0x605/0x10f0 [ 32.008178] kasan_check_range+0x10c/0x1c0 [ 32.008584] __kasan_check_read+0x15/0x20 [ 32.009300] copy_user_test_oob+0x605/0x10f0 [ 32.009970] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.010609] ? finish_task_switch.isra.0+0x153/0x700 [ 32.011510] ? __switch_to+0x5d9/0xf60 [ 32.012058] ? __schedule+0xc70/0x27e0 [ 32.013562] ? __pfx_read_tsc+0x10/0x10 [ 32.014085] ? ktime_get_ts64+0x86/0x230 [ 32.014684] kunit_try_run_case+0x1b3/0x490 [ 32.015505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.016033] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.016858] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.017586] ? __kthread_parkme+0x82/0x160 [ 32.017830] ? preempt_count_sub+0x50/0x80 [ 32.018171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.019157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.019728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.021004] kthread+0x257/0x310 [ 32.021485] ? __pfx_kthread+0x10/0x10 [ 32.022051] ret_from_fork+0x41/0x80 [ 32.022911] ? __pfx_kthread+0x10/0x10 [ 32.024003] ret_from_fork_asm+0x1a/0x30 [ 32.024499] </TASK> [ 32.024827] [ 32.025070] Allocated by task 293: [ 32.025430] kasan_save_stack+0x3d/0x60 [ 32.025899] kasan_save_track+0x18/0x40 [ 32.026325] kasan_save_alloc_info+0x3b/0x50 [ 32.027504] __kasan_kmalloc+0xb7/0xc0 [ 32.027706] __kmalloc_noprof+0x1c4/0x500 [ 32.027894] kunit_kmalloc_array+0x25/0x60 [ 32.028164] copy_user_test_oob+0xac/0x10f0 [ 32.028884] kunit_try_run_case+0x1b3/0x490 [ 32.029825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.030539] kthread+0x257/0x310 [ 32.030960] ret_from_fork+0x41/0x80 [ 32.031453] ret_from_fork_asm+0x1a/0x30 [ 32.031841] [ 32.032147] The buggy address belongs to the object at ffff888102933c00 [ 32.032147] which belongs to the cache kmalloc-128 of size 128 [ 32.033485] The buggy address is located 0 bytes inside of [ 32.033485] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 32.034628] [ 32.034883] The buggy address belongs to the physical page: [ 32.035278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 32.036445] flags: 0x200000000000000(node=0|zone=2) [ 32.037666] page_type: f5(slab) [ 32.038315] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.039004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.039647] page dumped because: kasan: bad access detected [ 32.040105] [ 32.040303] Memory state around the buggy address: [ 32.040857] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.041411] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.042355] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.043451] ^ [ 32.044108] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.044559] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.045712] ================================================================== [ 31.935704] ================================================================== [ 31.936525] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 31.937391] Write of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 31.938257] [ 31.938534] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.939292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.939852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.941021] Call Trace: [ 31.942039] <TASK> [ 31.942703] dump_stack_lvl+0x73/0xb0 [ 31.943152] print_report+0xd1/0x640 [ 31.943561] ? __virt_addr_valid+0x1db/0x2d0 [ 31.944018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.945728] kasan_report+0x102/0x140 [ 31.946431] ? copy_user_test_oob+0x558/0x10f0 [ 31.947103] ? copy_user_test_oob+0x558/0x10f0 [ 31.947796] kasan_check_range+0x10c/0x1c0 [ 31.948296] __kasan_check_write+0x18/0x20 [ 31.948718] copy_user_test_oob+0x558/0x10f0 [ 31.949622] ? __pfx_copy_user_test_oob+0x10/0x10 [ 31.950393] ? finish_task_switch.isra.0+0x153/0x700 [ 31.950896] ? __switch_to+0x5d9/0xf60 [ 31.951765] ? __schedule+0xc70/0x27e0 [ 31.952401] ? __pfx_read_tsc+0x10/0x10 [ 31.953061] ? ktime_get_ts64+0x86/0x230 [ 31.953756] kunit_try_run_case+0x1b3/0x490 [ 31.954586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.955384] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.956020] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.956593] ? __kthread_parkme+0x82/0x160 [ 31.957442] ? preempt_count_sub+0x50/0x80 [ 31.957977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.958499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.959100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.959634] kthread+0x257/0x310 [ 31.960088] ? __pfx_kthread+0x10/0x10 [ 31.960863] ret_from_fork+0x41/0x80 [ 31.961999] ? __pfx_kthread+0x10/0x10 [ 31.962623] ret_from_fork_asm+0x1a/0x30 [ 31.963102] </TASK> [ 31.964036] [ 31.964316] Allocated by task 293: [ 31.964866] kasan_save_stack+0x3d/0x60 [ 31.965617] kasan_save_track+0x18/0x40 [ 31.966074] kasan_save_alloc_info+0x3b/0x50 [ 31.966382] __kasan_kmalloc+0xb7/0xc0 [ 31.966742] __kmalloc_noprof+0x1c4/0x500 [ 31.967848] kunit_kmalloc_array+0x25/0x60 [ 31.968178] copy_user_test_oob+0xac/0x10f0 [ 31.969267] kunit_try_run_case+0x1b3/0x490 [ 31.969837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.970691] kthread+0x257/0x310 [ 31.971420] ret_from_fork+0x41/0x80 [ 31.971911] ret_from_fork_asm+0x1a/0x30 [ 31.972896] [ 31.973167] The buggy address belongs to the object at ffff888102933c00 [ 31.973167] which belongs to the cache kmalloc-128 of size 128 [ 31.974625] The buggy address is located 0 bytes inside of [ 31.974625] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 31.976417] [ 31.976815] The buggy address belongs to the physical page: [ 31.977627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.978342] flags: 0x200000000000000(node=0|zone=2) [ 31.979318] page_type: f5(slab) [ 31.979908] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.980783] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.981901] page dumped because: kasan: bad access detected [ 31.982622] [ 31.983019] Memory state around the buggy address: [ 31.983963] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.984767] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.986480] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.987139] ^ [ 31.988286] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.989165] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.990039] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 31.784899] ================================================================== [ 31.785843] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 31.786663] Read of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 31.787491] [ 31.787958] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.789191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.789567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.790797] Call Trace: [ 31.791133] <TASK> [ 31.791413] dump_stack_lvl+0x73/0xb0 [ 31.791837] print_report+0xd1/0x640 [ 31.793523] ? __virt_addr_valid+0x1db/0x2d0 [ 31.793851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.794537] kasan_report+0x102/0x140 [ 31.795346] ? _copy_to_user+0x4a/0x70 [ 31.795735] ? _copy_to_user+0x4a/0x70 [ 31.795976] kasan_check_range+0x10c/0x1c0 [ 31.796788] __kasan_check_read+0x15/0x20 [ 31.797223] _copy_to_user+0x4a/0x70 [ 31.797605] copy_user_test_oob+0x365/0x10f0 [ 31.798062] ? __pfx_copy_user_test_oob+0x10/0x10 [ 31.798517] ? finish_task_switch.isra.0+0x153/0x700 [ 31.799145] ? __switch_to+0x5d9/0xf60 [ 31.799445] ? __schedule+0xc70/0x27e0 [ 31.799743] ? __pfx_read_tsc+0x10/0x10 [ 31.800355] ? ktime_get_ts64+0x86/0x230 [ 31.801002] kunit_try_run_case+0x1b3/0x490 [ 31.801526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.801868] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.802492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.803297] ? __kthread_parkme+0x82/0x160 [ 31.803996] ? preempt_count_sub+0x50/0x80 [ 31.804735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.805631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.806029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.806704] kthread+0x257/0x310 [ 31.807314] ? __pfx_kthread+0x10/0x10 [ 31.807967] ret_from_fork+0x41/0x80 [ 31.808624] ? __pfx_kthread+0x10/0x10 [ 31.809369] ret_from_fork_asm+0x1a/0x30 [ 31.809924] </TASK> [ 31.810110] [ 31.810228] Allocated by task 293: [ 31.810403] kasan_save_stack+0x3d/0x60 [ 31.810598] kasan_save_track+0x18/0x40 [ 31.810780] kasan_save_alloc_info+0x3b/0x50 [ 31.811061] __kasan_kmalloc+0xb7/0xc0 [ 31.811334] __kmalloc_noprof+0x1c4/0x500 [ 31.811633] kunit_kmalloc_array+0x25/0x60 [ 31.812122] copy_user_test_oob+0xac/0x10f0 [ 31.812606] kunit_try_run_case+0x1b3/0x490 [ 31.813186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.813799] kthread+0x257/0x310 [ 31.814098] ret_from_fork+0x41/0x80 [ 31.814373] ret_from_fork_asm+0x1a/0x30 [ 31.814666] [ 31.815216] The buggy address belongs to the object at ffff888102933c00 [ 31.815216] which belongs to the cache kmalloc-128 of size 128 [ 31.817668] The buggy address is located 0 bytes inside of [ 31.817668] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 31.818918] [ 31.819257] The buggy address belongs to the physical page: [ 31.819791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.820483] flags: 0x200000000000000(node=0|zone=2) [ 31.821123] page_type: f5(slab) [ 31.821425] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.821976] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.822754] page dumped because: kasan: bad access detected [ 31.823350] [ 31.823571] Memory state around the buggy address: [ 31.824136] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.824763] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.825480] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.826314] ^ [ 31.826754] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.827356] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.828151] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 31.728883] ================================================================== [ 31.730487] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 31.730848] Write of size 121 at addr ffff888102933c00 by task kunit_try_catch/293 [ 31.731708] [ 31.731965] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.733657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.734397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.735256] Call Trace: [ 31.735406] <TASK> [ 31.735542] dump_stack_lvl+0x73/0xb0 [ 31.735750] print_report+0xd1/0x640 [ 31.736008] ? __virt_addr_valid+0x1db/0x2d0 [ 31.736448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.737873] kasan_report+0x102/0x140 [ 31.738401] ? _copy_from_user+0x33/0xa0 [ 31.738977] ? _copy_from_user+0x33/0xa0 [ 31.739444] kasan_check_range+0x10c/0x1c0 [ 31.740530] __kasan_check_write+0x18/0x20 [ 31.740998] _copy_from_user+0x33/0xa0 [ 31.741534] copy_user_test_oob+0x2bf/0x10f0 [ 31.742025] ? __pfx_copy_user_test_oob+0x10/0x10 [ 31.743031] ? finish_task_switch.isra.0+0x153/0x700 [ 31.743659] ? __switch_to+0x5d9/0xf60 [ 31.744150] ? __schedule+0xc70/0x27e0 [ 31.744602] ? __pfx_read_tsc+0x10/0x10 [ 31.745104] ? ktime_get_ts64+0x86/0x230 [ 31.745683] kunit_try_run_case+0x1b3/0x490 [ 31.746183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.746754] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.747402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.747972] ? __kthread_parkme+0x82/0x160 [ 31.748618] ? preempt_count_sub+0x50/0x80 [ 31.749051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.749689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.750498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.751126] kthread+0x257/0x310 [ 31.751482] ? __pfx_kthread+0x10/0x10 [ 31.751912] ret_from_fork+0x41/0x80 [ 31.752429] ? __pfx_kthread+0x10/0x10 [ 31.752824] ret_from_fork_asm+0x1a/0x30 [ 31.753596] </TASK> [ 31.753831] [ 31.754197] Allocated by task 293: [ 31.754551] kasan_save_stack+0x3d/0x60 [ 31.755123] kasan_save_track+0x18/0x40 [ 31.755670] kasan_save_alloc_info+0x3b/0x50 [ 31.756255] __kasan_kmalloc+0xb7/0xc0 [ 31.756811] __kmalloc_noprof+0x1c4/0x500 [ 31.757391] kunit_kmalloc_array+0x25/0x60 [ 31.757903] copy_user_test_oob+0xac/0x10f0 [ 31.758455] kunit_try_run_case+0x1b3/0x490 [ 31.759038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.759755] kthread+0x257/0x310 [ 31.760690] ret_from_fork+0x41/0x80 [ 31.761400] ret_from_fork_asm+0x1a/0x30 [ 31.761892] [ 31.762084] The buggy address belongs to the object at ffff888102933c00 [ 31.762084] which belongs to the cache kmalloc-128 of size 128 [ 31.763654] The buggy address is located 0 bytes inside of [ 31.763654] allocated 120-byte region [ffff888102933c00, ffff888102933c78) [ 31.765186] [ 31.765680] The buggy address belongs to the physical page: [ 31.766443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.767622] flags: 0x200000000000000(node=0|zone=2) [ 31.768488] page_type: f5(slab) [ 31.769073] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.770048] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.770816] page dumped because: kasan: bad access detected [ 31.771736] [ 31.772135] Memory state around the buggy address: [ 31.773312] ffff888102933b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.774235] ffff888102933b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.774714] >ffff888102933c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.775768] ^ [ 31.776498] ffff888102933c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.777284] ffff888102933d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.778017] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 31.657053] ================================================================== [ 31.658022] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 31.659540] Write of size 8 at addr ffff888102933878 by task kunit_try_catch/289 [ 31.661219] [ 31.661490] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.663284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.663601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.665614] Call Trace: [ 31.666015] <TASK> [ 31.666469] dump_stack_lvl+0x73/0xb0 [ 31.666805] print_report+0xd1/0x640 [ 31.667420] ? __virt_addr_valid+0x1db/0x2d0 [ 31.667848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.668504] kasan_report+0x102/0x140 [ 31.669182] ? copy_to_kernel_nofault+0x99/0x260 [ 31.670027] ? copy_to_kernel_nofault+0x99/0x260 [ 31.670440] kasan_check_range+0x10c/0x1c0 [ 31.670975] __kasan_check_write+0x18/0x20 [ 31.671470] copy_to_kernel_nofault+0x99/0x260 [ 31.672112] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 31.672474] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 31.673163] ? finish_task_switch.isra.0+0x153/0x700 [ 31.673635] ? __schedule+0xc70/0x27e0 [ 31.674152] ? trace_hardirqs_on+0x37/0xe0 [ 31.674584] ? __pfx_read_tsc+0x10/0x10 [ 31.675135] ? ktime_get_ts64+0x86/0x230 [ 31.675462] kunit_try_run_case+0x1b3/0x490 [ 31.676257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.676757] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.677341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.678207] ? __kthread_parkme+0x82/0x160 [ 31.678522] ? preempt_count_sub+0x50/0x80 [ 31.679111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.679563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.680180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.680727] kthread+0x257/0x310 [ 31.681211] ? __pfx_kthread+0x10/0x10 [ 31.681682] ret_from_fork+0x41/0x80 [ 31.682269] ? __pfx_kthread+0x10/0x10 [ 31.682585] ret_from_fork_asm+0x1a/0x30 [ 31.683107] </TASK> [ 31.683540] [ 31.683876] Allocated by task 289: [ 31.684181] kasan_save_stack+0x3d/0x60 [ 31.684489] kasan_save_track+0x18/0x40 [ 31.685060] kasan_save_alloc_info+0x3b/0x50 [ 31.685466] __kasan_kmalloc+0xb7/0xc0 [ 31.685968] __kmalloc_cache_noprof+0x184/0x410 [ 31.686557] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 31.687169] kunit_try_run_case+0x1b3/0x490 [ 31.687606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.687990] kthread+0x257/0x310 [ 31.688493] ret_from_fork+0x41/0x80 [ 31.689175] ret_from_fork_asm+0x1a/0x30 [ 31.689484] [ 31.689830] The buggy address belongs to the object at ffff888102933800 [ 31.689830] which belongs to the cache kmalloc-128 of size 128 [ 31.690656] The buggy address is located 0 bytes to the right of [ 31.690656] allocated 120-byte region [ffff888102933800, ffff888102933878) [ 31.692066] [ 31.692246] The buggy address belongs to the physical page: [ 31.693183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.693866] flags: 0x200000000000000(node=0|zone=2) [ 31.694628] page_type: f5(slab) [ 31.694996] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.695449] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.696367] page dumped because: kasan: bad access detected [ 31.697258] [ 31.697518] Memory state around the buggy address: [ 31.697953] ffff888102933700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.698694] ffff888102933780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.699576] >ffff888102933800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.700157] ^ [ 31.700808] ffff888102933880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.701380] ffff888102933900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.702387] ================================================================== [ 31.612543] ================================================================== [ 31.613909] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 31.614791] Read of size 8 at addr ffff888102933878 by task kunit_try_catch/289 [ 31.615462] [ 31.615992] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.617242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.617579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.618653] Call Trace: [ 31.619047] <TASK> [ 31.619619] dump_stack_lvl+0x73/0xb0 [ 31.620129] print_report+0xd1/0x640 [ 31.620609] ? __virt_addr_valid+0x1db/0x2d0 [ 31.621053] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.621679] kasan_report+0x102/0x140 [ 31.622052] ? copy_to_kernel_nofault+0x225/0x260 [ 31.622603] ? copy_to_kernel_nofault+0x225/0x260 [ 31.623165] __asan_report_load8_noabort+0x18/0x20 [ 31.623648] copy_to_kernel_nofault+0x225/0x260 [ 31.624087] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 31.624426] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 31.624873] ? finish_task_switch.isra.0+0x153/0x700 [ 31.625748] ? __schedule+0xc70/0x27e0 [ 31.626303] ? trace_hardirqs_on+0x37/0xe0 [ 31.626906] ? __pfx_read_tsc+0x10/0x10 [ 31.627522] ? ktime_get_ts64+0x86/0x230 [ 31.628076] kunit_try_run_case+0x1b3/0x490 [ 31.628407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.629357] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.630035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.630471] ? __kthread_parkme+0x82/0x160 [ 31.630925] ? preempt_count_sub+0x50/0x80 [ 31.631754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.632272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.632897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.633467] kthread+0x257/0x310 [ 31.633983] ? __pfx_kthread+0x10/0x10 [ 31.634447] ret_from_fork+0x41/0x80 [ 31.634878] ? __pfx_kthread+0x10/0x10 [ 31.635465] ret_from_fork_asm+0x1a/0x30 [ 31.636023] </TASK> [ 31.636404] [ 31.636776] Allocated by task 289: [ 31.637107] kasan_save_stack+0x3d/0x60 [ 31.637545] kasan_save_track+0x18/0x40 [ 31.638045] kasan_save_alloc_info+0x3b/0x50 [ 31.638584] __kasan_kmalloc+0xb7/0xc0 [ 31.638996] __kmalloc_cache_noprof+0x184/0x410 [ 31.639372] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 31.640146] kunit_try_run_case+0x1b3/0x490 [ 31.640712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.641300] kthread+0x257/0x310 [ 31.641596] ret_from_fork+0x41/0x80 [ 31.641908] ret_from_fork_asm+0x1a/0x30 [ 31.642376] [ 31.642652] The buggy address belongs to the object at ffff888102933800 [ 31.642652] which belongs to the cache kmalloc-128 of size 128 [ 31.643919] The buggy address is located 0 bytes to the right of [ 31.643919] allocated 120-byte region [ffff888102933800, ffff888102933878) [ 31.645255] [ 31.645449] The buggy address belongs to the physical page: [ 31.645974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 31.647046] flags: 0x200000000000000(node=0|zone=2) [ 31.647714] page_type: f5(slab) [ 31.648146] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.648755] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.649822] page dumped because: kasan: bad access detected [ 31.650410] [ 31.650690] Memory state around the buggy address: [ 31.651577] ffff888102933700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 31.652286] ffff888102933780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.652746] >ffff888102933800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.653222] ^ [ 31.654340] ffff888102933880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.655047] ffff888102933900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.655575] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 28.862205] ================================================================== [ 28.864294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 28.864984] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.865841] [ 28.866344] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.867318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.867819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.869784] Call Trace: [ 28.870124] <TASK> [ 28.870402] dump_stack_lvl+0x73/0xb0 [ 28.870828] print_report+0xd1/0x640 [ 28.871127] ? __virt_addr_valid+0x1db/0x2d0 [ 28.871958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.873205] kasan_report+0x102/0x140 [ 28.873732] ? kasan_atomics_helper+0x730/0x5450 [ 28.874489] ? kasan_atomics_helper+0x730/0x5450 [ 28.875138] kasan_check_range+0x10c/0x1c0 [ 28.875483] __kasan_check_write+0x18/0x20 [ 28.875794] kasan_atomics_helper+0x730/0x5450 [ 28.876482] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.877512] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.877987] ? trace_hardirqs_on+0x37/0xe0 [ 28.879066] ? kasan_atomics+0x153/0x310 [ 28.879441] kasan_atomics+0x1dd/0x310 [ 28.879823] ? __pfx_kasan_atomics+0x10/0x10 [ 28.880231] ? __pfx_kasan_atomics+0x10/0x10 [ 28.880694] kunit_try_run_case+0x1b3/0x490 [ 28.882623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.883328] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.883825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.884674] ? __kthread_parkme+0x82/0x160 [ 28.885324] ? preempt_count_sub+0x50/0x80 [ 28.885751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.886686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.887221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.888226] kthread+0x257/0x310 [ 28.888617] ? __pfx_kthread+0x10/0x10 [ 28.889419] ret_from_fork+0x41/0x80 [ 28.889728] ? __pfx_kthread+0x10/0x10 [ 28.890654] ret_from_fork_asm+0x1a/0x30 [ 28.891127] </TASK> [ 28.891348] [ 28.891612] Allocated by task 273: [ 28.891885] kasan_save_stack+0x3d/0x60 [ 28.893012] kasan_save_track+0x18/0x40 [ 28.893435] kasan_save_alloc_info+0x3b/0x50 [ 28.893876] __kasan_kmalloc+0xb7/0xc0 [ 28.894249] __kmalloc_cache_noprof+0x184/0x410 [ 28.894675] kasan_atomics+0x96/0x310 [ 28.895646] kunit_try_run_case+0x1b3/0x490 [ 28.895975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.897385] kthread+0x257/0x310 [ 28.897800] ret_from_fork+0x41/0x80 [ 28.898297] ret_from_fork_asm+0x1a/0x30 [ 28.899090] [ 28.899613] The buggy address belongs to the object at ffff888102486200 [ 28.899613] which belongs to the cache kmalloc-64 of size 64 [ 28.900761] The buggy address is located 0 bytes to the right of [ 28.900761] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.902363] [ 28.902806] The buggy address belongs to the physical page: [ 28.903629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.904511] flags: 0x200000000000000(node=0|zone=2) [ 28.904744] page_type: f5(slab) [ 28.904912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.905429] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.906767] page dumped because: kasan: bad access detected [ 28.907165] [ 28.907431] Memory state around the buggy address: [ 28.908141] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.909549] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.910136] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.911120] ^ [ 28.911738] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.912994] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.913647] ================================================================== [ 30.462356] ================================================================== [ 30.463920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 30.465346] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.466148] [ 30.466459] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.467427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.467977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.469020] Call Trace: [ 30.469501] <TASK> [ 30.469891] dump_stack_lvl+0x73/0xb0 [ 30.470303] print_report+0xd1/0x640 [ 30.470802] ? __virt_addr_valid+0x1db/0x2d0 [ 30.471388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.472103] kasan_report+0x102/0x140 [ 30.472591] ? kasan_atomics_helper+0x1819/0x5450 [ 30.473330] ? kasan_atomics_helper+0x1819/0x5450 [ 30.473786] kasan_check_range+0x10c/0x1c0 [ 30.474208] __kasan_check_write+0x18/0x20 [ 30.474795] kasan_atomics_helper+0x1819/0x5450 [ 30.475434] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.475837] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.476500] ? trace_hardirqs_on+0x37/0xe0 [ 30.477247] ? kasan_atomics+0x153/0x310 [ 30.477677] kasan_atomics+0x1dd/0x310 [ 30.478041] ? __pfx_kasan_atomics+0x10/0x10 [ 30.478646] ? __pfx_kasan_atomics+0x10/0x10 [ 30.479292] kunit_try_run_case+0x1b3/0x490 [ 30.479636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.479982] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.480682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.481646] ? __kthread_parkme+0x82/0x160 [ 30.482032] ? preempt_count_sub+0x50/0x80 [ 30.482738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.483231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.483747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.484762] kthread+0x257/0x310 [ 30.485104] ? __pfx_kthread+0x10/0x10 [ 30.485343] ret_from_fork+0x41/0x80 [ 30.485525] ? __pfx_kthread+0x10/0x10 [ 30.485709] ret_from_fork_asm+0x1a/0x30 [ 30.485926] </TASK> [ 30.486304] [ 30.486682] Allocated by task 273: [ 30.486996] kasan_save_stack+0x3d/0x60 [ 30.487727] kasan_save_track+0x18/0x40 [ 30.488642] kasan_save_alloc_info+0x3b/0x50 [ 30.489536] __kasan_kmalloc+0xb7/0xc0 [ 30.490157] __kmalloc_cache_noprof+0x184/0x410 [ 30.490894] kasan_atomics+0x96/0x310 [ 30.491505] kunit_try_run_case+0x1b3/0x490 [ 30.492007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.492593] kthread+0x257/0x310 [ 30.493037] ret_from_fork+0x41/0x80 [ 30.493483] ret_from_fork_asm+0x1a/0x30 [ 30.493996] [ 30.494381] The buggy address belongs to the object at ffff888102486200 [ 30.494381] which belongs to the cache kmalloc-64 of size 64 [ 30.495647] The buggy address is located 0 bytes to the right of [ 30.495647] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.496962] [ 30.497281] The buggy address belongs to the physical page: [ 30.497757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.498620] flags: 0x200000000000000(node=0|zone=2) [ 30.499308] page_type: f5(slab) [ 30.499775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.500663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.501585] page dumped because: kasan: bad access detected [ 30.502231] [ 30.502513] Memory state around the buggy address: [ 30.503050] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.503838] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.504688] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.505391] ^ [ 30.506164] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.506859] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.507686] ================================================================== [ 28.623333] ================================================================== [ 28.624122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 28.625033] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.625767] [ 28.626097] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.627725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.628323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.629256] Call Trace: [ 28.629519] <TASK> [ 28.630182] dump_stack_lvl+0x73/0xb0 [ 28.630566] print_report+0xd1/0x640 [ 28.630959] ? __virt_addr_valid+0x1db/0x2d0 [ 28.631713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.632157] kasan_report+0x102/0x140 [ 28.632981] ? kasan_atomics_helper+0x4a1/0x5450 [ 28.633738] ? kasan_atomics_helper+0x4a1/0x5450 [ 28.634601] kasan_check_range+0x10c/0x1c0 [ 28.635014] __kasan_check_write+0x18/0x20 [ 28.635814] kasan_atomics_helper+0x4a1/0x5450 [ 28.636288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.636913] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.637447] ? trace_hardirqs_on+0x37/0xe0 [ 28.637884] ? kasan_atomics+0x153/0x310 [ 28.638282] kasan_atomics+0x1dd/0x310 [ 28.639177] ? __pfx_kasan_atomics+0x10/0x10 [ 28.639729] ? __pfx_kasan_atomics+0x10/0x10 [ 28.640153] kunit_try_run_case+0x1b3/0x490 [ 28.640994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.641619] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.642074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.642959] ? __kthread_parkme+0x82/0x160 [ 28.643527] ? preempt_count_sub+0x50/0x80 [ 28.643949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.644781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.645374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.646050] kthread+0x257/0x310 [ 28.646545] ? __pfx_kthread+0x10/0x10 [ 28.646985] ret_from_fork+0x41/0x80 [ 28.647872] ? __pfx_kthread+0x10/0x10 [ 28.648280] ret_from_fork_asm+0x1a/0x30 [ 28.648745] </TASK> [ 28.649360] [ 28.649561] Allocated by task 273: [ 28.649891] kasan_save_stack+0x3d/0x60 [ 28.650629] kasan_save_track+0x18/0x40 [ 28.651281] kasan_save_alloc_info+0x3b/0x50 [ 28.651714] __kasan_kmalloc+0xb7/0xc0 [ 28.652096] __kmalloc_cache_noprof+0x184/0x410 [ 28.653096] kasan_atomics+0x96/0x310 [ 28.653361] kunit_try_run_case+0x1b3/0x490 [ 28.654275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.655005] kthread+0x257/0x310 [ 28.655422] ret_from_fork+0x41/0x80 [ 28.656025] ret_from_fork_asm+0x1a/0x30 [ 28.656646] [ 28.656901] The buggy address belongs to the object at ffff888102486200 [ 28.656901] which belongs to the cache kmalloc-64 of size 64 [ 28.658221] The buggy address is located 0 bytes to the right of [ 28.658221] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.659136] [ 28.659353] The buggy address belongs to the physical page: [ 28.659757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.661287] flags: 0x200000000000000(node=0|zone=2) [ 28.661877] page_type: f5(slab) [ 28.662291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.663169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.664067] page dumped because: kasan: bad access detected [ 28.664867] [ 28.665240] Memory state around the buggy address: [ 28.666040] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.666726] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.667487] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.668256] ^ [ 28.668739] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.669572] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.670585] ================================================================== [ 30.316221] ================================================================== [ 30.317662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 30.318181] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.320698] [ 30.320967] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.321983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.322428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.323496] Call Trace: [ 30.323828] <TASK> [ 30.324215] dump_stack_lvl+0x73/0xb0 [ 30.324649] print_report+0xd1/0x640 [ 30.325167] ? __virt_addr_valid+0x1db/0x2d0 [ 30.325539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.326306] kasan_report+0x102/0x140 [ 30.326888] ? kasan_atomics_helper+0x1650/0x5450 [ 30.327486] ? kasan_atomics_helper+0x1650/0x5450 [ 30.327882] kasan_check_range+0x10c/0x1c0 [ 30.328477] __kasan_check_write+0x18/0x20 [ 30.329100] kasan_atomics_helper+0x1650/0x5450 [ 30.329858] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.330420] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.330989] ? trace_hardirqs_on+0x37/0xe0 [ 30.331569] ? kasan_atomics+0x153/0x310 [ 30.331989] kasan_atomics+0x1dd/0x310 [ 30.332441] ? __pfx_kasan_atomics+0x10/0x10 [ 30.332977] ? __pfx_kasan_atomics+0x10/0x10 [ 30.333299] kunit_try_run_case+0x1b3/0x490 [ 30.333910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.334652] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.335156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.335624] ? __kthread_parkme+0x82/0x160 [ 30.336055] ? preempt_count_sub+0x50/0x80 [ 30.336680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.337222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.337988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.338492] kthread+0x257/0x310 [ 30.338893] ? __pfx_kthread+0x10/0x10 [ 30.339396] ret_from_fork+0x41/0x80 [ 30.339852] ? __pfx_kthread+0x10/0x10 [ 30.340388] ret_from_fork_asm+0x1a/0x30 [ 30.341458] </TASK> [ 30.342271] [ 30.342531] Allocated by task 273: [ 30.343610] kasan_save_stack+0x3d/0x60 [ 30.344137] kasan_save_track+0x18/0x40 [ 30.344481] kasan_save_alloc_info+0x3b/0x50 [ 30.345027] __kasan_kmalloc+0xb7/0xc0 [ 30.345604] __kmalloc_cache_noprof+0x184/0x410 [ 30.346174] kasan_atomics+0x96/0x310 [ 30.346591] kunit_try_run_case+0x1b3/0x490 [ 30.347130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.347637] kthread+0x257/0x310 [ 30.348158] ret_from_fork+0x41/0x80 [ 30.348488] ret_from_fork_asm+0x1a/0x30 [ 30.349107] [ 30.349317] The buggy address belongs to the object at ffff888102486200 [ 30.349317] which belongs to the cache kmalloc-64 of size 64 [ 30.350473] The buggy address is located 0 bytes to the right of [ 30.350473] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.351641] [ 30.351925] The buggy address belongs to the physical page: [ 30.352449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.353370] flags: 0x200000000000000(node=0|zone=2) [ 30.353897] page_type: f5(slab) [ 30.354437] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.354989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.355781] page dumped because: kasan: bad access detected [ 30.356197] [ 30.356452] Memory state around the buggy address: [ 30.357126] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.358069] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.358531] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.359094] ^ [ 30.359766] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.360890] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.361553] ================================================================== [ 30.707293] ================================================================== [ 30.708632] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 30.709575] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.710517] [ 30.711434] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.712968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.713434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.714320] Call Trace: [ 30.714685] <TASK> [ 30.714995] dump_stack_lvl+0x73/0xb0 [ 30.715479] print_report+0xd1/0x640 [ 30.715795] ? __virt_addr_valid+0x1db/0x2d0 [ 30.716448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.717054] kasan_report+0x102/0x140 [ 30.717611] ? kasan_atomics_helper+0x1b23/0x5450 [ 30.718420] ? kasan_atomics_helper+0x1b23/0x5450 [ 30.718800] kasan_check_range+0x10c/0x1c0 [ 30.719497] __kasan_check_write+0x18/0x20 [ 30.719862] kasan_atomics_helper+0x1b23/0x5450 [ 30.720710] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.721206] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.721865] ? trace_hardirqs_on+0x37/0xe0 [ 30.722546] ? kasan_atomics+0x153/0x310 [ 30.723049] kasan_atomics+0x1dd/0x310 [ 30.723487] ? __pfx_kasan_atomics+0x10/0x10 [ 30.724548] ? __pfx_kasan_atomics+0x10/0x10 [ 30.725011] kunit_try_run_case+0x1b3/0x490 [ 30.725899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.726532] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.727635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.727995] ? __kthread_parkme+0x82/0x160 [ 30.728676] ? preempt_count_sub+0x50/0x80 [ 30.729023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.729758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.730705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.731207] kthread+0x257/0x310 [ 30.731896] ? __pfx_kthread+0x10/0x10 [ 30.732397] ret_from_fork+0x41/0x80 [ 30.732908] ? __pfx_kthread+0x10/0x10 [ 30.733385] ret_from_fork_asm+0x1a/0x30 [ 30.733891] </TASK> [ 30.734337] [ 30.734512] Allocated by task 273: [ 30.734851] kasan_save_stack+0x3d/0x60 [ 30.735535] kasan_save_track+0x18/0x40 [ 30.735864] kasan_save_alloc_info+0x3b/0x50 [ 30.736198] __kasan_kmalloc+0xb7/0xc0 [ 30.736793] __kmalloc_cache_noprof+0x184/0x410 [ 30.737681] kasan_atomics+0x96/0x310 [ 30.738181] kunit_try_run_case+0x1b3/0x490 [ 30.738636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.739023] kthread+0x257/0x310 [ 30.739771] ret_from_fork+0x41/0x80 [ 30.740368] ret_from_fork_asm+0x1a/0x30 [ 30.740968] [ 30.741258] The buggy address belongs to the object at ffff888102486200 [ 30.741258] which belongs to the cache kmalloc-64 of size 64 [ 30.742067] The buggy address is located 0 bytes to the right of [ 30.742067] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.743438] [ 30.743752] The buggy address belongs to the physical page: [ 30.744832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.745653] flags: 0x200000000000000(node=0|zone=2) [ 30.746096] page_type: f5(slab) [ 30.746540] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.747475] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.747999] page dumped because: kasan: bad access detected [ 30.749041] [ 30.749337] Memory state around the buggy address: [ 30.750080] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.750597] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.751308] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.752073] ^ [ 30.752330] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.752610] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.752882] ================================================================== [ 29.253513] ================================================================== [ 29.255260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 29.256102] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.257622] [ 29.257928] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.259128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.259509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.260248] Call Trace: [ 29.261070] <TASK> [ 29.261299] dump_stack_lvl+0x73/0xb0 [ 29.262183] print_report+0xd1/0x640 [ 29.262758] ? __virt_addr_valid+0x1db/0x2d0 [ 29.263488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.264021] kasan_report+0x102/0x140 [ 29.264764] ? kasan_atomics_helper+0xc71/0x5450 [ 29.265215] ? kasan_atomics_helper+0xc71/0x5450 [ 29.266053] kasan_check_range+0x10c/0x1c0 [ 29.266464] __kasan_check_write+0x18/0x20 [ 29.266870] kasan_atomics_helper+0xc71/0x5450 [ 29.267862] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.268384] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.269092] ? trace_hardirqs_on+0x37/0xe0 [ 29.269709] ? kasan_atomics+0x153/0x310 [ 29.270452] kasan_atomics+0x1dd/0x310 [ 29.270842] ? __pfx_kasan_atomics+0x10/0x10 [ 29.271525] ? __pfx_kasan_atomics+0x10/0x10 [ 29.272014] kunit_try_run_case+0x1b3/0x490 [ 29.272820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.273192] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.273851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.274605] ? __kthread_parkme+0x82/0x160 [ 29.275397] ? preempt_count_sub+0x50/0x80 [ 29.275979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.276692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.277245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.278351] kthread+0x257/0x310 [ 29.278946] ? __pfx_kthread+0x10/0x10 [ 29.279395] ret_from_fork+0x41/0x80 [ 29.280139] ? __pfx_kthread+0x10/0x10 [ 29.280794] ret_from_fork_asm+0x1a/0x30 [ 29.281559] </TASK> [ 29.281979] [ 29.282640] Allocated by task 273: [ 29.283243] kasan_save_stack+0x3d/0x60 [ 29.283871] kasan_save_track+0x18/0x40 [ 29.284386] kasan_save_alloc_info+0x3b/0x50 [ 29.284764] __kasan_kmalloc+0xb7/0xc0 [ 29.285225] __kmalloc_cache_noprof+0x184/0x410 [ 29.285919] kasan_atomics+0x96/0x310 [ 29.286278] kunit_try_run_case+0x1b3/0x490 [ 29.286706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.287234] kthread+0x257/0x310 [ 29.287714] ret_from_fork+0x41/0x80 [ 29.288146] ret_from_fork_asm+0x1a/0x30 [ 29.288632] [ 29.288803] The buggy address belongs to the object at ffff888102486200 [ 29.288803] which belongs to the cache kmalloc-64 of size 64 [ 29.290347] The buggy address is located 0 bytes to the right of [ 29.290347] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.291490] [ 29.291674] The buggy address belongs to the physical page: [ 29.292037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.293248] flags: 0x200000000000000(node=0|zone=2) [ 29.293841] page_type: f5(slab) [ 29.294249] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.295029] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.295504] page dumped because: kasan: bad access detected [ 29.296165] [ 29.296461] Memory state around the buggy address: [ 29.296974] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.297701] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.298529] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.298990] ^ [ 29.299342] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.300242] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.300883] ================================================================== [ 31.429096] ================================================================== [ 31.429734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 31.430406] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.431062] [ 31.431432] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.432180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.432521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.433889] Call Trace: [ 31.434160] <TASK> [ 31.434364] dump_stack_lvl+0x73/0xb0 [ 31.435121] print_report+0xd1/0x640 [ 31.435708] ? __virt_addr_valid+0x1db/0x2d0 [ 31.436488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.437065] kasan_report+0x102/0x140 [ 31.437491] ? kasan_atomics_helper+0x4fa7/0x5450 [ 31.438030] ? kasan_atomics_helper+0x4fa7/0x5450 [ 31.440393] __asan_report_load8_noabort+0x18/0x20 [ 31.440645] kasan_atomics_helper+0x4fa7/0x5450 [ 31.440860] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.441829] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.442337] ? trace_hardirqs_on+0x37/0xe0 [ 31.442952] ? kasan_atomics+0x153/0x310 [ 31.443399] kasan_atomics+0x1dd/0x310 [ 31.443893] ? __pfx_kasan_atomics+0x10/0x10 [ 31.444332] ? __pfx_kasan_atomics+0x10/0x10 [ 31.444693] kunit_try_run_case+0x1b3/0x490 [ 31.445372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.445973] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.446440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.447151] ? __kthread_parkme+0x82/0x160 [ 31.447583] ? preempt_count_sub+0x50/0x80 [ 31.448188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.448738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.449378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.450068] kthread+0x257/0x310 [ 31.450478] ? __pfx_kthread+0x10/0x10 [ 31.450983] ret_from_fork+0x41/0x80 [ 31.451474] ? __pfx_kthread+0x10/0x10 [ 31.451967] ret_from_fork_asm+0x1a/0x30 [ 31.452576] </TASK> [ 31.452925] [ 31.453242] Allocated by task 273: [ 31.453628] kasan_save_stack+0x3d/0x60 [ 31.454202] kasan_save_track+0x18/0x40 [ 31.454746] kasan_save_alloc_info+0x3b/0x50 [ 31.455236] __kasan_kmalloc+0xb7/0xc0 [ 31.455741] __kmalloc_cache_noprof+0x184/0x410 [ 31.456165] kasan_atomics+0x96/0x310 [ 31.456655] kunit_try_run_case+0x1b3/0x490 [ 31.457355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.457804] kthread+0x257/0x310 [ 31.458256] ret_from_fork+0x41/0x80 [ 31.458596] ret_from_fork_asm+0x1a/0x30 [ 31.459221] [ 31.459474] The buggy address belongs to the object at ffff888102486200 [ 31.459474] which belongs to the cache kmalloc-64 of size 64 [ 31.460600] The buggy address is located 0 bytes to the right of [ 31.460600] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.461870] [ 31.462168] The buggy address belongs to the physical page: [ 31.462736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.463583] flags: 0x200000000000000(node=0|zone=2) [ 31.464145] page_type: f5(slab) [ 31.464590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.465233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.466047] page dumped because: kasan: bad access detected [ 31.466790] [ 31.467022] Memory state around the buggy address: [ 31.467585] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.468399] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.469131] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.469726] ^ [ 31.470412] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.471153] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.471819] ================================================================== [ 30.041814] ================================================================== [ 30.043419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 30.044178] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.045810] [ 30.046071] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.047984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.048413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.049184] Call Trace: [ 30.050111] <TASK> [ 30.050382] dump_stack_lvl+0x73/0xb0 [ 30.050978] print_report+0xd1/0x640 [ 30.051605] ? __virt_addr_valid+0x1db/0x2d0 [ 30.052231] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.052916] kasan_report+0x102/0x140 [ 30.053407] ? kasan_atomics_helper+0x13b6/0x5450 [ 30.053901] ? kasan_atomics_helper+0x13b6/0x5450 [ 30.054254] kasan_check_range+0x10c/0x1c0 [ 30.054795] __kasan_check_read+0x15/0x20 [ 30.056031] kasan_atomics_helper+0x13b6/0x5450 [ 30.056676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.057504] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.058214] ? trace_hardirqs_on+0x37/0xe0 [ 30.058832] ? kasan_atomics+0x153/0x310 [ 30.059740] kasan_atomics+0x1dd/0x310 [ 30.060149] ? __pfx_kasan_atomics+0x10/0x10 [ 30.060871] ? __pfx_kasan_atomics+0x10/0x10 [ 30.061346] kunit_try_run_case+0x1b3/0x490 [ 30.062020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.062807] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.063677] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.064465] ? __kthread_parkme+0x82/0x160 [ 30.065177] ? preempt_count_sub+0x50/0x80 [ 30.065835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.066611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.067558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.068142] kthread+0x257/0x310 [ 30.068646] ? __pfx_kthread+0x10/0x10 [ 30.069086] ret_from_fork+0x41/0x80 [ 30.070044] ? __pfx_kthread+0x10/0x10 [ 30.070691] ret_from_fork_asm+0x1a/0x30 [ 30.071367] </TASK> [ 30.071875] [ 30.072094] Allocated by task 273: [ 30.072547] kasan_save_stack+0x3d/0x60 [ 30.073037] kasan_save_track+0x18/0x40 [ 30.073472] kasan_save_alloc_info+0x3b/0x50 [ 30.073980] __kasan_kmalloc+0xb7/0xc0 [ 30.074426] __kmalloc_cache_noprof+0x184/0x410 [ 30.074822] kasan_atomics+0x96/0x310 [ 30.075219] kunit_try_run_case+0x1b3/0x490 [ 30.075919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.076296] kthread+0x257/0x310 [ 30.076808] ret_from_fork+0x41/0x80 [ 30.077409] ret_from_fork_asm+0x1a/0x30 [ 30.077872] [ 30.078067] The buggy address belongs to the object at ffff888102486200 [ 30.078067] which belongs to the cache kmalloc-64 of size 64 [ 30.079269] The buggy address is located 0 bytes to the right of [ 30.079269] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.080641] [ 30.080917] The buggy address belongs to the physical page: [ 30.081561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.082208] flags: 0x200000000000000(node=0|zone=2) [ 30.082999] page_type: f5(slab) [ 30.083376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.084307] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.084727] page dumped because: kasan: bad access detected [ 30.085651] [ 30.085987] Memory state around the buggy address: [ 30.086428] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.087120] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.087600] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.088373] ^ [ 30.088688] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.089643] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.090441] ================================================================== [ 30.411115] ================================================================== [ 30.412064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 30.413495] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.415156] [ 30.415353] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.416541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.416946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.417872] Call Trace: [ 30.418238] <TASK> [ 30.418547] dump_stack_lvl+0x73/0xb0 [ 30.419074] print_report+0xd1/0x640 [ 30.419565] ? __virt_addr_valid+0x1db/0x2d0 [ 30.420052] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.420598] kasan_report+0x102/0x140 [ 30.421094] ? kasan_atomics_helper+0x1780/0x5450 [ 30.421739] ? kasan_atomics_helper+0x1780/0x5450 [ 30.422159] kasan_check_range+0x10c/0x1c0 [ 30.422745] __kasan_check_write+0x18/0x20 [ 30.423229] kasan_atomics_helper+0x1780/0x5450 [ 30.423589] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.424241] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.424776] ? trace_hardirqs_on+0x37/0xe0 [ 30.425263] ? kasan_atomics+0x153/0x310 [ 30.425878] kasan_atomics+0x1dd/0x310 [ 30.426406] ? __pfx_kasan_atomics+0x10/0x10 [ 30.426749] ? __pfx_kasan_atomics+0x10/0x10 [ 30.427568] kunit_try_run_case+0x1b3/0x490 [ 30.428688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.429481] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.430275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.431082] ? __kthread_parkme+0x82/0x160 [ 30.431668] ? preempt_count_sub+0x50/0x80 [ 30.432518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.433285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.433878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.434763] kthread+0x257/0x310 [ 30.435432] ? __pfx_kthread+0x10/0x10 [ 30.435867] ret_from_fork+0x41/0x80 [ 30.436817] ? __pfx_kthread+0x10/0x10 [ 30.437551] ret_from_fork_asm+0x1a/0x30 [ 30.438078] </TASK> [ 30.438713] [ 30.438909] Allocated by task 273: [ 30.439531] kasan_save_stack+0x3d/0x60 [ 30.439852] kasan_save_track+0x18/0x40 [ 30.440599] kasan_save_alloc_info+0x3b/0x50 [ 30.441320] __kasan_kmalloc+0xb7/0xc0 [ 30.442014] __kmalloc_cache_noprof+0x184/0x410 [ 30.442498] kasan_atomics+0x96/0x310 [ 30.443337] kunit_try_run_case+0x1b3/0x490 [ 30.443787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.444762] kthread+0x257/0x310 [ 30.445500] ret_from_fork+0x41/0x80 [ 30.445885] ret_from_fork_asm+0x1a/0x30 [ 30.446858] [ 30.447335] The buggy address belongs to the object at ffff888102486200 [ 30.447335] which belongs to the cache kmalloc-64 of size 64 [ 30.448414] The buggy address is located 0 bytes to the right of [ 30.448414] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.450223] [ 30.450569] The buggy address belongs to the physical page: [ 30.451660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.452470] flags: 0x200000000000000(node=0|zone=2) [ 30.453334] page_type: f5(slab) [ 30.453742] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.454517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.455312] page dumped because: kasan: bad access detected [ 30.455833] [ 30.456104] Memory state around the buggy address: [ 30.456854] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.457406] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.458151] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.458817] ^ [ 30.459363] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.460086] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.460784] ================================================================== [ 30.851018] ================================================================== [ 30.851500] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 30.853140] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.853859] [ 30.854069] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.856408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.857028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.858208] Call Trace: [ 30.858587] <TASK> [ 30.859266] dump_stack_lvl+0x73/0xb0 [ 30.859665] print_report+0xd1/0x640 [ 30.860380] ? __virt_addr_valid+0x1db/0x2d0 [ 30.860830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.861453] kasan_report+0x102/0x140 [ 30.861958] ? kasan_atomics_helper+0x1ce2/0x5450 [ 30.862432] ? kasan_atomics_helper+0x1ce2/0x5450 [ 30.863044] kasan_check_range+0x10c/0x1c0 [ 30.863870] __kasan_check_write+0x18/0x20 [ 30.864233] kasan_atomics_helper+0x1ce2/0x5450 [ 30.864848] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.865853] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.866509] ? trace_hardirqs_on+0x37/0xe0 [ 30.867397] ? kasan_atomics+0x153/0x310 [ 30.867863] kasan_atomics+0x1dd/0x310 [ 30.868382] ? __pfx_kasan_atomics+0x10/0x10 [ 30.868838] ? __pfx_kasan_atomics+0x10/0x10 [ 30.870449] kunit_try_run_case+0x1b3/0x490 [ 30.871130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.871739] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.872675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.873245] ? __kthread_parkme+0x82/0x160 [ 30.873688] ? preempt_count_sub+0x50/0x80 [ 30.874121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.874478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.875742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.876985] kthread+0x257/0x310 [ 30.877543] ? __pfx_kthread+0x10/0x10 [ 30.878040] ret_from_fork+0x41/0x80 [ 30.878425] ? __pfx_kthread+0x10/0x10 [ 30.878810] ret_from_fork_asm+0x1a/0x30 [ 30.879889] </TASK> [ 30.880091] [ 30.880279] Allocated by task 273: [ 30.881316] kasan_save_stack+0x3d/0x60 [ 30.881898] kasan_save_track+0x18/0x40 [ 30.882310] kasan_save_alloc_info+0x3b/0x50 [ 30.882984] __kasan_kmalloc+0xb7/0xc0 [ 30.883658] __kmalloc_cache_noprof+0x184/0x410 [ 30.884439] kasan_atomics+0x96/0x310 [ 30.884839] kunit_try_run_case+0x1b3/0x490 [ 30.885429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.886966] kthread+0x257/0x310 [ 30.887600] ret_from_fork+0x41/0x80 [ 30.888083] ret_from_fork_asm+0x1a/0x30 [ 30.888831] [ 30.889134] The buggy address belongs to the object at ffff888102486200 [ 30.889134] which belongs to the cache kmalloc-64 of size 64 [ 30.890022] The buggy address is located 0 bytes to the right of [ 30.890022] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.892099] [ 30.892596] The buggy address belongs to the physical page: [ 30.892969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.893712] flags: 0x200000000000000(node=0|zone=2) [ 30.894627] page_type: f5(slab) [ 30.895078] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.896442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.897130] page dumped because: kasan: bad access detected [ 30.897859] [ 30.898126] Memory state around the buggy address: [ 30.899036] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.899874] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.900682] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.901969] ^ [ 30.902639] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.904066] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.904750] ================================================================== [ 29.051311] ================================================================== [ 29.052324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 29.053428] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.053763] [ 29.053897] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.055902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.056289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.057098] Call Trace: [ 29.057464] <TASK> [ 29.057915] dump_stack_lvl+0x73/0xb0 [ 29.058312] print_report+0xd1/0x640 [ 29.058866] ? __virt_addr_valid+0x1db/0x2d0 [ 29.059527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.060062] kasan_report+0x102/0x140 [ 29.060579] ? kasan_atomics_helper+0x993/0x5450 [ 29.061128] ? kasan_atomics_helper+0x993/0x5450 [ 29.061645] kasan_check_range+0x10c/0x1c0 [ 29.062024] __kasan_check_write+0x18/0x20 [ 29.062579] kasan_atomics_helper+0x993/0x5450 [ 29.062987] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.063882] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.064344] ? trace_hardirqs_on+0x37/0xe0 [ 29.065143] ? kasan_atomics+0x153/0x310 [ 29.065752] kasan_atomics+0x1dd/0x310 [ 29.066757] ? __pfx_kasan_atomics+0x10/0x10 [ 29.067275] ? __pfx_kasan_atomics+0x10/0x10 [ 29.067735] kunit_try_run_case+0x1b3/0x490 [ 29.068925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.069681] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.070543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.071450] ? __kthread_parkme+0x82/0x160 [ 29.071793] ? preempt_count_sub+0x50/0x80 [ 