Date
Dec. 9, 2024, 6:35 a.m.
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 24.796096] ================================================================== [ 24.798026] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 24.799709] Free of addr ffff888101094740 by task kunit_try_catch/199 [ 24.801217] [ 24.801721] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.803466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.804047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.805649] Call Trace: [ 24.806263] <TASK> [ 24.806550] dump_stack_lvl+0x73/0xb0 [ 24.807736] print_report+0xd1/0x640 [ 24.808383] ? __virt_addr_valid+0x1db/0x2d0 [ 24.808821] ? kfree_sensitive+0x2e/0x90 [ 24.809248] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.811016] ? kfree_sensitive+0x2e/0x90 [ 24.811354] kasan_report_invalid_free+0xc0/0xf0 [ 24.811652] ? kfree_sensitive+0x2e/0x90 [ 24.812493] ? kfree_sensitive+0x2e/0x90 [ 24.813081] check_slab_allocation+0x101/0x130 [ 24.813714] __kasan_slab_pre_free+0x28/0x40 [ 24.814567] kfree+0xf1/0x3f0 [ 24.815463] ? kfree_sensitive+0x2e/0x90 [ 24.815966] kfree_sensitive+0x2e/0x90 [ 24.816252] kmalloc_double_kzfree+0x19d/0x360 [ 24.817366] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 24.818119] ? __schedule+0xc70/0x27e0 [ 24.818484] ? __pfx_read_tsc+0x10/0x10 [ 24.819060] ? ktime_get_ts64+0x86/0x230 [ 24.819504] kunit_try_run_case+0x1b3/0x490 [ 24.820184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.821285] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.821963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.822553] ? __kthread_parkme+0x82/0x160 [ 24.823310] ? preempt_count_sub+0x50/0x80 [ 24.824001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.824789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.826012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.826855] kthread+0x257/0x310 [ 24.827587] ? __pfx_kthread+0x10/0x10 [ 24.828371] ret_from_fork+0x41/0x80 [ 24.828627] ? __pfx_kthread+0x10/0x10 [ 24.829599] ret_from_fork_asm+0x1a/0x30 [ 24.830343] </TASK> [ 24.830605] [ 24.830759] Allocated by task 199: [ 24.831314] kasan_save_stack+0x3d/0x60 [ 24.832101] kasan_save_track+0x18/0x40 [ 24.833138] kasan_save_alloc_info+0x3b/0x50 [ 24.834018] __kasan_kmalloc+0xb7/0xc0 [ 24.834675] __kmalloc_cache_noprof+0x184/0x410 [ 24.835275] kmalloc_double_kzfree+0xaa/0x360 [ 24.835655] kunit_try_run_case+0x1b3/0x490 [ 24.836444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.837976] kthread+0x257/0x310 [ 24.838630] ret_from_fork+0x41/0x80 [ 24.839123] ret_from_fork_asm+0x1a/0x30 [ 24.839940] [ 24.840242] Freed by task 199: [ 24.840486] kasan_save_stack+0x3d/0x60 [ 24.841586] kasan_save_track+0x18/0x40 [ 24.842463] kasan_save_free_info+0x3f/0x60 [ 24.842842] __kasan_slab_free+0x56/0x70 [ 24.843685] kfree+0x123/0x3f0 [ 24.844344] kfree_sensitive+0x67/0x90 [ 24.844979] kmalloc_double_kzfree+0x12c/0x360 [ 24.845985] kunit_try_run_case+0x1b3/0x490 [ 24.846869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.847209] kthread+0x257/0x310 [ 24.848077] ret_from_fork+0x41/0x80 [ 24.849003] ret_from_fork_asm+0x1a/0x30 [ 24.850007] [ 24.850154] The buggy address belongs to the object at ffff888101094740 [ 24.850154] which belongs to the cache kmalloc-16 of size 16 [ 24.851964] The buggy address is located 0 bytes inside of [ 24.851964] 16-byte region [ffff888101094740, ffff888101094750) [ 24.853133] [ 24.853315] The buggy address belongs to the physical page: [ 24.854045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.855243] flags: 0x200000000000000(node=0|zone=2) [ 24.856000] page_type: f5(slab) [ 24.856433] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.857482] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.858892] page dumped because: kasan: bad access detected [ 24.859764] [ 24.859926] Memory state around the buggy address: [ 24.860765] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 24.861639] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 24.862936] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 24.863861] ^ [ 24.864663] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.865401] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.866245] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 24.724039] ================================================================== [ 24.726052] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 24.727434] Read of size 1 at addr ffff888101094740 by task kunit_try_catch/199 [ 24.728107] [ 24.728851] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.729858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.730790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.731758] Call Trace: [ 24.732098] <TASK> [ 24.732396] dump_stack_lvl+0x73/0xb0 [ 24.733743] print_report+0xd1/0x640 [ 24.734151] ? __virt_addr_valid+0x1db/0x2d0 [ 24.734823] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.735669] kasan_report+0x102/0x140 [ 24.737050] ? kmalloc_double_kzfree+0x19d/0x360 [ 24.737646] ? kmalloc_double_kzfree+0x19d/0x360 [ 24.738646] ? kmalloc_double_kzfree+0x19d/0x360 [ 24.739558] __kasan_check_byte+0x3d/0x50 [ 24.740043] kfree_sensitive+0x22/0x90 [ 24.741070] kmalloc_double_kzfree+0x19d/0x360 [ 24.741935] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 24.742530] ? __schedule+0xc70/0x27e0 [ 24.742928] ? __pfx_read_tsc+0x10/0x10 [ 24.743606] ? ktime_get_ts64+0x86/0x230 [ 24.744724] kunit_try_run_case+0x1b3/0x490 [ 24.745415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.746354] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.746795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.747545] ? __kthread_parkme+0x82/0x160 [ 24.748859] ? preempt_count_sub+0x50/0x80 [ 24.749311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.750338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.751096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.752067] kthread+0x257/0x310 [ 24.753330] ? __pfx_kthread+0x10/0x10 [ 24.753724] ret_from_fork+0x41/0x80 [ 24.754562] ? __pfx_kthread+0x10/0x10 [ 24.754940] ret_from_fork_asm+0x1a/0x30 [ 24.755711] </TASK> [ 24.756159] [ 24.757011] Allocated by task 199: [ 24.757688] kasan_save_stack+0x3d/0x60 [ 24.758437] kasan_save_track+0x18/0x40 [ 24.759474] kasan_save_alloc_info+0x3b/0x50 [ 24.759862] __kasan_kmalloc+0xb7/0xc0 [ 24.760551] __kmalloc_cache_noprof+0x184/0x410 [ 24.761365] kmalloc_double_kzfree+0xaa/0x360 [ 24.761661] kunit_try_run_case+0x1b3/0x490 [ 24.761945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.762523] kthread+0x257/0x310 [ 24.762773] ret_from_fork+0x41/0x80 [ 24.763774] ret_from_fork_asm+0x1a/0x30 [ 24.764355] [ 24.764633] Freed by task 199: [ 24.765005] kasan_save_stack+0x3d/0x60 [ 24.766093] kasan_save_track+0x18/0x40 [ 24.766715] kasan_save_free_info+0x3f/0x60 [ 24.767828] __kasan_slab_free+0x56/0x70 [ 24.769105] kfree+0x123/0x3f0 [ 24.769613] kfree_sensitive+0x67/0x90 [ 24.770674] kmalloc_double_kzfree+0x12c/0x360 [ 24.771123] kunit_try_run_case+0x1b3/0x490 [ 24.772157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.773466] kthread+0x257/0x310 [ 24.773727] ret_from_fork+0x41/0x80 [ 24.774666] ret_from_fork_asm+0x1a/0x30 [ 24.775592] [ 24.776494] The buggy address belongs to the object at ffff888101094740 [ 24.776494] which belongs to the cache kmalloc-16 of size 16 [ 24.777767] The buggy address is located 0 bytes inside of [ 24.777767] freed 16-byte region [ffff888101094740, ffff888101094750) [ 24.778894] [ 24.779099] The buggy address belongs to the physical page: [ 24.779515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 24.780157] flags: 0x200000000000000(node=0|zone=2) [ 24.781336] page_type: f5(slab) [ 24.781924] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.783659] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.785245] page dumped because: kasan: bad access detected [ 24.785832] [ 24.786207] Memory state around the buggy address: [ 24.787007] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 24.788571] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 24.788988] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 24.791340] ^ [ 24.791586] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.792689] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.794028] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 24.584643] ================================================================== [ 24.586459] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 24.587502] Write of size 33 at addr ffff888102952d00 by task kunit_try_catch/193 [ 24.588550] [ 24.588819] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.590327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.590716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.591952] Call Trace: [ 24.592174] <TASK> [ 24.592856] dump_stack_lvl+0x73/0xb0 [ 24.593550] print_report+0xd1/0x640 [ 24.594221] ? __virt_addr_valid+0x1db/0x2d0 [ 24.594829] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.595387] kasan_report+0x102/0x140 [ 24.595766] ? kmalloc_uaf_memset+0x1a4/0x360 [ 24.596506] ? kmalloc_uaf_memset+0x1a4/0x360 [ 24.597707] kasan_check_range+0x10c/0x1c0 [ 24.598238] __asan_memset+0x27/0x50 [ 24.598574] kmalloc_uaf_memset+0x1a4/0x360 [ 24.599269] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 24.599789] ? __schedule+0xc70/0x27e0 [ 24.600507] ? __pfx_read_tsc+0x10/0x10 [ 24.601147] ? ktime_get_ts64+0x86/0x230 [ 24.601638] kunit_try_run_case+0x1b3/0x490 [ 24.602553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.603202] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.603694] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.604798] ? __kthread_parkme+0x82/0x160 [ 24.605269] ? preempt_count_sub+0x50/0x80 [ 24.605610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.606639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.607578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.608132] kthread+0x257/0x310 [ 24.608529] ? __pfx_kthread+0x10/0x10 [ 24.609247] ret_from_fork+0x41/0x80 [ 24.609547] ? __pfx_kthread+0x10/0x10 [ 24.610465] ret_from_fork_asm+0x1a/0x30 [ 24.611266] </TASK> [ 24.611471] [ 24.611702] Allocated by task 193: [ 24.612143] kasan_save_stack+0x3d/0x60 [ 24.612670] kasan_save_track+0x18/0x40 [ 24.613626] kasan_save_alloc_info+0x3b/0x50 [ 24.613956] __kasan_kmalloc+0xb7/0xc0 [ 24.614737] __kmalloc_cache_noprof+0x184/0x410 [ 24.615714] kmalloc_uaf_memset+0xaa/0x360 [ 24.616248] kunit_try_run_case+0x1b3/0x490 [ 24.616811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.617490] kthread+0x257/0x310 [ 24.618535] ret_from_fork+0x41/0x80 [ 24.619266] ret_from_fork_asm+0x1a/0x30 [ 24.619659] [ 24.619903] Freed by task 193: [ 24.620466] kasan_save_stack+0x3d/0x60 [ 24.621511] kasan_save_track+0x18/0x40 [ 24.621866] kasan_save_free_info+0x3f/0x60 [ 24.622515] __kasan_slab_free+0x56/0x70 [ 24.623396] kfree+0x123/0x3f0 [ 24.623722] kmalloc_uaf_memset+0x12c/0x360 [ 24.624446] kunit_try_run_case+0x1b3/0x490 [ 24.625042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.625489] kthread+0x257/0x310 [ 24.625844] ret_from_fork+0x41/0x80 [ 24.626634] ret_from_fork_asm+0x1a/0x30 [ 24.627011] [ 24.627691] The buggy address belongs to the object at ffff888102952d00 [ 24.627691] which belongs to the cache kmalloc-64 of size 64 [ 24.629392] The buggy address is located 0 bytes inside of [ 24.629392] freed 64-byte region [ffff888102952d00, ffff888102952d40) [ 24.631208] [ 24.631413] The buggy address belongs to the physical page: [ 24.631835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102952 [ 24.632801] flags: 0x200000000000000(node=0|zone=2) [ 24.633359] page_type: f5(slab) [ 24.633778] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.635225] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.636224] page dumped because: kasan: bad access detected [ 24.636703] [ 24.636964] Memory state around the buggy address: [ 24.637553] ffff888102952c00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 24.638700] ffff888102952c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.639074] >ffff888102952d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.639427] ^ [ 24.640349] ffff888102952d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.640970] ffff888102952e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.642067] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 24.456672] ================================================================== [ 24.457729] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 24.458640] Read of size 64 at addr ffff888102402a84 by task kunit_try_catch/189 [ 24.459967] [ 24.460443] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.461953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.462178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.462924] Call Trace: [ 24.463371] <TASK> [ 24.464179] dump_stack_lvl+0x73/0xb0 [ 24.465035] print_report+0xd1/0x640 [ 24.465575] ? __virt_addr_valid+0x1db/0x2d0 [ 24.465907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.466906] kasan_report+0x102/0x140 [ 24.467215] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 24.467883] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 24.468745] kasan_check_range+0x10c/0x1c0 [ 24.469621] __asan_memmove+0x27/0x70 [ 24.470355] kmalloc_memmove_invalid_size+0x170/0x330 [ 24.470953] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 24.471561] ? __schedule+0xc70/0x27e0 [ 24.472080] ? __pfx_read_tsc+0x10/0x10 [ 24.472516] ? ktime_get_ts64+0x86/0x230 [ 24.472951] kunit_try_run_case+0x1b3/0x490 [ 24.473645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.474039] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.475714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.477021] ? __kthread_parkme+0x82/0x160 [ 24.477478] ? preempt_count_sub+0x50/0x80 [ 24.478399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.479018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.480026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.480965] kthread+0x257/0x310 [ 24.481765] ? __pfx_kthread+0x10/0x10 [ 24.482511] ret_from_fork+0x41/0x80 [ 24.483053] ? __pfx_kthread+0x10/0x10 [ 24.483883] ret_from_fork_asm+0x1a/0x30 [ 24.484980] </TASK> [ 24.485446] [ 24.485951] Allocated by task 189: [ 24.487012] kasan_save_stack+0x3d/0x60 [ 24.488018] kasan_save_track+0x18/0x40 [ 24.488761] kasan_save_alloc_info+0x3b/0x50 [ 24.489162] __kasan_kmalloc+0xb7/0xc0 [ 24.489643] __kmalloc_cache_noprof+0x184/0x410 [ 24.490580] kmalloc_memmove_invalid_size+0xad/0x330 [ 24.491564] kunit_try_run_case+0x1b3/0x490 [ 24.491958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.493095] kthread+0x257/0x310 [ 24.493413] ret_from_fork+0x41/0x80 [ 24.494122] ret_from_fork_asm+0x1a/0x30 [ 24.494523] [ 24.494786] The buggy address belongs to the object at ffff888102402a80 [ 24.494786] which belongs to the cache kmalloc-64 of size 64 [ 24.496490] The buggy address is located 4 bytes inside of [ 24.496490] allocated 64-byte region [ffff888102402a80, ffff888102402ac0) [ 24.498149] [ 24.498320] The buggy address belongs to the physical page: [ 24.500047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102402 [ 24.500974] flags: 0x200000000000000(node=0|zone=2) [ 24.501693] page_type: f5(slab) [ 24.502440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.503620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.504473] page dumped because: kasan: bad access detected [ 24.505726] [ 24.505942] Memory state around the buggy address: [ 24.506474] ffff888102402980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.507828] ffff888102402a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.508582] >ffff888102402a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.509259] ^ [ 24.510666] ffff888102402b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.511484] ffff888102402b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.512526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 24.400829] ================================================================== [ 24.401931] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 24.402652] Read of size 18446744073709551614 at addr ffff888102402a04 by task kunit_try_catch/187 [ 24.404153] [ 24.404892] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.405955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.406620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.407426] Call Trace: [ 24.407722] <TASK> [ 24.407997] dump_stack_lvl+0x73/0xb0 [ 24.408700] print_report+0xd1/0x640 [ 24.409044] ? __virt_addr_valid+0x1db/0x2d0 [ 24.409405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.410361] kasan_report+0x102/0x140 [ 24.410755] ? kmalloc_memmove_negative_size+0x172/0x330 [ 24.411886] ? kmalloc_memmove_negative_size+0x172/0x330 [ 24.412673] kasan_check_range+0x10c/0x1c0 [ 24.413446] __asan_memmove+0x27/0x70 [ 24.414030] kmalloc_memmove_negative_size+0x172/0x330 [ 24.414862] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 24.415804] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 24.417027] kunit_try_run_case+0x1b3/0x490 [ 24.417704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.418137] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.419064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.419797] ? __kthread_parkme+0x82/0x160 [ 24.420834] ? preempt_count_sub+0x50/0x80 [ 24.421480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.422325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.423100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.423641] kthread+0x257/0x310 [ 24.424103] ? __pfx_kthread+0x10/0x10 [ 24.424639] ret_from_fork+0x41/0x80 [ 24.425384] ? __pfx_kthread+0x10/0x10 [ 24.425752] ret_from_fork_asm+0x1a/0x30 [ 24.426243] </TASK> [ 24.426673] [ 24.426832] Allocated by task 187: [ 24.427717] kasan_save_stack+0x3d/0x60 [ 24.428078] kasan_save_track+0x18/0x40 [ 24.429006] kasan_save_alloc_info+0x3b/0x50 [ 24.429575] __kasan_kmalloc+0xb7/0xc0 [ 24.430066] __kmalloc_cache_noprof+0x184/0x410 [ 24.430961] kmalloc_memmove_negative_size+0xad/0x330 [ 24.431543] kunit_try_run_case+0x1b3/0x490 [ 24.432266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.432923] kthread+0x257/0x310 [ 24.433564] ret_from_fork+0x41/0x80 [ 24.434004] ret_from_fork_asm+0x1a/0x30 [ 24.434675] [ 24.435202] The buggy address belongs to the object at ffff888102402a00 [ 24.435202] which belongs to the cache kmalloc-64 of size 64 [ 24.436317] The buggy address is located 4 bytes inside of [ 24.436317] 64-byte region [ffff888102402a00, ffff888102402a40) [ 24.437925] [ 24.438542] The buggy address belongs to the physical page: [ 24.439067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102402 [ 24.440126] flags: 0x200000000000000(node=0|zone=2) [ 24.441000] page_type: f5(slab) [ 24.441280] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.442425] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.443111] page dumped because: kasan: bad access detected [ 24.443910] [ 24.444095] Memory state around the buggy address: [ 24.445101] ffff888102402900: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 24.445965] ffff888102402980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.446696] >ffff888102402a00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 24.447622] ^ [ 24.448115] ffff888102402a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.449445] ffff888102402b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.450191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset
[ 24.153670] ================================================================== [ 24.155133] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 24.156062] Write of size 2 at addr ffff888102957177 by task kunit_try_catch/179 [ 24.157285] [ 24.157561] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.159148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.159712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.160966] Call Trace: [ 24.161328] <TASK> [ 24.161990] dump_stack_lvl+0x73/0xb0 [ 24.162677] print_report+0xd1/0x640 [ 24.163419] ? __virt_addr_valid+0x1db/0x2d0 [ 24.164331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.165128] kasan_report+0x102/0x140 [ 24.165830] ? kmalloc_oob_memset_2+0x167/0x330 [ 24.166315] ? kmalloc_oob_memset_2+0x167/0x330 [ 24.166783] kasan_check_range+0x10c/0x1c0 [ 24.167175] __asan_memset+0x27/0x50 [ 24.168528] kmalloc_oob_memset_2+0x167/0x330 [ 24.168997] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 24.169895] ? __schedule+0xc70/0x27e0 [ 24.170422] ? __pfx_read_tsc+0x10/0x10 [ 24.171139] ? ktime_get_ts64+0x86/0x230 [ 24.171698] kunit_try_run_case+0x1b3/0x490 [ 24.172120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.173047] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.173839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.174552] ? __kthread_parkme+0x82/0x160 [ 24.175390] ? preempt_count_sub+0x50/0x80 [ 24.176438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.176963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.177865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.178952] kthread+0x257/0x310 [ 24.179286] ? __pfx_kthread+0x10/0x10 [ 24.180072] ret_from_fork+0x41/0x80 [ 24.180859] ? __pfx_kthread+0x10/0x10 [ 24.181290] ret_from_fork_asm+0x1a/0x30 [ 24.182089] </TASK> [ 24.182578] [ 24.182771] Allocated by task 179: [ 24.183763] kasan_save_stack+0x3d/0x60 [ 24.184324] kasan_save_track+0x18/0x40 [ 24.184707] kasan_save_alloc_info+0x3b/0x50 [ 24.185591] __kasan_kmalloc+0xb7/0xc0 [ 24.186432] __kmalloc_cache_noprof+0x184/0x410 [ 24.186736] kmalloc_oob_memset_2+0xad/0x330 [ 24.187246] kunit_try_run_case+0x1b3/0x490 [ 24.188281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.189006] kthread+0x257/0x310 [ 24.189180] ret_from_fork+0x41/0x80 [ 24.190469] ret_from_fork_asm+0x1a/0x30 [ 24.191583] [ 24.192176] The buggy address belongs to the object at ffff888102957100 [ 24.192176] which belongs to the cache kmalloc-128 of size 128 [ 24.193795] The buggy address is located 119 bytes inside of [ 24.193795] allocated 120-byte region [ffff888102957100, ffff888102957178) [ 24.195478] [ 24.195693] The buggy address belongs to the physical page: [ 24.196605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102957 [ 24.197987] flags: 0x200000000000000(node=0|zone=2) [ 24.198489] page_type: f5(slab) [ 24.199369] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.200393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.201336] page dumped because: kasan: bad access detected [ 24.201871] [ 24.202683] Memory state around the buggy address: [ 24.203284] ffff888102957000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.204347] ffff888102957080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.205219] >ffff888102957100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.206491] ^ [ 24.207837] ffff888102957180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.208701] ffff888102957200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.209771] ================================================================== [ 24.339608] ================================================================== [ 24.340820] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 24.342348] Write of size 16 at addr ffff888102406869 by task kunit_try_catch/185 [ 24.343531] [ 24.343722] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.345267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.346309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.347488] Call Trace: [ 24.348347] <TASK> [ 24.348655] dump_stack_lvl+0x73/0xb0 [ 24.349085] print_report+0xd1/0x640 [ 24.349759] ? __virt_addr_valid+0x1db/0x2d0 [ 24.350781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.351714] kasan_report+0x102/0x140 [ 24.352515] ? kmalloc_oob_memset_16+0x167/0x330 [ 24.353172] ? kmalloc_oob_memset_16+0x167/0x330 [ 24.353500] kasan_check_range+0x10c/0x1c0 [ 24.354758] __asan_memset+0x27/0x50 [ 24.355405] kmalloc_oob_memset_16+0x167/0x330 [ 24.355829] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 24.356284] ? __schedule+0xc70/0x27e0 [ 24.356716] ? __pfx_read_tsc+0x10/0x10 [ 24.357143] ? ktime_get_ts64+0x86/0x230 [ 24.358214] kunit_try_run_case+0x1b3/0x490 [ 24.358974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.359373] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.360446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.361092] ? __kthread_parkme+0x82/0x160 [ 24.361852] ? preempt_count_sub+0x50/0x80 [ 24.362368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.363415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.364206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.364886] kthread+0x257/0x310 [ 24.365476] ? __pfx_kthread+0x10/0x10 [ 24.366147] ret_from_fork+0x41/0x80 [ 24.366709] ? __pfx_kthread+0x10/0x10 [ 24.367181] ret_from_fork_asm+0x1a/0x30 [ 24.368216] </TASK> [ 24.368575] [ 24.368841] Allocated by task 185: [ 24.369240] kasan_save_stack+0x3d/0x60 [ 24.370189] kasan_save_track+0x18/0x40 [ 24.370959] kasan_save_alloc_info+0x3b/0x50 [ 24.371730] __kasan_kmalloc+0xb7/0xc0 [ 24.372407] __kmalloc_cache_noprof+0x184/0x410 [ 24.373217] kmalloc_oob_memset_16+0xad/0x330 [ 24.374457] kunit_try_run_case+0x1b3/0x490 [ 24.374824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.375398] kthread+0x257/0x310 [ 24.375742] ret_from_fork+0x41/0x80 [ 24.376908] ret_from_fork_asm+0x1a/0x30 [ 24.377317] [ 24.377722] The buggy address belongs to the object at ffff888102406800 [ 24.377722] which belongs to the cache kmalloc-128 of size 128 [ 24.378862] The buggy address is located 105 bytes inside of [ 24.378862] allocated 120-byte region [ffff888102406800, ffff888102406878) [ 24.380950] [ 24.381215] The buggy address belongs to the physical page: [ 24.382195] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102406 [ 24.383106] flags: 0x200000000000000(node=0|zone=2) [ 24.383811] page_type: f5(slab) [ 24.384313] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.385189] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.385938] page dumped because: kasan: bad access detected [ 24.386822] [ 24.387078] Memory state around the buggy address: [ 24.387424] ffff888102406700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.389100] ffff888102406780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.389749] >ffff888102406800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.390674] ^ [ 24.391799] ffff888102406880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.392284] ffff888102406900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.393615] ================================================================== [ 24.216897] ================================================================== [ 24.218189] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 24.219958] Write of size 4 at addr ffff888102406575 by task kunit_try_catch/181 [ 24.221630] [ 24.222072] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.223520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.224375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.225184] Call Trace: [ 24.225575] <TASK> [ 24.226075] dump_stack_lvl+0x73/0xb0 [ 24.226695] print_report+0xd1/0x640 [ 24.227178] ? __virt_addr_valid+0x1db/0x2d0 [ 24.228134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.229139] kasan_report+0x102/0x140 [ 24.229863] ? kmalloc_oob_memset_4+0x167/0x330 [ 24.230581] ? kmalloc_oob_memset_4+0x167/0x330 [ 24.231336] kasan_check_range+0x10c/0x1c0 [ 24.231798] __asan_memset+0x27/0x50 [ 24.232791] kmalloc_oob_memset_4+0x167/0x330 [ 24.233680] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 24.234148] ? __schedule+0xc70/0x27e0 [ 24.235039] ? __pfx_read_tsc+0x10/0x10 [ 24.235750] ? ktime_get_ts64+0x86/0x230 [ 24.236539] kunit_try_run_case+0x1b3/0x490 [ 24.237621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.238140] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.239049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.240007] ? __kthread_parkme+0x82/0x160 [ 24.240546] ? preempt_count_sub+0x50/0x80 [ 24.242006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.242719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.243557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.244502] kthread+0x257/0x310 [ 24.245541] ? __pfx_kthread+0x10/0x10 [ 24.246075] ret_from_fork+0x41/0x80 [ 24.246607] ? __pfx_kthread+0x10/0x10 [ 24.247171] ret_from_fork_asm+0x1a/0x30 [ 24.247691] </TASK> [ 24.248824] [ 24.248989] Allocated by task 181: [ 24.249539] kasan_save_stack+0x3d/0x60 [ 24.250672] kasan_save_track+0x18/0x40 [ 24.251473] kasan_save_alloc_info+0x3b/0x50 [ 24.252730] __kasan_kmalloc+0xb7/0xc0 [ 24.253574] __kmalloc_cache_noprof+0x184/0x410 [ 24.254715] kmalloc_oob_memset_4+0xad/0x330 [ 24.255960] kunit_try_run_case+0x1b3/0x490 [ 24.256752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.257779] kthread+0x257/0x310 [ 24.258499] ret_from_fork+0x41/0x80 [ 24.259119] ret_from_fork_asm+0x1a/0x30 [ 24.259904] [ 24.260345] The buggy address belongs to the object at ffff888102406500 [ 24.260345] which belongs to the cache kmalloc-128 of size 128 [ 24.262174] The buggy address is located 117 bytes inside of [ 24.262174] allocated 120-byte region [ffff888102406500, ffff888102406578) [ 24.264309] [ 24.264783] The buggy address belongs to the physical page: [ 24.265738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102406 [ 24.267379] flags: 0x200000000000000(node=0|zone=2) [ 24.268499] page_type: f5(slab) [ 24.268798] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.269967] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.271014] page dumped because: kasan: bad access detected [ 24.271402] [ 24.271867] Memory state around the buggy address: [ 24.272336] ffff888102406400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.273892] ffff888102406480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.275409] >ffff888102406500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.276597] ^ [ 24.277525] ffff888102406580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.277813] ffff888102406600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.278090] ================================================================== [ 24.284866] ================================================================== [ 24.286083] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 24.287220] Write of size 8 at addr ffff888102406771 by task kunit_try_catch/183 [ 24.288271] [ 24.288491] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.289540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.289982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.290691] Call Trace: [ 24.291026] <TASK> [ 24.291366] dump_stack_lvl+0x73/0xb0 [ 24.292085] print_report+0xd1/0x640 [ 24.292461] ? __virt_addr_valid+0x1db/0x2d0 [ 24.293415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.294074] kasan_report+0x102/0x140 [ 24.294528] ? kmalloc_oob_memset_8+0x167/0x330 [ 24.295431] ? kmalloc_oob_memset_8+0x167/0x330 [ 24.295766] kasan_check_range+0x10c/0x1c0 [ 24.296717] __asan_memset+0x27/0x50 [ 24.297223] kmalloc_oob_memset_8+0x167/0x330 [ 24.297606] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 24.298540] ? __schedule+0xc70/0x27e0 [ 24.299094] ? __pfx_read_tsc+0x10/0x10 [ 24.299573] ? ktime_get_ts64+0x86/0x230 [ 24.300036] kunit_try_run_case+0x1b3/0x490 [ 24.300589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.300995] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.301708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.302207] ? __kthread_parkme+0x82/0x160 [ 24.302707] ? preempt_count_sub+0x50/0x80 [ 24.303800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.304240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.304798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.305598] kthread+0x257/0x310 [ 24.306107] ? __pfx_kthread+0x10/0x10 [ 24.306540] ret_from_fork+0x41/0x80 [ 24.307274] ? __pfx_kthread+0x10/0x10 [ 24.308108] ret_from_fork_asm+0x1a/0x30 [ 24.308579] </TASK> [ 24.309008] [ 24.309562] Allocated by task 183: [ 24.309803] kasan_save_stack+0x3d/0x60 [ 24.310409] kasan_save_track+0x18/0x40 [ 24.311425] kasan_save_alloc_info+0x3b/0x50 [ 24.311846] __kasan_kmalloc+0xb7/0xc0 [ 24.312279] __kmalloc_cache_noprof+0x184/0x410 [ 24.313224] kmalloc_oob_memset_8+0xad/0x330 [ 24.313770] kunit_try_run_case+0x1b3/0x490 [ 24.314627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.315484] kthread+0x257/0x310 [ 24.316120] ret_from_fork+0x41/0x80 [ 24.316520] ret_from_fork_asm+0x1a/0x30 [ 24.317357] [ 24.317775] The buggy address belongs to the object at ffff888102406700 [ 24.317775] which belongs to the cache kmalloc-128 of size 128 [ 24.318875] The buggy address is located 113 bytes inside of [ 24.318875] allocated 120-byte region [ffff888102406700, ffff888102406778) [ 24.320362] [ 24.320782] The buggy address belongs to the physical page: [ 24.321377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102406 [ 24.322336] flags: 0x200000000000000(node=0|zone=2) [ 24.322688] page_type: f5(slab) [ 24.323180] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.323855] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.324588] page dumped because: kasan: bad access detected [ 24.325324] [ 24.325580] Memory state around the buggy address: [ 24.326358] ffff888102406600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.327329] ffff888102406680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.328277] >ffff888102406700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.329607] ^ [ 24.330448] ffff888102406780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.331608] ffff888102406800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.332347] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 24.107601] ================================================================== [ 24.108794] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 24.109442] Write of size 128 at addr ffff888102954f00 by task kunit_try_catch/177 [ 24.110424] [ 24.110559] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.111812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.112527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.113410] Call Trace: [ 24.113669] <TASK> [ 24.114012] dump_stack_lvl+0x73/0xb0 [ 24.114562] print_report+0xd1/0x640 [ 24.115075] ? __virt_addr_valid+0x1db/0x2d0 [ 24.115545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.116332] kasan_report+0x102/0x140 [ 24.116726] ? kmalloc_oob_in_memset+0x160/0x320 [ 24.117387] ? kmalloc_oob_in_memset+0x160/0x320 [ 24.117847] kasan_check_range+0x10c/0x1c0 [ 24.118414] __asan_memset+0x27/0x50 [ 24.118927] kmalloc_oob_in_memset+0x160/0x320 [ 24.119419] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 24.120108] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 24.120558] kunit_try_run_case+0x1b3/0x490 [ 24.121104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.121519] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.121903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.122335] ? __kthread_parkme+0x82/0x160 [ 24.122925] ? preempt_count_sub+0x50/0x80 [ 24.123457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.123892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.124441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.124952] kthread+0x257/0x310 [ 24.125283] ? __pfx_kthread+0x10/0x10 [ 24.125713] ret_from_fork+0x41/0x80 [ 24.126122] ? __pfx_kthread+0x10/0x10 [ 24.126481] ret_from_fork_asm+0x1a/0x30 [ 24.127079] </TASK> [ 24.127495] [ 24.128396] Allocated by task 177: [ 24.128667] kasan_save_stack+0x3d/0x60 [ 24.129266] kasan_save_track+0x18/0x40 [ 24.129888] kasan_save_alloc_info+0x3b/0x50 [ 24.130358] __kasan_kmalloc+0xb7/0xc0 [ 24.130893] __kmalloc_cache_noprof+0x184/0x410 [ 24.131433] kmalloc_oob_in_memset+0xad/0x320 [ 24.131978] kunit_try_run_case+0x1b3/0x490 [ 24.132453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.133150] kthread+0x257/0x310 [ 24.133621] ret_from_fork+0x41/0x80 [ 24.133927] ret_from_fork_asm+0x1a/0x30 [ 24.134504] [ 24.134871] The buggy address belongs to the object at ffff888102954f00 [ 24.134871] which belongs to the cache kmalloc-128 of size 128 [ 24.135952] The buggy address is located 0 bytes inside of [ 24.135952] allocated 120-byte region [ffff888102954f00, ffff888102954f78) [ 24.137115] [ 24.137403] The buggy address belongs to the physical page: [ 24.137953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 24.138703] flags: 0x200000000000000(node=0|zone=2) [ 24.139204] page_type: f5(slab) [ 24.139697] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.140555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.141284] page dumped