29.072774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.073978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.074663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.076012] kthread+0x257/0x310 [ 29.076467] ? __pfx_kthread+0x10/0x10 [ 29.077107] ret_from_fork+0x41/0x80 [ 29.077685] ? __pfx_kthread+0x10/0x10 [ 29.078366] ret_from_fork_asm+0x1a/0x30 [ 29.078973] </TASK> [ 29.079559] [ 29.079803] Allocated by task 273: [ 29.080172] kasan_save_stack+0x3d/0x60 [ 29.080669] kasan_save_track+0x18/0x40 [ 29.081100] kasan_save_alloc_info+0x3b/0x50 [ 29.081832] __kasan_kmalloc+0xb7/0xc0 [ 29.082894] __kmalloc_cache_noprof+0x184/0x410 [ 29.083688] kasan_atomics+0x96/0x310 [ 29.084056] kunit_try_run_case+0x1b3/0x490 [ 29.084853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.085489] kthread+0x257/0x310 [ 29.085737] ret_from_fork+0x41/0x80 [ 29.086655] ret_from_fork_asm+0x1a/0x30 [ 29.087436] [ 29.087628] The buggy address belongs to the object at ffff888102486200 [ 29.087628] which belongs to the cache kmalloc-64 of size 64 [ 29.088701] The buggy address is located 0 bytes to the right of [ 29.088701] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.089357] [ 29.089627] The buggy address belongs to the physical page: [ 29.091108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.091811] flags: 0x200000000000000(node=0|zone=2) [ 29.092551] page_type: f5(slab) [ 29.093248] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.094009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.094901] page dumped because: kasan: bad access detected [ 29.095593] [ 29.095699] Memory state around the buggy address: [ 29.095903] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.096314] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.097417] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.097836] ^ [ 29.098699] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.099458] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.100334] ================================================================== [ 28.573373] ================================================================== [ 28.574511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 28.575728] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.576555] [ 28.576745] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.578966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.579591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.580748] Call Trace: [ 28.581262] <TASK> [ 28.581822] dump_stack_lvl+0x73/0xb0 [ 28.582647] print_report+0xd1/0x640 [ 28.583064] ? __virt_addr_valid+0x1db/0x2d0 [ 28.583521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.584055] kasan_report+0x102/0x140 [ 28.584334] ? kasan_atomics_helper+0x4b56/0x5450 [ 28.585537] ? kasan_atomics_helper+0x4b56/0x5450 [ 28.586284] __asan_report_load4_noabort+0x18/0x20 [ 28.586858] kasan_atomics_helper+0x4b56/0x5450 [ 28.587985] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.588556] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.589034] ? trace_hardirqs_on+0x37/0xe0 [ 28.590049] ? kasan_atomics+0x153/0x310 [ 28.590467] kasan_atomics+0x1dd/0x310 [ 28.591046] ? __pfx_kasan_atomics+0x10/0x10 [ 28.591487] ? __pfx_kasan_atomics+0x10/0x10 [ 28.591952] kunit_try_run_case+0x1b3/0x490 [ 28.592503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.593398] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.594246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.594727] ? __kthread_parkme+0x82/0x160 [ 28.595361] ? preempt_count_sub+0x50/0x80 [ 28.595830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.597105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.597739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.598190] kthread+0x257/0x310 [ 28.598867] ? __pfx_kthread+0x10/0x10 [ 28.599610] ret_from_fork+0x41/0x80 [ 28.599838] ? __pfx_kthread+0x10/0x10 [ 28.600099] ret_from_fork_asm+0x1a/0x30 [ 28.600416] </TASK> [ 28.600563] [ 28.600660] Allocated by task 273: [ 28.600823] kasan_save_stack+0x3d/0x60 [ 28.601045] kasan_save_track+0x18/0x40 [ 28.601960] kasan_save_alloc_info+0x3b/0x50 [ 28.602681] __kasan_kmalloc+0xb7/0xc0 [ 28.603406] __kmalloc_cache_noprof+0x184/0x410 [ 28.604175] kasan_atomics+0x96/0x310 [ 28.604459] kunit_try_run_case+0x1b3/0x490 [ 28.605247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.605717] kthread+0x257/0x310 [ 28.606335] ret_from_fork+0x41/0x80 [ 28.606714] ret_from_fork_asm+0x1a/0x30 [ 28.607302] [ 28.607554] The buggy address belongs to the object at ffff888102486200 [ 28.607554] which belongs to the cache kmalloc-64 of size 64 [ 28.608738] The buggy address is located 0 bytes to the right of [ 28.608738] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.609823] [ 28.610095] The buggy address belongs to the physical page: [ 28.610569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.611309] flags: 0x200000000000000(node=0|zone=2) [ 28.611640] page_type: f5(slab) [ 28.612166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.613072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.613624] page dumped because: kasan: bad access detected [ 28.614408] [ 28.614640] Memory state around the buggy address: [ 28.615365] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.616294] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.617216] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.617783] ^ [ 28.618669] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.619725] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.620155] ================================================================== [ 29.886452] ================================================================== [ 29.887178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 29.887865] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.888455] [ 29.888635] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.889753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.890305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.890819] Call Trace: [ 29.891060] <TASK> [ 29.891270] dump_stack_lvl+0x73/0xb0 [ 29.891751] print_report+0xd1/0x640 [ 29.892281] ? __virt_addr_valid+0x1db/0x2d0 [ 29.892798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.893427] kasan_report+0x102/0x140 [ 29.893886] ? kasan_atomics_helper+0x49ea/0x5450 [ 29.894244] ? kasan_atomics_helper+0x49ea/0x5450 [ 29.894588] __asan_report_load4_noabort+0x18/0x20 [ 29.895478] kasan_atomics_helper+0x49ea/0x5450 [ 29.896156] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.896826] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.897621] ? trace_hardirqs_on+0x37/0xe0 [ 29.898011] ? kasan_atomics+0x153/0x310 [ 29.898535] kasan_atomics+0x1dd/0x310 [ 29.898994] ? __pfx_kasan_atomics+0x10/0x10 [ 29.899629] ? __pfx_kasan_atomics+0x10/0x10 [ 29.899990] kunit_try_run_case+0x1b3/0x490 [ 29.900301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.900624] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.901333] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.902036] ? __kthread_parkme+0x82/0x160 [ 29.902825] ? preempt_count_sub+0x50/0x80 [ 29.903561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.904092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.904563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.904965] kthread+0x257/0x310 [ 29.905236] ? __pfx_kthread+0x10/0x10 [ 29.905761] ret_from_fork+0x41/0x80 [ 29.906348] ? __pfx_kthread+0x10/0x10 [ 29.907178] ret_from_fork_asm+0x1a/0x30 [ 29.907651] </TASK> [ 29.907969] [ 29.908163] Allocated by task 273: [ 29.908618] kasan_save_stack+0x3d/0x60 [ 29.909133] kasan_save_track+0x18/0x40 [ 29.909473] kasan_save_alloc_info+0x3b/0x50 [ 29.909811] __kasan_kmalloc+0xb7/0xc0 [ 29.910120] __kmalloc_cache_noprof+0x184/0x410 [ 29.910440] kasan_atomics+0x96/0x310 [ 29.910707] kunit_try_run_case+0x1b3/0x490 [ 29.911279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.912021] kthread+0x257/0x310 [ 29.912623] ret_from_fork+0x41/0x80 [ 29.913208] ret_from_fork_asm+0x1a/0x30 [ 29.913727] [ 29.914018] The buggy address belongs to the object at ffff888102486200 [ 29.914018] which belongs to the cache kmalloc-64 of size 64 [ 29.916109] The buggy address is located 0 bytes to the right of [ 29.916109] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.917541] [ 29.917749] The buggy address belongs to the physical page: [ 29.918344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.919573] flags: 0x200000000000000(node=0|zone=2) [ 29.920714] page_type: f5(slab) [ 29.921510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.922620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.923654] page dumped because: kasan: bad access detected [ 29.924248] [ 29.924457] Memory state around the buggy address: [ 29.924975] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.925417] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.926053] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.926922] ^ [ 29.927733] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.928492] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.929374] ================================================================== [ 28.720475] ================================================================== [ 28.721266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 28.723239] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.723901] [ 28.724146] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.726713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.727405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.728399] Call Trace: [ 28.728690] <TASK> [ 28.729334] dump_stack_lvl+0x73/0xb0 [ 28.729644] print_report+0xd1/0x640 [ 28.731765] ? __virt_addr_valid+0x1db/0x2d0 [ 28.732152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.732493] kasan_report+0x102/0x140 [ 28.732766] ? kasan_atomics_helper+0x566/0x5450 [ 28.733242] ? kasan_atomics_helper+0x566/0x5450 [ 28.733574] kasan_check_range+0x10c/0x1c0 [ 28.733894] __kasan_check_write+0x18/0x20 [ 28.735492] kasan_atomics_helper+0x566/0x5450 [ 28.735842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.737020] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.738048] ? trace_hardirqs_on+0x37/0xe0 [ 28.738648] ? kasan_atomics+0x153/0x310 [ 28.739148] kasan_atomics+0x1dd/0x310 [ 28.739590] ? __pfx_kasan_atomics+0x10/0x10 [ 28.740089] ? __pfx_kasan_atomics+0x10/0x10 [ 28.740853] kunit_try_run_case+0x1b3/0x490 [ 28.741262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.741761] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.742239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.742824] ? __kthread_parkme+0x82/0x160 [ 28.743194] ? preempt_count_sub+0x50/0x80 [ 28.743689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.744520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.745095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.745925] kthread+0x257/0x310 [ 28.746531] ? __pfx_kthread+0x10/0x10 [ 28.746972] ret_from_fork+0x41/0x80 [ 28.747263] ? __pfx_kthread+0x10/0x10 [ 28.747773] ret_from_fork_asm+0x1a/0x30 [ 28.748578] </TASK> [ 28.749137] [ 28.749538] Allocated by task 273: [ 28.750230] kasan_save_stack+0x3d/0x60 [ 28.750635] kasan_save_track+0x18/0x40 [ 28.750832] kasan_save_alloc_info+0x3b/0x50 [ 28.751105] __kasan_kmalloc+0xb7/0xc0 [ 28.751759] __kmalloc_cache_noprof+0x184/0x410 [ 28.752315] kasan_atomics+0x96/0x310 [ 28.752678] kunit_try_run_case+0x1b3/0x490 [ 28.753447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.753887] kthread+0x257/0x310 [ 28.754590] ret_from_fork+0x41/0x80 [ 28.755026] ret_from_fork_asm+0x1a/0x30 [ 28.755980] [ 28.756387] The buggy address belongs to the object at ffff888102486200 [ 28.756387] which belongs to the cache kmalloc-64 of size 64 [ 28.757368] The buggy address is located 0 bytes to the right of [ 28.757368] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.758461] [ 28.759336] The buggy address belongs to the physical page: [ 28.759916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.760688] flags: 0x200000000000000(node=0|zone=2) [ 28.761130] page_type: f5(slab) [ 28.761644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.762414] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.762966] page dumped because: kasan: bad access detected [ 28.763835] [ 28.764050] Memory state around the buggy address: [ 28.764658] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.765372] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.765840] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.766839] ^ [ 28.767369] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.767902] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.768817] ================================================================== [ 29.930842] ================================================================== [ 29.931845] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 29.933040] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.934100] [ 29.934768] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.936094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.936757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.937905] Call Trace: [ 29.938276] <TASK> [ 29.938552] dump_stack_lvl+0x73/0xb0 [ 29.939006] print_report+0xd1/0x640 [ 29.940438] ? __virt_addr_valid+0x1db/0x2d0 [ 29.941113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.941697] kasan_report+0x102/0x140 [ 29.942146] ? kasan_atomics_helper+0x12e7/0x5450 [ 29.942644] ? kasan_atomics_helper+0x12e7/0x5450 [ 29.943722] kasan_check_range+0x10c/0x1c0 [ 29.944099] __kasan_check_write+0x18/0x20 [ 29.945109] kasan_atomics_helper+0x12e7/0x5450 [ 29.946241] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.946970] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.947532] ? trace_hardirqs_on+0x37/0xe0 [ 29.948017] ? kasan_atomics+0x153/0x310 [ 29.949069] kasan_atomics+0x1dd/0x310 [ 29.949727] ? __pfx_kasan_atomics+0x10/0x10 [ 29.950185] ? __pfx_kasan_atomics+0x10/0x10 [ 29.950978] kunit_try_run_case+0x1b3/0x490 [ 29.951669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.952249] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.953024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.953843] ? __kthread_parkme+0x82/0x160 [ 29.954491] ? preempt_count_sub+0x50/0x80 [ 29.955325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.955740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.956639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.957553] kthread+0x257/0x310 [ 29.957953] ? __pfx_kthread+0x10/0x10 [ 29.958580] ret_from_fork+0x41/0x80 [ 29.959175] ? __pfx_kthread+0x10/0x10 [ 29.959686] ret_from_fork_asm+0x1a/0x30 [ 29.960736] </TASK> [ 29.961327] [ 29.961730] Allocated by task 273: [ 29.962087] kasan_save_stack+0x3d/0x60 [ 29.962533] kasan_save_track+0x18/0x40 [ 29.962973] kasan_save_alloc_info+0x3b/0x50 [ 29.963293] __kasan_kmalloc+0xb7/0xc0 [ 29.963644] __kmalloc_cache_noprof+0x184/0x410 [ 29.964785] kasan_atomics+0x96/0x310 [ 29.965493] kunit_try_run_case+0x1b3/0x490 [ 29.965802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.966801] kthread+0x257/0x310 [ 29.967342] ret_from_fork+0x41/0x80 [ 29.967720] ret_from_fork_asm+0x1a/0x30 [ 29.968500] [ 29.969200] The buggy address belongs to the object at ffff888102486200 [ 29.969200] which belongs to the cache kmalloc-64 of size 64 [ 29.971198] The buggy address is located 0 bytes to the right of [ 29.971198] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.973569] [ 29.973956] The buggy address belongs to the physical page: [ 29.974862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.976227] flags: 0x200000000000000(node=0|zone=2) [ 29.976978] page_type: f5(slab) [ 29.977477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.978535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.979547] page dumped because: kasan: bad access detected [ 29.980119] [ 29.980332] Memory state around the buggy address: [ 29.980871] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.981499] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.982047] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.983186] ^ [ 29.983695] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.985345] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.986186] ================================================================== [ 30.177886] ================================================================== [ 30.178387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 30.179409] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.180138] [ 30.180326] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.181133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.181677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.182586] Call Trace: [ 30.183004] <TASK> [ 30.183302] dump_stack_lvl+0x73/0xb0 [ 30.183592] print_report+0xd1/0x640 [ 30.183881] ? __virt_addr_valid+0x1db/0x2d0 [ 30.184545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.185185] kasan_report+0x102/0x140 [ 30.185541] ? kasan_atomics_helper+0x50d6/0x5450 [ 30.186279] ? kasan_atomics_helper+0x50d6/0x5450 [ 30.186908] __asan_report_store8_noabort+0x1b/0x30 [ 30.187457] kasan_atomics_helper+0x50d6/0x5450 [ 30.187822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.188492] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.188898] ? trace_hardirqs_on+0x37/0xe0 [ 30.189561] ? kasan_atomics+0x153/0x310 [ 30.190183] kasan_atomics+0x1dd/0x310 [ 30.190700] ? __pfx_kasan_atomics+0x10/0x10 [ 30.191190] ? __pfx_kasan_atomics+0x10/0x10 [ 30.191558] kunit_try_run_case+0x1b3/0x490 [ 30.191907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.192578] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.193212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.193590] ? __kthread_parkme+0x82/0x160 [ 30.194232] ? preempt_count_sub+0x50/0x80 [ 30.194762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.195238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.195800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.196381] kthread+0x257/0x310 [ 30.196709] ? __pfx_kthread+0x10/0x10 [ 30.197283] ret_from_fork+0x41/0x80 [ 30.197565] ? __pfx_kthread+0x10/0x10 [ 30.197871] ret_from_fork_asm+0x1a/0x30 [ 30.198487] </TASK> [ 30.198829] [ 30.199263] Allocated by task 273: [ 30.199713] kasan_save_stack+0x3d/0x60 [ 30.200276] kasan_save_track+0x18/0x40 [ 30.200673] kasan_save_alloc_info+0x3b/0x50 [ 30.201202] __kasan_kmalloc+0xb7/0xc0 [ 30.202316] __kmalloc_cache_noprof+0x184/0x410 [ 30.202727] kasan_atomics+0x96/0x310 [ 30.203303] kunit_try_run_case+0x1b3/0x490 [ 30.203640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.204333] kthread+0x257/0x310 [ 30.204692] ret_from_fork+0x41/0x80 [ 30.205213] ret_from_fork_asm+0x1a/0x30 [ 30.205785] [ 30.206000] The buggy address belongs to the object at ffff888102486200 [ 30.206000] which belongs to the cache kmalloc-64 of size 64 [ 30.207272] The buggy address is located 0 bytes to the right of [ 30.207272] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.208347] [ 30.208615] The buggy address belongs to the physical page: [ 30.209243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.210159] flags: 0x200000000000000(node=0|zone=2) [ 30.210581] page_type: f5(slab) [ 30.210972] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.211852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.212657] page dumped because: kasan: bad access detected [ 30.213202] [ 30.213458] Memory state around the buggy address: [ 30.213999] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.214858] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.215544] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.216278] ^ [ 30.216778] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.217508] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.218221] ================================================================== [ 30.508982] ================================================================== [ 30.509853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 30.511202] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.511952] [ 30.512173] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.513251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.513735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.514741] Call Trace: [ 30.515155] <TASK> [ 30.515427] dump_stack_lvl+0x73/0xb0 [ 30.515974] print_report+0xd1/0x640 [ 30.516482] ? __virt_addr_valid+0x1db/0x2d0 [ 30.516912] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.517553] kasan_report+0x102/0x140 [ 30.518038] ? kasan_atomics_helper+0x18b2/0x5450 [ 30.518713] ? kasan_atomics_helper+0x18b2/0x5450 [ 30.519380] kasan_check_range+0x10c/0x1c0 [ 30.519866] __kasan_check_write+0x18/0x20 [ 30.520458] kasan_atomics_helper+0x18b2/0x5450 [ 30.521224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.521707] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.522302] ? trace_hardirqs_on+0x37/0xe0 [ 30.522780] ? kasan_atomics+0x153/0x310 [ 30.523331] kasan_atomics+0x1dd/0x310 [ 30.523856] ? __pfx_kasan_atomics+0x10/0x10 [ 30.524476] ? __pfx_kasan_atomics+0x10/0x10 [ 30.524987] kunit_try_run_case+0x1b3/0x490 [ 30.525536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.526073] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.526475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.527222] ? __kthread_parkme+0x82/0x160 [ 30.527853] ? preempt_count_sub+0x50/0x80 [ 30.528377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.528708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.529613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.530432] kthread+0x257/0x310 [ 30.530922] ? __pfx_kthread+0x10/0x10 [ 30.531389] ret_from_fork+0x41/0x80 [ 30.531801] ? __pfx_kthread+0x10/0x10 [ 30.532299] ret_from_fork_asm+0x1a/0x30 [ 30.532759] </TASK> [ 30.533152] [ 30.533435] Allocated by task 273: [ 30.533971] kasan_save_stack+0x3d/0x60 [ 30.534409] kasan_save_track+0x18/0x40 [ 30.535005] kasan_save_alloc_info+0x3b/0x50 [ 30.535468] __kasan_kmalloc+0xb7/0xc0 [ 30.535851] __kmalloc_cache_noprof+0x184/0x410 [ 30.536321] kasan_atomics+0x96/0x310 [ 30.536796] kunit_try_run_case+0x1b3/0x490 [ 30.537438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.537820] kthread+0x257/0x310 [ 30.538447] ret_from_fork+0x41/0x80 [ 30.538998] ret_from_fork_asm+0x1a/0x30 [ 30.539516] [ 30.539755] The buggy address belongs to the object at ffff888102486200 [ 30.539755] which belongs to the cache kmalloc-64 of size 64 [ 30.541047] The buggy address is located 0 bytes to the right of [ 30.541047] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.542378] [ 30.542651] The buggy address belongs to the physical page: [ 30.543368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.543904] flags: 0x200000000000000(node=0|zone=2) [ 30.544542] page_type: f5(slab) [ 30.545066] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.545852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.546673] page dumped because: kasan: bad access detected [ 30.547251] [ 30.547494] Memory state around the buggy address: [ 30.547979] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.548777] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.549605] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.550337] ^ [ 30.550843] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.551582] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.552277] ================================================================== [ 31.017441] ================================================================== [ 31.019336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 31.020080] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.021474] [ 31.021999] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.022877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.023629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.024699] Call Trace: [ 31.025075] <TASK> [ 31.025835] dump_stack_lvl+0x73/0xb0 [ 31.026676] print_report+0xd1/0x640 [ 31.027387] ? __virt_addr_valid+0x1db/0x2d0 [ 31.027852] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.028828] kasan_report+0x102/0x140 [ 31.029600] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.030528] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.031024] kasan_check_range+0x10c/0x1c0 [ 31.031545] __kasan_check_write+0x18/0x20 [ 31.032456] kasan_atomics_helper+0x1eab/0x5450 [ 31.032685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.032905] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.033276] ? trace_hardirqs_on+0x37/0xe0 [ 31.033698] ? kasan_atomics+0x153/0x310 [ 31.034279] kasan_atomics+0x1dd/0x310 [ 31.034583] ? __pfx_kasan_atomics+0x10/0x10 [ 31.035252] ? __pfx_kasan_atomics+0x10/0x10 [ 31.035839] kunit_try_run_case+0x1b3/0x490 [ 31.036520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.036863] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.037579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.038140] ? __kthread_parkme+0x82/0x160 [ 31.038674] ? preempt_count_sub+0x50/0x80 [ 31.039019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.039701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.040630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.041080] kthread+0x257/0x310 [ 31.041534] ? __pfx_kthread+0x10/0x10 [ 31.042147] ret_from_fork+0x41/0x80 [ 31.042476] ? __pfx_kthread+0x10/0x10 [ 31.043110] ret_from_fork_asm+0x1a/0x30 [ 31.043711] </TASK> [ 31.044072] [ 31.044294] Allocated by task 273: [ 31.044758] kasan_save_stack+0x3d/0x60 [ 31.045384] kasan_save_track+0x18/0x40 [ 31.045753] kasan_save_alloc_info+0x3b/0x50 [ 31.046428] __kasan_kmalloc+0xb7/0xc0 [ 31.046926] __kmalloc_cache_noprof+0x184/0x410 [ 31.047716] kasan_atomics+0x96/0x310 [ 31.048019] kunit_try_run_case+0x1b3/0x490 [ 31.048318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.049149] kthread+0x257/0x310 [ 31.049740] ret_from_fork+0x41/0x80 [ 31.050251] ret_from_fork_asm+0x1a/0x30 [ 31.050914] [ 31.051271] The buggy address belongs to the object at ffff888102486200 [ 31.051271] which belongs to the cache kmalloc-64 of size 64 [ 31.051989] The buggy address is located 0 bytes to the right of [ 31.051989] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.053172] [ 31.053465] The buggy address belongs to the physical page: [ 31.054420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.055218] flags: 0x200000000000000(node=0|zone=2) [ 31.055686] page_type: f5(slab) [ 31.055997] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.056819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.058065] page dumped because: kasan: bad access detected [ 31.058637] [ 31.059091] Memory state around the buggy address: [ 31.059632] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.060186] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.061350] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.061977] ^ [ 31.062685] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.063695] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.064654] ================================================================== [ 29.631814] ================================================================== [ 29.632585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 29.633467] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.634197] [ 29.634507] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.635488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.635965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.636784] Call Trace: [ 29.637250] <TASK> [ 29.637566] dump_stack_lvl+0x73/0xb0 [ 29.638073] print_report+0xd1/0x640 [ 29.638542] ? __virt_addr_valid+0x1db/0x2d0 [ 29.639000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.639675] kasan_report+0x102/0x140 [ 29.640164] ? kasan_atomics_helper+0x107a/0x5450 [ 29.640806] ? kasan_atomics_helper+0x107a/0x5450 [ 29.641424] kasan_check_range+0x10c/0x1c0 [ 29.641876] __kasan_check_write+0x18/0x20 [ 29.642478] kasan_atomics_helper+0x107a/0x5450 [ 29.643036] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.643532] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.644180] ? trace_hardirqs_on+0x37/0xe0 [ 29.644571] ? kasan_atomics+0x153/0x310 [ 29.645056] kasan_atomics+0x1dd/0x310 [ 29.645647] ? __pfx_kasan_atomics+0x10/0x10 [ 29.646153] ? __pfx_kasan_atomics+0x10/0x10 [ 29.646657] kunit_try_run_case+0x1b3/0x490 [ 29.647248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.647814] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.648356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.649032] ? __kthread_parkme+0x82/0x160 [ 29.649521] ? preempt_count_sub+0x50/0x80 [ 29.649983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.650663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.651361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.652016] kthread+0x257/0x310 [ 29.652429] ? __pfx_kthread+0x10/0x10 [ 29.653041] ret_from_fork+0x41/0x80 [ 29.653496] ? __pfx_kthread+0x10/0x10 [ 29.653975] ret_from_fork_asm+0x1a/0x30 [ 29.654589] </TASK> [ 29.654856] [ 29.655162] Allocated by task 273: [ 29.655498] kasan_save_stack+0x3d/0x60 [ 29.655861] kasan_save_track+0x18/0x40 [ 29.656409] kasan_save_alloc_info+0x3b/0x50 [ 29.656832] __kasan_kmalloc+0xb7/0xc0 [ 29.657295] __kmalloc_cache_noprof+0x184/0x410 [ 29.657611] kasan_atomics+0x96/0x310 [ 29.658034] kunit_try_run_case+0x1b3/0x490 [ 29.658716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.659466] kthread+0x257/0x310 [ 29.659858] ret_from_fork+0x41/0x80 [ 29.660365] ret_from_fork_asm+0x1a/0x30 [ 29.660802] [ 29.661000] The buggy address belongs to the object at ffff888102486200 [ 29.661000] which belongs to the cache kmalloc-64 of size 64 [ 29.662335] The buggy address is located 0 bytes to the right of [ 29.662335] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.663795] [ 29.664351] The buggy address belongs to the physical page: [ 29.665689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.666252] flags: 0x200000000000000(node=0|zone=2) [ 29.666976] page_type: f5(slab) [ 29.667650] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.669012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.669687] page dumped because: kasan: bad access detected [ 29.670278] [ 29.670486] Memory state around the buggy address: [ 29.670985] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.671485] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.672402] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.672999] ^ [ 29.673482] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.674496] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.675122] ================================================================== [ 30.606411] ================================================================== [ 30.607339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 30.609140] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.610676] [ 30.611020] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.612214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.612638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.614004] Call Trace: [ 30.614619] <TASK> [ 30.614888] dump_stack_lvl+0x73/0xb0 [ 30.615347] print_report+0xd1/0x640 [ 30.615775] ? __virt_addr_valid+0x1db/0x2d0 [ 30.616235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.616762] kasan_report+0x102/0x140 [ 30.618060] ? kasan_atomics_helper+0x19e4/0x5450 [ 30.618554] ? kasan_atomics_helper+0x19e4/0x5450 [ 30.618989] kasan_check_range+0x10c/0x1c0 [ 30.619333] __kasan_check_write+0x18/0x20 [ 30.620018] kasan_atomics_helper+0x19e4/0x5450 [ 30.620877] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.621764] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.622187] ? trace_hardirqs_on+0x37/0xe0 [ 30.622717] ? kasan_atomics+0x153/0x310 [ 30.623223] kasan_atomics+0x1dd/0x310 [ 30.623674] ? __pfx_kasan_atomics+0x10/0x10 [ 30.624142] ? __pfx_kasan_atomics+0x10/0x10 [ 30.624597] kunit_try_run_case+0x1b3/0x490 [ 30.625202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.625884] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.626783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.627578] ? __kthread_parkme+0x82/0x160 [ 30.628101] ? preempt_count_sub+0x50/0x80 [ 30.628588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.629169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.629635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.630519] kthread+0x257/0x310 [ 30.630974] ? __pfx_kthread+0x10/0x10 [ 30.631620] ret_from_fork+0x41/0x80 [ 30.631964] ? __pfx_kthread+0x10/0x10 [ 30.632407] ret_from_fork_asm+0x1a/0x30 [ 30.633033] </TASK> [ 30.633241] [ 30.633407] Allocated by task 273: [ 30.634019] kasan_save_stack+0x3d/0x60 [ 30.634531] kasan_save_track+0x18/0x40 [ 30.634861] kasan_save_alloc_info+0x3b/0x50 [ 30.635637] __kasan_kmalloc+0xb7/0xc0 [ 30.636101] __kmalloc_cache_noprof+0x184/0x410 [ 30.636633] kasan_atomics+0x96/0x310 [ 30.636951] kunit_try_run_case+0x1b3/0x490 [ 30.637257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.638200] kthread+0x257/0x310 [ 30.638684] ret_from_fork+0x41/0x80 [ 30.639343] ret_from_fork_asm+0x1a/0x30 [ 30.639812] [ 30.640097] The buggy address belongs to the object at ffff888102486200 [ 30.640097] which belongs to the cache kmalloc-64 of size 64 [ 30.641158] The buggy address is located 0 bytes to the right of [ 30.641158] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.642082] [ 30.642346] The buggy address belongs to the physical page: [ 30.643073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.643850] flags: 0x200000000000000(node=0|zone=2) [ 30.644376] page_type: f5(slab) [ 30.644637] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.645190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.646172] page dumped because: kasan: bad access detected [ 30.646893] [ 30.647253] Memory state around the buggy address: [ 30.647815] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.648570] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.650561] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.652186] ^ [ 30.652798] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.653202] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.654247] ================================================================== [ 31.161391] ================================================================== [ 31.161881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 31.162801] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.164187] [ 31.164390] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.165014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.165998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.167325] Call Trace: [ 31.167640] <TASK> [ 31.167910] dump_stack_lvl+0x73/0xb0 [ 31.168225] print_report+0xd1/0x640 [ 31.169386] ? __virt_addr_valid+0x1db/0x2d0 [ 31.170171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.170918] kasan_report+0x102/0x140 [ 31.171603] ? kasan_atomics_helper+0x2007/0x5450 [ 31.172510] ? kasan_atomics_helper+0x2007/0x5450 [ 31.173210] kasan_check_range+0x10c/0x1c0 [ 31.173956] __kasan_check_write+0x18/0x20 [ 31.174622] kasan_atomics_helper+0x2007/0x5450 [ 31.175164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.176283] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.176988] ? trace_hardirqs_on+0x37/0xe0 [ 31.177566] ? kasan_atomics+0x153/0x310 [ 31.178036] kasan_atomics+0x1dd/0x310 [ 31.179228] ? __pfx_kasan_atomics+0x10/0x10 [ 31.179855] ? __pfx_kasan_atomics+0x10/0x10 [ 31.180567] kunit_try_run_case+0x1b3/0x490 [ 31.181008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.181859] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.182379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.183186] ? __kthread_parkme+0x82/0x160 [ 31.183653] ? preempt_count_sub+0x50/0x80 [ 31.184109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.184557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.185602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.186115] kthread+0x257/0x310 [ 31.186828] ? __pfx_kthread+0x10/0x10 [ 31.187495] ret_from_fork+0x41/0x80 [ 31.188047] ? __pfx_kthread+0x10/0x10 [ 31.188796] ret_from_fork_asm+0x1a/0x30 [ 31.189470] </TASK> [ 31.189802] [ 31.190309] Allocated by task 273: [ 31.190670] kasan_save_stack+0x3d/0x60 [ 31.191090] kasan_save_track+0x18/0x40 [ 31.192078] kasan_save_alloc_info+0x3b/0x50 [ 31.192533] __kasan_kmalloc+0xb7/0xc0 [ 31.192911] __kmalloc_cache_noprof+0x184/0x410 [ 31.193407] kasan_atomics+0x96/0x310 [ 31.194374] kunit_try_run_case+0x1b3/0x490 [ 31.194662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.195539] kthread+0x257/0x310 [ 31.195878] ret_from_fork+0x41/0x80 [ 31.196663] ret_from_fork_asm+0x1a/0x30 [ 31.197526] [ 31.197704] The buggy address belongs to the object at ffff888102486200 [ 31.197704] which belongs to the cache kmalloc-64 of size 64 [ 31.199520] The buggy address is located 0 bytes to the right of [ 31.199520] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.201143] [ 31.201320] The buggy address belongs to the physical page: [ 31.201850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.203318] flags: 0x200000000000000(node=0|zone=2) [ 31.204052] page_type: f5(slab) [ 31.204483] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.205134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.205748] page dumped because: kasan: bad access detected [ 31.206917] [ 31.207218] Memory state around the buggy address: [ 31.207960] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.208812] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.209824] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.210697] ^ [ 31.211423] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.212190] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.212856] ================================================================== [ 31.268264] ================================================================== [ 31.269913] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 31.270866] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.272344] [ 31.272619] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.273762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.274175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.275465] Call Trace: [ 31.275772] <TASK> [ 31.276458] dump_stack_lvl+0x73/0xb0 [ 31.276905] print_report+0xd1/0x640 [ 31.277625] ? __virt_addr_valid+0x1db/0x2d0 [ 31.277988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.279134] kasan_report+0x102/0x140 [ 31.279918] ? kasan_atomics_helper+0x20c9/0x5450 [ 31.280496] ? kasan_atomics_helper+0x20c9/0x5450 [ 31.281074] kasan_check_range+0x10c/0x1c0 [ 31.281962] __kasan_check_write+0x18/0x20 [ 31.282668] kasan_atomics_helper+0x20c9/0x5450 [ 31.283392] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.284021] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.284780] ? trace_hardirqs_on+0x37/0xe0 [ 31.285211] ? kasan_atomics+0x153/0x310 [ 31.285922] kasan_atomics+0x1dd/0x310 [ 31.286598] ? __pfx_kasan_atomics+0x10/0x10 [ 31.287179] ? __pfx_kasan_atomics+0x10/0x10 [ 31.287640] kunit_try_run_case+0x1b3/0x490 [ 31.288066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.288495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.289514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.290036] ? __kthread_parkme+0x82/0x160 [ 31.290760] ? preempt_count_sub+0x50/0x80 [ 31.291235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.292175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.292815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.293716] kthread+0x257/0x310 [ 31.294412] ? __pfx_kthread+0x10/0x10 [ 31.295113] ret_from_fork+0x41/0x80 [ 31.295506] ? __pfx_kthread+0x10/0x10 [ 31.295882] ret_from_fork_asm+0x1a/0x30 [ 31.296666] </TASK> [ 31.296895] [ 31.297165] Allocated by task 273: [ 31.298142] kasan_save_stack+0x3d/0x60 [ 31.298520] kasan_save_track+0x18/0x40 [ 31.298950] kasan_save_alloc_info+0x3b/0x50 [ 31.299224] __kasan_kmalloc+0xb7/0xc0 [ 31.299408] __kmalloc_cache_noprof+0x184/0x410 [ 31.299610] kasan_atomics+0x96/0x310 [ 31.299784] kunit_try_run_case+0x1b3/0x490 [ 31.301028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.301532] kthread+0x257/0x310 [ 31.302964] ret_from_fork+0x41/0x80 [ 31.303243] ret_from_fork_asm+0x1a/0x30 [ 31.304061] [ 31.304691] The buggy address belongs to the object at ffff888102486200 [ 31.304691] which belongs to the cache kmalloc-64 of size 64 [ 31.306727] The buggy address is located 0 bytes to the right of [ 31.306727] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.308434] [ 31.308724] The buggy address belongs to the physical page: [ 31.309231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.310108] flags: 0x200000000000000(node=0|zone=2) [ 31.310667] page_type: f5(slab) [ 31.310969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.311837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.313035] page dumped because: kasan: bad access detected [ 31.313839] [ 31.314069] Memory state around the buggy address: [ 31.315330] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.316162] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.317286] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.318260] ^ [ 31.318755] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.319710] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.320497] ================================================================== [ 30.267250] ================================================================== [ 30.268714] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 30.269727] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.270612] [ 30.270857] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.272106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.272690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.273988] Call Trace: [ 30.274683] <TASK> [ 30.274958] dump_stack_lvl+0x73/0xb0 [ 30.275405] print_report+0xd1/0x640 [ 30.275813] ? __virt_addr_valid+0x1db/0x2d0 [ 30.276261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.276763] kasan_report+0x102/0x140 [ 30.277856] ? kasan_atomics_helper+0x15b7/0x5450 [ 30.279075] ? kasan_atomics_helper+0x15b7/0x5450 [ 30.279580] kasan_check_range+0x10c/0x1c0 [ 30.280203] __kasan_check_write+0x18/0x20 [ 30.280808] kasan_atomics_helper+0x15b7/0x5450 [ 30.281657] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.282478] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.283146] ? trace_hardirqs_on+0x37/0xe0 [ 30.283666] ? kasan_atomics+0x153/0x310 [ 30.284147] kasan_atomics+0x1dd/0x310 [ 30.284596] ? __pfx_kasan_atomics+0x10/0x10 [ 30.285070] ? __pfx_kasan_atomics+0x10/0x10 [ 30.285741] kunit_try_run_case+0x1b3/0x490 [ 30.286165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.286926] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.287368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.288534] ? __kthread_parkme+0x82/0x160 [ 30.289587] ? preempt_count_sub+0x50/0x80 [ 30.290139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.291022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.292042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.293058] kthread+0x257/0x310 [ 30.293505] ? __pfx_kthread+0x10/0x10 [ 30.294139] ret_from_fork+0x41/0x80 [ 30.294717] ? __pfx_kthread+0x10/0x10 [ 30.295398] ret_from_fork_asm+0x1a/0x30 [ 30.295854] </TASK> [ 30.296081] [ 30.296335] Allocated by task 273: [ 30.296850] kasan_save_stack+0x3d/0x60 [ 30.297486] kasan_save_track+0x18/0x40 [ 30.297801] kasan_save_alloc_info+0x3b/0x50 [ 30.298455] __kasan_kmalloc+0xb7/0xc0 [ 30.299064] __kmalloc_cache_noprof+0x184/0x410 [ 30.299470] kasan_atomics+0x96/0x310 [ 30.299923] kunit_try_run_case+0x1b3/0x490 [ 30.300704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.301115] kthread+0x257/0x310 [ 30.301674] ret_from_fork+0x41/0x80 [ 30.302226] ret_from_fork_asm+0x1a/0x30 [ 30.302524] [ 30.302868] The buggy address belongs to the object at ffff888102486200 [ 30.302868] which belongs to the cache kmalloc-64 of size 64 [ 30.303897] The buggy address is located 0 bytes to the right of [ 30.303897] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.305145] [ 30.305324] The buggy address belongs to the physical page: [ 30.305714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.306587] flags: 0x200000000000000(node=0|zone=2) [ 30.307094] page_type: f5(slab) [ 30.307558] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.308089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.308524] page dumped because: kasan: bad access detected [ 30.309213] [ 30.309481] Memory state around the buggy address: [ 30.310208] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.311048] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.311789] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.312576] ^ [ 30.312907] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.314094] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.314727] ================================================================== [ 28.522846] ================================================================== [ 28.523562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 28.524422] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.524872] [ 28.525091] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.525992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.526503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.527606] Call Trace: [ 28.527849] <TASK> [ 28.528215] dump_stack_lvl+0x73/0xb0 [ 28.528605] print_report+0xd1/0x640 [ 28.528962] ? __virt_addr_valid+0x1db/0x2d0 [ 28.529511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.530103] kasan_report+0x102/0x140 [ 28.530414] ? kasan_atomics_helper+0x3e0/0x5450 [ 28.530949] ? kasan_atomics_helper+0x3e0/0x5450 [ 28.532771] kasan_check_range+0x10c/0x1c0 [ 28.533896] __kasan_check_read+0x15/0x20 [ 28.534535] kasan_atomics_helper+0x3e0/0x5450 [ 28.535268] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.535912] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.536823] ? trace_hardirqs_on+0x37/0xe0 [ 28.537586] ? kasan_atomics+0x153/0x310 [ 28.538279] kasan_atomics+0x1dd/0x310 [ 28.538843] ? __pfx_kasan_atomics+0x10/0x10 [ 28.539665] ? __pfx_kasan_atomics+0x10/0x10 [ 28.540287] kunit_try_run_case+0x1b3/0x490 [ 28.540873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.541597] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.542100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.542627] ? __kthread_parkme+0x82/0x160 [ 28.543491] ? preempt_count_sub+0x50/0x80 [ 28.543780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.544891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.545645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.546438] kthread+0x257/0x310 [ 28.546834] ? __pfx_kthread+0x10/0x10 [ 28.547612] ret_from_fork+0x41/0x80 [ 28.547927] ? __pfx_kthread+0x10/0x10 [ 28.548869] ret_from_fork_asm+0x1a/0x30 [ 28.549570] </TASK> [ 28.549994] [ 28.550243] Allocated by task 273: [ 28.550805] kasan_save_stack+0x3d/0x60 [ 28.551283] kasan_save_track+0x18/0x40 [ 28.551654] kasan_save_alloc_info+0x3b/0x50 [ 28.552596] __kasan_kmalloc+0xb7/0xc0 [ 28.552856] __kmalloc_cache_noprof+0x184/0x410 [ 28.553885] kasan_atomics+0x96/0x310 [ 28.554531] kunit_try_run_case+0x1b3/0x490 [ 28.555136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.555950] kthread+0x257/0x310 [ 28.556548] ret_from_fork+0x41/0x80 [ 28.556913] ret_from_fork_asm+0x1a/0x30 [ 28.557642] [ 28.557960] The buggy address belongs to the object at ffff888102486200 [ 28.557960] which belongs to the cache kmalloc-64 of size 64 [ 28.559728] The buggy address is located 0 bytes to the right of [ 28.559728] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.561446] [ 28.561664] The buggy address belongs to the physical page: [ 28.562752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.563473] flags: 0x200000000000000(node=0|zone=2) [ 28.563883] page_type: f5(slab) [ 28.564299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.565586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.566177] page dumped because: kasan: bad access detected [ 28.566965] [ 28.567232] Memory state around the buggy address: [ 28.568096] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.568951] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.569987] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.571171] ^ [ 28.571416] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.571688] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.571998] ================================================================== [ 28.480756] ================================================================== [ 28.481345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 28.482999] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.483722] [ 28.484035] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.485010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.485385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.486499] Call Trace: [ 28.486922] <TASK> [ 28.487352] dump_stack_lvl+0x73/0xb0 [ 28.487799] print_report+0xd1/0x640 [ 28.488369] ? __virt_addr_valid+0x1db/0x2d0 [ 28.488763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.489154] kasan_report+0x102/0x140 [ 28.489701] ? kasan_atomics_helper+0x4b70/0x5450 [ 28.490477] ? kasan_atomics_helper+0x4b70/0x5450 [ 28.490967] __asan_report_store4_noabort+0x1b/0x30 [ 28.491464] kasan_atomics_helper+0x4b70/0x5450 [ 28.491784] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.492235] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.492972] ? trace_hardirqs_on+0x37/0xe0 [ 28.493557] ? kasan_atomics+0x153/0x310 [ 28.494373] kasan_atomics+0x1dd/0x310 [ 28.494668] ? __pfx_kasan_atomics+0x10/0x10 [ 28.495185] ? __pfx_kasan_atomics+0x10/0x10 [ 28.495825] kunit_try_run_case+0x1b3/0x490 [ 28.496429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.496831] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.497722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.498358] ? __kthread_parkme+0x82/0x160 [ 28.498726] ? preempt_count_sub+0x50/0x80 [ 28.499332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.499837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.501024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.502007] kthread+0x257/0x310 [ 28.502717] ? __pfx_kthread+0x10/0x10 [ 28.503111] ret_from_fork+0x41/0x80 [ 28.503514] ? __pfx_kthread+0x10/0x10 [ 28.503906] ret_from_fork_asm+0x1a/0x30 [ 28.504226] </TASK> [ 28.504455] [ 28.504695] Allocated by task 273: [ 28.505160] kasan_save_stack+0x3d/0x60 [ 28.505660] kasan_save_track+0x18/0x40 [ 28.506082] kasan_save_alloc_info+0x3b/0x50 [ 28.506399] __kasan_kmalloc+0xb7/0xc0 [ 28.506859] __kmalloc_cache_noprof+0x184/0x410 [ 28.507300] kasan_atomics+0x96/0x310 [ 28.507579] kunit_try_run_case+0x1b3/0x490 [ 28.508176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.508834] kthread+0x257/0x310 [ 28.509123] ret_from_fork+0x41/0x80 [ 28.509594] ret_from_fork_asm+0x1a/0x30 [ 28.510073] [ 28.510332] The buggy address belongs to the object at ffff888102486200 [ 28.510332] which belongs to the cache kmalloc-64 of size 64 [ 28.511129] The buggy address is located 0 bytes to the right of [ 28.511129] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.512321] [ 28.512490] The buggy address belongs to the physical page: [ 28.512822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.513616] flags: 0x200000000000000(node=0|zone=2) [ 28.514219] page_type: f5(slab) [ 28.514667] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.515501] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.516185] page dumped because: kasan: bad access detected [ 28.516737] [ 28.516888] Memory state around the buggy address: [ 28.517232] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.517653] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.518110] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.519084] ^ [ 28.519647] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.520503] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.520926] ================================================================== [ 29.483799] ================================================================== [ 29.484952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 29.485613] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.486333] [ 29.486517] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.487889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.488363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.489180] Call Trace: [ 29.489598] <TASK> [ 29.489900] dump_stack_lvl+0x73/0xb0 [ 29.490268] print_report+0xd1/0x640 [ 29.490756] ? __virt_addr_valid+0x1db/0x2d0 [ 29.491319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.491708] kasan_report+0x102/0x140 [ 29.492079] ? kasan_atomics_helper+0xf11/0x5450 [ 29.492865] ? kasan_atomics_helper+0xf11/0x5450 [ 29.493587] kasan_check_range+0x10c/0x1c0 [ 29.494249] __kasan_check_write+0x18/0x20 [ 29.494560] kasan_atomics_helper+0xf11/0x5450 [ 29.495220] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.495822] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.496361] ? trace_hardirqs_on+0x37/0xe0 [ 29.496683] ? kasan_atomics+0x153/0x310 [ 29.497256] kasan_atomics+0x1dd/0x310 [ 29.498017] ? __pfx_kasan_atomics+0x10/0x10 [ 29.498412] ? __pfx_kasan_atomics+0x10/0x10 [ 29.499014] kunit_try_run_case+0x1b3/0x490 [ 29.499534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.500332] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.500719] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.501432] ? __kthread_parkme+0x82/0x160 [ 29.501748] ? preempt_count_sub+0x50/0x80 [ 29.502151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.502798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.503740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.504334] kthread+0x257/0x310 [ 29.504620] ? __pfx_kthread+0x10/0x10 [ 29.504919] ret_from_fork+0x41/0x80 [ 29.505400] ? __pfx_kthread+0x10/0x10 [ 29.505914] ret_from_fork_asm+0x1a/0x30 [ 29.506578] </TASK> [ 29.506917] [ 29.508287] Allocated by task 273: [ 29.508668] kasan_save_stack+0x3d/0x60 [ 29.509429] kasan_save_track+0x18/0x40 [ 29.509654] kasan_save_alloc_info+0x3b/0x50 [ 29.509873] __kasan_kmalloc+0xb7/0xc0 [ 29.510173] __kmalloc_cache_noprof+0x184/0x410 [ 29.510669] kasan_atomics+0x96/0x310 [ 29.511025] kunit_try_run_case+0x1b3/0x490 [ 29.511453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.512211] kthread+0x257/0x310 [ 29.512528] ret_from_fork+0x41/0x80 [ 29.512885] ret_from_fork_asm+0x1a/0x30 [ 29.513326] [ 29.513621] The buggy address belongs to the object at ffff888102486200 [ 29.513621] which belongs to the cache kmalloc-64 of size 64 [ 29.516029] The buggy address is located 0 bytes to the right of [ 29.516029] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.517523] [ 29.517700] The buggy address belongs to the physical page: [ 29.518812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.519583] flags: 0x200000000000000(node=0|zone=2) [ 29.520294] page_type: f5(slab) [ 29.520694] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.521804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.522494] page dumped because: kasan: bad access detected [ 29.523561] [ 29.523764] Memory state around the buggy address: [ 29.524352] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.525859] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.526302] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.527081] ^ [ 29.527495] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.528540] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.529301] ================================================================== [ 30.132996] ================================================================== [ 30.133958] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 30.134728] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.135511] [ 30.135696] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.136925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.137458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.138067] Call Trace: [ 30.138495] <TASK> [ 30.138843] dump_stack_lvl+0x73/0xb0 [ 30.139297] print_report+0xd1/0x640 [ 30.139926] ? __virt_addr_valid+0x1db/0x2d0 [ 30.140482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.141208] kasan_report+0x102/0x140 [ 30.141909] ? kasan_atomics_helper+0x1468/0x5450 [ 30.142468] ? kasan_atomics_helper+0x1468/0x5450 [ 30.143052] kasan_check_range+0x10c/0x1c0 [ 30.143618] __kasan_check_write+0x18/0x20 [ 30.144042] kasan_atomics_helper+0x1468/0x5450 [ 30.144693] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.145298] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.145876] ? trace_hardirqs_on+0x37/0xe0 [ 30.146377] ? kasan_atomics+0x153/0x310 [ 30.146886] kasan_atomics+0x1dd/0x310 [ 30.147521] ? __pfx_kasan_atomics+0x10/0x10 [ 30.147860] ? __pfx_kasan_atomics+0x10/0x10 [ 30.148520] kunit_try_run_case+0x1b3/0x490 [ 30.148881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.149595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.150033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.150724] ? __kthread_parkme+0x82/0x160 [ 30.151232] ? preempt_count_sub+0x50/0x80 [ 30.151750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.152101] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.152491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.153129] kthread+0x257/0x310 [ 30.153597] ? __pfx_kthread+0x10/0x10 [ 30.154129] ret_from_fork+0x41/0x80 [ 30.154594] ? __pfx_kthread+0x10/0x10 [ 30.154885] ret_from_fork_asm+0x1a/0x30 [ 30.155665] </TASK> [ 30.155966] [ 30.156314] Allocated by task 273: [ 30.156677] kasan_save_stack+0x3d/0x60 [ 30.157152] kasan_save_track+0x18/0x40 [ 30.157662] kasan_save_alloc_info+0x3b/0x50 [ 30.158179] __kasan_kmalloc+0xb7/0xc0 [ 30.158521] __kmalloc_cache_noprof+0x184/0x410 [ 30.159012] kasan_atomics+0x96/0x310 [ 30.159770] kunit_try_run_case+0x1b3/0x490 [ 30.160097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.160768] kthread+0x257/0x310 [ 30.161282] ret_from_fork+0x41/0x80 [ 30.161678] ret_from_fork_asm+0x1a/0x30 [ 30.162143] [ 30.162354] The buggy address belongs to the object at ffff888102486200 [ 30.162354] which belongs to the cache kmalloc-64 of size 64 [ 30.164818] The buggy address is located 0 bytes to the right of [ 30.164818] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.165550] [ 30.165729] The buggy address belongs to the physical page: [ 30.167449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.168448] flags: 0x200000000000000(node=0|zone=2) [ 30.168992] page_type: f5(slab) [ 30.169262] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.169637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.170090] page dumped because: kasan: bad access detected [ 30.171206] [ 30.171381] Memory state around the buggy address: [ 30.171760] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.173315] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.174130] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.174754] ^ [ 30.175362] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.175964] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.176663] ================================================================== [ 30.755103] ================================================================== [ 30.755869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 30.756623] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.758059] [ 30.758262] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.759322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.759721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.760882] Call Trace: [ 30.761264] <TASK> [ 30.761673] dump_stack_lvl+0x73/0xb0 [ 30.762624] print_report+0xd1/0x640 [ 30.763118] ? __virt_addr_valid+0x1db/0x2d0 [ 30.763878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.764355] kasan_report+0x102/0x140 [ 30.764699] ? kasan_atomics_helper+0x1c19/0x5450 [ 30.765383] ? kasan_atomics_helper+0x1c19/0x5450 [ 30.765850] kasan_check_range+0x10c/0x1c0 [ 30.766439] __kasan_check_write+0x18/0x20 [ 30.766978] kasan_atomics_helper+0x1c19/0x5450 [ 30.767580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.767972] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.768474] ? trace_hardirqs_on+0x37/0xe0 [ 30.768974] ? kasan_atomics+0x153/0x310 [ 30.769478] kasan_atomics+0x1dd/0x310 [ 30.770024] ? __pfx_kasan_atomics+0x10/0x10 [ 30.770566] ? __pfx_kasan_atomics+0x10/0x10 [ 30.770927] kunit_try_run_case+0x1b3/0x490 [ 30.771700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.772100] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.772649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.773140] ? __kthread_parkme+0x82/0x160 [ 30.773481] ? preempt_count_sub+0x50/0x80 [ 30.773881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.775353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.776034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.776696] kthread+0x257/0x310 [ 30.777337] ? __pfx_kthread+0x10/0x10 [ 30.777714] ret_from_fork+0x41/0x80 [ 30.778076] ? __pfx_kthread+0x10/0x10 [ 30.778641] ret_from_fork_asm+0x1a/0x30 [ 30.779537] </TASK> [ 30.779746] [ 30.779905] Allocated by task 273: [ 30.780826] kasan_save_stack+0x3d/0x60 [ 30.781645] kasan_save_track+0x18/0x40 [ 30.781985] kasan_save_alloc_info+0x3b/0x50 [ 30.782637] __kasan_kmalloc+0xb7/0xc0 [ 30.782956] __kmalloc_cache_noprof+0x184/0x410 [ 30.783648] kasan_atomics+0x96/0x310 [ 30.784062] kunit_try_run_case+0x1b3/0x490 [ 30.784587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.785190] kthread+0x257/0x310 [ 30.785535] ret_from_fork+0x41/0x80 [ 30.785993] ret_from_fork_asm+0x1a/0x30 [ 30.786580] [ 30.786772] The buggy address belongs to the object at ffff888102486200 [ 30.786772] which belongs to the cache kmalloc-64 of size 64 [ 30.787763] The buggy address is located 0 bytes to the right of [ 30.787763] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.789137] [ 30.789480] The buggy address belongs to the physical page: [ 30.790027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.790751] flags: 0x200000000000000(node=0|zone=2) [ 30.791470] page_type: f5(slab) [ 30.791897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.792778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.793462] page dumped because: kasan: bad access detected [ 30.793963] [ 30.794222] Memory state around the buggy address: [ 30.794718] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.795402] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.795826] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.796729] ^ [ 30.797352] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.798065] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.798832] ================================================================== [ 30.363206] ================================================================== [ 30.364765] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 30.366642] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.367585] [ 30.367814] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.368585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.369073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.369805] Call Trace: [ 30.370222] <TASK> [ 30.370481] dump_stack_lvl+0x73/0xb0 [ 30.371057] print_report+0xd1/0x640 [ 30.371520] ? __virt_addr_valid+0x1db/0x2d0 [ 30.372012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.372726] kasan_report+0x102/0x140 [ 30.373363] ? kasan_atomics_helper+0x16e8/0x5450 [ 30.373747] ? kasan_atomics_helper+0x16e8/0x5450 [ 30.374566] kasan_check_range+0x10c/0x1c0 [ 30.375089] __kasan_check_write+0x18/0x20 [ 30.375600] kasan_atomics_helper+0x16e8/0x5450 [ 30.376278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.376693] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.377472] ? trace_hardirqs_on+0x37/0xe0 [ 30.377902] ? kasan_atomics+0x153/0x310 [ 30.378450] kasan_atomics+0x1dd/0x310 [ 30.378832] ? __pfx_kasan_atomics+0x10/0x10 [ 30.379168] ? __pfx_kasan_atomics+0x10/0x10 [ 30.379826] kunit_try_run_case+0x1b3/0x490 [ 30.380584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.381001] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.381596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.382185] ? __kthread_parkme+0x82/0x160 [ 30.382589] ? preempt_count_sub+0x50/0x80 [ 30.382897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.383798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.384308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.385024] kthread+0x257/0x310 [ 30.385320] ? __pfx_kthread+0x10/0x10 [ 30.385913] ret_from_fork+0x41/0x80 [ 30.386501] ? __pfx_kthread+0x10/0x10 [ 30.387110] ret_from_fork_asm+0x1a/0x30 [ 30.387429] </TASK> [ 30.387626] [ 30.387890] Allocated by task 273: [ 30.388462] kasan_save_stack+0x3d/0x60 [ 30.388849] kasan_save_track+0x18/0x40 [ 30.389154] kasan_save_alloc_info+0x3b/0x50 [ 30.389682] __kasan_kmalloc+0xb7/0xc0 [ 30.390305] __kmalloc_cache_noprof+0x184/0x410 [ 30.390855] kasan_atomics+0x96/0x310 [ 30.391437] kunit_try_run_case+0x1b3/0x490 [ 30.391970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.392783] kthread+0x257/0x310 [ 30.393305] ret_from_fork+0x41/0x80 [ 30.393683] ret_from_fork_asm+0x1a/0x30 [ 30.394255] [ 30.394465] The buggy address belongs to the object at ffff888102486200 [ 30.394465] which belongs to the cache kmalloc-64 of size 64 [ 30.395255] The buggy address is located 0 bytes to the right of [ 30.395255] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.396430] [ 30.396607] The buggy address belongs to the physical page: [ 30.397137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.398085] flags: 0x200000000000000(node=0|zone=2) [ 30.398540] page_type: f5(slab) [ 30.398974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.400616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.401597] page dumped because: kasan: bad access detected [ 30.402578] [ 30.402989] Memory state around the buggy address: [ 30.403961] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.405305] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.406431] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.406961] ^ [ 30.407263] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.408528] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.409619] ================================================================== [ 29.732139] ================================================================== [ 29.733158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 29.733605] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.734651] [ 29.734878] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.736607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.737024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.738153] Call Trace: [ 29.738527] <TASK> [ 29.738799] dump_stack_lvl+0x73/0xb0 [ 29.739903] print_report+0xd1/0x640 [ 29.740534] ? __virt_addr_valid+0x1db/0x2d0 [ 29.741191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.741702] kasan_report+0x102/0x140 [ 29.742454] ? kasan_atomics_helper+0x1149/0x5450 [ 29.743243] ? kasan_atomics_helper+0x1149/0x5450 [ 29.743705] kasan_check_range+0x10c/0x1c0 [ 29.744388] __kasan_check_write+0x18/0x20 [ 29.744702] kasan_atomics_helper+0x1149/0x5450 [ 29.745227] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.745711] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.746731] ? trace_hardirqs_on+0x37/0xe0 [ 29.747637] ? kasan_atomics+0x153/0x310 [ 29.748385] kasan_atomics+0x1dd/0x310 [ 29.748682] ? __pfx_kasan_atomics+0x10/0x10 [ 29.749157] ? __pfx_kasan_atomics+0x10/0x10 [ 29.750445] kunit_try_run_case+0x1b3/0x490 [ 29.750863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.751453] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.752009] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.752898] ? __kthread_parkme+0x82/0x160 [ 29.753682] ? preempt_count_sub+0x50/0x80 [ 29.754131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.754857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.755913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.756568] kthread+0x257/0x310 [ 29.757327] ? __pfx_kthread+0x10/0x10 [ 29.757863] ret_from_fork+0x41/0x80 [ 29.758641] ? __pfx_kthread+0x10/0x10 [ 29.759070] ret_from_fork_asm+0x1a/0x30 [ 29.759847] </TASK> [ 29.760175] [ 29.760796] Allocated by task 273: [ 29.761189] kasan_save_stack+0x3d/0x60 [ 29.761917] kasan_save_track+0x18/0x40 [ 29.762426] kasan_save_alloc_info+0x3b/0x50 [ 29.762870] __kasan_kmalloc+0xb7/0xc0 [ 29.763729] __kmalloc_cache_noprof+0x184/0x410 [ 29.764194] kasan_atomics+0x96/0x310 [ 29.764788] kunit_try_run_case+0x1b3/0x490 [ 29.765565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.766752] kthread+0x257/0x310 [ 29.767126] ret_from_fork+0x41/0x80 [ 29.767646] ret_from_fork_asm+0x1a/0x30 [ 29.768395] [ 29.768609] The buggy address belongs to the object at ffff888102486200 [ 29.768609] which belongs to the cache kmalloc-64 of size 64 [ 29.769987] The buggy address is located 0 bytes to the right of [ 29.769987] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.771414] [ 29.771612] The buggy address belongs to the physical page: [ 29.772404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.773660] flags: 0x200000000000000(node=0|zone=2) [ 29.774135] page_type: f5(slab) [ 29.774913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.776003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.777094] page dumped because: kasan: bad access detected [ 29.777653] [ 29.778322] Memory state around the buggy address: [ 29.779028] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.779732] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.780893] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.781497] ^ [ 29.782199] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.783141] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.783704] ================================================================== [ 31.377052] ================================================================== [ 31.378524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 31.379887] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.380359] [ 31.380511] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.380908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.381277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.382652] Call Trace: [ 31.383176] <TASK> [ 31.383765] dump_stack_lvl+0x73/0xb0 [ 31.384562] print_report+0xd1/0x640 [ 31.385315] ? __virt_addr_valid+0x1db/0x2d0 [ 31.385698] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.386237] kasan_report+0x102/0x140 [ 31.386872] ? kasan_atomics_helper+0x218b/0x5450 [ 31.387689] ? kasan_atomics_helper+0x218b/0x5450 [ 31.388360] kasan_check_range+0x10c/0x1c0 [ 31.389007] __kasan_check_write+0x18/0x20 [ 31.389539] kasan_atomics_helper+0x218b/0x5450 [ 31.390085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.391029] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.391977] ? trace_hardirqs_on+0x37/0xe0 [ 31.392546] ? kasan_atomics+0x153/0x310 [ 31.393010] kasan_atomics+0x1dd/0x310 [ 31.393554] ? __pfx_kasan_atomics+0x10/0x10 [ 31.394051] ? __pfx_kasan_atomics+0x10/0x10 [ 31.395071] kunit_try_run_case+0x1b3/0x490 [ 31.395683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.396449] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.397406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.398272] ? __kthread_parkme+0x82/0x160 [ 31.398655] ? preempt_count_sub+0x50/0x80 [ 31.399121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.399679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.400863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.401631] kthread+0x257/0x310 [ 31.402140] ? __pfx_kthread+0x10/0x10 [ 31.403136] ret_from_fork+0x41/0x80 [ 31.403491] ? __pfx_kthread+0x10/0x10 [ 31.404144] ret_from_fork_asm+0x1a/0x30 [ 31.404839] </TASK> [ 31.405132] [ 31.405333] Allocated by task 273: [ 31.405714] kasan_save_stack+0x3d/0x60 [ 31.407304] kasan_save_track+0x18/0x40 [ 31.407691] kasan_save_alloc_info+0x3b/0x50 [ 31.408162] __kasan_kmalloc+0xb7/0xc0 [ 31.408855] __kmalloc_cache_noprof+0x184/0x410 [ 31.409260] kasan_atomics+0x96/0x310 [ 31.409671] kunit_try_run_case+0x1b3/0x490 [ 31.410534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.411201] kthread+0x257/0x310 [ 31.411674] ret_from_fork+0x41/0x80 [ 31.412127] ret_from_fork_asm+0x1a/0x30 [ 31.412757] [ 31.412970] The buggy address belongs to the object at ffff888102486200 [ 31.412970] which belongs to the cache kmalloc-64 of size 64 [ 31.414192] The buggy address is located 0 bytes to the right of [ 31.414192] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.416334] [ 31.416738] The buggy address belongs to the physical page: [ 31.417487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.418683] flags: 0x200000000000000(node=0|zone=2) [ 31.419425] page_type: f5(slab) [ 31.420004] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.420857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.421732] page dumped because: kasan: bad access detected [ 31.422705] [ 31.422922] Memory state around the buggy address: [ 31.423648] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.424504] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.425206] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.425821] ^ [ 31.426497] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.427130] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.427649] ================================================================== [ 31.518486] ================================================================== [ 31.519393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 31.520161] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.520906] [ 31.521509] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.523313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.523788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.525028] Call Trace: [ 31.525312] <TASK> [ 31.525740] dump_stack_lvl+0x73/0xb0 [ 31.526296] print_report+0xd1/0x640 [ 31.526839] ? __virt_addr_valid+0x1db/0x2d0 [ 31.527347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.527895] kasan_report+0x102/0x140 [ 31.528430] ? kasan_atomics_helper+0x5117/0x5450 [ 31.528981] ? kasan_atomics_helper+0x5117/0x5450 [ 31.529502] __asan_report_load8_noabort+0x18/0x20 [ 31.530031] kasan_atomics_helper+0x5117/0x5450 [ 31.530606] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.531359] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.532001] ? trace_hardirqs_on+0x37/0xe0 [ 31.532462] ? kasan_atomics+0x153/0x310 [ 31.532885] kasan_atomics+0x1dd/0x310 [ 31.533313] ? __pfx_kasan_atomics+0x10/0x10 [ 31.533785] ? __pfx_kasan_atomics+0x10/0x10 [ 31.535228] kunit_try_run_case+0x1b3/0x490 [ 31.535867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.536389] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.536847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.537541] ? __kthread_parkme+0x82/0x160 [ 31.537970] ? preempt_count_sub+0x50/0x80 [ 31.538525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.539046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.539709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.540393] kthread+0x257/0x310 [ 31.540795] ? __pfx_kthread+0x10/0x10 [ 31.541324] ret_from_fork+0x41/0x80 [ 31.541670] ? __pfx_kthread+0x10/0x10 [ 31.542184] ret_from_fork_asm+0x1a/0x30 [ 31.542651] </TASK> [ 31.543051] [ 31.543297] Allocated by task 273: [ 31.543723] kasan_save_stack+0x3d/0x60 [ 31.544071] kasan_save_track+0x18/0x40 [ 31.544653] kasan_save_alloc_info+0x3b/0x50 [ 31.545120] __kasan_kmalloc+0xb7/0xc0 [ 31.545703] __kmalloc_cache_noprof+0x184/0x410 [ 31.546077] kasan_atomics+0x96/0x310 [ 31.546663] kunit_try_run_case+0x1b3/0x490 [ 31.547249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.547805] kthread+0x257/0x310 [ 31.548258] ret_from_fork+0x41/0x80 [ 31.548698] ret_from_fork_asm+0x1a/0x30 [ 31.549277] [ 31.549483] The buggy address belongs to the object at ffff888102486200 [ 31.549483] which belongs to the cache kmalloc-64 of size 64 [ 31.550619] The buggy address is located 0 bytes to the right of [ 31.550619] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.551688] [ 31.552013] The buggy address belongs to the physical page: [ 31.552586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.553567] flags: 0x200000000000000(node=0|zone=2) [ 31.554058] page_type: f5(slab) [ 31.554562] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.555333] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.556067] page dumped because: kasan: bad access detected [ 31.556708] [ 31.556908] Memory state around the buggy address: [ 31.557483] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.558186] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.558883] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.559718] ^ [ 31.560262] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.560916] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.561613] ================================================================== [ 29.007002] ================================================================== [ 29.007972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 29.008724] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.009334] [ 29.009679] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.010568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.011253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.012014] Call Trace: [ 29.012548] <TASK> [ 29.012926] dump_stack_lvl+0x73/0xb0 [ 29.013504] print_report+0xd1/0x640 [ 29.014174] ? __virt_addr_valid+0x1db/0x2d0 [ 29.014493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.015199] kasan_report+0x102/0x140 [ 29.015520] ? kasan_atomics_helper+0x8fa/0x5450 [ 29.016108] ? kasan_atomics_helper+0x8fa/0x5450 [ 29.016654] kasan_check_range+0x10c/0x1c0 [ 29.017243] __kasan_check_write+0x18/0x20 [ 29.017701] kasan_atomics_helper+0x8fa/0x5450 [ 29.018385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.018777] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.019268] ? trace_hardirqs_on+0x37/0xe0 [ 29.019681] ? kasan_atomics+0x153/0x310 [ 29.020423] kasan_atomics+0x1dd/0x310 [ 29.021330] ? __pfx_kasan_atomics+0x10/0x10 [ 29.022131] ? __pfx_kasan_atomics+0x10/0x10 [ 29.022588] kunit_try_run_case+0x1b3/0x490 [ 29.023145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.023634] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.024214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.024833] ? __kthread_parkme+0x82/0x160 [ 29.025356] ? preempt_count_sub+0x50/0x80 [ 29.025856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.026514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.027025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.027660] kthread+0x257/0x310 [ 29.028141] ? __pfx_kthread+0x10/0x10 [ 29.028553] ret_from_fork+0x41/0x80 [ 29.029227] ? __pfx_kthread+0x10/0x10 [ 29.029619] ret_from_fork_asm+0x1a/0x30 [ 29.030177] </TASK> [ 29.030640] [ 29.030906] Allocated by task 273: [ 29.031413] kasan_save_stack+0x3d/0x60 [ 29.031973] kasan_save_track+0x18/0x40 [ 29.032461] kasan_save_alloc_info+0x3b/0x50 [ 29.032873] __kasan_kmalloc+0xb7/0xc0 [ 29.033405] __kmalloc_cache_noprof+0x184/0x410 [ 29.034168] kasan_atomics+0x96/0x310 [ 29.034533] kunit_try_run_case+0x1b3/0x490 [ 29.035147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.035690] kthread+0x257/0x310 [ 29.036149] ret_from_fork+0x41/0x80 [ 29.036715] ret_from_fork_asm+0x1a/0x30 [ 29.037040] [ 29.037206] The buggy address belongs to the object at ffff888102486200 [ 29.037206] which belongs to the cache kmalloc-64 of size 64 [ 29.038529] The buggy address is located 0 bytes to the right of [ 29.038529] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.040103] [ 29.040274] The buggy address belongs to the physical page: [ 29.040610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.041817] flags: 0x200000000000000(node=0|zone=2) [ 29.042469] page_type: f5(slab) [ 29.042853] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.043738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.044524] page dumped because: kasan: bad access detected [ 29.045158] [ 29.045355] Memory state around the buggy address: [ 29.045671] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.046229] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.047174] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.048287] ^ [ 29.048635] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.049070] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.049896] ================================================================== [ 29.677910] ================================================================== [ 29.678692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 29.679538] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.680862] [ 29.681072] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.682054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.683380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.684086] Call Trace: [ 29.684323] <TASK> [ 29.684633] dump_stack_lvl+0x73/0xb0 [ 29.685539] print_report+0xd1/0x640 [ 29.685853] ? __virt_addr_valid+0x1db/0x2d0 [ 29.686762] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.687650] kasan_report+0x102/0x140 [ 29.688084] ? kasan_atomics_helper+0x4a1e/0x5450 [ 29.688590] ? kasan_atomics_helper+0x4a1e/0x5450 [ 29.689845] __asan_report_load4_noabort+0x18/0x20 [ 29.690174] kasan_atomics_helper+0x4a1e/0x5450 [ 29.690984] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.691437] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.692286] ? trace_hardirqs_on+0x37/0xe0 [ 29.692729] ? kasan_atomics+0x153/0x310 [ 29.693162] kasan_atomics+0x1dd/0x310 [ 29.693569] ? __pfx_kasan_atomics+0x10/0x10 [ 29.695074] ? __pfx_kasan_atomics+0x10/0x10 [ 29.695642] kunit_try_run_case+0x1b3/0x490 [ 29.696218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.696689] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.697288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.697734] ? __kthread_parkme+0x82/0x160 [ 29.698376] ? preempt_count_sub+0x50/0x80 [ 29.698855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.699772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.700710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.701387] kthread+0x257/0x310 [ 29.701757] ? __pfx_kthread+0x10/0x10 [ 29.703047] ret_from_fork+0x41/0x80 [ 29.703637] ? __pfx_kthread+0x10/0x10 [ 29.704069] ret_from_fork_asm+0x1a/0x30 [ 29.704806] </TASK> [ 29.705336] [ 29.705596] Allocated by task 273: [ 29.706344] kasan_save_stack+0x3d/0x60 [ 29.706720] kasan_save_track+0x18/0x40 [ 29.707089] kasan_save_alloc_info+0x3b/0x50 [ 29.707460] __kasan_kmalloc+0xb7/0xc0 [ 29.707856] __kmalloc_cache_noprof+0x184/0x410 [ 29.708840] kasan_atomics+0x96/0x310 [ 29.709386] kunit_try_run_case+0x1b3/0x490 [ 29.709822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.710510] kthread+0x257/0x310 [ 29.711387] ret_from_fork+0x41/0x80 [ 29.711886] ret_from_fork_asm+0x1a/0x30 [ 29.712750] [ 29.713165] The buggy address belongs to the object at ffff888102486200 [ 29.713165] which belongs to the cache kmalloc-64 of size 64 [ 29.714966] The buggy address is located 0 bytes to the right of [ 29.714966] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.716435] [ 29.716805] The buggy address belongs to the physical page: [ 29.717375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.718494] flags: 0x200000000000000(node=0|zone=2) [ 29.719019] page_type: f5(slab) [ 29.719539] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.720425] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.721701] page dumped because: kasan: bad access detected [ 29.723108] [ 29.723763] Memory state around the buggy address: [ 29.725413] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.726648] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.727269] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.727851] ^ [ 29.728853] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.729805] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.731107] ================================================================== [ 29.786566] ================================================================== [ 29.787967] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 29.788906] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.790076] [ 29.790315] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.791163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.791570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.793068] Call Trace: [ 29.793480] <TASK> [ 29.794094] dump_stack_lvl+0x73/0xb0 [ 29.794715] print_report+0xd1/0x640 [ 29.795414] ? __virt_addr_valid+0x1db/0x2d0 [ 29.796030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.796822] kasan_report+0x102/0x140 [ 29.797564] ? kasan_atomics_helper+0x4a04/0x5450 [ 29.798328] ? kasan_atomics_helper+0x4a04/0x5450 [ 29.799027] __asan_report_load4_noabort+0x18/0x20 [ 29.799709] kasan_atomics_helper+0x4a04/0x5450 [ 29.800478] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.801197] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.801864] ? trace_hardirqs_on+0x37/0xe0 [ 29.802480] ? kasan_atomics+0x153/0x310 [ 29.802889] kasan_atomics+0x1dd/0x310 [ 29.803746] ? __pfx_kasan_atomics+0x10/0x10 [ 29.804248] ? __pfx_kasan_atomics+0x10/0x10 [ 29.805211] kunit_try_run_case+0x1b3/0x490 [ 29.805970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.806717] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.807422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.807887] ? __kthread_parkme+0x82/0x160 [ 29.808347] ? preempt_count_sub+0x50/0x80 [ 29.808788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.809925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.810901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.811701] kthread+0x257/0x310 [ 29.812300] ? __pfx_kthread+0x10/0x10 [ 29.812898] ret_from_fork+0x41/0x80 [ 29.813399] ? __pfx_kthread+0x10/0x10 [ 29.814122] ret_from_fork_asm+0x1a/0x30 [ 29.814861] </TASK> [ 29.815170] [ 29.815399] Allocated by task 273: [ 29.816283] kasan_save_stack+0x3d/0x60 [ 29.816756] kasan_save_track+0x18/0x40 [ 29.817188] kasan_save_alloc_info+0x3b/0x50 [ 29.817618] __kasan_kmalloc+0xb7/0xc0 [ 29.818170] __kmalloc_cache_noprof+0x184/0x410 [ 29.818492] kasan_atomics+0x96/0x310 [ 29.819017] kunit_try_run_case+0x1b3/0x490 [ 29.819744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.820331] kthread+0x257/0x310 [ 29.820743] ret_from_fork+0x41/0x80 [ 29.821465] ret_from_fork_asm+0x1a/0x30 [ 29.821926] [ 29.822335] The buggy address belongs to the object at ffff888102486200 [ 29.822335] which belongs to the cache kmalloc-64 of size 64 [ 29.823674] The buggy address is located 0 bytes to the right of [ 29.823674] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.825006] [ 29.825272] The buggy address belongs to the physical page: [ 29.825803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.826728] flags: 0x200000000000000(node=0|zone=2) [ 29.827337] page_type: f5(slab) [ 29.827856] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.828672] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.829419] page dumped because: kasan: bad access detected [ 29.830014] [ 29.830336] Memory state around the buggy address: [ 29.830793] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.831516] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.832194] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.832844] ^ [ 29.833490] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.834340] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.835017] ================================================================== [ 28.374727] ================================================================== [ 28.375177] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 28.375620] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.376321] [ 28.376660] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.378238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.379131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.380441] Call Trace: [ 28.381062] <TASK> [ 28.382154] dump_stack_lvl+0x73/0xb0 [ 28.382767] print_report+0xd1/0x640 [ 28.383420] ? __virt_addr_valid+0x1db/0x2d0 [ 28.384359] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.385093] kasan_report+0x102/0x140 [ 28.386287] ? kasan_atomics_helper+0x4ba4/0x5450 [ 28.386753] ? kasan_atomics_helper+0x4ba4/0x5450 [ 28.388026] __asan_report_store4_noabort+0x1b/0x30 [ 28.388693] kasan_atomics_helper+0x4ba4/0x5450 [ 28.389185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.390254] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.391183] ? trace_hardirqs_on+0x37/0xe0 [ 28.392076] ? kasan_atomics+0x153/0x310 [ 28.392382] kasan_atomics+0x1dd/0x310 [ 28.393247] ? __pfx_kasan_atomics+0x10/0x10 [ 28.394163] ? __pfx_kasan_atomics+0x10/0x10 [ 28.394659] kunit_try_run_case+0x1b3/0x490 [ 28.395119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.395597] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.397080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.398253] ? __kthread_parkme+0x82/0x160 [ 28.398774] ? preempt_count_sub+0x50/0x80 [ 28.399281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.400381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.401021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.402715] kthread+0x257/0x310 [ 28.403023] ? __pfx_kthread+0x10/0x10 [ 28.403488] ret_from_fork+0x41/0x80 [ 28.403849] ? __pfx_kthread+0x10/0x10 [ 28.404449] ret_from_fork_asm+0x1a/0x30 [ 28.404794] </TASK> [ 28.405309] [ 28.406262] Allocated by task 273: [ 28.406593] kasan_save_stack+0x3d/0x60 [ 28.407033] kasan_save_track+0x18/0x40 [ 28.407813] kasan_save_alloc_info+0x3b/0x50 [ 28.408385] __kasan_kmalloc+0xb7/0xc0 [ 28.408721] __kmalloc_cache_noprof+0x184/0x410 [ 28.409311] kasan_atomics+0x96/0x310 [ 28.409921] kunit_try_run_case+0x1b3/0x490 [ 28.410712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.411107] kthread+0x257/0x310 [ 28.411687] ret_from_fork+0x41/0x80 [ 28.412478] ret_from_fork_asm+0x1a/0x30 [ 28.413174] [ 28.413438] The buggy address belongs to the object at ffff888102486200 [ 28.413438] which belongs to the cache kmalloc-64 of size 64 [ 28.414761] The buggy address is located 0 bytes to the right of [ 28.414761] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.416166] [ 28.416926] The buggy address belongs to the physical page: [ 28.417576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.418471] flags: 0x200000000000000(node=0|zone=2) [ 28.419003] page_type: f5(slab) [ 28.419399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.420351] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.421200] page dumped because: kasan: bad access detected [ 28.422285] [ 28.422567] Memory state around the buggy address: [ 28.423022] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.424015] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.424743] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.426209] ^ [ 28.426791] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.427810] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.428958] ================================================================== [ 31.321999] ================================================================== [ 31.324256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 31.325557] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.327195] [ 31.327498] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.328370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.328749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.330498] Call Trace: [ 31.330832] <TASK> [ 31.331630] dump_stack_lvl+0x73/0xb0 [ 31.332115] print_report+0xd1/0x640 [ 31.332810] ? __virt_addr_valid+0x1db/0x2d0 [ 31.333183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.334112] kasan_report+0x102/0x140 [ 31.334514] ? kasan_atomics_helper+0x4fb4/0x5450 [ 31.335423] ? kasan_atomics_helper+0x4fb4/0x5450 [ 31.335972] __asan_report_load8_noabort+0x18/0x20 [ 31.336783] kasan_atomics_helper+0x4fb4/0x5450 [ 31.337807] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.338238] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.338463] ? trace_hardirqs_on+0x37/0xe0 [ 31.338660] ? kasan_atomics+0x153/0x310 [ 31.338850] kasan_atomics+0x1dd/0x310 [ 31.339120] ? __pfx_kasan_atomics+0x10/0x10 [ 31.339752] ? __pfx_kasan_atomics+0x10/0x10 [ 31.340539] kunit_try_run_case+0x1b3/0x490 [ 31.341060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.341655] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.343469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.343979] ? __kthread_parkme+0x82/0x160 [ 31.344604] ? preempt_count_sub+0x50/0x80 [ 31.345047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.345719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.346637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.347671] kthread+0x257/0x310 [ 31.348069] ? __pfx_kthread+0x10/0x10 [ 31.348493] ret_from_fork+0x41/0x80 [ 31.348886] ? __pfx_kthread+0x10/0x10 [ 31.349199] ret_from_fork_asm+0x1a/0x30 [ 31.349532] </TASK> [ 31.349887] [ 31.350165] Allocated by task 273: [ 31.351007] kasan_save_stack+0x3d/0x60 [ 31.351843] kasan_save_track+0x18/0x40 [ 31.352495] kasan_save_alloc_info+0x3b/0x50 [ 31.353491] __kasan_kmalloc+0xb7/0xc0 [ 31.353952] __kmalloc_cache_noprof+0x184/0x410 [ 31.354523] kasan_atomics+0x96/0x310 [ 31.355393] kunit_try_run_case+0x1b3/0x490 [ 31.356055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.356966] kthread+0x257/0x310 [ 31.357672] ret_from_fork+0x41/0x80 [ 31.358360] ret_from_fork_asm+0x1a/0x30 [ 31.359064] [ 31.359704] The buggy address belongs to the object at ffff888102486200 [ 31.359704] which belongs to the cache kmalloc-64 of size 64 [ 31.361202] The buggy address is located 0 bytes to the right of [ 31.361202] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.362175] [ 31.362452] The buggy address belongs to the physical page: [ 31.363562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.364582] flags: 0x200000000000000(node=0|zone=2) [ 31.365464] page_type: f5(slab) [ 31.365850] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.367474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.368445] page dumped because: kasan: bad access detected [ 31.369252] [ 31.369809] Memory state around the buggy address: [ 31.370434] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.370979] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.371724] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.372423] ^ [ 31.372898] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.374229] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.374869] ================================================================== [ 30.091552] ================================================================== [ 30.092437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 30.092947] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.094061] [ 30.094229] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.095294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.095572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.096637] Call Trace: [ 30.097012] <TASK> [ 30.097360] dump_stack_lvl+0x73/0xb0 [ 30.097697] print_report+0xd1/0x640 [ 30.098060] ? __virt_addr_valid+0x1db/0x2d0 [ 30.098628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.099393] kasan_report+0x102/0x140 [ 30.099703] ? kasan_atomics_helper+0x4eb0/0x5450 [ 30.100068] ? kasan_atomics_helper+0x4eb0/0x5450 [ 30.100633] __asan_report_load8_noabort+0x18/0x20 [ 30.101320] kasan_atomics_helper+0x4eb0/0x5450 [ 30.102019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.102500] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.103067] ? trace_hardirqs_on+0x37/0xe0 [ 30.103488] ? kasan_atomics+0x153/0x310 [ 30.103799] kasan_atomics+0x1dd/0x310 [ 30.104246] ? __pfx_kasan_atomics+0x10/0x10 [ 30.104913] ? __pfx_kasan_atomics+0x10/0x10 [ 30.105622] kunit_try_run_case+0x1b3/0x490 [ 30.106059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.106497] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.106835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.107641] ? __kthread_parkme+0x82/0x160 [ 30.108134] ? preempt_count_sub+0x50/0x80 [ 30.108602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.108953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.109350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.110073] kthread+0x257/0x310 [ 30.110775] ? __pfx_kthread+0x10/0x10 [ 30.111253] ret_from_fork+0x41/0x80 [ 30.111519] ? __pfx_kthread+0x10/0x10 [ 30.112354] ret_from_fork_asm+0x1a/0x30 [ 30.112818] </TASK> [ 30.113040] [ 30.113200] Allocated by task 273: [ 30.113457] kasan_save_stack+0x3d/0x60 [ 30.114016] kasan_save_track+0x18/0x40 [ 30.114537] kasan_save_alloc_info+0x3b/0x50 [ 30.115419] __kasan_kmalloc+0xb7/0xc0 [ 30.115831] __kmalloc_cache_noprof+0x184/0x410 [ 30.116170] kasan_atomics+0x96/0x310 [ 30.116718] kunit_try_run_case+0x1b3/0x490 [ 30.117531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.117965] kthread+0x257/0x310 [ 30.118554] ret_from_fork+0x41/0x80 [ 30.118857] ret_from_fork_asm+0x1a/0x30 [ 30.119174] [ 30.119336] The buggy address belongs to the object at ffff888102486200 [ 30.119336] which belongs to the cache kmalloc-64 of size 64 [ 30.120650] The buggy address is located 0 bytes to the right of [ 30.120650] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.122027] [ 30.122429] The buggy address belongs to the physical page: [ 30.122844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.123328] flags: 0x200000000000000(node=0|zone=2) [ 30.123988] page_type: f5(slab) [ 30.124624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.125462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.126135] page dumped because: kasan: bad access detected [ 30.126540] [ 30.126700] Memory state around the buggy address: [ 30.127215] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.128333] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.128777] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.129480] ^ [ 30.129978] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.130845] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.131960] ================================================================== [ 29.434643] ================================================================== [ 29.437035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 29.437979] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.438647] [ 29.438978] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.439860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.440483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.441426] Call Trace: [ 29.441873] <TASK> [ 29.442162] dump_stack_lvl+0x73/0xb0 [ 29.442751] print_report+0xd1/0x640 [ 29.443309] ? __virt_addr_valid+0x1db/0x2d0 [ 29.443874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.444397] kasan_report+0x102/0x140 [ 29.445505] ? kasan_atomics_helper+0xe79/0x5450 [ 29.446091] ? kasan_atomics_helper+0xe79/0x5450 [ 29.447645] kasan_check_range+0x10c/0x1c0 [ 29.448132] __kasan_check_write+0x18/0x20 [ 29.448581] kasan_atomics_helper+0xe79/0x5450 [ 29.449857] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.450626] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.451089] ? trace_hardirqs_on+0x37/0xe0 [ 29.451701] ? kasan_atomics+0x153/0x310 [ 29.452085] kasan_atomics+0x1dd/0x310 [ 29.452558] ? __pfx_kasan_atomics+0x10/0x10 [ 29.453033] ? __pfx_kasan_atomics+0x10/0x10 [ 29.453717] kunit_try_run_case+0x1b3/0x490 [ 29.454203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.454825] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.455486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.456123] ? __kthread_parkme+0x82/0x160 [ 29.456653] ? preempt_count_sub+0x50/0x80 [ 29.457134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.457682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.458108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.458780] kthread+0x257/0x310 [ 29.459312] ? __pfx_kthread+0x10/0x10 [ 29.459678] ret_from_fork+0x41/0x80 [ 29.459997] ? __pfx_kthread+0x10/0x10 [ 29.460466] ret_from_fork_asm+0x1a/0x30 [ 29.461103] </TASK> [ 29.461603] [ 29.461887] Allocated by task 273: [ 29.462358] kasan_save_stack+0x3d/0x60 [ 29.462683] kasan_save_track+0x18/0x40 [ 29.463296] kasan_save_alloc_info+0x3b/0x50 [ 29.463780] __kasan_kmalloc+0xb7/0xc0 [ 29.464090] __kmalloc_cache_noprof+0x184/0x410 [ 29.464404] kasan_atomics+0x96/0x310 [ 29.464957] kunit_try_run_case+0x1b3/0x490 [ 29.465764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.466496] kthread+0x257/0x310 [ 29.466755] ret_from_fork+0x41/0x80 [ 29.467053] ret_from_fork_asm+0x1a/0x30 [ 29.467520] [ 29.467799] The buggy address belongs to the object at ffff888102486200 [ 29.467799] which belongs to the cache kmalloc-64 of size 64 [ 29.469656] The buggy address is located 0 bytes to the right of [ 29.469656] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.470836] [ 29.471211] The buggy address belongs to the physical page: [ 29.471623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.472426] flags: 0x200000000000000(node=0|zone=2) [ 29.472775] page_type: f5(slab) [ 29.473068] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.473928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.474991] page dumped because: kasan: bad access detected [ 29.475546] [ 29.475788] Memory state around the buggy address: [ 29.476893] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.478130] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.478836] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.480279] ^ [ 29.480849] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.481692] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.482394] ================================================================== [ 31.473268] ================================================================== [ 31.473810] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 31.474907] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.475813] [ 31.476185] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.477232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.477747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.478627] Call Trace: [ 31.479000] <TASK> [ 31.479309] dump_stack_lvl+0x73/0xb0 [ 31.479728] print_report+0xd1/0x640 [ 31.480142] ? __virt_addr_valid+0x1db/0x2d0 [ 31.480636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.481273] kasan_report+0x102/0x140 [ 31.481759] ? kasan_atomics_helper+0x224d/0x5450 [ 31.482481] ? kasan_atomics_helper+0x224d/0x5450 [ 31.483044] kasan_check_range+0x10c/0x1c0 [ 31.483656] __kasan_check_write+0x18/0x20 [ 31.484192] kasan_atomics_helper+0x224d/0x5450 [ 31.484734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.485346] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.485947] ? trace_hardirqs_on+0x37/0xe0 [ 31.486466] ? kasan_atomics+0x153/0x310 [ 31.486989] kasan_atomics+0x1dd/0x310 [ 31.487622] ? __pfx_kasan_atomics+0x10/0x10 [ 31.488309] ? __pfx_kasan_atomics+0x10/0x10 [ 31.488854] kunit_try_run_case+0x1b3/0x490 [ 31.489427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.490041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.490564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.491282] ? __kthread_parkme+0x82/0x160 [ 31.491845] ? preempt_count_sub+0x50/0x80 [ 31.492518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.493053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.493614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.494417] kthread+0x257/0x310 [ 31.494759] ? __pfx_kthread+0x10/0x10 [ 31.495348] ret_from_fork+0x41/0x80 [ 31.495876] ? __pfx_kthread+0x10/0x10 [ 31.496347] ret_from_fork_asm+0x1a/0x30 [ 31.497004] </TASK> [ 31.497447] [ 31.497723] Allocated by task 273: [ 31.498321] kasan_save_stack+0x3d/0x60 [ 31.498849] kasan_save_track+0x18/0x40 [ 31.499338] kasan_save_alloc_info+0x3b/0x50 [ 31.499872] __kasan_kmalloc+0xb7/0xc0 [ 31.500461] __kmalloc_cache_noprof+0x184/0x410 [ 31.501576] kasan_atomics+0x96/0x310 [ 31.502081] kunit_try_run_case+0x1b3/0x490 [ 31.502662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.503412] kthread+0x257/0x310 [ 31.503820] ret_from_fork+0x41/0x80 [ 31.504371] ret_from_fork_asm+0x1a/0x30 [ 31.504789] [ 31.505224] The buggy address belongs to the object at ffff888102486200 [ 31.505224] which belongs to the cache kmalloc-64 of size 64 [ 31.506500] The buggy address is located 0 bytes to the right of [ 31.506500] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.507900] [ 31.508234] The buggy address belongs to the physical page: [ 31.508963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.509850] flags: 0x200000000000000(node=0|zone=2) [ 31.510468] page_type: f5(slab) [ 31.510801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.511662] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.512538] page dumped because: kasan: bad access detected [ 31.513204] [ 31.513353] Memory state around the buggy address: [ 31.514055] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.514911] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.515629] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.516449] ^ [ 31.517066] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.517403] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.517677] ================================================================== [ 29.530721] ================================================================== [ 29.532171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 29.532828] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.533400] [ 29.534404] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.535292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.535849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.536914] Call Trace: [ 29.537219] <TASK> [ 29.537837] dump_stack_lvl+0x73/0xb0 [ 29.538678] print_report+0xd1/0x640 [ 29.539036] ? __virt_addr_valid+0x1db/0x2d0 [ 29.539579] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.540113] kasan_report+0x102/0x140 [ 29.540509] ? kasan_atomics_helper+0xfaa/0x5450 [ 29.541569] ? kasan_atomics_helper+0xfaa/0x5450 [ 29.542027] kasan_check_range+0x10c/0x1c0 [ 29.542803] __kasan_check_write+0x18/0x20 [ 29.543549] kasan_atomics_helper+0xfaa/0x5450 [ 29.544214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.544896] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.545468] ? trace_hardirqs_on+0x37/0xe0 [ 29.546271] ? kasan_atomics+0x153/0x310 [ 29.546958] kasan_atomics+0x1dd/0x310 [ 29.547652] ? __pfx_kasan_atomics+0x10/0x10 [ 29.548152] ? __pfx_kasan_atomics+0x10/0x10 [ 29.548883] kunit_try_run_case+0x1b3/0x490 [ 29.549597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.550081] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.550862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.551703] ? __kthread_parkme+0x82/0x160 [ 29.552545] ? preempt_count_sub+0x50/0x80 [ 29.552989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.554043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.554877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.555725] kthread+0x257/0x310 [ 29.556401] ? __pfx_kthread+0x10/0x10 [ 29.556882] ret_from_fork+0x41/0x80 [ 29.557610] ? __pfx_kthread+0x10/0x10 [ 29.558112] ret_from_fork_asm+0x1a/0x30 [ 29.559108] </TASK> [ 29.559408] [ 29.560186] Allocated by task 273: [ 29.560552] kasan_save_stack+0x3d/0x60 [ 29.561085] kasan_save_track+0x18/0x40 [ 29.561762] kasan_save_alloc_info+0x3b/0x50 [ 29.562192] __kasan_kmalloc+0xb7/0xc0 [ 29.562680] __kmalloc_cache_noprof+0x184/0x410 [ 29.563122] kasan_atomics+0x96/0x310 [ 29.564135] kunit_try_run_case+0x1b3/0x490 [ 29.564838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.565644] kthread+0x257/0x310 [ 29.566087] ret_from_fork+0x41/0x80 [ 29.566744] ret_from_fork_asm+0x1a/0x30 [ 29.567035] [ 29.567560] The buggy address belongs to the object at ffff888102486200 [ 29.567560] which belongs to the cache kmalloc-64 of size 64 [ 29.569197] The buggy address is located 0 bytes to the right of [ 29.569197] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.570975] [ 29.571524] The buggy address belongs to the physical page: [ 29.572041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.573088] flags: 0x200000000000000(node=0|zone=2) [ 29.573765] page_type: f5(slab) [ 29.574481] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.575490] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.576363] page dumped because: kasan: bad access detected [ 29.576987] [ 29.577328] Memory state around the buggy address: [ 29.578006] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.578793] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.579600] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.580310] ^ [ 29.580775] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.582030] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.582903] ================================================================== [ 29.585716] ================================================================== [ 29.586474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 29.587204] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.588480] [ 29.588804] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.589913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.590722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.592175] Call Trace: [ 29.592736] <TASK> [ 29.592977] dump_stack_lvl+0x73/0xb0 [ 29.593524] print_report+0xd1/0x640 [ 29.594173] ? __virt_addr_valid+0x1db/0x2d0 [ 29.594567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.595150] kasan_report+0x102/0x140 [ 29.595843] ? kasan_atomics_helper+0x4a38/0x5450 [ 29.596982] ? kasan_atomics_helper+0x4a38/0x5450 [ 29.597598] __asan_report_load4_noabort+0x18/0x20 [ 29.598520] kasan_atomics_helper+0x4a38/0x5450 [ 29.599175] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.599669] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.600280] ? trace_hardirqs_on+0x37/0xe0 [ 29.600705] ? kasan_atomics+0x153/0x310 [ 29.601280] kasan_atomics+0x1dd/0x310 [ 29.601582] ? __pfx_kasan_atomics+0x10/0x10 [ 29.602456] ? __pfx_kasan_atomics+0x10/0x10 [ 29.603230] kunit_try_run_case+0x1b3/0x490 [ 29.603913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.604391] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.605078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.605732] ? __kthread_parkme+0x82/0x160 [ 29.606273] ? preempt_count_sub+0x50/0x80 [ 29.606657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.607258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.607922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.608502] kthread+0x257/0x310 [ 29.608993] ? __pfx_kthread+0x10/0x10 [ 29.609546] ret_from_fork+0x41/0x80 [ 29.609920] ? __pfx_kthread+0x10/0x10 [ 29.610540] ret_from_fork_asm+0x1a/0x30 [ 29.610990] </TASK> [ 29.611410] [ 29.611596] Allocated by task 273: [ 29.612037] kasan_save_stack+0x3d/0x60 [ 29.612504] kasan_save_track+0x18/0x40 [ 29.613032] kasan_save_alloc_info+0x3b/0x50 [ 29.613499] __kasan_kmalloc+0xb7/0xc0 [ 29.614035] __kmalloc_cache_noprof+0x184/0x410 [ 29.614703] kasan_atomics+0x96/0x310 [ 29.615194] kunit_try_run_case+0x1b3/0x490 [ 29.615690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.616465] kthread+0x257/0x310 [ 29.616793] ret_from_fork+0x41/0x80 [ 29.617404] ret_from_fork_asm+0x1a/0x30 [ 29.617817] [ 29.618202] The buggy address belongs to the object at ffff888102486200 [ 29.618202] which belongs to the cache kmalloc-64 of size 64 [ 29.619177] The buggy address is located 0 bytes to the right of [ 29.619177] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.620446] [ 29.620714] The buggy address belongs to the physical page: [ 29.621170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.622056] flags: 0x200000000000000(node=0|zone=2) [ 29.622618] page_type: f5(slab) [ 29.622993] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.623747] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.624548] page dumped because: kasan: bad access detected [ 29.625003] [ 29.625301] Memory state around the buggy address: [ 29.625882] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.626552] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.627023] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.627913] ^ [ 29.628559] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.629192] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.629859] ================================================================== [ 29.837143] ================================================================== [ 29.838511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 29.838898] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.840883] [ 29.841165] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.842077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.842922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.844095] Call Trace: [ 29.844866] <TASK> [ 29.845193] dump_stack_lvl+0x73/0xb0 [ 29.845812] print_report+0xd1/0x640 [ 29.846570] ? __virt_addr_valid+0x1db/0x2d0 [ 29.847564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.848137] kasan_report+0x102/0x140 [ 29.848873] ? kasan_atomics_helper+0x1218/0x5450 [ 29.849423] ? kasan_atomics_helper+0x1218/0x5450 [ 29.849915] kasan_check_range+0x10c/0x1c0 [ 29.850425] __kasan_check_write+0x18/0x20 [ 29.850850] kasan_atomics_helper+0x1218/0x5450 [ 29.852490] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.853109] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.854014] ? trace_hardirqs_on+0x37/0xe0 [ 29.854662] ? kasan_atomics+0x153/0x310 [ 29.855352] kasan_atomics+0x1dd/0x310 [ 29.855749] ? __pfx_kasan_atomics+0x10/0x10 [ 29.856188] ? __pfx_kasan_atomics+0x10/0x10 [ 29.856592] kunit_try_run_case+0x1b3/0x490 [ 29.857682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.858541] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.859359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.859919] ? __kthread_parkme+0x82/0x160 [ 29.860750] ? preempt_count_sub+0x50/0x80 [ 29.861456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.862143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.862711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.863708] kthread+0x257/0x310 [ 29.864111] ? __pfx_kthread+0x10/0x10 [ 29.864788] ret_from_fork+0x41/0x80 [ 29.865253] ? __pfx_kthread+0x10/0x10 [ 29.865798] ret_from_fork_asm+0x1a/0x30 [ 29.866400] </TASK> [ 29.866624] [ 29.866950] Allocated by task 273: [ 29.867278] kasan_save_stack+0x3d/0x60 [ 29.868063] kasan_save_track+0x18/0x40 [ 29.868363] kasan_save_alloc_info+0x3b/0x50 [ 29.868913] __kasan_kmalloc+0xb7/0xc0 [ 29.869466] __kmalloc_cache_noprof+0x184/0x410 [ 29.870039] kasan_atomics+0x96/0x310 [ 29.870550] kunit_try_run_case+0x1b3/0x490 [ 29.871111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.871662] kthread+0x257/0x310 [ 29.872057] ret_from_fork+0x41/0x80 [ 29.872461] ret_from_fork_asm+0x1a/0x30 [ 29.872964] [ 29.873122] The buggy address belongs to the object at ffff888102486200 [ 29.873122] which belongs to the cache kmalloc-64 of size 64 [ 29.874263] The buggy address is located 0 bytes to the right of [ 29.874263] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.875406] [ 29.875727] The buggy address belongs to the physical page: [ 29.876270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.876996] flags: 0x200000000000000(node=0|zone=2) [ 29.877334] page_type: f5(slab) [ 29.877595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.878838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.879525] page dumped because: kasan: bad access detected [ 29.880058] [ 29.880345] Memory state around the buggy address: [ 29.880872] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.881737] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.882234] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.882870] ^ [ 29.883480] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.884414] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.884861] ================================================================== [ 29.153959] ================================================================== [ 29.155149] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 29.155838] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.156417] [ 29.157469] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.158520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.159475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.160435] Call Trace: [ 29.160751] <TASK> [ 29.161045] dump_stack_lvl+0x73/0xb0 [ 29.162108] print_report+0xd1/0x640 [ 