because: kasan: bad access detected [ 24.142005] [ 24.142192] Memory state around the buggy address: [ 24.142652] ffff888102954e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.143416] ffff888102954e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.144175] >ffff888102954f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.144835] ^ [ 24.145497] ffff888102954f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.146097] ffff888102955000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.146910] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 24.519526] ================================================================== [ 24.520716] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 24.521566] Read of size 1 at addr ffff888101b7dca8 by task kunit_try_catch/191 [ 24.522103] [ 24.522437] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.523485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.523903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.524741] Call Trace: [ 24.525400] <TASK> [ 24.525709] dump_stack_lvl+0x73/0xb0 [ 24.526454] print_report+0xd1/0x640 [ 24.526860] ? __virt_addr_valid+0x1db/0x2d0 [ 24.527558] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.528381] kasan_report+0x102/0x140 [ 24.528923] ? kmalloc_uaf+0x322/0x380 [ 24.529313] ? kmalloc_uaf+0x322/0x380 [ 24.530120] __asan_report_load1_noabort+0x18/0x20 [ 24.530819] kmalloc_uaf+0x322/0x380 [ 24.531354] ? __pfx_kmalloc_uaf+0x10/0x10 [ 24.531927] ? __schedule+0xc70/0x27e0 [ 24.532669] ? __pfx_read_tsc+0x10/0x10 [ 24.533128] ? ktime_get_ts64+0x86/0x230 [ 24.533945] kunit_try_run_case+0x1b3/0x490 [ 24.534553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.535310] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.535854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.536543] ? __kthread_parkme+0x82/0x160 [ 24.536972] ? preempt_count_sub+0x50/0x80 [ 24.537659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.538402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.539045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.539860] kthread+0x257/0x310 [ 24.540502] ? __pfx_kthread+0x10/0x10 [ 24.541028] ret_from_fork+0x41/0x80 [ 24.541634] ? __pfx_kthread+0x10/0x10 [ 24.542042] ret_from_fork_asm+0x1a/0x30 [ 24.542678] </TASK> [ 24.542990] [ 24.543386] Allocated by task 191: [ 24.543852] kasan_save_stack+0x3d/0x60 [ 24.544338] kasan_save_track+0x18/0x40 [ 24.544967] kasan_save_alloc_info+0x3b/0x50 [ 24.545659] __kasan_kmalloc+0xb7/0xc0 [ 24.546094] __kmalloc_cache_noprof+0x184/0x410 [ 24.547108] kmalloc_uaf+0xab/0x380 [ 24.547586] kunit_try_run_case+0x1b3/0x490 [ 24.548544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.549506] kthread+0x257/0x310 [ 24.550023] ret_from_fork+0x41/0x80 [ 24.551058] ret_from_fork_asm+0x1a/0x30 [ 24.551971] [ 24.552810] Freed by task 191: [ 24.553815] kasan_save_stack+0x3d/0x60 [ 24.554234] kasan_save_track+0x18/0x40 [ 24.554995] kasan_save_free_info+0x3f/0x60 [ 24.555775] __kasan_slab_free+0x56/0x70 [ 24.556628] kfree+0x123/0x3f0 [ 24.557375] kmalloc_uaf+0x12d/0x380 [ 24.557895] kunit_try_run_case+0x1b3/0x490 [ 24.559046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.559750] kthread+0x257/0x310 [ 24.560140] ret_from_fork+0x41/0x80 [ 24.560569] ret_from_fork_asm+0x1a/0x30 [ 24.561786] [ 24.561977] The buggy address belongs to the object at ffff888101b7dca0 [ 24.561977] which belongs to the cache kmalloc-16 of size 16 [ 24.563478] The buggy address is located 8 bytes inside of [ 24.563478] freed 16-byte region [ffff888101b7dca0, ffff888101b7dcb0) [ 24.564681] [ 24.565490] The buggy address belongs to the physical page: [ 24.566112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b7d [ 24.567435] flags: 0x200000000000000(node=0|zone=2) [ 24.567903] page_type: f5(slab) [ 24.568696] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.569730] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.570749] page dumped because: kasan: bad access detected [ 24.571610] [ 24.571803] Memory state around the buggy address: [ 24.572554] ffff888101b7db80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.573654] ffff888101b7dc00: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.574558] >ffff888101b7dc80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 24.575652] ^ [ 24.576042] ffff888101b7dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.576957] ffff888101b7dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.578016] ================================================================== [ 24.039072] ================================================================== [ 24.040464] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 24.041989] Read of size 16 at addr ffff888101b7dc80 by task kunit_try_catch/175 [ 24.043023] [ 24.043265] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.044374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.044725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.046419] Call Trace: [ 24.046708] <TASK> [ 24.047824] dump_stack_lvl+0x73/0xb0 [ 24.049146] print_report+0xd1/0x640 [ 24.049719] ? __virt_addr_valid+0x1db/0x2d0 [ 24.050967] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.051376] kasan_report+0x102/0x140 [ 24.052040] ? kmalloc_uaf_16+0x47d/0x4c0 [ 24.052637] ? kmalloc_uaf_16+0x47d/0x4c0 [ 24.053489] __asan_report_load16_noabort+0x18/0x20 [ 24.054584] kmalloc_uaf_16+0x47d/0x4c0 [ 24.055035] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 24.056139] ? __schedule+0xc70/0x27e0 [ 24.056792] ? __pfx_read_tsc+0x10/0x10 [ 24.057640] ? ktime_get_ts64+0x86/0x230 [ 24.058805] kunit_try_run_case+0x1b3/0x490 [ 24.059194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.059780] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.060275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.060732] ? __kthread_parkme+0x82/0x160 [ 24.062120] ? preempt_count_sub+0x50/0x80 [ 24.063485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.063870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.065339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.066406] kthread+0x257/0x310 [ 24.066777] ? __pfx_kthread+0x10/0x10 [ 24.067745] ret_from_fork+0x41/0x80 [ 24.068745] ? __pfx_kthread+0x10/0x10 [ 24.069007] ret_from_fork_asm+0x1a/0x30 [ 24.069563] </TASK> [ 24.069865] [ 24.070040] Allocated by task 175: [ 24.071994] kasan_save_stack+0x3d/0x60 [ 24.072574] kasan_save_track+0x18/0x40 [ 24.072926] kasan_save_alloc_info+0x3b/0x50 [ 24.073233] __kasan_kmalloc+0xb7/0xc0 [ 24.074003] __kmalloc_cache_noprof+0x184/0x410 [ 24.075004] kmalloc_uaf_16+0x15c/0x4c0 [ 24.075266] kunit_try_run_case+0x1b3/0x490 [ 24.076533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.077002] kthread+0x257/0x310 [ 24.077460] ret_from_fork+0x41/0x80 [ 24.077878] ret_from_fork_asm+0x1a/0x30 [ 24.078527] [ 24.078729] Freed by task 175: [ 24.078993] kasan_save_stack+0x3d/0x60 [ 24.080194] kasan_save_track+0x18/0x40 [ 24.080604] kasan_save_free_info+0x3f/0x60 [ 24.081160] __kasan_slab_free+0x56/0x70 [ 24.081647] kfree+0x123/0x3f0 [ 24.082055] kmalloc_uaf_16+0x1d7/0x4c0 [ 24.082658] kunit_try_run_case+0x1b3/0x490 [ 24.083023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.083394] kthread+0x257/0x310 [ 24.084613] ret_from_fork+0x41/0x80 [ 24.085048] ret_from_fork_asm+0x1a/0x30 [ 24.085358] [ 24.085777] The buggy address belongs to the object at ffff888101b7dc80 [ 24.085777] which belongs to the cache kmalloc-16 of size 16 [ 24.087670] The buggy address is located 0 bytes inside of [ 24.087670] freed 16-byte region [ffff888101b7dc80, ffff888101b7dc90) [ 24.088886] [ 24.089154] The buggy address belongs to the physical page: [ 24.090024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b7d [ 24.090574] flags: 0x200000000000000(node=0|zone=2) [ 24.091875] page_type: f5(slab) [ 24.092577] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.093152] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.093890] page dumped because: kasan: bad access detected [ 24.094236] [ 24.094612] Memory state around the buggy address: [ 24.095143] ffff888101b7db80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.096158] ffff888101b7dc00: 00 05 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 24.096847] >ffff888101b7dc80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.098317] ^ [ 24.098621] ffff888101b7dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.100107] ffff888101b7dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.100485] ================================================================== [ 24.648825] ================================================================== [ 24.650485] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 24.651347] Read of size 1 at addr ffff888102402ca8 by task kunit_try_catch/195 [ 24.652549] [ 24.653352] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.654771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.655157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.656791] Call Trace: [ 24.657086] <TASK> [ 24.657502] dump_stack_lvl+0x73/0xb0 [ 24.657806] print_report+0xd1/0x640 [ 24.658373] ? __virt_addr_valid+0x1db/0x2d0 [ 24.659182] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.660750] kasan_report+0x102/0x140 [ 24.661375] ? kmalloc_uaf2+0x4aa/0x520 [ 24.661765] ? kmalloc_uaf2+0x4aa/0x520 [ 24.662471] __asan_report_load1_noabort+0x18/0x20 [ 24.663801] kmalloc_uaf2+0x4aa/0x520 [ 24.664946] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 24.665674] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.666622] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 24.667374] kunit_try_run_case+0x1b3/0x490 [ 24.667844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.669258] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.670184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.671133] ? __kthread_parkme+0x82/0x160 [ 24.671761] ? preempt_count_sub+0x50/0x80 [ 24.672762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.673455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.674235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.675391] kthread+0x257/0x310 [ 24.675779] ? __pfx_kthread+0x10/0x10 [ 24.676892] ret_from_fork+0x41/0x80 [ 24.677249] ? __pfx_kthread+0x10/0x10 [ 24.678082] ret_from_fork_asm+0x1a/0x30 [ 24.679096] </TASK> [ 24.679448] [ 24.679701] Allocated by task 195: [ 24.680095] kasan_save_stack+0x3d/0x60 [ 24.680608] kasan_save_track+0x18/0x40 [ 24.681614] kasan_save_alloc_info+0x3b/0x50 [ 24.682620] __kasan_kmalloc+0xb7/0xc0 [ 24.683035] __kmalloc_cache_noprof+0x184/0x410 [ 24.684112] kmalloc_uaf2+0xc7/0x520 [ 24.684521] kunit_try_run_case+0x1b3/0x490 [ 24.685013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.686455] kthread+0x257/0x310 [ 24.686698] ret_from_fork+0x41/0x80 [ 24.687760] ret_from_fork_asm+0x1a/0x30 [ 24.688649] [ 24.688755] Freed by task 195: [ 24.689212] kasan_save_stack+0x3d/0x60 [ 24.690480] kasan_save_track+0x18/0x40 [ 24.690751] kasan_save_free_info+0x3f/0x60 [ 24.691574] __kasan_slab_free+0x56/0x70 [ 24.692745] kfree+0x123/0x3f0 [ 24.693092] kmalloc_uaf2+0x14d/0x520 [ 24.693535] kunit_try_run_case+0x1b3/0x490 [ 24.694859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.695332] kthread+0x257/0x310 [ 24.695699] ret_from_fork+0x41/0x80 [ 24.696627] ret_from_fork_asm+0x1a/0x30 [ 24.696993] [ 24.697235] The buggy address belongs to the object at ffff888102402c80 [ 24.697235] which belongs to the cache kmalloc-64 of size 64 [ 24.698933] The buggy address is located 40 bytes inside of [ 24.698933] freed 64-byte region [ffff888102402c80, ffff888102402cc0) [ 24.700465] [ 24.700735] The buggy address belongs to the physical page: [ 24.702119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102402 [ 24.703070] flags: 0x200000000000000(node=0|zone=2) [ 24.703568] page_type: f5(slab) [ 24.704403] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.705055] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.705742] page dumped because: kasan: bad access detected [ 24.706834] [ 24.707200] Memory state around the buggy address: [ 24.708086] ffff888102402b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.708716] ffff888102402c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.710048] >ffff888102402c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.710760] ^ [ 24.711491] ffff888102402d00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 24.712049] ffff888102402d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.712776] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob
[ 23.973472] ================================================================== [ 23.975571] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 23.976871] Write of size 16 at addr ffff888101b7dc20 by task kunit_try_catch/173 [ 23.978249] [ 23.978448] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.979685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.980193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.981165] Call Trace: [ 23.981776] <TASK> [ 23.982033] dump_stack_lvl+0x73/0xb0 [ 23.983396] print_report+0xd1/0x640 [ 23.984497] ? __virt_addr_valid+0x1db/0x2d0 [ 23.984985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.985769] kasan_report+0x102/0x140 [ 23.986210] ? kmalloc_oob_16+0x454/0x4a0 [ 23.986897] ? kmalloc_oob_16+0x454/0x4a0 [ 23.987833] __asan_report_store16_noabort+0x1b/0x30 [ 23.988215] kmalloc_oob_16+0x454/0x4a0 [ 23.989670] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 23.990100] ? __schedule+0xc70/0x27e0 [ 23.990989] ? __pfx_read_tsc+0x10/0x10 [ 23.991558] ? ktime_get_ts64+0x86/0x230 [ 23.992443] kunit_try_run_case+0x1b3/0x490 [ 23.992895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.993701] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.994360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.995521] ? __kthread_parkme+0x82/0x160 [ 23.996521] ? preempt_count_sub+0x50/0x80 [ 23.997249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.998515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.999040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.999623] kthread+0x257/0x310 [ 24.000430] ? __pfx_kthread+0x10/0x10 [ 24.000977] ret_from_fork+0x41/0x80 [ 24.002087] ? __pfx_kthread+0x10/0x10 [ 24.003099] ret_from_fork_asm+0x1a/0x30 [ 24.003654] </TASK> [ 24.004428] [ 24.004663] Allocated by task 173: [ 24.005985] kasan_save_stack+0x3d/0x60 [ 24.006769] kasan_save_track+0x18/0x40 [ 24.007422] kasan_save_alloc_info+0x3b/0x50 [ 24.007754] __kasan_kmalloc+0xb7/0xc0 [ 24.008407] __kmalloc_cache_noprof+0x184/0x410 [ 24.009083] kmalloc_oob_16+0xa9/0x4a0 [ 24.010528] kunit_try_run_case+0x1b3/0x490 [ 24.011558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.012748] kthread+0x257/0x310 [ 24.013089] ret_from_fork+0x41/0x80 [ 24.013732] ret_from_fork_asm+0x1a/0x30 [ 24.014762] [ 24.015027] The buggy address belongs to the object at ffff888101b7dc20 [ 24.015027] which belongs to the cache kmalloc-16 of size 16 [ 24.016938] The buggy address is located 0 bytes inside of [ 24.016938] allocated 13-byte region [ffff888101b7dc20, ffff888101b7dc2d) [ 24.018683] [ 24.018922] The buggy address belongs to the physical page: [ 24.020064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b7d [ 24.021389] flags: 0x200000000000000(node=0|zone=2) [ 24.022170] page_type: f5(slab) [ 24.022558] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.024062] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.024823] page dumped because: kasan: bad access detected [ 24.025389] [ 24.025586] Memory state around the buggy address: [ 24.026628] ffff888101b7db00: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 24.027691] ffff888101b7db80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.028966] >ffff888101b7dc00: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 24.029769] ^ [ 24.030801] ffff888101b7dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.031792] ffff888101b7dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.032079] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 23.905690] ================================================================== [ 23.906764] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 23.907319] Read of size 1 at addr ffff8881003a0800 by task kunit_try_catch/171 [ 23.908217] [ 23.908427] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.909657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.910240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.910798] Call Trace: [ 23.911687] <TASK> [ 23.912072] dump_stack_lvl+0x73/0xb0 [ 23.912714] print_report+0xd1/0x640 [ 23.913118] ? __virt_addr_valid+0x1db/0x2d0 [ 23.913715] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.914468] kasan_report+0x102/0x140 [ 23.914754] ? krealloc_uaf+0x53e/0x5e0 [ 23.915684] ? krealloc_uaf+0x53e/0x5e0 [ 23.916547] __asan_report_load1_noabort+0x18/0x20 [ 23.916949] krealloc_uaf+0x53e/0x5e0 [ 23.918061] ? __pfx_krealloc_uaf+0x10/0x10 [ 23.918861] ? finish_task_switch.isra.0+0x153/0x700 [ 23.919788] ? __switch_to+0x5d9/0xf60 [ 23.920197] ? __schedule+0xc70/0x27e0 [ 23.920698] ? __pfx_read_tsc+0x10/0x10 [ 23.921130] ? ktime_get_ts64+0x86/0x230 [ 23.921572] kunit_try_run_case+0x1b3/0x490 [ 23.922040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.922556] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.923074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.924155] ? __kthread_parkme+0x82/0x160 [ 23.924501] ? preempt_count_sub+0x50/0x80 [ 23.925098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.925798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.926410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.926917] kthread+0x257/0x310 [ 23.927809] ? __pfx_kthread+0x10/0x10 [ 23.928355] ret_from_fork+0x41/0x80 [ 23.928676] ? __pfx_kthread+0x10/0x10 [ 23.929327] ret_from_fork_asm+0x1a/0x30 [ 23.929720] </TASK> [ 23.930360] [ 23.930535] Allocated by task 171: [ 23.930967] kasan_save_stack+0x3d/0x60 [ 23.931337] kasan_save_track+0x18/0x40 [ 23.931759] kasan_save_alloc_info+0x3b/0x50 [ 23.932192] __kasan_kmalloc+0xb7/0xc0 [ 23.932562] __kmalloc_cache_noprof+0x184/0x410 [ 23.933830] krealloc_uaf+0xbc/0x5e0 [ 23.934274] kunit_try_run_case+0x1b3/0x490 [ 23.934606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.935391] kthread+0x257/0x310 [ 23.935783] ret_from_fork+0x41/0x80 [ 23.936356] ret_from_fork_asm+0x1a/0x30 [ 23.936776] [ 23.937049] Freed by task 171: [ 23.937916] kasan_save_stack+0x3d/0x60 [ 23.938218] kasan_save_track+0x18/0x40 [ 23.938737] kasan_save_free_info+0x3f/0x60 [ 23.939446] __kasan_slab_free+0x56/0x70 [ 23.939780] kfree+0x123/0x3f0 [ 23.940179] krealloc_uaf+0x13e/0x5e0 [ 23.940663] kunit_try_run_case+0x1b3/0x490 [ 23.941320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.942241] kthread+0x257/0x310 [ 23.942711] ret_from_fork+0x41/0x80 [ 23.943165] ret_from_fork_asm+0x1a/0x30 [ 23.943698] [ 23.944015] The buggy address belongs to the object at ffff8881003a0800 [ 23.944015] which belongs to the cache kmalloc-256 of size 256 [ 23.944842] The buggy address is located 0 bytes inside of [ 23.944842] freed 256-byte region [ffff8881003a0800, ffff8881003a0900) [ 23.945950] [ 23.946151] The buggy address belongs to the physical page: [ 23.946613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.949100] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.949976] flags: 0x200000000000040(head|node=0|zone=2) [ 23.950804] page_type: f5(slab) [ 23.951085] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.952384] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.953389] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.954551] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.955587] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.956438] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.957686] page dumped because: kasan: bad access detected [ 23.958678] [ 23.958919] Memory state around the buggy address: [ 23.959821] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.961051] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.961698] >ffff8881003a0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.963006] ^ [ 23.964036] ffff8881003a0880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.964888] ffff8881003a0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.965485] ================================================================== [ 23.834931] ================================================================== [ 23.836972] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 23.838154] Read of size 1 at addr ffff8881003a0800 by task kunit_try_catch/171 [ 23.838828] [ 23.839063] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.841107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.841772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.843043] Call Trace: [ 23.843607] <TASK> [ 23.844120] dump_stack_lvl+0x73/0xb0 [ 23.845278] print_report+0xd1/0x640 [ 23.845665] ? __virt_addr_valid+0x1db/0x2d0 [ 23.846641] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.847193] kasan_report+0x102/0x140 [ 23.848193] ? krealloc_uaf+0x1b9/0x5e0 [ 23.849058] ? krealloc_uaf+0x1b9/0x5e0 [ 23.849859] ? krealloc_uaf+0x1b9/0x5e0 [ 23.850476] __kasan_check_byte+0x3d/0x50 [ 23.851203] krealloc_noprof+0x3f/0x340 [ 23.852235] krealloc_uaf+0x1b9/0x5e0 [ 23.852885] ? __pfx_krealloc_uaf+0x10/0x10 [ 23.853387] ? finish_task_switch.isra.0+0x153/0x700 [ 23.854275] ? __switch_to+0x5d9/0xf60 [ 23.854731] ? __schedule+0xc70/0x27e0 [ 23.855579] ? __pfx_read_tsc+0x10/0x10 [ 23.856481] ? ktime_get_ts64+0x86/0x230 [ 23.856991] kunit_try_run_case+0x1b3/0x490 [ 23.857732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.858620] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.859423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.860104] ? __kthread_parkme+0x82/0x160 [ 23.861287] ? preempt_count_sub+0x50/0x80 [ 23.861743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.862768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.863687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.865013] kthread+0x257/0x310 [ 23.865653] ? __pfx_kthread+0x10/0x10 [ 23.866444] ret_from_fork+0x41/0x80 [ 23.867029] ? __pfx_kthread+0x10/0x10 [ 23.867499] ret_from_fork_asm+0x1a/0x30 [ 23.868598] </TASK> [ 23.868886] [ 23.869066] Allocated by task 171: [ 23.869851] kasan_save_stack+0x3d/0x60 [ 23.870253] kasan_save_track+0x18/0x40 [ 23.870558] kasan_save_alloc_info+0x3b/0x50 [ 23.871717] __kasan_kmalloc+0xb7/0xc0 [ 23.872498] __kmalloc_cache_noprof+0x184/0x410 [ 23.872927] krealloc_uaf+0xbc/0x5e0 [ 23.873285] kunit_try_run_case+0x1b3/0x490 [ 23.873893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.874651] kthread+0x257/0x310 [ 23.875578] ret_from_fork+0x41/0x80 [ 23.876553] ret_from_fork_asm+0x1a/0x30 [ 23.877070] [ 23.877652] Freed by task 171: [ 23.878098] kasan_save_stack+0x3d/0x60 [ 23.878930] kasan_save_track+0x18/0x40 [ 23.879657] kasan_save_free_info+0x3f/0x60 [ 23.880814] __kasan_slab_free+0x56/0x70 [ 23.881755] kfree+0x123/0x3f0 [ 23.882476] krealloc_uaf+0x13e/0x5e0 [ 23.883903] kunit_try_run_case+0x1b3/0x490 [ 23.884172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.884548] kthread+0x257/0x310 [ 23.885246] ret_from_fork+0x41/0x80 [ 23.885721] ret_from_fork_asm+0x1a/0x30 [ 23.886108] [ 23.886340] The buggy address belongs to the object at ffff8881003a0800 [ 23.886340] which belongs to the cache kmalloc-256 of size 256 [ 23.888843] The buggy address is located 0 bytes inside of [ 23.888843] freed 256-byte region [ffff8881003a0800, ffff8881003a0900) [ 23.889765] [ 23.890138] The buggy address belongs to the physical page: [ 23.890606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.891284] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.892020] flags: 0x200000000000040(head|node=0|zone=2) [ 23.892583] page_type: f5(slab) [ 23.893007] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.893782] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.894369] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.895118] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.896667] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.897522] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.898040] page dumped because: kasan: bad access detected [ 23.898601] [ 23.898832] Memory state around the buggy address: [ 23.899341] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.900566] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.901356] >ffff8881003a0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.902132] ^ [ 23.902523] ffff8881003a0880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.903112] ffff8881003a0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.904258] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 23.274466] ================================================================== [ 23.275514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 23.277226] Write of size 1 at addr ffff8881003a06d0 by task kunit_try_catch/165 [ 23.278249] [ 23.278631] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.279428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.280002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.281090] Call Trace: [ 23.281563] <TASK> [ 23.282153] dump_stack_lvl+0x73/0xb0 [ 23.282588] print_report+0xd1/0x640 [ 23.283074] ? __virt_addr_valid+0x1db/0x2d0 [ 23.283650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.284167] kasan_report+0x102/0x140 [ 23.284577] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 23.285861] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 23.286314] __asan_report_store1_noabort+0x1b/0x30 [ 23.286842] krealloc_less_oob_helper+0xe25/0x11d0 [ 23.287967] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.288696] ? finish_task_switch.isra.0+0x153/0x700 [ 23.289550] ? __switch_to+0x5d9/0xf60 [ 23.290118] ? __schedule+0xc70/0x27e0 [ 23.290599] ? __pfx_read_tsc+0x10/0x10 [ 23.290998] krealloc_less_oob+0x1c/0x30 [ 23.291762] kunit_try_run_case+0x1b3/0x490 [ 23.292431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.293258] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.293846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.294451] ? __kthread_parkme+0x82/0x160 [ 23.295203] ? preempt_count_sub+0x50/0x80 [ 23.295722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.296270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.297063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.297577] kthread+0x257/0x310 [ 23.297898] ? __pfx_kthread+0x10/0x10 [ 23.298776] ret_from_fork+0x41/0x80 [ 23.299290] ? __pfx_kthread+0x10/0x10 [ 23.299940] ret_from_fork_asm+0x1a/0x30 [ 23.300522] </TASK> [ 23.300901] [ 23.301158] Allocated by task 165: [ 23.301576] kasan_save_stack+0x3d/0x60 [ 23.301939] kasan_save_track+0x18/0x40 [ 23.302500] kasan_save_alloc_info+0x3b/0x50 [ 23.303282] __kasan_krealloc+0x190/0x1f0 [ 23.304038] krealloc_noprof+0xf3/0x340 [ 23.304673] krealloc_less_oob_helper+0x1ab/0x11d0 [ 23.305694] krealloc_less_oob+0x1c/0x30 [ 23.306511] kunit_try_run_case+0x1b3/0x490 [ 23.307494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.308189] kthread+0x257/0x310 [ 23.308710] ret_from_fork+0x41/0x80 [ 23.309122] ret_from_fork_asm+0x1a/0x30 [ 23.309546] [ 23.309831] The buggy address belongs to the object at ffff8881003a0600 [ 23.309831] which belongs to the cache kmalloc-256 of size 256 [ 23.310838] The buggy address is located 7 bytes to the right of [ 23.310838] allocated 201-byte region [ffff8881003a0600, ffff8881003a06c9) [ 23.311934] [ 23.312231] The buggy address belongs to the physical page: [ 23.312898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.313619] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.314538] flags: 0x200000000000040(head|node=0|zone=2) [ 23.315165] page_type: f5(slab) [ 23.315572] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.316378] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.317103] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.317725] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.318646] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.319444] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.320259] page dumped because: kasan: bad access detected [ 23.320764] [ 23.321035] Memory state around the buggy address: [ 23.321571] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.322223] ffff8881003a0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.323180] >ffff8881003a0680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.323917] ^ [ 23.324409] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.325066] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.325834] ================================================================== [ 23.598824] ================================================================== [ 23.600499] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 23.601321] Write of size 1 at addr ffff88810239e0c9 by task kunit_try_catch/169 [ 23.602422] [ 23.602978] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.604552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.605150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.605973] Call Trace: [ 23.606339] <TASK> [ 23.606663] dump_stack_lvl+0x73/0xb0 [ 23.607259] print_report+0xd1/0x640 [ 23.607647] ? __virt_addr_valid+0x1db/0x2d0 [ 23.608387] ? kasan_addr_to_slab+0x11/0xa0 [ 23.609030] kasan_report+0x102/0x140 [ 23.609717] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 23.610414] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 23.611207] __asan_report_store1_noabort+0x1b/0x30 [ 23.611784] krealloc_less_oob_helper+0xd72/0x11d0 [ 23.612472] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.613406] ? finish_task_switch.isra.0+0x153/0x700 [ 23.614431] ? __switch_to+0x5d9/0xf60 [ 23.614849] ? __schedule+0xc70/0x27e0 [ 23.615434] ? __pfx_read_tsc+0x10/0x10 [ 23.616061] krealloc_large_less_oob+0x1c/0x30 [ 23.616556] kunit_try_run_case+0x1b3/0x490 [ 23.617338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.617895] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.618586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.619490] ? __kthread_parkme+0x82/0x160 [ 23.619803] ? preempt_count_sub+0x50/0x80 [ 23.620542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.621418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.622254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.622839] kthread+0x257/0x310 [ 23.623178] ? __pfx_kthread+0x10/0x10 [ 23.623645] ret_from_fork+0x41/0x80 [ 23.623997] ? __pfx_kthread+0x10/0x10 [ 23.625422] ret_from_fork_asm+0x1a/0x30 [ 23.626209] </TASK> [ 23.626688] [ 23.626859] The buggy address belongs to the physical page: [ 23.628054] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10239c [ 23.629049] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.630091] flags: 0x200000000000040(head|node=0|zone=2) [ 23.631101] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.632150] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.633316] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.633937] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.634954] head: 0200000000000002 ffffea000408e701 ffffffffffffffff 0000000000000000 [ 23.635877] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.637612] page dumped because: kasan: bad access detected [ 23.638039] [ 23.638277] Memory state around the buggy address: [ 23.639198] ffff88810239df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.640014] ffff88810239e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.640754] >ffff88810239e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.642121] ^ [ 23.643589] ffff88810239e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.644113] ffff88810239e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.645408] ================================================================== [ 23.738534] ================================================================== [ 23.739182] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 23.739683] Write of size 1 at addr ffff88810239e0ea by task kunit_try_catch/169 [ 23.740621] [ 23.740800] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.742461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.743089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.743955] Call Trace: [ 23.744552] <TASK> [ 23.744860] dump_stack_lvl+0x73/0xb0 [ 23.745192] print_report+0xd1/0x640 [ 23.745772] ? __virt_addr_valid+0x1db/0x2d0 [ 23.746597] ? kasan_addr_to_slab+0x11/0xa0 [ 23.747441] kasan_report+0x102/0x140 [ 23.747800] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 23.748567] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 23.749158] __asan_report_store1_noabort+0x1b/0x30 [ 23.749825] krealloc_less_oob_helper+0xe92/0x11d0 [ 23.750505] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.751125] ? finish_task_switch.isra.0+0x153/0x700 [ 23.751906] ? __switch_to+0x5d9/0xf60 [ 23.752430] ? __schedule+0xc70/0x27e0 [ 23.753914] ? __pfx_read_tsc+0x10/0x10 [ 23.754894] krealloc_large_less_oob+0x1c/0x30 [ 23.755410] kunit_try_run_case+0x1b3/0x490 [ 23.756068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.757178] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.757621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.758687] ? __kthread_parkme+0x82/0x160 [ 23.759132] ? preempt_count_sub+0x50/0x80 [ 23.759585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.760113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.760777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.761441] kthread+0x257/0x310 [ 23.762001] ? __pfx_kthread+0x10/0x10 [ 23.762518] ret_from_fork+0x41/0x80 [ 23.762996] ? __pfx_kthread+0x10/0x10 [ 23.763513] ret_from_fork_asm+0x1a/0x30 [ 23.763987] </TASK> [ 23.764541] [ 23.764846] The buggy address belongs to the physical page: [ 23.765461] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10239c [ 23.766421] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.767440] flags: 0x200000000000040(head|node=0|zone=2) [ 23.768052] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.768852] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.769853] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.770443] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.771161] head: 0200000000000002 ffffea000408e701 ffffffffffffffff 0000000000000000 [ 23.772219] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.772972] page dumped because: kasan: bad access detected [ 23.773583] [ 23.773903] Memory state around the buggy address: [ 23.774524] ffff88810239df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.775337] ffff88810239e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.775858] >ffff88810239e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.776632] ^ [ 23.777392] ffff88810239e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.778512] ffff88810239e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.779116] ================================================================== [ 23.328092] ================================================================== [ 23.328936] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 23.330408] Write of size 1 at addr ffff8881003a06da by task kunit_try_catch/165 [ 23.331798] [ 23.332246] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.333415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.334365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.335166] Call Trace: [ 23.335672] <TASK> [ 23.336344] dump_stack_lvl+0x73/0xb0 [ 23.336723] print_report+0xd1/0x640 [ 23.337811] ? __virt_addr_valid+0x1db/0x2d0 [ 23.338239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.339004] kasan_report+0x102/0x140 [ 23.339696] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 23.340291] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 23.341650] __asan_report_store1_noabort+0x1b/0x30 [ 23.342190] krealloc_less_oob_helper+0xec8/0x11d0 [ 23.343050] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.343559] ? finish_task_switch.isra.0+0x153/0x700 [ 23.344035] ? __switch_to+0x5d9/0xf60 [ 23.344858] ? __schedule+0xc70/0x27e0 [ 23.345166] ? __pfx_read_tsc+0x10/0x10 [ 23.345888] krealloc_less_oob+0x1c/0x30 [ 23.346348] kunit_try_run_case+0x1b3/0x490 [ 23.346970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.347434] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.348340] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.349095] ? __kthread_parkme+0x82/0x160 [ 23.349568] ? preempt_count_sub+0x50/0x80 [ 23.350331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.351083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.352011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.352647] kthread+0x257/0x310 [ 23.353482] ? __pfx_kthread+0x10/0x10 [ 23.354085] ret_from_fork+0x41/0x80 [ 23.354436] ? __pfx_kthread+0x10/0x10 [ 23.355140] ret_from_fork_asm+0x1a/0x30 [ 23.355509] </TASK> [ 23.355763] [ 23.356497] Allocated by task 165: [ 23.356874] kasan_save_stack+0x3d/0x60 [ 23.357418] kasan_save_track+0x18/0x40 [ 23.358119] kasan_save_alloc_info+0x3b/0x50 [ 23.359169] __kasan_krealloc+0x190/0x1f0 [ 23.359952] krealloc_noprof+0xf3/0x340 [ 23.360607] krealloc_less_oob_helper+0x1ab/0x11d0 [ 23.361517] krealloc_less_oob+0x1c/0x30 [ 23.362051] kunit_try_run_case+0x1b3/0x490 [ 23.362554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.363367] kthread+0x257/0x310 [ 23.363676] ret_from_fork+0x41/0x80 [ 23.364160] ret_from_fork_asm+0x1a/0x30 [ 23.364484] [ 23.365370] The buggy address belongs to the object at ffff8881003a0600 [ 23.365370] which belongs to the cache kmalloc-256 of size 256 [ 23.366675] The buggy address is located 17 bytes to the right of [ 23.366675] allocated 201-byte region [ffff8881003a0600, ffff8881003a06c9) [ 23.368600] [ 23.368869] The buggy address belongs to the physical page: [ 23.369777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.370592] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.371451] flags: 0x200000000000040(head|node=0|zone=2) [ 23.372221] page_type: f5(slab) [ 23.372593] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.373211] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.374072] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.374851] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.375634] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.376397] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.377126] page dumped because: kasan: bad access detected [ 23.377482] [ 23.377868] Memory state around the buggy address: [ 23.378411] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.379276] ffff8881003a0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.380416] >ffff8881003a0680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.381220] ^ [ 23.381657] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.382726] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.383425] ================================================================== [ 23.439498] ================================================================== [ 23.440845] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 23.441610] Write of size 1 at addr ffff8881003a06eb by task kunit_try_catch/165 [ 23.442756] [ 23.443232] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.445055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.445487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.445980] Call Trace: [ 23.446539] <TASK> [ 23.446969] dump_stack_lvl+0x73/0xb0 [ 23.447647] print_report+0xd1/0x640 [ 23.448567] ? __virt_addr_valid+0x1db/0x2d0 [ 23.449338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.450213] kasan_report+0x102/0x140 [ 23.450755] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 23.451440] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 23.452349] __asan_report_store1_noabort+0x1b/0x30 [ 23.452782] krealloc_less_oob_helper+0xd49/0x11d0 [ 23.453560] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.454277] ? finish_task_switch.isra.0+0x153/0x700 [ 23.454739] ? __switch_to+0x5d9/0xf60 [ 23.455610] ? __schedule+0xc70/0x27e0 [ 23.456374] ? __pfx_read_tsc+0x10/0x10 [ 23.457153] krealloc_less_oob+0x1c/0x30 [ 23.457499] kunit_try_run_case+0x1b3/0x490 [ 23.458373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.458988] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.459202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.459454] ? __kthread_parkme+0x82/0x160 [ 23.459650] ? preempt_count_sub+0x50/0x80 [ 23.459950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.460562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.461618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.462199] kthread+0x257/0x310 [ 23.462735] ? __pfx_kthread+0x10/0x10 [ 23.463231] ret_from_fork+0x41/0x80 [ 23.463668] ? __pfx_kthread+0x10/0x10 [ 23.464394] ret_from_fork_asm+0x1a/0x30 [ 23.464772] </TASK> [ 23.465047] [ 23.465499] Allocated by task 165: [ 23.465779] kasan_save_stack+0x3d/0x60 [ 23.466281] kasan_save_track+0x18/0x40 [ 23.466742] kasan_save_alloc_info+0x3b/0x50 [ 23.467266] __kasan_krealloc+0x190/0x1f0 [ 23.467912] krealloc_noprof+0xf3/0x340 [ 23.468379] krealloc_less_oob_helper+0x1ab/0x11d0 [ 23.468858] krealloc_less_oob+0x1c/0x30 [ 23.469490] kunit_try_run_case+0x1b3/0x490 [ 23.469785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.470883] kthread+0x257/0x310 [ 23.471145] ret_from_fork+0x41/0x80 [ 23.471581] ret_from_fork_asm+0x1a/0x30 [ 23.471985] [ 23.472360] The buggy address belongs to the object at ffff8881003a0600 [ 23.472360] which belongs to the cache kmalloc-256 of size 256 [ 23.474247] The buggy address is located 34 bytes to the right of [ 23.474247] allocated 201-byte region [ffff8881003a0600, ffff8881003a06c9) [ 23.475290] [ 23.475506] The buggy address belongs to the physical page: [ 23.476090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.477164] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.478039] flags: 0x200000000000040(head|node=0|zone=2) [ 23.478643] page_type: f5(slab) [ 23.479128] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.480008] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.480739] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.481357] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.482084] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.482960] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.483557] page dumped because: kasan: bad access detected [ 23.484046] [ 23.484283] Memory state around the buggy address: [ 23.484712] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.485468] ffff8881003a0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.486068] >ffff8881003a0680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.486896] ^ [ 23.487401] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.488189] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.488815] ================================================================== [ 23.646857] ================================================================== [ 23.647424] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 23.648805] Write of size 1 at addr ffff88810239e0d0 by task kunit_try_catch/169 [ 23.649475] [ 23.649754] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.651631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.652712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.654644] Call Trace: [ 23.655104] <TASK> [ 23.655928] dump_stack_lvl+0x73/0xb0 [ 23.656698] print_report+0xd1/0x640 [ 23.657223] ? __virt_addr_valid+0x1db/0x2d0 [ 23.657559] ? kasan_addr_to_slab+0x11/0xa0 [ 23.658897] kasan_report+0x102/0x140 [ 23.659266] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 23.660231] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 23.661497] __asan_report_store1_noabort+0x1b/0x30 [ 23.662808] krealloc_less_oob_helper+0xe25/0x11d0 [ 23.663991] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.664761] ? finish_task_switch.isra.0+0x153/0x700 [ 23.665776] ? __switch_to+0x5d9/0xf60 [ 23.666842] ? __schedule+0xc70/0x27e0 [ 23.667224] ? __pfx_read_tsc+0x10/0x10 [ 23.668365] krealloc_large_less_oob+0x1c/0x30 [ 23.668802] kunit_try_run_case+0x1b3/0x490 [ 23.669428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.670366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.671066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.671631] ? __kthread_parkme+0x82/0x160 [ 23.672622] ? preempt_count_sub+0x50/0x80 [ 23.673114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.673757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.674166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.674931] kthread+0x257/0x310 [ 23.675487] ? __pfx_kthread+0x10/0x10 [ 23.676124] ret_from_fork+0x41/0x80 [ 23.676726] ? __pfx_kthread+0x10/0x10 [ 23.677006] ret_from_fork_asm+0x1a/0x30 [ 23.677859] </TASK> [ 23.678195] [ 23.678718] The buggy address belongs to the physical page: [ 23.679246] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10239c [ 23.680104] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.681209] flags: 0x200000000000040(head|node=0|zone=2) [ 23.681953] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.682983] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.683742] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.684391] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.685615] head: 0200000000000002 ffffea000408e701 ffffffffffffffff 0000000000000000 [ 23.686449] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.687236] page dumped because: kasan: bad access detected [ 23.688178] [ 23.688375] Memory state around the buggy address: [ 23.689161] ffff88810239df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.690016] ffff88810239e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.690664] >ffff88810239e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.691730] ^ [ 23.692433] ffff88810239e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.693127] ffff88810239e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.693923] ================================================================== [ 23.780407] ================================================================== [ 23.780997] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 23.781640] Write of size 1 at addr ffff88810239e0eb by task kunit_try_catch/169 [ 23.782433] [ 23.782619] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.783981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.784672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.785630] Call Trace: [ 23.785931] <TASK> [ 23.786128] dump_stack_lvl+0x73/0xb0 [ 23.786964] print_report+0xd1/0x640 [ 23.787454] ? __virt_addr_valid+0x1db/0x2d0 [ 23.787991] ? kasan_addr_to_slab+0x11/0xa0 [ 23.788500] kasan_report+0x102/0x140 [ 23.789088] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 23.790195] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 23.791933] __asan_report_store1_noabort+0x1b/0x30 [ 23.792582] krealloc_less_oob_helper+0xd49/0x11d0 [ 23.792870] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.793811] ? finish_task_switch.isra.0+0x153/0x700 [ 23.794872] ? __switch_to+0x5d9/0xf60 [ 23.795560] ? __schedule+0xc70/0x27e0 [ 23.796147] ? __pfx_read_tsc+0x10/0x10 [ 23.796489] krealloc_large_less_oob+0x1c/0x30 [ 23.797075] kunit_try_run_case+0x1b3/0x490 [ 23.797429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.798190] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.799635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.800824] ? __kthread_parkme+0x82/0x160 [ 23.801698] ? preempt_count_sub+0x50/0x80 [ 23.802773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.803650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.804596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.805557] kthread+0x257/0x310 [ 23.806175] ? __pfx_kthread+0x10/0x10 [ 23.807280] ret_from_fork+0x41/0x80 [ 23.807576] ? __pfx_kthread+0x10/0x10 [ 23.808080] ret_from_fork_asm+0x1a/0x30 [ 23.808459] </TASK> [ 23.808654] [ 23.808913] The buggy address belongs to the physical page: [ 23.809892] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10239c [ 23.811160] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.812013] flags: 0x200000000000040(head|node=0|zone=2) [ 23.812819] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.814564] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.815475] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.816824] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.818400] head: 0200000000000002 ffffea000408e701 ffffffffffffffff 0000000000000000 [ 23.819183] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.820374] page dumped because: kasan: bad access detected [ 23.820959] [ 23.821527] Memory state around the buggy address: [ 23.822232] ffff88810239df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.823111] ffff88810239e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.823761] >ffff88810239e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.824995] ^ [ 23.825698] ffff88810239e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.827068] ffff88810239e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.828595] ================================================================== [ 23.206598] ================================================================== [ 23.207792] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 23.209407] Write of size 1 at addr ffff8881003a06c9 by task kunit_try_catch/165 [ 23.210374] [ 23.210762] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.212774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.213544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.214494] Call Trace: [ 23.214912] <TASK> [ 23.215233] dump_stack_lvl+0x73/0xb0 [ 23.216181] print_report+0xd1/0x640 [ 23.217129] ? __virt_addr_valid+0x1db/0x2d0 [ 23.217508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.218568] kasan_report+0x102/0x140 [ 23.218975] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 23.219863] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 23.220819] __asan_report_store1_noabort+0x1b/0x30 [ 23.221479] krealloc_less_oob_helper+0xd72/0x11d0 [ 23.222161] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.222941] ? finish_task_switch.isra.0+0x153/0x700 [ 23.224034] ? __switch_to+0x5d9/0xf60 [ 23.224347] ? __schedule+0xc70/0x27e0 [ 23.225166] ? __pfx_read_tsc+0x10/0x10 [ 23.226336] krealloc_less_oob+0x1c/0x30 [ 23.226726] kunit_try_run_case+0x1b3/0x490 [ 23.227894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.228796] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.229517] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.230373] ? __kthread_parkme+0x82/0x160 [ 23.230981] ? preempt_count_sub+0x50/0x80 [ 23.231197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.232746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.233593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.234411] kthread+0x257/0x310 [ 23.234669] ? __pfx_kthread+0x10/0x10 [ 23.234963] ret_from_fork+0x41/0x80 [ 23.235461] ? __pfx_kthread+0x10/0x10 [ 23.236588] ret_from_fork_asm+0x1a/0x30 [ 23.237131] </TASK> [ 23.237711] [ 23.238105] Allocated by task 165: [ 23.239487] kasan_save_stack+0x3d/0x60 [ 23.239867] kasan_save_track+0x18/0x40 [ 23.240671] kasan_save_alloc_info+0x3b/0x50 [ 23.241116] __kasan_krealloc+0x190/0x1f0 [ 23.241596] krealloc_noprof+0xf3/0x340 [ 23.242672] krealloc_less_oob_helper+0x1ab/0x11d0 [ 23.243198] krealloc_less_oob+0x1c/0x30 [ 23.244288] kunit_try_run_case+0x1b3/0x490 [ 23.244824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.245784] kthread+0x257/0x310 [ 23.246476] ret_from_fork+0x41/0x80 [ 23.246775] ret_from_fork_asm+0x1a/0x30 [ 23.247973] [ 23.248163] The buggy address belongs to the object at ffff8881003a0600 [ 23.248163] which belongs to the cache kmalloc-256 of size 256 [ 23.250194] The buggy address is located 0 bytes to the right of [ 23.250194] allocated 201-byte region [ffff8881003a0600, ffff8881003a06c9) [ 23.251623] [ 23.252287] The buggy address belongs to the physical page: [ 23.253349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.254581] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.256046] flags: 0x200000000000040(head|node=0|zone=2) [ 23.256776] page_type: f5(slab) [ 23.257149] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.258219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.259887] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.261666] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.262189] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.263557] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.264446] page dumped because: kasan: bad access detected [ 23.265345] [ 23.265496] Memory state around the buggy address: [ 23.266603] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.267784] ffff8881003a0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.268523] >ffff8881003a0680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.269482] ^ [ 23.270232] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.270836] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.272089] ================================================================== [ 23.384983] ================================================================== [ 23.385461] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 23.387391] Write of size 1 at addr ffff8881003a06ea by task kunit_try_catch/165 [ 23.388887] [ 23.389463] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.390409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.390825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.392045] Call Trace: [ 23.392435] <TASK> [ 23.393133] dump_stack_lvl+0x73/0xb0 [ 23.393472] print_report+0xd1/0x640 [ 23.394282] ? __virt_addr_valid+0x1db/0x2d0 [ 23.394752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.395645] kasan_report+0x102/0x140 [ 23.396326] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 23.397345] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 23.397795] __asan_report_store1_noabort+0x1b/0x30 [ 23.398578] krealloc_less_oob_helper+0xe92/0x11d0 [ 23.399027] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.399885] ? finish_task_switch.isra.0+0x153/0x700 [ 23.400613] ? __switch_to+0x5d9/0xf60 [ 23.401030] ? __schedule+0xc70/0x27e0 [ 23.401644] ? __pfx_read_tsc+0x10/0x10 [ 23.402255] krealloc_less_oob+0x1c/0x30 [ 23.402846] kunit_try_run_case+0x1b3/0x490 [ 23.403360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.403900] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.404526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.405098] ? __kthread_parkme+0x82/0x160 [ 23.405750] ? preempt_count_sub+0x50/0x80 [ 23.406350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.407365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.408246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.408834] kthread+0x257/0x310 [ 23.409477] ? __pfx_kthread+0x10/0x10 [ 23.410423] ret_from_fork+0x41/0x80 [ 23.410775] ? __pfx_kthread+0x10/0x10 [ 23.411410] ret_from_fork_asm+0x1a/0x30 [ 23.412480] </TASK> [ 23.412788] [ 23.413023] Allocated by task 165: [ 23.413555] kasan_save_stack+0x3d/0x60 [ 23.414193] kasan_save_track+0x18/0x40 [ 23.414594] kasan_save_alloc_info+0x3b/0x50 [ 23.415069] __kasan_krealloc+0x190/0x1f0 [ 23.415430] krealloc_noprof+0xf3/0x340 [ 23.416081] krealloc_less_oob_helper+0x1ab/0x11d0 [ 23.416671] krealloc_less_oob+0x1c/0x30 [ 23.417145] kunit_try_run_case+0x1b3/0x490 [ 23.417609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.418250] kthread+0x257/0x310 [ 23.418678] ret_from_fork+0x41/0x80 [ 23.419443] ret_from_fork_asm+0x1a/0x30 [ 23.419728] [ 23.420115] The buggy address belongs to the object at ffff8881003a0600 [ 23.420115] which belongs to the cache kmalloc-256 of size 256 [ 23.421542] The buggy address is located 33 bytes to the right of [ 23.421542] allocated 201-byte region [ffff8881003a0600, ffff8881003a06c9) [ 23.423034] [ 23.423317] The buggy address belongs to the physical page: [ 23.423834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.424738] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.425544] flags: 0x200000000000040(head|node=0|zone=2) [ 23.426183] page_type: f5(slab) [ 23.426648] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.427499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.428334] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.429069] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.429952] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.430616] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.431509] page dumped because: kasan: bad access detected [ 23.432106] [ 23.432354] Memory state around the buggy address: [ 23.433075] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.433895] ffff8881003a0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.434458] >ffff8881003a0680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 23.435385] ^ [ 23.435968] ffff8881003a0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.436632] ffff8881003a0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.437570] ================================================================== [ 23.694932] ================================================================== [ 23.695464] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 23.696585] Write of size 1 at addr ffff88810239e0da by task kunit_try_catch/169 [ 23.697491] [ 23.697681] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.698250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.698814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.700175] Call Trace: [ 23.701094] <TASK> [ 23.701537] dump_stack_lvl+0x73/0xb0 [ 23.702516] print_report+0xd1/0x640 [ 23.703270] ? __virt_addr_valid+0x1db/0x2d0 [ 23.703764] ? kasan_addr_to_slab+0x11/0xa0 [ 23.704366] kasan_report+0x102/0x140 [ 23.704772] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 23.705432] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 23.706025] __asan_report_store1_noabort+0x1b/0x30 [ 23.706902] krealloc_less_oob_helper+0xec8/0x11d0 [ 23.707734] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 23.708506] ? finish_task_switch.isra.0+0x153/0x700 [ 23.709155] ? __switch_to+0x5d9/0xf60 [ 23.710249] ? __schedule+0xc70/0x27e0 [ 23.711049] ? __pfx_read_tsc+0x10/0x10 [ 23.712142] krealloc_large_less_oob+0x1c/0x30 [ 23.712633] kunit_try_run_case+0x1b3/0x490 [ 23.713731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.714647] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.715332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.715992] ? __kthread_parkme+0x82/0x160 [ 23.716922] ? preempt_count_sub+0x50/0x80 [ 23.717567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.718137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.718819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.719392] kthread+0x257/0x310 [ 23.720070] ? __pfx_kthread+0x10/0x10 [ 23.720415] ret_from_fork+0x41/0x80 [ 23.721343] ? __pfx_kthread+0x10/0x10 [ 23.721720] ret_from_fork_asm+0x1a/0x30 [ 23.722904] </TASK> [ 23.723382] [ 23.723617] The buggy address belongs to the physical page: [ 23.724181] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10239c [ 23.724787] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.725942] flags: 0x200000000000040(head|node=0|zone=2) [ 23.726531] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.727524] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.728197] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.729023] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.729794] head: 0200000000000002 ffffea000408e701 ffffffffffffffff 0000000000000000 [ 23.730582] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.731573] page dumped because: kasan: bad access detected [ 23.732192] [ 23.732359] Memory state around the buggy address: [ 23.732887] ffff88810239df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.733671] ffff88810239e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.734444] >ffff88810239e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 23.735141] ^ [ 23.735965] ffff88810239e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.736624] ffff88810239e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.737372] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 23.089071] ================================================================== [ 23.090217] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 23.091415] Write of size 1 at addr ffff8881003a04eb by task kunit_try_catch/163 [ 23.092525] [ 23.092760] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.093771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.094942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.095526] Call Trace: [ 23.095937] <TASK> [ 23.096391] dump_stack_lvl+0x73/0xb0 [ 23.096863] print_report+0xd1/0x640 [ 23.097573] ? __virt_addr_valid+0x1db/0x2d0 [ 23.098026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.098739] kasan_report+0x102/0x140 [ 23.099091] ? krealloc_more_oob_helper+0x823/0x930 [ 23.099566] ? krealloc_more_oob_helper+0x823/0x930 [ 23.099943] __asan_report_store1_noabort+0x1b/0x30 [ 23.100543] krealloc_more_oob_helper+0x823/0x930 [ 23.101611] ? __schedule+0xc70/0x27e0 [ 23.102139] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 23.102871] ? finish_task_switch.isra.0+0x153/0x700 [ 23.103415] ? __switch_to+0x5d9/0xf60 [ 23.103951] ? __schedule+0xc70/0x27e0 [ 23.104460] ? __pfx_read_tsc+0x10/0x10 [ 23.104952] krealloc_more_oob+0x1c/0x30 [ 23.105959] kunit_try_run_case+0x1b3/0x490 [ 23.106486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.106981] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.107577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.108112] ? __kthread_parkme+0x82/0x160 [ 23.108517] ? preempt_count_sub+0x50/0x80 [ 23.108995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.109555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.110098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.110764] kthread+0x257/0x310 [ 23.111160] ? __pfx_kthread+0x10/0x10 [ 23.112037] ret_from_fork+0x41/0x80 [ 23.112574] ? __pfx_kthread+0x10/0x10 [ 23.113049] ret_from_fork_asm+0x1a/0x30 [ 23.113522] </TASK> [ 23.113751] [ 23.114137] Allocated by task 163: [ 23.114656] kasan_save_stack+0x3d/0x60 [ 23.115090] kasan_save_track+0x18/0x40 [ 23.115655] kasan_save_alloc_info+0x3b/0x50 [ 23.116246] __kasan_krealloc+0x190/0x1f0 [ 23.116783] krealloc_noprof+0xf3/0x340 [ 23.117204] krealloc_more_oob_helper+0x1aa/0x930 [ 23.117685] krealloc_more_oob+0x1c/0x30 [ 23.118818] kunit_try_run_case+0x1b3/0x490 [ 23.119370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.119940] kthread+0x257/0x310 [ 23.120389] ret_from_fork+0x41/0x80 [ 23.120950] ret_from_fork_asm+0x1a/0x30 [ 23.121479] [ 23.121738] The buggy address belongs to the object at ffff8881003a0400 [ 23.121738] which belongs to the cache kmalloc-256 of size 256 [ 23.123479] The buggy address is located 0 bytes to the right of [ 23.123479] allocated 235-byte region [ffff8881003a0400, ffff8881003a04eb) [ 23.124978] [ 23.125432] The buggy address belongs to the physical page: [ 23.126023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.126975] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.128168] flags: 0x200000000000040(head|node=0|zone=2) [ 23.128597] page_type: f5(slab) [ 23.128992] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.129625] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.130178] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.131025] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.131853] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.132636] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.133443] page dumped because: kasan: bad access detected [ 23.133933] [ 23.134126] Memory state around the buggy address: [ 23.135382] ffff8881003a0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.136156] ffff8881003a0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.136883] >ffff8881003a0480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 23.137599] ^ [ 23.138285] ffff8881003a0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.138920] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.139938] ================================================================== [ 23.496745] ================================================================== [ 23.497741] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 23.498556] Write of size 1 at addr ffff8881022e60eb by task kunit_try_catch/167 [ 23.500030] [ 23.500231] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.502517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.503468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.505186] Call Trace: [ 23.505406] <TASK> [ 23.505745] dump_stack_lvl+0x73/0xb0 [ 23.507019] print_report+0xd1/0x640 [ 23.507654] ? __virt_addr_valid+0x1db/0x2d0 [ 23.508388] ? kasan_addr_to_slab+0x11/0xa0 [ 23.508831] kasan_report+0x102/0x140 [ 23.510017] ? krealloc_more_oob_helper+0x823/0x930 [ 23.510889] ? krealloc_more_oob_helper+0x823/0x930 [ 23.512041] __asan_report_store1_noabort+0x1b/0x30 [ 23.512558] krealloc_more_oob_helper+0x823/0x930 [ 23.513022] ? __schedule+0xc70/0x27e0 [ 23.513433] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 23.513937] ? finish_task_switch.isra.0+0x153/0x700 [ 23.515129] ? __switch_to+0x5d9/0xf60 [ 23.515767] ? __schedule+0xc70/0x27e0 [ 23.516536] ? __pfx_read_tsc+0x10/0x10 [ 23.516737] krealloc_large_more_oob+0x1c/0x30 [ 23.517427] kunit_try_run_case+0x1b3/0x490 [ 23.518440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.519208] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.520055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.520612] ? __kthread_parkme+0x82/0x160 [ 23.521389] ? preempt_count_sub+0x50/0x80 [ 23.521990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.522626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.523832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.524773] kthread+0x257/0x310 [ 23.525427] ? __pfx_kthread+0x10/0x10 [ 23.525789] ret_from_fork+0x41/0x80 [ 23.526255] ? __pfx_kthread+0x10/0x10 [ 23.527045] ret_from_fork_asm+0x1a/0x30 [ 23.527916] </TASK> [ 23.528523] [ 23.528703] The buggy address belongs to the physical page: [ 23.529724] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e4 [ 23.531474] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.532770] flags: 0x200000000000040(head|node=0|zone=2) [ 23.534417] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.535733] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.536984] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.538285] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.539122] head: 0200000000000002 ffffea000408b901 ffffffffffffffff 0000000000000000 [ 23.540206] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.540627] page dumped because: kasan: bad access detected [ 23.541240] [ 23.541457] Memory state around the buggy address: [ 23.542649] ffff8881022e5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.543730] ffff8881022e6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.545362] >ffff8881022e6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 23.546597] ^ [ 23.547493] ffff8881022e6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.548169] ffff8881022e6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.549135] ================================================================== [ 23.141087] ================================================================== [ 23.141854] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 23.142620] Write of size 1 at addr ffff8881003a04f0 by task kunit_try_catch/163 [ 23.143404] [ 23.143591] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.144516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.144938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.145593] Call Trace: [ 23.145927] <TASK> [ 23.146238] dump_stack_lvl+0x73/0xb0 [ 23.147782] print_report+0xd1/0x640 [ 23.148659] ? __virt_addr_valid+0x1db/0x2d0 [ 23.149615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.150224] kasan_report+0x102/0x140 [ 23.150684] ? krealloc_more_oob_helper+0x7ed/0x930 [ 23.151589] ? krealloc_more_oob_helper+0x7ed/0x930 [ 23.152695] __asan_report_store1_noabort+0x1b/0x30 [ 23.153558] krealloc_more_oob_helper+0x7ed/0x930 [ 23.154844] ? __schedule+0xc70/0x27e0 [ 23.155232] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 23.156139] ? finish_task_switch.isra.0+0x153/0x700 [ 23.156625] ? __switch_to+0x5d9/0xf60 [ 23.156975] ? __schedule+0xc70/0x27e0 [ 23.157439] ? __pfx_read_tsc+0x10/0x10 [ 23.157825] krealloc_more_oob+0x1c/0x30 [ 23.158275] kunit_try_run_case+0x1b3/0x490 [ 23.159109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.160155] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.161376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.161744] ? __kthread_parkme+0x82/0x160 [ 23.162170] ? preempt_count_sub+0x50/0x80 [ 23.162615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.163064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.163826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.164575] kthread+0x257/0x310 [ 23.165702] ? __pfx_kthread+0x10/0x10 [ 23.166619] ret_from_fork+0x41/0x80 [ 23.167176] ? __pfx_kthread+0x10/0x10 [ 23.168193] ret_from_fork_asm+0x1a/0x30 [ 23.168798] </TASK> [ 23.169480] [ 23.169722] Allocated by task 163: [ 23.170532] kasan_save_stack+0x3d/0x60 [ 23.170856] kasan_save_track+0x18/0x40 [ 23.172105] kasan_save_alloc_info+0x3b/0x50 [ 23.172991] __kasan_krealloc+0x190/0x1f0 [ 23.173281] krealloc_noprof+0xf3/0x340 [ 23.174210] krealloc_more_oob_helper+0x1aa/0x930 [ 23.174623] krealloc_more_oob+0x1c/0x30 [ 23.175103] kunit_try_run_case+0x1b3/0x490 [ 23.175731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.176246] kthread+0x257/0x310 [ 23.177190] ret_from_fork+0x41/0x80 [ 23.177588] ret_from_fork_asm+0x1a/0x30 [ 23.178652] [ 23.178903] The buggy address belongs to the object at ffff8881003a0400 [ 23.178903] which belongs to the cache kmalloc-256 of size 256 [ 23.180398] The buggy address is located 5 bytes to the right of [ 23.180398] allocated 235-byte region [ffff8881003a0400, ffff8881003a04eb) [ 23.181825] [ 23.182866] The buggy address belongs to the physical page: [ 23.183266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 23.183963] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.184824] flags: 0x200000000000040(head|node=0|zone=2) [ 23.185470] page_type: f5(slab) [ 23.185925] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.186517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.187488] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 23.188196] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.188900] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 23.190228] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 23.191431] page dumped because: kasan: bad access detected [ 23.192177] [ 23.192889] Memory state around the buggy address: [ 23.193480] ffff8881003a0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.194372] ffff8881003a0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.194972] >ffff8881003a0480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 23.195740] ^ [ 23.197047] ffff8881003a0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.197851] ffff8881003a0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.199035] ================================================================== [ 23.550940] ================================================================== [ 23.551695] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 23.553105] Write of size 1 at addr ffff8881022e60f0 by task kunit_try_catch/167 [ 23.554508] [ 23.554706] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.555983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.556672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.557417] Call Trace: [ 23.557737] <TASK> [ 23.557999] dump_stack_lvl+0x73/0xb0 [ 23.558591] print_report+0xd1/0x640 [ 23.559104] ? __virt_addr_valid+0x1db/0x2d0 [ 23.559846] ? kasan_addr_to_slab+0x11/0xa0 [ 23.560522] kasan_report+0x102/0x140 [ 23.561289] ? krealloc_more_oob_helper+0x7ed/0x930 [ 23.561854] ? krealloc_more_oob_helper+0x7ed/0x930 [ 23.562478] __asan_report_store1_noabort+0x1b/0x30 [ 23.563013] krealloc_more_oob_helper+0x7ed/0x930 [ 23.563676] ? __schedule+0xc70/0x27e0 [ 23.564313] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 23.565134] ? finish_task_switch.isra.0+0x153/0x700 [ 23.565761] ? __switch_to+0x5d9/0xf60 [ 23.566121] ? __schedule+0xc70/0x27e0 [ 23.566738] ? __pfx_read_tsc+0x10/0x10 [ 23.567180] krealloc_large_more_oob+0x1c/0x30 [ 23.567745] kunit_try_run_case+0x1b3/0x490 [ 23.568314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.568715] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.569381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.569977] ? __kthread_parkme+0x82/0x160 [ 23.570371] ? preempt_count_sub+0x50/0x80 [ 23.571073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.571740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.572436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.572982] kthread+0x257/0x310 [ 23.573424] ? __pfx_kthread+0x10/0x10 [ 23.573907] ret_from_fork+0x41/0x80 [ 23.574214] ? __pfx_kthread+0x10/0x10 [ 23.575013] ret_from_fork_asm+0x1a/0x30 [ 23.575726] </TASK> [ 23.576101] [ 23.576448] The buggy