29.162732] ? __virt_addr_valid+0x1db/0x2d0 [ 29.163471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.163990] kasan_report+0x102/0x140 [ 29.164403] ? kasan_atomics_helper+0xac8/0x5450 [ 29.164872] ? kasan_atomics_helper+0xac8/0x5450 [ 29.165880] kasan_check_range+0x10c/0x1c0 [ 29.166637] __kasan_check_write+0x18/0x20 [ 29.167305] kasan_atomics_helper+0xac8/0x5450 [ 29.167982] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.168637] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.169150] ? trace_hardirqs_on+0x37/0xe0 [ 29.170057] ? kasan_atomics+0x153/0x310 [ 29.170724] kasan_atomics+0x1dd/0x310 [ 29.171442] ? __pfx_kasan_atomics+0x10/0x10 [ 29.172136] ? __pfx_kasan_atomics+0x10/0x10 [ 29.172647] kunit_try_run_case+0x1b3/0x490 [ 29.173511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.174028] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.175075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.175465] ? __kthread_parkme+0x82/0x160 [ 29.176479] ? preempt_count_sub+0x50/0x80 [ 29.177248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.177593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.178321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.178831] kthread+0x257/0x310 [ 29.179346] ? __pfx_kthread+0x10/0x10 [ 29.179712] ret_from_fork+0x41/0x80 [ 29.180289] ? __pfx_kthread+0x10/0x10 [ 29.180776] ret_from_fork_asm+0x1a/0x30 [ 29.181172] </TASK> [ 29.181564] [ 29.181855] Allocated by task 273: [ 29.182409] kasan_save_stack+0x3d/0x60 [ 29.182887] kasan_save_track+0x18/0x40 [ 29.183272] kasan_save_alloc_info+0x3b/0x50 [ 29.183620] __kasan_kmalloc+0xb7/0xc0 [ 29.184240] __kmalloc_cache_noprof+0x184/0x410 [ 29.184890] kasan_atomics+0x96/0x310 [ 29.185498] kunit_try_run_case+0x1b3/0x490 [ 29.185862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.186396] kthread+0x257/0x310 [ 29.186911] ret_from_fork+0x41/0x80 [ 29.187504] ret_from_fork_asm+0x1a/0x30 [ 29.188140] [ 29.188431] The buggy address belongs to the object at ffff888102486200 [ 29.188431] which belongs to the cache kmalloc-64 of size 64 [ 29.189272] The buggy address is located 0 bytes to the right of [ 29.189272] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.190560] [ 29.190843] The buggy address belongs to the physical page: [ 29.191447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.192199] flags: 0x200000000000000(node=0|zone=2) [ 29.192727] page_type: f5(slab) [ 29.193148] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.193598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.194448] page dumped because: kasan: bad access detected [ 29.195207] [ 29.195442] Memory state around the buggy address: [ 29.196059] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.196759] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.197550] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.198262] ^ [ 29.198581] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.199486] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.200027] ================================================================== [ 28.770005] ================================================================== [ 28.770863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 28.773381] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.773864] [ 28.774336] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.775106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.775311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.775646] Call Trace: [ 28.775781] <TASK> [ 28.775909] dump_stack_lvl+0x73/0xb0 [ 28.776304] print_report+0xd1/0x640 [ 28.776969] ? __virt_addr_valid+0x1db/0x2d0 [ 28.777670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.778263] kasan_report+0x102/0x140 [ 28.778793] ? kasan_atomics_helper+0x5ff/0x5450 [ 28.779413] ? kasan_atomics_helper+0x5ff/0x5450 [ 28.779815] kasan_check_range+0x10c/0x1c0 [ 28.780506] __kasan_check_write+0x18/0x20 [ 28.781837] kasan_atomics_helper+0x5ff/0x5450 [ 28.782355] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.782818] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.783628] ? trace_hardirqs_on+0x37/0xe0 [ 28.784418] ? kasan_atomics+0x153/0x310 [ 28.784769] kasan_atomics+0x1dd/0x310 [ 28.785121] ? __pfx_kasan_atomics+0x10/0x10 [ 28.785983] ? __pfx_kasan_atomics+0x10/0x10 [ 28.786883] kunit_try_run_case+0x1b3/0x490 [ 28.787609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.788130] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.788778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.789397] ? __kthread_parkme+0x82/0x160 [ 28.789823] ? preempt_count_sub+0x50/0x80 [ 28.790377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.790924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.791612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.792202] kthread+0x257/0x310 [ 28.792728] ? __pfx_kthread+0x10/0x10 [ 28.793304] ret_from_fork+0x41/0x80 [ 28.793696] ? __pfx_kthread+0x10/0x10 [ 28.794176] ret_from_fork_asm+0x1a/0x30 [ 28.794754] </TASK> [ 28.795223] [ 28.795462] Allocated by task 273: [ 28.795899] kasan_save_stack+0x3d/0x60 [ 28.796454] kasan_save_track+0x18/0x40 [ 28.796908] kasan_save_alloc_info+0x3b/0x50 [ 28.797438] __kasan_kmalloc+0xb7/0xc0 [ 28.797983] __kmalloc_cache_noprof+0x184/0x410 [ 28.798513] kasan_atomics+0x96/0x310 [ 28.798873] kunit_try_run_case+0x1b3/0x490 [ 28.799580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.799981] kthread+0x257/0x310 [ 28.800491] ret_from_fork+0x41/0x80 [ 28.801019] ret_from_fork_asm+0x1a/0x30 [ 28.801381] [ 28.801641] The buggy address belongs to the object at ffff888102486200 [ 28.801641] which belongs to the cache kmalloc-64 of size 64 [ 28.802671] The buggy address is located 0 bytes to the right of [ 28.802671] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.803665] [ 28.803869] The buggy address belongs to the physical page: [ 28.804416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.804869] flags: 0x200000000000000(node=0|zone=2) [ 28.805398] page_type: f5(slab) [ 28.805905] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.806829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.807622] page dumped because: kasan: bad access detected [ 28.808824] [ 28.809222] Memory state around the buggy address: [ 28.810119] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.810810] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.811293] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.811909] ^ [ 28.812419] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.813308] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.813967] ================================================================== [ 31.214885] ================================================================== [ 31.216769] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 31.217947] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.219093] [ 31.219975] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.221036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.221475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.222712] Call Trace: [ 31.223257] <TASK> [ 31.223606] dump_stack_lvl+0x73/0xb0 [ 31.224090] print_report+0xd1/0x640 [ 31.224992] ? __virt_addr_valid+0x1db/0x2d0 [ 31.225700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.226666] kasan_report+0x102/0x140 [ 31.227081] ? kasan_atomics_helper+0x4f9a/0x5450 [ 31.227856] ? kasan_atomics_helper+0x4f9a/0x5450 [ 31.228757] __asan_report_load8_noabort+0x18/0x20 [ 31.229258] kasan_atomics_helper+0x4f9a/0x5450 [ 31.229747] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.230617] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.231271] ? trace_hardirqs_on+0x37/0xe0 [ 31.231711] ? kasan_atomics+0x153/0x310 [ 31.232110] kasan_atomics+0x1dd/0x310 [ 31.232953] ? __pfx_kasan_atomics+0x10/0x10 [ 31.233503] ? __pfx_kasan_atomics+0x10/0x10 [ 31.234433] kunit_try_run_case+0x1b3/0x490 [ 31.235065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.235819] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.236292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.236845] ? __kthread_parkme+0x82/0x160 [ 31.237666] ? preempt_count_sub+0x50/0x80 [ 31.238008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.238999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.239906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.240675] kthread+0x257/0x310 [ 31.241277] ? __pfx_kthread+0x10/0x10 [ 31.241882] ret_from_fork+0x41/0x80 [ 31.242329] ? __pfx_kthread+0x10/0x10 [ 31.243131] ret_from_fork_asm+0x1a/0x30 [ 31.243634] </TASK> [ 31.243901] [ 31.244113] Allocated by task 273: [ 31.244426] kasan_save_stack+0x3d/0x60 [ 31.244877] kasan_save_track+0x18/0x40 [ 31.245970] kasan_save_alloc_info+0x3b/0x50 [ 31.246725] __kasan_kmalloc+0xb7/0xc0 [ 31.247325] __kmalloc_cache_noprof+0x184/0x410 [ 31.248047] kasan_atomics+0x96/0x310 [ 31.248597] kunit_try_run_case+0x1b3/0x490 [ 31.249049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.249615] kthread+0x257/0x310 [ 31.249983] ret_from_fork+0x41/0x80 [ 31.250843] ret_from_fork_asm+0x1a/0x30 [ 31.251154] [ 31.251406] The buggy address belongs to the object at ffff888102486200 [ 31.251406] which belongs to the cache kmalloc-64 of size 64 [ 31.253115] The buggy address is located 0 bytes to the right of [ 31.253115] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.254513] [ 31.254797] The buggy address belongs to the physical page: [ 31.255366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.256850] flags: 0x200000000000000(node=0|zone=2) [ 31.257655] page_type: f5(slab) [ 31.258323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.259423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.260074] page dumped because: kasan: bad access detected [ 31.260548] [ 31.260747] Memory state around the buggy address: [ 31.261872] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.262796] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.263535] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.264141] ^ [ 31.264998] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.265868] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.266926] ================================================================== [ 30.906262] ================================================================== [ 30.908111] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 30.908768] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.909426] [ 30.910417] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.911300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.911626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.912734] Call Trace: [ 30.913288] <TASK> [ 30.913735] dump_stack_lvl+0x73/0xb0 [ 30.914440] print_report+0xd1/0x640 [ 30.915105] ? __virt_addr_valid+0x1db/0x2d0 [ 30.915572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.916107] kasan_report+0x102/0x140 [ 30.917038] ? kasan_atomics_helper+0x1d7b/0x5450 [ 30.917672] ? kasan_atomics_helper+0x1d7b/0x5450 [ 30.918251] kasan_check_range+0x10c/0x1c0 [ 30.919179] __kasan_check_write+0x18/0x20 [ 30.919798] kasan_atomics_helper+0x1d7b/0x5450 [ 30.920541] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.921258] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.922009] ? trace_hardirqs_on+0x37/0xe0 [ 30.922763] ? kasan_atomics+0x153/0x310 [ 30.923254] kasan_atomics+0x1dd/0x310 [ 30.923652] ? __pfx_kasan_atomics+0x10/0x10 [ 30.924090] ? __pfx_kasan_atomics+0x10/0x10 [ 30.925082] kunit_try_run_case+0x1b3/0x490 [ 30.925683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.926528] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.927174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.927866] ? __kthread_parkme+0x82/0x160 [ 30.928762] ? preempt_count_sub+0x50/0x80 [ 30.929624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.930231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.931137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.932021] kthread+0x257/0x310 [ 30.932688] ? __pfx_kthread+0x10/0x10 [ 30.933154] ret_from_fork+0x41/0x80 [ 30.934003] ? __pfx_kthread+0x10/0x10 [ 30.934651] ret_from_fork_asm+0x1a/0x30 [ 30.935357] </TASK> [ 30.935637] [ 30.935857] Allocated by task 273: [ 30.936754] kasan_save_stack+0x3d/0x60 [ 30.937172] kasan_save_track+0x18/0x40 [ 30.937830] kasan_save_alloc_info+0x3b/0x50 [ 30.938630] __kasan_kmalloc+0xb7/0xc0 [ 30.939318] __kmalloc_cache_noprof+0x184/0x410 [ 30.939948] kasan_atomics+0x96/0x310 [ 30.940688] kunit_try_run_case+0x1b3/0x490 [ 30.941448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.942576] kthread+0x257/0x310 [ 30.942956] ret_from_fork+0x41/0x80 [ 30.943503] ret_from_fork_asm+0x1a/0x30 [ 30.943919] [ 30.944814] The buggy address belongs to the object at ffff888102486200 [ 30.944814] which belongs to the cache kmalloc-64 of size 64 [ 30.945994] The buggy address is located 0 bytes to the right of [ 30.945994] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.947849] [ 30.948576] The buggy address belongs to the physical page: [ 30.949126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.950208] flags: 0x200000000000000(node=0|zone=2) [ 30.950641] page_type: f5(slab) [ 30.952052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.952759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.954122] page dumped because: kasan: bad access detected [ 30.955049] [ 30.955316] Memory state around the buggy address: [ 30.956107] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.957087] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.957917] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.958995] ^ [ 30.959736] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.960510] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.961493] ================================================================== [ 30.219224] ================================================================== [ 30.220448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 30.221925] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.223301] [ 30.223656] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.225820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.226577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.226926] Call Trace: [ 30.227276] <TASK> [ 30.227613] dump_stack_lvl+0x73/0xb0 [ 30.227995] print_report+0xd1/0x640 [ 30.228625] ? __virt_addr_valid+0x1db/0x2d0 [ 30.229066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.229690] kasan_report+0x102/0x140 [ 30.230283] ? kasan_atomics_helper+0x151e/0x5450 [ 30.230810] ? kasan_atomics_helper+0x151e/0x5450 [ 30.231534] kasan_check_range+0x10c/0x1c0 [ 30.232034] __kasan_check_write+0x18/0x20 [ 30.232831] kasan_atomics_helper+0x151e/0x5450 [ 30.233677] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.234577] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.235067] ? trace_hardirqs_on+0x37/0xe0 [ 30.235517] ? kasan_atomics+0x153/0x310 [ 30.235959] kasan_atomics+0x1dd/0x310 [ 30.236242] ? __pfx_kasan_atomics+0x10/0x10 [ 30.237186] ? __pfx_kasan_atomics+0x10/0x10 [ 30.237655] kunit_try_run_case+0x1b3/0x490 [ 30.238116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.238606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.240106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.240850] ? __kthread_parkme+0x82/0x160 [ 30.241482] ? preempt_count_sub+0x50/0x80 [ 30.241990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.242458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.243135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.243710] kthread+0x257/0x310 [ 30.244256] ? __pfx_kthread+0x10/0x10 [ 30.244742] ret_from_fork+0x41/0x80 [ 30.245171] ? __pfx_kthread+0x10/0x10 [ 30.245737] ret_from_fork_asm+0x1a/0x30 [ 30.246307] </TASK> [ 30.246583] [ 30.246888] Allocated by task 273: [ 30.247344] kasan_save_stack+0x3d/0x60 [ 30.247767] kasan_save_track+0x18/0x40 [ 30.248307] kasan_save_alloc_info+0x3b/0x50 [ 30.248856] __kasan_kmalloc+0xb7/0xc0 [ 30.249404] __kmalloc_cache_noprof+0x184/0x410 [ 30.249859] kasan_atomics+0x96/0x310 [ 30.250427] kunit_try_run_case+0x1b3/0x490 [ 30.250822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.251494] kthread+0x257/0x310 [ 30.251770] ret_from_fork+0x41/0x80 [ 30.252263] ret_from_fork_asm+0x1a/0x30 [ 30.252661] [ 30.252859] The buggy address belongs to the object at ffff888102486200 [ 30.252859] which belongs to the cache kmalloc-64 of size 64 [ 30.253804] The buggy address is located 0 bytes to the right of [ 30.253804] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.255171] [ 30.255436] The buggy address belongs to the physical page: [ 30.255947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.256669] flags: 0x200000000000000(node=0|zone=2) [ 30.257031] page_type: f5(slab) [ 30.257420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.258368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.259295] page dumped because: kasan: bad access detected [ 30.259780] [ 30.260027] Memory state around the buggy address: [ 30.260383] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.261162] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.261952] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.262683] ^ [ 30.263343] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.264564] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.265637] ================================================================== [ 29.102876] ================================================================== [ 29.103609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 29.104694] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.105900] [ 29.106259] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.107216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.107630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.109143] Call Trace: [ 29.109441] <TASK> [ 29.110043] dump_stack_lvl+0x73/0xb0 [ 29.110697] print_report+0xd1/0x640 [ 29.111304] ? __virt_addr_valid+0x1db/0x2d0 [ 29.111515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.111751] kasan_report+0x102/0x140 [ 29.111958] ? kasan_atomics_helper+0xa2c/0x5450 [ 29.112409] ? kasan_atomics_helper+0xa2c/0x5450 [ 29.113582] kasan_check_range+0x10c/0x1c0 [ 29.114115] __kasan_check_write+0x18/0x20 [ 29.114836] kasan_atomics_helper+0xa2c/0x5450 [ 29.115537] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.116102] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.116885] ? trace_hardirqs_on+0x37/0xe0 [ 29.117766] ? kasan_atomics+0x153/0x310 [ 29.118373] kasan_atomics+0x1dd/0x310 [ 29.118948] ? __pfx_kasan_atomics+0x10/0x10 [ 29.119579] ? __pfx_kasan_atomics+0x10/0x10 [ 29.120054] kunit_try_run_case+0x1b3/0x490 [ 29.120453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.120874] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.121796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.122489] ? __kthread_parkme+0x82/0x160 [ 29.123086] ? preempt_count_sub+0x50/0x80 [ 29.123821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.124633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.125129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.126114] kthread+0x257/0x310 [ 29.126474] ? __pfx_kthread+0x10/0x10 [ 29.126845] ret_from_fork+0x41/0x80 [ 29.127242] ? __pfx_kthread+0x10/0x10 [ 29.127634] ret_from_fork_asm+0x1a/0x30 [ 29.128596] </TASK> [ 29.128804] [ 29.128985] Allocated by task 273: [ 29.130008] kasan_save_stack+0x3d/0x60 [ 29.130781] kasan_save_track+0x18/0x40 [ 29.131180] kasan_save_alloc_info+0x3b/0x50 [ 29.131967] __kasan_kmalloc+0xb7/0xc0 [ 29.132510] __kmalloc_cache_noprof+0x184/0x410 [ 29.132991] kasan_atomics+0x96/0x310 [ 29.133914] kunit_try_run_case+0x1b3/0x490 [ 29.134346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.135078] kthread+0x257/0x310 [ 29.135586] ret_from_fork+0x41/0x80 [ 29.135923] ret_from_fork_asm+0x1a/0x30 [ 29.136398] [ 29.136592] The buggy address belongs to the object at ffff888102486200 [ 29.136592] which belongs to the cache kmalloc-64 of size 64 [ 29.138299] The buggy address is located 0 bytes to the right of [ 29.138299] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.139267] [ 29.140091] The buggy address belongs to the physical page: [ 29.140641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.141585] flags: 0x200000000000000(node=0|zone=2) [ 29.142014] page_type: f5(slab) [ 29.142791] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.143512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.144334] page dumped because: kasan: bad access detected [ 29.144858] [ 29.145875] Memory state around the buggy address: [ 29.146198] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.147132] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.147796] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.148765] ^ [ 29.149507] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.150536] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.151149] ================================================================== [ 29.201981] ================================================================== [ 29.202708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 29.203669] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.204384] [ 29.204676] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.205712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.206140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.207044] Call Trace: [ 29.207332] <TASK> [ 29.207696] dump_stack_lvl+0x73/0xb0 [ 29.208678] print_report+0xd1/0x640 [ 29.208988] ? __virt_addr_valid+0x1db/0x2d0 [ 29.209838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.210808] kasan_report+0x102/0x140 [ 29.211500] ? kasan_atomics_helper+0xb6b/0x5450 [ 29.212187] ? kasan_atomics_helper+0xb6b/0x5450 [ 29.212874] kasan_check_range+0x10c/0x1c0 [ 29.213541] __kasan_check_write+0x18/0x20 [ 29.214543] kasan_atomics_helper+0xb6b/0x5450 [ 29.215000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.215589] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.216558] ? trace_hardirqs_on+0x37/0xe0 [ 29.217180] ? kasan_atomics+0x153/0x310 [ 29.218086] kasan_atomics+0x1dd/0x310 [ 29.218560] ? __pfx_kasan_atomics+0x10/0x10 [ 29.219006] ? __pfx_kasan_atomics+0x10/0x10 [ 29.219962] kunit_try_run_case+0x1b3/0x490 [ 29.220266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.221017] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.221644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.222491] ? __kthread_parkme+0x82/0x160 [ 29.223135] ? preempt_count_sub+0x50/0x80 [ 29.223585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.224091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.225565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.226100] kthread+0x257/0x310 [ 29.226461] ? __pfx_kthread+0x10/0x10 [ 29.226910] ret_from_fork+0x41/0x80 [ 29.227445] ? __pfx_kthread+0x10/0x10 [ 29.227892] ret_from_fork_asm+0x1a/0x30 [ 29.228395] </TASK> [ 29.228620] [ 29.228785] Allocated by task 273: [ 29.229353] kasan_save_stack+0x3d/0x60 [ 29.229890] kasan_save_track+0x18/0x40 [ 29.230445] kasan_save_alloc_info+0x3b/0x50 [ 29.230916] __kasan_kmalloc+0xb7/0xc0 [ 29.231387] __kmalloc_cache_noprof+0x184/0x410 [ 29.231723] kasan_atomics+0x96/0x310 [ 29.232187] kunit_try_run_case+0x1b3/0x490 [ 29.232809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.233359] kthread+0x257/0x310 [ 29.233642] ret_from_fork+0x41/0x80 [ 29.233971] ret_from_fork_asm+0x1a/0x30 [ 29.234415] [ 29.234659] The buggy address belongs to the object at ffff888102486200 [ 29.234659] which belongs to the cache kmalloc-64 of size 64 [ 29.236816] The buggy address is located 0 bytes to the right of [ 29.236816] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.239212] [ 29.239665] The buggy address belongs to the physical page: [ 29.240859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.241697] flags: 0x200000000000000(node=0|zone=2) [ 29.242069] page_type: f5(slab) [ 29.242807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.244032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.244682] page dumped because: kasan: bad access detected [ 29.245426] [ 29.245698] Memory state around the buggy address: [ 29.246605] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.247226] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.247898] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.248927] ^ [ 29.249303] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.250579] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.251142] ================================================================== [ 31.115231] ================================================================== [ 31.115985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 31.117508] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.118003] [ 31.118206] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.119758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.120574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.121897] Call Trace: [ 31.122147] <TASK> [ 31.122509] dump_stack_lvl+0x73/0xb0 [ 31.123552] print_report+0xd1/0x640 [ 31.124359] ? __virt_addr_valid+0x1db/0x2d0 [ 31.124836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.125660] kasan_report+0x102/0x140 [ 31.126165] ? kasan_atomics_helper+0x4f73/0x5450 [ 31.126615] ? kasan_atomics_helper+0x4f73/0x5450 [ 31.127222] __asan_report_load8_noabort+0x18/0x20 [ 31.127564] kasan_atomics_helper+0x4f73/0x5450 [ 31.128263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.128746] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.129208] ? trace_hardirqs_on+0x37/0xe0 [ 31.129827] ? kasan_atomics+0x153/0x310 [ 31.130479] kasan_atomics+0x1dd/0x310 [ 31.131004] ? __pfx_kasan_atomics+0x10/0x10 [ 31.131562] ? __pfx_kasan_atomics+0x10/0x10 [ 31.132206] kunit_try_run_case+0x1b3/0x490 [ 31.132713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.133376] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.134061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.134581] ? __kthread_parkme+0x82/0x160 [ 31.135060] ? preempt_count_sub+0x50/0x80 [ 31.135588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.136037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.136738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.137355] kthread+0x257/0x310 [ 31.137752] ? __pfx_kthread+0x10/0x10 [ 31.138310] ret_from_fork+0x41/0x80 [ 31.138676] ? __pfx_kthread+0x10/0x10 [ 31.139161] ret_from_fork_asm+0x1a/0x30 [ 31.139567] </TASK> [ 31.139965] [ 31.140371] Allocated by task 273: [ 31.140698] kasan_save_stack+0x3d/0x60 [ 31.141045] kasan_save_track+0x18/0x40 [ 31.141685] kasan_save_alloc_info+0x3b/0x50 [ 31.142424] __kasan_kmalloc+0xb7/0xc0 [ 31.142920] __kmalloc_cache_noprof+0x184/0x410 [ 31.143326] kasan_atomics+0x96/0x310 [ 31.143777] kunit_try_run_case+0x1b3/0x490 [ 31.144487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.145206] kthread+0x257/0x310 [ 31.145643] ret_from_fork+0x41/0x80 [ 31.145997] ret_from_fork_asm+0x1a/0x30 [ 31.146472] [ 31.146736] The buggy address belongs to the object at ffff888102486200 [ 31.146736] which belongs to the cache kmalloc-64 of size 64 [ 31.147779] The buggy address is located 0 bytes to the right of [ 31.147779] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.149354] [ 31.149631] The buggy address belongs to the physical page: [ 31.150022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.151055] flags: 0x200000000000000(node=0|zone=2) [ 31.151745] page_type: f5(slab) [ 31.152285] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.153183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.153625] page dumped because: kasan: bad access detected [ 31.154205] [ 31.154414] Memory state around the buggy address: [ 31.154829] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.156336] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.157357] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.157888] ^ [ 31.158368] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.159392] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.160084] ================================================================== [ 31.066101] ================================================================== [ 31.067297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 31.067955] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 31.068777] [ 31.069184] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 31.072366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.072861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.074286] Call Trace: [ 31.074589] <TASK> [ 31.074861] dump_stack_lvl+0x73/0xb0 [ 31.076180] print_report+0xd1/0x640 [ 31.076531] ? __virt_addr_valid+0x1db/0x2d0 [ 31.077223] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.077754] kasan_report+0x102/0x140 [ 31.078379] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.078755] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.079342] kasan_check_range+0x10c/0x1c0 [ 31.079797] __kasan_check_write+0x18/0x20 [ 31.080304] kasan_atomics_helper+0x1f44/0x5450 [ 31.080983] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.081576] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.082279] ? trace_hardirqs_on+0x37/0xe0 [ 31.082617] ? kasan_atomics+0x153/0x310 [ 31.083090] kasan_atomics+0x1dd/0x310 [ 31.083630] ? __pfx_kasan_atomics+0x10/0x10 [ 31.084128] ? __pfx_kasan_atomics+0x10/0x10 [ 31.084819] kunit_try_run_case+0x1b3/0x490 [ 31.085161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.085879] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.086458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.087023] ? __kthread_parkme+0x82/0x160 [ 31.087582] ? preempt_count_sub+0x50/0x80 [ 31.087973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.088511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.089007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.089759] kthread+0x257/0x310 [ 31.090446] ? __pfx_kthread+0x10/0x10 [ 31.090906] ret_from_fork+0x41/0x80 [ 31.091672] ? __pfx_kthread+0x10/0x10 [ 31.092300] ret_from_fork_asm+0x1a/0x30 [ 31.092820] </TASK> [ 31.093305] [ 31.093702] Allocated by task 273: [ 31.094027] kasan_save_stack+0x3d/0x60 [ 31.094560] kasan_save_track+0x18/0x40 [ 31.095101] kasan_save_alloc_info+0x3b/0x50 [ 31.095972] __kasan_kmalloc+0xb7/0xc0 [ 31.096333] __kmalloc_cache_noprof+0x184/0x410 [ 31.096664] kasan_atomics+0x96/0x310 [ 31.096971] kunit_try_run_case+0x1b3/0x490 [ 31.097861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.098786] kthread+0x257/0x310 [ 31.099412] ret_from_fork+0x41/0x80 [ 31.099797] ret_from_fork_asm+0x1a/0x30 [ 31.100287] [ 31.100717] The buggy address belongs to the object at ffff888102486200 [ 31.100717] which belongs to the cache kmalloc-64 of size 64 [ 31.101852] The buggy address is located 0 bytes to the right of [ 31.101852] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.102650] [ 31.103067] The buggy address belongs to the physical page: [ 31.103843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.104766] flags: 0x200000000000000(node=0|zone=2) [ 31.105364] page_type: f5(slab) [ 31.105815] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.106735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.107971] page dumped because: kasan: bad access detected [ 31.109133] [ 31.109314] Memory state around the buggy address: [ 31.109601] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.109910] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.111163] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.112206] ^ [ 31.112918] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.114153] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.114508] ================================================================== [ 30.799980] ================================================================== [ 30.800664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 30.801202] Read of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.802165] [ 30.802454] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.803558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.804155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.805029] Call Trace: [ 30.805387] <TASK> [ 30.805727] dump_stack_lvl+0x73/0xb0 [ 30.806236] print_report+0xd1/0x640 [ 30.806726] ? __virt_addr_valid+0x1db/0x2d0 [ 30.807301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.807974] kasan_report+0x102/0x140 [ 30.808506] ? kasan_atomics_helper+0x4f32/0x5450 [ 30.809131] ? kasan_atomics_helper+0x4f32/0x5450 [ 30.809797] __asan_report_load8_noabort+0x18/0x20 [ 30.810493] kasan_atomics_helper+0x4f32/0x5450 [ 30.810846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.811559] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.811961] ? trace_hardirqs_on+0x37/0xe0 [ 30.812632] ? kasan_atomics+0x153/0x310 [ 30.813071] kasan_atomics+0x1dd/0x310 [ 30.813611] ? __pfx_kasan_atomics+0x10/0x10 [ 30.814171] ? __pfx_kasan_atomics+0x10/0x10 [ 30.814636] kunit_try_run_case+0x1b3/0x490 [ 30.815160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.815775] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.816347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.817014] ? __kthread_parkme+0x82/0x160 [ 30.817821] ? preempt_count_sub+0x50/0x80 [ 30.818753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.819489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.820355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.821135] kthread+0x257/0x310 [ 30.821854] ? __pfx_kthread+0x10/0x10 [ 30.822479] ret_from_fork+0x41/0x80 [ 30.822890] ? __pfx_kthread+0x10/0x10 [ 30.823182] ret_from_fork_asm+0x1a/0x30 [ 30.824325] </TASK> [ 30.824537] [ 30.825011] Allocated by task 273: [ 30.825647] kasan_save_stack+0x3d/0x60 [ 30.826189] kasan_save_track+0x18/0x40 [ 30.826560] kasan_save_alloc_info+0x3b/0x50 [ 30.826995] __kasan_kmalloc+0xb7/0xc0 [ 30.827926] __kmalloc_cache_noprof+0x184/0x410 [ 30.828351] kasan_atomics+0x96/0x310 [ 30.829058] kunit_try_run_case+0x1b3/0x490 [ 30.829516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.830198] kthread+0x257/0x310 [ 30.830696] ret_from_fork+0x41/0x80 [ 30.831597] ret_from_fork_asm+0x1a/0x30 [ 30.832047] [ 30.832277] The buggy address belongs to the object at ffff888102486200 [ 30.832277] which belongs to the cache kmalloc-64 of size 64 [ 30.834175] The buggy address is located 0 bytes to the right of [ 30.834175] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.836457] [ 30.836694] The buggy address belongs to the physical page: [ 30.837324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.839030] flags: 0x200000000000000(node=0|zone=2) [ 30.839906] page_type: f5(slab) [ 30.840304] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.841217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.842362] page dumped because: kasan: bad access detected [ 30.842705] [ 30.843285] Memory state around the buggy address: [ 30.843993] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.845218] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.845911] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.846313] ^ [ 30.847009] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.847688] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.849159] ================================================================== [ 28.914736] ================================================================== [ 28.915716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 28.916692] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.917546] [ 28.917893] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.918499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.919138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.920215] Call Trace: [ 28.920555] <TASK> [ 28.920769] dump_stack_lvl+0x73/0xb0 [ 28.921292] print_report+0xd1/0x640 [ 28.921803] ? __virt_addr_valid+0x1db/0x2d0 [ 28.922688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.923565] kasan_report+0x102/0x140 [ 28.923862] ? kasan_atomics_helper+0x7c8/0x5450 [ 28.924215] ? kasan_atomics_helper+0x7c8/0x5450 [ 28.924730] kasan_check_range+0x10c/0x1c0 [ 28.925380] __kasan_check_write+0x18/0x20 [ 28.925958] kasan_atomics_helper+0x7c8/0x5450 [ 28.926659] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.927358] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.927824] ? trace_hardirqs_on+0x37/0xe0 [ 28.928159] ? kasan_atomics+0x153/0x310 [ 28.928508] kasan_atomics+0x1dd/0x310 [ 28.929055] ? __pfx_kasan_atomics+0x10/0x10 [ 28.929617] ? __pfx_kasan_atomics+0x10/0x10 [ 28.930671] kunit_try_run_case+0x1b3/0x490 [ 28.931387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.931878] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.932535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.933305] ? __kthread_parkme+0x82/0x160 [ 28.933623] ? preempt_count_sub+0x50/0x80 [ 28.934088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.934818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.935582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.936117] kthread+0x257/0x310 [ 28.936707] ? __pfx_kthread+0x10/0x10 [ 28.937278] ret_from_fork+0x41/0x80 [ 28.937652] ? __pfx_kthread+0x10/0x10 [ 28.938183] ret_from_fork_asm+0x1a/0x30 [ 28.938883] </TASK> [ 28.939259] [ 28.939472] Allocated by task 273: [ 28.940004] kasan_save_stack+0x3d/0x60 [ 28.940576] kasan_save_track+0x18/0x40 [ 28.940875] kasan_save_alloc_info+0x3b/0x50 [ 28.941621] __kasan_kmalloc+0xb7/0xc0 [ 28.942062] __kmalloc_cache_noprof+0x184/0x410 [ 28.942466] kasan_atomics+0x96/0x310 [ 28.942894] kunit_try_run_case+0x1b3/0x490 [ 28.943393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.943861] kthread+0x257/0x310 [ 28.944649] ret_from_fork+0x41/0x80 [ 28.944913] ret_from_fork_asm+0x1a/0x30 [ 28.945156] [ 28.945258] The buggy address belongs to the object at ffff888102486200 [ 28.945258] which belongs to the cache kmalloc-64 of size 64 [ 28.945695] The buggy address is located 0 bytes to the right of [ 28.945695] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.947197] [ 28.947391] The buggy address belongs to the physical page: [ 28.947894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.949137] flags: 0x200000000000000(node=0|zone=2) [ 28.950071] page_type: f5(slab) [ 28.950665] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.951254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.952187] page dumped because: kasan: bad access detected [ 28.952724] [ 28.952916] Memory state around the buggy address: [ 28.953232] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.954148] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.954651] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.955575] ^ [ 28.956488] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.958074] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.958734] ================================================================== [ 29.988421] ================================================================== [ 29.989672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 29.990522] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.992136] [ 29.992336] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.993848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.994375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.996019] Call Trace: [ 29.996285] <TASK> [ 29.996988] dump_stack_lvl+0x73/0xb0 [ 29.997574] print_report+0xd1/0x640 [ 29.998232] ? __virt_addr_valid+0x1db/0x2d0 [ 29.998847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.999628] kasan_report+0x102/0x140 [ 30.000045] ? kasan_atomics_helper+0x49d0/0x5450 [ 30.000545] ? kasan_atomics_helper+0x49d0/0x5450 [ 30.001534] __asan_report_load4_noabort+0x18/0x20 [ 30.001882] kasan_atomics_helper+0x49d0/0x5450 [ 30.002516] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.003552] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.004184] ? trace_hardirqs_on+0x37/0xe0 [ 30.004631] ? kasan_atomics+0x153/0x310 [ 30.005066] kasan_atomics+0x1dd/0x310 [ 30.005484] ? __pfx_kasan_atomics+0x10/0x10 [ 30.005969] ? __pfx_kasan_atomics+0x10/0x10 [ 30.006282] kunit_try_run_case+0x1b3/0x490 [ 30.006600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.007284] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.007791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.008614] ? __kthread_parkme+0x82/0x160 [ 30.009114] ? preempt_count_sub+0x50/0x80 [ 30.009564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.011033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.011898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.012680] kthread+0x257/0x310 [ 30.012876] ? __pfx_kthread+0x10/0x10 [ 30.013094] ret_from_fork+0x41/0x80 [ 30.013475] ? __pfx_kthread+0x10/0x10 [ 30.014046] ret_from_fork_asm+0x1a/0x30 [ 30.014417] </TASK> [ 30.014773] [ 30.015464] Allocated by task 273: [ 30.015893] kasan_save_stack+0x3d/0x60 [ 30.016360] kasan_save_track+0x18/0x40 [ 30.016909] kasan_save_alloc_info+0x3b/0x50 [ 30.017669] __kasan_kmalloc+0xb7/0xc0 [ 30.018884] __kmalloc_cache_noprof+0x184/0x410 [ 30.019334] kasan_atomics+0x96/0x310 [ 30.019981] kunit_try_run_case+0x1b3/0x490 [ 30.020773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.021521] kthread+0x257/0x310 [ 30.022213] ret_from_fork+0x41/0x80 [ 30.022838] ret_from_fork_asm+0x1a/0x30 [ 30.023455] [ 30.023760] The buggy address belongs to the object at ffff888102486200 [ 30.023760] which belongs to the cache kmalloc-64 of size 64 [ 30.024860] The buggy address is located 0 bytes to the right of [ 30.024860] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.026975] [ 30.027245] The buggy address belongs to the physical page: [ 30.027608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.028753] flags: 0x200000000000000(node=0|zone=2) [ 30.029596] page_type: f5(slab) [ 30.029994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.031274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.032160] page dumped because: kasan: bad access detected [ 30.033144] [ 30.033387] Memory state around the buggy address: [ 30.033999] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.035413] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.036049] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.036728] ^ [ 30.037829] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.038956] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.039833] ================================================================== [ 28.960201] ================================================================== [ 28.961568] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 28.962557] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.963748] [ 28.964161] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.965341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.965795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.966755] Call Trace: [ 28.967128] <TASK> [ 28.967542] dump_stack_lvl+0x73/0xb0 [ 28.967991] print_report+0xd1/0x640 [ 28.968746] ? __virt_addr_valid+0x1db/0x2d0 [ 28.969202] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.969792] kasan_report+0x102/0x140 [ 28.970350] ? kasan_atomics_helper+0x861/0x5450 [ 28.971052] ? kasan_atomics_helper+0x861/0x5450 [ 28.971613] kasan_check_range+0x10c/0x1c0 [ 28.972225] __kasan_check_write+0x18/0x20 [ 28.972660] kasan_atomics_helper+0x861/0x5450 [ 28.973370] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.973991] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.974539] ? trace_hardirqs_on+0x37/0xe0 [ 28.975101] ? kasan_atomics+0x153/0x310 [ 28.975541] kasan_atomics+0x1dd/0x310 [ 28.976035] ? __pfx_kasan_atomics+0x10/0x10 [ 28.976532] ? __pfx_kasan_atomics+0x10/0x10 [ 28.976949] kunit_try_run_case+0x1b3/0x490 [ 28.977734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.978232] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.979005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.979687] ? __kthread_parkme+0x82/0x160 [ 28.980259] ? preempt_count_sub+0x50/0x80 [ 28.980999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.981701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.982532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.983203] kthread+0x257/0x310 [ 28.983535] ? __pfx_kthread+0x10/0x10 [ 28.983990] ret_from_fork+0x41/0x80 [ 28.984477] ? __pfx_kthread+0x10/0x10 [ 28.984952] ret_from_fork_asm+0x1a/0x30 [ 28.985368] </TASK> [ 28.985707] [ 28.986051] Allocated by task 273: [ 28.986307] kasan_save_stack+0x3d/0x60 [ 28.986777] kasan_save_track+0x18/0x40 [ 28.987502] kasan_save_alloc_info+0x3b/0x50 [ 28.988054] __kasan_kmalloc+0xb7/0xc0 [ 28.988538] __kmalloc_cache_noprof+0x184/0x410 [ 28.988858] kasan_atomics+0x96/0x310 [ 28.989877] kunit_try_run_case+0x1b3/0x490 [ 28.990359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.990982] kthread+0x257/0x310 [ 28.991328] ret_from_fork+0x41/0x80 [ 28.991690] ret_from_fork_asm+0x1a/0x30 [ 28.992286] [ 28.992522] The buggy address belongs to the object at ffff888102486200 [ 28.992522] which belongs to the cache kmalloc-64 of size 64 [ 28.993560] The buggy address is located 0 bytes to the right of [ 28.993560] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.994744] [ 28.994920] The buggy address belongs to the physical page: [ 28.995781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.996716] flags: 0x200000000000000(node=0|zone=2) [ 28.997159] page_type: f5(slab) [ 28.997609] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.998418] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.999192] page dumped because: kasan: bad access detected [ 28.999740] [ 29.000044] Memory state around the buggy address: [ 29.000556] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.001376] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.001962] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.002666] ^ [ 29.003202] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.003763] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.004731] ================================================================== [ 28.815205] ================================================================== [ 28.816126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 28.816762] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.817367] [ 28.817575] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.818554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.818981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.819742] Call Trace: [ 28.820070] <TASK> [ 28.820412] dump_stack_lvl+0x73/0xb0 [ 28.820796] print_report+0xd1/0x640 [ 28.821332] ? __virt_addr_valid+0x1db/0x2d0 [ 28.822015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.822526] kasan_report+0x102/0x140 [ 28.823017] ? kasan_atomics_helper+0x698/0x5450 [ 28.823405] ? kasan_atomics_helper+0x698/0x5450 [ 28.823996] kasan_check_range+0x10c/0x1c0 [ 28.824449] __kasan_check_write+0x18/0x20 [ 28.824820] kasan_atomics_helper+0x698/0x5450 [ 28.825347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.825977] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.826408] ? trace_hardirqs_on+0x37/0xe0 [ 28.826880] ? kasan_atomics+0x153/0x310 [ 28.827346] kasan_atomics+0x1dd/0x310 [ 28.827685] ? __pfx_kasan_atomics+0x10/0x10 [ 28.828273] ? __pfx_kasan_atomics+0x10/0x10 [ 28.828756] kunit_try_run_case+0x1b3/0x490 [ 28.829238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.829839] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.830337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.830701] ? __kthread_parkme+0x82/0x160 [ 28.831282] ? preempt_count_sub+0x50/0x80 [ 28.831807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.832319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.832918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.833583] kthread+0x257/0x310 [ 28.833989] ? __pfx_kthread+0x10/0x10 [ 28.834333] ret_from_fork+0x41/0x80 [ 28.834740] ? __pfx_kthread+0x10/0x10 [ 28.835308] ret_from_fork_asm+0x1a/0x30 [ 28.835800] </TASK> [ 28.836302] [ 28.836665] Allocated by task 273: [ 28.837573] kasan_save_stack+0x3d/0x60 [ 28.838119] kasan_save_track+0x18/0x40 [ 28.838450] kasan_save_alloc_info+0x3b/0x50 [ 28.838750] __kasan_kmalloc+0xb7/0xc0 [ 28.839720] __kmalloc_cache_noprof+0x184/0x410 [ 28.840467] kasan_atomics+0x96/0x310 [ 28.840984] kunit_try_run_case+0x1b3/0x490 [ 28.841647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.842146] kthread+0x257/0x310 [ 28.842432] ret_from_fork+0x41/0x80 [ 28.843108] ret_from_fork_asm+0x1a/0x30 [ 28.843843] [ 28.844033] The buggy address belongs to the object at ffff888102486200 [ 28.844033] which belongs to the cache kmalloc-64 of size 64 [ 28.845427] The buggy address is located 0 bytes to the right of [ 28.845427] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.847178] [ 28.847625] The buggy address belongs to the physical page: [ 28.848472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.849232] flags: 0x200000000000000(node=0|zone=2) [ 28.849831] page_type: f5(slab) [ 28.850558] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.851423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.852427] page dumped because: kasan: bad access detected [ 28.853065] [ 28.853662] Memory state around the buggy address: [ 28.854053] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.855181] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.856159] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.856802] ^ [ 28.857716] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.858873] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.859966] ================================================================== [ 28.431269] ================================================================== [ 28.432372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 28.433994] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.435082] [ 28.435355] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.436267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.437644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.438561] Call Trace: [ 28.439085] <TASK> [ 28.439333] dump_stack_lvl+0x73/0xb0 [ 28.440050] print_report+0xd1/0x640 [ 28.440505] ? __virt_addr_valid+0x1db/0x2d0 [ 28.441160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.441539] kasan_report+0x102/0x140 [ 28.442077] ? kasan_atomics_helper+0x4b8a/0x5450 [ 28.442515] ? kasan_atomics_helper+0x4b8a/0x5450 [ 28.443172] __asan_report_load4_noabort+0x18/0x20 [ 28.443719] kasan_atomics_helper+0x4b8a/0x5450 [ 28.444177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.444603] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.445252] ? trace_hardirqs_on+0x37/0xe0 [ 28.445829] ? kasan_atomics+0x153/0x310 [ 28.446400] kasan_atomics+0x1dd/0x310 [ 28.446835] ? __pfx_kasan_atomics+0x10/0x10 [ 28.447512] ? __pfx_kasan_atomics+0x10/0x10 [ 28.447897] kunit_try_run_case+0x1b3/0x490 [ 28.448468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.448994] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.449422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.450137] ? __kthread_parkme+0x82/0x160 [ 28.450595] ? preempt_count_sub+0x50/0x80 [ 28.451089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.451795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.452439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.452920] kthread+0x257/0x310 [ 28.453535] ? __pfx_kthread+0x10/0x10 [ 28.453973] ret_from_fork+0x41/0x80 [ 28.454252] ? __pfx_kthread+0x10/0x10 [ 28.454904] ret_from_fork_asm+0x1a/0x30 [ 28.455595] </TASK> [ 28.456014] [ 28.456292] Allocated by task 273: [ 28.456669] kasan_save_stack+0x3d/0x60 [ 28.457188] kasan_save_track+0x18/0x40 [ 28.457800] kasan_save_alloc_info+0x3b/0x50 [ 28.458123] __kasan_kmalloc+0xb7/0xc0 [ 28.458659] __kmalloc_cache_noprof+0x184/0x410 [ 28.459352] kasan_atomics+0x96/0x310 [ 28.459727] kunit_try_run_case+0x1b3/0x490 [ 28.460308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.460981] kthread+0x257/0x310 [ 28.461251] ret_from_fork+0x41/0x80 [ 28.461593] ret_from_fork_asm+0x1a/0x30 [ 28.462212] [ 28.462607] The buggy address belongs to the object at ffff888102486200 [ 28.462607] which belongs to the cache kmalloc-64 of size 64 [ 28.463739] The buggy address is located 0 bytes to the right of [ 28.463739] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.465435] [ 28.465883] The buggy address belongs to the physical page: [ 28.466746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.467732] flags: 0x200000000000000(node=0|zone=2) [ 28.469253] page_type: f5(slab) [ 28.469659] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.471167] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.471778] page dumped because: kasan: bad access detected [ 28.472689] [ 28.472992] Memory state around the buggy address: [ 28.473849] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.474597] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.475553] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.476129] ^ [ 28.476908] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.477757] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.478843] ================================================================== [ 29.302207] ================================================================== [ 29.302772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 29.303476] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.304583] [ 29.304743] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.305923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.306225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.307483] Call Trace: [ 29.307730] <TASK> [ 29.308282] dump_stack_lvl+0x73/0xb0 [ 29.308713] print_report+0xd1/0x640 [ 29.309130] ? __virt_addr_valid+0x1db/0x2d0 [ 29.309534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.309916] kasan_report+0x102/0x140 [ 29.310636] ? kasan_atomics_helper+0x4a86/0x5450 [ 29.311288] ? kasan_atomics_helper+0x4a86/0x5450 [ 29.311655] __asan_report_load4_noabort+0x18/0x20 [ 29.312085] kasan_atomics_helper+0x4a86/0x5450 [ 29.312667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.313339] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.313833] ? trace_hardirqs_on+0x37/0xe0 [ 29.314500] ? kasan_atomics+0x153/0x310 [ 29.314825] kasan_atomics+0x1dd/0x310 [ 29.315429] ? __pfx_kasan_atomics+0x10/0x10 [ 29.315876] ? __pfx_kasan_atomics+0x10/0x10 [ 29.316226] kunit_try_run_case+0x1b3/0x490 [ 29.316766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.317405] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.318148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.318708] ? __kthread_parkme+0x82/0x160 [ 29.319046] ? preempt_count_sub+0x50/0x80 [ 29.319596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.320223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.320644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.321067] kthread+0x257/0x310 [ 29.321380] ? __pfx_kthread+0x10/0x10 [ 29.321960] ret_from_fork+0x41/0x80 [ 29.322578] ? __pfx_kthread+0x10/0x10 [ 29.323129] ret_from_fork_asm+0x1a/0x30 [ 29.323725] </TASK> [ 29.324015] [ 29.324343] Allocated by task 273: [ 29.324809] kasan_save_stack+0x3d/0x60 [ 29.325284] kasan_save_track+0x18/0x40 [ 29.325599] kasan_save_alloc_info+0x3b/0x50 [ 29.325947] __kasan_kmalloc+0xb7/0xc0 [ 29.326421] __kmalloc_cache_noprof+0x184/0x410 [ 29.327102] kasan_atomics+0x96/0x310 [ 29.327494] kunit_try_run_case+0x1b3/0x490 [ 29.328005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.328470] kthread+0x257/0x310 [ 29.328731] ret_from_fork+0x41/0x80 [ 29.329078] ret_from_fork_asm+0x1a/0x30 [ 29.329601] [ 29.329908] The buggy address belongs to the object at ffff888102486200 [ 29.329908] which belongs to the cache kmalloc-64 of size 64 [ 29.331496] The buggy address is located 0 bytes to the right of [ 29.331496] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.332684] [ 29.332852] The buggy address belongs to the physical page: [ 29.333370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.334289] flags: 0x200000000000000(node=0|zone=2) [ 29.334645] page_type: f5(slab) [ 29.334907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.335732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.336669] page dumped because: kasan: bad access detected [ 29.337207] [ 29.337381] Memory state around the buggy address: [ 29.337692] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.338371] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.339271] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.340237] ^ [ 29.340692] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.341319] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.342214] ================================================================== [ 28.314248] ================================================================== [ 28.315741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 28.316823] Read of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.318322] [ 28.318622] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.320113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.320866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.322429] Call Trace: [ 28.322688] <TASK> [ 28.323192] dump_stack_lvl+0x73/0xb0 [ 28.323660] print_report+0xd1/0x640 [ 28.324350] ? __virt_addr_valid+0x1db/0x2d0 [ 28.325016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.325726] kasan_report+0x102/0x140 [ 28.326210] ? kasan_atomics_helper+0x4bbe/0x5450 [ 28.326969] ? kasan_atomics_helper+0x4bbe/0x5450 [ 28.327663] __asan_report_load4_noabort+0x18/0x20 [ 28.328144] kasan_atomics_helper+0x4bbe/0x5450 [ 28.328647] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.329826] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.330459] ? trace_hardirqs_on+0x37/0xe0 [ 28.330778] ? kasan_atomics+0x153/0x310 [ 28.331830] kasan_atomics+0x1dd/0x310 [ 28.332683] ? __pfx_kasan_atomics+0x10/0x10 [ 28.333082] ? __pfx_kasan_atomics+0x10/0x10 [ 28.334122] kunit_try_run_case+0x1b3/0x490 [ 28.335256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.336217] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.336751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.337457] ? __kthread_parkme+0x82/0x160 [ 28.338295] ? preempt_count_sub+0x50/0x80 [ 28.338724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.339405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.340513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.341343] kthread+0x257/0x310 [ 28.341710] ? __pfx_kthread+0x10/0x10 [ 28.342191] ret_from_fork+0x41/0x80 [ 28.343294] ? __pfx_kthread+0x10/0x10 [ 28.343883] ret_from_fork_asm+0x1a/0x30 [ 28.344816] </TASK> [ 28.345425] [ 28.345914] Allocated by task 273: [ 28.346281] kasan_save_stack+0x3d/0x60 [ 28.346967] kasan_save_track+0x18/0x40 [ 28.348121] kasan_save_alloc_info+0x3b/0x50 [ 28.348483] __kasan_kmalloc+0xb7/0xc0 [ 28.348898] __kmalloc_cache_noprof+0x184/0x410 [ 28.350265] kasan_atomics+0x96/0x310 [ 28.351025] kunit_try_run_case+0x1b3/0x490 [ 28.351951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.352609] kthread+0x257/0x310 [ 28.353257] ret_from_fork+0x41/0x80 [ 28.353701] ret_from_fork_asm+0x1a/0x30 [ 28.354611] [ 28.354842] The buggy address belongs to the object at ffff888102486200 [ 28.354842] which belongs to the cache kmalloc-64 of size 64 [ 28.357500] The buggy address is located 0 bytes to the right of [ 28.357500] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.359353] [ 28.359603] The buggy address belongs to the physical page: [ 28.360059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.361144] flags: 0x200000000000000(node=0|zone=2) [ 28.361727] page_type: f5(slab) [ 28.362127] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.363181] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.364554] page dumped because: kasan: bad access detected [ 28.365506] [ 28.365817] Memory state around the buggy address: [ 28.367198] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.368100] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.368563] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.369673] ^ [ 28.370329] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.371789] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.373011] ================================================================== [ 29.388782] ================================================================== [ 29.389872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 29.390626] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.391340] [ 29.391528] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.392804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.393414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.394278] Call Trace: [ 29.394526] <TASK> [ 29.394774] dump_stack_lvl+0x73/0xb0 [ 29.395551] print_report+0xd1/0x640 [ 29.396202] ? __virt_addr_valid+0x1db/0x2d0 [ 29.396691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.397158] kasan_report+0x102/0x140 [ 29.397963] ? kasan_atomics_helper+0xde1/0x5450 [ 29.398660] ? kasan_atomics_helper+0xde1/0x5450 [ 29.399034] kasan_check_range+0x10c/0x1c0 [ 29.399423] __kasan_check_write+0x18/0x20 [ 29.400093] kasan_atomics_helper+0xde1/0x5450 [ 29.400775] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.401580] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.402148] ? trace_hardirqs_on+0x37/0xe0 [ 29.403057] ? kasan_atomics+0x153/0x310 [ 29.403390] kasan_atomics+0x1dd/0x310 [ 29.404119] ? __pfx_kasan_atomics+0x10/0x10 [ 29.404756] ? __pfx_kasan_atomics+0x10/0x10 [ 29.405325] kunit_try_run_case+0x1b3/0x490 [ 29.405992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.406440] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.407130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.407668] ? __kthread_parkme+0x82/0x160 [ 29.408198] ? preempt_count_sub+0x50/0x80 [ 29.408641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.409341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.410153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.410678] kthread+0x257/0x310 [ 29.411066] ? __pfx_kthread+0x10/0x10 [ 29.411606] ret_from_fork+0x41/0x80 [ 29.412108] ? __pfx_kthread+0x10/0x10 [ 29.412481] ret_from_fork_asm+0x1a/0x30 [ 29.412999] </TASK> [ 29.413206] [ 29.413369] Allocated by task 273: [ 29.413841] kasan_save_stack+0x3d/0x60 [ 29.414519] kasan_save_track+0x18/0x40 [ 29.415146] kasan_save_alloc_info+0x3b/0x50 [ 29.415632] __kasan_kmalloc+0xb7/0xc0 [ 29.415910] __kmalloc_cache_noprof+0x184/0x410 [ 29.416258] kasan_atomics+0x96/0x310 [ 29.416923] kunit_try_run_case+0x1b3/0x490 [ 29.417609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.418374] kthread+0x257/0x310 [ 29.418851] ret_from_fork+0x41/0x80 [ 29.419199] ret_from_fork_asm+0x1a/0x30 [ 29.419754] [ 29.420070] The buggy address belongs to the object at ffff888102486200 [ 29.420070] which belongs to the cache kmalloc-64 of size 64 [ 29.421199] The buggy address is located 0 bytes to the right of [ 29.421199] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.422551] [ 29.422972] The buggy address belongs to the physical page: [ 29.423573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.424473] flags: 0x200000000000000(node=0|zone=2) [ 29.424834] page_type: f5(slab) [ 29.425178] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.426195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.427228] page dumped because: kasan: bad access detected [ 29.427884] [ 29.428105] Memory state around the buggy address: [ 29.428631] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.429155] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.430040] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.430791] ^ [ 29.431149] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.431884] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.432805] ================================================================== [ 30.963448] ================================================================== [ 30.964042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 30.965749] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.966561] [ 30.967462] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.968421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.969191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.970249] Call Trace: [ 30.970637] <TASK> [ 30.971419] dump_stack_lvl+0x73/0xb0 [ 30.971872] print_report+0xd1/0x640 [ 30.972807] ? __virt_addr_valid+0x1db/0x2d0 [ 30.973254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.973846] kasan_report+0x102/0x140 [ 30.974582] ? kasan_atomics_helper+0x1e13/0x5450 [ 30.975300] ? kasan_atomics_helper+0x1e13/0x5450 [ 30.975817] kasan_check_range+0x10c/0x1c0 [ 30.976579] __kasan_check_write+0x18/0x20 [ 30.977385] kasan_atomics_helper+0x1e13/0x5450 [ 30.977867] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.978671] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.979506] ? trace_hardirqs_on+0x37/0xe0 [ 30.980178] ? kasan_atomics+0x153/0x310 [ 30.980875] kasan_atomics+0x1dd/0x310 [ 30.981741] ? __pfx_kasan_atomics+0x10/0x10 [ 30.982238] ? __pfx_kasan_atomics+0x10/0x10 [ 30.982734] kunit_try_run_case+0x1b3/0x490 [ 30.983431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.984196] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.984675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.985495] ? __kthread_parkme+0x82/0x160 [ 30.986028] ? preempt_count_sub+0x50/0x80 [ 30.986858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.987629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.988214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.988727] kthread+0x257/0x310 [ 30.989254] ? __pfx_kthread+0x10/0x10 [ 30.989660] ret_from_fork+0x41/0x80 [ 30.990158] ? __pfx_kthread+0x10/0x10 [ 30.990597] ret_from_fork_asm+0x1a/0x30 [ 30.991284] </TASK> [ 30.991491] [ 30.991774] Allocated by task 273: [ 30.992291] kasan_save_stack+0x3d/0x60 [ 30.993461] kasan_save_track+0x18/0x40 [ 30.993895] kasan_save_alloc_info+0x3b/0x50 [ 30.994447] __kasan_kmalloc+0xb7/0xc0 [ 30.994926] __kmalloc_cache_noprof+0x184/0x410 [ 30.995667] kasan_atomics+0x96/0x310 [ 30.995999] kunit_try_run_case+0x1b3/0x490 [ 30.997210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.997825] kthread+0x257/0x310 [ 30.998724] ret_from_fork+0x41/0x80 [ 30.999292] ret_from_fork_asm+0x1a/0x30 [ 31.000020] [ 31.000278] The buggy address belongs to the object at ffff888102486200 [ 31.000278] which belongs to the cache kmalloc-64 of size 64 [ 31.001886] The buggy address is located 0 bytes to the right of [ 31.001886] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 31.003339] [ 31.003883] The buggy address belongs to the physical page: [ 31.004490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 31.005575] flags: 0x200000000000000(node=0|zone=2) [ 31.006357] page_type: f5(slab) [ 31.006775] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.007773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.008564] page dumped because: kasan: bad access detected [ 31.009562] [ 31.009718] Memory state around the buggy address: [ 31.010307] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.011652] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.012322] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.013518] ^ [ 31.014128] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.015478] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.016311] ================================================================== [ 28.671833] ================================================================== [ 28.673217] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 28.673869] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 28.675184] [ 28.675562] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.676645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.677263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.678194] Call Trace: [ 28.678407] <TASK> [ 28.678719] dump_stack_lvl+0x73/0xb0 [ 28.679123] print_report+0xd1/0x640 [ 28.680194] ? __virt_addr_valid+0x1db/0x2d0 [ 28.680601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.681254] kasan_report+0x102/0x140 [ 28.681891] ? kasan_atomics_helper+0x4b3c/0x5450 [ 28.682692] ? kasan_atomics_helper+0x4b3c/0x5450 [ 28.683379] __asan_report_store4_noabort+0x1b/0x30 [ 28.683816] kasan_atomics_helper+0x4b3c/0x5450 [ 28.684696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.685286] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.685766] ? trace_hardirqs_on+0x37/0xe0 [ 28.687004] ? kasan_atomics+0x153/0x310 [ 28.687624] kasan_atomics+0x1dd/0x310 [ 28.688260] ? __pfx_kasan_atomics+0x10/0x10 [ 28.688671] ? __pfx_kasan_atomics+0x10/0x10 [ 28.689560] kunit_try_run_case+0x1b3/0x490 [ 28.690018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.690560] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.691058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.691972] ? __kthread_parkme+0x82/0x160 [ 28.692643] ? preempt_count_sub+0x50/0x80 [ 28.693245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.693732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.694612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.695038] kthread+0x257/0x310 [ 28.695831] ? __pfx_kthread+0x10/0x10 [ 28.696436] ret_from_fork+0x41/0x80 [ 28.696777] ? __pfx_kthread+0x10/0x10 [ 28.697203] ret_from_fork_asm+0x1a/0x30 [ 28.698046] </TASK> [ 28.698505] [ 28.698673] Allocated by task 273: [ 28.699457] kasan_save_stack+0x3d/0x60 [ 28.700009] kasan_save_track+0x18/0x40 [ 28.700438] kasan_save_alloc_info+0x3b/0x50 [ 28.701233] __kasan_kmalloc+0xb7/0xc0 [ 28.701608] __kmalloc_cache_noprof+0x184/0x410 [ 28.702058] kasan_atomics+0x96/0x310 [ 28.702407] kunit_try_run_case+0x1b3/0x490 [ 28.702785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.704023] kthread+0x257/0x310 [ 28.704425] ret_from_fork+0x41/0x80 [ 28.705025] ret_from_fork_asm+0x1a/0x30 [ 28.705660] [ 28.705985] The buggy address belongs to the object at ffff888102486200 [ 28.705985] which belongs to the cache kmalloc-64 of size 64 [ 28.707242] The buggy address is located 0 bytes to the right of [ 28.707242] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 28.708581] [ 28.709009] The buggy address belongs to the physical page: [ 28.709647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 28.710543] flags: 0x200000000000000(node=0|zone=2) [ 28.711243] page_type: f5(slab) [ 28.711779] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.712689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.713552] page dumped because: kasan: bad access detected [ 28.714090] [ 28.714448] Memory state around the buggy address: [ 28.715136] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.715774] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.716540] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.717621] ^ [ 28.717848] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.718241] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.719249] ================================================================== [ 30.553642] ================================================================== [ 30.554155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 30.555540] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.556494] [ 30.556696] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.557360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.558374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.559570] Call Trace: [ 30.560139] <TASK> [ 30.560549] dump_stack_lvl+0x73/0xb0 [ 30.561245] print_report+0xd1/0x640 [ 30.561711] ? __virt_addr_valid+0x1db/0x2d0 [ 30.562192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.563157] kasan_report+0x102/0x140 [ 30.563791] ? kasan_atomics_helper+0x194b/0x5450 [ 30.564512] ? kasan_atomics_helper+0x194b/0x5450 [ 30.565235] kasan_check_range+0x10c/0x1c0 [ 30.565704] __kasan_check_write+0x18/0x20 [ 30.566177] kasan_atomics_helper+0x194b/0x5450 [ 30.566846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.567496] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.568138] ? trace_hardirqs_on+0x37/0xe0 [ 30.568565] ? kasan_atomics+0x153/0x310 [ 30.569063] kasan_atomics+0x1dd/0x310 [ 30.569539] ? __pfx_kasan_atomics+0x10/0x10 [ 30.570255] ? __pfx_kasan_atomics+0x10/0x10 [ 30.570888] kunit_try_run_case+0x1b3/0x490 [ 30.571393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.572057] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.572798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.573478] ? __kthread_parkme+0x82/0x160 [ 30.574153] ? preempt_count_sub+0x50/0x80 [ 30.574669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.575278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.575966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.576696] kthread+0x257/0x310 [ 30.577152] ? __pfx_kthread+0x10/0x10 [ 30.577677] ret_from_fork+0x41/0x80 [ 30.578044] ? __pfx_kthread+0x10/0x10 [ 30.578686] ret_from_fork_asm+0x1a/0x30 [ 30.579251] </TASK> [ 30.579563] [ 30.579963] Allocated by task 273: [ 30.580420] kasan_save_stack+0x3d/0x60 [ 30.581076] kasan_save_track+0x18/0x40 [ 30.581565] kasan_save_alloc_info+0x3b/0x50 [ 30.582765] __kasan_kmalloc+0xb7/0xc0 [ 30.583544] __kmalloc_cache_noprof+0x184/0x410 [ 30.584261] kasan_atomics+0x96/0x310 [ 30.584841] kunit_try_run_case+0x1b3/0x490 [ 30.585475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.586337] kthread+0x257/0x310 [ 30.586786] ret_from_fork+0x41/0x80 [ 30.587703] ret_from_fork_asm+0x1a/0x30 [ 30.588098] [ 30.588331] The buggy address belongs to the object at ffff888102486200 [ 30.588331] which belongs to the cache kmalloc-64 of size 64 [ 30.590060] The buggy address is located 0 bytes to the right of [ 30.590060] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.592092] [ 30.592661] The buggy address belongs to the physical page: [ 30.593240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.594053] flags: 0x200000000000000(node=0|zone=2) [ 30.594970] page_type: f5(slab) [ 30.595807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.596671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.597607] page dumped because: kasan: bad access detected [ 30.598410] [ 30.598570] Memory state around the buggy address: [ 30.599141] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.600796] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.601573] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.602680] ^ [ 30.603137] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.603774] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.604736] ================================================================== [ 29.343410] ================================================================== [ 29.344696] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 29.345552] Write of size 4 at addr ffff888102486230 by task kunit_try_catch/273 [ 29.346413] [ 29.346656] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 29.347498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.348052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.348579] Call Trace: [ 29.348800] <TASK> [ 29.349031] dump_stack_lvl+0x73/0xb0 [ 29.349555] print_report+0xd1/0x640 [ 29.350135] ? __virt_addr_valid+0x1db/0x2d0 [ 29.350732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.351260] kasan_report+0x102/0x140 [ 29.351555] ? kasan_atomics_helper+0xd48/0x5450 [ 29.351885] ? kasan_atomics_helper+0xd48/0x5450 [ 29.352745] kasan_check_range+0x10c/0x1c0 [ 29.353325] __kasan_check_write+0x18/0x20 [ 29.353901] kasan_atomics_helper+0xd48/0x5450 [ 29.354278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.354965] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.355470] ? trace_hardirqs_on+0x37/0xe0 [ 29.355797] ? kasan_atomics+0x153/0x310 [ 29.356129] kasan_atomics+0x1dd/0x310 [ 29.356642] ? __pfx_kasan_atomics+0x10/0x10 [ 29.357216] ? __pfx_kasan_atomics+0x10/0x10 [ 29.358147] kunit_try_run_case+0x1b3/0x490 [ 29.358604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.358988] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.359906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.360436] ? __kthread_parkme+0x82/0x160 [ 29.360751] ? preempt_count_sub+0x50/0x80 [ 29.361204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.361848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.362701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.363412] kthread+0x257/0x310 [ 29.363831] ? __pfx_kthread+0x10/0x10 [ 29.364831] ret_from_fork+0x41/0x80 [ 29.365253] ? __pfx_kthread+0x10/0x10 [ 29.365607] ret_from_fork_asm+0x1a/0x30 [ 29.366662] </TASK> [ 29.367623] [ 29.368413] Allocated by task 273: [ 29.368798] kasan_save_stack+0x3d/0x60 [ 29.369236] kasan_save_track+0x18/0x40 [ 29.369648] kasan_save_alloc_info+0x3b/0x50 [ 29.370026] __kasan_kmalloc+0xb7/0xc0 [ 29.370301] __kmalloc_cache_noprof+0x184/0x410 [ 29.371018] kasan_atomics+0x96/0x310 [ 29.371567] kunit_try_run_case+0x1b3/0x490 [ 29.371877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.372603] kthread+0x257/0x310 [ 29.373160] ret_from_fork+0x41/0x80 [ 29.373639] ret_from_fork_asm+0x1a/0x30 [ 29.373981] [ 29.374150] The buggy address belongs to the object at ffff888102486200 [ 29.374150] which belongs to the cache kmalloc-64 of size 64 [ 29.375653] The buggy address is located 0 bytes to the right of [ 29.375653] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 29.376536] [ 29.376741] The buggy address belongs to the physical page: [ 29.377542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 29.378397] flags: 0x200000000000000(node=0|zone=2) [ 29.378889] page_type: f5(slab) [ 29.379556] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.380458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.381180] page dumped because: kasan: bad access detected [ 29.381570] [ 29.381730] Memory state around the buggy address: [ 29.382124] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.383129] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.383863] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.384911] ^ [ 29.385550] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386351] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.386912] ================================================================== [ 30.655377] ================================================================== [ 30.656200] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 30.657164] Write of size 8 at addr ffff888102486230 by task kunit_try_catch/273 [ 30.658121] [ 30.658316] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 30.659519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.659823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.661127] Call Trace: [ 30.661561] <TASK> [ 30.661798] dump_stack_lvl+0x73/0xb0 [ 30.662446] print_report+0xd1/0x640 [ 30.663196] ? __virt_addr_valid+0x1db/0x2d0 [ 30.663724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.664485] kasan_report+0x102/0x140 [ 30.665246] ? kasan_atomics_helper+0x1a80/0x5450 [ 30.665920] ? kasan_atomics_helper+0x1a80/0x5450 [ 30.666707] kasan_check_range+0x10c/0x1c0 [ 30.667070] __kasan_check_write+0x18/0x20 [ 30.667534] kasan_atomics_helper+0x1a80/0x5450 [ 30.668010] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.668880] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.669245] ? trace_hardirqs_on+0x37/0xe0 [ 30.669730] ? kasan_atomics+0x153/0x310 [ 30.670380] kasan_atomics+0x1dd/0x310 [ 30.670993] ? __pfx_kasan_atomics+0x10/0x10 [ 30.671585] ? __pfx_kasan_atomics+0x10/0x10 [ 30.672088] kunit_try_run_case+0x1b3/0x490 [ 30.672503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.673096] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.673714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.674369] ? __kthread_parkme+0x82/0x160 [ 30.674979] ? preempt_count_sub+0x50/0x80 [ 30.675403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.675740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.676606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.677321] kthread+0x257/0x310 [ 30.677643] ? __pfx_kthread+0x10/0x10 [ 30.678328] ret_from_fork+0x41/0x80 [ 30.679026] ? __pfx_kthread+0x10/0x10 [ 30.679469] ret_from_fork_asm+0x1a/0x30 [ 30.679989] </TASK> [ 30.680307] [ 30.680624] Allocated by task 273: [ 30.681997] kasan_save_stack+0x3d/0x60 [ 30.682578] kasan_save_track+0x18/0x40 [ 30.683004] kasan_save_alloc_info+0x3b/0x50 [ 30.684021] __kasan_kmalloc+0xb7/0xc0 [ 30.684453] __kmalloc_cache_noprof+0x184/0x410 [ 30.684855] kasan_atomics+0x96/0x310 [ 30.686019] kunit_try_run_case+0x1b3/0x490 [ 30.686664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.687699] kthread+0x257/0x310 [ 30.688049] ret_from_fork+0x41/0x80 [ 30.688568] ret_from_fork_asm+0x1a/0x30 [ 30.689064] [ 30.689549] The buggy address belongs to the object at ffff888102486200 [ 30.689549] which belongs to the cache kmalloc-64 of size 64 [ 30.690900] The buggy address is located 0 bytes to the right of [ 30.690900] allocated 48-byte region [ffff888102486200, ffff888102486230) [ 30.692378] [ 30.693068] The buggy address belongs to the physical page: [ 30.693459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102486 [ 30.694387] flags: 0x200000000000000(node=0|zone=2) [ 30.694859] page_type: f5(slab) [ 30.695805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.696863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.697864] page dumped because: kasan: bad access detected [ 30.698757] [ 30.699015] Memory state around the buggy address: [ 30.699424] ffff888102486100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.700956] ffff888102486180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.701676] >ffff888102486200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.702921] ^ [ 30.703607] ffff888102486280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.704359] ffff888102486300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.705465] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 28.259666] ================================================================== [ 28.260151] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.262286] Read of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 28.263048] [ 28.263553] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.263978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.264249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.265644] Call Trace: [ 28.265920] <TASK> [ 28.266139] dump_stack_lvl+0x73/0xb0 [ 28.266833] print_report+0xd1/0x640 [ 28.267287] ? __virt_addr_valid+0x1db/0x2d0 [ 28.268035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.268804] kasan_report+0x102/0x140 [ 28.269293] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.269924] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.270526] __asan_report_load8_noabort+0x18/0x20 [ 28.271304] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.271791] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.272570] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.273022] ? trace_hardirqs_on+0x37/0xe0 [ 28.273462] ? kasan_bitops_generic+0x93/0x1c0 [ 28.274007] kasan_bitops_generic+0x122/0x1c0 [ 28.274425] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.274847] ? __pfx_read_tsc+0x10/0x10 [ 28.275402] ? ktime_get_ts64+0x86/0x230 [ 28.275722] kunit_try_run_case+0x1b3/0x490 [ 28.276056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.276706] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.277387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.277888] ? __kthread_parkme+0x82/0x160 [ 28.278274] ? preempt_count_sub+0x50/0x80 [ 28.278785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.279476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.280310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.280986] kthread+0x257/0x310 [ 28.281425] ? __pfx_kthread+0x10/0x10 [ 28.281795] ret_from_fork+0x41/0x80 [ 28.282321] ? __pfx_kthread+0x10/0x10 [ 28.282784] ret_from_fork_asm+0x1a/0x30 [ 28.283417] </TASK> [ 28.283785] [ 28.283994] Allocated by task 269: [ 28.284514] kasan_save_stack+0x3d/0x60 [ 28.284983] kasan_save_track+0x18/0x40 [ 28.285411] kasan_save_alloc_info+0x3b/0x50 [ 28.285724] __kasan_kmalloc+0xb7/0xc0 [ 28.286337] __kmalloc_cache_noprof+0x184/0x410 [ 28.286728] kasan_bitops_generic+0x93/0x1c0 [ 28.287372] kunit_try_run_case+0x1b3/0x490 [ 28.287708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.288502] kthread+0x257/0x310 [ 28.288815] ret_from_fork+0x41/0x80 [ 28.289319] ret_from_fork_asm+0x1a/0x30 [ 28.289868] [ 28.290196] The buggy address belongs to the object at ffff888101b3cce0 [ 28.290196] which belongs to the cache kmalloc-16 of size 16 [ 28.291172] The buggy address is located 8 bytes inside of [ 28.291172] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 28.292369] [ 28.292540] The buggy address belongs to the physical page: [ 28.293189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 28.293977] flags: 0x200000000000000(node=0|zone=2) [ 28.294363] page_type: f5(slab) [ 28.294848] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.295632] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.296509] page dumped because: kasan: bad access detected [ 28.297153] [ 28.297336] Memory state around the buggy address: [ 28.297889] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.298766] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 28.299467] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.300295] ^ [ 28.300978] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.301745] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.302560] ================================================================== [ 28.146673] ================================================================== [ 28.148748] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.149916] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 28.150861] [ 28.151054] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.152557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.153230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.154194] Call Trace: [ 28.154808] <TASK> [ 28.155362] dump_stack_lvl+0x73/0xb0 [ 28.155994] print_report+0xd1/0x640 [ 28.156824] ? __virt_addr_valid+0x1db/0x2d0 [ 28.157227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.157975] kasan_report+0x102/0x140 [ 28.158658] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.159841] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.160626] kasan_check_range+0x10c/0x1c0 [ 28.161069] __kasan_check_write+0x18/0x20 [ 28.161504] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.162756] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.163574] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.164300] ? trace_hardirqs_on+0x37/0xe0 [ 28.164979] ? kasan_bitops_generic+0x93/0x1c0 [ 28.165753] kasan_bitops_generic+0x122/0x1c0 [ 28.166544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.167281] ? __pfx_read_tsc+0x10/0x10 [ 28.167863] ? ktime_get_ts64+0x86/0x230 [ 28.168281] kunit_try_run_case+0x1b3/0x490 [ 28.168684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.169551] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.170218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.170992] ? __kthread_parkme+0x82/0x160 [ 28.171656] ? preempt_count_sub+0x50/0x80 [ 28.172352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.174146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.174676] kthread+0x257/0x310 [ 28.175343] ? __pfx_kthread+0x10/0x10 [ 28.175950] ret_from_fork+0x41/0x80 [ 28.176542] ? __pfx_kthread+0x10/0x10 [ 28.177191] ret_from_fork_asm+0x1a/0x30 [ 28.177831] </TASK> [ 28.178402] [ 28.178685] Allocated by task 269: [ 28.179066] kasan_save_stack+0x3d/0x60 [ 28.180129] kasan_save_track+0x18/0x40 [ 28.180493] kasan_save_alloc_info+0x3b/0x50 [ 28.181194] __kasan_kmalloc+0xb7/0xc0 [ 28.181835] __kmalloc_cache_noprof+0x184/0x410 [ 28.182578] kasan_bitops_generic+0x93/0x1c0 [ 28.183164] kunit_try_run_case+0x1b3/0x490 [ 28.183795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.184661] kthread+0x257/0x310 [ 28.185072] ret_from_fork+0x41/0x80 [ 28.185446] ret_from_fork_asm+0x1a/0x30 [ 28.185849] [ 28.186705] The buggy address belongs to the object at ffff888101b3cce0 [ 28.186705] which belongs to the cache kmalloc-16 of size 16 [ 28.188580] The buggy address is located 8 bytes inside of [ 28.188580] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 28.190003] [ 28.190522] The buggy address belongs to the physical page: [ 28.191126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 28.192113] flags: 0x200000000000000(node=0|zone=2) [ 28.193022] page_type: f5(slab) [ 28.193744] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.194927] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.196149] page dumped because: kasan: bad access detected [ 28.196569] [ 28.197119] Memory state around the buggy address: [ 28.197989] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.198991] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 28.199996] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.200912] ^ [ 28.201911] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.202909] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.203775] ================================================================== [ 28.001519] ================================================================== [ 28.003178] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.004951] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 28.005892] [ 28.006153] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.007097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.007645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.008310] Call Trace: [ 28.008750] <TASK> [ 28.009093] dump_stack_lvl+0x73/0xb0 [ 28.009455] print_report+0xd1/0x640 [ 28.009752] ? __virt_addr_valid+0x1db/0x2d0 [ 28.010575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.011393] kasan_report+0x102/0x140 [ 28.011812] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.013202] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.013836] kasan_check_range+0x10c/0x1c0 [ 28.014588] __kasan_check_write+0x18/0x20 [ 28.015668] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.016604] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.017533] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.018152] ? trace_hardirqs_on+0x37/0xe0 [ 28.018366] ? kasan_bitops_generic+0x93/0x1c0 [ 28.018577] kasan_bitops_generic+0x122/0x1c0 [ 28.018780] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.019096] ? __pfx_read_tsc+0x10/0x10 [ 28.019738] ? ktime_get_ts64+0x86/0x230 [ 28.020213] kunit_try_run_case+0x1b3/0x490 [ 28.021023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.021642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.022832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.023549] ? __kthread_parkme+0x82/0x160 [ 28.024364] ? preempt_count_sub+0x50/0x80 [ 28.025180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.025805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.026552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.027912] kthread+0x257/0x310 [ 28.028617] ? __pfx_kthread+0x10/0x10 [ 28.029035] ret_from_fork+0x41/0x80 [ 28.029613] ? __pfx_kthread+0x10/0x10 [ 28.030112] ret_from_fork_asm+0x1a/0x30 [ 28.030848] </TASK> [ 28.031255] [ 28.031785] Allocated by task 269: [ 28.032075] kasan_save_stack+0x3d/0x60 [ 28.032610] kasan_save_track+0x18/0x40 [ 28.032986] kasan_save_alloc_info+0x3b/0x50 [ 28.033474] __kasan_kmalloc+0xb7/0xc0 [ 28.033840] __kmalloc_cache_noprof+0x184/0x410 [ 28.035425] kasan_bitops_generic+0x93/0x1c0 [ 28.035964] kunit_try_run_case+0x1b3/0x490 [ 28.036498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.037037] kthread+0x257/0x310 [ 28.037497] ret_from_fork+0x41/0x80 [ 28.037924] ret_from_fork_asm+0x1a/0x30 [ 28.038374] [ 28.038633] The buggy address belongs to the object at ffff888101b3cce0 [ 28.038633] which belongs to the cache kmalloc-16 of size 16 [ 28.039806] The buggy address is located 8 bytes inside of [ 28.039806] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 28.041004] [ 28.041353] The buggy address belongs to the physical page: [ 28.041697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 28.042734] flags: 0x200000000000000(node=0|zone=2) [ 28.043222] page_type: f5(slab) [ 28.043732] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.044516] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.045331] page dumped because: kasan: bad access detected [ 28.045835] [ 28.046198] Memory state around the buggy address: [ 28.046752] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.047524] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 28.048298] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.049014] ^ [ 28.049682] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.050437] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.051562] ================================================================== [ 28.054822] ================================================================== [ 28.055634] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.056994] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 28.057619] [ 28.057891] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.058529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.059145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.060045] Call Trace: [ 28.060778] <TASK> [ 28.061395] dump_stack_lvl+0x73/0xb0 [ 28.062016] print_report+0xd1/0x640 [ 28.062503] ? __virt_addr_valid+0x1db/0x2d0 [ 28.062725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.062992] kasan_report+0x102/0x140 [ 28.063822] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.065001] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.066456] kasan_check_range+0x10c/0x1c0 [ 28.066904] __kasan_check_write+0x18/0x20 [ 28.067255] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.068068] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.068834] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.069965] ? trace_hardirqs_on+0x37/0xe0 [ 28.070669] ? kasan_bitops_generic+0x93/0x1c0 [ 28.071494] kasan_bitops_generic+0x122/0x1c0 [ 28.072467] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.073361] ? __pfx_read_tsc+0x10/0x10 [ 28.074093] ? ktime_get_ts64+0x86/0x230 [ 28.075009] kunit_try_run_case+0x1b3/0x490 [ 28.075630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.076125] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.076607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.077845] ? __kthread_parkme+0x82/0x160 [ 28.079004] ? preempt_count_sub+0x50/0x80 [ 28.079401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.079832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.080455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.081002] kthread+0x257/0x310 [ 28.081463] ? __pfx_kthread+0x10/0x10 [ 28.081843] ret_from_fork+0x41/0x80 [ 28.082346] ? __pfx_kthread+0x10/0x10 [ 28.082691] ret_from_fork_asm+0x1a/0x30 [ 28.083238] </TASK> [ 28.083556] [ 28.083755] Allocated by task 269: [ 28.084133] kasan_save_stack+0x3d/0x60 [ 28.084621] kasan_save_track+0x18/0x40 [ 28.084962] kasan_save_alloc_info+0x3b/0x50 [ 28.085528] __kasan_kmalloc+0xb7/0xc0 [ 28.086000] __kmalloc_cache_noprof+0x184/0x410 [ 28.086572] kasan_bitops_generic+0x93/0x1c0 [ 28.087028] kunit_try_run_case+0x1b3/0x490 [ 28.087379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.087987] kthread+0x257/0x310 [ 28.088342] ret_from_fork+0x41/0x80 [ 28.088702] ret_from_fork_asm+0x1a/0x30 [ 28.089252] [ 28.089416] The buggy address belongs to the object at ffff888101b3cce0 [ 28.089416] which belongs to the cache kmalloc-16 of size 16 [ 28.090642] The buggy address is located 8 bytes inside of [ 28.090642] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 28.091486] [ 28.091734] The buggy address belongs to the physical page: [ 28.092436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 28.093035] flags: 0x200000000000000(node=0|zone=2) [ 28.093586] page_type: f5(slab) [ 28.093868] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.094531] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.095400] page dumped because: kasan: bad access detected [ 28.095877] [ 28.096134] Memory state around the buggy address: [ 28.096645] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.097236] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 28.097810] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.098293] ^ [ 28.099008] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.099715] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.100255] ================================================================== [ 28.102405] ================================================================== [ 28.103569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.104541] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 28.105271] [ 28.105473] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.106339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.106785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.107810] Call Trace: [ 28.108171] <TASK> [ 28.108410] dump_stack_lvl+0x73/0xb0 [ 28.108812] print_report+0xd1/0x640 [ 28.109221] ? __virt_addr_valid+0x1db/0x2d0 [ 28.109750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.110449] kasan_report+0x102/0x140 [ 28.110924] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.111701] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.112323] kasan_check_range+0x10c/0x1c0 [ 28.112993] __kasan_check_write+0x18/0x20 [ 28.113668] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.114313] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.115055] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.115614] ? trace_hardirqs_on+0x37/0xe0 [ 28.116216] ? kasan_bitops_generic+0x93/0x1c0 [ 28.116746] kasan_bitops_generic+0x122/0x1c0 [ 28.117264] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.117717] ? __pfx_read_tsc+0x10/0x10 [ 28.118295] ? ktime_get_ts64+0x86/0x230 [ 28.118696] kunit_try_run_case+0x1b3/0x490 [ 28.119302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.119732] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.120360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.120848] ? __kthread_parkme+0x82/0x160 [ 28.121410] ? preempt_count_sub+0x50/0x80 [ 28.121750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.122456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.122993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.123574] kthread+0x257/0x310 [ 28.124019] ? __pfx_kthread+0x10/0x10 [ 28.124473] ret_from_fork+0x41/0x80 [ 28.124948] ? __pfx_kthread+0x10/0x10 [ 28.125463] ret_from_fork_asm+0x1a/0x30 [ 28.125972] </TASK> [ 28.126399] [ 28.126570] Allocated by task 269: [ 28.126987] kasan_save_stack+0x3d/0x60 [ 28.127575] kasan_save_track+0x18/0x40 [ 28.128001] kasan_save_alloc_info+0x3b/0x50 [ 28.128676] __kasan_kmalloc+0xb7/0xc0 [ 28.129006] __kmalloc_cache_noprof+0x184/0x410 [ 28.129629] kasan_bitops_generic+0x93/0x1c0 [ 28.130142] kunit_try_run_case+0x1b3/0x490 [ 28.130668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.131420] kthread+0x257/0x310 [ 28.131707] ret_from_fork+0x41/0x80 [ 28.132327] ret_from_fork_asm+0x1a/0x30 [ 28.132720] [ 28.132915] The buggy address belongs to the object at ffff888101b3cce0 [ 28.132915] which belongs to the cache kmalloc-16 of size 16 [ 28.134324] The buggy address is located 8 bytes inside of [ 28.134324] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 28.135416] [ 28.135701] The buggy address belongs to the physical page: [ 28.136140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 28.137005] flags: 0x200000000000000(node=0|zone=2) [ 28.137548] page_type: f5(slab) [ 28.137999] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.138770] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.139477] page dumped because: kasan: bad access detected [ 28.140047] [ 28.140353] Memory state around the buggy address: [ 28.140754] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.141518] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 28.142326] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.143036] ^ [ 28.143692] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.144450] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.145070] ================================================================== [ 27.949508] ================================================================== [ 27.951015] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 27.951729] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.954190] [ 27.954502] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.955725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.956458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.957496] Call Trace: [ 27.957797] <TASK> [ 27.958865] dump_stack_lvl+0x73/0xb0 [ 27.959220] print_report+0xd1/0x640 [ 27.960056] ? __virt_addr_valid+0x1db/0x2d0 [ 27.960745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.961323] kasan_report+0x102/0x140 [ 27.961696] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 27.962223] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 27.962815] kasan_check_range+0x10c/0x1c0 [ 27.963178] __kasan_check_write+0x18/0x20 [ 27.963806] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 27.964615] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.965906] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.966536] ? trace_hardirqs_on+0x37/0xe0 [ 27.966892] ? kasan_bitops_generic+0x93/0x1c0 [ 27.967520] kasan_bitops_generic+0x122/0x1c0 [ 27.968022] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.968420] ? __pfx_read_tsc+0x10/0x10 [ 27.968789] ? ktime_get_ts64+0x86/0x230 [ 27.969308] kunit_try_run_case+0x1b3/0x490 [ 27.970034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.970919] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.971276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.972702] ? __kthread_parkme+0x82/0x160 [ 27.973707] ? preempt_count_sub+0x50/0x80 [ 27.974219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.974669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.975909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.977003] kthread+0x257/0x310 [ 27.977864] ? __pfx_kthread+0x10/0x10 [ 27.978382] ret_from_fork+0x41/0x80 [ 27.978785] ? __pfx_kthread+0x10/0x10 [ 27.979661] ret_from_fork_asm+0x1a/0x30 [ 27.980530] </TASK> [ 27.980983] [ 27.981507] Allocated by task 269: [ 27.981860] kasan_save_stack+0x3d/0x60 [ 27.982176] kasan_save_track+0x18/0x40 [ 27.982701] kasan_save_alloc_info+0x3b/0x50 [ 27.983162] __kasan_kmalloc+0xb7/0xc0 [ 27.983616] __kmalloc_cache_noprof+0x184/0x410 [ 27.984226] kasan_bitops_generic+0x93/0x1c0 [ 27.984609] kunit_try_run_case+0x1b3/0x490 [ 27.985214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.985797] kthread+0x257/0x310 [ 27.986118] ret_from_fork+0x41/0x80 [ 27.986390] ret_from_fork_asm+0x1a/0x30 [ 27.986951] [ 27.987296] The buggy address belongs to the object at ffff888101b3cce0 [ 27.987296] which belongs to the cache kmalloc-16 of size 16 [ 27.988534] The buggy address is located 8 bytes inside of [ 27.988534] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.989642] [ 27.989838] The buggy address belongs to the physical page: [ 27.990730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.991569] flags: 0x200000000000000(node=0|zone=2) [ 27.992062] page_type: f5(slab) [ 27.992492] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.993377] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.993828] page dumped because: kasan: bad access detected [ 27.994495] [ 27.994762] Memory state around the buggy address: [ 27.995453] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.996135] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.997152] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.997553] ^ [ 27.998074] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.998963] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.999855] ================================================================== [ 27.837347] ================================================================== [ 27.838959] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 27.839891] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.840514] [ 27.840696] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.842280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.842759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.843469] Call Trace: [ 27.843798] <TASK> [ 27.844144] dump_stack_lvl+0x73/0xb0 [ 27.845291] print_report+0xd1/0x640 [ 27.845686] ? __virt_addr_valid+0x1db/0x2d0 [ 27.846091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.846978] kasan_report+0x102/0x140 [ 27.847345] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 27.847853] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 27.848783] kasan_check_range+0x10c/0x1c0 [ 27.849403] __kasan_check_write+0x18/0x20 [ 27.850446] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 27.850856] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.851594] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.852073] ? trace_hardirqs_on+0x37/0xe0 [ 27.852904] ? kasan_bitops_generic+0x93/0x1c0 [ 27.853528] kasan_bitops_generic+0x122/0x1c0 [ 27.853855] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.854475] ? __pfx_read_tsc+0x10/0x10 [ 27.855054] ? ktime_get_ts64+0x86/0x230 [ 27.855649] kunit_try_run_case+0x1b3/0x490 [ 27.856054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.856461] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.856862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.857678] ? __kthread_parkme+0x82/0x160 [ 27.858088] ? preempt_count_sub+0x50/0x80 [ 27.859305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.859767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.860177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.860807] kthread+0x257/0x310 [ 27.861348] ? __pfx_kthread+0x10/0x10 [ 27.861881] ret_from_fork+0x41/0x80 [ 27.862374] ? __pfx_kthread+0x10/0x10 [ 27.862657] ret_from_fork_asm+0x1a/0x30 [ 27.863020] </TASK> [ 27.863338] [ 27.863722] Allocated by task 269: [ 27.864174] kasan_save_stack+0x3d/0x60 [ 27.864696] kasan_save_track+0x18/0x40 [ 27.865233] kasan_save_alloc_info+0x3b/0x50 [ 27.866150] __kasan_kmalloc+0xb7/0xc0 [ 27.866555] __kmalloc_cache_noprof+0x184/0x410 [ 27.866990] kasan_bitops_generic+0x93/0x1c0 [ 27.867295] kunit_try_run_case+0x1b3/0x490 [ 27.867603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.868691] kthread+0x257/0x310 [ 27.869014] ret_from_fork+0x41/0x80 [ 27.870562] ret_from_fork_asm+0x1a/0x30 [ 27.870915] [ 27.871111] The buggy address belongs to the object at ffff888101b3cce0 [ 27.871111] which belongs to the cache kmalloc-16 of size 16 [ 27.873956] The buggy address is located 8 bytes inside of [ 27.873956] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.875783] [ 27.876046] The buggy address belongs to the physical page: [ 27.876950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.878091] flags: 0x200000000000000(node=0|zone=2) [ 27.878995] page_type: f5(slab) [ 27.879468] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.879849] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.880578] page dumped because: kasan: bad access detected [ 27.881117] [ 27.881404] Memory state around the buggy address: [ 27.881761] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.882845] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.883864] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.885065] ^ [ 27.886598] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.888540] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.889569] ================================================================== [ 27.891702] ================================================================== [ 27.892309] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 27.892783] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.895291] [ 27.896595] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.898115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.898948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.899950] Call Trace: [ 27.900491] <TASK> [ 27.900794] dump_stack_lvl+0x73/0xb0 [ 27.901456] print_report+0xd1/0x640 [ 27.901888] ? __virt_addr_valid+0x1db/0x2d0 [ 27.902413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.902907] kasan_report+0x102/0x140 [ 27.903807] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 27.904784] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 27.905643] kasan_check_range+0x10c/0x1c0 [ 27.906818] __kasan_check_write+0x18/0x20 [ 27.907545] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 27.908421] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.909078] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.909566] ? trace_hardirqs_on+0x37/0xe0 [ 27.910896] ? kasan_bitops_generic+0x93/0x1c0 [ 27.911532] kasan_bitops_generic+0x122/0x1c0 [ 27.912052] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.912716] ? __pfx_read_tsc+0x10/0x10 [ 27.913391] ? ktime_get_ts64+0x86/0x230 [ 27.914136] kunit_try_run_case+0x1b3/0x490 [ 27.914447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.915101] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.916140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.916774] ? __kthread_parkme+0x82/0x160 [ 27.917668] ? preempt_count_sub+0x50/0x80 [ 27.918417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.919069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.919926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.920696] kthread+0x257/0x310 [ 27.921094] ? __pfx_kthread+0x10/0x10 [ 27.922169] ret_from_fork+0x41/0x80 [ 27.922535] ? __pfx_kthread+0x10/0x10 [ 27.923156] ret_from_fork_asm+0x1a/0x30 [ 27.923859] </TASK> [ 27.924506] [ 27.924687] Allocated by task 269: [ 27.925102] kasan_save_stack+0x3d/0x60 [ 27.925522] kasan_save_track+0x18/0x40 [ 27.925993] kasan_save_alloc_info+0x3b/0x50 [ 27.927109] __kasan_kmalloc+0xb7/0xc0 [ 27.927387] __kmalloc_cache_noprof+0x184/0x410 [ 27.928263] kasan_bitops_generic+0x93/0x1c0 [ 27.928915] kunit_try_run_case+0x1b3/0x490 [ 27.929675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.930244] kthread+0x257/0x310 [ 27.930739] ret_from_fork+0x41/0x80 [ 27.931421] ret_from_fork_asm+0x1a/0x30 [ 27.931690] [ 27.932037] The buggy address belongs to the object at ffff888101b3cce0 [ 27.932037] which belongs to the cache kmalloc-16 of size 16 [ 27.933953] The buggy address is located 8 bytes inside of [ 27.933953] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.935260] [ 27.935567] The buggy address belongs to the physical page: [ 27.936464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.937423] flags: 0x200000000000000(node=0|zone=2) [ 27.938054] page_type: f5(slab) [ 27.938873] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.939781] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.940763] page dumped because: kasan: bad access detected [ 27.941329] [ 27.941961] Memory state around the buggy address: [ 27.942627] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.943610] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.944594] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.945382] ^ [ 27.946380] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.947044] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.947979] ================================================================== [ 28.205441] ================================================================== [ 28.207030] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.208457] Read of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 28.209454] [ 28.209679] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 28.211491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.211907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.213017] Call Trace: [ 28.213635] <TASK> [ 28.214164] dump_stack_lvl+0x73/0xb0 [ 28.214888] print_report+0xd1/0x640 [ 28.215421] ? __virt_addr_valid+0x1db/0x2d0 [ 28.215825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.216802] kasan_report+0x102/0x140 [ 28.217591] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.218520] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.219597] kasan_check_range+0x10c/0x1c0 [ 28.220046] __kasan_check_read+0x15/0x20 [ 28.221384] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.222015] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.223132] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.223817] ? trace_hardirqs_on+0x37/0xe0 [ 28.224239] ? kasan_bitops_generic+0x93/0x1c0 [ 28.224705] kasan_bitops_generic+0x122/0x1c0 [ 28.225203] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.225680] ? __pfx_read_tsc+0x10/0x10 [ 28.226631] ? ktime_get_ts64+0x86/0x230 [ 28.227113] kunit_try_run_case+0x1b3/0x490 [ 28.227995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.228758] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.229438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.230049] ? __kthread_parkme+0x82/0x160 [ 28.230967] ? preempt_count_sub+0x50/0x80 [ 28.231775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.232380] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.232970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.233500] kthread+0x257/0x310 [ 28.233890] ? __pfx_kthread+0x10/0x10 [ 28.234737] ret_from_fork+0x41/0x80 [ 28.235317] ? __pfx_kthread+0x10/0x10 [ 28.235847] ret_from_fork_asm+0x1a/0x30 [ 28.236475] </TASK> [ 28.236696] [ 28.236884] Allocated by task 269: [ 28.237984] kasan_save_stack+0x3d/0x60 [ 28.238276] kasan_save_track+0x18/0x40 [ 28.239024] kasan_save_alloc_info+0x3b/0x50 [ 28.239755] __kasan_kmalloc+0xb7/0xc0 [ 28.240387] __kmalloc_cache_noprof+0x184/0x410 [ 28.240817] kasan_bitops_generic+0x93/0x1c0 [ 28.241252] kunit_try_run_case+0x1b3/0x490 [ 28.241748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.242196] kthread+0x257/0x310 [ 28.242757] ret_from_fork+0x41/0x80 [ 28.243173] ret_from_fork_asm+0x1a/0x30 [ 28.243590] [ 28.243790] The buggy address belongs to the object at ffff888101b3cce0 [ 28.243790] which belongs to the cache kmalloc-16 of size 16 [ 28.245276] The buggy address is located 8 bytes inside of [ 28.245276] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 28.247560] [ 28.247788] The buggy address belongs to the physical page: [ 28.248650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 28.249423] flags: 0x200000000000000(node=0|zone=2) [ 28.249753] page_type: f5(slab) [ 28.250205] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.251168] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.251820] page dumped because: kasan: bad access detected [ 28.252580] [ 28.252835] Memory state around the buggy address: [ 28.253404] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 28.254389] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 28.255185] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.255799] ^ [ 28.256572] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.257311] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.258020] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 27.349466] ================================================================== [ 27.351168] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.352283] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.353131] [ 27.353402] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.355019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.355969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.357424] Call Trace: [ 27.358530] <TASK> [ 27.359470] dump_stack_lvl+0x73/0xb0 [ 27.359909] print_report+0xd1/0x640 [ 27.360852] ? __virt_addr_valid+0x1db/0x2d0 [ 27.362152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.362765] kasan_report+0x102/0x140 [ 27.363323] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.364124] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.364851] kasan_check_range+0x10c/0x1c0 [ 27.365201] __kasan_check_write+0x18/0x20 [ 27.366052] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.366715] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.367254] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.367948] ? trace_hardirqs_on+0x37/0xe0 [ 27.369377] ? kasan_bitops_generic+0x93/0x1c0 [ 27.370182] kasan_bitops_generic+0x117/0x1c0 [ 27.370554] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.371670] ? __pfx_read_tsc+0x10/0x10 [ 27.372444] ? ktime_get_ts64+0x86/0x230 [ 27.372735] kunit_try_run_case+0x1b3/0x490 [ 27.373703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.374203] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.374571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.376041] ? __kthread_parkme+0x82/0x160 [ 27.376469] ? preempt_count_sub+0x50/0x80 [ 27.376867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.377170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.377554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.378505] kthread+0x257/0x310 [ 