address belongs to the physical page: [ 23.577204] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e4 [ 23.578013] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.578771] flags: 0x200000000000040(head|node=0|zone=2) [ 23.579447] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.580279] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.581163] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.581863] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.582662] head: 0200000000000002 ffffea000408b901 ffffffffffffffff 0000000000000000 [ 23.583567] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.584693] page dumped because: kasan: bad access detected [ 23.585404] [ 23.585555] Memory state around the buggy address: [ 23.585858] ffff8881022e5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.587144] ffff8881022e6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.588804] >ffff8881022e6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 23.589727] ^ [ 23.591003] ffff8881022e6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.591798] ffff8881022e6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.592849] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 22.461182] ================================================================== [ 22.461827] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 22.462753] Write of size 1 at addr ffff888102954378 by task kunit_try_catch/143 [ 22.463616] [ 22.464171] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.465320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.465897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.466825] Call Trace: [ 22.467421] <TASK> [ 22.467650] dump_stack_lvl+0x73/0xb0 [ 22.468360] print_report+0xd1/0x640 [ 22.468562] ? __virt_addr_valid+0x1db/0x2d0 [ 22.468761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.469600] kasan_report+0x102/0x140 [ 22.470537] ? kmalloc_oob_right+0x6bf/0x7f0 [ 22.471446] ? kmalloc_oob_right+0x6bf/0x7f0 [ 22.472355] __asan_report_store1_noabort+0x1b/0x30 [ 22.472976] kmalloc_oob_right+0x6bf/0x7f0 [ 22.473387] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 22.473847] ? __schedule+0xc70/0x27e0 [ 22.474393] ? __pfx_read_tsc+0x10/0x10 [ 22.474970] ? ktime_get_ts64+0x86/0x230 [ 22.475604] kunit_try_run_case+0x1b3/0x490 [ 22.476320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.476985] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.477713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.478534] ? __kthread_parkme+0x82/0x160 [ 22.479126] ? preempt_count_sub+0x50/0x80 [ 22.479577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.480372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.481116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.481855] kthread+0x257/0x310 [ 22.482181] ? __pfx_kthread+0x10/0x10 [ 22.482564] ret_from_fork+0x41/0x80 [ 22.482995] ? __pfx_kthread+0x10/0x10 [ 22.483460] ret_from_fork_asm+0x1a/0x30 [ 22.483880] </TASK> [ 22.484199] [ 22.484409] Allocated by task 143: [ 22.484860] kasan_save_stack+0x3d/0x60 [ 22.485260] kasan_save_track+0x18/0x40 [ 22.485600] kasan_save_alloc_info+0x3b/0x50 [ 22.486100] __kasan_kmalloc+0xb7/0xc0 [ 22.486413] __kmalloc_cache_noprof+0x184/0x410 [ 22.487003] kmalloc_oob_right+0xaa/0x7f0 [ 22.487334] kunit_try_run_case+0x1b3/0x490 [ 22.487873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.488510] kthread+0x257/0x310 [ 22.488901] ret_from_fork+0x41/0x80 [ 22.489353] ret_from_fork_asm+0x1a/0x30 [ 22.489661] [ 22.489931] The buggy address belongs to the object at ffff888102954300 [ 22.489931] which belongs to the cache kmalloc-128 of size 128 [ 22.490767] The buggy address is located 5 bytes to the right of [ 22.490767] allocated 115-byte region [ffff888102954300, ffff888102954373) [ 22.491964] [ 22.492229] The buggy address belongs to the physical page: [ 22.492822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 22.493362] flags: 0x200000000000000(node=0|zone=2) [ 22.493987] page_type: f5(slab) [ 22.494452] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.495123] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.495859] page dumped because: kasan: bad access detected [ 22.496280] [ 22.496484] Memory state around the buggy address: [ 22.496889] ffff888102954200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.497619] ffff888102954280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.498157] >ffff888102954300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.498889] ^ [ 22.499542] ffff888102954380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.500222] ffff888102954400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.500903] ================================================================== [ 22.502148] ================================================================== [ 22.503249] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 22.503666] Read of size 1 at addr ffff888102954380 by task kunit_try_catch/143 [ 22.504508] [ 22.504758] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.505527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.506035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.506817] Call Trace: [ 22.507179] <TASK> [ 22.507467] dump_stack_lvl+0x73/0xb0 [ 22.507961] print_report+0xd1/0x640 [ 22.508430] ? __virt_addr_valid+0x1db/0x2d0 [ 22.508745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.509454] kasan_report+0x102/0x140 [ 22.509971] ? kmalloc_oob_right+0x68c/0x7f0 [ 22.510286] ? kmalloc_oob_right+0x68c/0x7f0 [ 22.510672] __asan_report_load1_noabort+0x18/0x20 [ 22.511285] kmalloc_oob_right+0x68c/0x7f0 [ 22.511862] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 22.512954] ? __schedule+0xc70/0x27e0 [ 22.513445] ? __pfx_read_tsc+0x10/0x10 [ 22.513927] ? ktime_get_ts64+0x86/0x230 [ 22.514402] kunit_try_run_case+0x1b3/0x490 [ 22.514809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.515232] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.516798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.517626] ? __kthread_parkme+0x82/0x160 [ 22.518562] ? preempt_count_sub+0x50/0x80 [ 22.519337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.519824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.520487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.521252] kthread+0x257/0x310 [ 22.521773] ? __pfx_kthread+0x10/0x10 [ 22.522148] ret_from_fork+0x41/0x80 [ 22.522657] ? __pfx_kthread+0x10/0x10 [ 22.523150] ret_from_fork_asm+0x1a/0x30 [ 22.523748] </TASK> [ 22.524085] [ 22.524379] Allocated by task 143: [ 22.524758] kasan_save_stack+0x3d/0x60 [ 22.525923] kasan_save_track+0x18/0x40 [ 22.526472] kasan_save_alloc_info+0x3b/0x50 [ 22.527253] __kasan_kmalloc+0xb7/0xc0 [ 22.527697] __kmalloc_cache_noprof+0x184/0x410 [ 22.528653] kmalloc_oob_right+0xaa/0x7f0 [ 22.529940] kunit_try_run_case+0x1b3/0x490 [ 22.530359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.531177] kthread+0x257/0x310 [ 22.531622] ret_from_fork+0x41/0x80 [ 22.532018] ret_from_fork_asm+0x1a/0x30 [ 22.532436] [ 22.532622] The buggy address belongs to the object at ffff888102954300 [ 22.532622] which belongs to the cache kmalloc-128 of size 128 [ 22.534571] The buggy address is located 13 bytes to the right of [ 22.534571] allocated 115-byte region [ffff888102954300, ffff888102954373) [ 22.535663] [ 22.535969] The buggy address belongs to the physical page: [ 22.536802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 22.537492] flags: 0x200000000000000(node=0|zone=2) [ 22.538266] page_type: f5(slab) [ 22.538881] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.539667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.540358] page dumped because: kasan: bad access detected [ 22.540834] [ 22.541251] Memory state around the buggy address: [ 22.542439] ffff888102954280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.543553] ffff888102954300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.544384] >ffff888102954380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.545200] ^ [ 22.545840] ffff888102954400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.546357] ffff888102954480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.547040] ================================================================== [ 22.402224] ================================================================== [ 22.403852] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 22.405031] Write of size 1 at addr ffff888102954373 by task kunit_try_catch/143 [ 22.405762] [ 22.407593] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.13.0-rc2-next-20241209 #1 [ 22.409002] Tainted: [N]=TEST [ 22.409265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.410542] Call Trace: [ 22.411008] <TASK> [ 22.411659] dump_stack_lvl+0x73/0xb0 [ 22.412563] print_report+0xd1/0x640 [ 22.413090] ? __virt_addr_valid+0x1db/0x2d0 [ 22.413787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.414425] kasan_report+0x102/0x140 [ 22.415343] ? kmalloc_oob_right+0x6f2/0x7f0 [ 22.415777] ? kmalloc_oob_right+0x6f2/0x7f0 [ 22.416248] __asan_report_store1_noabort+0x1b/0x30 [ 22.416763] kmalloc_oob_right+0x6f2/0x7f0 [ 22.417949] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 22.418687] ? __schedule+0xc70/0x27e0 [ 22.419069] ? __pfx_read_tsc+0x10/0x10 [ 22.419582] ? ktime_get_ts64+0x86/0x230 [ 22.420102] kunit_try_run_case+0x1b3/0x490 [ 22.420604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.421596] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.422605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.423154] ? __kthread_parkme+0x82/0x160 [ 22.423741] ? preempt_count_sub+0x50/0x80 [ 22.424360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.424598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.425204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.425773] kthread+0x257/0x310 [ 22.426650] ? __pfx_kthread+0x10/0x10 [ 22.427392] ret_from_fork+0x41/0x80 [ 22.427727] ? __pfx_kthread+0x10/0x10 [ 22.428503] ret_from_fork_asm+0x1a/0x30 [ 22.429384] </TASK> [ 22.429755] [ 22.430422] Allocated by task 143: [ 22.431457] kasan_save_stack+0x3d/0x60 [ 22.432195] kasan_save_track+0x18/0x40 [ 22.432682] kasan_save_alloc_info+0x3b/0x50 [ 22.433403] __kasan_kmalloc+0xb7/0xc0 [ 22.433682] __kmalloc_cache_noprof+0x184/0x410 [ 22.434284] kmalloc_oob_right+0xaa/0x7f0 [ 22.434649] kunit_try_run_case+0x1b3/0x490 [ 22.435247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.435893] kthread+0x257/0x310 [ 22.436656] ret_from_fork+0x41/0x80 [ 22.437468] ret_from_fork_asm+0x1a/0x30 [ 22.438184] [ 22.438511] The buggy address belongs to the object at ffff888102954300 [ 22.438511] which belongs to the cache kmalloc-128 of size 128 [ 22.440451] The buggy address is located 0 bytes to the right of [ 22.440451] allocated 115-byte region [ffff888102954300, ffff888102954373) [ 22.442743] [ 22.443383] The buggy address belongs to the physical page: [ 22.444559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 22.445729] flags: 0x200000000000000(node=0|zone=2) [ 22.447112] page_type: f5(slab) [ 22.448226] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.448827] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.449617] page dumped because: kasan: bad access detected [ 22.450733] [ 22.451256] Memory state around the buggy address: [ 22.452266] ffff888102954200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.452908] ffff888102954280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.453686] >ffff888102954300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.455009] ^ [ 22.455586] ffff888102954380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.456710] ffff888102954400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.458391] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_vscale
------------[ cut here ]------------ [ 336.308309] WARNING: CPU: 0 PID: 2324 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 336.309826] Modules linked in: [ 336.310401] CPU: 0 UID: 0 PID: 2324 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc2-next-20241209 #1 [ 336.311846] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 336.313018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 336.314046] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 336.315025] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 336.316575] RSP: 0000:ffff888104bdfce8 EFLAGS: 00010286 [ 336.316954] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 336.317371] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9ba1773c [ 336.319433] RBP: ffff888104bdfd10 R08: 0000000000000000 R09: ffffed10204497a0 [ 336.320034] R10: ffff88810224bd07 R11: 0000000000000000 R12: ffffffff9ba17728 [ 336.321178] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104bdfda8 [ 336.322218] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 336.323288] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 336.324118] CR2: 00007ffff7ffe000 CR3: 0000000034eb8000 CR4: 00000000000006f0 [ 336.325163] DR0: ffffffff9d9fe120 DR1: ffffffff9d9fe121 DR2: ffffffff9d9fe122 [ 336.326111] DR3: ffffffff9d9fe123 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 336.327352] Call Trace: [ 336.327776] <TASK> [ 336.328434] ? show_regs+0x68/0x80 [ 336.329065] ? __warn+0xd5/0x260 [ 336.329512] ? drm_rect_calc_vscale+0x130/0x190 [ 336.329965] ? report_bug+0x278/0x2e0 [ 336.330348] ? handle_bug+0x5c/0xb0 [ 336.330763] ? exc_invalid_op+0x1c/0x50 [ 336.332220] ? asm_exc_invalid_op+0x1f/0x30 [ 336.332862] ? drm_rect_calc_vscale+0x130/0x190 [ 336.333621] drm_test_rect_calc_vscale+0x109/0x270 [ 336.334164] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 336.335061] ? __schedule+0xc70/0x27e0 [ 336.335796] ? __pfx_read_tsc+0x10/0x10 [ 336.336196] ? ktime_get_ts64+0x86/0x230 [ 336.336897] kunit_try_run_case+0x1b3/0x490 [ 336.337275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.338799] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 336.339279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 336.339844] ? __kthread_parkme+0x82/0x160 [ 336.340714] ? preempt_count_sub+0x50/0x80 [ 336.341165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.342468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 336.343112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 336.343667] kthread+0x257/0x310 [ 336.344412] ? __pfx_kthread+0x10/0x10 [ 336.346118] ret_from_fork+0x41/0x80 [ 336.346730] ? __pfx_kthread+0x10/0x10 [ 336.347567] ret_from_fork_asm+0x1a/0x30 [ 336.348034] </TASK> [ 336.348579] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 336.356206] WARNING: CPU: 1 PID: 2326 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 336.358036] Modules linked in: [ 336.358712] CPU: 1 UID: 0 PID: 2326 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc2-next-20241209 #1 [ 336.359835] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 336.360552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 336.361370] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 336.362923] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 336.364985] RSP: 0000:ffff888104bdfce8 EFLAGS: 00010286 [ 336.365865] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 336.366452] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9ba17774 [ 336.367014] RBP: ffff888104bdfd10 R08: 0000000000000000 R09: ffffed1020c982e0 [ 336.367609] R10: ffff8881064c1707 R11: 0000000000000000 R12: ffffffff9ba17760 [ 336.369132] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104bdfda8 [ 336.370141] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 336.371143] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 336.371929] CR2: ffffffffffffffff CR3: 0000000034eb8000 CR4: 00000000000006f0 [ 336.373675] DR0: ffffffff9d9fe120 DR1: ffffffff9d9fe121 DR2: ffffffff9d9fe123 [ 336.374596] DR3: ffffffff9d9fe125 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 336.375178] Call Trace: [ 336.375716] <TASK> [ 336.376026] ? show_regs+0x68/0x80 [ 336.376393] ? __warn+0xd5/0x260 [ 336.376825] ? drm_rect_calc_vscale+0x130/0x190 [ 336.377548] ? report_bug+0x278/0x2e0 [ 336.378370] ? handle_bug+0x5c/0xb0 [ 336.379570] ? exc_invalid_op+0x1c/0x50 [ 336.380407] ? asm_exc_invalid_op+0x1f/0x30 [ 336.380960] ? drm_rect_calc_vscale+0x130/0x190 [ 336.381841] drm_test_rect_calc_vscale+0x109/0x270 [ 336.383255] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 336.385203] ? __schedule+0xc70/0x27e0 [ 336.385881] ? __pfx_read_tsc+0x10/0x10 [ 336.386736] ? ktime_get_ts64+0x86/0x230 [ 336.387398] kunit_try_run_case+0x1b3/0x490 [ 336.387882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.388412] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 336.388737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 336.389736] ? __kthread_parkme+0x82/0x160 [ 336.390730] ? preempt_count_sub+0x50/0x80 [ 336.391761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.392137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 336.393807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 336.394838] kthread+0x257/0x310 [ 336.395893] ? __pfx_kthread+0x10/0x10 [ 336.396524] ret_from_fork+0x41/0x80 [ 336.397111] ? __pfx_kthread+0x10/0x10 [ 336.398137] ret_from_fork_asm+0x1a/0x30 [ 336.398736] </TASK> [ 336.399705] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rectc-drm_rect_calc_hscale
------------[ cut here ]------------ [ 336.182431] WARNING: CPU: 1 PID: 2312 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 336.184254] Modules linked in: [ 336.185231] CPU: 1 UID: 0 PID: 2312 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc2-next-20241209 #1 [ 336.186423] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 336.187455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 336.188734] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 336.189653] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 336.191103] RSP: 0000:ffff888106e4fce8 EFLAGS: 00010286 [ 336.191846] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 336.192413] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9ba17740 [ 336.193141] RBP: ffff888106e4fd10 R08: 0000000000000000 R09: ffffed1020c98200 [ 336.194023] R10: ffff8881064c1007 R11: 0000000000000000 R12: ffffffff9ba17728 [ 336.195589] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106e4fda8 [ 336.196512] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 336.197334] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 336.198164] CR2: ffffffffffffffff CR3: 0000000034eb8000 CR4: 00000000000006f0 [ 336.199135] DR0: ffffffff9d9fe120 DR1: ffffffff9d9fe121 DR2: ffffffff9d9fe123 [ 336.200032] DR3: ffffffff9d9fe125 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 336.201305] Call Trace: [ 336.202144] <TASK> [ 336.202523] ? show_regs+0x68/0x80 [ 336.203202] ? __warn+0xd5/0x260 [ 336.203641] ? drm_rect_calc_hscale+0x125/0x190 [ 336.204065] ? report_bug+0x278/0x2e0 [ 336.205511] ? handle_bug+0x5c/0xb0 [ 336.205870] ? exc_invalid_op+0x1c/0x50 [ 336.206649] ? asm_exc_invalid_op+0x1f/0x30 [ 336.207130] ? drm_rect_calc_hscale+0x125/0x190 [ 336.207847] drm_test_rect_calc_hscale+0x109/0x270 [ 336.208995] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 336.209690] ? __schedule+0xc70/0x27e0 [ 336.210185] ? __pfx_read_tsc+0x10/0x10 [ 336.210645] ? ktime_get_ts64+0x86/0x230 [ 336.211554] kunit_try_run_case+0x1b3/0x490 [ 336.212654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.213073] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 336.214118] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 336.214575] ? __kthread_parkme+0x82/0x160 [ 336.215620] ? preempt_count_sub+0x50/0x80 [ 336.215962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.216871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 336.218046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 336.218839] kthread+0x257/0x310 [ 336.219334] ? __pfx_kthread+0x10/0x10 [ 336.219886] ret_from_fork+0x41/0x80 [ 336.220673] ? __pfx_kthread+0x10/0x10 [ 336.221154] ret_from_fork_asm+0x1a/0x30 [ 336.221688] </TASK> [ 336.222550] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 336.231103] WARNING: CPU: 0 PID: 2314 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 336.232641] Modules linked in: [ 336.233082] CPU: 0 UID: 0 PID: 2314 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc2-next-20241209 #1 [ 336.234360] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 336.234993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 336.236165] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 336.236683] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 336.238718] RSP: 0000:ffff888102777ce8 EFLAGS: 00010286 [ 336.239666] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 336.240337] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9ba17778 [ 336.241667] RBP: ffff888102777d10 R08: 0000000000000000 R09: ffffed1020449700 [ 336.242664] R10: ffff88810224b807 R11: 0000000000000000 R12: ffffffff9ba17760 [ 336.243693] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102777da8 [ 336.244546] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 336.246510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 336.247729] CR2: 00007ffff7ffe000 CR3: 0000000034eb8000 CR4: 00000000000006f0 [ 336.248312] DR0: ffffffff9d9fe120 DR1: ffffffff9d9fe121 DR2: ffffffff9d9fe122 [ 336.249068] DR3: ffffffff9d9fe123 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 336.250419] Call Trace: [ 336.250789] <TASK> [ 336.251162] ? show_regs+0x68/0x80 [ 336.252433] ? __warn+0xd5/0x260 [ 336.253010] ? drm_rect_calc_hscale+0x125/0x190 [ 336.253627] ? report_bug+0x278/0x2e0 [ 336.254464] ? handle_bug+0x5c/0xb0 [ 336.254870] ? exc_invalid_op+0x1c/0x50 [ 336.255818] ? asm_exc_invalid_op+0x1f/0x30 [ 336.257098] ? drm_rect_calc_hscale+0x125/0x190 [ 336.257566] drm_test_rect_calc_hscale+0x109/0x270 [ 336.258193] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 336.259674] ? __schedule+0xc70/0x27e0 [ 336.260110] ? __pfx_read_tsc+0x10/0x10 [ 336.261349] ? ktime_get_ts64+0x86/0x230 [ 336.261859] kunit_try_run_case+0x1b3/0x490 [ 336.262363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.263141] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 336.264374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 336.265127] ? __kthread_parkme+0x82/0x160 [ 336.265776] ? preempt_count_sub+0x50/0x80 [ 336.266252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 336.267742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 336.268417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 336.268887] kthread+0x257/0x310 [ 336.269282] ? __pfx_kthread+0x10/0x10 [ 336.269639] ret_from_fork+0x41/0x80 [ 336.270424] ? __pfx_kthread+0x10/0x10 [ 336.270738] ret_from_fork_asm+0x1a/0x30 [ 336.271629] </TASK> [ 336.271960] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebufferc-drm_framebuffer_init
------------[ cut here ]------------ [ 334.502898] WARNING: CPU: 1 PID: 2112 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 334.504199] Modules linked in: [ 334.505571] CPU: 1 UID: 0 PID: 2112 Comm: kunit_try_catch Tainted: G B D W N 6.13.0-rc2-next-20241209 #1 [ 334.507970] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 334.509119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 334.510128] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 334.511053] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 334.513118] RSP: 0000:ffff8881037afba0 EFLAGS: 00010246 [ 334.513872] RAX: dffffc0000000000 RBX: ffff8881037afc98 RCX: 0000000000000000 [ 334.514778] RDX: 1ffff110206f5f9c RSI: ffff8881037afc98 RDI: ffff8881037afce0 [ 334.515971] RBP: ffff8881037afbe0 R08: ffff888104e10000 R09: ffffffff9b9c3320 [ 334.516988] R10: 0000000000000003 R11: 0000000055a3a2c5 R12: ffff888104e10000 [ 334.518339] R13: ffff888100317b20 R14: ffff8881037afc18 R15: ffff8881037afe28 [ 334.519821] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 334.520695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.521639] CR2: ffffffffffffffff CR3: 0000000034eb8000 CR4: 00000000000006f0 [ 334.523225] DR0: ffffffff9d9fe120 DR1: ffffffff9d9fe121 DR2: ffffffff9d9fe123 [ 334.524964] DR3: ffffffff9d9fe125 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 334.525904] Call Trace: [ 334.526203] <TASK> [ 334.526477] ? show_regs+0x68/0x80 [ 334.527374] ? __warn+0xd5/0x260 [ 334.529034] ? drm_framebuffer_init+0x44/0x300 [ 334.529966] ? report_bug+0x278/0x2e0 [ 334.530897] ? handle_bug+0x5c/0xb0 [ 334.531773] ? exc_invalid_op+0x1c/0x50 [ 334.533073] ? asm_exc_invalid_op+0x1f/0x30 [ 334.534061] ? drm_framebuffer_init+0x44/0x300 [ 334.534758] ? add_dr+0xc1/0x1d0 [ 334.535641] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 334.536725] ? add_dr+0x148/0x1d0 [ 334.537022] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 334.538554] ? __drmm_add_action+0x1a4/0x280 [ 334.539392] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 334.539988] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 334.541220] ? __drmm_add_action_or_reset+0x22/0x50 [ 334.542152] ? __schedule+0xc70/0x27e0 [ 334.543802] ? __pfx_read_tsc+0x10/0x10 [ 334.544309] ? ktime_get_ts64+0x86/0x230 [ 334.545267] kunit_try_run_case+0x1b3/0x490 [ 334.546464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 334.547026] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 334.547954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 334.548904] ? __kthread_parkme+0x82/0x160 [ 334.549371] ? preempt_count_sub+0x50/0x80 [ 334.550398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 334.550882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 334.551206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 334.551452] kthread+0x257/0x310 [ 334.551623] ? __pfx_kthread+0x10/0x10 [ 334.551806] ret_from_fork+0x41/0x80 [ 334.552015] ? __pfx_kthread+0x10/0x10 [ 334.552201] ret_from_fork_asm+0x1a/0x30 [ 334.552409] </TASK> [ 334.552534] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_emptyfb-filp_head
------------[ cut here ]------------ [ 334.418618] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 334.420513] WARNING: CPU: 1 PID: 2108 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 334.422738] Modules linked in: [ 334.423781] CPU: 1 UID: 0 PID: 2108 Comm: kunit_try_catch Tainted: G B D N 6.13.0-rc2-next-20241209 #1 [ 334.425384] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 334.425702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 334.426285] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 334.426578] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 44 88 80 00 48 c7 c1 20 e3 9b 9b 4c 89 fa 48 c7 c7 80 e3 9b 9b 48 89 c6 e8 8b f0 84 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 334.428545] RSP: 0000:ffff888103157bd8 EFLAGS: 00010282 [ 334.429141] RAX: 0000000000000000 RBX: ffff888103157cb0 RCX: 1ffffffff38e421c [ 334.430123] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 334.431993] RBP: ffff888103157c00 R08: 0000000000000000 R09: fffffbfff38e421c [ 334.433340] R10: 0000000000000003 R11: 0000000000028c88 R12: ffff888103157c88 [ 334.434292] R13: ffff888104eaf800 R14: ffff8881024f4000 R15: ffff888104e0ff80 [ 334.435271] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 334.436558] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.437140] CR2: ffffffffffffffff CR3: 0000000034eb8000 CR4: 00000000000006f0 [ 334.438622] DR0: ffffffff9d9fe120 DR1: ffffffff9d9fe121 DR2: ffffffff9d9fe123 [ 334.439992] DR3: ffffffff9d9fe125 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 334.440737] Call Trace: [ 334.441262] <TASK> [ 334.441894] ? show_regs+0x68/0x80 [ 334.442385] ? __warn+0xd5/0x260 [ 334.443163] ? drm_framebuffer_free+0x136/0x1b0 [ 334.444670] ? report_bug+0x278/0x2e0 [ 334.445692] ? handle_bug+0x5c/0xb0 [ 334.446220] ? exc_invalid_op+0x1c/0x50 [ 334.447672] ? asm_exc_invalid_op+0x1f/0x30 [ 334.448857] ? drm_framebuffer_free+0x136/0x1b0 [ 334.449748] ? drm_framebuffer_free+0x135/0x1b0 [ 334.450238] drm_test_framebuffer_free+0x1ac/0x610 [ 334.451596] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 334.452292] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 334.452982] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 334.453632] ? __drmm_add_action_or_reset+0x22/0x50 [ 334.455672] ? __schedule+0xc70/0x27e0 [ 334.456588] ? __pfx_read_tsc+0x10/0x10 [ 334.457006] ? ktime_get_ts64+0x86/0x230 [ 334.457573] kunit_try_run_case+0x1b3/0x490 [ 334.458466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 334.458994] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 334.460176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 334.461240] ? __kthread_parkme+0x82/0x160 [ 334.462347] ? preempt_count_sub+0x50/0x80 [ 334.463483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 334.463982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 334.465155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 334.465759] kthread+0x257/0x310 [ 334.466173] ? __pfx_kthread+0x10/0x10 [ 334.466653] ret_from_fork+0x41/0x80 [ 334.467298] ? __pfx_kthread+0x10/0x10 [ 334.468065] ret_from_fork_asm+0x1a/0x30 [ 334.468671] </TASK> [ 334.469180] ---[ end trace 0000000000000000 ]---
Failure - kunit - check_workingset_xarray
(no logs available)
Failure - kunit - check_xas_conflict_get_order_check_xa_alloc
(no logs available)
Failure - kunit - _kasan
_kasan fail
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 27.359890] ================================================================== [ 27.362745] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 27.363460] Read of size 1 at addr ffff888102964dd0 by task kunit_try_catch/266 [ 27.364919] [ 27.365474] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.366810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.367341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.368478] Call Trace: [ 27.368792] <TASK> [ 27.369862] dump_stack_lvl+0x73/0xb0 [ 27.370240] print_report+0xd1/0x640 [ 27.370920] ? __virt_addr_valid+0x1db/0x2d0 [ 27.371584] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.372420] kasan_report+0x102/0x140 [ 27.373066] ? strcmp+0xb0/0xc0 [ 27.373627] ? strcmp+0xb0/0xc0 [ 27.374306] __asan_report_load1_noabort+0x18/0x20 [ 27.375137] strcmp+0xb0/0xc0 [ 27.375504] kasan_strings+0x2d3/0xb60 [ 27.376222] ? __pfx_kasan_strings+0x10/0x10 [ 27.376697] ? __schedule+0xc70/0x27e0 [ 27.377641] ? __pfx_read_tsc+0x10/0x10 [ 27.378082] ? ktime_get_ts64+0x86/0x230 [ 27.378986] kunit_try_run_case+0x1b3/0x490 [ 27.379482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.380396] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.381059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.381689] ? __kthread_parkme+0x82/0x160 [ 27.382228] ? preempt_count_sub+0x50/0x80 [ 27.382686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.383552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.384399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.385366] kthread+0x257/0x310 [ 27.385908] ? __pfx_kthread+0x10/0x10 [ 27.386410] ret_from_fork+0x41/0x80 [ 27.386753] ? __pfx_kthread+0x10/0x10 [ 27.387591] ret_from_fork_asm+0x1a/0x30 [ 27.388033] </TASK> [ 27.388319] [ 27.388505] Allocated by task 266: [ 27.388816] kasan_save_stack+0x3d/0x60 [ 27.390009] kasan_save_track+0x18/0x40 [ 27.390368] kasan_save_alloc_info+0x3b/0x50 [ 27.391065] __kasan_kmalloc+0xb7/0xc0 [ 27.391468] __kmalloc_cache_noprof+0x184/0x410 [ 27.392518] kasan_strings+0xb9/0xb60 [ 27.393072] kunit_try_run_case+0x1b3/0x490 [ 27.393272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.394125] kthread+0x257/0x310 [ 27.394558] ret_from_fork+0x41/0x80 [ 27.394934] ret_from_fork_asm+0x1a/0x30 [ 27.395353] [ 27.395538] Freed by task 266: [ 27.395838] kasan_save_stack+0x3d/0x60 [ 27.396259] kasan_save_track+0x18/0x40 [ 27.396731] kasan_save_free_info+0x3f/0x60 [ 27.397645] __kasan_slab_free+0x56/0x70 [ 27.398141] kfree+0x123/0x3f0 [ 27.398516] kasan_strings+0x13c/0xb60 [ 27.399693] kunit_try_run_case+0x1b3/0x490 [ 27.400343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.400975] kthread+0x257/0x310 [ 27.401670] ret_from_fork+0x41/0x80 [ 27.402140] ret_from_fork_asm+0x1a/0x30 [ 27.403039] [ 27.403228] The buggy address belongs to the object at ffff888102964dc0 [ 27.403228] which belongs to the cache kmalloc-32 of size 32 [ 27.404577] The buggy address is located 16 bytes inside of [ 27.404577] freed 32-byte region [ffff888102964dc0, ffff888102964de0) [ 27.406361] [ 27.406586] The buggy address belongs to the physical page: [ 27.407714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102964 [ 27.408623] flags: 0x200000000000000(node=0|zone=2) [ 27.409457] page_type: f5(slab) [ 27.409809] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.410320] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.411031] page dumped because: kasan: bad access detected [ 27.411647] [ 27.411896] Memory state around the buggy address: [ 27.412587] ffff888102964c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.413115] ffff888102964d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.413990] >ffff888102964d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.414547] ^ [ 27.415258] ffff888102964e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.415967] ffff888102964e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.416663] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 27.289850] ================================================================== [ 27.291066] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 27.292254] Read of size 1 at addr ffff888102964d18 by task kunit_try_catch/264 [ 27.293818] [ 27.294508] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.295060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.295480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.297271] Call Trace: [ 27.297692] <TASK> [ 27.297906] dump_stack_lvl+0x73/0xb0 [ 27.298674] print_report+0xd1/0x640 [ 27.298954] ? __virt_addr_valid+0x1db/0x2d0 [ 27.299528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.300404] kasan_report+0x102/0x140 [ 27.301196] ? memcmp+0x1b4/0x1d0 [ 27.301770] ? memcmp+0x1b4/0x1d0 [ 27.302469] __asan_report_load1_noabort+0x18/0x20 [ 27.303329] memcmp+0x1b4/0x1d0 [ 27.303763] kasan_memcmp+0x190/0x390 [ 27.304742] ? trace_hardirqs_on+0x37/0xe0 [ 27.305587] ? __pfx_kasan_memcmp+0x10/0x10 [ 27.306267] ? finish_task_switch.isra.0+0x153/0x700 [ 27.306760] ? __switch_to+0x5d9/0xf60 [ 27.307735] ? __pfx_read_tsc+0x10/0x10 [ 27.308381] ? ktime_get_ts64+0x86/0x230 [ 27.309132] kunit_try_run_case+0x1b3/0x490 [ 27.309752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.310711] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.311712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.313103] ? __kthread_parkme+0x82/0x160 [ 27.313946] ? preempt_count_sub+0x50/0x80 [ 27.314548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.315656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.316373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.317109] kthread+0x257/0x310 [ 27.317857] ? __pfx_kthread+0x10/0x10 [ 27.318698] ret_from_fork+0x41/0x80 [ 27.319124] ? __pfx_kthread+0x10/0x10 [ 27.320345] ret_from_fork_asm+0x1a/0x30 [ 27.320808] </TASK> [ 27.321564] [ 27.321795] Allocated by task 264: [ 27.322660] kasan_save_stack+0x3d/0x60 [ 27.323362] kasan_save_track+0x18/0x40 [ 27.323807] kasan_save_alloc_info+0x3b/0x50 [ 27.324850] __kasan_kmalloc+0xb7/0xc0 [ 27.325929] __kmalloc_cache_noprof+0x184/0x410 [ 27.326354] kasan_memcmp+0xb8/0x390 [ 27.326731] kunit_try_run_case+0x1b3/0x490 [ 27.327437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.328612] kthread+0x257/0x310 [ 27.328864] ret_from_fork+0x41/0x80 [ 27.329866] ret_from_fork_asm+0x1a/0x30 [ 27.331378] [ 27.331637] The buggy address belongs to the object at ffff888102964d00 [ 27.331637] which belongs to the cache kmalloc-32 of size 32 [ 27.333521] The buggy address is located 0 bytes to the right of [ 27.333521] allocated 24-byte region [ffff888102964d00, ffff888102964d18) [ 27.334658] [ 27.334881] The buggy address belongs to the physical page: [ 27.335632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102964 [ 27.336558] flags: 0x200000000000000(node=0|zone=2) [ 27.337420] page_type: f5(slab) [ 27.337984] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.338965] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.339846] page dumped because: kasan: bad access detected [ 27.340528] [ 27.340794] Memory state around the buggy address: [ 27.341748] ffff888102964c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.342573] ffff888102964c80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 27.343510] >ffff888102964d00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.344173] ^ [ 27.344934] ffff888102964d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.345735] ffff888102964e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.346692] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 174.354747] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 64.461894] ================================================================== [ 64.462611] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 64.462611] [ 64.463366] Use-after-free read at 0x(____ptrval____) (in kfence-#175): [ 64.464237] test_krealloc+0x6fd/0xbe0 [ 64.464685] kunit_try_run_case+0x1b3/0x490 [ 64.465243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 64.465612] kthread+0x257/0x310 [ 64.466036] ret_from_fork+0x41/0x80 [ 64.466546] ret_from_fork_asm+0x1a/0x30 [ 64.466972] [ 64.467202] kfence-#175: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 64.467202] [ 64.467903] allocated by task 344 on cpu 1 at 64.460852s (0.007046s ago): [ 64.468809] test_alloc+0x35f/0x10d0 [ 64.469179] test_krealloc+0xae/0xbe0 [ 64.469644] kunit_try_run_case+0x1b3/0x490 [ 64.470192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 64.470633] kthread+0x257/0x310 [ 64.471037] ret_from_fork+0x41/0x80 [ 64.471699] ret_from_fork_asm+0x1a/0x30 [ 64.472052] [ 64.472229] freed by task 344 on cpu 1 at 64.461170s (0.011054s ago): [ 64.473282] krealloc_noprof+0x108/0x340 [ 64.473647] test_krealloc+0x227/0xbe0 [ 64.473934] kunit_try_run_case+0x1b3/0x490 [ 64.474484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 64.475191] kthread+0x257/0x310 [ 64.475678] ret_from_fork+0x41/0x80 [ 64.476048] ret_from_fork_asm+0x1a/0x30 [ 64.476495] [ 64.476918] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 64.477806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.478088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 64.479330] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 64.375603] ================================================================== [ 64.376304] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 64.376304] [ 64.377338] Use-after-free read at 0x(____ptrval____) (in kfence-#174): [ 64.377826] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 64.378291] kunit_try_run_case+0x1b3/0x490 [ 64.379455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 64.380052] kthread+0x257/0x310 [ 64.380402] ret_from_fork+0x41/0x80 [ 64.381058] ret_from_fork_asm+0x1a/0x30 [ 64.381394] [ 64.381665] kfence-#174: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 64.381665] [ 64.382551] allocated by task 342 on cpu 1 at 64.356736s (0.025809s ago): [ 64.383381] test_alloc+0x2a7/0x10d0 [ 64.383703] test_memcache_typesafe_by_rcu+0x170/0x670 [ 64.384229] kunit_try_run_case+0x1b3/0x490 [ 64.384688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 64.385232] kthread+0x257/0x310 [ 64.385493] ret_from_fork+0x41/0x80 [ 64.385922] ret_from_fork_asm+0x1a/0x30 [ 64.386629] [ 64.387363] freed by task 342 on cpu 1 at 64.356865s (0.030493s ago): [ 64.387830] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 64.388598] kunit_try_run_case+0x1b3/0x490 [ 64.389271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 64.390021] kthread+0x257/0x310 [ 64.390613] ret_from_fork+0x41/0x80 [ 64.391006] ret_from_fork_asm+0x1a/0x30 [ 64.391711] [ 64.392264] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 64.393572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 64.394052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 64.395056] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 40.352074] ================================================================== [ 40.353009] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 40.353009] [ 40.353636] Invalid read at 0x(____ptrval____): [ 40.354231] test_invalid_access+0xf1/0x210 [ 40.354874] kunit_try_run_case+0x1b3/0x490 [ 40.355196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.355717] kthread+0x257/0x310 [ 40.356214] ret_from_fork+0x41/0x80 [ 40.356698] ret_from_fork_asm+0x1a/0x30 [ 40.357205] [ 40.357480] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 40.358308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.358633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.359681] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 40.125120] ================================================================== [ 40.125881] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.125881] [ 40.126673] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#170): [ 40.128213] test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.128568] kunit_try_run_case+0x1b3/0x490 [ 40.128940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.130056] kthread+0x257/0x310 [ 40.130717] ret_from_fork+0x41/0x80 [ 40.131726] ret_from_fork_asm+0x1a/0x30 [ 40.132193] [ 40.132414] kfence-#170: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 40.132414] [ 40.133692] allocated by task 332 on cpu 1 at 40.124756s (0.008932s ago): [ 40.135300] test_alloc+0x35f/0x10d0 [ 40.135748] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 40.136590] kunit_try_run_case+0x1b3/0x490 [ 40.137017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.138032] kthread+0x257/0x310 [ 40.138618] ret_from_fork+0x41/0x80 [ 40.138985] ret_from_fork_asm+0x1a/0x30 [ 40.139495] [ 40.139696] freed by task 332 on cpu 1 at 40.124976s (0.014714s ago): [ 40.140407] test_kmalloc_aligned_oob_write+0x251/0x340 [ 40.141168] kunit_try_run_case+0x1b3/0x490 [ 40.142093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 40.142638] kthread+0x257/0x310 [ 40.143372] ret_from_fork+0x41/0x80 [ 40.144331] ret_from_fork_asm+0x1a/0x30 [ 40.144713] [ 40.145384] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 40.145848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.146605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 40.147473] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 39.501028] ================================================================== [ 39.502331] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.502331] [ 39.503609] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#164): [ 39.504644] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 39.505000] kunit_try_run_case+0x1b3/0x490 [ 39.505401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.505943] kthread+0x257/0x310 [ 39.506493] ret_from_fork+0x41/0x80 [ 39.506791] ret_from_fork_asm+0x1a/0x30 [ 39.507366] [ 39.507547] kfence-#164: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 39.507547] [ 39.508238] allocated by task 330 on cpu 0 at 39.500714s (0.007520s ago): [ 39.509086] test_alloc+0x35f/0x10d0 [ 39.509484] test_kmalloc_aligned_oob_read+0x106/0x570 [ 39.510066] kunit_try_run_case+0x1b3/0x490 [ 39.510399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 39.511032] kthread+0x257/0x310 [ 39.511470] ret_from_fork+0x41/0x80 [ 39.511809] ret_from_fork_asm+0x1a/0x30 [ 39.512339] [ 39.512575] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 39.513334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.513822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 39.514663] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 35.340950] ================================================================== [ 35.341612] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 35.341612] [ 35.342506] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#124): [ 35.343049] test_corruption+0x217/0x3e0 [ 35.343594] kunit_try_run_case+0x1b3/0x490 [ 35.344320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.344878] kthread+0x257/0x310 [ 35.345191] ret_from_fork+0x41/0x80 [ 35.345638] ret_from_fork_asm+0x1a/0x30 [ 35.346299] [ 35.346492] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 35.346492] [ 35.347460] allocated by task 320 on cpu 1 at 35.340741s (0.006714s ago): [ 35.348062] test_alloc+0x2a7/0x10d0 [ 35.348681] test_corruption+0x1cc/0x3e0 [ 35.349160] kunit_try_run_case+0x1b3/0x490 [ 35.349479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.350163] kthread+0x257/0x310 [ 35.350605] ret_from_fork+0x41/0x80 [ 35.351121] ret_from_fork_asm+0x1a/0x30 [ 35.351616] [ 35.351897] freed by task 320 on cpu 1 at 35.340829s (0.011064s ago): [ 35.352495] test_corruption+0x217/0x3e0 [ 35.352871] kunit_try_run_case+0x1b3/0x490 [ 35.353337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.353796] kthread+0x257/0x310 [ 35.354203] ret_from_fork+0x41/0x80 [ 35.354643] ret_from_fork_asm+0x1a/0x30 [ 35.355096] [ 35.355310] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 35.356394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.356757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.357370] ================================================================== [ 34.820942] ================================================================== [ 34.821706] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 34.821706] [ 34.822442] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#119): [ 34.824268] test_corruption+0x132/0x3e0 [ 34.824635] kunit_try_run_case+0x1b3/0x490 [ 34.825192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.825976] kthread+0x257/0x310 [ 34.826492] ret_from_fork+0x41/0x80 [ 34.826901] ret_from_fork_asm+0x1a/0x30 [ 34.827103] [ 34.827205] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.827205] [ 34.828619] allocated by task 320 on cpu 1 at 34.820748s (0.007867s ago): [ 34.829241] test_alloc+0x2a7/0x10d0 [ 34.829647] test_corruption+0xe7/0x3e0 [ 34.830016] kunit_try_run_case+0x1b3/0x490 [ 34.830528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.831182] kthread+0x257/0x310 [ 34.831465] ret_from_fork+0x41/0x80 [ 34.831781] ret_from_fork_asm+0x1a/0x30 [ 34.832413] [ 34.832679] freed by task 320 on cpu 1 at 34.820827s (0.011847s ago): [ 34.833596] test_corruption+0x132/0x3e0 [ 34.834070] kunit_try_run_case+0x1b3/0x490 [ 34.834397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.835093] kthread+0x257/0x310 [ 34.835550] ret_from_fork+0x41/0x80 [ 34.836015] ret_from_fork_asm+0x1a/0x30 [ 34.836329] [ 34.836710] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.838012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.838322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.839212] ================================================================== [ 34.613094] ================================================================== [ 34.613876] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 34.613876] [ 34.614593] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#117): [ 34.615544] test_corruption+0x2e1/0x3e0 [ 34.616281] kunit_try_run_case+0x1b3/0x490 [ 34.616624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.617431] kthread+0x257/0x310 [ 34.617947] ret_from_fork+0x41/0x80 [ 34.618349] ret_from_fork_asm+0x1a/0x30 [ 34.618904] [ 34.619164] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.619164] [ 34.620078] allocated by task 318 on cpu 0 at 34.612757s (0.007317s ago): [ 34.620722] test_alloc+0x35f/0x10d0 [ 34.621429] test_corruption+0x1cc/0x3e0 [ 34.621720] kunit_try_run_case+0x1b3/0x490 [ 34.622530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.623321] kthread+0x257/0x310 [ 34.623584] ret_from_fork+0x41/0x80 [ 34.624237] ret_from_fork_asm+0x1a/0x30 [ 34.624785] [ 34.625035] freed by task 318 on cpu 0 at 34.612880s (0.012150s ago): [ 34.625709] test_corruption+0x2e1/0x3e0 [ 34.626480] kunit_try_run_case+0x1b3/0x490 [ 34.626894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.627585] kthread+0x257/0x310 [ 34.628164] ret_from_fork+0x41/0x80 [ 34.628709] ret_from_fork_asm+0x1a/0x30 [ 34.629286] [ 34.629573] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.630619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.631206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.632405] ================================================================== [ 34.509066] ================================================================== [ 34.509862] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 34.509862] [ 34.510698] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#116): [ 34.512946] test_corruption+0x2d4/0x3e0 [ 34.513352] kunit_try_run_case+0x1b3/0x490 [ 34.513894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.514730] kthread+0x257/0x310 [ 34.515130] ret_from_fork+0x41/0x80 [ 34.515531] ret_from_fork_asm+0x1a/0x30 [ 34.516419] [ 34.516695] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.516695] [ 34.517823] allocated by task 318 on cpu 0 at 34.508735s (0.009083s ago): [ 34.518548] test_alloc+0x35f/0x10d0 [ 34.519076] test_corruption+0xe7/0x3e0 [ 34.519432] kunit_try_run_case+0x1b3/0x490 [ 34.520072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.520740] kthread+0x257/0x310 [ 34.521452] ret_from_fork+0x41/0x80 [ 34.522127] ret_from_fork_asm+0x1a/0x30 [ 34.522648] [ 34.522888] freed by task 318 on cpu 0 at 34.508856s (0.014028s ago): [ 34.523655] test_corruption+0x2d4/0x3e0 [ 34.524635] kunit_try_run_case+0x1b3/0x490 [ 34.525027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.525608] kthread+0x257/0x310 [ 34.526267] ret_from_fork+0x41/0x80 [ 34.526632] ret_from_fork_asm+0x1a/0x30 [ 34.527199] [ 34.527447] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.528740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.529486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.530339] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 34.404941] ================================================================== [ 34.405745] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 34.405745] [ 34.406438] Invalid free of 0x(____ptrval____) (in kfence-#115): [ 34.406893] test_invalid_addr_free+0xfc/0x260 [ 34.407421] kunit_try_run_case+0x1b3/0x490 [ 34.407953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.408412] kthread+0x257/0x310 [ 34.408871] ret_from_fork+0x41/0x80 [ 34.409177] ret_from_fork_asm+0x1a/0x30 [ 34.409688] [ 34.409854] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.409854] [ 34.410816] allocated by task 316 on cpu 0 at 34.404767s (0.006044s ago): [ 34.411494] test_alloc+0x2a7/0x10d0 [ 34.411860] test_invalid_addr_free+0xdc/0x260 [ 34.412424] kunit_try_run_case+0x1b3/0x490 [ 34.412809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.413181] kthread+0x257/0x310 [ 34.413487] ret_from_fork+0x41/0x80 [ 34.413774] ret_from_fork_asm+0x1a/0x30 [ 34.414289] [ 34.414605] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.415837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.416354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.417010] ================================================================== [ 34.300866] ================================================================== [ 34.301639] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 34.301639] [ 34.302477] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 34.303499] test_invalid_addr_free+0x1e3/0x260 [ 34.304427] kunit_try_run_case+0x1b3/0x490 [ 34.304964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.305600] kthread+0x257/0x310 [ 34.305998] ret_from_fork+0x41/0x80 [ 34.306312] ret_from_fork_asm+0x1a/0x30 [ 34.306847] [ 34.307303] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.307303] [ 34.308343] allocated by task 314 on cpu 0 at 34.300678s (0.007660s ago): [ 34.308800] test_alloc+0x35f/0x10d0 [ 34.309414] test_invalid_addr_free+0xdc/0x260 [ 34.309968] kunit_try_run_case+0x1b3/0x490 [ 34.310602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.311236] kthread+0x257/0x310 [ 34.311760] ret_from_fork+0x41/0x80 [ 34.312168] ret_from_fork_asm+0x1a/0x30 [ 34.312707] [ 34.312919] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.314100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.314715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.315554] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 34.093102] ================================================================== [ 34.093815] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 34.093815] [ 34.094510] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 34.095450] test_double_free+0x1d5/0x260 [ 34.095807] kunit_try_run_case+0x1b3/0x490 [ 34.096329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.096678] kthread+0x257/0x310 [ 34.097273] ret_from_fork+0x41/0x80 [ 34.097748] ret_from_fork_asm+0x1a/0x30 [ 34.098068] [ 34.098348] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 34.098348] [ 34.099163] allocated by task 310 on cpu 0 at 34.092737s (0.006422s ago): [ 34.099852] test_alloc+0x35f/0x10d0 [ 34.100338] test_double_free+0xdc/0x260 [ 34.100652] kunit_try_run_case+0x1b3/0x490 [ 34.100945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.101785] kthread+0x257/0x310 [ 34.102069] ret_from_fork+0x41/0x80 [ 34.102445] ret_from_fork_asm+0x1a/0x30 [ 34.103060] [ 34.103333] freed by task 310 on cpu 0 at 34.092831s (0.010498s ago): [ 34.103956] test_double_free+0x1e2/0x260 [ 34.104293] kunit_try_run_case+0x1b3/0x490 [ 34.104643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.105289] kthread+0x257/0x310 [ 34.105750] ret_from_fork+0x41/0x80 [ 34.106037] ret_from_fork_asm+0x1a/0x30 [ 34.106352] [ 34.106656] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.107934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.108233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.108852] ================================================================== [ 34.196990] ================================================================== [ 34.197844] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 34.197844] [ 34.198345] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 34.198958] test_double_free+0x113/0x260 [ 34.200176] kunit_try_run_case+0x1b3/0x490 [ 34.200615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.201655] kthread+0x257/0x310 [ 34.202025] ret_from_fork+0x41/0x80 [ 34.202422] ret_from_fork_asm+0x1a/0x30 [ 34.202911] [ 34.203090] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 34.203090] [ 34.203957] allocated by task 312 on cpu 0 at 34.196740s (0.007213s ago): [ 34.204442] test_alloc+0x2a7/0x10d0 [ 34.204942] test_double_free+0xdc/0x260 [ 34.205385] kunit_try_run_case+0x1b3/0x490 [ 34.205752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.206342] kthread+0x257/0x310 [ 34.206788] ret_from_fork+0x41/0x80 [ 34.207221] ret_from_fork_asm+0x1a/0x30 [ 34.207723] [ 34.207988] freed by task 312 on cpu 0 at 34.196824s (0.011159s ago): [ 34.208426] test_double_free+0xfb/0x260 [ 34.208950] kunit_try_run_case+0x1b3/0x490 [ 34.209487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.210058] kthread+0x257/0x310 [ 34.210421] ret_from_fork+0x41/0x80 [ 34.210723] ret_from_fork_asm+0x1a/0x30 [ 34.211158] [ 34.211480] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 34.212544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.213023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.213684] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 33.677118] ================================================================== [ 33.677977] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.677977] [ 33.678768] Use-after-free read at 0x(____ptrval____) (in kfence-#108): [ 33.680299] test_use_after_free_read+0x12a/0x270 [ 33.680946] kunit_try_run_case+0x1b3/0x490 [ 33.681156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.681495] kthread+0x257/0x310 [ 33.682323] ret_from_fork+0x41/0x80 [ 33.682724] ret_from_fork_asm+0x1a/0x30 [ 33.683157] [ 33.683373] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.683373] [ 33.684669] allocated by task 302 on cpu 1 at 33.676781s (0.007883s ago): [ 33.685993] test_alloc+0x35f/0x10d0 [ 33.686599] test_use_after_free_read+0xdd/0x270 [ 33.687344] kunit_try_run_case+0x1b3/0x490 [ 33.688116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.688882] kthread+0x257/0x310 [ 33.689517] ret_from_fork+0x41/0x80 [ 33.690150] ret_from_fork_asm+0x1a/0x30 [ 33.690932] [ 33.691394] freed by task 302 on cpu 1 at 33.676893s (0.014338s ago): [ 33.692456] test_use_after_free_read+0x1e9/0x270 [ 33.693044] kunit_try_run_case+0x1b3/0x490 [ 33.693637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.694529] kthread+0x257/0x310 [ 33.695047] ret_from_fork+0x41/0x80 [ 33.695579] ret_from_fork_asm+0x1a/0x30 [ 33.696056] [ 33.696305] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.697523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.698141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.699182] ================================================================== [ 33.781178] ================================================================== [ 33.782028] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 33.782028] [ 33.782867] Use-after-free read at 0x(____ptrval____) (in kfence-#109): [ 33.784493] test_use_after_free_read+0x12a/0x270 [ 33.785061] kunit_try_run_case+0x1b3/0x490 [ 33.785806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.786539] kthread+0x257/0x310 [ 33.787146] ret_from_fork+0x41/0x80 [ 33.787794] ret_from_fork_asm+0x1a/0x30 [ 33.788299] [ 33.788929] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.788929] [ 33.789692] allocated by task 304 on cpu 1 at 33.780931s (0.008756s ago): [ 33.790729] test_alloc+0x2a7/0x10d0 [ 33.791465] test_use_after_free_read+0xdd/0x270 [ 33.792117] kunit_try_run_case+0x1b3/0x490 [ 33.792393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.793619] kthread+0x257/0x310 [ 33.794240] ret_from_fork+0x41/0x80 [ 33.794609] ret_from_fork_asm+0x1a/0x30 [ 33.795424] [ 33.795537] freed by task 304 on cpu 1 at 33.781046s (0.014487s ago): [ 33.796091] test_use_after_free_read+0xfc/0x270 [ 33.797030] kunit_try_run_case+0x1b3/0x490 [ 33.797555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.798504] kthread+0x257/0x310 [ 33.799074] ret_from_fork+0x41/0x80 [ 33.799567] ret_from_fork_asm+0x1a/0x30 [ 33.800120] [ 33.800282] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.801767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.802345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.803721] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 33.572870] ================================================================== [ 33.573564] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.573564] [ 33.574356] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#107): [ 33.575309] test_out_of_bounds_write+0x10e/0x260 [ 33.575682] kunit_try_run_case+0x1b3/0x490 [ 33.576297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.576770] kthread+0x257/0x310 [ 33.577227] ret_from_fork+0x41/0x80 [ 33.577680] ret_from_fork_asm+0x1a/0x30 [ 33.578273] [ 33.578459] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.578459] [ 33.579565] allocated by task 300 on cpu 1 at 33.572775s (0.006786s ago): [ 33.580140] test_alloc+0x2a7/0x10d0 [ 33.580529] test_out_of_bounds_write+0xd5/0x260 [ 33.581311] kunit_try_run_case+0x1b3/0x490 [ 33.581734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.582418] kthread+0x257/0x310 [ 33.582730] ret_from_fork+0x41/0x80 [ 33.583431] ret_from_fork_asm+0x1a/0x30 [ 33.584005] [ 33.584339] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.585348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.585807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.586881] ================================================================== [ 33.365042] ================================================================== [ 33.365935] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 33.365935] [ 33.366975] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#105): [ 33.367976] test_out_of_bounds_write+0x10e/0x260 [ 33.368367] kunit_try_run_case+0x1b3/0x490 [ 33.369648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.370216] kthread+0x257/0x310 [ 33.370499] ret_from_fork+0x41/0x80 [ 33.370985] ret_from_fork_asm+0x1a/0x30 [ 33.371448] [ 33.371618] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.371618] [ 33.372862] allocated by task 298 on cpu 0 at 33.364803s (0.008055s ago): [ 33.373663] test_alloc+0x35f/0x10d0 [ 33.374350] test_out_of_bounds_write+0xd5/0x260 [ 33.375731] kunit_try_run_case+0x1b3/0x490 [ 33.376749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.377301] kthread+0x257/0x310 [ 33.377636] ret_from_fork+0x41/0x80 [ 33.378038] ret_from_fork_asm+0x1a/0x30 [ 33.378850] [ 33.379151] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.380399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.381386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.382214] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 33.156938] ================================================================== [ 33.157726] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 33.157726] [ 33.158584] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#103): [ 33.159433] test_out_of_bounds_read+0x127/0x4e0 [ 33.160231] kunit_try_run_case+0x1b3/0x490 [ 33.160596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.161397] kthread+0x257/0x310 [ 33.161871] ret_from_fork+0x41/0x80 [ 33.162179] ret_from_fork_asm+0x1a/0x30 [ 33.162830] [ 33.163047] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.163047] [ 33.163844] allocated by task 296 on cpu 0 at 33.156842s (0.006998s ago): [ 33.164601] test_alloc+0x2a7/0x10d0 [ 33.165134] test_out_of_bounds_read+0xee/0x4e0 [ 33.165591] kunit_try_run_case+0x1b3/0x490 [ 33.165895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.166761] kthread+0x257/0x310 [ 33.167247] ret_from_fork+0x41/0x80 [ 33.167843] ret_from_fork_asm+0x1a/0x30 [ 33.168318] [ 33.168605] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.169637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.169917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.171083] ================================================================== [ 32.950399] ================================================================== [ 32.951397] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 32.951397] [ 32.952136] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#101): [ 32.953245] test_out_of_bounds_read+0x127/0x4e0 [ 32.953809] kunit_try_run_case+0x1b3/0x490 [ 32.954172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.954729] kthread+0x257/0x310 [ 32.955087] ret_from_fork+0x41/0x80 [ 32.955602] ret_from_fork_asm+0x1a/0x30 [ 32.956001] [ 32.956592] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 32.956592] [ 32.957516] allocated by task 294 on cpu 1 at 32.948787s (0.008594s ago): [ 32.959202] test_alloc+0x35f/0x10d0 [ 32.959710] test_out_of_bounds_read+0xee/0x4e0 [ 32.960129] kunit_try_run_case+0x1b3/0x490 [ 32.960479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.961088] kthread+0x257/0x310 [ 32.961416] ret_from_fork+0x41/0x80 [ 32.961858] ret_from_fork_asm+0x1a/0x30 [ 32.962337] [ 32.962712] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.963716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.964202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.964871] ================================================================== [ 33.053063] ================================================================== [ 33.053742] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.053742] [ 33.054655] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#102): [ 33.055210] test_out_of_bounds_read+0x217/0x4e0 [ 33.055924] kunit_try_run_case+0x1b3/0x490 [ 33.056389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.056892] kthread+0x257/0x310 [ 33.057181] ret_from_fork+0x41/0x80 [ 33.057528] ret_from_fork_asm+0x1a/0x30 [ 33.058078] [ 33.058456] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 33.058456] [ 33.059328] allocated by task 294 on cpu 1 at 33.052768s (0.006555s ago): [ 33.060091] test_alloc+0x35f/0x10d0 [ 33.060584] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.061124] kunit_try_run_case+0x1b3/0x490 [ 33.061884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.062597] kthread+0x257/0x310 [ 33.062980] ret_from_fork+0x41/0x80 [ 33.064304] ret_from_fork_asm+0x1a/0x30 [ 33.064844] [ 33.065393] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.066456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.066760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.067959] ================================================================== [ 33.260865] ================================================================== [ 33.261567] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 33.261567] [ 33.262474] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#104): [ 33.263357] test_out_of_bounds_read+0x217/0x4e0 [ 33.264195] kunit_try_run_case+0x1b3/0x490 [ 33.265031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.266088] kthread+0x257/0x310 [ 33.266452] ret_from_fork+0x41/0x80 [ 33.266736] ret_from_fork_asm+0x1a/0x30 [ 33.267236] [ 33.267546] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 33.267546] [ 33.268602] allocated by task 296 on cpu 0 at 33.260772s (0.007825s ago): [ 33.269352] test_alloc+0x2a7/0x10d0 [ 33.269788] test_out_of_bounds_read+0x1e3/0x4e0 [ 33.270293] kunit_try_run_case+0x1b3/0x490 [ 33.270843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.271480] kthread+0x257/0x310 [ 33.271847] ret_from_fork+0x41/0x80 [ 33.272187] ret_from_fork_asm+0x1a/0x30 [ 33.272511] [ 33.272709] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 33.273971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.274308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.275348] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 32.320887] ================================================================== [ 32.322131] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1e0 [ 32.323227] Write of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.324532] [ 32.324709] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.326401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.326923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.328002] Call Trace: [ 32.328239] <TASK> [ 32.328839] dump_stack_lvl+0x73/0xb0 [ 32.329244] print_report+0xd1/0x640 [ 32.329681] ? __virt_addr_valid+0x1db/0x2d0 [ 32.330499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.331050] kasan_report+0x102/0x140 [ 32.331795] ? strncpy_from_user+0x2e/0x1e0 [ 32.332415] ? strncpy_from_user+0x2e/0x1e0 [ 32.332835] kasan_check_range+0x10c/0x1c0 [ 32.333535] __kasan_check_write+0x18/0x20 [ 32.334208] strncpy_from_user+0x2e/0x1e0 [ 32.334631] ? __kasan_check_read+0x15/0x20 [ 32.335147] copy_user_test_oob+0x761/0x10f0 [ 32.336065] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.336677] ? finish_task_switch.isra.0+0x153/0x700 [ 32.337288] ? __switch_to+0x5d9/0xf60 [ 32.337670] ? __schedule+0xc70/0x27e0 [ 32.338553] ? __pfx_read_tsc+0x10/0x10 [ 32.339115] ? ktime_get_ts64+0x86/0x230 [ 32.339740] kunit_try_run_case+0x1b3/0x490 [ 32.340369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.340877] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.341613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.342189] ? __kthread_parkme+0x82/0x160 [ 32.342595] ? preempt_count_sub+0x50/0x80 [ 32.342979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.343390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.344131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.345129] kthread+0x257/0x310 [ 32.345788] ? __pfx_kthread+0x10/0x10 [ 32.346352] ret_from_fork+0x41/0x80 [ 32.347295] ? __pfx_kthread+0x10/0x10 [ 32.347585] ret_from_fork_asm+0x1a/0x30 [ 32.348164] </TASK> [ 32.348630] [ 32.348974] Allocated by task 292: [ 32.349315] kasan_save_stack+0x3d/0x60 [ 32.349842] kasan_save_track+0x18/0x40 [ 32.350315] kasan_save_alloc_info+0x3b/0x50 [ 32.351491] __kasan_kmalloc+0xb7/0xc0 [ 32.352099] __kmalloc_noprof+0x1c4/0x500 [ 32.352536] kunit_kmalloc_array+0x25/0x60 [ 32.353571] copy_user_test_oob+0xac/0x10f0 [ 32.353858] kunit_try_run_case+0x1b3/0x490 [ 32.354816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.355445] kthread+0x257/0x310 [ 32.355838] ret_from_fork+0x41/0x80 [ 32.356415] ret_from_fork_asm+0x1a/0x30 [ 32.357211] [ 32.357452] The buggy address belongs to the object at ffff88810296dd00 [ 32.357452] which belongs to the cache kmalloc-128 of size 128 [ 32.359381] The buggy address is located 0 bytes inside of [ 32.359381] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.360563] [ 32.361119] The buggy address belongs to the physical page: [ 32.361740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.362498] flags: 0x200000000000000(node=0|zone=2) [ 32.363362] page_type: f5(slab) [ 32.363705] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.364701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.365394] page dumped because: kasan: bad access detected [ 32.366304] [ 32.366780] Memory state around the buggy address: [ 32.367451] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.368208] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.369238] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.369852] ^ [ 32.371009] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.371895] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.372474] ================================================================== [ 32.374502] ================================================================== [ 32.375648] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a7/0x1e0 [ 32.376354] Write of size 1 at addr ffff88810296dd78 by task kunit_try_catch/292 [ 32.376867] [ 32.378055] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.378966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.379574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.380547] Call Trace: [ 32.381087] <TASK> [ 32.381329] dump_stack_lvl+0x73/0xb0 [ 32.382072] print_report+0xd1/0x640 [ 32.382534] ? __virt_addr_valid+0x1db/0x2d0 [ 32.383283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.383849] kasan_report+0x102/0x140 [ 32.384538] ? strncpy_from_user+0x1a7/0x1e0 [ 32.385320] ? strncpy_from_user+0x1a7/0x1e0 [ 32.385929] __asan_report_store1_noabort+0x1b/0x30 [ 32.386480] strncpy_from_user+0x1a7/0x1e0 [ 32.387203] copy_user_test_oob+0x761/0x10f0 [ 32.387877] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.388566] ? finish_task_switch.isra.0+0x153/0x700 [ 32.389512] ? __switch_to+0x5d9/0xf60 [ 32.389954] ? __schedule+0xc70/0x27e0 [ 32.390418] ? __pfx_read_tsc+0x10/0x10 [ 32.391116] ? ktime_get_ts64+0x86/0x230 [ 32.391549] kunit_try_run_case+0x1b3/0x490 [ 32.392179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.393006] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.393532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.394317] ? __kthread_parkme+0x82/0x160 [ 32.394973] ? preempt_count_sub+0x50/0x80 [ 32.395405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.396283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.396791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.397477] kthread+0x257/0x310 [ 32.398140] ? __pfx_kthread+0x10/0x10 [ 32.398736] ret_from_fork+0x41/0x80 [ 32.399326] ? __pfx_kthread+0x10/0x10 [ 32.400081] ret_from_fork_asm+0x1a/0x30 [ 32.400557] </TASK> [ 32.401240] [ 32.401449] Allocated by task 292: [ 32.401950] kasan_save_stack+0x3d/0x60 [ 32.403220] kasan_save_track+0x18/0x40 [ 32.403617] kasan_save_alloc_info+0x3b/0x50 [ 32.404444] __kasan_kmalloc+0xb7/0xc0 [ 32.404864] __kmalloc_noprof+0x1c4/0x500 [ 32.405664] kunit_kmalloc_array+0x25/0x60 [ 32.406337] copy_user_test_oob+0xac/0x10f0 [ 32.407049] kunit_try_run_case+0x1b3/0x490 [ 32.407441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.408356] kthread+0x257/0x310 [ 32.408689] ret_from_fork+0x41/0x80 [ 32.409195] ret_from_fork_asm+0x1a/0x30 [ 32.409836] [ 32.410170] The buggy address belongs to the object at ffff88810296dd00 [ 32.410170] which belongs to the cache kmalloc-128 of size 128 [ 32.411787] The buggy address is located 0 bytes to the right of [ 32.411787] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.413564] [ 32.413805] The buggy address belongs to the physical page: [ 32.414278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.415093] flags: 0x200000000000000(node=0|zone=2) [ 32.416016] page_type: f5(slab) [ 32.416483] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.417614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.418640] page dumped because: kasan: bad access detected [ 32.419172] [ 32.419409] Memory state around the buggy address: [ 32.419815] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.420955] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.421684] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.422532] ^ [ 32.423432] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.423988] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.424800] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 32.133654] ================================================================== [ 