27.379086] ? __pfx_kthread+0x10/0x10 [ 27.379523] ret_from_fork+0x41/0x80 [ 27.380377] ? __pfx_kthread+0x10/0x10 [ 27.380694] ret_from_fork_asm+0x1a/0x30 [ 27.381041] </TASK> [ 27.382647] [ 27.382974] Allocated by task 269: [ 27.383977] kasan_save_stack+0x3d/0x60 [ 27.384272] kasan_save_track+0x18/0x40 [ 27.385795] kasan_save_alloc_info+0x3b/0x50 [ 27.386437] __kasan_kmalloc+0xb7/0xc0 [ 27.387476] __kmalloc_cache_noprof+0x184/0x410 [ 27.387718] kasan_bitops_generic+0x93/0x1c0 [ 27.387912] kunit_try_run_case+0x1b3/0x490 [ 27.388212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.390264] kthread+0x257/0x310 [ 27.390648] ret_from_fork+0x41/0x80 [ 27.391374] ret_from_fork_asm+0x1a/0x30 [ 27.392001] [ 27.392819] The buggy address belongs to the object at ffff888101b3cce0 [ 27.392819] which belongs to the cache kmalloc-16 of size 16 [ 27.394608] The buggy address is located 8 bytes inside of [ 27.394608] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.395661] [ 27.395994] The buggy address belongs to the physical page: [ 27.396794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.397429] flags: 0x200000000000000(node=0|zone=2) [ 27.398990] page_type: f5(slab) [ 27.399306] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.400303] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.401157] page dumped because: kasan: bad access detected [ 27.402370] [ 27.402654] Memory state around the buggy address: [ 27.403232] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.404062] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.404833] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.405621] ^ [ 27.406263] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.407751] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.408370] ================================================================== [ 27.769426] ================================================================== [ 27.770667] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.773172] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.773891] [ 27.774842] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.775901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.776364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.777495] Call Trace: [ 27.777799] <TASK> [ 27.778079] dump_stack_lvl+0x73/0xb0 [ 27.778472] print_report+0xd1/0x640 [ 27.778883] ? __virt_addr_valid+0x1db/0x2d0 [ 27.780863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.782665] kasan_report+0x102/0x140 [ 27.783144] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.784330] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.784745] kasan_check_range+0x10c/0x1c0 [ 27.785192] __kasan_check_write+0x18/0x20 [ 27.785619] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.787424] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.787970] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.788893] ? trace_hardirqs_on+0x37/0xe0 [ 27.789845] ? kasan_bitops_generic+0x93/0x1c0 [ 27.790571] kasan_bitops_generic+0x117/0x1c0 [ 27.791421] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.793075] ? __pfx_read_tsc+0x10/0x10 [ 27.793721] ? ktime_get_ts64+0x86/0x230 [ 27.794850] kunit_try_run_case+0x1b3/0x490 [ 27.795180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.796727] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.798067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.798403] ? __kthread_parkme+0x82/0x160 [ 27.799069] ? preempt_count_sub+0x50/0x80 [ 27.800626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.801123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.801686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.802616] kthread+0x257/0x310 [ 27.803468] ? __pfx_kthread+0x10/0x10 [ 27.804331] ret_from_fork+0x41/0x80 [ 27.805120] ? __pfx_kthread+0x10/0x10 [ 27.805953] ret_from_fork_asm+0x1a/0x30 [ 27.807127] </TASK> [ 27.807448] [ 27.807679] Allocated by task 269: [ 27.808064] kasan_save_stack+0x3d/0x60 [ 27.808494] kasan_save_track+0x18/0x40 [ 27.808894] kasan_save_alloc_info+0x3b/0x50 [ 27.809730] __kasan_kmalloc+0xb7/0xc0 [ 27.811167] __kmalloc_cache_noprof+0x184/0x410 [ 27.811684] kasan_bitops_generic+0x93/0x1c0 [ 27.812062] kunit_try_run_case+0x1b3/0x490 [ 27.812507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.812915] kthread+0x257/0x310 [ 27.814025] ret_from_fork+0x41/0x80 [ 27.814623] ret_from_fork_asm+0x1a/0x30 [ 27.815048] [ 27.816260] The buggy address belongs to the object at ffff888101b3cce0 [ 27.816260] which belongs to the cache kmalloc-16 of size 16 [ 27.818610] The buggy address is located 8 bytes inside of [ 27.818610] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.819773] [ 27.820033] The buggy address belongs to the physical page: [ 27.821173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.822864] flags: 0x200000000000000(node=0|zone=2) [ 27.823745] page_type: f5(slab) [ 27.825416] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.826354] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.827013] page dumped because: kasan: bad access detected [ 27.827563] [ 27.828400] Memory state around the buggy address: [ 27.829139] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.830804] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.832247] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.832637] ^ [ 27.833542] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.834663] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.835184] ================================================================== [ 27.608004] ================================================================== [ 27.609379] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.610153] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.610839] [ 27.612794] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.613467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.614234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.615829] Call Trace: [ 27.616191] <TASK> [ 27.616919] dump_stack_lvl+0x73/0xb0 [ 27.618053] print_report+0xd1/0x640 [ 27.618533] ? __virt_addr_valid+0x1db/0x2d0 [ 27.618925] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.619430] kasan_report+0x102/0x140 [ 27.619792] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.621317] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.622204] kasan_check_range+0x10c/0x1c0 [ 27.623153] __kasan_check_write+0x18/0x20 [ 27.623953] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.624799] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.626040] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.626542] ? trace_hardirqs_on+0x37/0xe0 [ 27.627051] ? kasan_bitops_generic+0x93/0x1c0 [ 27.627878] kasan_bitops_generic+0x117/0x1c0 [ 27.628338] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.628966] ? __pfx_read_tsc+0x10/0x10 [ 27.629984] ? ktime_get_ts64+0x86/0x230 [ 27.630449] kunit_try_run_case+0x1b3/0x490 [ 27.630972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.631970] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.632702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.633548] ? __kthread_parkme+0x82/0x160 [ 27.634060] ? preempt_count_sub+0x50/0x80 [ 27.634510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.636616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.637699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.638241] kthread+0x257/0x310 [ 27.638833] ? __pfx_kthread+0x10/0x10 [ 27.639723] ret_from_fork+0x41/0x80 [ 27.640188] ? __pfx_kthread+0x10/0x10 [ 27.640408] ret_from_fork_asm+0x1a/0x30 [ 27.641621] </TASK> [ 27.642182] [ 27.642495] Allocated by task 269: [ 27.643096] kasan_save_stack+0x3d/0x60 [ 27.644188] kasan_save_track+0x18/0x40 [ 27.645156] kasan_save_alloc_info+0x3b/0x50 [ 27.645851] __kasan_kmalloc+0xb7/0xc0 [ 27.646132] __kmalloc_cache_noprof+0x184/0x410 [ 27.646629] kasan_bitops_generic+0x93/0x1c0 [ 27.647000] kunit_try_run_case+0x1b3/0x490 [ 27.647522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.649070] kthread+0x257/0x310 [ 27.649505] ret_from_fork+0x41/0x80 [ 27.650083] ret_from_fork_asm+0x1a/0x30 [ 27.650381] [ 27.650603] The buggy address belongs to the object at ffff888101b3cce0 [ 27.650603] which belongs to the cache kmalloc-16 of size 16 [ 27.651741] The buggy address is located 8 bytes inside of [ 27.651741] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.653849] [ 27.654139] The buggy address belongs to the physical page: [ 27.654569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.655406] flags: 0x200000000000000(node=0|zone=2) [ 27.655919] page_type: f5(slab) [ 27.656234] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.657221] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.658057] page dumped because: kasan: bad access detected [ 27.658400] [ 27.658765] Memory state around the buggy address: [ 27.659328] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.660015] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.660787] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.661260] ^ [ 27.662198] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.662846] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.663705] ================================================================== [ 27.720757] ================================================================== [ 27.722290] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.723290] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.724193] [ 27.724789] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.725411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.726149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.726802] Call Trace: [ 27.727496] <TASK> [ 27.727813] dump_stack_lvl+0x73/0xb0 [ 27.728284] print_report+0xd1/0x640 [ 27.728577] ? __virt_addr_valid+0x1db/0x2d0 [ 27.728885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.729845] kasan_report+0x102/0x140 [ 27.731401] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.732175] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.732993] kasan_check_range+0x10c/0x1c0 [ 27.733836] __kasan_check_write+0x18/0x20 [ 27.734308] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.735159] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.736025] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.736386] ? trace_hardirqs_on+0x37/0xe0 [ 27.737655] ? kasan_bitops_generic+0x93/0x1c0 [ 27.738533] kasan_bitops_generic+0x117/0x1c0 [ 27.739070] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.739499] ? __pfx_read_tsc+0x10/0x10 [ 27.739804] ? ktime_get_ts64+0x86/0x230 [ 27.740663] kunit_try_run_case+0x1b3/0x490 [ 27.741240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.742020] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.742464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.742954] ? __kthread_parkme+0x82/0x160 [ 27.743441] ? preempt_count_sub+0x50/0x80 [ 27.744006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.744494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.745045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.745530] kthread+0x257/0x310 [ 27.745862] ? __pfx_kthread+0x10/0x10 [ 27.747178] ret_from_fork+0x41/0x80 [ 27.747536] ? __pfx_kthread+0x10/0x10 [ 27.748094] ret_from_fork_asm+0x1a/0x30 [ 27.748400] </TASK> [ 27.748595] [ 27.748799] Allocated by task 269: [ 27.749253] kasan_save_stack+0x3d/0x60 [ 27.749747] kasan_save_track+0x18/0x40 [ 27.750398] kasan_save_alloc_info+0x3b/0x50 [ 27.751047] __kasan_kmalloc+0xb7/0xc0 [ 27.751322] __kmalloc_cache_noprof+0x184/0x410 [ 27.751655] kasan_bitops_generic+0x93/0x1c0 [ 27.752141] kunit_try_run_case+0x1b3/0x490 [ 27.752678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.753258] kthread+0x257/0x310 [ 27.753570] ret_from_fork+0x41/0x80 [ 27.754076] ret_from_fork_asm+0x1a/0x30 [ 27.755495] [ 27.755681] The buggy address belongs to the object at ffff888101b3cce0 [ 27.755681] which belongs to the cache kmalloc-16 of size 16 [ 27.756876] The buggy address is located 8 bytes inside of [ 27.756876] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.758317] [ 27.758496] The buggy address belongs to the physical page: [ 27.758832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.759791] flags: 0x200000000000000(node=0|zone=2) [ 27.760353] page_type: f5(slab) [ 27.760759] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.761653] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.762181] page dumped because: kasan: bad access detected [ 27.762517] [ 27.762673] Memory state around the buggy address: [ 27.763149] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.763923] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.764679] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.765921] ^ [ 27.767241] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.767850] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.768460] ================================================================== [ 27.411447] ================================================================== [ 27.412122] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.412990] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.414167] [ 27.414645] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.416255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.416892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.418257] Call Trace: [ 27.419142] <TASK> [ 27.419533] dump_stack_lvl+0x73/0xb0 [ 27.420282] print_report+0xd1/0x640 [ 27.420646] ? __virt_addr_valid+0x1db/0x2d0 [ 27.421371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.422460] kasan_report+0x102/0x140 [ 27.423253] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.423737] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.424025] kasan_check_range+0x10c/0x1c0 [ 27.424722] __kasan_check_write+0x18/0x20 [ 27.425867] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.427007] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.428372] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.429056] ? trace_hardirqs_on+0x37/0xe0 [ 27.430140] ? kasan_bitops_generic+0x93/0x1c0 [ 27.431429] kasan_bitops_generic+0x117/0x1c0 [ 27.431815] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.432647] ? __pfx_read_tsc+0x10/0x10 [ 27.433995] ? ktime_get_ts64+0x86/0x230 [ 27.435058] kunit_try_run_case+0x1b3/0x490 [ 27.435873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.436204] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.437479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.438048] ? __kthread_parkme+0x82/0x160 [ 27.440228] ? preempt_count_sub+0x50/0x80 [ 27.440825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.441951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.442511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.443315] kthread+0x257/0x310 [ 27.444034] ? __pfx_kthread+0x10/0x10 [ 27.444815] ret_from_fork+0x41/0x80 [ 27.446571] ? __pfx_kthread+0x10/0x10 [ 27.447018] ret_from_fork_asm+0x1a/0x30 [ 27.448020] </TASK> [ 27.448468] [ 27.449092] Allocated by task 269: [ 27.449743] kasan_save_stack+0x3d/0x60 [ 27.451453] kasan_save_track+0x18/0x40 [ 27.451845] kasan_save_alloc_info+0x3b/0x50 [ 27.453025] __kasan_kmalloc+0xb7/0xc0 [ 27.453817] __kmalloc_cache_noprof+0x184/0x410 [ 27.454415] kasan_bitops_generic+0x93/0x1c0 [ 27.454860] kunit_try_run_case+0x1b3/0x490 [ 27.455235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.455799] kthread+0x257/0x310 [ 27.456433] ret_from_fork+0x41/0x80 [ 27.456706] ret_from_fork_asm+0x1a/0x30 [ 27.457970] [ 27.458291] The buggy address belongs to the object at ffff888101b3cce0 [ 27.458291] which belongs to the cache kmalloc-16 of size 16 [ 27.459519] The buggy address is located 8 bytes inside of [ 27.459519] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.460750] [ 27.461167] The buggy address belongs to the physical page: [ 27.461642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.463232] flags: 0x200000000000000(node=0|zone=2) [ 27.464452] page_type: f5(slab) [ 27.464817] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.465985] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.467141] page dumped because: kasan: bad access detected [ 27.468739] [ 27.468867] Memory state around the buggy address: [ 27.470017] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.471181] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.472091] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.472686] ^ [ 27.473794] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.475513] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.476148] ================================================================== [ 27.546300] ================================================================== [ 27.547275] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.549225] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.551309] [ 27.551705] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.552290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.554166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.555440] Call Trace: [ 27.555606] <TASK> [ 27.556168] dump_stack_lvl+0x73/0xb0 [ 27.556393] print_report+0xd1/0x640 [ 27.557663] ? __virt_addr_valid+0x1db/0x2d0 [ 27.558327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.558714] kasan_report+0x102/0x140 [ 27.559824] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.560783] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.561667] kasan_check_range+0x10c/0x1c0 [ 27.562318] __kasan_check_write+0x18/0x20 [ 27.563324] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.564318] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.565280] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.566419] ? trace_hardirqs_on+0x37/0xe0 [ 27.567333] ? kasan_bitops_generic+0x93/0x1c0 [ 27.568278] kasan_bitops_generic+0x117/0x1c0 [ 27.569008] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.569680] ? __pfx_read_tsc+0x10/0x10 [ 27.571034] ? ktime_get_ts64+0x86/0x230 [ 27.571532] kunit_try_run_case+0x1b3/0x490 [ 27.571964] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.573403] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.574066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.575170] ? __kthread_parkme+0x82/0x160 [ 27.575428] ? preempt_count_sub+0x50/0x80 [ 27.575627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.575836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.576834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.577237] kthread+0x257/0x310 [ 27.577913] ? __pfx_kthread+0x10/0x10 [ 27.579611] ret_from_fork+0x41/0x80 [ 27.580078] ? __pfx_kthread+0x10/0x10 [ 27.581365] ret_from_fork_asm+0x1a/0x30 [ 27.582087] </TASK> [ 27.582334] [ 27.582539] Allocated by task 269: [ 27.582916] kasan_save_stack+0x3d/0x60 [ 27.583387] kasan_save_track+0x18/0x40 [ 27.583890] kasan_save_alloc_info+0x3b/0x50 [ 27.584483] __kasan_kmalloc+0xb7/0xc0 [ 27.584892] __kmalloc_cache_noprof+0x184/0x410 [ 27.585621] kasan_bitops_generic+0x93/0x1c0 [ 27.585993] kunit_try_run_case+0x1b3/0x490 [ 27.586330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.587549] kthread+0x257/0x310 [ 27.587919] ret_from_fork+0x41/0x80 [ 27.588313] ret_from_fork_asm+0x1a/0x30 [ 27.588676] [ 27.588917] The buggy address belongs to the object at ffff888101b3cce0 [ 27.588917] which belongs to the cache kmalloc-16 of size 16 [ 27.591253] The buggy address is located 8 bytes inside of [ 27.591253] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.592406] [ 27.593242] The buggy address belongs to the physical page: [ 27.593926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.595747] flags: 0x200000000000000(node=0|zone=2) [ 27.596195] page_type: f5(slab) [ 27.596548] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.597876] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.598810] page dumped because: kasan: bad access detected [ 27.600404] [ 27.600651] Memory state around the buggy address: [ 27.601036] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.601923] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.603077] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.603788] ^ [ 27.604702] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.605326] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.606458] ================================================================== [ 27.479307] ================================================================== [ 27.480153] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.482515] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.483058] [ 27.483240] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.485556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.486614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.487639] Call Trace: [ 27.487873] <TASK> [ 27.488437] dump_stack_lvl+0x73/0xb0 [ 27.489204] print_report+0xd1/0x640 [ 27.489863] ? __virt_addr_valid+0x1db/0x2d0 [ 27.491027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.491847] kasan_report+0x102/0x140 [ 27.492448] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.493305] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.493835] kasan_check_range+0x10c/0x1c0 [ 27.495056] __kasan_check_write+0x18/0x20 [ 27.495496] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.496545] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.497292] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.497924] ? trace_hardirqs_on+0x37/0xe0 [ 27.498617] ? kasan_bitops_generic+0x93/0x1c0 [ 27.499347] kasan_bitops_generic+0x117/0x1c0 [ 27.500084] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.501236] ? __pfx_read_tsc+0x10/0x10 [ 27.501484] ? ktime_get_ts64+0x86/0x230 [ 27.502042] kunit_try_run_case+0x1b3/0x490 [ 27.502748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.503813] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.504430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.504989] ? __kthread_parkme+0x82/0x160 [ 27.505364] ? preempt_count_sub+0x50/0x80 [ 27.506270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.506717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.508377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.509369] kthread+0x257/0x310 [ 27.510203] ? __pfx_kthread+0x10/0x10 [ 27.511143] ret_from_fork+0x41/0x80 [ 27.511790] ? __pfx_kthread+0x10/0x10 [ 27.512215] ret_from_fork_asm+0x1a/0x30 [ 27.512668] </TASK> [ 27.512994] [ 27.513195] Allocated by task 269: [ 27.513646] kasan_save_stack+0x3d/0x60 [ 27.515114] kasan_save_track+0x18/0x40 [ 27.516111] kasan_save_alloc_info+0x3b/0x50 [ 27.516855] __kasan_kmalloc+0xb7/0xc0 [ 27.517127] __kmalloc_cache_noprof+0x184/0x410 [ 27.517360] kasan_bitops_generic+0x93/0x1c0 [ 27.517668] kunit_try_run_case+0x1b3/0x490 [ 27.519363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.520543] kthread+0x257/0x310 [ 27.521047] ret_from_fork+0x41/0x80 [ 27.522150] ret_from_fork_asm+0x1a/0x30 [ 27.523077] [ 27.523617] The buggy address belongs to the object at ffff888101b3cce0 [ 27.523617] which belongs to the cache kmalloc-16 of size 16 [ 27.525710] The buggy address is located 8 bytes inside of [ 27.525710] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.527081] [ 27.527310] The buggy address belongs to the physical page: [ 27.529268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.529952] flags: 0x200000000000000(node=0|zone=2) [ 27.531200] page_type: f5(slab) [ 27.531829] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.533187] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.534125] page dumped because: kasan: bad access detected [ 27.535162] [ 27.535348] Memory state around the buggy address: [ 27.535671] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.537326] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.538147] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.539495] ^ [ 27.540911] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.542127] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.543526] ================================================================== [ 27.665965] ================================================================== [ 27.667195] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.668044] Write of size 8 at addr ffff888101b3cce8 by task kunit_try_catch/269 [ 27.668865] [ 27.669132] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 27.671005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.671618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.673642] Call Trace: [ 27.674126] <TASK> [ 27.674355] dump_stack_lvl+0x73/0xb0 [ 27.675084] print_report+0xd1/0x640 [ 27.675397] ? __virt_addr_valid+0x1db/0x2d0 [ 27.676298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.676766] kasan_report+0x102/0x140 [ 27.677234] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.678589] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.679239] kasan_check_range+0x10c/0x1c0 [ 27.679571] __kasan_check_write+0x18/0x20 [ 27.680108] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.680615] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.681486] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.682234] ? trace_hardirqs_on+0x37/0xe0 [ 27.682569] ? kasan_bitops_generic+0x93/0x1c0 [ 27.682893] kasan_bitops_generic+0x117/0x1c0 [ 27.683720] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.684380] ? __pfx_read_tsc+0x10/0x10 [ 27.684683] ? ktime_get_ts64+0x86/0x230 [ 27.685338] kunit_try_run_case+0x1b3/0x490 [ 27.685922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.686495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.687090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.687518] ? __kthread_parkme+0x82/0x160 [ 27.689196] ? preempt_count_sub+0x50/0x80 [ 27.689583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.690434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.691046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.691793] kthread+0x257/0x310 [ 27.692339] ? __pfx_kthread+0x10/0x10 [ 27.692698] ret_from_fork+0x41/0x80 [ 27.693085] ? __pfx_kthread+0x10/0x10 [ 27.693970] ret_from_fork_asm+0x1a/0x30 [ 27.694685] </TASK> [ 27.694966] [ 27.696052] Allocated by task 269: [ 27.696399] kasan_save_stack+0x3d/0x60 [ 27.696800] kasan_save_track+0x18/0x40 [ 27.697383] kasan_save_alloc_info+0x3b/0x50 [ 27.697812] __kasan_kmalloc+0xb7/0xc0 [ 27.698253] __kmalloc_cache_noprof+0x184/0x410 [ 27.698788] kasan_bitops_generic+0x93/0x1c0 [ 27.699319] kunit_try_run_case+0x1b3/0x490 [ 27.699810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.701582] kthread+0x257/0x310 [ 27.702240] ret_from_fork+0x41/0x80 [ 27.703352] ret_from_fork_asm+0x1a/0x30 [ 27.704059] [ 27.704594] The buggy address belongs to the object at ffff888101b3cce0 [ 27.704594] which belongs to the cache kmalloc-16 of size 16 [ 27.706008] The buggy address is located 8 bytes inside of [ 27.706008] allocated 9-byte region [ffff888101b3cce0, ffff888101b3cce9) [ 27.708092] [ 27.708271] The buggy address belongs to the physical page: [ 27.708968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 27.709720] flags: 0x200000000000000(node=0|zone=2) [ 27.710742] page_type: f5(slab) [ 27.711138] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.711870] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.712663] page dumped because: kasan: bad access detected [ 27.714259] [ 27.714535] Memory state around the buggy address: [ 27.714829] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 27.715797] ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 27.716651] >ffff888101b3cc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.717250] ^ [ 27.718040] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.718774] ffff888101b3cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.719189] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 26.926321] ================================================================== [ 26.927810] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 26.930030] Read of size 1 at addr ffff888102b97caa by task kunit_try_catch/261 [ 26.932211] [ 26.932531] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.934061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.934541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.936162] Call Trace: [ 26.937017] <TASK> [ 26.937894] dump_stack_lvl+0x73/0xb0 [ 26.939328] print_report+0xd1/0x640 [ 26.940192] ? __virt_addr_valid+0x1db/0x2d0 [ 26.940839] ? kasan_addr_to_slab+0x11/0xa0 [ 26.941892] kasan_report+0x102/0x140 [ 26.942712] ? kasan_alloca_oob_right+0x328/0x390 [ 26.943474] ? kasan_alloca_oob_right+0x328/0x390 [ 26.944804] __asan_report_load1_noabort+0x18/0x20 [ 26.945973] kasan_alloca_oob_right+0x328/0x390 [ 26.946988] ? pick_task_fair+0x88/0x390 [ 26.947505] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 26.948082] ? trace_hardirqs_on+0x37/0xe0 [ 26.948555] ? __schedule+0x1bdb/0x27e0 [ 26.950866] ? __pfx_read_tsc+0x10/0x10 [ 26.951659] ? ktime_get_ts64+0x86/0x230 [ 26.952047] kunit_try_run_case+0x1b3/0x490 [ 26.952568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.952880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.953686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.955786] ? __kthread_parkme+0x82/0x160 [ 26.956333] ? preempt_count_sub+0x50/0x80 [ 26.956798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.958029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.958806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.959383] kthread+0x257/0x310 [ 26.959746] ? __pfx_kthread+0x10/0x10 [ 26.961472] ret_from_fork+0x41/0x80 [ 26.961919] ? __pfx_kthread+0x10/0x10 [ 26.963028] ret_from_fork_asm+0x1a/0x30 [ 26.963516] </TASK> [ 26.963922] [ 26.964255] The buggy address belongs to stack of task kunit_try_catch/261 [ 26.965204] [ 26.965492] The buggy address belongs to the physical page: [ 26.966835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b97 [ 26.967809] flags: 0x200000000000000(node=0|zone=2) [ 26.968189] raw: 0200000000000000 ffffea00040ae5c8 ffffea00040ae5c8 0000000000000000 [ 26.969119] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.970619] page dumped because: kasan: bad access detected [ 26.971076] [ 26.971373] Memory state around the buggy address: [ 26.971806] ffff888102b97b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.973247] ffff888102b97c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.973982] >ffff888102b97c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 26.974793] ^ [ 26.976196] ffff888102b97d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 26.976924] ffff888102b97d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 26.977887] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 26.878226] ================================================================== [ 26.879062] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 26.880470] Read of size 1 at addr ffff888102b1fc9f by task kunit_try_catch/259 [ 26.881566] [ 26.882067] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.882922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.883790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.884692] Call Trace: [ 26.884994] <TASK> [ 26.885311] dump_stack_lvl+0x73/0xb0 [ 26.885754] print_report+0xd1/0x640 [ 26.886973] ? __virt_addr_valid+0x1db/0x2d0 [ 26.887480] ? kasan_addr_to_slab+0x11/0xa0 [ 26.887895] kasan_report+0x102/0x140 [ 26.888433] ? kasan_alloca_oob_left+0x31f/0x380 [ 26.888907] ? kasan_alloca_oob_left+0x31f/0x380 [ 26.889823] __asan_report_load1_noabort+0x18/0x20 [ 26.891309] kasan_alloca_oob_left+0x31f/0x380 [ 26.891749] ? __schedule_bug+0xa0/0xf0 [ 26.892263] ? __schedule+0xc70/0x27e0 [ 26.892708] ? trace_hardirqs_on+0x37/0xe0 [ 26.893251] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 26.893877] ? __schedule+0xc70/0x27e0 [ 26.894519] ? __pfx_read_tsc+0x10/0x10 [ 26.894914] ? ktime_get_ts64+0x86/0x230 [ 26.895914] kunit_try_run_case+0x1b3/0x490 [ 26.896481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.897027] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.897810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.898230] ? __kthread_parkme+0x82/0x160 [ 26.898727] ? preempt_count_sub+0x50/0x80 [ 26.899186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.899835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.900269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.901141] kthread+0x257/0x310 [ 26.901679] ? __pfx_kthread+0x10/0x10 [ 26.902070] ret_from_fork+0x41/0x80 [ 26.902519] ? __pfx_kthread+0x10/0x10 [ 26.902927] ret_from_fork_asm+0x1a/0x30 [ 26.904307] </TASK> [ 26.904545] [ 26.905313] The buggy address belongs to stack of task kunit_try_catch/259 [ 26.905963] [ 26.906526] The buggy address belongs to the physical page: [ 26.906968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b1f [ 26.908274] flags: 0x200000000000000(node=0|zone=2) [ 26.908975] raw: 0200000000000000 ffffea00040ac7c8 ffffea00040ac7c8 0000000000000000 [ 26.909891] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.911059] page dumped because: kasan: bad access detected [ 26.911838] [ 26.912168] Memory state around the buggy address: [ 26.912661] ffff888102b1fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.913846] ffff888102b1fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.914555] >ffff888102b1fc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 26.915379] ^ [ 26.915798] ffff888102b1fd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 26.916226] ffff888102b1fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 26.916954] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 26.826460] ================================================================== [ 26.827685] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 26.828447] Read of size 1 at addr ffff888102b8fd72 by task kunit_try_catch/257 [ 26.829033] [ 26.829235] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.831021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.831895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.832712] Call Trace: [ 26.833042] <TASK> [ 26.833326] dump_stack_lvl+0x73/0xb0 [ 26.833726] print_report+0xd1/0x640 [ 26.834893] ? __virt_addr_valid+0x1db/0x2d0 [ 26.835990] ? kasan_addr_to_slab+0x11/0xa0 [ 26.836479] kasan_report+0x102/0x140 [ 26.837155] ? kasan_stack_oob+0x2ae/0x300 [ 26.837962] ? kasan_stack_oob+0x2ae/0x300 [ 26.838479] __asan_report_load1_noabort+0x18/0x20 [ 26.839390] kasan_stack_oob+0x2ae/0x300 [ 26.839605] ? __pfx_kasan_stack_oob+0x10/0x10 [ 26.839824] ? finish_task_switch.isra.0+0x153/0x700 [ 26.840161] ? __switch_to+0x5d9/0xf60 [ 26.841145] ? __schedule+0xc70/0x27e0 [ 26.841542] ? __pfx_read_tsc+0x10/0x10 [ 26.843104] ? ktime_get_ts64+0x86/0x230 [ 26.843550] kunit_try_run_case+0x1b3/0x490 [ 26.844242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.844896] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.845588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.846292] ? __kthread_parkme+0x82/0x160 [ 26.846971] ? preempt_count_sub+0x50/0x80 [ 26.847756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.848685] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.849346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.849701] kthread+0x257/0x310 [ 26.850166] ? __pfx_kthread+0x10/0x10 [ 26.850594] ret_from_fork+0x41/0x80 [ 26.850898] ? __pfx_kthread+0x10/0x10 [ 26.851415] ret_from_fork_asm+0x1a/0x30 [ 26.852838] </TASK> [ 26.853151] [ 26.853411] The buggy address belongs to stack of task kunit_try_catch/257 [ 26.854763] and is located at offset 138 in frame: [ 26.855258] kasan_stack_oob+0x0/0x300 [ 26.855983] [ 26.856722] This frame has 4 objects: [ 26.857274] [48, 49) '__assertion' [ 26.857352] [64, 72) 'array' [ 26.857628] [96, 112) '__assertion' [ 26.858057] [128, 138) 'stack_array' [ 26.859054] [ 26.859599] The buggy address belongs to the physical page: [ 26.860770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8f [ 26.861746] flags: 0x200000000000000(node=0|zone=2) [ 26.862352] raw: 0200000000000000 ffffea00040ae3c8 ffffea00040ae3c8 0000000000000000 [ 26.863016] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.864080] page dumped because: kasan: bad access detected [ 26.864792] [ 26.864970] Memory state around the buggy address: [ 26.866022] ffff888102b8fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.866879] ffff888102b8fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 26.867627] >ffff888102b8fd00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 26.868221] ^ [ 26.869415] ffff888102b8fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 26.870199] ffff888102b8fe00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 26.871108] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 26.762666] ================================================================== [ 26.764164] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 26.765587] Read of size 1 at addr ffffffffae00dbed by task kunit_try_catch/253 [ 26.767744] [ 26.768030] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.770097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.770610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.772017] Call Trace: [ 26.772551] <TASK> [ 26.772819] dump_stack_lvl+0x73/0xb0 [ 26.773290] print_report+0xd1/0x640 [ 26.773752] ? __virt_addr_valid+0x1db/0x2d0 [ 26.774294] ? kasan_addr_to_slab+0x11/0xa0 [ 26.774749] kasan_report+0x102/0x140 [ 26.776440] ? kasan_global_oob_right+0x288/0x2d0 [ 26.777474] ? kasan_global_oob_right+0x288/0x2d0 [ 26.778271] __asan_report_load1_noabort+0x18/0x20 [ 26.779071] kasan_global_oob_right+0x288/0x2d0 [ 26.779830] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 26.780237] ? __schedule+0xc70/0x27e0 [ 26.781265] ? __pfx_read_tsc+0x10/0x10 [ 26.782008] ? ktime_get_ts64+0x86/0x230 [ 26.782834] kunit_try_run_case+0x1b3/0x490 [ 26.783572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.784079] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.785358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.786523] ? __kthread_parkme+0x82/0x160 [ 26.787021] ? preempt_count_sub+0x50/0x80 [ 26.787342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.789052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.790576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.791140] kthread+0x257/0x310 [ 26.792245] ? __pfx_kthread+0x10/0x10 [ 26.792647] ret_from_fork+0x41/0x80 [ 26.793651] ? __pfx_kthread+0x10/0x10 [ 26.794100] ret_from_fork_asm+0x1a/0x30 [ 26.795187] </TASK> [ 26.795420] [ 26.795778] The buggy address belongs to the variable: [ 26.796142] global_array+0xd/0x40 [ 26.797875] [ 26.798168] The buggy address belongs to the physical page: [ 26.798495] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71c0d [ 26.800405] flags: 0x100000000002000(reserved|node=0|zone=1) [ 26.801126] raw: 0100000000002000 ffffea0001c70348 ffffea0001c70348 0000000000000000 [ 26.802101] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.803037] page dumped because: kasan: bad access detected [ 26.804772] [ 26.805167] Memory state around the buggy address: [ 26.805574] ffffffffae00da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.806053] ffffffffae00db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.806904] >ffffffffae00db80: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 [ 26.808486] ^ [ 26.809703] ffffffffae00dc00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 26.810881] ffffffffae00dc80: f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 [ 26.811757] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 26.611840] ================================================================== [ 26.613495] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.615708] Free of addr ffff888102930201 by task kunit_try_catch/249 [ 26.616129] [ 26.617077] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.618560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.619108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.620887] Call Trace: [ 26.621143] <TASK> [ 26.621512] dump_stack_lvl+0x73/0xb0 [ 26.622390] print_report+0xd1/0x640 [ 26.623461] ? __virt_addr_valid+0x1db/0x2d0 [ 26.623919] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.624540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.625797] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.626171] kasan_report_invalid_free+0xc0/0xf0 [ 26.627518] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.628746] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.630024] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.630871] check_slab_allocation+0x11f/0x130 [ 26.631956] __kasan_mempool_poison_object+0x91/0x1d0 [ 26.632392] mempool_free+0x2ec/0x380 [ 26.633256] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.634391] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 26.635280] ? ret_from_fork+0x41/0x80 [ 26.635718] ? kthread+0x257/0x310 [ 26.636584] ? ret_from_fork_asm+0x1a/0x30 [ 26.637000] ? ret_from_fork_asm+0x1a/0x30 [ 26.638375] mempool_kmalloc_invalid_free+0xb1/0x100 [ 26.638754] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 26.639799] ? __switch_to+0x5d9/0xf60 [ 26.640234] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.640696] ? __pfx_mempool_kfree+0x10/0x10 [ 26.642178] ? __pfx_read_tsc+0x10/0x10 [ 26.642743] ? ktime_get_ts64+0x86/0x230 [ 26.643194] kunit_try_run_case+0x1b3/0x490 [ 26.643644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.644130] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.644623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.646712] ? __kthread_parkme+0x82/0x160 [ 26.648136] ? preempt_count_sub+0x50/0x80 [ 26.648619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.649248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.650556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.652044] kthread+0x257/0x310 [ 26.652417] ? __pfx_kthread+0x10/0x10 [ 26.652826] ret_from_fork+0x41/0x80 [ 26.653291] ? __pfx_kthread+0x10/0x10 [ 26.653698] ret_from_fork_asm+0x1a/0x30 [ 26.654835] </TASK> [ 26.655074] [ 26.656281] Allocated by task 249: [ 26.656527] kasan_save_stack+0x3d/0x60 [ 26.657724] kasan_save_track+0x18/0x40 [ 26.658241] kasan_save_alloc_info+0x3b/0x50 [ 26.658457] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.659343] remove_element+0x11e/0x190 [ 26.660039] mempool_alloc_preallocated+0x4d/0x90 [ 26.660554] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 26.661062] mempool_kmalloc_invalid_free+0xb1/0x100 [ 26.662089] kunit_try_run_case+0x1b3/0x490 [ 26.662586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.664207] kthread+0x257/0x310 [ 26.664906] ret_from_fork+0x41/0x80 [ 26.665245] ret_from_fork_asm+0x1a/0x30 [ 26.666518] [ 26.666715] The buggy address belongs to the object at ffff888102930200 [ 26.666715] which belongs to the cache kmalloc-128 of size 128 [ 26.669728] The buggy address is located 1 bytes inside of [ 26.669728] 128-byte region [ffff888102930200, ffff888102930280) [ 26.670768] [ 26.671329] The buggy address belongs to the physical page: [ 26.673099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102930 [ 26.673826] flags: 0x200000000000000(node=0|zone=2) [ 26.674404] page_type: f5(slab) [ 26.674812] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.675772] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.678495] page dumped because: kasan: bad access detected [ 26.679564] [ 26.679761] Memory state around the buggy address: [ 26.681141] ffff888102930100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.682609] ffff888102930180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.683112] >ffff888102930200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.684144] ^ [ 26.684498] ffff888102930280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.686187] ffff888102930300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.686855] ================================================================== [ 26.696273] ================================================================== [ 26.697622] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.698436] Free of addr ffff888102994001 by task kunit_try_catch/251 [ 26.700241] [ 26.701890] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.703644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.704060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.705024] Call Trace: [ 26.706149] <TASK> [ 26.706371] dump_stack_lvl+0x73/0xb0 [ 26.706785] print_report+0xd1/0x640 [ 26.707095] ? __virt_addr_valid+0x1db/0x2d0 [ 26.707697] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.708688] ? kasan_addr_to_slab+0x11/0xa0 [ 26.709228] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.710975] kasan_report_invalid_free+0xc0/0xf0 [ 26.711553] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.712470] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.712907] __kasan_mempool_poison_object+0x102/0x1d0 [ 26.713428] mempool_free+0x2ec/0x380 [ 26.713763] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.715311] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 26.716185] ? finish_task_switch.isra.0+0x153/0x700 [ 26.717112] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 26.717652] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 26.719151] ? __switch_to+0x5d9/0xf60 [ 26.719548] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.719832] ? __pfx_mempool_kfree+0x10/0x10 [ 26.720314] ? __pfx_read_tsc+0x10/0x10 [ 26.721918] ? ktime_get_ts64+0x86/0x230 [ 26.722553] kunit_try_run_case+0x1b3/0x490 [ 26.723073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.724013] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.724979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.725817] ? __kthread_parkme+0x82/0x160 [ 26.726754] ? preempt_count_sub+0x50/0x80 [ 26.728038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.728559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.729244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.729957] kthread+0x257/0x310 [ 26.731137] ? __pfx_kthread+0x10/0x10 [ 26.731690] ret_from_fork+0x41/0x80 [ 26.732175] ? __pfx_kthread+0x10/0x10 [ 26.732594] ret_from_fork_asm+0x1a/0x30 [ 26.734436] </TASK> [ 26.734743] [ 26.734948] The buggy address belongs to the physical page: [ 26.735721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 26.736260] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.737651] flags: 0x200000000000040(head|node=0|zone=2) [ 26.739039] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.740094] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.740827] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.743103] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.744088] head: 0200000000000002 ffffea00040a6501 ffffffffffffffff 0000000000000000 [ 26.744830] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.745258] page dumped because: kasan: bad access detected [ 26.746908] [ 26.747171] Memory state around the buggy address: [ 26.748269] ffff888102993f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.749277] ffff888102993f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.750655] >ffff888102994000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.751448] ^ [ 26.752794] ffff888102994080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.753810] ffff888102994100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.754988] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 26.555182] ================================================================== [ 26.556771] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 26.557762] Free of addr ffff888102acc000 by task kunit_try_catch/247 [ 26.558748] [ 26.559188] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.560656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.561081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.562248] Call Trace: [ 26.562970] <TASK> [ 26.563335] dump_stack_lvl+0x73/0xb0 [ 26.564069] print_report+0xd1/0x640 [ 26.564493] ? __virt_addr_valid+0x1db/0x2d0 [ 26.565736] ? mempool_double_free_helper+0x185/0x370 [ 26.567309] ? kasan_addr_to_slab+0x11/0xa0 [ 26.568261] ? mempool_double_free_helper+0x185/0x370 [ 26.568749] kasan_report_invalid_free+0xc0/0xf0 [ 26.569854] ? mempool_double_free_helper+0x185/0x370 [ 26.570357] ? mempool_double_free_helper+0x185/0x370 [ 26.570873] __kasan_mempool_poison_pages+0x115/0x130 [ 26.571967] mempool_free+0x290/0x380 [ 26.572428] mempool_double_free_helper+0x185/0x370 [ 26.573439] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.574164] mempool_page_alloc_double_free+0xac/0x100 [ 26.575080] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 26.575820] ? __switch_to+0x5d9/0xf60 [ 26.576821] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 26.577280] ? __pfx_mempool_free_pages+0x10/0x10 [ 26.577792] ? __pfx_read_tsc+0x10/0x10 [ 26.578532] ? ktime_get_ts64+0x86/0x230 [ 26.579143] kunit_try_run_case+0x1b3/0x490 [ 26.579718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.580115] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.580817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.581386] ? __kthread_parkme+0x82/0x160 [ 26.582030] ? preempt_count_sub+0x50/0x80 [ 26.582392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.583741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.584510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.585061] kthread+0x257/0x310 [ 26.585427] ? __pfx_kthread+0x10/0x10 [ 26.585808] ret_from_fork+0x41/0x80 [ 26.587168] ? __pfx_kthread+0x10/0x10 [ 26.587946] ret_from_fork_asm+0x1a/0x30 [ 26.588729] </TASK> [ 26.589330] [ 26.589619] The buggy address belongs to the physical page: [ 26.590143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 26.591069] flags: 0x200000000000000(node=0|zone=2) [ 26.591973] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.593178] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.594449] page dumped because: kasan: bad access detected [ 26.595159] [ 26.596076] Memory state around the buggy address: [ 26.596549] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.597525] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.599129] >ffff888102acc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.599952] ^ [ 26.600589] ffff888102acc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.601215] ffff888102acc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.602663] ================================================================== [ 26.498604] ================================================================== [ 26.499514] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 26.500007] Free of addr ffff888102acc000 by task kunit_try_catch/245 [ 26.500721] [ 26.501223] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.501900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.502992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.504132] Call Trace: [ 26.504432] <TASK> [ 26.505214] dump_stack_lvl+0x73/0xb0 [ 26.505829] print_report+0xd1/0x640 [ 26.506283] ? __virt_addr_valid+0x1db/0x2d0 [ 26.506806] ? mempool_double_free_helper+0x185/0x370 [ 26.507406] ? kasan_addr_to_slab+0x11/0xa0 [ 26.507966] ? mempool_double_free_helper+0x185/0x370 [ 26.508679] kasan_report_invalid_free+0xc0/0xf0 [ 26.509206] ? mempool_double_free_helper+0x185/0x370 [ 26.509657] ? mempool_double_free_helper+0x185/0x370 [ 26.510118] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 26.510675] mempool_free+0x2ec/0x380 [ 26.511226] mempool_double_free_helper+0x185/0x370 [ 26.512745] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.513186] ? finish_task_switch.isra.0+0x153/0x700 [ 26.514190] mempool_kmalloc_large_double_free+0xb1/0x100 [ 26.514975] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 26.515679] ? __switch_to+0x5d9/0xf60 [ 26.516302] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.516852] ? __pfx_mempool_kfree+0x10/0x10 [ 26.517164] ? __pfx_read_tsc+0x10/0x10 [ 26.517689] ? ktime_get_ts64+0x86/0x230 [ 26.518713] kunit_try_run_case+0x1b3/0x490 [ 26.519268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.520176] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.520654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.521135] ? __kthread_parkme+0x82/0x160 [ 26.521545] ? preempt_count_sub+0x50/0x80 [ 26.522701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.523181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.524454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.525247] kthread+0x257/0x310 [ 26.525765] ? __pfx_kthread+0x10/0x10 [ 26.526630] ret_from_fork+0x41/0x80 [ 26.527030] ? __pfx_kthread+0x10/0x10 [ 26.528018] ret_from_fork_asm+0x1a/0x30 [ 26.528555] </TASK> [ 26.528801] [ 26.529007] The buggy address belongs to the physical page: [ 26.529513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 26.531036] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.532000] flags: 0x200000000000040(head|node=0|zone=2) [ 26.532821] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.534153] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.535329] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.536252] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.537892] head: 0200000000000002 ffffea00040ab301 ffffffffffffffff 0000000000000000 [ 26.539475] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.540521] page dumped because: kasan: bad access detected [ 26.541648] [ 26.542124] Memory state around the buggy address: [ 26.542768] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.544301] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.544656] >ffff888102acc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.544952] ^ [ 26.545159] ffff888102acc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.545432] ffff888102acc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.545700] ================================================================== [ 26.414204] ================================================================== [ 26.415576] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 26.416220] Free of addr ffff88810292ca00 by task kunit_try_catch/243 [ 26.416760] [ 26.417034] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.419215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.419687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.420769] Call Trace: [ 26.421254] <TASK> [ 26.421449] dump_stack_lvl+0x73/0xb0 [ 26.422355] print_report+0xd1/0x640 [ 26.423144] ? __virt_addr_valid+0x1db/0x2d0 [ 26.423902] ? mempool_double_free_helper+0x185/0x370 [ 26.425207] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.426100] ? mempool_double_free_helper+0x185/0x370 [ 26.427328] kasan_report_invalid_free+0xc0/0xf0 [ 26.427646] ? mempool_double_free_helper+0x185/0x370 [ 26.428922] ? mempool_double_free_helper+0x185/0x370 [ 26.430445] ? mempool_double_free_helper+0x185/0x370 [ 26.430955] check_slab_allocation+0x101/0x130 [ 26.432212] __kasan_mempool_poison_object+0x91/0x1d0 [ 26.432869] mempool_free+0x2ec/0x380 [ 26.433240] mempool_double_free_helper+0x185/0x370 [ 26.433608] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.434325] ? irqentry_exit+0x2a/0x60 [ 26.434739] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.435395] mempool_kmalloc_double_free+0xb1/0x100 [ 26.436155] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 26.437572] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.438089] ? __pfx_mempool_kfree+0x10/0x10 [ 26.438476] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 26.439151] kunit_try_run_case+0x1b3/0x490 [ 26.439496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.440358] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.440997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.442525] ? __kthread_parkme+0x82/0x160 [ 26.443185] ? preempt_count_sub+0x50/0x80 [ 26.443854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.444287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.445123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.445799] kthread+0x257/0x310 [ 26.446558] ? __pfx_kthread+0x10/0x10 [ 26.447516] ret_from_fork+0x41/0x80 [ 26.448796] ? __pfx_kthread+0x10/0x10 [ 26.449434] ret_from_fork_asm+0x1a/0x30 [ 26.450070] </TASK> [ 26.450363] [ 26.450546] Allocated by task 243: [ 26.450908] kasan_save_stack+0x3d/0x60 [ 26.452155] kasan_save_track+0x18/0x40 [ 26.452750] kasan_save_alloc_info+0x3b/0x50 [ 26.454107] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.454637] remove_element+0x11e/0x190 [ 26.455105] mempool_alloc_preallocated+0x4d/0x90 [ 26.455477] mempool_double_free_helper+0x8b/0x370 [ 26.456581] mempool_kmalloc_double_free+0xb1/0x100 [ 26.458083] kunit_try_run_case+0x1b3/0x490 [ 26.459247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.460012] kthread+0x257/0x310 [ 26.461182] ret_from_fork+0x41/0x80 [ 26.461866] ret_from_fork_asm+0x1a/0x30 [ 26.462983] [ 26.463177] Freed by task 243: [ 26.464103] kasan_save_stack+0x3d/0x60 [ 26.465004] kasan_save_track+0x18/0x40 [ 26.465289] kasan_save_free_info+0x3f/0x60 [ 26.465806] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.466999] mempool_free+0x2ec/0x380 [ 26.467212] mempool_double_free_helper+0x10a/0x370 [ 26.467430] mempool_kmalloc_double_free+0xb1/0x100 [ 26.467642] kunit_try_run_case+0x1b3/0x490 [ 26.467829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.468314] kthread+0x257/0x310 [ 26.468736] ret_from_fork+0x41/0x80 [ 26.470443] ret_from_fork_asm+0x1a/0x30 [ 26.471195] [ 26.471433] The buggy address belongs to the object at ffff88810292ca00 [ 26.471433] which belongs to the cache kmalloc-128 of size 128 [ 26.472900] The buggy address is located 0 bytes inside of [ 26.472900] 128-byte region [ffff88810292ca00, ffff88810292ca80) [ 26.475526] [ 26.475858] The buggy address belongs to the physical page: [ 26.476902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10292c [ 26.478373] flags: 0x200000000000000(node=0|zone=2) [ 26.478684] page_type: f5(slab) [ 26.479686] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.480844] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.481977] page dumped because: kasan: bad access detected [ 26.483434] [ 26.483623] Memory state around the buggy address: [ 26.483978] ffff88810292c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.484963] ffff88810292c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.486487] >ffff88810292ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.487573] ^ [ 26.488411] ffff88810292ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.489594] ffff88810292cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.490232] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 26.228138] ================================================================== [ 