32.134420] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 32.135302] Write of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.136280] [ 32.136462] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.137200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.137672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.138679] Call Trace: [ 32.138956] <TASK> [ 32.139270] dump_stack_lvl+0x73/0xb0 [ 32.139835] print_report+0xd1/0x640 [ 32.140156] ? __virt_addr_valid+0x1db/0x2d0 [ 32.140667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.141400] kasan_report+0x102/0x140 [ 32.141777] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.142321] ? copy_user_test_oob+0x3fe/0x10f0 [ 32.142698] kasan_check_range+0x10c/0x1c0 [ 32.143127] __kasan_check_write+0x18/0x20 [ 32.143948] copy_user_test_oob+0x3fe/0x10f0 [ 32.144402] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.144732] ? finish_task_switch.isra.0+0x153/0x700 [ 32.145371] ? __switch_to+0x5d9/0xf60 [ 32.146087] ? __schedule+0xc70/0x27e0 [ 32.146448] ? __pfx_read_tsc+0x10/0x10 [ 32.146745] ? ktime_get_ts64+0x86/0x230 [ 32.147318] kunit_try_run_case+0x1b3/0x490 [ 32.148078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.148854] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.149196] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.149843] ? __kthread_parkme+0x82/0x160 [ 32.150501] ? preempt_count_sub+0x50/0x80 [ 32.151125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.151698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.152220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.152697] kthread+0x257/0x310 [ 32.153470] ? __pfx_kthread+0x10/0x10 [ 32.153923] ret_from_fork+0x41/0x80 [ 32.154405] ? __pfx_kthread+0x10/0x10 [ 32.154706] ret_from_fork_asm+0x1a/0x30 [ 32.155171] </TASK> [ 32.155615] [ 32.155920] Allocated by task 292: [ 32.156569] kasan_save_stack+0x3d/0x60 [ 32.157156] kasan_save_track+0x18/0x40 [ 32.157714] kasan_save_alloc_info+0x3b/0x50 [ 32.158496] __kasan_kmalloc+0xb7/0xc0 [ 32.158787] __kmalloc_noprof+0x1c4/0x500 [ 32.159444] kunit_kmalloc_array+0x25/0x60 [ 32.159985] copy_user_test_oob+0xac/0x10f0 [ 32.160584] kunit_try_run_case+0x1b3/0x490 [ 32.161091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.161740] kthread+0x257/0x310 [ 32.162061] ret_from_fork+0x41/0x80 [ 32.162442] ret_from_fork_asm+0x1a/0x30 [ 32.163093] [ 32.163355] The buggy address belongs to the object at ffff88810296dd00 [ 32.163355] which belongs to the cache kmalloc-128 of size 128 [ 32.164516] The buggy address is located 0 bytes inside of [ 32.164516] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.165545] [ 32.165881] The buggy address belongs to the physical page: [ 32.166652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.167409] flags: 0x200000000000000(node=0|zone=2) [ 32.167755] page_type: f5(slab) [ 32.168070] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.169031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.169851] page dumped because: kasan: bad access detected [ 32.170357] [ 32.170539] Memory state around the buggy address: [ 32.171337] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.172231] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.172895] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.174302] ^ [ 32.175160] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.175880] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.176530] ================================================================== [ 32.224549] ================================================================== [ 32.226312] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 32.227291] Write of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.227594] [ 32.227712] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.229200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.229700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.230369] Call Trace: [ 32.230789] <TASK> [ 32.231467] dump_stack_lvl+0x73/0xb0 [ 32.232009] print_report+0xd1/0x640 [ 32.232551] ? __virt_addr_valid+0x1db/0x2d0 [ 32.233045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.233615] kasan_report+0x102/0x140 [ 32.234120] ? copy_user_test_oob+0x558/0x10f0 [ 32.234568] ? copy_user_test_oob+0x558/0x10f0 [ 32.235113] kasan_check_range+0x10c/0x1c0 [ 32.235912] __kasan_check_write+0x18/0x20 [ 32.236469] copy_user_test_oob+0x558/0x10f0 [ 32.237016] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.237791] ? finish_task_switch.isra.0+0x153/0x700 [ 32.238286] ? __switch_to+0x5d9/0xf60 [ 32.238702] ? __schedule+0xc70/0x27e0 [ 32.239124] ? __pfx_read_tsc+0x10/0x10 [ 32.240012] ? ktime_get_ts64+0x86/0x230 [ 32.240592] kunit_try_run_case+0x1b3/0x490 [ 32.241390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.242387] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.242842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.243557] ? __kthread_parkme+0x82/0x160 [ 32.244522] ? preempt_count_sub+0x50/0x80 [ 32.245111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.245561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.246296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.246997] kthread+0x257/0x310 [ 32.247558] ? __pfx_kthread+0x10/0x10 [ 32.248186] ret_from_fork+0x41/0x80 [ 32.248630] ? __pfx_kthread+0x10/0x10 [ 32.249322] ret_from_fork_asm+0x1a/0x30 [ 32.249765] </TASK> [ 32.250077] [ 32.250291] Allocated by task 292: [ 32.250625] kasan_save_stack+0x3d/0x60 [ 32.251807] kasan_save_track+0x18/0x40 [ 32.252178] kasan_save_alloc_info+0x3b/0x50 [ 32.252777] __kasan_kmalloc+0xb7/0xc0 [ 32.253583] __kmalloc_noprof+0x1c4/0x500 [ 32.254188] kunit_kmalloc_array+0x25/0x60 [ 32.254602] copy_user_test_oob+0xac/0x10f0 [ 32.255277] kunit_try_run_case+0x1b3/0x490 [ 32.256017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.256740] kthread+0x257/0x310 [ 32.257529] ret_from_fork+0x41/0x80 [ 32.258055] ret_from_fork_asm+0x1a/0x30 [ 32.258283] [ 32.258408] The buggy address belongs to the object at ffff88810296dd00 [ 32.258408] which belongs to the cache kmalloc-128 of size 128 [ 32.259094] The buggy address is located 0 bytes inside of [ 32.259094] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.260386] [ 32.260558] The buggy address belongs to the physical page: [ 32.261291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.262210] flags: 0x200000000000000(node=0|zone=2) [ 32.262706] page_type: f5(slab) [ 32.263281] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.264186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.265094] page dumped because: kasan: bad access detected [ 32.265805] [ 32.266204] Memory state around the buggy address: [ 32.266601] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.267570] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.268479] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.269450] ^ [ 32.270069] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.270750] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.271587] ================================================================== [ 32.177870] ================================================================== [ 32.179317] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 32.179939] Read of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.180658] [ 32.181669] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.182998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.183659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.184780] Call Trace: [ 32.185308] <TASK> [ 32.185650] dump_stack_lvl+0x73/0xb0 [ 32.186058] print_report+0xd1/0x640 [ 32.186597] ? __virt_addr_valid+0x1db/0x2d0 [ 32.187188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.187787] kasan_report+0x102/0x140 [ 32.188377] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.188800] ? copy_user_test_oob+0x4ab/0x10f0 [ 32.189396] kasan_check_range+0x10c/0x1c0 [ 32.189817] __kasan_check_read+0x15/0x20 [ 32.190280] copy_user_test_oob+0x4ab/0x10f0 [ 32.190745] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.191438] ? finish_task_switch.isra.0+0x153/0x700 [ 32.191884] ? __switch_to+0x5d9/0xf60 [ 32.192301] ? __schedule+0xc70/0x27e0 [ 32.192833] ? __pfx_read_tsc+0x10/0x10 [ 32.193446] ? ktime_get_ts64+0x86/0x230 [ 32.193750] kunit_try_run_case+0x1b3/0x490 [ 32.194439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.194845] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.195511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.195983] ? __kthread_parkme+0x82/0x160 [ 32.196412] ? preempt_count_sub+0x50/0x80 [ 32.196888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.197518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.198158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.198775] kthread+0x257/0x310 [ 32.199455] ? __pfx_kthread+0x10/0x10 [ 32.200068] ret_from_fork+0x41/0x80 [ 32.200426] ? __pfx_kthread+0x10/0x10 [ 32.200868] ret_from_fork_asm+0x1a/0x30 [ 32.201492] </TASK> [ 32.201841] [ 32.202087] Allocated by task 292: [ 32.202470] kasan_save_stack+0x3d/0x60 [ 32.202984] kasan_save_track+0x18/0x40 [ 32.203390] kasan_save_alloc_info+0x3b/0x50 [ 32.203945] __kasan_kmalloc+0xb7/0xc0 [ 32.204447] __kmalloc_noprof+0x1c4/0x500 [ 32.204942] kunit_kmalloc_array+0x25/0x60 [ 32.205525] copy_user_test_oob+0xac/0x10f0 [ 32.205880] kunit_try_run_case+0x1b3/0x490 [ 32.206160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.206888] kthread+0x257/0x310 [ 32.207276] ret_from_fork+0x41/0x80 [ 32.207708] ret_from_fork_asm+0x1a/0x30 [ 32.208113] [ 32.208306] The buggy address belongs to the object at ffff88810296dd00 [ 32.208306] which belongs to the cache kmalloc-128 of size 128 [ 32.210826] The buggy address is located 0 bytes inside of [ 32.210826] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.211781] [ 32.212570] The buggy address belongs to the physical page: [ 32.213083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.213976] flags: 0x200000000000000(node=0|zone=2) [ 32.214560] page_type: f5(slab) [ 32.215094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.215621] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.216532] page dumped because: kasan: bad access detected [ 32.217196] [ 32.217520] Memory state around the buggy address: [ 32.218156] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.218985] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.219789] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.220531] ^ [ 32.221327] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.222202] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.223076] ================================================================== [ 32.272742] ================================================================== [ 32.273246] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 32.273987] Read of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.274484] [ 32.274995] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.276035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.276335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.277244] Call Trace: [ 32.277699] <TASK> [ 32.278041] dump_stack_lvl+0x73/0xb0 [ 32.278597] print_report+0xd1/0x640 [ 32.279127] ? __virt_addr_valid+0x1db/0x2d0 [ 32.279627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.280217] kasan_report+0x102/0x140 [ 32.280541] ? copy_user_test_oob+0x605/0x10f0 [ 32.281271] ? copy_user_test_oob+0x605/0x10f0 [ 32.281948] kasan_check_range+0x10c/0x1c0 [ 32.282530] __kasan_check_read+0x15/0x20 [ 32.283001] copy_user_test_oob+0x605/0x10f0 [ 32.283551] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.284194] ? finish_task_switch.isra.0+0x153/0x700 [ 32.284621] ? __switch_to+0x5d9/0xf60 [ 32.285012] ? __schedule+0xc70/0x27e0 [ 32.285605] ? __pfx_read_tsc+0x10/0x10 [ 32.286182] ? ktime_get_ts64+0x86/0x230 [ 32.286623] kunit_try_run_case+0x1b3/0x490 [ 32.287067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.287691] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.288365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.289083] ? __kthread_parkme+0x82/0x160 [ 32.289507] ? preempt_count_sub+0x50/0x80 [ 32.289988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.290649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.291098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.291868] kthread+0x257/0x310 [ 32.292377] ? __pfx_kthread+0x10/0x10 [ 32.292871] ret_from_fork+0x41/0x80 [ 32.293177] ? __pfx_kthread+0x10/0x10 [ 32.294203] ret_from_fork_asm+0x1a/0x30 [ 32.295024] </TASK> [ 32.295343] [ 32.295592] Allocated by task 292: [ 32.295934] kasan_save_stack+0x3d/0x60 [ 32.296658] kasan_save_track+0x18/0x40 [ 32.297311] kasan_save_alloc_info+0x3b/0x50 [ 32.297968] __kasan_kmalloc+0xb7/0xc0 [ 32.298467] __kmalloc_noprof+0x1c4/0x500 [ 32.299186] kunit_kmalloc_array+0x25/0x60 [ 32.300189] copy_user_test_oob+0xac/0x10f0 [ 32.300729] kunit_try_run_case+0x1b3/0x490 [ 32.301165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.301716] kthread+0x257/0x310 [ 32.302414] ret_from_fork+0x41/0x80 [ 32.303161] ret_from_fork_asm+0x1a/0x30 [ 32.303743] [ 32.304246] The buggy address belongs to the object at ffff88810296dd00 [ 32.304246] which belongs to the cache kmalloc-128 of size 128 [ 32.305159] The buggy address is located 0 bytes inside of [ 32.305159] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.306695] [ 32.307363] The buggy address belongs to the physical page: [ 32.307866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.308663] flags: 0x200000000000000(node=0|zone=2) [ 32.309457] page_type: f5(slab) [ 32.309731] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.310845] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.311728] page dumped because: kasan: bad access detected [ 32.312772] [ 32.313098] Memory state around the buggy address: [ 32.313886] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.314691] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.315718] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.316702] ^ [ 32.317493] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.318377] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.319333] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 32.071659] ================================================================== [ 32.072387] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 32.072803] Read of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.074606] [ 32.074866] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.075747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.076116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.076907] Call Trace: [ 32.077763] <TASK> [ 32.077987] dump_stack_lvl+0x73/0xb0 [ 32.079000] print_report+0xd1/0x640 [ 32.079650] ? __virt_addr_valid+0x1db/0x2d0 [ 32.080325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.081190] kasan_report+0x102/0x140 [ 32.081483] ? _copy_to_user+0x4a/0x70 [ 32.082371] ? _copy_to_user+0x4a/0x70 [ 32.083177] kasan_check_range+0x10c/0x1c0 [ 32.083630] __kasan_check_read+0x15/0x20 [ 32.085107] _copy_to_user+0x4a/0x70 [ 32.085749] copy_user_test_oob+0x365/0x10f0 [ 32.086270] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.086699] ? finish_task_switch.isra.0+0x153/0x700 [ 32.087557] ? __switch_to+0x5d9/0xf60 [ 32.088174] ? __schedule+0xc70/0x27e0 [ 32.088602] ? __pfx_read_tsc+0x10/0x10 [ 32.089183] ? ktime_get_ts64+0x86/0x230 [ 32.089650] kunit_try_run_case+0x1b3/0x490 [ 32.090199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.090679] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.091493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.092356] ? __kthread_parkme+0x82/0x160 [ 32.093335] ? preempt_count_sub+0x50/0x80 [ 32.093741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.094629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.095323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.096343] kthread+0x257/0x310 [ 32.096742] ? __pfx_kthread+0x10/0x10 [ 32.097405] ret_from_fork+0x41/0x80 [ 32.097802] ? __pfx_kthread+0x10/0x10 [ 32.098462] ret_from_fork_asm+0x1a/0x30 [ 32.099105] </TASK> [ 32.099566] [ 32.100009] Allocated by task 292: [ 32.100341] kasan_save_stack+0x3d/0x60 [ 32.101126] kasan_save_track+0x18/0x40 [ 32.101607] kasan_save_alloc_info+0x3b/0x50 [ 32.102342] __kasan_kmalloc+0xb7/0xc0 [ 32.103240] __kmalloc_noprof+0x1c4/0x500 [ 32.103652] kunit_kmalloc_array+0x25/0x60 [ 32.104244] copy_user_test_oob+0xac/0x10f0 [ 32.105083] kunit_try_run_case+0x1b3/0x490 [ 32.106014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.106802] kthread+0x257/0x310 [ 32.107490] ret_from_fork+0x41/0x80 [ 32.108473] ret_from_fork_asm+0x1a/0x30 [ 32.108952] [ 32.109139] The buggy address belongs to the object at ffff88810296dd00 [ 32.109139] which belongs to the cache kmalloc-128 of size 128 [ 32.110960] The buggy address is located 0 bytes inside of [ 32.110960] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.112353] [ 32.112755] The buggy address belongs to the physical page: [ 32.113081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.114171] flags: 0x200000000000000(node=0|zone=2) [ 32.114854] page_type: f5(slab) [ 32.115354] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.116394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.117373] page dumped because: kasan: bad access detected [ 32.118318] [ 32.118623] Memory state around the buggy address: [ 32.119660] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.120557] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.121599] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.122593] ^ [ 32.123889] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.124411] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.125416] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 32.014459] ================================================================== [ 32.015691] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x33/0xa0 [ 32.016492] Write of size 121 at addr ffff88810296dd00 by task kunit_try_catch/292 [ 32.017431] [ 32.017842] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 32.019367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.019885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.020627] Call Trace: [ 32.020967] <TASK> [ 32.022105] dump_stack_lvl+0x73/0xb0 [ 32.022496] print_report+0xd1/0x640 [ 32.022927] ? __virt_addr_valid+0x1db/0x2d0 [ 32.023704] ? kasan_complete_mode_report_info+0x2a/0x200 [ 32.024535] kasan_report+0x102/0x140 [ 32.025110] ? _copy_from_user+0x33/0xa0 [ 32.025540] ? _copy_from_user+0x33/0xa0 [ 32.026076] kasan_check_range+0x10c/0x1c0 [ 32.026652] __kasan_check_write+0x18/0x20 [ 32.027226] _copy_from_user+0x33/0xa0 [ 32.027620] copy_user_test_oob+0x2bf/0x10f0 [ 32.028075] ? __pfx_copy_user_test_oob+0x10/0x10 [ 32.028513] ? finish_task_switch.isra.0+0x153/0x700 [ 32.029201] ? __switch_to+0x5d9/0xf60 [ 32.029709] ? __schedule+0xc70/0x27e0 [ 32.030247] ? __pfx_read_tsc+0x10/0x10 [ 32.030649] ? ktime_get_ts64+0x86/0x230 [ 32.031192] kunit_try_run_case+0x1b3/0x490 [ 32.031650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.032249] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 32.032661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 32.033413] ? __kthread_parkme+0x82/0x160 [ 32.033923] ? preempt_count_sub+0x50/0x80 [ 32.034557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 32.034962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 32.035608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.036611] kthread+0x257/0x310 [ 32.037029] ? __pfx_kthread+0x10/0x10 [ 32.037801] ret_from_fork+0x41/0x80 [ 32.038611] ? __pfx_kthread+0x10/0x10 [ 32.039091] ret_from_fork_asm+0x1a/0x30 [ 32.039590] </TASK> [ 32.039834] [ 32.040065] Allocated by task 292: [ 32.041043] kasan_save_stack+0x3d/0x60 [ 32.041453] kasan_save_track+0x18/0x40 [ 32.042575] kasan_save_alloc_info+0x3b/0x50 [ 32.043136] __kasan_kmalloc+0xb7/0xc0 [ 32.043714] __kmalloc_noprof+0x1c4/0x500 [ 32.044315] kunit_kmalloc_array+0x25/0x60 [ 32.044946] copy_user_test_oob+0xac/0x10f0 [ 32.045552] kunit_try_run_case+0x1b3/0x490 [ 32.046420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.046990] kthread+0x257/0x310 [ 32.047320] ret_from_fork+0x41/0x80 [ 32.048513] ret_from_fork_asm+0x1a/0x30 [ 32.049161] [ 32.049352] The buggy address belongs to the object at ffff88810296dd00 [ 32.049352] which belongs to the cache kmalloc-128 of size 128 [ 32.050876] The buggy address is located 0 bytes inside of [ 32.050876] allocated 120-byte region [ffff88810296dd00, ffff88810296dd78) [ 32.052284] [ 32.052767] The buggy address belongs to the physical page: [ 32.053395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 32.054647] flags: 0x200000000000000(node=0|zone=2) [ 32.055194] page_type: f5(slab) [ 32.055621] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 32.056858] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 32.057613] page dumped because: kasan: bad access detected [ 32.059113] [ 32.059305] Memory state around the buggy address: [ 32.059723] ffff88810296dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.061074] ffff88810296dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.062010] >ffff88810296dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 32.062707] ^ [ 32.063680] ffff88810296dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.064413] ffff88810296de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.065384] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 31.928075] ================================================================== [ 31.929101] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 31.929861] Write of size 8 at addr ffff88810296da78 by task kunit_try_catch/288 [ 31.930945] [ 31.931377] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.931936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.932507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.933467] Call Trace: [ 31.934115] <TASK> [ 31.934634] dump_stack_lvl+0x73/0xb0 [ 31.935363] print_report+0xd1/0x640 [ 31.935985] ? __virt_addr_valid+0x1db/0x2d0 [ 31.937539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.938553] kasan_report+0x102/0x140 [ 31.939162] ? copy_to_kernel_nofault+0x99/0x260 [ 31.939841] ? copy_to_kernel_nofault+0x99/0x260 [ 31.940659] kasan_check_range+0x10c/0x1c0 [ 31.941526] __kasan_check_write+0x18/0x20 [ 31.942173] copy_to_kernel_nofault+0x99/0x260 [ 31.943630] copy_to_kernel_nofault_oob+0x214/0x4e0 [ 31.944888] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 31.945962] ? finish_task_switch.isra.0+0x153/0x700 [ 31.946748] ? __schedule+0xc70/0x27e0 [ 31.947072] ? trace_hardirqs_on+0x37/0xe0 [ 31.948348] ? __pfx_read_tsc+0x10/0x10 [ 31.949386] ? ktime_get_ts64+0x86/0x230 [ 31.949830] kunit_try_run_case+0x1b3/0x490 [ 31.950775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.951527] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.952709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.953021] ? __kthread_parkme+0x82/0x160 [ 31.953402] ? preempt_count_sub+0x50/0x80 [ 31.954488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.955078] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.956311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.957083] kthread+0x257/0x310 [ 31.958032] ? __pfx_kthread+0x10/0x10 [ 31.958634] ret_from_fork+0x41/0x80 [ 31.959293] ? __pfx_kthread+0x10/0x10 [ 31.959856] ret_from_fork_asm+0x1a/0x30 [ 31.961146] </TASK> [ 31.961675] [ 31.962420] Allocated by task 288: [ 31.962772] kasan_save_stack+0x3d/0x60 [ 31.963182] kasan_save_track+0x18/0x40 [ 31.964180] kasan_save_alloc_info+0x3b/0x50 [ 31.964515] __kasan_kmalloc+0xb7/0xc0 [ 31.964794] __kmalloc_cache_noprof+0x184/0x410 [ 31.965103] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 31.965432] kunit_try_run_case+0x1b3/0x490 [ 31.965723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.966555] kthread+0x257/0x310 [ 31.967942] ret_from_fork+0x41/0x80 [ 31.968414] ret_from_fork_asm+0x1a/0x30 [ 31.968766] [ 31.968930] The buggy address belongs to the object at ffff88810296da00 [ 31.968930] which belongs to the cache kmalloc-128 of size 128 [ 31.969913] The buggy address is located 0 bytes to the right of [ 31.969913] allocated 120-byte region [ffff88810296da00, ffff88810296da78) [ 31.972831] [ 31.973028] The buggy address belongs to the physical page: [ 31.973830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 31.975822] flags: 0x200000000000000(node=0|zone=2) [ 31.976453] page_type: f5(slab) [ 31.977291] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.979087] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.980178] page dumped because: kasan: bad access detected [ 31.980641] [ 31.981492] Memory state around the buggy address: [ 31.982300] ffff88810296d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.983530] ffff88810296d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.984930] >ffff88810296da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.985413] ^ [ 31.986555] ffff88810296da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.987229] ffff88810296db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.987897] ================================================================== [ 31.876159] ================================================================== [ 31.878146] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 31.878949] Read of size 8 at addr ffff88810296da78 by task kunit_try_catch/288 [ 31.880531] [ 31.880959] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.882045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.882619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.883500] Call Trace: [ 31.883958] <TASK> [ 31.884435] dump_stack_lvl+0x73/0xb0 [ 31.884985] print_report+0xd1/0x640 [ 31.885340] ? __virt_addr_valid+0x1db/0x2d0 [ 31.885873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.886376] kasan_report+0x102/0x140 [ 31.886732] ? copy_to_kernel_nofault+0x225/0x260 [ 31.887347] ? copy_to_kernel_nofault+0x225/0x260 [ 31.888581] __asan_report_load8_noabort+0x18/0x20 [ 31.889135] copy_to_kernel_nofault+0x225/0x260 [ 31.890056] copy_to_kernel_nofault_oob+0x179/0x4e0 [ 31.890691] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 31.891037] ? finish_task_switch.isra.0+0x153/0x700 [ 31.892092] ? __schedule+0xc70/0x27e0 [ 31.892914] ? trace_hardirqs_on+0x37/0xe0 [ 31.893625] ? __pfx_read_tsc+0x10/0x10 [ 31.894095] ? ktime_get_ts64+0x86/0x230 [ 31.894877] kunit_try_run_case+0x1b3/0x490 [ 31.895401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.895957] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.896540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.897845] ? __kthread_parkme+0x82/0x160 [ 31.898674] ? preempt_count_sub+0x50/0x80 [ 31.899880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.900440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.901060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.901571] kthread+0x257/0x310 [ 31.902338] ? __pfx_kthread+0x10/0x10 [ 31.902917] ret_from_fork+0x41/0x80 [ 31.903388] ? __pfx_kthread+0x10/0x10 [ 31.903696] ret_from_fork_asm+0x1a/0x30 [ 31.904400] </TASK> [ 31.904725] [ 31.904966] Allocated by task 288: [ 31.905622] kasan_save_stack+0x3d/0x60 [ 31.906037] kasan_save_track+0x18/0x40 [ 31.906653] kasan_save_alloc_info+0x3b/0x50 [ 31.907204] __kasan_kmalloc+0xb7/0xc0 [ 31.907697] __kmalloc_cache_noprof+0x184/0x410 [ 31.908158] copy_to_kernel_nofault_oob+0xc5/0x4e0 [ 31.908848] kunit_try_run_case+0x1b3/0x490 [ 31.909226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.910017] kthread+0x257/0x310 [ 31.910301] ret_from_fork+0x41/0x80 [ 31.910961] ret_from_fork_asm+0x1a/0x30 [ 31.911657] [ 31.912024] The buggy address belongs to the object at ffff88810296da00 [ 31.912024] which belongs to the cache kmalloc-128 of size 128 [ 31.913417] The buggy address is located 0 bytes to the right of [ 31.913417] allocated 120-byte region [ffff88810296da00, ffff88810296da78) [ 31.914770] [ 31.914940] The buggy address belongs to the physical page: [ 31.915594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10296d [ 31.916328] flags: 0x200000000000000(node=0|zone=2) [ 31.917152] page_type: f5(slab) [ 31.917470] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 31.918313] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 31.919442] page dumped because: kasan: bad access detected [ 31.920035] [ 31.920359] Memory state around the buggy address: [ 31.921156] ffff88810296d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.921684] ffff88810296d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.922913] >ffff88810296da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 31.923861] ^ [ 31.924311] ffff88810296da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.925339] ffff88810296db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.925811] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 31.587929] ================================================================== [ 31.588746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 31.590044] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.591720] [ 31.591929] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.593020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.593593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.594539] Call Trace: [ 31.594836] <TASK> [ 31.595227] dump_stack_lvl+0x73/0xb0 [ 31.595715] print_report+0xd1/0x640 [ 31.596319] ? __virt_addr_valid+0x1db/0x2d0 [ 31.596963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.597554] kasan_report+0x102/0x140 [ 31.597958] ? kasan_atomics_helper+0x4fb4/0x5450 [ 31.598550] ? kasan_atomics_helper+0x4fb4/0x5450 [ 31.599378] __asan_report_load8_noabort+0x18/0x20 [ 31.599843] kasan_atomics_helper+0x4fb4/0x5450 [ 31.600407] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.601119] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.601733] ? kasan_atomics+0x153/0x310 [ 31.602135] kasan_atomics+0x1dd/0x310 [ 31.602554] ? __pfx_kasan_atomics+0x10/0x10 [ 31.603146] ? __pfx_read_tsc+0x10/0x10 [ 31.603811] ? ktime_get_ts64+0x86/0x230 [ 31.604338] kunit_try_run_case+0x1b3/0x490 [ 31.604717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.605414] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.606142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.606811] ? __kthread_parkme+0x82/0x160 [ 31.607185] ? preempt_count_sub+0x50/0x80 [ 31.607634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.608306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.608971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.609635] kthread+0x257/0x310 [ 31.609998] ? __pfx_kthread+0x10/0x10 [ 31.610581] ret_from_fork+0x41/0x80 [ 31.611118] ? __pfx_kthread+0x10/0x10 [ 31.611598] ret_from_fork_asm+0x1a/0x30 [ 31.612091] </TASK> [ 31.612445] [ 31.612749] Allocated by task 272: [ 31.613030] kasan_save_stack+0x3d/0x60 [ 31.613738] kasan_save_track+0x18/0x40 [ 31.614021] kasan_save_alloc_info+0x3b/0x50 [ 31.615357] __kasan_kmalloc+0xb7/0xc0 [ 31.615992] __kmalloc_cache_noprof+0x184/0x410 [ 31.616520] kasan_atomics+0x96/0x310 [ 31.617054] kunit_try_run_case+0x1b3/0x490 [ 31.617645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.618218] kthread+0x257/0x310 [ 31.618571] ret_from_fork+0x41/0x80 [ 31.618934] ret_from_fork_asm+0x1a/0x30 [ 31.619472] [ 31.619640] The buggy address belongs to the object at ffff888102969600 [ 31.619640] which belongs to the cache kmalloc-64 of size 64 [ 31.621049] The buggy address is located 0 bytes to the right of [ 31.621049] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.622166] [ 31.622535] The buggy address belongs to the physical page: [ 31.623105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.624009] flags: 0x200000000000000(node=0|zone=2) [ 31.624678] page_type: f5(slab) [ 31.625132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.626032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.626809] page dumped because: kasan: bad access detected [ 31.627422] [ 31.627611] Memory state around the buggy address: [ 31.628226] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.628928] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.629651] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.630628] ^ [ 31.631457] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.632065] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.632927] ================================================================== [ 31.100874] ================================================================== [ 31.101858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 31.103174] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.105005] [ 31.105480] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.106565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.107292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.108384] Call Trace: [ 31.108686] <TASK> [ 31.109353] dump_stack_lvl+0x73/0xb0 [ 31.110049] print_report+0xd1/0x640 [ 31.110722] ? __virt_addr_valid+0x1db/0x2d0 [ 31.111561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.112461] kasan_report+0x102/0x140 [ 31.113089] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.113606] ? kasan_atomics_helper+0x4f32/0x5450 [ 31.114188] __asan_report_load8_noabort+0x18/0x20 [ 31.114980] kasan_atomics_helper+0x4f32/0x5450 [ 31.115225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.115572] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.116577] ? kasan_atomics+0x153/0x310 [ 31.117384] kasan_atomics+0x1dd/0x310 [ 31.118114] ? __pfx_kasan_atomics+0x10/0x10 [ 31.118601] ? __pfx_read_tsc+0x10/0x10 [ 31.119331] ? ktime_get_ts64+0x86/0x230 [ 31.120040] kunit_try_run_case+0x1b3/0x490 [ 31.120444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.120998] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.121578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.122119] ? __kthread_parkme+0x82/0x160 [ 31.122846] ? preempt_count_sub+0x50/0x80 [ 31.123324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.124122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.125010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.125708] kthread+0x257/0x310 [ 31.126280] ? __pfx_kthread+0x10/0x10 [ 31.126886] ret_from_fork+0x41/0x80 [ 31.127457] ? __pfx_kthread+0x10/0x10 [ 31.128029] ret_from_fork_asm+0x1a/0x30 [ 31.128657] </TASK> [ 31.128974] [ 31.129245] Allocated by task 272: [ 31.129696] kasan_save_stack+0x3d/0x60 [ 31.130245] kasan_save_track+0x18/0x40 [ 31.130992] kasan_save_alloc_info+0x3b/0x50 [ 31.131575] __kasan_kmalloc+0xb7/0xc0 [ 31.132134] __kmalloc_cache_noprof+0x184/0x410 [ 31.132888] kasan_atomics+0x96/0x310 [ 31.133438] kunit_try_run_case+0x1b3/0x490 [ 31.134060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.134728] kthread+0x257/0x310 [ 31.135364] ret_from_fork+0x41/0x80 [ 31.135837] ret_from_fork_asm+0x1a/0x30 [ 31.136275] [ 31.136539] The buggy address belongs to the object at ffff888102969600 [ 31.136539] which belongs to the cache kmalloc-64 of size 64 [ 31.137711] The buggy address is located 0 bytes to the right of [ 31.137711] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.139019] [ 31.139329] The buggy address belongs to the physical page: [ 31.139985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.140931] flags: 0x200000000000000(node=0|zone=2) [ 31.141643] page_type: f5(slab) [ 31.142036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.142994] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.143790] page dumped because: kasan: bad access detected [ 31.144452] [ 31.144807] Memory state around the buggy address: [ 31.145411] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.146183] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.146987] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.147677] ^ [ 31.148228] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.149037] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.149846] ================================================================== [ 28.793808] ================================================================== [ 28.794282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 28.795444] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.796574] [ 28.797168] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.798373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.798769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.799582] Call Trace: [ 28.800097] <TASK> [ 28.800353] dump_stack_lvl+0x73/0xb0 [ 28.801670] print_report+0xd1/0x640 [ 28.802371] ? __virt_addr_valid+0x1db/0x2d0 [ 28.802747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.803318] kasan_report+0x102/0x140 [ 28.803744] ? kasan_atomics_helper+0x4a1/0x5450 [ 28.805119] ? kasan_atomics_helper+0x4a1/0x5450 [ 28.805688] kasan_check_range+0x10c/0x1c0 [ 28.806430] __kasan_check_write+0x18/0x20 [ 28.807033] kasan_atomics_helper+0x4a1/0x5450 [ 28.807601] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.808028] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.809242] ? kasan_atomics+0x153/0x310 [ 28.809651] kasan_atomics+0x1dd/0x310 [ 28.810570] ? __pfx_kasan_atomics+0x10/0x10 [ 28.811328] ? __pfx_read_tsc+0x10/0x10 [ 28.811754] ? ktime_get_ts64+0x86/0x230 [ 28.812156] kunit_try_run_case+0x1b3/0x490 [ 28.812669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.813118] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.814071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.814985] ? __kthread_parkme+0x82/0x160 [ 28.815609] ? preempt_count_sub+0x50/0x80 [ 28.816065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.816536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.817641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.819066] kthread+0x257/0x310 [ 28.819968] ? __pfx_kthread+0x10/0x10 [ 28.820550] ret_from_fork+0x41/0x80 [ 28.821735] ? __pfx_kthread+0x10/0x10 [ 28.822145] ret_from_fork_asm+0x1a/0x30 [ 28.822781] </TASK> [ 28.823491] [ 28.823680] Allocated by task 272: [ 28.824041] kasan_save_stack+0x3d/0x60 [ 28.825030] kasan_save_track+0x18/0x40 [ 28.826380] kasan_save_alloc_info+0x3b/0x50 [ 28.827064] __kasan_kmalloc+0xb7/0xc0 [ 28.827728] __kmalloc_cache_noprof+0x184/0x410 [ 28.828721] kasan_atomics+0x96/0x310 [ 28.829123] kunit_try_run_case+0x1b3/0x490 [ 28.829720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.830332] kthread+0x257/0x310 [ 28.831668] ret_from_fork+0x41/0x80 [ 28.831951] ret_from_fork_asm+0x1a/0x30 [ 28.832825] [ 28.833079] The buggy address belongs to the object at ffff888102969600 [ 28.833079] which belongs to the cache kmalloc-64 of size 64 [ 28.835301] The buggy address is located 0 bytes to the right of [ 28.835301] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.836683] [ 28.836971] The buggy address belongs to the physical page: [ 28.837898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.839132] flags: 0x200000000000000(node=0|zone=2) [ 28.840004] page_type: f5(slab) [ 28.840498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.841577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.842734] page dumped because: kasan: bad access detected [ 28.843492] [ 28.843634] Memory state around the buggy address: [ 28.844323] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.845381] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.846350] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.847090] ^ [ 28.847668] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.848376] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.848873] ================================================================== [ 29.319578] ================================================================== [ 29.321301] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 29.322472] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.323908] [ 29.324713] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.325132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.325451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.327746] Call Trace: [ 29.328848] <TASK> [ 29.329293] dump_stack_lvl+0x73/0xb0 [ 29.330007] print_report+0xd1/0x640 [ 29.330682] ? __virt_addr_valid+0x1db/0x2d0 [ 29.331478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.332036] kasan_report+0x102/0x140 [ 29.333221] ? kasan_atomics_helper+0x993/0x5450 [ 29.333714] ? kasan_atomics_helper+0x993/0x5450 [ 29.334818] kasan_check_range+0x10c/0x1c0 [ 29.335242] __kasan_check_write+0x18/0x20 [ 29.336061] kasan_atomics_helper+0x993/0x5450 [ 29.337244] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.337740] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.338523] ? kasan_atomics+0x153/0x310 [ 29.339419] kasan_atomics+0x1dd/0x310 [ 29.340280] ? __pfx_kasan_atomics+0x10/0x10 [ 29.340720] ? __pfx_read_tsc+0x10/0x10 [ 29.341698] ? ktime_get_ts64+0x86/0x230 [ 29.342433] kunit_try_run_case+0x1b3/0x490 [ 29.343036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.343786] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.344299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.345702] ? __kthread_parkme+0x82/0x160 [ 29.346150] ? preempt_count_sub+0x50/0x80 [ 29.347128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.348032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.349309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.350391] kthread+0x257/0x310 [ 29.351363] ? __pfx_kthread+0x10/0x10 [ 29.351961] ret_from_fork+0x41/0x80 [ 29.352542] ? __pfx_kthread+0x10/0x10 [ 29.353871] ret_from_fork_asm+0x1a/0x30 [ 29.354324] </TASK> [ 29.354598] [ 29.355023] Allocated by task 272: [ 29.355525] kasan_save_stack+0x3d/0x60 [ 29.356125] kasan_save_track+0x18/0x40 [ 29.356699] kasan_save_alloc_info+0x3b/0x50 [ 29.357675] __kasan_kmalloc+0xb7/0xc0 [ 29.358099] __kmalloc_cache_noprof+0x184/0x410 [ 29.358510] kasan_atomics+0x96/0x310 [ 29.359231] kunit_try_run_case+0x1b3/0x490 [ 29.359936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.360501] kthread+0x257/0x310 [ 29.361030] ret_from_fork+0x41/0x80 [ 29.361954] ret_from_fork_asm+0x1a/0x30 [ 29.362519] [ 29.362713] The buggy address belongs to the object at ffff888102969600 [ 29.362713] which belongs to the cache kmalloc-64 of size 64 [ 29.364754] The buggy address is located 0 bytes to the right of [ 29.364754] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.366238] [ 29.366429] The buggy address belongs to the physical page: [ 29.367921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.369054] flags: 0x200000000000000(node=0|zone=2) [ 29.369861] page_type: f5(slab) [ 29.370230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.371439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.373135] page dumped because: kasan: bad access detected [ 29.373686] [ 29.373873] Memory state around the buggy address: [ 29.374361] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.375708] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.376555] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.377563] ^ [ 29.378140] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.379681] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.380701] ================================================================== [ 31.683543] ================================================================== [ 31.684515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 31.685283] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.685915] [ 31.686151] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.686882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.687397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.688240] Call Trace: [ 31.688516] <TASK> [ 31.688853] dump_stack_lvl+0x73/0xb0 [ 31.689183] print_report+0xd1/0x640 [ 31.689679] ? __virt_addr_valid+0x1db/0x2d0 [ 31.690275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.690904] kasan_report+0x102/0x140 [ 31.691344] ? kasan_atomics_helper+0x4fa7/0x5450 [ 31.691808] ? kasan_atomics_helper+0x4fa7/0x5450 [ 31.692298] __asan_report_load8_noabort+0x18/0x20 [ 31.692894] kasan_atomics_helper+0x4fa7/0x5450 [ 31.693240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.693874] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.694453] ? kasan_atomics+0x153/0x310 [ 31.694937] kasan_atomics+0x1dd/0x310 [ 31.695384] ? __pfx_kasan_atomics+0x10/0x10 [ 31.695863] ? __pfx_read_tsc+0x10/0x10 [ 31.696165] ? ktime_get_ts64+0x86/0x230 [ 31.696690] kunit_try_run_case+0x1b3/0x490 [ 31.697224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.697600] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.698113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.698777] ? __kthread_parkme+0x82/0x160 [ 31.699115] ? preempt_count_sub+0x50/0x80 [ 31.699661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.700047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.700806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.701352] kthread+0x257/0x310 [ 31.701625] ? __pfx_kthread+0x10/0x10 [ 31.702128] ret_from_fork+0x41/0x80 [ 31.702467] ? __pfx_kthread+0x10/0x10 [ 31.702987] ret_from_fork_asm+0x1a/0x30 [ 31.703490] </TASK> [ 31.704418] [ 31.704634] Allocated by task 272: [ 31.705491] kasan_save_stack+0x3d/0x60 [ 31.705973] kasan_save_track+0x18/0x40 [ 31.706444] kasan_save_alloc_info+0x3b/0x50 [ 31.707200] __kasan_kmalloc+0xb7/0xc0 [ 31.708098] __kmalloc_cache_noprof+0x184/0x410 [ 31.709104] kasan_atomics+0x96/0x310 [ 31.709415] kunit_try_run_case+0x1b3/0x490 [ 31.709614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.710189] kthread+0x257/0x310 [ 31.711044] ret_from_fork+0x41/0x80 [ 31.711346] ret_from_fork_asm+0x1a/0x30 [ 31.711711] [ 31.712398] The buggy address belongs to the object at ffff888102969600 [ 31.712398] which belongs to the cache kmalloc-64 of size 64 [ 31.714059] The buggy address is located 0 bytes to the right of [ 31.714059] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.715456] [ 31.715667] The buggy address belongs to the physical page: [ 31.716916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.717703] flags: 0x200000000000000(node=0|zone=2) [ 31.718548] page_type: f5(slab) [ 31.718817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.719615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.720951] page dumped because: kasan: bad access detected [ 31.721628] [ 31.721781] Memory state around the buggy address: [ 31.722973] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.723667] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.724952] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.725765] ^ [ 31.726452] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.727571] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.728548] ================================================================== [ 31.202700] ================================================================== [ 31.203147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 31.204959] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.206191] [ 31.206406] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.207998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.208438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.209727] Call Trace: [ 31.210062] <TASK> [ 31.210349] dump_stack_lvl+0x73/0xb0 [ 31.210834] print_report+0xd1/0x640 [ 31.211243] ? __virt_addr_valid+0x1db/0x2d0 [ 31.211883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.212351] kasan_report+0x102/0x140 [ 31.213029] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.213780] ? kasan_atomics_helper+0x1d7b/0x5450 [ 31.214355] kasan_check_range+0x10c/0x1c0 [ 31.214978] __kasan_check_write+0x18/0x20 [ 31.215492] kasan_atomics_helper+0x1d7b/0x5450 [ 31.216043] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.216504] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.217220] ? kasan_atomics+0x153/0x310 [ 31.217794] kasan_atomics+0x1dd/0x310 [ 31.218247] ? __pfx_kasan_atomics+0x10/0x10 [ 31.218678] ? __pfx_read_tsc+0x10/0x10 [ 31.219338] ? ktime_get_ts64+0x86/0x230 [ 31.219935] kunit_try_run_case+0x1b3/0x490 [ 31.220556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.221229] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.221624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.222495] ? __kthread_parkme+0x82/0x160 [ 31.223012] ? preempt_count_sub+0x50/0x80 [ 31.223657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.224100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.224982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.225604] kthread+0x257/0x310 [ 31.226168] ? __pfx_kthread+0x10/0x10 [ 31.226644] ret_from_fork+0x41/0x80 [ 31.227206] ? __pfx_kthread+0x10/0x10 [ 31.227623] ret_from_fork_asm+0x1a/0x30 [ 31.228286] </TASK> [ 31.228611] [ 31.229017] Allocated by task 272: [ 31.229400] kasan_save_stack+0x3d/0x60 [ 31.229974] kasan_save_track+0x18/0x40 [ 31.230486] kasan_save_alloc_info+0x3b/0x50 [ 31.230955] __kasan_kmalloc+0xb7/0xc0 [ 31.231519] __kmalloc_cache_noprof+0x184/0x410 [ 31.232010] kasan_atomics+0x96/0x310 [ 31.232389] kunit_try_run_case+0x1b3/0x490 [ 31.232854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.233467] kthread+0x257/0x310 [ 31.233808] ret_from_fork+0x41/0x80 [ 31.234154] ret_from_fork_asm+0x1a/0x30 [ 31.234721] [ 31.235031] The buggy address belongs to the object at ffff888102969600 [ 31.235031] which belongs to the cache kmalloc-64 of size 64 [ 31.236148] The buggy address is located 0 bytes to the right of [ 31.236148] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.237248] [ 31.237523] The buggy address belongs to the physical page: [ 31.238163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.238665] flags: 0x200000000000000(node=0|zone=2) [ 31.239424] page_type: f5(slab) [ 31.239956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.241433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.242189] page dumped because: kasan: bad access detected [ 31.243085] [ 31.243444] Memory state around the buggy address: [ 31.243699] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.244126] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.245047] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.245954] ^ [ 31.246168] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.246656] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.247495] ================================================================== [ 28.850038] ================================================================== [ 28.851840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 28.853525] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.854232] [ 28.855199] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.856448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.857190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.858193] Call Trace: [ 28.858560] <TASK> [ 28.859825] dump_stack_lvl+0x73/0xb0 [ 28.860782] print_report+0xd1/0x640 [ 28.861214] ? __virt_addr_valid+0x1db/0x2d0 [ 28.861771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.862384] kasan_report+0x102/0x140 [ 28.862809] ? kasan_atomics_helper+0x4b3c/0x5450 [ 28.863331] ? kasan_atomics_helper+0x4b3c/0x5450 [ 28.864741] __asan_report_store4_noabort+0x1b/0x30 [ 28.865234] kasan_atomics_helper+0x4b3c/0x5450 [ 28.865641] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.866829] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.867861] ? kasan_atomics+0x153/0x310 [ 28.868287] kasan_atomics+0x1dd/0x310 [ 28.868783] ? __pfx_kasan_atomics+0x10/0x10 [ 28.869683] ? __pfx_read_tsc+0x10/0x10 [ 28.870765] ? ktime_get_ts64+0x86/0x230 [ 28.871217] kunit_try_run_case+0x1b3/0x490 [ 28.871726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.872216] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.873777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.874296] ? __kthread_parkme+0x82/0x160 [ 28.874863] ? preempt_count_sub+0x50/0x80 [ 28.876042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.876475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.877198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.878515] kthread+0x257/0x310 [ 28.878969] ? __pfx_kthread+0x10/0x10 [ 28.879277] ret_from_fork+0x41/0x80 [ 28.879748] ? __pfx_kthread+0x10/0x10 [ 28.880279] ret_from_fork_asm+0x1a/0x30 [ 28.880670] </TASK> [ 28.881608] [ 28.881886] Allocated by task 272: [ 28.882147] kasan_save_stack+0x3d/0x60 [ 28.882938] kasan_save_track+0x18/0x40 [ 28.883515] kasan_save_alloc_info+0x3b/0x50 [ 28.884525] __kasan_kmalloc+0xb7/0xc0 [ 28.885030] __kmalloc_cache_noprof+0x184/0x410 [ 28.885964] kasan_atomics+0x96/0x310 [ 28.886528] kunit_try_run_case+0x1b3/0x490 [ 28.887206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.887990] kthread+0x257/0x310 [ 28.889330] ret_from_fork+0x41/0x80 [ 28.889605] ret_from_fork_asm+0x1a/0x30 [ 28.890249] [ 28.890719] The buggy address belongs to the object at ffff888102969600 [ 28.890719] which belongs to the cache kmalloc-64 of size 64 [ 28.891389] The buggy address is located 0 bytes to the right of [ 28.891389] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.892693] [ 28.892993] The buggy address belongs to the physical page: [ 28.893872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.895511] flags: 0x200000000000000(node=0|zone=2) [ 28.895959] page_type: f5(slab) [ 28.896712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.897640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.898515] page dumped because: kasan: bad access detected [ 28.899503] [ 28.899669] Memory state around the buggy address: [ 28.900166] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.901002] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.901846] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.902674] ^ [ 28.903942] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.904876] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.905983] ================================================================== [ 30.529725] ================================================================== [ 30.531586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 30.533207] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.534121] [ 30.534456] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.536376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.537055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.537788] Call Trace: [ 30.538145] <TASK> [ 30.538487] dump_stack_lvl+0x73/0xb0 [ 30.538834] print_report+0xd1/0x640 [ 30.539330] ? __virt_addr_valid+0x1db/0x2d0 [ 30.539987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.540446] kasan_report+0x102/0x140 [ 30.540911] ? kasan_atomics_helper+0x151e/0x5450 [ 30.541396] ? kasan_atomics_helper+0x151e/0x5450 [ 30.542456] kasan_check_range+0x10c/0x1c0 [ 30.542852] __kasan_check_write+0x18/0x20 [ 30.543543] kasan_atomics_helper+0x151e/0x5450 [ 30.544250] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.544729] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.545736] ? kasan_atomics+0x153/0x310 [ 30.546362] kasan_atomics+0x1dd/0x310 [ 30.546792] ? __pfx_kasan_atomics+0x10/0x10 [ 30.547496] ? __pfx_read_tsc+0x10/0x10 [ 30.548307] ? ktime_get_ts64+0x86/0x230 [ 30.548976] kunit_try_run_case+0x1b3/0x490 [ 30.549621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.550378] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.551278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.551748] ? __kthread_parkme+0x82/0x160 [ 30.552304] ? preempt_count_sub+0x50/0x80 [ 30.552777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.553296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.553845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.554493] kthread+0x257/0x310 [ 30.554955] ? __pfx_kthread+0x10/0x10 [ 30.555324] ret_from_fork+0x41/0x80 [ 30.555715] ? __pfx_kthread+0x10/0x10 [ 30.556172] ret_from_fork_asm+0x1a/0x30 [ 30.556516] </TASK> [ 30.556977] [ 30.557316] Allocated by task 272: [ 30.557698] kasan_save_stack+0x3d/0x60 [ 30.558287] kasan_save_track+0x18/0x40 [ 30.558712] kasan_save_alloc_info+0x3b/0x50 [ 30.559204] __kasan_kmalloc+0xb7/0xc0 [ 30.559515] __kmalloc_cache_noprof+0x184/0x410 [ 30.559870] kasan_atomics+0x96/0x310 [ 30.560347] kunit_try_run_case+0x1b3/0x490 [ 30.560872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.561546] kthread+0x257/0x310 [ 30.562073] ret_from_fork+0x41/0x80 [ 30.562378] ret_from_fork_asm+0x1a/0x30 [ 30.563063] [ 30.563251] The buggy address belongs to the object at ffff888102969600 [ 30.563251] which belongs to the cache kmalloc-64 of size 64 [ 30.564089] The buggy address is located 0 bytes to the right of [ 30.564089] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.565334] [ 30.565616] The buggy address belongs to the physical page: [ 30.566317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.567019] flags: 0x200000000000000(node=0|zone=2) [ 30.567624] page_type: f5(slab) [ 30.568000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.569095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.569616] page dumped because: kasan: bad access detected [ 30.570166] [ 30.570476] Memory state around the buggy address: [ 30.571226] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.572897] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.573559] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.574436] ^ [ 30.575115] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.575686] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.576543] ================================================================== [ 31.780920] ================================================================== [ 31.781476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 31.782497] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.783320] [ 31.783555] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.784490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.785096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.785827] Call Trace: [ 31.786522] <TASK> [ 31.787816] dump_stack_lvl+0x73/0xb0 [ 31.788298] print_report+0xd1/0x640 [ 31.789684] ? __virt_addr_valid+0x1db/0x2d0 [ 31.790106] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.790878] kasan_report+0x102/0x140 [ 31.791455] ? kasan_atomics_helper+0x5117/0x5450 [ 31.792189] ? kasan_atomics_helper+0x5117/0x5450 [ 31.792917] __asan_report_load8_noabort+0x18/0x20 [ 31.793628] kasan_atomics_helper+0x5117/0x5450 [ 31.794590] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.795090] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.795802] ? kasan_atomics+0x153/0x310 [ 31.796460] kasan_atomics+0x1dd/0x310 [ 31.797070] ? __pfx_kasan_atomics+0x10/0x10 [ 31.797688] ? __pfx_read_tsc+0x10/0x10 [ 31.798642] ? ktime_get_ts64+0x86/0x230 [ 31.799122] kunit_try_run_case+0x1b3/0x490 [ 31.799584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.800332] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.801019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.801672] ? __kthread_parkme+0x82/0x160 [ 31.802491] ? preempt_count_sub+0x50/0x80 [ 31.802911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.803553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.804335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.805076] kthread+0x257/0x310 [ 31.805650] ? __pfx_kthread+0x10/0x10 [ 31.806315] ret_from_fork+0x41/0x80 [ 31.806694] ? __pfx_kthread+0x10/0x10 [ 31.807651] ret_from_fork_asm+0x1a/0x30 [ 31.808162] </TASK> [ 31.808464] [ 31.808677] Allocated by task 272: [ 31.809451] kasan_save_stack+0x3d/0x60 [ 31.809732] kasan_save_track+0x18/0x40 [ 31.810529] kasan_save_alloc_info+0x3b/0x50 [ 31.811195] __kasan_kmalloc+0xb7/0xc0 [ 31.811607] __kmalloc_cache_noprof+0x184/0x410 [ 31.812510] kasan_atomics+0x96/0x310 [ 31.813107] kunit_try_run_case+0x1b3/0x490 [ 31.813547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.814577] kthread+0x257/0x310 [ 31.814931] ret_from_fork+0x41/0x80 [ 31.815445] ret_from_fork_asm+0x1a/0x30 [ 31.816234] [ 31.816566] The buggy address belongs to the object at ffff888102969600 [ 31.816566] which belongs to the cache kmalloc-64 of size 64 [ 31.818216] The buggy address is located 0 bytes to the right of [ 31.818216] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.819843] [ 31.820310] The buggy address belongs to the physical page: [ 31.820780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.822073] flags: 0x200000000000000(node=0|zone=2) [ 31.822807] page_type: f5(slab) [ 31.823375] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.824480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.825525] page dumped because: kasan: bad access detected [ 31.825975] [ 31.826641] Memory state around the buggy address: [ 31.827386] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.828396] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.829432] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.830101] ^ [ 31.830823] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.831492] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.832657] ================================================================== [ 29.023971] ================================================================== [ 29.024652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 29.025342] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.026714] [ 29.027226] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.028996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.029739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.031209] Call Trace: [ 29.031444] <TASK> [ 29.031763] dump_stack_lvl+0x73/0xb0 [ 29.032178] print_report+0xd1/0x640 [ 29.033417] ? __virt_addr_valid+0x1db/0x2d0 [ 29.034179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.035413] kasan_report+0x102/0x140 [ 29.035806] ? kasan_atomics_helper+0x698/0x5450 [ 29.037067] ? kasan_atomics_helper+0x698/0x5450 [ 29.037678] kasan_check_range+0x10c/0x1c0 [ 29.038939] __kasan_check_write+0x18/0x20 [ 29.040073] kasan_atomics_helper+0x698/0x5450 [ 29.040591] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.041217] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.041970] ? kasan_atomics+0x153/0x310 [ 29.042748] kasan_atomics+0x1dd/0x310 [ 29.043144] ? __pfx_kasan_atomics+0x10/0x10 [ 29.044250] ? __pfx_read_tsc+0x10/0x10 [ 29.044652] ? ktime_get_ts64+0x86/0x230 [ 29.045171] kunit_try_run_case+0x1b3/0x490 [ 29.046107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.047307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.047787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.048858] ? __kthread_parkme+0x82/0x160 [ 29.049450] ? preempt_count_sub+0x50/0x80 [ 29.050417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.051466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.052096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.053294] kthread+0x257/0x310 [ 29.053679] ? __pfx_kthread+0x10/0x10 [ 29.054852] ret_from_fork+0x41/0x80 [ 29.055073] ? __pfx_kthread+0x10/0x10 [ 29.056051] ret_from_fork_asm+0x1a/0x30 [ 29.056747] </TASK> [ 29.057062] [ 29.057721] Allocated by task 272: [ 29.058908] kasan_save_stack+0x3d/0x60 [ 29.059249] kasan_save_track+0x18/0x40 [ 29.060369] kasan_save_alloc_info+0x3b/0x50 [ 29.060814] __kasan_kmalloc+0xb7/0xc0 [ 29.061185] __kmalloc_cache_noprof+0x184/0x410 [ 29.061614] kasan_atomics+0x96/0x310 [ 29.062040] kunit_try_run_case+0x1b3/0x490 [ 29.062989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.063854] kthread+0x257/0x310 [ 29.064109] ret_from_fork+0x41/0x80 [ 29.064711] ret_from_fork_asm+0x1a/0x30 [ 29.065328] [ 29.065567] The buggy address belongs to the object at ffff888102969600 [ 29.065567] which belongs to the cache kmalloc-64 of size 64 [ 29.067054] The buggy address is located 0 bytes to the right of [ 29.067054] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.068676] [ 29.068923] The buggy address belongs to the physical page: [ 29.069559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.070223] flags: 0x200000000000000(node=0|zone=2) [ 29.070683] page_type: f5(slab) [ 29.071098] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.072142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.073002] page dumped because: kasan: bad access detected [ 29.073650] [ 29.073898] Memory state around the buggy address: [ 29.074584] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.075696] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.076512] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.077437] ^ [ 29.078482] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.079595] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.080516] ================================================================== [ 29.773609] ================================================================== [ 29.775794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 29.776546] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.778067] [ 29.778348] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.779499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.780220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.781218] Call Trace: [ 29.781471] <TASK> [ 29.781993] dump_stack_lvl+0x73/0xb0 [ 29.782504] print_report+0xd1/0x640 [ 29.782871] ? __virt_addr_valid+0x1db/0x2d0 [ 29.783310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.784350] kasan_report+0x102/0x140 [ 29.784786] ? kasan_atomics_helper+0xf11/0x5450 [ 29.785461] ? kasan_atomics_helper+0xf11/0x5450 [ 29.785692] kasan_check_range+0x10c/0x1c0 [ 29.786031] __kasan_check_write+0x18/0x20 [ 29.786623] kasan_atomics_helper+0xf11/0x5450 [ 29.787167] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.788012] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.788599] ? kasan_atomics+0x153/0x310 [ 29.789355] kasan_atomics+0x1dd/0x310 [ 29.790368] ? __pfx_kasan_atomics+0x10/0x10 [ 29.790888] ? __pfx_read_tsc+0x10/0x10 [ 29.791348] ? ktime_get_ts64+0x86/0x230 [ 29.791864] kunit_try_run_case+0x1b3/0x490 [ 29.792417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.792875] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.793546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.794143] ? __kthread_parkme+0x82/0x160 [ 29.794673] ? preempt_count_sub+0x50/0x80 [ 29.795483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.796441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.797322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.797774] kthread+0x257/0x310 [ 29.798384] ? __pfx_kthread+0x10/0x10 [ 29.799073] ret_from_fork+0x41/0x80 [ 29.799471] ? __pfx_kthread+0x10/0x10 [ 29.800289] ret_from_fork_asm+0x1a/0x30 [ 29.801072] </TASK> [ 29.801365] [ 29.801558] Allocated by task 272: [ 29.802537] kasan_save_stack+0x3d/0x60 [ 29.803174] kasan_save_track+0x18/0x40 [ 29.803650] kasan_save_alloc_info+0x3b/0x50 [ 29.804425] __kasan_kmalloc+0xb7/0xc0 [ 29.804796] __kmalloc_cache_noprof+0x184/0x410 [ 29.805386] kasan_atomics+0x96/0x310 [ 29.806109] kunit_try_run_case+0x1b3/0x490 [ 29.806586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.807555] kthread+0x257/0x310 [ 29.808336] ret_from_fork+0x41/0x80 [ 29.809068] ret_from_fork_asm+0x1a/0x30 [ 29.809657] [ 29.810035] The buggy address belongs to the object at ffff888102969600 [ 29.810035] which belongs to the cache kmalloc-64 of size 64 [ 29.812005] The buggy address is located 0 bytes to the right of [ 29.812005] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.813546] [ 29.813788] The buggy address belongs to the physical page: [ 29.814824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.815702] flags: 0x200000000000000(node=0|zone=2) [ 29.816436] page_type: f5(slab) [ 29.816824] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.817959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.818608] page dumped because: kasan: bad access detected [ 29.819676] [ 29.819886] Memory state around the buggy address: [ 29.820195] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.821594] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.822440] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.823379] ^ [ 29.824186] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.825342] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.825996] ================================================================== [ 28.907313] ================================================================== [ 28.909199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 28.910075] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.911315] [ 28.911738] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.912785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.913197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.914507] Call Trace: [ 28.914878] <TASK> [ 28.915287] dump_stack_lvl+0x73/0xb0 [ 28.915761] print_report+0xd1/0x640 [ 28.916335] ? __virt_addr_valid+0x1db/0x2d0 [ 28.917000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.917813] kasan_report+0x102/0x140 [ 28.918614] ? kasan_atomics_helper+0x566/0x5450 [ 28.919224] ? kasan_atomics_helper+0x566/0x5450 [ 28.920055] kasan_check_range+0x10c/0x1c0 [ 28.920680] __kasan_check_write+0x18/0x20 [ 28.921471] kasan_atomics_helper+0x566/0x5450 [ 28.922189] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.923496] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.924051] ? kasan_atomics+0x153/0x310 [ 28.924700] kasan_atomics+0x1dd/0x310 [ 28.925072] ? __pfx_kasan_atomics+0x10/0x10 [ 28.925708] ? __pfx_read_tsc+0x10/0x10 [ 28.926835] ? ktime_get_ts64+0x86/0x230 [ 28.927493] kunit_try_run_case+0x1b3/0x490 [ 28.928025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.928786] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.929142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.930007] ? __kthread_parkme+0x82/0x160 [ 28.930635] ? preempt_count_sub+0x50/0x80 [ 28.931773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.932743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.933635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.934294] kthread+0x257/0x310 [ 28.934703] ? __pfx_kthread+0x10/0x10 [ 28.935344] ret_from_fork+0x41/0x80 [ 28.936240] ? __pfx_kthread+0x10/0x10 [ 28.936749] ret_from_fork_asm+0x1a/0x30 [ 28.937451] </TASK> [ 28.937706] [ 28.938064] Allocated by task 272: [ 28.938755] kasan_save_stack+0x3d/0x60 [ 28.939196] kasan_save_track+0x18/0x40 [ 28.940155] kasan_save_alloc_info+0x3b/0x50 [ 28.940690] __kasan_kmalloc+0xb7/0xc0 [ 28.941289] __kmalloc_cache_noprof+0x184/0x410 [ 28.941613] kasan_atomics+0x96/0x310 [ 28.942183] kunit_try_run_case+0x1b3/0x490 [ 28.943065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.944413] kthread+0x257/0x310 [ 28.944739] ret_from_fork+0x41/0x80 [ 28.945148] ret_from_fork_asm+0x1a/0x30 [ 28.945557] [ 28.945764] The buggy address belongs to the object at ffff888102969600 [ 28.945764] which belongs to the cache kmalloc-64 of size 64 [ 28.946901] The buggy address is located 0 bytes to the right of [ 28.946901] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.948171] [ 28.948695] The buggy address belongs to the physical page: [ 28.949592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.951020] flags: 0x200000000000000(node=0|zone=2) [ 28.951796] page_type: f5(slab) [ 28.952365] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.953191] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.954521] page dumped because: kasan: bad access detected [ 28.955543] [ 28.955804] Memory state around the buggy address: [ 28.956422] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.957249] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.958593] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.959509] ^ [ 28.959897] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.960732] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.962119] ================================================================== [ 30.310231] ================================================================== [ 30.311515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 30.311987] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.313544] [ 30.314191] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.315112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.315686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.316712] Call Trace: [ 30.317044] <TASK> [ 30.317370] dump_stack_lvl+0x73/0xb0 [ 30.317801] print_report+0xd1/0x640 [ 30.318188] ? __virt_addr_valid+0x1db/0x2d0 [ 30.318648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.319175] kasan_report+0x102/0x140 [ 30.320277] ? kasan_atomics_helper+0x13b6/0x5450 [ 30.321344] ? kasan_atomics_helper+0x13b6/0x5450 [ 30.322181] kasan_check_range+0x10c/0x1c0 [ 30.322634] __kasan_check_read+0x15/0x20 [ 30.323431] kasan_atomics_helper+0x13b6/0x5450 [ 30.324153] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.325224] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.325714] ? kasan_atomics+0x153/0x310 [ 30.326378] kasan_atomics+0x1dd/0x310 [ 30.326833] ? __pfx_kasan_atomics+0x10/0x10 [ 30.327577] ? __pfx_read_tsc+0x10/0x10 [ 30.328185] ? ktime_get_ts64+0x86/0x230 [ 30.328800] kunit_try_run_case+0x1b3/0x490 [ 30.329484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.330550] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.331511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.332160] ? __kthread_parkme+0x82/0x160 [ 30.332637] ? preempt_count_sub+0x50/0x80 [ 