26.229147] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.230228] Read of size 1 at addr ffff888102acc000 by task kunit_try_catch/237 [ 26.231512] [ 26.232003] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.234478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.234885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.236119] Call Trace: [ 26.236407] <TASK> [ 26.236702] dump_stack_lvl+0x73/0xb0 [ 26.237155] print_report+0xd1/0x640 [ 26.238136] ? __virt_addr_valid+0x1db/0x2d0 [ 26.238557] ? kasan_addr_to_slab+0x11/0xa0 [ 26.239703] kasan_report+0x102/0x140 [ 26.240005] ? mempool_uaf_helper+0x394/0x400 [ 26.240894] ? mempool_uaf_helper+0x394/0x400 [ 26.241960] __asan_report_load1_noabort+0x18/0x20 [ 26.242439] mempool_uaf_helper+0x394/0x400 [ 26.243711] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.244684] ? irqentry_exit+0x2a/0x60 [ 26.245008] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 26.246609] mempool_kmalloc_large_uaf+0xb3/0x100 [ 26.247139] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 26.248031] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.249094] ? __pfx_mempool_kfree+0x10/0x10 [ 26.249586] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 26.250067] kunit_try_run_case+0x1b3/0x490 [ 26.251083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.251872] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.252408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.253735] ? __kthread_parkme+0x82/0x160 [ 26.254501] ? preempt_count_sub+0x50/0x80 [ 26.255665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.256107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.258067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.258726] kthread+0x257/0x310 [ 26.259095] ? __pfx_kthread+0x10/0x10 [ 26.259495] ret_from_fork+0x41/0x80 [ 26.259849] ? __pfx_kthread+0x10/0x10 [ 26.260839] ret_from_fork_asm+0x1a/0x30 [ 26.261458] </TASK> [ 26.262018] [ 26.262263] The buggy address belongs to the physical page: [ 26.263371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102acc [ 26.265691] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.266318] flags: 0x200000000000040(head|node=0|zone=2) [ 26.267194] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.267788] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.268739] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.269261] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.271365] head: 0200000000000002 ffffea00040ab301 ffffffffffffffff 0000000000000000 [ 26.272793] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.273302] page dumped because: kasan: bad access detected [ 26.274878] [ 26.275376] Memory state around the buggy address: [ 26.275995] ffff888102acbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.276359] ffff888102acbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.277266] >ffff888102acc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.279378] ^ [ 26.279652] ffff888102acc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.281047] ffff888102acc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.281636] ================================================================== [ 26.352474] ================================================================== [ 26.353457] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.354404] Read of size 1 at addr ffff888102994000 by task kunit_try_catch/241 [ 26.355947] [ 26.356212] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.356921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.357864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.359222] Call Trace: [ 26.359527] <TASK> [ 26.359796] dump_stack_lvl+0x73/0xb0 [ 26.360262] print_report+0xd1/0x640 [ 26.360664] ? __virt_addr_valid+0x1db/0x2d0 [ 26.363145] ? kasan_addr_to_slab+0x11/0xa0 [ 26.363768] kasan_report+0x102/0x140 [ 26.364128] ? mempool_uaf_helper+0x394/0x400 [ 26.364638] ? mempool_uaf_helper+0x394/0x400 [ 26.365426] __asan_report_load1_noabort+0x18/0x20 [ 26.366855] mempool_uaf_helper+0x394/0x400 [ 26.367204] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.367801] ? update_load_avg+0x1c3/0x2110 [ 26.369121] ? update_curr+0x7d/0x5a0 [ 26.369909] ? update_curr+0x7d/0x5a0 [ 26.371360] ? finish_task_switch.isra.0+0x153/0x700 [ 26.372376] mempool_page_alloc_uaf+0xb1/0x100 [ 26.372979] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 26.373881] ? __switch_to+0x5d9/0xf60 [ 26.374412] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 26.375690] ? __pfx_mempool_free_pages+0x10/0x10 [ 26.376666] ? __pfx_read_tsc+0x10/0x10 [ 26.377088] ? ktime_get_ts64+0x86/0x230 [ 26.377633] kunit_try_run_case+0x1b3/0x490 [ 26.378636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.379521] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.380774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.381430] ? __kthread_parkme+0x82/0x160 [ 26.382422] ? preempt_count_sub+0x50/0x80 [ 26.382733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.384176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.385090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.385852] kthread+0x257/0x310 [ 26.386339] ? __pfx_kthread+0x10/0x10 [ 26.386855] ret_from_fork+0x41/0x80 [ 26.387638] ? __pfx_kthread+0x10/0x10 [ 26.388879] ret_from_fork_asm+0x1a/0x30 [ 26.389541] </TASK> [ 26.389755] [ 26.390374] The buggy address belongs to the physical page: [ 26.391536] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 26.393996] flags: 0x200000000000000(node=0|zone=2) [ 26.394636] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.395278] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.396718] page dumped because: kasan: bad access detected [ 26.397337] [ 26.397507] Memory state around the buggy address: [ 26.397890] ffff888102993f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.399596] ffff888102993f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.401184] >ffff888102994000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.403089] ^ [ 26.403528] ffff888102994080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.404235] ffff888102994100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.404715] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 26.290952] ================================================================== [ 26.292032] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.292694] Read of size 1 at addr ffff888102481240 by task kunit_try_catch/239 [ 26.293421] [ 26.293619] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.294691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.295076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.295842] Call Trace: [ 26.296257] <TASK> [ 26.296575] dump_stack_lvl+0x73/0xb0 [ 26.296993] print_report+0xd1/0x640 [ 26.297330] ? __virt_addr_valid+0x1db/0x2d0 [ 26.297824] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.298549] kasan_report+0x102/0x140 [ 26.299032] ? mempool_uaf_helper+0x394/0x400 [ 26.299476] ? mempool_uaf_helper+0x394/0x400 [ 26.299883] __asan_report_load1_noabort+0x18/0x20 [ 26.300316] mempool_uaf_helper+0x394/0x400 [ 26.300823] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.301469] ? finish_task_switch.isra.0+0x153/0x700 [ 26.302026] mempool_slab_uaf+0xae/0x100 [ 26.302436] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 26.302907] ? __switch_to+0x5d9/0xf60 [ 26.303497] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 26.303980] ? __pfx_mempool_free_slab+0x10/0x10 [ 26.304456] ? __pfx_read_tsc+0x10/0x10 [ 26.304947] ? ktime_get_ts64+0x86/0x230 [ 26.305328] kunit_try_run_case+0x1b3/0x490 [ 26.305823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.306495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.307143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.307561] ? __kthread_parkme+0x82/0x160 [ 26.308056] ? preempt_count_sub+0x50/0x80 [ 26.308462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.308787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.309356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.309971] kthread+0x257/0x310 [ 26.310476] ? __pfx_kthread+0x10/0x10 [ 26.310875] ret_from_fork+0x41/0x80 [ 26.311360] ? __pfx_kthread+0x10/0x10 [ 26.311768] ret_from_fork_asm+0x1a/0x30 [ 26.312333] </TASK> [ 26.312523] [ 26.312678] Allocated by task 239: [ 26.312927] kasan_save_stack+0x3d/0x60 [ 26.313525] kasan_save_track+0x18/0x40 [ 26.314137] kasan_save_alloc_info+0x3b/0x50 [ 26.314638] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 26.315342] remove_element+0x11e/0x190 [ 26.315672] mempool_alloc_preallocated+0x4d/0x90 [ 26.316059] mempool_uaf_helper+0x97/0x400 [ 26.316619] mempool_slab_uaf+0xae/0x100 [ 26.317142] kunit_try_run_case+0x1b3/0x490 [ 26.317516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.317993] kthread+0x257/0x310 [ 26.318320] ret_from_fork+0x41/0x80 [ 26.318595] ret_from_fork_asm+0x1a/0x30 [ 26.318887] [ 26.319216] Freed by task 239: [ 26.319621] kasan_save_stack+0x3d/0x60 [ 26.320203] kasan_save_track+0x18/0x40 [ 26.320683] kasan_save_free_info+0x3f/0x60 [ 26.322299] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.323480] mempool_free+0x2ec/0x380 [ 26.323895] mempool_uaf_helper+0x11b/0x400 [ 26.324396] mempool_slab_uaf+0xae/0x100 [ 26.324798] kunit_try_run_case+0x1b3/0x490 [ 26.325653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.326158] kthread+0x257/0x310 [ 26.326473] ret_from_fork+0x41/0x80 [ 26.326787] ret_from_fork_asm+0x1a/0x30 [ 26.327199] [ 26.327427] The buggy address belongs to the object at ffff888102481240 [ 26.327427] which belongs to the cache test_cache of size 123 [ 26.329040] The buggy address is located 0 bytes inside of [ 26.329040] freed 123-byte region [ffff888102481240, ffff8881024812bb) [ 26.330156] [ 26.330372] The buggy address belongs to the physical page: [ 26.330844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102481 [ 26.331626] flags: 0x200000000000000(node=0|zone=2) [ 26.332252] page_type: f5(slab) [ 26.332688] raw: 0200000000000000 ffff888101116b40 dead000000000122 0000000000000000 [ 26.333248] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.334139] page dumped because: kasan: bad access detected [ 26.334488] [ 26.334720] Memory state around the buggy address: [ 26.335366] ffff888102481100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.335903] ffff888102481180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.336538] >ffff888102481200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 26.336956] ^ [ 26.337609] ffff888102481280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.338463] ffff888102481300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.339170] ================================================================== [ 26.166784] ================================================================== [ 26.167802] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.169851] Read of size 1 at addr ffff88810247d500 by task kunit_try_catch/235 [ 26.170383] [ 26.170514] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.170903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.171157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.171664] Call Trace: [ 26.171991] <TASK> [ 26.172306] dump_stack_lvl+0x73/0xb0 [ 26.173307] print_report+0xd1/0x640 [ 26.173666] ? __virt_addr_valid+0x1db/0x2d0 [ 26.174021] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.174639] kasan_report+0x102/0x140 [ 26.175131] ? mempool_uaf_helper+0x394/0x400 [ 26.175536] ? mempool_uaf_helper+0x394/0x400 [ 26.176053] __asan_report_load1_noabort+0x18/0x20 [ 26.176523] mempool_uaf_helper+0x394/0x400 [ 26.177480] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.177872] ? finish_task_switch.isra.0+0x153/0x700 [ 26.178618] mempool_kmalloc_uaf+0xb3/0x100 [ 26.179472] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 26.179963] ? __switch_to+0x5d9/0xf60 [ 26.180462] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.181258] ? __pfx_mempool_kfree+0x10/0x10 [ 26.181860] ? __pfx_read_tsc+0x10/0x10 [ 26.182497] ? ktime_get_ts64+0x86/0x230 [ 26.182925] kunit_try_run_case+0x1b3/0x490 [ 26.183792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.184773] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.185539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.186144] ? __kthread_parkme+0x82/0x160 [ 26.186898] ? preempt_count_sub+0x50/0x80 [ 26.187529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.188035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.189227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.189724] kthread+0x257/0x310 [ 26.190435] ? __pfx_kthread+0x10/0x10 [ 26.191068] ret_from_fork+0x41/0x80 [ 26.191620] ? __pfx_kthread+0x10/0x10 [ 26.192027] ret_from_fork_asm+0x1a/0x30 [ 26.192964] </TASK> [ 26.193354] [ 26.193714] Allocated by task 235: [ 26.194321] kasan_save_stack+0x3d/0x60 [ 26.194650] kasan_save_track+0x18/0x40 [ 26.195215] kasan_save_alloc_info+0x3b/0x50 [ 26.195705] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.196307] remove_element+0x11e/0x190 [ 26.196806] mempool_alloc_preallocated+0x4d/0x90 [ 26.197422] mempool_uaf_helper+0x97/0x400 [ 26.197850] mempool_kmalloc_uaf+0xb3/0x100 [ 26.198382] kunit_try_run_case+0x1b3/0x490 [ 26.198856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.199431] kthread+0x257/0x310 [ 26.199819] ret_from_fork+0x41/0x80 [ 26.200296] ret_from_fork_asm+0x1a/0x30 [ 26.200775] [ 26.201059] Freed by task 235: [ 26.201481] kasan_save_stack+0x3d/0x60 [ 26.201902] kasan_save_track+0x18/0x40 [ 26.202540] kasan_save_free_info+0x3f/0x60 [ 26.202854] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.203539] mempool_free+0x2ec/0x380 [ 26.203993] mempool_uaf_helper+0x11b/0x400 [ 26.204581] mempool_kmalloc_uaf+0xb3/0x100 [ 26.205025] kunit_try_run_case+0x1b3/0x490 [ 26.205385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.206182] kthread+0x257/0x310 [ 26.206616] ret_from_fork+0x41/0x80 [ 26.206885] ret_from_fork_asm+0x1a/0x30 [ 26.207460] [ 26.207731] The buggy address belongs to the object at ffff88810247d500 [ 26.207731] which belongs to the cache kmalloc-128 of size 128 [ 26.208831] The buggy address is located 0 bytes inside of [ 26.208831] freed 128-byte region [ffff88810247d500, ffff88810247d580) [ 26.210057] [ 26.210421] The buggy address belongs to the physical page: [ 26.210824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10247d [ 26.211706] flags: 0x200000000000000(node=0|zone=2) [ 26.212350] page_type: f5(slab) [ 26.212830] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.213664] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.214558] page dumped because: kasan: bad access detected [ 26.215016] [ 26.215258] Memory state around the buggy address: [ 26.215719] ffff88810247d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.216470] ffff88810247d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.217266] >ffff88810247d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.217862] ^ [ 26.218301] ffff88810247d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.218988] ffff88810247d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.219747] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 26.046106] ================================================================== [ 26.047512] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 26.048134] Read of size 1 at addr ffff888102996001 by task kunit_try_catch/231 [ 26.049312] [ 26.050007] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.051066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.051690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.052862] Call Trace: [ 26.053115] <TASK> [ 26.053436] dump_stack_lvl+0x73/0xb0 [ 26.053858] print_report+0xd1/0x640 [ 26.054192] ? __virt_addr_valid+0x1db/0x2d0 [ 26.054844] ? kasan_addr_to_slab+0x11/0xa0 [ 26.055469] kasan_report+0x102/0x140 [ 26.055851] ? mempool_oob_right_helper+0x31a/0x380 [ 26.056558] ? mempool_oob_right_helper+0x31a/0x380 [ 26.057118] __asan_report_load1_noabort+0x18/0x20 [ 26.057627] mempool_oob_right_helper+0x31a/0x380 [ 26.058962] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.059763] ? finish_task_switch.isra.0+0x153/0x700 [ 26.060638] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 26.061181] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 26.061726] ? __switch_to+0x5d9/0xf60 [ 26.062329] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.062889] ? __pfx_mempool_kfree+0x10/0x10 [ 26.063568] ? __pfx_read_tsc+0x10/0x10 [ 26.064048] ? ktime_get_ts64+0x86/0x230 [ 26.064640] kunit_try_run_case+0x1b3/0x490 [ 26.065240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.065764] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.066507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.067011] ? __kthread_parkme+0x82/0x160 [ 26.067321] ? preempt_count_sub+0x50/0x80 [ 26.068821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.069432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.070058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.071003] kthread+0x257/0x310 [ 26.071575] ? __pfx_kthread+0x10/0x10 [ 26.072030] ret_from_fork+0x41/0x80 [ 26.072577] ? __pfx_kthread+0x10/0x10 [ 26.073201] ret_from_fork_asm+0x1a/0x30 [ 26.073559] </TASK> [ 26.074045] [ 26.074463] The buggy address belongs to the physical page: [ 26.074829] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 26.075765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.076548] flags: 0x200000000000040(head|node=0|zone=2) [ 26.077228] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.078095] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.078824] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.079515] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.080429] head: 0200000000000002 ffffea00040a6501 ffffffffffffffff 0000000000000000 [ 26.081288] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.081794] page dumped because: kasan: bad access detected [ 26.082575] [ 26.082755] Memory state around the buggy address: [ 26.083333] ffff888102995f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.084138] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.084568] >ffff888102996000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.085597] ^ [ 26.085953] ffff888102996080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.086681] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.087453] ================================================================== [ 26.097900] ================================================================== [ 26.099596] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 26.100398] Read of size 1 at addr ffff8881024802bb by task kunit_try_catch/233 [ 26.102165] [ 26.102405] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 26.104270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.104710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.105619] Call Trace: [ 26.105868] <TASK> [ 26.106296] dump_stack_lvl+0x73/0xb0 [ 26.106828] print_report+0xd1/0x640 [ 26.107208] ? __virt_addr_valid+0x1db/0x2d0 [ 26.107806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.109115] kasan_report+0x102/0x140 [ 26.109959] ? mempool_oob_right_helper+0x31a/0x380 [ 26.110394] ? mempool_oob_right_helper+0x31a/0x380 [ 26.111025] __asan_report_load1_noabort+0x18/0x20 [ 26.111481] mempool_oob_right_helper+0x31a/0x380 [ 26.111844] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.112669] ? finish_task_switch.isra.0+0x153/0x700 [ 26.113176] mempool_slab_oob_right+0xb1/0x100 [ 26.114015] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 26.115063] ? __switch_to+0x5d9/0xf60 [ 26.115903] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 26.116346] ? __pfx_mempool_free_slab+0x10/0x10 [ 26.117314] ? __pfx_read_tsc+0x10/0x10 [ 26.117716] ? ktime_get_ts64+0x86/0x230 [ 26.118136] kunit_try_run_case+0x1b3/0x490 [ 26.118888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.119242] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.119898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.120669] ? __kthread_parkme+0x82/0x160 [ 26.121651] ? preempt_count_sub+0x50/0x80 [ 26.122187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.122782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.123601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.124100] kthread+0x257/0x310 [ 26.124870] ? __pfx_kthread+0x10/0x10 [ 26.125155] ret_from_fork+0x41/0x80 [ 26.125684] ? __pfx_kthread+0x10/0x10 [ 26.126356] ret_from_fork_asm+0x1a/0x30 [ 26.127096] </TASK> [ 26.127301] [ 26.127460] Allocated by task 233: [ 26.127904] kasan_save_stack+0x3d/0x60 [ 26.128769] kasan_save_track+0x18/0x40 [ 26.129840] kasan_save_alloc_info+0x3b/0x50 [ 26.130508] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 26.131289] remove_element+0x11e/0x190 [ 26.131601] mempool_alloc_preallocated+0x4d/0x90 [ 26.132269] mempool_oob_right_helper+0x8b/0x380 [ 26.132681] mempool_slab_oob_right+0xb1/0x100 [ 26.133375] kunit_try_run_case+0x1b3/0x490 [ 26.133859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.134599] kthread+0x257/0x310 [ 26.135265] ret_from_fork+0x41/0x80 [ 26.135852] ret_from_fork_asm+0x1a/0x30 [ 26.136482] [ 26.136675] The buggy address belongs to the object at ffff888102480240 [ 26.136675] which belongs to the cache test_cache of size 123 [ 26.139003] The buggy address is located 0 bytes to the right of [ 26.139003] allocated 123-byte region [ffff888102480240, ffff8881024802bb) [ 26.140706] [ 26.141031] The buggy address belongs to the physical page: [ 26.141696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102480 [ 26.143694] flags: 0x200000000000000(node=0|zone=2) [ 26.144306] page_type: f5(slab) [ 26.144822] raw: 0200000000000000 ffff888101116a00 dead000000000122 0000000000000000 [ 26.145465] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.146276] page dumped because: kasan: bad access detected [ 26.146688] [ 26.146999] Memory state around the buggy address: [ 26.147726] ffff888102480180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.148875] ffff888102480200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 26.149373] >ffff888102480280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 26.150260] ^ [ 26.151390] ffff888102480300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.152205] ffff888102480380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.152799] ================================================================== [ 25.973276] ================================================================== [ 25.975199] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 25.976145] Read of size 1 at addr ffff888102922f73 by task kunit_try_catch/229 [ 25.977182] [ 25.977470] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 25.979082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.980511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.981545] Call Trace: [ 25.981818] <TASK> [ 25.982224] dump_stack_lvl+0x73/0xb0 [ 25.982811] print_report+0xd1/0x640 [ 25.983501] ? __virt_addr_valid+0x1db/0x2d0 [ 25.984307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.985395] kasan_report+0x102/0x140 [ 25.985765] ? mempool_oob_right_helper+0x31a/0x380 [ 25.987498] ? mempool_oob_right_helper+0x31a/0x380 [ 25.988354] __asan_report_load1_noabort+0x18/0x20 [ 25.988803] mempool_oob_right_helper+0x31a/0x380 [ 25.989117] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 25.990063] ? finish_task_switch.isra.0+0x153/0x700 [ 25.990605] mempool_kmalloc_oob_right+0xb6/0x100 [ 25.991891] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 25.992887] ? __switch_to+0x5d9/0xf60 [ 25.993487] ? __pfx_mempool_kmalloc+0x10/0x10 [ 25.994114] ? __pfx_mempool_kfree+0x10/0x10 [ 25.994575] ? __pfx_read_tsc+0x10/0x10 [ 25.995573] ? ktime_get_ts64+0x86/0x230 [ 25.995975] kunit_try_run_case+0x1b3/0x490 [ 25.996875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.997310] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.998615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.999144] ? __kthread_parkme+0x82/0x160 [ 26.000473] ? preempt_count_sub+0x50/0x80 [ 26.001403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.002284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.002984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.004715] kthread+0x257/0x310 [ 26.004958] ? __pfx_kthread+0x10/0x10 [ 26.005831] ret_from_fork+0x41/0x80 [ 26.006245] ? __pfx_kthread+0x10/0x10 [ 26.007411] ret_from_fork_asm+0x1a/0x30 [ 26.008147] </TASK> [ 26.008419] [ 26.008630] Allocated by task 229: [ 26.010370] kasan_save_stack+0x3d/0x60 [ 26.010757] kasan_save_track+0x18/0x40 [ 26.011825] kasan_save_alloc_info+0x3b/0x50 [ 26.012516] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.013469] remove_element+0x11e/0x190 [ 26.014021] mempool_alloc_preallocated+0x4d/0x90 [ 26.015085] mempool_oob_right_helper+0x8b/0x380 [ 26.016465] mempool_kmalloc_oob_right+0xb6/0x100 [ 26.017723] kunit_try_run_case+0x1b3/0x490 [ 26.018349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.018841] kthread+0x257/0x310 [ 26.019218] ret_from_fork+0x41/0x80 [ 26.019557] ret_from_fork_asm+0x1a/0x30 [ 26.019917] [ 26.021037] The buggy address belongs to the object at ffff888102922f00 [ 26.021037] which belongs to the cache kmalloc-128 of size 128 [ 26.022317] The buggy address is located 0 bytes to the right of [ 26.022317] allocated 115-byte region [ffff888102922f00, ffff888102922f73) [ 26.024356] [ 26.024578] The buggy address belongs to the physical page: [ 26.026321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102922 [ 26.027804] flags: 0x200000000000000(node=0|zone=2) [ 26.029209] page_type: f5(slab) [ 26.030505] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.031307] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 26.032345] page dumped because: kasan: bad access detected [ 26.032838] [ 26.033038] Memory state around the buggy address: [ 26.033768] ffff888102922e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.034596] ffff888102922e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.035501] >ffff888102922f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.036104] ^ [ 26.036713] ffff888102922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.037253] ffff888102923000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.037745] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 25.340478] ================================================================== [ 25.342287] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 25.343221] Read of size 1 at addr ffff8881011168c0 by task kunit_try_catch/223 [ 25.343628] [ 25.343806] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 25.346049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.346470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.348515] Call Trace: [ 25.349052] <TASK> [ 25.349705] dump_stack_lvl+0x73/0xb0 [ 25.350741] print_report+0xd1/0x640 [ 25.351267] ? __virt_addr_valid+0x1db/0x2d0 [ 25.352047] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.352798] kasan_report+0x102/0x140 [ 25.353531] ? kmem_cache_double_destroy+0x1bd/0x380 [ 25.354203] ? kmem_cache_double_destroy+0x1bd/0x380 [ 25.355098] ? kmem_cache_double_destroy+0x1bd/0x380 [ 25.355809] __kasan_check_byte+0x3d/0x50 [ 25.356373] kmem_cache_destroy+0x25/0x1d0 [ 25.356979] kmem_cache_double_destroy+0x1bd/0x380 [ 25.357590] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 25.358515] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 25.359123] ? __pfx_empty_cache_ctor+0x10/0x10 [ 25.359603] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 25.361730] kunit_try_run_case+0x1b3/0x490 [ 25.362373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.363535] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.364471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.365200] ? __kthread_parkme+0x82/0x160 [ 25.366137] ? preempt_count_sub+0x50/0x80 [ 25.366602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.367033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.367990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.368905] kthread+0x257/0x310 [ 25.370032] ? __pfx_kthread+0x10/0x10 [ 25.370817] ret_from_fork+0x41/0x80 [ 25.371211] ? __pfx_kthread+0x10/0x10 [ 25.372355] ret_from_fork_asm+0x1a/0x30 [ 25.373128] </TASK> [ 25.373327] [ 25.373469] Allocated by task 223: [ 25.373826] kasan_save_stack+0x3d/0x60 [ 25.374232] kasan_save_track+0x18/0x40 [ 25.374800] kasan_save_alloc_info+0x3b/0x50 [ 25.375617] __kasan_slab_alloc+0x91/0xa0 [ 25.376317] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.377234] __kmem_cache_create_args+0x177/0x250 [ 25.377687] kmem_cache_double_destroy+0xd3/0x380 [ 25.378019] kunit_try_run_case+0x1b3/0x490 [ 25.378625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.379984] kthread+0x257/0x310 [ 25.381216] ret_from_fork+0x41/0x80 [ 25.381509] ret_from_fork_asm+0x1a/0x30 [ 25.382228] [ 25.382385] Freed by task 223: [ 25.382636] kasan_save_stack+0x3d/0x60 [ 25.382866] kasan_save_track+0x18/0x40 [ 25.384017] kasan_save_free_info+0x3f/0x60 [ 25.384897] __kasan_slab_free+0x56/0x70 [ 25.385674] kmem_cache_free+0x120/0x420 [ 25.386191] slab_kmem_cache_release+0x2e/0x40 [ 25.386790] kmem_cache_release+0x16/0x20 [ 25.387847] kobject_put+0x181/0x450 [ 25.389000] sysfs_slab_release+0x16/0x20 [ 25.389861] kmem_cache_destroy+0xf0/0x1d0 [ 25.390555] kmem_cache_double_destroy+0x14c/0x380 [ 25.392012] kunit_try_run_case+0x1b3/0x490 [ 25.393394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.394771] kthread+0x257/0x310 [ 25.395345] ret_from_fork+0x41/0x80 [ 25.395774] ret_from_fork_asm+0x1a/0x30 [ 25.396221] [ 25.396378] The buggy address belongs to the object at ffff8881011168c0 [ 25.396378] which belongs to the cache kmem_cache of size 208 [ 25.399558] The buggy address is located 0 bytes inside of [ 25.399558] freed 208-byte region [ffff8881011168c0, ffff888101116990) [ 25.401124] [ 25.401305] The buggy address belongs to the physical page: [ 25.402221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101116 [ 25.402892] flags: 0x200000000000000(node=0|zone=2) [ 25.403312] page_type: f5(slab) [ 25.403754] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 25.405649] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 25.406595] page dumped because: kasan: bad access detected [ 25.407600] [ 25.407774] Memory state around the buggy address: [ 25.408227] ffff888101116780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.410717] ffff888101116800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 25.411410] >ffff888101116880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 25.412076] ^ [ 25.412586] ffff888101116900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.414831] ffff888101116980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.415755] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 25.259910] ================================================================== [ 25.261523] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.262210] Read of size 1 at addr ffff888102929000 by task kunit_try_catch/221 [ 25.262781] [ 25.263049] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 25.264226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.264530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.265524] Call Trace: [ 25.265825] <TASK> [ 25.266055] dump_stack_lvl+0x73/0xb0 [ 25.266684] print_report+0xd1/0x640 [ 25.267197] ? __virt_addr_valid+0x1db/0x2d0 [ 25.267758] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.268409] kasan_report+0x102/0x140 [ 25.268859] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.269427] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.269769] __asan_report_load1_noabort+0x18/0x20 [ 25.270379] kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.270955] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 25.271474] ? finish_task_switch.isra.0+0x153/0x700 [ 25.272236] ? __switch_to+0x5d9/0xf60 [ 25.272745] ? __pfx_read_tsc+0x10/0x10 [ 25.273243] ? ktime_get_ts64+0x86/0x230 [ 25.273571] kunit_try_run_case+0x1b3/0x490 [ 25.274232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.274778] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.275337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.275818] ? __kthread_parkme+0x82/0x160 [ 25.276416] ? preempt_count_sub+0x50/0x80 [ 25.276829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.277415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.278072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.278681] kthread+0x257/0x310 [ 25.278974] ? __pfx_kthread+0x10/0x10 [ 25.279495] ret_from_fork+0x41/0x80 [ 25.279994] ? __pfx_kthread+0x10/0x10 [ 25.280522] ret_from_fork_asm+0x1a/0x30 [ 25.281131] </TASK> [ 25.281482] [ 25.281730] Allocated by task 221: [ 25.282109] kasan_save_stack+0x3d/0x60 [ 25.282617] kasan_save_track+0x18/0x40 [ 25.283188] kasan_save_alloc_info+0x3b/0x50 [ 25.283649] __kasan_slab_alloc+0x91/0xa0 [ 25.284048] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.284734] kmem_cache_rcu_uaf+0x156/0x510 [ 25.285239] kunit_try_run_case+0x1b3/0x490 [ 25.285669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.286313] kthread+0x257/0x310 [ 25.286715] ret_from_fork+0x41/0x80 [ 25.287033] ret_from_fork_asm+0x1a/0x30 [ 25.287634] [ 25.287863] Freed by task 0: [ 25.288147] kasan_save_stack+0x3d/0x60 [ 25.288650] kasan_save_track+0x18/0x40 [ 25.289029] kasan_save_free_info+0x3f/0x60 [ 25.289474] __kasan_slab_free+0x56/0x70 [ 25.290061] slab_free_after_rcu_debug+0xe4/0x310 [ 25.290418] rcu_core+0x680/0x1d70 [ 25.290693] rcu_core_si+0x12/0x20 [ 25.290991] handle_softirqs+0x209/0x720 [ 25.291594] __irq_exit_rcu+0xc9/0x110 [ 25.292158] irq_exit_rcu+0x12/0x20 [ 25.292575] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.293139] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.293564] [ 25.293845] Last potentially related work creation: [ 25.294272] kasan_save_stack+0x3d/0x60 [ 25.294807] kasan_record_aux_stack+0xb2/0xc0 [ 25.295204] kmem_cache_free+0x284/0x420 [ 25.295729] kmem_cache_rcu_uaf+0x195/0x510 [ 25.296202] kunit_try_run_case+0x1b3/0x490 [ 25.296495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.296955] kthread+0x257/0x310 [ 25.297505] ret_from_fork+0x41/0x80 [ 25.298052] ret_from_fork_asm+0x1a/0x30 [ 25.298579] [ 25.298840] The buggy address belongs to the object at ffff888102929000 [ 25.298840] which belongs to the cache test_cache of size 200 [ 25.299870] The buggy address is located 0 bytes inside of [ 25.299870] freed 200-byte region [ffff888102929000, ffff8881029290c8) [ 25.300753] [ 25.301128] The buggy address belongs to the physical page: [ 25.301725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102929 [ 25.302608] flags: 0x200000000000000(node=0|zone=2) [ 25.303068] page_type: f5(slab) [ 25.303569] raw: 0200000000000000 ffff88815a89af00 dead000000000122 0000000000000000 [ 25.304315] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.304957] page dumped because: kasan: bad access detected [ 25.305636] [ 25.305889] Memory state around the buggy address: [ 25.306384] ffff888102928f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.306880] ffff888102928f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.307686] >ffff888102929000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.308589] ^ [ 25.308884] ffff888102929080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.309607] ffff888102929100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.310333] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 25.158302] ================================================================== [ 25.159325] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 25.159644] Free of addr ffff888102927001 by task kunit_try_catch/219 [ 25.159893] [ 25.160083] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 25.160869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.161618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.163810] Call Trace: [ 25.164249] <TASK> [ 25.164790] dump_stack_lvl+0x73/0xb0 [ 25.165426] print_report+0xd1/0x640 [ 25.166659] ? __virt_addr_valid+0x1db/0x2d0 [ 25.167285] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.168235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.169139] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.169706] kasan_report_invalid_free+0xc0/0xf0 [ 25.171055] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.172034] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.173317] check_slab_allocation+0x11f/0x130 [ 25.174203] __kasan_slab_pre_free+0x28/0x40 [ 25.174666] kmem_cache_free+0xee/0x420 [ 25.175063] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.175487] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.177014] kmem_cache_invalid_free+0x1d9/0x470 [ 25.177715] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 25.178485] ? finish_task_switch.isra.0+0x153/0x700 [ 25.179305] ? __switch_to+0x5d9/0xf60 [ 25.179716] ? __pfx_read_tsc+0x10/0x10 [ 25.180732] ? ktime_get_ts64+0x86/0x230 [ 25.181320] kunit_try_run_case+0x1b3/0x490 [ 25.182165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.182736] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.183541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.184289] ? __kthread_parkme+0x82/0x160 [ 25.184815] ? preempt_count_sub+0x50/0x80 [ 25.185291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.186052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.186686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.187389] kthread+0x257/0x310 [ 25.188303] ? __pfx_kthread+0x10/0x10 [ 25.188661] ret_from_fork+0x41/0x80 [ 25.188988] ? __pfx_kthread+0x10/0x10 [ 25.189445] ret_from_fork_asm+0x1a/0x30 [ 25.190567] </TASK> [ 25.191066] [ 25.191414] Allocated by task 219: [ 25.192007] kasan_save_stack+0x3d/0x60 [ 25.192485] kasan_save_track+0x18/0x40 [ 25.192781] kasan_save_alloc_info+0x3b/0x50 [ 25.193698] __kasan_slab_alloc+0x91/0xa0 [ 25.194550] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.195347] kmem_cache_invalid_free+0x158/0x470 [ 25.195974] kunit_try_run_case+0x1b3/0x490 [ 25.197060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.197498] kthread+0x257/0x310 [ 25.198051] ret_from_fork+0x41/0x80 [ 25.198414] ret_from_fork_asm+0x1a/0x30 [ 25.199116] [ 25.199917] The buggy address belongs to the object at ffff888102927000 [ 25.199917] which belongs to the cache test_cache of size 200 [ 25.201572] The buggy address is located 1 bytes inside of [ 25.201572] 200-byte region [ffff888102927000, ffff8881029270c8) [ 25.202594] [ 25.202873] The buggy address belongs to the physical page: [ 25.203582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102927 [ 25.204133] flags: 0x200000000000000(node=0|zone=2) [ 25.204861] page_type: f5(slab) [ 25.205411] raw: 0200000000000000 ffff888101a88b40 dead000000000122 0000000000000000 [ 25.206453] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.207883] page dumped because: kasan: bad access detected [ 25.208363] [ 25.208555] Memory state around the buggy address: [ 25.209137] ffff888102926f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.209759] ffff888102926f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.210525] >ffff888102927000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.211762] ^ [ 25.212162] ffff888102927080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.212976] ffff888102927100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.213802] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 25.091200] ================================================================== [ 25.092548] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 25.093356] Free of addr ffff88810247b000 by task kunit_try_catch/217 [ 25.093619] [ 25.093739] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 25.094360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.095957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.096992] Call Trace: [ 25.097457] <TASK> [ 25.097713] dump_stack_lvl+0x73/0xb0 [ 25.098261] print_report+0xd1/0x640 [ 25.098637] ? __virt_addr_valid+0x1db/0x2d0 [ 25.098971] ? kmem_cache_double_free+0x1e6/0x490 [ 25.099638] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.100366] ? kmem_cache_double_free+0x1e6/0x490 [ 25.101043] kasan_report_invalid_free+0xc0/0xf0 [ 25.101913] ? kmem_cache_double_free+0x1e6/0x490 [ 25.102757] ? kmem_cache_double_free+0x1e6/0x490 [ 25.103299] check_slab_allocation+0x101/0x130 [ 25.103786] __kasan_slab_pre_free+0x28/0x40 [ 25.104565] kmem_cache_free+0xee/0x420 [ 25.105207] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.105687] ? kmem_cache_double_free+0x1e6/0x490 [ 25.106120] kmem_cache_double_free+0x1e6/0x490 [ 25.106672] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 25.107387] ? finish_task_switch.isra.0+0x153/0x700 [ 25.107889] ? __switch_to+0x5d9/0xf60 [ 25.108476] ? __pfx_read_tsc+0x10/0x10 [ 25.109146] ? ktime_get_ts64+0x86/0x230 [ 25.109601] kunit_try_run_case+0x1b3/0x490 [ 25.110135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.110713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.111355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.111977] ? __kthread_parkme+0x82/0x160 [ 25.112642] ? preempt_count_sub+0x50/0x80 [ 25.113181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.113752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.114525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.115260] kthread+0x257/0x310 [ 25.115647] ? __pfx_kthread+0x10/0x10 [ 25.116183] ret_from_fork+0x41/0x80 [ 25.116664] ? __pfx_kthread+0x10/0x10 [ 25.117286] ret_from_fork_asm+0x1a/0x30 [ 25.117665] </TASK> [ 25.118156] [ 25.118357] Allocated by task 217: [ 25.118839] kasan_save_stack+0x3d/0x60 [ 25.119330] kasan_save_track+0x18/0x40 [ 25.119884] kasan_save_alloc_info+0x3b/0x50 [ 25.120303] __kasan_slab_alloc+0x91/0xa0 [ 25.120859] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.121357] kmem_cache_double_free+0x150/0x490 [ 25.122044] kunit_try_run_case+0x1b3/0x490 [ 25.122422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.123208] kthread+0x257/0x310 [ 25.123542] ret_from_fork+0x41/0x80 [ 25.123987] ret_from_fork_asm+0x1a/0x30 [ 25.124604] [ 25.124779] Freed by task 217: [ 25.125308] kasan_save_stack+0x3d/0x60 [ 25.125724] kasan_save_track+0x18/0x40 [ 25.126339] kasan_save_free_info+0x3f/0x60 [ 25.126907] __kasan_slab_free+0x56/0x70 [ 25.127364] kmem_cache_free+0x120/0x420 [ 25.127730] kmem_cache_double_free+0x16b/0x490 [ 25.128331] kunit_try_run_case+0x1b3/0x490 [ 25.128644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.129365] kthread+0x257/0x310 [ 25.129683] ret_from_fork+0x41/0x80 [ 25.130219] ret_from_fork_asm+0x1a/0x30 [ 25.130794] [ 25.130975] The buggy address belongs to the object at ffff88810247b000 [ 25.130975] which belongs to the cache test_cache of size 200 [ 25.132351] The buggy address is located 0 bytes inside of [ 25.132351] 200-byte region [ffff88810247b000, ffff88810247b0c8) [ 25.133436] [ 25.133727] The buggy address belongs to the physical page: [ 25.134320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10247b [ 25.135264] flags: 0x200000000000000(node=0|zone=2) [ 25.135791] page_type: f5(slab) [ 25.136380] raw: 0200000000000000 ffff888101116780 dead000000000122 0000000000000000 [ 25.137048] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.137882] page dumped because: kasan: bad access detected [ 25.138492] [ 25.138708] Memory state around the buggy address: [ 25.139292] ffff88810247af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.140000] ffff88810247af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.140747] >ffff88810247b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.141461] ^ [ 25.141845] ffff88810247b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.142707] ffff88810247b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.143388] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 25.008299] ================================================================== [ 25.009701] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 25.010403] Read of size 1 at addr ffff8881024790c8 by task kunit_try_catch/215 [ 25.011205] [ 25.011527] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 25.013194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.013851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.014699] Call Trace: [ 25.015290] <TASK> [ 25.015877] dump_stack_lvl+0x73/0xb0 [ 25.016577] print_report+0xd1/0x640 [ 25.016868] ? __virt_addr_valid+0x1db/0x2d0 [ 25.017306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.018242] kasan_report+0x102/0x140 [ 25.018856] ? kmem_cache_oob+0x404/0x530 [ 25.019231] ? kmem_cache_oob+0x404/0x530 [ 25.019927] __asan_report_load1_noabort+0x18/0x20 [ 25.021063] kmem_cache_oob+0x404/0x530 [ 25.021767] ? trace_hardirqs_on+0x37/0xe0 [ 25.022612] ? __pfx_kmem_cache_oob+0x10/0x10 [ 25.023506] ? finish_task_switch.isra.0+0x153/0x700 [ 25.024244] ? __switch_to+0x5d9/0xf60 [ 25.025115] ? __pfx_read_tsc+0x10/0x10 [ 25.026023] ? ktime_get_ts64+0x86/0x230 [ 25.026878] kunit_try_run_case+0x1b3/0x490 [ 25.027278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.028279] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.029275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.029974] ? __kthread_parkme+0x82/0x160 [ 25.030642] ? preempt_count_sub+0x50/0x80 [ 25.031217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.031983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.033117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.033605] kthread+0x257/0x310 [ 25.034073] ? __pfx_kthread+0x10/0x10 [ 25.034388] ret_from_fork+0x41/0x80 [ 25.034880] ? __pfx_kthread+0x10/0x10 [ 25.036551] ret_from_fork_asm+0x1a/0x30 [ 25.037537] </TASK> [ 25.037691] [ 25.037808] Allocated by task 215: [ 25.038021] kasan_save_stack+0x3d/0x60 [ 25.039500] kasan_save_track+0x18/0x40 [ 25.040073] kasan_save_alloc_info+0x3b/0x50 [ 25.040823] __kasan_slab_alloc+0x91/0xa0 [ 25.041330] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.042197] kmem_cache_oob+0x158/0x530 [ 25.043094] kunit_try_run_case+0x1b3/0x490 [ 25.044536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.046005] kthread+0x257/0x310 [ 25.046265] ret_from_fork+0x41/0x80 [ 25.046462] ret_from_fork_asm+0x1a/0x30 [ 25.048321] [ 25.048985] The buggy address belongs to the object at ffff888102479000 [ 25.048985] which belongs to the cache test_cache of size 200 [ 25.051077] The buggy address is located 0 bytes to the right of [ 25.051077] allocated 200-byte region [ffff888102479000, ffff8881024790c8) [ 25.052691] [ 25.052986] The buggy address belongs to the physical page: [ 25.054329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102479 [ 25.055543] flags: 0x200000000000000(node=0|zone=2) [ 25.056242] page_type: f5(slab) [ 25.057461] raw: 0200000000000000 ffff888101116640 dead000000000122 0000000000000000 [ 25.059224] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.059867] page dumped because: kasan: bad access detected [ 25.060212] [ 25.060486] Memory state around the buggy address: [ 25.062061] ffff888102478f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.062717] ffff888102479000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.063875] >ffff888102479080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.064524] ^ [ 25.065539] ffff888102479100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.066280] ffff888102479180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.068408] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 24.919647] ================================================================== [ 24.920600] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 24.922373] Read of size 8 at addr ffff888102475240 by task kunit_try_catch/208 [ 24.923224] [ 24.923676] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.924819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.925388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.926973] Call Trace: [ 24.927261] <TASK> [ 24.927570] dump_stack_lvl+0x73/0xb0 [ 24.928073] print_report+0xd1/0x640 [ 24.928637] ? __virt_addr_valid+0x1db/0x2d0 [ 24.929124] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.930089] kasan_report+0x102/0x140 [ 24.930427] ? workqueue_uaf+0x4d8/0x560 [ 24.931024] ? workqueue_uaf+0x4d8/0x560 [ 24.931728] __asan_report_load8_noabort+0x18/0x20 [ 24.932115] workqueue_uaf+0x4d8/0x560 [ 24.932680] ? __pfx_workqueue_uaf+0x10/0x10 [ 24.933104] ? __schedule+0xc70/0x27e0 [ 24.933488] ? __pfx_read_tsc+0x10/0x10 [ 24.934026] ? ktime_get_ts64+0x86/0x230 [ 24.935385] kunit_try_run_case+0x1b3/0x490 [ 24.935826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.936865] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.937676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.938523] ? __kthread_parkme+0x82/0x160 [ 24.939392] ? preempt_count_sub+0x50/0x80 [ 24.939840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.940311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.940784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.942362] kthread+0x257/0x310 [ 24.942999] ? __pfx_kthread+0x10/0x10 [ 24.943439] ret_from_fork+0x41/0x80 [ 24.944061] ? __pfx_kthread+0x10/0x10 [ 24.944456] ret_from_fork_asm+0x1a/0x30 [ 24.945066] </TASK> [ 24.945409] [ 24.945824] Allocated by task 208: [ 24.946322] kasan_save_stack+0x3d/0x60 [ 24.947549] kasan_save_track+0x18/0x40 [ 24.948319] kasan_save_alloc_info+0x3b/0x50 [ 24.948822] __kasan_kmalloc+0xb7/0xc0 [ 24.949355] __kmalloc_cache_noprof+0x184/0x410 [ 24.950069] workqueue_uaf+0x153/0x560 [ 24.950431] kunit_try_run_case+0x1b3/0x490 [ 24.951165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.951681] kthread+0x257/0x310 [ 24.952124] ret_from_fork+0x41/0x80 [ 24.952534] ret_from_fork_asm+0x1a/0x30 [ 24.952888] [ 24.954081] Freed by task 26: [ 24.954628] kasan_save_stack+0x3d/0x60 [ 24.955014] kasan_save_track+0x18/0x40 [ 24.955467] kasan_save_free_info+0x3f/0x60 [ 24.956048] __kasan_slab_free+0x56/0x70 [ 24.956723] kfree+0x123/0x3f0 [ 24.957128] workqueue_uaf_work+0x12/0x20 [ 24.958388] process_one_work+0x5ee/0xf60 [ 24.958832] worker_thread+0x720/0x1300 [ 24.959637] kthread+0x257/0x310 [ 24.959972] ret_from_fork+0x41/0x80 [ 24.960359] ret_from_fork_asm+0x1a/0x30 [ 24.960661] [ 24.960913] Last potentially related work creation: [ 24.961261] kasan_save_stack+0x3d/0x60 [ 24.961740] kasan_record_aux_stack+0xb2/0xc0 [ 24.962633] __queue_work+0x626/0xe60 [ 24.963051] queue_work_on+0x74/0xa0 [ 24.964777] workqueue_uaf+0x26e/0x560 [ 24.965410] kunit_try_run_case+0x1b3/0x490 [ 24.965858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.966400] kthread+0x257/0x310 [ 24.966758] ret_from_fork+0x41/0x80 [ 24.967379] ret_from_fork_asm+0x1a/0x30 [ 24.967798] [ 24.968026] The buggy address belongs to the object at ffff888102475240 [ 24.968026] which belongs to the cache kmalloc-32 of size 32 [ 24.971013] The buggy address is located 0 bytes inside of [ 24.971013] freed 32-byte region [ffff888102475240, ffff888102475260) [ 24.973149] [ 24.973381] The buggy address belongs to the physical page: [ 24.974220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102475 [ 24.975001] flags: 0x200000000000000(node=0|zone=2) [ 24.975737] page_type: f5(slab) [ 24.976040] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.977503] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.978174] page dumped because: kasan: bad access detected [ 24.978675] [ 24.978840] Memory state around the buggy address: [ 24.979740] ffff888102475100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.980440] ffff888102475180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.981402] >ffff888102475200: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 24.982156] ^ [ 24.982822] ffff888102475280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.984077] ffff888102475300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.985139] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 24.852098] ================================================================== [ 24.852667] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 24.853048] Read of size 4 at addr ffff8881024751c0 by task swapper/1/0 [ 24.853973] [ 24.854167] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.854731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.855032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.856124] Call Trace: [ 24.856592] <IRQ> [ 24.856807] dump_stack_lvl+0x73/0xb0 [ 24.857165] print_report+0xd1/0x640 [ 24.857682] ? __virt_addr_valid+0x1db/0x2d0 [ 24.858165] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.858956] kasan_report+0x102/0x140 [ 24.859699] ? rcu_uaf_reclaim+0x50/0x60 [ 24.860413] ? rcu_uaf_reclaim+0x50/0x60 [ 24.860735] __asan_report_load4_noabort+0x18/0x20 [ 24.861467] rcu_uaf_reclaim+0x50/0x60 [ 24.862042] rcu_core+0x680/0x1d70 [ 24.862546] ? __pfx_rcu_core+0x10/0x10 [ 24.863005] rcu_core_si+0x12/0x20 [ 24.863379] handle_softirqs+0x209/0x720 [ 24.863855] ? hrtimer_interrupt+0x2fe/0x780 [ 24.864534] ? __pfx_handle_softirqs+0x10/0x10 [ 24.865018] __irq_exit_rcu+0xc9/0x110 [ 24.865491] irq_exit_rcu+0x12/0x20 [ 24.865878] sysvec_apic_timer_interrupt+0x81/0x90 [ 24.866573] </IRQ> [ 24.866912] <TASK> [ 24.867230] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 24.868034] RIP: 0010:default_idle+0xf/0x20 [ 24.868843] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 53 3b 13 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 24.870437] RSP: 0000:ffff888100877de0 EFLAGS: 00010216 [ 24.870820] RAX: ffff88815b100000 RBX: ffff888100845000 RCX: ffffffffabb27165 [ 24.871502] RDX: ffffed102b626b23 RSI: 0000000000000004 RDI: 000000000000e51c [ 24.872449] RBP: ffff888100877de8 R08: 0000000000000001 R09: ffffed102b626b22 [ 24.872989] R10: ffff88815b135913 R11: 0000000000000000 R12: 0000000000000001 [ 24.873679] R13: ffffed1020108a00 R14: ffffffffad781f90 R15: 0000000000000000 [ 24.874586] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 24.875224] ? arch_cpu_idle+0xd/0x20 [ 24.875582] default_idle_call+0x48/0x80 [ 24.875902] do_idle+0x310/0x3c0 [ 24.876401] ? __pfx_do_idle+0x10/0x10 [ 24.876758] cpu_startup_entry+0x5c/0x70 [ 24.877319] start_secondary+0x216/0x290 [ 24.877644] ? __pfx_start_secondary+0x10/0x10 [ 24.878282] common_startup_64+0x12c/0x138 [ 24.878641] </TASK> [ 24.878958] [ 24.879272] Allocated by task 206: [ 24.879611] kasan_save_stack+0x3d/0x60 [ 24.880054] kasan_save_track+0x18/0x40 [ 24.880554] kasan_save_alloc_info+0x3b/0x50 [ 24.880836] __kasan_kmalloc+0xb7/0xc0 [ 24.881383] __kmalloc_cache_noprof+0x184/0x410 [ 24.881825] rcu_uaf+0xb1/0x330 [ 24.882233] kunit_try_run_case+0x1b3/0x490 [ 24.882706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.883237] kthread+0x257/0x310 [ 24.883496] ret_from_fork+0x41/0x80 [ 24.883735] ret_from_fork_asm+0x1a/0x30 [ 24.884310] [ 24.884551] Freed by task 0: [ 24.884976] kasan_save_stack+0x3d/0x60 [ 24.885522] kasan_save_track+0x18/0x40 [ 24.885873] kasan_save_free_info+0x3f/0x60 [ 24.886446] __kasan_slab_free+0x56/0x70 [ 24.886826] kfree+0x123/0x3f0 [ 24.887157] rcu_uaf_reclaim+0x1f/0x60 [ 24.887429] rcu_core+0x680/0x1d70 [ 24.887725] rcu_core_si+0x12/0x20 [ 24.888281] handle_softirqs+0x209/0x720 [ 24.888747] __irq_exit_rcu+0xc9/0x110 [ 24.889322] irq_exit_rcu+0x12/0x20 [ 24.889604] sysvec_apic_timer_interrupt+0x81/0x90 [ 24.890228] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 24.890661] [ 24.890975] Last potentially related work creation: [ 24.891390] kasan_save_stack+0x3d/0x60 [ 24.891711] kasan_record_aux_stack+0xb2/0xc0 [ 24.892037] __call_rcu_common.constprop.0+0x72/0xaa0 [ 24.892502] call_rcu+0x12/0x20 [ 24.892897] rcu_uaf+0x169/0x330 [ 24.893396] kunit_try_run_case+0x1b3/0x490 [ 24.893924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.894466] kthread+0x257/0x310 [ 24.894729] ret_from_fork+0x41/0x80 [ 24.895047] ret_from_fork_asm+0x1a/0x30 [ 24.895647] [ 24.895909] The buggy address belongs to the object at ffff8881024751c0 [ 24.895909] which belongs to the cache kmalloc-32 of size 32 [ 24.896953] The buggy address is located 0 bytes inside of [ 24.896953] freed 32-byte region [ffff8881024751c0, ffff8881024751e0) [ 24.897910] [ 24.898247] The buggy address belongs to the physical page: [ 24.898816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102475 [ 24.899420] flags: 0x200000000000000(node=0|zone=2) [ 24.899807] page_type: f5(slab) [ 24.900282] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.901156] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.901745] page dumped because: kasan: bad access detected [ 24.903904] [ 24.904229] Memory state around the buggy address: [ 24.904704] ffff888102475080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.905269] ffff888102475100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.906060] >ffff888102475180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.906686] ^ [ 24.907205] ffff888102475200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.907871] ffff888102475280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.908462] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 24.766119] ================================================================== [ 24.768085] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 24.769618] Read of size 1 at addr ffff88810291df78 by task kunit_try_catch/204 [ 24.770394] [ 24.771628] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.772858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.774105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.774488] Call Trace: [ 24.774625] <TASK> [ 24.774752] dump_stack_lvl+0x73/0xb0 [ 24.774991] print_report+0xd1/0x640 [ 24.775258] ? __virt_addr_valid+0x1db/0x2d0 [ 24.775566] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.776068] kasan_report+0x102/0x140 [ 24.776367] ? ksize_uaf+0x5e6/0x6c0 [ 24.776871] ? ksize_uaf+0x5e6/0x6c0 [ 24.777717] __asan_report_load1_noabort+0x18/0x20 [ 24.778959] ksize_uaf+0x5e6/0x6c0 [ 24.779578] ? __pfx_ksize_uaf+0x10/0x10 [ 24.780279] ? __schedule+0xc70/0x27e0 [ 24.780979] ? __pfx_read_tsc+0x10/0x10 [ 24.781809] ? ktime_get_ts64+0x86/0x230 [ 24.782680] kunit_try_run_case+0x1b3/0x490 [ 24.783001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.783835] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.785718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.786176] ? __kthread_parkme+0x82/0x160 [ 24.787110] ? preempt_count_sub+0x50/0x80 [ 24.787572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.788696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.790690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.791306] kthread+0x257/0x310 [ 24.791632] ? __pfx_kthread+0x10/0x10 [ 24.792054] ret_from_fork+0x41/0x80 [ 24.792998] ? __pfx_kthread+0x10/0x10 [ 24.794004] ret_from_fork_asm+0x1a/0x30 [ 24.794572] </TASK> [ 24.795331] [ 24.795533] Allocated by task 204: [ 24.795965] kasan_save_stack+0x3d/0x60 [ 24.796434] kasan_save_track+0x18/0x40 [ 24.796892] kasan_save_alloc_info+0x3b/0x50 [ 24.798160] __kasan_kmalloc+0xb7/0xc0 [ 24.799624] __kmalloc_cache_noprof+0x184/0x410 [ 24.800052] ksize_uaf+0xab/0x6c0 [ 24.800501] kunit_try_run_case+0x1b3/0x490 [ 24.801325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.802338] kthread+0x257/0x310 [ 24.802655] ret_from_fork+0x41/0x80 [ 24.803823] ret_from_fork_asm+0x1a/0x30 [ 24.805022] [ 24.805356] Freed by task 204: [ 24.805706] kasan_save_stack+0x3d/0x60 [ 24.807180] kasan_save_track+0x18/0x40 [ 24.807586] kasan_save_free_info+0x3f/0x60 [ 24.808131] __kasan_slab_free+0x56/0x70 [ 24.808580] kfree+0x123/0x3f0 [ 24.809851] ksize_uaf+0x12d/0x6c0 [ 24.810249] kunit_try_run_case+0x1b3/0x490 [ 24.810472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.811861] kthread+0x257/0x310 [ 24.812218] ret_from_fork+0x41/0x80 [ 24.812759] ret_from_fork_asm+0x1a/0x30 [ 24.814114] [ 24.814425] The buggy address belongs to the object at ffff88810291df00 [ 24.814425] which belongs to the cache kmalloc-128 of size 128 [ 24.815636] The buggy address is located 120 bytes inside of [ 24.815636] freed 128-byte region [ffff88810291df00, ffff88810291df80) [ 24.817336] [ 24.818046] The buggy address belongs to the physical page: [ 24.819727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 24.820795] flags: 0x200000000000000(node=0|zone=2) [ 24.821621] page_type: f5(slab) [ 24.822074] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.823386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.825025] page dumped because: kasan: bad access detected [ 24.826377] [ 24.827447] Memory state around the buggy address: [ 24.828410] ffff88810291de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.829422] ffff88810291de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.831174] >ffff88810291df00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.832781] ^ [ 24.834044] ffff88810291df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.835052] ffff88810291e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.836426] ================================================================== [ 24.633193] ================================================================== [ 24.634340] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 24.635153] Read of size 1 at addr ffff88810291df00 by task kunit_try_catch/204 [ 24.636881] [ 24.637517] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.638946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.639642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.640467] Call Trace: [ 24.640691] <TASK> [ 24.640868] dump_stack_lvl+0x73/0xb0 [ 24.642699] print_report+0xd1/0x640 [ 24.643246] ? __virt_addr_valid+0x1db/0x2d0 [ 24.643554] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.644776] kasan_report+0x102/0x140 [ 24.645884] ? ksize_uaf+0x19e/0x6c0 [ 24.646997] ? ksize_uaf+0x19e/0x6c0 [ 24.647862] ? ksize_uaf+0x19e/0x6c0 [ 24.648864] __kasan_check_byte+0x3d/0x50 [ 24.649750] ksize+0x20/0x60 [ 24.650423] ksize_uaf+0x19e/0x6c0 [ 24.650859] ? __pfx_ksize_uaf+0x10/0x10 [ 24.652453] ? __schedule+0xc70/0x27e0 [ 24.653550] ? __pfx_read_tsc+0x10/0x10 [ 24.654009] ? ktime_get_ts64+0x86/0x230 [ 24.655681] kunit_try_run_case+0x1b3/0x490 [ 24.656144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.657309] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.657813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.659701] ? __kthread_parkme+0x82/0x160 [ 24.660100] ? preempt_count_sub+0x50/0x80 [ 24.660656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.661256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.661728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.663859] kthread+0x257/0x310 [ 24.664344] ? __pfx_kthread+0x10/0x10 [ 24.664924] ret_from_fork+0x41/0x80 [ 24.665300] ? __pfx_kthread+0x10/0x10 [ 24.666046] ret_from_fork_asm+0x1a/0x30 [ 24.666579] </TASK> [ 24.666789] [ 24.667012] Allocated by task 204: [ 24.667435] kasan_save_stack+0x3d/0x60 [ 24.667802] kasan_save_track+0x18/0x40 [ 24.669307] kasan_save_alloc_info+0x3b/0x50 [ 24.669955] __kasan_kmalloc+0xb7/0xc0 [ 24.670638] __kmalloc_cache_noprof+0x184/0x410 [ 24.671020] ksize_uaf+0xab/0x6c0 [ 24.671648] kunit_try_run_case+0x1b3/0x490 [ 24.672230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.673432] kthread+0x257/0x310 [ 24.674135] ret_from_fork+0x41/0x80 [ 24.674760] ret_from_fork_asm+0x1a/0x30 [ 24.675188] [ 24.675467] Freed by task 204: [ 24.675994] kasan_save_stack+0x3d/0x60 [ 24.676425] kasan_save_track+0x18/0x40 [ 24.676903] kasan_save_free_info+0x3f/0x60 [ 24.678289] __kasan_slab_free+0x56/0x70 [ 24.678784] kfree+0x123/0x3f0 [ 24.679415] ksize_uaf+0x12d/0x6c0 [ 24.679843] kunit_try_run_case+0x1b3/0x490 [ 24.680311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.680970] kthread+0x257/0x310 [ 24.681282] ret_from_fork+0x41/0x80 [ 24.681727] ret_from_fork_asm+0x1a/0x30 [ 24.682674] [ 24.682920] The buggy address belongs to the object at ffff88810291df00 [ 24.682920] which belongs to the cache kmalloc-128 of size 128 [ 24.685141] The buggy address is located 0 bytes inside of [ 24.685141] freed 128-byte region [ffff88810291df00, ffff88810291df80) [ 24.686263] [ 24.686737] The buggy address belongs to the physical page: [ 24.687372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 24.687876] flags: 0x200000000000000(node=0|zone=2) [ 24.688462] page_type: f5(slab) [ 24.688799] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.690677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.691329] page dumped because: kasan: bad access detected [ 24.692159] [ 24.692328] Memory state around the buggy address: [ 24.693039] ffff88810291de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.693954] ffff88810291de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.695855] >ffff88810291df00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.696336] ^ [ 24.696765] ffff88810291df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.697620] ffff88810291e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.698240] ================================================================== [ 24.701442] ================================================================== [ 24.702284] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 24.702925] Read of size 1 at addr ffff88810291df00 by task kunit_try_catch/204 [ 24.703373] [ 24.703635] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.704712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.706220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.707408] Call Trace: [ 24.708590] <TASK> [ 24.708979] dump_stack_lvl+0x73/0xb0 [ 24.710217] print_report+0xd1/0x640 [ 24.710708] ? __virt_addr_valid+0x1db/0x2d0 [ 24.711128] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.711667] kasan_report+0x102/0x140 [ 24.712641] ? ksize_uaf+0x600/0x6c0 [ 24.713151] ? ksize_uaf+0x600/0x6c0 [ 24.713529] __asan_report_load1_noabort+0x18/0x20 [ 24.714496] ksize_uaf+0x600/0x6c0 [ 24.715793] ? __pfx_ksize_uaf+0x10/0x10 [ 24.716839] ? __schedule+0xc70/0x27e0 [ 24.717582] ? __pfx_read_tsc+0x10/0x10 [ 24.718227] ? ktime_get_ts64+0x86/0x230 [ 24.719328] kunit_try_run_case+0x1b3/0x490 [ 24.720480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.721891] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.722636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.723561] ? __kthread_parkme+0x82/0x160 [ 24.724437] ? preempt_count_sub+0x50/0x80 [ 24.724980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.725501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.726862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.727656] kthread+0x257/0x310 [ 24.728810] ? __pfx_kthread+0x10/0x10 [ 24.729208] ret_from_fork+0x41/0x80 [ 24.730228] ? __pfx_kthread+0x10/0x10 [ 24.731170] ret_from_fork_asm+0x1a/0x30 [ 24.731419] </TASK> [ 24.731541] [ 24.731635] Allocated by task 204: [ 24.731796] kasan_save_stack+0x3d/0x60 [ 24.733513] kasan_save_track+0x18/0x40 [ 24.734341] kasan_save_alloc_info+0x3b/0x50 [ 24.735179] __kasan_kmalloc+0xb7/0xc0 [ 24.736147] __kmalloc_cache_noprof+0x184/0x410 [ 24.736579] ksize_uaf+0xab/0x6c0 [ 24.737022] kunit_try_run_case+0x1b3/0x490 [ 24.738260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.738805] kthread+0x257/0x310 [ 24.739863] ret_from_fork+0x41/0x80 [ 24.740161] ret_from_fork_asm+0x1a/0x30 [ 24.740754] [ 24.741041] Freed by task 204: [ 24.741272] kasan_save_stack+0x3d/0x60 [ 24.742147] kasan_save_track+0x18/0x40 [ 24.742712] kasan_save_free_info+0x3f/0x60 [ 24.743134] __kasan_slab_free+0x56/0x70 [ 24.743786] kfree+0x123/0x3f0 [ 24.744225] ksize_uaf+0x12d/0x6c0 [ 24.744645] kunit_try_run_case+0x1b3/0x490 [ 24.746190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.747035] kthread+0x257/0x310 [ 24.747367] ret_from_fork+0x41/0x80 [ 24.747835] ret_from_fork_asm+0x1a/0x30 [ 24.748899] [ 24.749194] The buggy address belongs to the object at ffff88810291df00 [ 24.749194] which belongs to the cache kmalloc-128 of size 128 [ 24.750915] The buggy address is located 0 bytes inside of [ 24.750915] freed 128-byte region [ffff88810291df00, ffff88810291df80) [ 24.752476] [ 24.752917] The buggy address belongs to the physical page: [ 24.753847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 24.755212] flags: 0x200000000000000(node=0|zone=2) [ 24.755882] page_type: f5(slab) [ 24.756302] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.756980] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.758350] page dumped because: kasan: bad access detected [ 24.759118] [ 24.759510] Memory state around the buggy address: [ 24.759960] ffff88810291de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.760915] ffff88810291de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.762376] >ffff88810291df00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.763093] ^ [ 24.763555] ffff88810291df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.764147] ffff88810291e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.764720] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 24.423135] ================================================================== [ 24.425482] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 24.427379] Read of size 1 at addr ffff88810291de73 by task kunit_try_catch/202 [ 24.428163] [ 24.428464] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.429843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.431076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.432493] Call Trace: [ 24.433023] <TASK> [ 24.434139] dump_stack_lvl+0x73/0xb0 [ 24.434613] print_report+0xd1/0x640 [ 24.435537] ? __virt_addr_valid+0x1db/0x2d0 [ 24.436342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.437365] kasan_report+0x102/0x140 [ 24.438133] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 24.438489] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 24.439416] __asan_report_load1_noabort+0x18/0x20 [ 24.440682] ksize_unpoisons_memory+0x81e/0x9b0 [ 24.442205] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 24.443593] ? finish_task_switch.isra.0+0x153/0x700 [ 24.444285] ? __switch_to+0x5d9/0xf60 [ 24.445482] ? __schedule+0xc70/0x27e0 [ 24.446510] ? __pfx_read_tsc+0x10/0x10 [ 24.446811] ? ktime_get_ts64+0x86/0x230 [ 24.447116] kunit_try_run_case+0x1b3/0x490 [ 24.447862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.449206] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.450565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.452094] ? __kthread_parkme+0x82/0x160 [ 24.453236] ? preempt_count_sub+0x50/0x80 [ 24.453759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.454097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.455475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.456565] kthread+0x257/0x310 [ 24.457508] ? __pfx_kthread+0x10/0x10 [ 24.458141] ret_from_fork+0x41/0x80 [ 24.458526] ? __pfx_kthread+0x10/0x10 [ 24.459496] ret_from_fork_asm+0x1a/0x30 [ 24.460843] </TASK> [ 24.461150] [ 24.461355] Allocated by task 202: [ 24.462136] kasan_save_stack+0x3d/0x60 [ 24.462706] kasan_save_track+0x18/0x40 [ 24.463980] kasan_save_alloc_info+0x3b/0x50 [ 24.464333] __kasan_kmalloc+0xb7/0xc0 [ 24.465806] __kmalloc_cache_noprof+0x184/0x410 [ 24.466141] ksize_unpoisons_memory+0xc8/0x9b0 [ 24.467075] kunit_try_run_case+0x1b3/0x490 [ 24.467550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.469304] kthread+0x257/0x310 [ 24.469572] ret_from_fork+0x41/0x80 [ 24.470333] ret_from_fork_asm+0x1a/0x30 [ 24.470973] [ 24.471226] The buggy address belongs to the object at ffff88810291de00 [ 24.471226] which belongs to the cache kmalloc-128 of size 128 [ 24.472892] The buggy address is located 0 bytes to the right of [ 24.472892] allocated 115-byte region [ffff88810291de00, ffff88810291de73) [ 24.474666] [ 24.475263] The buggy address belongs to the physical page: [ 24.476577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 24.477450] flags: 0x200000000000000(node=0|zone=2) [ 24.478476] page_type: f5(slab) [ 24.478916] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.481012] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.482893] page dumped because: kasan: bad access detected [ 24.483325] [ 24.483544] Memory state around the buggy address: [ 24.483824] ffff88810291dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.484210] ffff88810291dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.486065] >ffff88810291de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.487348] ^ [ 24.488315] ffff88810291de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.488722] ffff88810291df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.489716] ================================================================== [ 24.492100] ================================================================== [ 24.494140] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.494980] Read of size 1 at addr ffff88810291de78 by task kunit_try_catch/202 [ 24.496017] [ 24.496471] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.499177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.500359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.501325] Call Trace: [ 24.502182] <TASK> [ 24.502838] dump_stack_lvl+0x73/0xb0 [ 24.504111] print_report+0xd1/0x640 [ 24.504645] ? __virt_addr_valid+0x1db/0x2d0 [ 24.505016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.505701] kasan_report+0x102/0x140 [ 24.506806] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.507706] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.508131] __asan_report_load1_noabort+0x18/0x20 [ 24.508714] ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.510244] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 24.511483] ? finish_task_switch.isra.0+0x153/0x700 [ 24.512009] ? __switch_to+0x5d9/0xf60 [ 24.512637] ? __schedule+0xc70/0x27e0 [ 24.514481] ? __pfx_read_tsc+0x10/0x10 [ 24.514911] ? ktime_get_ts64+0x86/0x230 [ 24.515368] kunit_try_run_case+0x1b3/0x490 [ 24.515823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.517750] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.519144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.520445] ? __kthread_parkme+0x82/0x160 [ 24.521153] ? preempt_count_sub+0x50/0x80 [ 24.522926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.523313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.523958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.525834] kthread+0x257/0x310 [ 24.526176] ? __pfx_kthread+0x10/0x10 [ 24.526371] ret_from_fork+0x41/0x80 [ 24.527452] ? __pfx_kthread+0x10/0x10 [ 24.527883] ret_from_fork_asm+0x1a/0x30 [ 24.529062] </TASK> [ 24.529565] [ 24.529824] Allocated by task 202: [ 24.530380] kasan_save_stack+0x3d/0x60 [ 24.531281] kasan_save_track+0x18/0x40 [ 24.532472] kasan_save_alloc_info+0x3b/0x50 [ 24.532868] __kasan_kmalloc+0xb7/0xc0 [ 24.533329] __kmalloc_cache_noprof+0x184/0x410 [ 24.533826] ksize_unpoisons_memory+0xc8/0x9b0 [ 24.535415] kunit_try_run_case+0x1b3/0x490 [ 24.536276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.536974] kthread+0x257/0x310 [ 24.537426] ret_from_fork+0x41/0x80 [ 24.538811] ret_from_fork_asm+0x1a/0x30 [ 24.539148] [ 24.539374] The buggy address belongs to the object at ffff88810291de00 [ 24.539374] which belongs to the cache kmalloc-128 of size 128 [ 24.540390] The buggy address is located 5 bytes to the right of [ 24.540390] allocated 115-byte region [ffff88810291de00, ffff88810291de73) [ 24.542639] [ 24.542893] The buggy address belongs to the physical page: [ 24.544225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 24.544891] flags: 0x200000000000000(node=0|zone=2) [ 24.545304] page_type: f5(slab) [ 24.546774] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.548028] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.548459] page dumped because: kasan: bad access detected [ 24.549734] [ 24.549915] Memory state around the buggy address: [ 24.550220] ffff88810291dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.552483] ffff88810291dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.553749] >ffff88810291de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.555959] ^ [ 24.556629] ffff88810291de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.558390] ffff88810291df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.560183] ================================================================== [ 24.561800] ================================================================== [ 24.563398] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.566502] Read of size 1 at addr ffff88810291de7f by task kunit_try_catch/202 [ 24.567430] [ 24.567646] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 24.568252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.570450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.571599] Call Trace: [ 24.572676] <TASK> [ 24.573153] dump_stack_lvl+0x73/0xb0 [ 24.573852] print_report+0xd1/0x640 [ 24.574481] ? __virt_addr_valid+0x1db/0x2d0 [ 24.575222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.576085] kasan_report+0x102/0x140 [ 24.577091] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.577989] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.578848] __asan_report_load1_noabort+0x18/0x20 [ 24.580187] ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.581441] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 24.582080] ? finish_task_switch.isra.0+0x153/0x700 [ 24.583275] ? __switch_to+0x5d9/0xf60 [ 24.584702] ? __schedule+0xc70/0x27e0 [ 24.585190] ? __pfx_read_tsc+0x10/0x10 [ 24.585572] ? ktime_get_ts64+0x86/0x230 [ 24.585979] kunit_try_run_case+0x1b3/0x490 [ 24.587284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.588427] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.589647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.590702] ? __kthread_parkme+0x82/0x160 [ 24.591225] ? preempt_count_sub+0x50/0x80 [ 24.592292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.592886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.594312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.595599] kthread+0x257/0x310 [ 24.596065] ? __pfx_kthread+0x10/0x10 [ 24.596487] ret_from_fork+0x41/0x80 [ 24.598138] ? __pfx_kthread+0x10/0x10 [ 24.598503] ret_from_fork_asm+0x1a/0x30 [ 24.598774] </TASK> [ 24.598965] [ 24.599389] Allocated by task 202: [ 24.599814] kasan_save_stack+0x3d/0x60 [ 24.601149] kasan_save_track+0x18/0x40 [ 24.601626] kasan_save_alloc_info+0x3b/0x50 [ 24.601905] __kasan_kmalloc+0xb7/0xc0 [ 24.603346] __kmalloc_cache_noprof+0x184/0x410 [ 24.603661] ksize_unpoisons_memory+0xc8/0x9b0 [ 24.605032] kunit_try_run_case+0x1b3/0x490 [ 24.606112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.606556] kthread+0x257/0x310 [ 24.607335] ret_from_fork+0x41/0x80 [ 24.607978] ret_from_fork_asm+0x1a/0x30 [ 24.609147] [ 24.609350] The buggy address belongs to the object at ffff88810291de00 [ 24.609350] which belongs to the cache kmalloc-128 of size 128 [ 24.610897] The buggy address is located 12 bytes to the right of [ 24.610897] allocated 115-byte region [ffff88810291de00, ffff88810291de73) [ 24.611489] [ 24.611593] The buggy address belongs to the physical page: [ 24.611814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10291d [ 24.612729] flags: 0x200000000000000(node=0|zone=2) [ 24.613399] page_type: f5(slab) [ 24.614195] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.614957] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.616994] page dumped because: kasan: bad access detected [ 24.617460] [ 24.617592] Memory state around the buggy address: [ 24.617881] ffff88810291dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.618273] ffff88810291dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.619895] >ffff88810291de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.621039] ^ [ 24.621858] ffff88810291de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.623864] ffff88810291df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.624279] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 22.406214] ================================================================== [ 22.408286] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 22.409384] Read of size 1 at addr ffff888102b30000 by task kunit_try_catch/162 [ 22.410082] [ 22.410396] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.411776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.412345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.413239] Call Trace: [ 22.413588] <TASK> [ 22.414236] dump_stack_lvl+0x73/0xb0 [ 22.414749] print_report+0xd1/0x640 [ 22.415256] ? __virt_addr_valid+0x1db/0x2d0 [ 22.416175] ? kasan_addr_to_slab+0x11/0xa0 [ 22.416649] kasan_report+0x102/0x140 [ 22.417259] ? page_alloc_uaf+0x358/0x3d0 [ 22.417774] ? page_alloc_uaf+0x358/0x3d0 [ 22.419152] __asan_report_load1_noabort+0x18/0x20 [ 22.419980] page_alloc_uaf+0x358/0x3d0 [ 22.420554] ? __pfx_page_alloc_uaf+0x10/0x10 [ 22.420992] ? __schedule+0xc70/0x27e0 [ 22.421444] ? __pfx_read_tsc+0x10/0x10 [ 22.421881] ? ktime_get_ts64+0x86/0x230 [ 22.423247] kunit_try_run_case+0x1b3/0x490 [ 22.424106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.424560] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.425080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.426520] ? __kthread_parkme+0x82/0x160 [ 22.427469] ? preempt_count_sub+0x50/0x80 [ 22.428255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.429222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.430063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.431607] kthread+0x257/0x310 [ 22.431918] ? __pfx_kthread+0x10/0x10 [ 22.433149] ret_from_fork+0x41/0x80 [ 22.433562] ? __pfx_kthread+0x10/0x10 [ 22.434608] ret_from_fork_asm+0x1a/0x30 [ 22.435025] </TASK> [ 22.436034] [ 22.436390] The buggy address belongs to the physical page: [ 22.437263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b30 [ 22.438129] flags: 0x200000000000000(node=0|zone=2) [ 22.438753] page_type: f0(buddy) [ 22.439065] raw: 0200000000000000 ffff88817fffb4a0 ffff88817fffb4a0 0000000000000000 [ 22.440643] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 22.441645] page dumped because: kasan: bad access detected [ 22.442672] [ 22.442855] Memory state around the buggy address: [ 22.443222] ffff888102b2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.444830] ffff888102b2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.445313] >ffff888102b30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.446634] ^ [ 22.447033] ffff888102b30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.448172] ffff888102b30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.449237] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 22.336880] ================================================================== [ 22.339756] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 22.340566] Free of addr ffff888102978001 by task kunit_try_catch/158 [ 22.342207] [ 22.343360] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.344068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.344762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.346461] Call Trace: [ 22.346767] <TASK> [ 22.347080] dump_stack_lvl+0x73/0xb0 [ 22.347388] print_report+0xd1/0x640 [ 22.347845] ? __virt_addr_valid+0x1db/0x2d0 [ 22.349341] ? kfree+0x271/0x3f0 [ 22.349741] ? kasan_addr_to_slab+0x11/0xa0 [ 22.351061] ? kfree+0x271/0x3f0 [ 22.351357] kasan_report_invalid_free+0xc0/0xf0 [ 22.352806] ? kfree+0x271/0x3f0 [ 22.353407] ? kfree+0x271/0x3f0 [ 22.353975] __kasan_kfree_large+0x86/0xd0 [ 22.354739] free_large_kmalloc+0x3b/0xd0 [ 22.355043] kfree+0x271/0x3f0 [ 22.355411] ? kmalloc_large_invalid_free+0x90/0x2b0 [ 22.356693] kmalloc_large_invalid_free+0x121/0x2b0 [ 22.357805] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 22.358184] ? __schedule+0xc70/0x27e0 [ 22.358671] ? __pfx_read_tsc+0x10/0x10 [ 22.360045] ? ktime_get_ts64+0x86/0x230 [ 22.360844] kunit_try_run_case+0x1b3/0x490 [ 22.361311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.362370] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.362843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.364068] ? __kthread_parkme+0x82/0x160 [ 22.364759] ? preempt_count_sub+0x50/0x80 [ 22.365107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.366281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.366794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.368433] kthread+0x257/0x310 [ 22.368830] ? __pfx_kthread+0x10/0x10 [ 22.369127] ret_from_fork+0x41/0x80 [ 22.369573] ? __pfx_kthread+0x10/0x10 [ 22.370083] ret_from_fork_asm+0x1a/0x30 [ 22.371471] </TASK> [ 22.371707] [ 22.371864] The buggy address belongs to the physical page: [ 22.373399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102978 [ 22.374546] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.375198] flags: 0x200000000000040(head|node=0|zone=2) [ 22.376350] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.378020] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.378708] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.379677] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.380628] head: 0200000000000002 ffffea00040a5e01 ffffffffffffffff 0000000000000000 [ 22.381808] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.382559] page dumped because: kasan: bad access detected [ 22.383919] [ 22.384122] Memory state around the buggy address: [ 22.384491] ffff888102977f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.386077] ffff888102977f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.387181] >ffff888102978000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.387687] ^ [ 22.388002] ffff888102978080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.388571] ffff888102978100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.390211] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 22.301245] ================================================================== [ 22.302780] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 22.303507] Read of size 1 at addr ffff888102ab4000 by task kunit_try_catch/156 [ 22.303975] [ 22.304316] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.305329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.305705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.306530] Call Trace: [ 22.306914] <TASK> [ 22.307190] dump_stack_lvl+0x73/0xb0 [ 22.307548] print_report+0xd1/0x640 [ 22.308152] ? __virt_addr_valid+0x1db/0x2d0 [ 22.308700] ? kasan_addr_to_slab+0x11/0xa0 [ 22.309305] kasan_report+0x102/0x140 [ 22.309666] ? kmalloc_large_uaf+0x2f3/0x340 [ 22.310204] ? kmalloc_large_uaf+0x2f3/0x340 [ 22.310703] __asan_report_load1_noabort+0x18/0x20 [ 22.311253] kmalloc_large_uaf+0x2f3/0x340 [ 22.311764] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 22.312185] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 22.312736] kunit_try_run_case+0x1b3/0x490 [ 22.313349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.313755] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.314364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.314997] ? __kthread_parkme+0x82/0x160 [ 22.315424] ? preempt_count_sub+0x50/0x80 [ 22.315922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.316349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.316822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.317560] kthread+0x257/0x310 [ 22.318069] ? __pfx_kthread+0x10/0x10 [ 22.318585] ret_from_fork+0x41/0x80 [ 22.319046] ? __pfx_kthread+0x10/0x10 [ 22.319578] ret_from_fork_asm+0x1a/0x30 [ 22.320041] </TASK> [ 22.320399] [ 22.320623] The buggy address belongs to the physical page: [ 22.321017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab4 [ 22.321712] flags: 0x200000000000000(node=0|zone=2) [ 22.322155] raw: 0200000000000000 ffffea00040aae08 ffff88815b13f0c0 0000000000000000 [ 22.323016] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.323843] page dumped because: kasan: bad access detected [ 22.324439] [ 22.324669] Memory state around the buggy address: [ 22.325048] ffff888102ab3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.325710] ffff888102ab3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.326490] >ffff888102ab4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.326993] ^ [ 22.327304] ffff888102ab4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.328174] ffff888102ab4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.328691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 22.245466] ================================================================== [ 22.247034] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 22.247665] Write of size 1 at addr ffff888102ab600a by task kunit_try_catch/154 [ 22.249337] [ 22.249817] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.251000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.251409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.252919] Call Trace: [ 22.253212] <TASK> [ 22.253440] dump_stack_lvl+0x73/0xb0 [ 22.253883] print_report+0xd1/0x640 [ 22.254793] ? __virt_addr_valid+0x1db/0x2d0 [ 22.255317] ? kasan_addr_to_slab+0x11/0xa0 [ 22.255978] kasan_report+0x102/0x140 [ 22.256407] ? kmalloc_large_oob_right+0x2eb/0x340 [ 22.257253] ? kmalloc_large_oob_right+0x2eb/0x340 [ 22.258397] __asan_report_store1_noabort+0x1b/0x30 [ 22.259084] kmalloc_large_oob_right+0x2eb/0x340 [ 22.259682] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 22.260174] ? __schedule+0xc70/0x27e0 [ 22.260490] ? __pfx_read_tsc+0x10/0x10 [ 22.261317] ? ktime_get_ts64+0x86/0x230 [ 22.261865] kunit_try_run_case+0x1b3/0x490 [ 22.262433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.263163] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.264307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.265173] ? __kthread_parkme+0x82/0x160 [ 22.265764] ? preempt_count_sub+0x50/0x80 [ 22.266348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.266849] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.267367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.268243] kthread+0x257/0x310 [ 22.268805] ? __pfx_kthread+0x10/0x10 [ 22.269306] ret_from_fork+0x41/0x80 [ 22.270413] ? __pfx_kthread+0x10/0x10 [ 22.270756] ret_from_fork_asm+0x1a/0x30 [ 22.271896] </TASK> [ 22.272116] [ 22.272390] The buggy address belongs to the physical page: [ 22.273003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab4 [ 22.275027] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.276183] flags: 0x200000000000040(head|node=0|zone=2) [ 22.277953] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.279068] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.280149] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.281345] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.282503] head: 0200000000000002 ffffea00040aad01 ffffffffffffffff 0000000000000000 [ 22.284211] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.285364] page dumped because: kasan: bad access detected [ 22.286756] [ 22.286980] Memory state around the buggy address: [ 22.287343] ffff888102ab5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.289134] ffff888102ab5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.289739] >ffff888102ab6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.290769] ^ [ 22.292103] ffff888102ab6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.293380] ffff888102ab6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.294790] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 22.178991] ================================================================== [ 22.180239] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 22.182186] Write of size 1 at addr ffff888102a91f00 by task kunit_try_catch/152 [ 22.182917] [ 22.183121] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.185961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.186771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.187918] Call Trace: [ 22.188737] <TASK> [ 22.189003] dump_stack_lvl+0x73/0xb0 [ 22.189494] print_report+0xd1/0x640 [ 22.189746] ? __virt_addr_valid+0x1db/0x2d0 [ 22.190692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.191891] kasan_report+0x102/0x140 [ 22.192674] ? kmalloc_big_oob_right+0x318/0x370 [ 22.193548] ? kmalloc_big_oob_right+0x318/0x370 [ 22.194100] __asan_report_store1_noabort+0x1b/0x30 [ 22.194628] kmalloc_big_oob_right+0x318/0x370 [ 22.195534] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 22.196313] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 22.196686] kunit_try_run_case+0x1b3/0x490 [ 22.197452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.197969] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.198448] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.198790] ? __kthread_parkme+0x82/0x160 [ 22.199494] ? preempt_count_sub+0x50/0x80 [ 22.200115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.201015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.202364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.203078] kthread+0x257/0x310 [ 22.204335] ? __pfx_kthread+0x10/0x10 [ 22.205332] ret_from_fork+0x41/0x80 [ 22.206230] ? __pfx_kthread+0x10/0x10 [ 22.206654] ret_from_fork_asm+0x1a/0x30 [ 22.207115] </TASK> [ 22.207375] [ 22.207580] Allocated by task 152: [ 22.209395] kasan_save_stack+0x3d/0x60 [ 22.210234] kasan_save_track+0x18/0x40 [ 22.210425] kasan_save_alloc_info+0x3b/0x50 [ 22.210617] __kasan_kmalloc+0xb7/0xc0 [ 22.210791] __kmalloc_cache_noprof+0x184/0x410 [ 22.211026] kmalloc_big_oob_right+0xaa/0x370 [ 22.211224] kunit_try_run_case+0x1b3/0x490 [ 22.211410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.211632] kthread+0x257/0x310 [ 22.211792] ret_from_fork+0x41/0x80 [ 22.212152] ret_from_fork_asm+0x1a/0x30 [ 22.212718] [ 22.212881] The buggy address belongs to the object at ffff888102a90000 [ 22.212881] which belongs to the cache kmalloc-8k of size 8192 [ 22.215525] The buggy address is located 0 bytes to the right of [ 22.215525] allocated 7936-byte region [ffff888102a90000, ffff888102a91f00) [ 22.217598] [ 22.217987] The buggy address belongs to the physical page: [ 22.219365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a90 [ 22.221131] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.222271] flags: 0x200000000000040(head|node=0|zone=2) [ 22.222642] page_type: f5(slab) [ 22.223117] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 22.224073] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 22.224682] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 22.226561] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 22.228063] head: 0200000000000003 ffffea00040aa401 ffffffffffffffff 0000000000000000 [ 22.229067] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 22.230000] page dumped because: kasan: bad access detected [ 22.230646] [ 22.230976] Memory state around the buggy address: [ 22.232270] ffff888102a91e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.233452] ffff888102a91e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.234826] >ffff888102a91f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.235432] ^ [ 22.235714] ffff888102a91f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.236460] ffff888102a92000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.237218] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 22.073396] ================================================================== [ 22.074216] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.076022] Write of size 1 at addr ffff88810246cb78 by task kunit_try_catch/150 [ 22.076953] [ 22.077570] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.078760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.079266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.080903] Call Trace: [ 22.081301] <TASK> [ 22.082240] dump_stack_lvl+0x73/0xb0 [ 22.083056] print_report+0xd1/0x640 [ 22.083343] ? __virt_addr_valid+0x1db/0x2d0 [ 22.084194] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.085123] kasan_report+0x102/0x140 [ 22.086233] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.087030] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.087761] __asan_report_store1_noabort+0x1b/0x30 [ 22.088373] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.089391] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 22.090648] ? __schedule+0xc70/0x27e0 [ 22.092025] ? __pfx_read_tsc+0x10/0x10 [ 22.092576] ? ktime_get_ts64+0x86/0x230 [ 22.093031] kunit_try_run_case+0x1b3/0x490 [ 22.093481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.095053] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.096420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.097463] ? __kthread_parkme+0x82/0x160 [ 22.097994] ? preempt_count_sub+0x50/0x80 [ 22.099215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.099805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.101121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.101594] kthread+0x257/0x310 [ 22.102091] ? __pfx_kthread+0x10/0x10 [ 22.103106] ret_from_fork+0x41/0x80 [ 22.103722] ? __pfx_kthread+0x10/0x10 [ 22.105410] ret_from_fork_asm+0x1a/0x30 [ 22.106291] </TASK> [ 22.107545] [ 22.107725] Allocated by task 150: [ 22.108002] kasan_save_stack+0x3d/0x60 [ 22.108604] kasan_save_track+0x18/0x40 [ 22.109953] kasan_save_alloc_info+0x3b/0x50 [ 22.110327] __kasan_kmalloc+0xb7/0xc0 [ 22.111617] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 22.112992] kmalloc_track_caller_oob_right+0x9a/0x530 [ 22.114162] kunit_try_run_case+0x1b3/0x490 [ 22.114960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.115773] kthread+0x257/0x310 [ 22.117173] ret_from_fork+0x41/0x80 [ 22.117797] ret_from_fork_asm+0x1a/0x30 [ 22.118171] [ 22.118550] The buggy address belongs to the object at ffff88810246cb00 [ 22.118550] which belongs to the cache kmalloc-128 of size 128 [ 22.121110] The buggy address is located 0 bytes to the right of [ 22.121110] allocated 120-byte region [ffff88810246cb00, ffff88810246cb78) [ 22.122318] [ 22.122533] The buggy address belongs to the physical page: [ 22.124950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10246c [ 22.126497] flags: 0x200000000000000(node=0|zone=2) [ 22.128261] page_type: f5(slab) [ 22.128956] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.130370] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.131315] page dumped because: kasan: bad access detected [ 22.132986] [ 22.133232] Memory state around the buggy address: [ 22.133713] ffff88810246ca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.134398] ffff88810246ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.136287] >ffff88810246cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.136744] ^ [ 22.137795] ffff88810246cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.139231] ffff88810246cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.140446] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 21.996514] ================================================================== [ 21.998654] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 21.999394] Read of size 1 at addr ffff8881027af000 by task kunit_try_catch/148 [ 22.000541] [ 22.001602] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 22.003187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.003648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.005072] Call Trace: [ 22.005350] <TASK> [ 22.005544] dump_stack_lvl+0x73/0xb0 [ 22.005899] print_report+0xd1/0x640 [ 22.006611] ? __virt_addr_valid+0x1db/0x2d0 [ 22.007114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.007432] kasan_report+0x102/0x140 [ 22.007796] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 22.008856] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 22.009698] __asan_report_load1_noabort+0x18/0x20 [ 22.010486] kmalloc_node_oob_right+0x36b/0x3d0 [ 22.011596] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 22.012546] ? __schedule+0xc70/0x27e0 [ 22.013527] ? __pfx_read_tsc+0x10/0x10 [ 22.014505] ? ktime_get_ts64+0x86/0x230 [ 22.015442] kunit_try_run_case+0x1b3/0x490 [ 22.016208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.017058] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.018016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.018731] ? __kthread_parkme+0x82/0x160 [ 22.019318] ? preempt_count_sub+0x50/0x80 [ 22.019710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.020724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.021345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.023210] kthread+0x257/0x310 [ 22.024382] ? __pfx_kthread+0x10/0x10 [ 22.025062] ret_from_fork+0x41/0x80 [ 22.026591] ? __pfx_kthread+0x10/0x10 [ 22.027523] ret_from_fork_asm+0x1a/0x30 [ 22.028465] </TASK> [ 22.029460] [ 22.029771] Allocated by task 148: [ 22.030740] kasan_save_stack+0x3d/0x60 [ 22.031321] kasan_save_track+0x18/0x40 [ 22.031566] kasan_save_alloc_info+0x3b/0x50 [ 22.032349] __kasan_kmalloc+0xb7/0xc0 [ 22.032751] __kmalloc_cache_node_noprof+0x183/0x410 [ 22.033264] kmalloc_node_oob_right+0xac/0x3d0 [ 22.033710] kunit_try_run_case+0x1b3/0x490 [ 22.035747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.036104] kthread+0x257/0x310 [ 22.036281] ret_from_fork+0x41/0x80 [ 22.036450] ret_from_fork_asm+0x1a/0x30 [ 22.036993] [ 22.037309] The buggy address belongs to the object at ffff8881027ae000 [ 22.037309] which belongs to the cache kmalloc-4k of size 4096 [ 22.041183] The buggy address is located 0 bytes to the right of [ 22.041183] allocated 4096-byte region [ffff8881027ae000, ffff8881027af000) [ 22.044536] [ 22.044845] The buggy address belongs to the physical page: [ 22.045435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 22.046416] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.047826] flags: 0x200000000000040(head|node=0|zone=2) [ 22.048891] page_type: f5(slab) [ 22.049983] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 22.050803] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 22.052246] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 22.053193] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 22.054521] head: 0200000000000003 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 22.055377] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 22.057577] page dumped because: kasan: bad access detected [ 22.058402] [ 22.058604] Memory state around the buggy address: [ 22.059099] ffff8881027aef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.060924] ffff8881027aef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.061686] >ffff8881027af000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.062441] ^ [ 22.063183] ffff8881027af080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.064660] ffff8881027af100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.064984] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 21.921404] ================================================================== [ 21.923519] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 21.925867] Read of size 1 at addr ffff888101b3cc5f by task kunit_try_catch/146 [ 21.927555] [ 21.927791] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 21.929216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.930179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.932130] Call Trace: [ 21.932737] <TASK> [ 21.933590] dump_stack_lvl+0x73/0xb0 [ 21.934531] print_report+0xd1/0x640 [ 21.934994] ? __virt_addr_valid+0x1db/0x2d0 [ 21.936190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.936686] kasan_report+0x102/0x140 [ 21.937216] ? kmalloc_oob_left+0x363/0x3c0 [ 21.937628] ? kmalloc_oob_left+0x363/0x3c0 [ 21.939030] __asan_report_load1_noabort+0x18/0x20 [ 21.940371] kmalloc_oob_left+0x363/0x3c0 [ 21.941135] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 21.942724] ? __schedule+0xc70/0x27e0 [ 21.943479] ? __pfx_read_tsc+0x10/0x10 [ 21.943969] ? ktime_get_ts64+0x86/0x230 [ 21.945066] kunit_try_run_case+0x1b3/0x490 [ 21.945609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.946133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.946606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.948319] ? __kthread_parkme+0x82/0x160 [ 21.949034] ? preempt_count_sub+0x50/0x80 [ 21.949446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.950162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.951054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.951962] kthread+0x257/0x310 [ 21.952895] ? __pfx_kthread+0x10/0x10 [ 21.953516] ret_from_fork+0x41/0x80 [ 21.953846] ? __pfx_kthread+0x10/0x10 [ 21.955057] ret_from_fork_asm+0x1a/0x30 [ 21.955393] </TASK> [ 21.956305] [ 21.956553] Allocated by task 1: [ 21.957528] kasan_save_stack+0x3d/0x60 [ 21.958233] kasan_save_track+0x18/0x40 [ 21.959160] kasan_save_alloc_info+0x3b/0x50 [ 21.959869] __kasan_kmalloc+0xb7/0xc0 [ 21.960671] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 21.961196] kvasprintf+0xc6/0x150 [ 21.961671] __kthread_create_on_node+0x18c/0x3a0 [ 21.963098] kthread_create_on_node+0xa8/0xe0 [ 21.963688] create_worker+0x3c8/0x7a0 [ 21.964645] alloc_unbound_pwq+0x8ea/0xdb0 [ 21.965064] apply_wqattrs_prepare+0x332/0xd40 [ 21.966026] apply_workqueue_attrs_locked+0x4d/0xa0 [ 21.967266] alloc_workqueue+0xcc4/0x1ad0 [ 21.967587] latency_fsnotify_init+0x1b/0x50 [ 21.967878] do_one_initcall+0xb5/0x370 [ 21.968171] kernel_init_freeable+0x425/0x6f0 [ 21.968455] kernel_init+0x23/0x1e0 [ 21.968717] ret_from_fork+0x41/0x80 [ 21.971011] ret_from_fork_asm+0x1a/0x30 [ 21.971488] [ 21.971876] The buggy address belongs to the object at ffff888101b3cc40 [ 21.971876] which belongs to the cache kmalloc-16 of size 16 [ 21.973757] The buggy address is located 18 bytes to the right of [ 21.973757] allocated 13-byte region [ffff888101b3cc40, ffff888101b3cc4d) [ 21.976217] [ 21.976899] The buggy address belongs to the physical page: [ 21.977381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3c [ 21.978567] flags: 0x200000000000000(node=0|zone=2) [ 21.979245] page_type: f5(slab) [ 21.979578] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.980012] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.980391] page dumped because: kasan: bad access detected [ 21.981538] [ 21.982576] Memory state around the buggy address: [ 21.983441] ffff888101b3cb00: 00 05 fc fc 00 02 fc fc 00 03 fc fc fa fb fc fc [ 21.984919] ffff888101b3cb80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 21.985657] >ffff888101b3cc00: 00 02 fc fc 00 02 fc fc 00 05 fc fc 00 07 fc fc [ 21.986325] ^ [ 21.987723] ffff888101b3cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.988483] ffff888101b3cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.989292] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 21.816740] ================================================================== [ 21.817770] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 21.818901] Write of size 1 at addr ffff888102914878 by task kunit_try_catch/144 [ 21.820479] [ 21.820822] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 21.822543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.823330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.825104] Call Trace: [ 21.825532] <TASK> [ 21.825971] dump_stack_lvl+0x73/0xb0 [ 21.826653] print_report+0xd1/0x640 [ 21.827378] ? __virt_addr_valid+0x1db/0x2d0 [ 21.828205] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.829077] kasan_report+0x102/0x140 [ 21.829477] ? kmalloc_oob_right+0x6bf/0x7f0 [ 21.829958] ? kmalloc_oob_right+0x6bf/0x7f0 [ 21.830487] __asan_report_store1_noabort+0x1b/0x30 [ 21.830979] kmalloc_oob_right+0x6bf/0x7f0 [ 21.831417] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.831917] ? __schedule+0xc70/0x27e0 [ 21.832391] ? __pfx_read_tsc+0x10/0x10 [ 21.832734] ? ktime_get_ts64+0x86/0x230 [ 21.833415] kunit_try_run_case+0x1b3/0x490 [ 21.834116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.834531] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.835028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.836560] ? __kthread_parkme+0x82/0x160 [ 21.837428] ? preempt_count_sub+0x50/0x80 [ 21.838254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.838620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.839388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.840107] kthread+0x257/0x310 [ 21.840868] ? __pfx_kthread+0x10/0x10 [ 21.841191] ret_from_fork+0x41/0x80 [ 21.842266] ? __pfx_kthread+0x10/0x10 [ 21.842997] ret_from_fork_asm+0x1a/0x30 [ 21.843739] </TASK> [ 21.844334] [ 21.844694] Allocated by task 144: [ 21.845521] kasan_save_stack+0x3d/0x60 [ 21.846277] kasan_save_track+0x18/0x40 [ 21.846680] kasan_save_alloc_info+0x3b/0x50 [ 21.847190] __kasan_kmalloc+0xb7/0xc0 [ 21.848220] __kmalloc_cache_noprof+0x184/0x410 [ 21.848623] kmalloc_oob_right+0xaa/0x7f0 [ 21.849088] kunit_try_run_case+0x1b3/0x490 [ 21.849918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.850669] kthread+0x257/0x310 [ 21.851613] ret_from_fork+0x41/0x80 [ 21.852222] ret_from_fork_asm+0x1a/0x30 [ 21.852902] [ 21.853204] The buggy address belongs to the object at ffff888102914800 [ 21.853204] which belongs to the cache kmalloc-128 of size 128 [ 21.854216] The buggy address is located 5 bytes to the right of [ 21.854216] allocated 115-byte region [ffff888102914800, ffff888102914873) [ 21.855981] [ 21.856249] The buggy address belongs to the physical page: [ 21.857461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102914 [ 21.857801] flags: 0x200000000000000(node=0|zone=2) [ 21.858096] page_type: f5(slab) [ 21.858920] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.860399] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.861138] page dumped because: kasan: bad access detected [ 21.862390] [ 21.862578] Memory state around the buggy address: [ 21.863065] ffff888102914700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.864290] ffff888102914780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.865253] >ffff888102914800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.866094] ^ [ 21.866671] ffff888102914880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.867575] ffff888102914900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.868657] ================================================================== [ 21.870844] ================================================================== [ 21.871816] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 21.873429] Read of size 1 at addr ffff888102914880 by task kunit_try_catch/144 [ 21.874813] [ 21.875038] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc1-next-20241206 #1 [ 21.875983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.876265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.877613] Call Trace: [ 21.878061] <TASK> [ 21.878715] dump_stack_lvl+0x73/0xb0 [ 21.879813] print_report+0xd1/0x640 [ 21.880512] ? __virt_addr_valid+0x1db/0x2d0 [ 21.881016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.882081] kasan_report+0x102/0x140 [ 21.882922] ? kmalloc_oob_right+0x68c/0x7f0 [ 21.883661] ? kmalloc_oob_right+0x68c/0x7f0 [ 21.883999] __asan_report_load1_noabort+0x18/0x20 [ 21.885060] kmalloc_oob_right+0x68c/0x7f0 [ 21.885560] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.886352] ? __schedule+0xc70/0x27e0 [ 21.886790] ? __pfx_read_tsc+0x10/0x10 [ 21.887380] ? ktime_get_ts64+0x86/0x230 [ 21.887766] kunit_try_run_case+0x1b3/0x490 [ 21.888150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.888529] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.889034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.889426] ? __kthread_parkme+0x82/0x160 [ 21.889882] ? preempt_count_sub+0x50/0x80 [ 21.890402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.890843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.891484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.892212] kthread+0x257/0x310 [ 21.892544] ? __pfx_kthread+0x10/0x10 [ 21.892861] ret_from_fork+0x41/0x80 [ 21.893338] ? __pfx_kthread+0x10/0x10 [ 21.893775] ret_from_fork_asm+0x1a/0x30 [ 21.894233] </TASK> [ 21.894425] [ 21.894665] Allocated by task 144: [ 21.895141] kasan_save_stack+0x3d/0x60 [ 21.895628] kasan_save_track+0x18/0x40 [ 21.896015] kasan_save_alloc_info+0x3b/0x50 [ 21.896379] __kasan_kmalloc+0xb7/0xc0 [ 21.896851] __kmalloc_cache_noprof+0x184/0x410 [ 21.897502] kmalloc_oob_right+0xaa/0x7f0 [ 21.897922] kunit_try_run_case+0x1b3/0x490 [ 21.898410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.898927] kthread+0x257/0x310 [ 21.899432] ret_from_fork+0x41/0x80 [ 21.899762] ret_from_fork_asm+0x1a/0x30 [ 21.900136] [ 21.900372] The buggy address belongs to the object at ffff888102914800 [ 21.900372] which belongs to the cache kmalloc-128 of size 128 [ 21.901322] The buggy address is located 13 bytes to the right of [ 21.901322] allocated 115-byte region [ffff888102914800, ffff888102914873) [ 21.902395] [ 21.902591] The buggy address belongs to the physical page: [ 21.903281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102914 [ 21.904229] flags: 0x200000000000000(node=0|zone=2) [ 21.904567] page_type: f5(slab) [ 21.904970] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.905710] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.906488] page dumped because: kasan: bad access detected [ 21.906996] [ 21.907345] Memory state around the buggy address: [ 21.907831] ffff888102914780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.908452] ffff888102914800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.909043] >ffff888102914880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.909495] ^ [ 21.909965] ffff888102914900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.910736] ffff888102914980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.911281] ================================================================== [ 21.769276] ================================================================== [ 21.770332] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 21.771664] Write of size 1 at addr ffff888102914873 by task kunit_try_catch/144 [ 21.772383] [ 21.774401] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.13.0-rc1-next-20241206 #1 [ 21.775585] Tainted: [N]=TEST [ 21.775960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.777310] Call Trace: [ 21.777774] <TASK> [ 21.778268] dump_stack_lvl+0x73/0xb0 [ 21.778778] print_report+0xd1/0x640 [ 21.779161] ? __virt_addr_valid+0x1db/0x2d0 [ 21.779547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.780092] kasan_report+0x102/0x140 [ 21.780531] ? kmalloc_oob_right+0x6f2/0x7f0 [ 21.781171] ? kmalloc_oob_right+0x6f2/0x7f0 [ 21.781557] __asan_report_store1_noabort+0x1b/0x30 [ 21.782218] kmalloc_oob_right+0x6f2/0x7f0 [ 21.782546] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 21.783146] ? __schedule+0xc70/0x27e0 [ 21.783685] ? __pfx_read_tsc+0x10/0x10 [ 21.784009] ? ktime_get_ts64+0x86/0x230 [ 21.784590] kunit_try_run_case+0x1b3/0x490 [ 21.785019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.785354] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.786073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.786531] ? __kthread_parkme+0x82/0x160 [ 21.786925] ? preempt_count_sub+0x50/0x80 [ 21.787694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.788068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.788732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.789396] kthread+0x257/0x310 [ 21.789679] ? __pfx_kthread+0x10/0x10 [ 21.790020] ret_from_fork+0x41/0x80 [ 21.790361] ? __pfx_kthread+0x10/0x10 [ 21.790883] ret_from_fork_asm+0x1a/0x30 [ 21.791543] </TASK> [ 21.792181] [ 21.792403] Allocated by task 144: [ 21.793110] kasan_save_stack+0x3d/0x60 [ 21.793602] kasan_save_track+0x18/0x40 [ 21.793969] kasan_save_alloc_info+0x3b/0x50 [ 21.794660] __kasan_kmalloc+0xb7/0xc0 [ 21.795103] __kmalloc_cache_noprof+0x184/0x410 [ 21.795479] kmalloc_oob_right+0xaa/0x7f0 [ 21.795771] kunit_try_run_case+0x1b3/0x490 [ 21.796099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.796808] kthread+0x257/0x310 [ 21.797303] ret_from_fork+0x41/0x80 [ 21.797566] ret_from_fork_asm+0x1a/0x30 [ 21.798005] [ 21.798420] The buggy address belongs to the object at ffff888102914800 [ 21.798420] which belongs to the cache kmalloc-128 of size 128 [ 21.800267] The buggy address is located 0 bytes to the right of [ 21.800267] allocated 115-byte region [ffff888102914800, ffff888102914873) [ 21.801368] [ 21.801774] The buggy address belongs to the physical page: [ 21.802515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102914 [ 21.803611] flags: 0x200000000000000(node=0|zone=2) [ 21.805183] page_type: f5(slab) [ 21.806688] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.807238] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.808083] page dumped because: kasan: bad access detected [ 21.808661] [ 21.808842] Memory state around the buggy address: [ 21.809717] ffff888102914700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.810911] ffff888102914780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.811720] >ffff888102914800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.812471] ^ [ 21.813168] ffff888102914880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.813750] ffff888102914900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.814328] ==================================================================