30.333329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.334327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.335112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.335809] kthread+0x257/0x310 [ 30.336381] ? __pfx_kthread+0x10/0x10 [ 30.337474] ret_from_fork+0x41/0x80 [ 30.338221] ? __pfx_kthread+0x10/0x10 [ 30.338661] ret_from_fork_asm+0x1a/0x30 [ 30.339371] </TASK> [ 30.339596] [ 30.339847] Allocated by task 272: [ 30.340666] kasan_save_stack+0x3d/0x60 [ 30.340951] kasan_save_track+0x18/0x40 [ 30.341588] kasan_save_alloc_info+0x3b/0x50 [ 30.342111] __kasan_kmalloc+0xb7/0xc0 [ 30.342925] __kmalloc_cache_noprof+0x184/0x410 [ 30.343484] kasan_atomics+0x96/0x310 [ 30.344355] kunit_try_run_case+0x1b3/0x490 [ 30.344692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.345535] kthread+0x257/0x310 [ 30.346134] ret_from_fork+0x41/0x80 [ 30.346601] ret_from_fork_asm+0x1a/0x30 [ 30.347457] [ 30.347624] The buggy address belongs to the object at ffff888102969600 [ 30.347624] which belongs to the cache kmalloc-64 of size 64 [ 30.349549] The buggy address is located 0 bytes to the right of [ 30.349549] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.351019] [ 30.351190] The buggy address belongs to the physical page: [ 30.352006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.353239] flags: 0x200000000000000(node=0|zone=2) [ 30.353981] page_type: f5(slab) [ 30.354301] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.355233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.356192] page dumped because: kasan: bad access detected [ 30.356593] [ 30.357280] Memory state around the buggy address: [ 30.357943] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.358713] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.359547] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.360766] ^ [ 30.361589] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.362738] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.363478] ================================================================== [ 30.114880] ================================================================== [ 30.115543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 30.116139] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.116789] [ 30.117062] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.117705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.118239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.119008] Call Trace: [ 30.119228] <TASK> [ 30.119584] dump_stack_lvl+0x73/0xb0 [ 30.120231] print_report+0xd1/0x640 [ 30.120600] ? __virt_addr_valid+0x1db/0x2d0 [ 30.121292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.121761] kasan_report+0x102/0x140 [ 30.122109] ? kasan_atomics_helper+0x1218/0x5450 [ 30.122575] ? kasan_atomics_helper+0x1218/0x5450 [ 30.122998] kasan_check_range+0x10c/0x1c0 [ 30.123701] __kasan_check_write+0x18/0x20 [ 30.124014] kasan_atomics_helper+0x1218/0x5450 [ 30.124438] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.125293] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.125900] ? kasan_atomics+0x153/0x310 [ 30.126251] kasan_atomics+0x1dd/0x310 [ 30.126623] ? __pfx_kasan_atomics+0x10/0x10 [ 30.127207] ? __pfx_read_tsc+0x10/0x10 [ 30.127638] ? ktime_get_ts64+0x86/0x230 [ 30.128227] kunit_try_run_case+0x1b3/0x490 [ 30.128564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.128885] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.129214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.129860] ? __kthread_parkme+0x82/0x160 [ 30.130432] ? preempt_count_sub+0x50/0x80 [ 30.131290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.131728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.132241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.132619] kthread+0x257/0x310 [ 30.133346] ? __pfx_kthread+0x10/0x10 [ 30.133689] ret_from_fork+0x41/0x80 [ 30.134169] ? __pfx_kthread+0x10/0x10 [ 30.134571] ret_from_fork_asm+0x1a/0x30 [ 30.135097] </TASK> [ 30.135352] [ 30.135532] Allocated by task 272: [ 30.135772] kasan_save_stack+0x3d/0x60 [ 30.136064] kasan_save_track+0x18/0x40 [ 30.136454] kasan_save_alloc_info+0x3b/0x50 [ 30.137010] __kasan_kmalloc+0xb7/0xc0 [ 30.137727] __kmalloc_cache_noprof+0x184/0x410 [ 30.138491] kasan_atomics+0x96/0x310 [ 30.138765] kunit_try_run_case+0x1b3/0x490 [ 30.139223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.141468] kthread+0x257/0x310 [ 30.141818] ret_from_fork+0x41/0x80 [ 30.142270] ret_from_fork_asm+0x1a/0x30 [ 30.142586] [ 30.142752] The buggy address belongs to the object at ffff888102969600 [ 30.142752] which belongs to the cache kmalloc-64 of size 64 [ 30.145004] The buggy address is located 0 bytes to the right of [ 30.145004] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.147918] [ 30.148202] The buggy address belongs to the physical page: [ 30.148624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.150861] flags: 0x200000000000000(node=0|zone=2) [ 30.151461] page_type: f5(slab) [ 30.151715] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.152397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.153101] page dumped because: kasan: bad access detected [ 30.153591] [ 30.153874] Memory state around the buggy address: [ 30.154226] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.154930] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.155389] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.156106] ^ [ 30.156662] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.157362] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.157862] ================================================================== [ 30.421890] ================================================================== [ 30.423302] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 30.424290] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.426274] [ 30.426493] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.427681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.428458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.429538] Call Trace: [ 30.430379] <TASK> [ 30.430615] dump_stack_lvl+0x73/0xb0 [ 30.431040] print_report+0xd1/0x640 [ 30.431741] ? __virt_addr_valid+0x1db/0x2d0 [ 30.432345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.433304] kasan_report+0x102/0x140 [ 30.433762] ? kasan_atomics_helper+0x1468/0x5450 [ 30.434248] ? kasan_atomics_helper+0x1468/0x5450 [ 30.434667] kasan_check_range+0x10c/0x1c0 [ 30.435288] __kasan_check_write+0x18/0x20 [ 30.435882] kasan_atomics_helper+0x1468/0x5450 [ 30.436395] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.437174] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.438345] ? kasan_atomics+0x153/0x310 [ 30.438646] kasan_atomics+0x1dd/0x310 [ 30.439221] ? __pfx_kasan_atomics+0x10/0x10 [ 30.439707] ? __pfx_read_tsc+0x10/0x10 [ 30.440354] ? ktime_get_ts64+0x86/0x230 [ 30.441132] kunit_try_run_case+0x1b3/0x490 [ 30.441685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.442637] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.443420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.443802] ? __kthread_parkme+0x82/0x160 [ 30.444370] ? preempt_count_sub+0x50/0x80 [ 30.445308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.446143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.447006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.447593] kthread+0x257/0x310 [ 30.447946] ? __pfx_kthread+0x10/0x10 [ 30.448455] ret_from_fork+0x41/0x80 [ 30.449002] ? __pfx_kthread+0x10/0x10 [ 30.449532] ret_from_fork_asm+0x1a/0x30 [ 30.450087] </TASK> [ 30.450405] [ 30.450699] Allocated by task 272: [ 30.451153] kasan_save_stack+0x3d/0x60 [ 30.451747] kasan_save_track+0x18/0x40 [ 30.452817] kasan_save_alloc_info+0x3b/0x50 [ 30.453492] __kasan_kmalloc+0xb7/0xc0 [ 30.454404] __kmalloc_cache_noprof+0x184/0x410 [ 30.455206] kasan_atomics+0x96/0x310 [ 30.455477] kunit_try_run_case+0x1b3/0x490 [ 30.456755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.457285] kthread+0x257/0x310 [ 30.457655] ret_from_fork+0x41/0x80 [ 30.458355] ret_from_fork_asm+0x1a/0x30 [ 30.459305] [ 30.459495] The buggy address belongs to the object at ffff888102969600 [ 30.459495] which belongs to the cache kmalloc-64 of size 64 [ 30.461290] The buggy address is located 0 bytes to the right of [ 30.461290] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.462789] [ 30.463001] The buggy address belongs to the physical page: [ 30.463549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.464751] flags: 0x200000000000000(node=0|zone=2) [ 30.465371] page_type: f5(slab) [ 30.465726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.467067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.467836] page dumped because: kasan: bad access detected [ 30.468602] [ 30.468900] Memory state around the buggy address: [ 30.469202] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.470172] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.471376] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.472321] ^ [ 30.472981] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.473485] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.474215] ================================================================== [ 28.963180] ================================================================== [ 28.963992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 28.964755] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.966173] [ 28.966386] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.967741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.968461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.970132] Call Trace: [ 28.970988] <TASK> [ 28.971389] dump_stack_lvl+0x73/0xb0 [ 28.972489] print_report+0xd1/0x640 [ 28.972964] ? __virt_addr_valid+0x1db/0x2d0 [ 28.973859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.974409] kasan_report+0x102/0x140 [ 28.974833] ? kasan_atomics_helper+0x5ff/0x5450 [ 28.975944] ? kasan_atomics_helper+0x5ff/0x5450 [ 28.976802] kasan_check_range+0x10c/0x1c0 [ 28.977877] __kasan_check_write+0x18/0x20 [ 28.978284] kasan_atomics_helper+0x5ff/0x5450 [ 28.979244] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.979937] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.980575] ? kasan_atomics+0x153/0x310 [ 28.981843] kasan_atomics+0x1dd/0x310 [ 28.982215] ? __pfx_kasan_atomics+0x10/0x10 [ 28.983101] ? __pfx_read_tsc+0x10/0x10 [ 28.983788] ? ktime_get_ts64+0x86/0x230 [ 28.984806] kunit_try_run_case+0x1b3/0x490 [ 28.985722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.986614] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.987151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.988341] ? __kthread_parkme+0x82/0x160 [ 28.988808] ? preempt_count_sub+0x50/0x80 [ 28.989184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.989746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.990504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.991540] kthread+0x257/0x310 [ 28.991819] ? __pfx_kthread+0x10/0x10 [ 28.992424] ret_from_fork+0x41/0x80 [ 28.992938] ? __pfx_kthread+0x10/0x10 [ 28.993594] ret_from_fork_asm+0x1a/0x30 [ 28.994422] </TASK> [ 28.994631] [ 28.995136] Allocated by task 272: [ 28.996451] kasan_save_stack+0x3d/0x60 [ 28.997020] kasan_save_track+0x18/0x40 [ 28.997686] kasan_save_alloc_info+0x3b/0x50 [ 28.998430] __kasan_kmalloc+0xb7/0xc0 [ 28.999158] __kmalloc_cache_noprof+0x184/0x410 [ 29.000177] kasan_atomics+0x96/0x310 [ 29.000717] kunit_try_run_case+0x1b3/0x490 [ 29.001694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.002336] kthread+0x257/0x310 [ 29.003178] ret_from_fork+0x41/0x80 [ 29.003983] ret_from_fork_asm+0x1a/0x30 [ 29.004421] [ 29.004630] The buggy address belongs to the object at ffff888102969600 [ 29.004630] which belongs to the cache kmalloc-64 of size 64 [ 29.006583] The buggy address is located 0 bytes to the right of [ 29.006583] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.008443] [ 29.008669] The buggy address belongs to the physical page: [ 29.009161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.011056] flags: 0x200000000000000(node=0|zone=2) [ 29.011391] page_type: f5(slab) [ 29.011826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.012572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.013420] page dumped because: kasan: bad access detected [ 29.014079] [ 29.014857] Memory state around the buggy address: [ 29.015762] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.016705] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.018039] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.019034] ^ [ 29.019764] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.021010] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.022705] ================================================================== [ 28.503039] ================================================================== [ 28.503912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 28.504621] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.505454] [ 28.505915] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.507121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.507526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.508622] Call Trace: [ 28.508897] <TASK> [ 28.509193] dump_stack_lvl+0x73/0xb0 [ 28.509699] print_report+0xd1/0x640 [ 28.510192] ? __virt_addr_valid+0x1db/0x2d0 [ 28.510557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.511146] kasan_report+0x102/0x140 [ 28.511753] ? kasan_atomics_helper+0x4ba4/0x5450 [ 28.512200] ? kasan_atomics_helper+0x4ba4/0x5450 [ 28.512765] __asan_report_store4_noabort+0x1b/0x30 [ 28.513321] kasan_atomics_helper+0x4ba4/0x5450 [ 28.513763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.514331] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.514974] ? kasan_atomics+0x153/0x310 [ 28.516152] kasan_atomics+0x1dd/0x310 [ 28.516548] ? __pfx_kasan_atomics+0x10/0x10 [ 28.516853] ? __pfx_read_tsc+0x10/0x10 [ 28.517677] ? ktime_get_ts64+0x86/0x230 [ 28.517983] kunit_try_run_case+0x1b3/0x490 [ 28.518760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.519469] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.520023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.520408] ? __kthread_parkme+0x82/0x160 [ 28.520892] ? preempt_count_sub+0x50/0x80 [ 28.521852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.522443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.523008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.523394] kthread+0x257/0x310 [ 28.523858] ? __pfx_kthread+0x10/0x10 [ 28.525167] ret_from_fork+0x41/0x80 [ 28.525494] ? __pfx_kthread+0x10/0x10 [ 28.525967] ret_from_fork_asm+0x1a/0x30 [ 28.526427] </TASK> [ 28.526752] [ 28.527366] Allocated by task 272: [ 28.527778] kasan_save_stack+0x3d/0x60 [ 28.528089] kasan_save_track+0x18/0x40 [ 28.528395] kasan_save_alloc_info+0x3b/0x50 [ 28.528946] __kasan_kmalloc+0xb7/0xc0 [ 28.529453] __kmalloc_cache_noprof+0x184/0x410 [ 28.530512] kasan_atomics+0x96/0x310 [ 28.530833] kunit_try_run_case+0x1b3/0x490 [ 28.531126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.531912] kthread+0x257/0x310 [ 28.532438] ret_from_fork+0x41/0x80 [ 28.532939] ret_from_fork_asm+0x1a/0x30 [ 28.533418] [ 28.533616] The buggy address belongs to the object at ffff888102969600 [ 28.533616] which belongs to the cache kmalloc-64 of size 64 [ 28.534697] The buggy address is located 0 bytes to the right of [ 28.534697] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.535797] [ 28.535959] The buggy address belongs to the physical page: [ 28.536738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.537891] flags: 0x200000000000000(node=0|zone=2) [ 28.538218] page_type: f5(slab) [ 28.538511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.539363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.540183] page dumped because: kasan: bad access detected [ 28.540712] [ 28.540920] Memory state around the buggy address: [ 28.541875] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.542539] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.543180] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.543861] ^ [ 28.544170] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.545531] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.546430] ================================================================== [ 29.982334] ================================================================== [ 29.982885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 29.984943] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.985737] [ 29.986499] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.987527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.988270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.989390] Call Trace: [ 29.989938] <TASK> [ 29.990326] dump_stack_lvl+0x73/0xb0 [ 29.991182] print_report+0xd1/0x640 [ 29.991820] ? __virt_addr_valid+0x1db/0x2d0 [ 29.992277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.993159] kasan_report+0x102/0x140 [ 29.993594] ? kasan_atomics_helper+0x4a1e/0x5450 [ 29.994431] ? kasan_atomics_helper+0x4a1e/0x5450 [ 29.995286] __asan_report_load4_noabort+0x18/0x20 [ 29.995954] kasan_atomics_helper+0x4a1e/0x5450 [ 29.996457] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.997420] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.997886] ? kasan_atomics+0x153/0x310 [ 29.998544] kasan_atomics+0x1dd/0x310 [ 29.999183] ? __pfx_kasan_atomics+0x10/0x10 [ 29.999811] ? __pfx_read_tsc+0x10/0x10 [ 30.000577] ? ktime_get_ts64+0x86/0x230 [ 30.001195] kunit_try_run_case+0x1b3/0x490 [ 30.001633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.002406] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.003415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.003891] ? __kthread_parkme+0x82/0x160 [ 30.004503] ? preempt_count_sub+0x50/0x80 [ 30.005287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.005911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.006722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.007470] kthread+0x257/0x310 [ 30.008201] ? __pfx_kthread+0x10/0x10 [ 30.008612] ret_from_fork+0x41/0x80 [ 30.009306] ? __pfx_kthread+0x10/0x10 [ 30.009724] ret_from_fork_asm+0x1a/0x30 [ 30.010628] </TASK> [ 30.010825] [ 30.011220] Allocated by task 272: [ 30.011733] kasan_save_stack+0x3d/0x60 [ 30.012173] kasan_save_track+0x18/0x40 [ 30.012708] kasan_save_alloc_info+0x3b/0x50 [ 30.013082] __kasan_kmalloc+0xb7/0xc0 [ 30.013548] __kmalloc_cache_noprof+0x184/0x410 [ 30.014411] kasan_atomics+0x96/0x310 [ 30.014675] kunit_try_run_case+0x1b3/0x490 [ 30.015604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.016312] kthread+0x257/0x310 [ 30.016862] ret_from_fork+0x41/0x80 [ 30.017504] ret_from_fork_asm+0x1a/0x30 [ 30.018086] [ 30.018248] The buggy address belongs to the object at ffff888102969600 [ 30.018248] which belongs to the cache kmalloc-64 of size 64 [ 30.019897] The buggy address is located 0 bytes to the right of [ 30.019897] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.021378] [ 30.021830] The buggy address belongs to the physical page: [ 30.022305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.023408] flags: 0x200000000000000(node=0|zone=2) [ 30.024130] page_type: f5(slab) [ 30.024689] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.025683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.026627] page dumped because: kasan: bad access detected [ 30.027400] [ 30.027580] Memory state around the buggy address: [ 30.028481] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.029282] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.030232] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.030836] ^ [ 30.031564] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.032664] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.033497] ================================================================== [ 30.475843] ================================================================== [ 30.476573] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 30.477343] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.478429] [ 30.478649] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.480877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.481698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.483233] Call Trace: [ 30.483662] <TASK> [ 30.484356] dump_stack_lvl+0x73/0xb0 [ 30.485033] print_report+0xd1/0x640 [ 30.485449] ? __virt_addr_valid+0x1db/0x2d0 [ 30.485891] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.486479] kasan_report+0x102/0x140 [ 30.486784] ? kasan_atomics_helper+0x50d6/0x5450 [ 30.487345] ? kasan_atomics_helper+0x50d6/0x5450 [ 30.487947] __asan_report_store8_noabort+0x1b/0x30 [ 30.488497] kasan_atomics_helper+0x50d6/0x5450 [ 30.489522] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.490281] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.490756] ? kasan_atomics+0x153/0x310 [ 30.491122] kasan_atomics+0x1dd/0x310 [ 30.491543] ? __pfx_kasan_atomics+0x10/0x10 [ 30.492319] ? __pfx_read_tsc+0x10/0x10 [ 30.492729] ? ktime_get_ts64+0x86/0x230 [ 30.493954] kunit_try_run_case+0x1b3/0x490 [ 30.494458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.495415] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.496127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.496648] ? __kthread_parkme+0x82/0x160 [ 30.497589] ? preempt_count_sub+0x50/0x80 [ 30.498289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.498758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.499654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.500900] kthread+0x257/0x310 [ 30.501278] ? __pfx_kthread+0x10/0x10 [ 30.501861] ret_from_fork+0x41/0x80 [ 30.502374] ? __pfx_kthread+0x10/0x10 [ 30.502997] ret_from_fork_asm+0x1a/0x30 [ 30.503483] </TASK> [ 30.504059] [ 30.504556] Allocated by task 272: [ 30.504801] kasan_save_stack+0x3d/0x60 [ 30.505650] kasan_save_track+0x18/0x40 [ 30.506103] kasan_save_alloc_info+0x3b/0x50 [ 30.506573] __kasan_kmalloc+0xb7/0xc0 [ 30.507582] __kmalloc_cache_noprof+0x184/0x410 [ 30.507949] kasan_atomics+0x96/0x310 [ 30.508748] kunit_try_run_case+0x1b3/0x490 [ 30.509486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.510075] kthread+0x257/0x310 [ 30.510973] ret_from_fork+0x41/0x80 [ 30.511410] ret_from_fork_asm+0x1a/0x30 [ 30.512329] [ 30.512509] The buggy address belongs to the object at ffff888102969600 [ 30.512509] which belongs to the cache kmalloc-64 of size 64 [ 30.513910] The buggy address is located 0 bytes to the right of [ 30.513910] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.515621] [ 30.516039] The buggy address belongs to the physical page: [ 30.516545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.517621] flags: 0x200000000000000(node=0|zone=2) [ 30.518380] page_type: f5(slab) [ 30.519462] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.520155] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.521215] page dumped because: kasan: bad access detected [ 30.521730] [ 30.522320] Memory state around the buggy address: [ 30.523003] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.523690] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.524653] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.525469] ^ [ 30.526079] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.527197] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.528295] ================================================================== [ 30.075546] ================================================================== [ 30.076474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 30.077440] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.077937] [ 30.078201] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.078825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.079117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.080300] Call Trace: [ 30.080670] <TASK> [ 30.080965] dump_stack_lvl+0x73/0xb0 [ 30.081427] print_report+0xd1/0x640 [ 30.081723] ? __virt_addr_valid+0x1db/0x2d0 [ 30.082316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.082966] kasan_report+0x102/0x140 [ 30.083382] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.083791] ? kasan_atomics_helper+0x4a04/0x5450 [ 30.084283] __asan_report_load4_noabort+0x18/0x20 [ 30.084757] kasan_atomics_helper+0x4a04/0x5450 [ 30.085071] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.085574] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.086121] ? kasan_atomics+0x153/0x310 [ 30.086461] kasan_atomics+0x1dd/0x310 [ 30.086756] ? __pfx_kasan_atomics+0x10/0x10 [ 30.087362] ? __pfx_read_tsc+0x10/0x10 [ 30.088147] ? ktime_get_ts64+0x86/0x230 [ 30.088544] kunit_try_run_case+0x1b3/0x490 [ 30.089057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.089837] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.090208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.090957] ? __kthread_parkme+0x82/0x160 [ 30.091392] ? preempt_count_sub+0x50/0x80 [ 30.091814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.092299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.092814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.093368] kthread+0x257/0x310 [ 30.093721] ? __pfx_kthread+0x10/0x10 [ 30.094092] ret_from_fork+0x41/0x80 [ 30.094522] ? __pfx_kthread+0x10/0x10 [ 30.094813] ret_from_fork_asm+0x1a/0x30 [ 30.095132] </TASK> [ 30.095395] [ 30.095665] Allocated by task 272: [ 30.096390] kasan_save_stack+0x3d/0x60 [ 30.096995] kasan_save_track+0x18/0x40 [ 30.097524] kasan_save_alloc_info+0x3b/0x50 [ 30.098066] __kasan_kmalloc+0xb7/0xc0 [ 30.098446] __kmalloc_cache_noprof+0x184/0x410 [ 30.098956] kasan_atomics+0x96/0x310 [ 30.099294] kunit_try_run_case+0x1b3/0x490 [ 30.099619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.099978] kthread+0x257/0x310 [ 30.100237] ret_from_fork+0x41/0x80 [ 30.100559] ret_from_fork_asm+0x1a/0x30 [ 30.101076] [ 30.101357] The buggy address belongs to the object at ffff888102969600 [ 30.101357] which belongs to the cache kmalloc-64 of size 64 [ 30.102619] The buggy address is located 0 bytes to the right of [ 30.102619] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.104205] [ 30.104394] The buggy address belongs to the physical page: [ 30.104735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.105599] flags: 0x200000000000000(node=0|zone=2) [ 30.106551] page_type: f5(slab) [ 30.107064] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.107684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.108365] page dumped because: kasan: bad access detected [ 30.108706] [ 30.108868] Memory state around the buggy address: [ 30.109175] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.109984] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.110725] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.111138] ^ [ 30.111957] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.112740] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.113523] ================================================================== [ 29.474170] ================================================================== [ 29.475102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 29.476732] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.477436] [ 29.477630] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.478947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.479416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.480507] Call Trace: [ 29.480906] <TASK> [ 29.481330] dump_stack_lvl+0x73/0xb0 [ 29.481926] print_report+0xd1/0x640 [ 29.482453] ? __virt_addr_valid+0x1db/0x2d0 [ 29.483135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.483798] kasan_report+0x102/0x140 [ 29.484322] ? kasan_atomics_helper+0xb6b/0x5450 [ 29.484739] ? kasan_atomics_helper+0xb6b/0x5450 [ 29.485172] kasan_check_range+0x10c/0x1c0 [ 29.485807] __kasan_check_write+0x18/0x20 [ 29.486284] kasan_atomics_helper+0xb6b/0x5450 [ 29.486916] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.487590] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.488378] ? kasan_atomics+0x153/0x310 [ 29.488896] kasan_atomics+0x1dd/0x310 [ 29.489453] ? __pfx_kasan_atomics+0x10/0x10 [ 29.489918] ? __pfx_read_tsc+0x10/0x10 [ 29.490652] ? ktime_get_ts64+0x86/0x230 [ 29.491128] kunit_try_run_case+0x1b3/0x490 [ 29.491702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.492344] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.492801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.493302] ? __kthread_parkme+0x82/0x160 [ 29.493926] ? preempt_count_sub+0x50/0x80 [ 29.494390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.495025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.495838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.496345] kthread+0x257/0x310 [ 29.496863] ? __pfx_kthread+0x10/0x10 [ 29.497334] ret_from_fork+0x41/0x80 [ 29.497716] ? __pfx_kthread+0x10/0x10 [ 29.498688] ret_from_fork_asm+0x1a/0x30 [ 29.499247] </TASK> [ 29.499518] [ 29.499794] Allocated by task 272: [ 29.500064] kasan_save_stack+0x3d/0x60 [ 29.500631] kasan_save_track+0x18/0x40 [ 29.500963] kasan_save_alloc_info+0x3b/0x50 [ 29.501646] __kasan_kmalloc+0xb7/0xc0 [ 29.501974] __kmalloc_cache_noprof+0x184/0x410 [ 29.502528] kasan_atomics+0x96/0x310 [ 29.503048] kunit_try_run_case+0x1b3/0x490 [ 29.503389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.504053] kthread+0x257/0x310 [ 29.504570] ret_from_fork+0x41/0x80 [ 29.504961] ret_from_fork_asm+0x1a/0x30 [ 29.505271] [ 29.505619] The buggy address belongs to the object at ffff888102969600 [ 29.505619] which belongs to the cache kmalloc-64 of size 64 [ 29.506891] The buggy address is located 0 bytes to the right of [ 29.506891] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.507627] [ 29.508011] The buggy address belongs to the physical page: [ 29.508707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.509400] flags: 0x200000000000000(node=0|zone=2) [ 29.510203] page_type: f5(slab) [ 29.510565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.511480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.511951] page dumped because: kasan: bad access detected [ 29.512600] [ 29.513043] Memory state around the buggy address: [ 29.513413] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.514219] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.515020] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.515452] ^ [ 29.516033] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.516615] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.517458] ================================================================== [ 31.494042] ================================================================== [ 31.495659] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 31.496616] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.497186] [ 31.498110] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.499443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.500155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.500856] Call Trace: [ 31.501386] <TASK> [ 31.501671] dump_stack_lvl+0x73/0xb0 [ 31.502172] print_report+0xd1/0x640 [ 31.502511] ? __virt_addr_valid+0x1db/0x2d0 [ 31.503019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.503427] kasan_report+0x102/0x140 [ 31.503944] ? kasan_atomics_helper+0x4f9a/0x5450 [ 31.504520] ? kasan_atomics_helper+0x4f9a/0x5450 [ 31.505092] __asan_report_load8_noabort+0x18/0x20 [ 31.505689] kasan_atomics_helper+0x4f9a/0x5450 [ 31.506307] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.507153] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.507988] ? kasan_atomics+0x153/0x310 [ 31.508460] kasan_atomics+0x1dd/0x310 [ 31.509532] ? __pfx_kasan_atomics+0x10/0x10 [ 31.509926] ? __pfx_read_tsc+0x10/0x10 [ 31.510123] ? ktime_get_ts64+0x86/0x230 [ 31.510417] kunit_try_run_case+0x1b3/0x490 [ 31.511186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.512275] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.513012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.513729] ? __kthread_parkme+0x82/0x160 [ 31.514496] ? preempt_count_sub+0x50/0x80 [ 31.514955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.515643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.516818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.517848] kthread+0x257/0x310 [ 31.518118] ? __pfx_kthread+0x10/0x10 [ 31.518647] ret_from_fork+0x41/0x80 [ 31.519186] ? __pfx_kthread+0x10/0x10 [ 31.519715] ret_from_fork_asm+0x1a/0x30 [ 31.520121] </TASK> [ 31.520512] [ 31.520777] Allocated by task 272: [ 31.521219] kasan_save_stack+0x3d/0x60 [ 31.522385] kasan_save_track+0x18/0x40 [ 31.522666] kasan_save_alloc_info+0x3b/0x50 [ 31.523478] __kasan_kmalloc+0xb7/0xc0 [ 31.524269] __kmalloc_cache_noprof+0x184/0x410 [ 31.524693] kasan_atomics+0x96/0x310 [ 31.525168] kunit_try_run_case+0x1b3/0x490 [ 31.525578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.526501] kthread+0x257/0x310 [ 31.526824] ret_from_fork+0x41/0x80 [ 31.527400] ret_from_fork_asm+0x1a/0x30 [ 31.527896] [ 31.528018] The buggy address belongs to the object at ffff888102969600 [ 31.528018] which belongs to the cache kmalloc-64 of size 64 [ 31.528485] The buggy address is located 0 bytes to the right of [ 31.528485] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.529113] [ 31.529301] The buggy address belongs to the physical page: [ 31.529915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.531595] flags: 0x200000000000000(node=0|zone=2) [ 31.532115] page_type: f5(slab) [ 31.532516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.533133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.534030] page dumped because: kasan: bad access detected [ 31.534583] [ 31.534807] Memory state around the buggy address: [ 31.535401] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.536120] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.536844] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.537524] ^ [ 31.537983] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.538688] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.539474] ================================================================== [ 29.200635] ================================================================== [ 29.202736] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 29.203510] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.203947] [ 29.205358] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.206166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.207126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.208362] Call Trace: [ 29.208787] <TASK> [ 29.209979] dump_stack_lvl+0x73/0xb0 [ 29.210580] print_report+0xd1/0x640 [ 29.210979] ? __virt_addr_valid+0x1db/0x2d0 [ 29.211837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.212377] kasan_report+0x102/0x140 [ 29.212673] ? kasan_atomics_helper+0x861/0x5450 [ 29.214216] ? kasan_atomics_helper+0x861/0x5450 [ 29.214752] kasan_check_range+0x10c/0x1c0 [ 29.215812] __kasan_check_write+0x18/0x20 [ 29.216196] kasan_atomics_helper+0x861/0x5450 [ 29.216693] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.216994] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.217745] ? kasan_atomics+0x153/0x310 [ 29.218189] kasan_atomics+0x1dd/0x310 [ 29.219855] ? __pfx_kasan_atomics+0x10/0x10 [ 29.221075] ? __pfx_read_tsc+0x10/0x10 [ 29.221534] ? ktime_get_ts64+0x86/0x230 [ 29.222432] kunit_try_run_case+0x1b3/0x490 [ 29.222788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.223910] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.225022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.225742] ? __kthread_parkme+0x82/0x160 [ 29.226514] ? preempt_count_sub+0x50/0x80 [ 29.226827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.227774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.228761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.229862] kthread+0x257/0x310 [ 29.230472] ? __pfx_kthread+0x10/0x10 [ 29.231108] ret_from_fork+0x41/0x80 [ 29.232176] ? __pfx_kthread+0x10/0x10 [ 29.232629] ret_from_fork_asm+0x1a/0x30 [ 29.233330] </TASK> [ 29.233849] [ 29.234021] Allocated by task 272: [ 29.234884] kasan_save_stack+0x3d/0x60 [ 29.235925] kasan_save_track+0x18/0x40 [ 29.236196] kasan_save_alloc_info+0x3b/0x50 [ 29.237430] __kasan_kmalloc+0xb7/0xc0 [ 29.237780] __kmalloc_cache_noprof+0x184/0x410 [ 29.238482] kasan_atomics+0x96/0x310 [ 29.238769] kunit_try_run_case+0x1b3/0x490 [ 29.239066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.240355] kthread+0x257/0x310 [ 29.240719] ret_from_fork+0x41/0x80 [ 29.241130] ret_from_fork_asm+0x1a/0x30 [ 29.241839] [ 29.243160] The buggy address belongs to the object at ffff888102969600 [ 29.243160] which belongs to the cache kmalloc-64 of size 64 [ 29.245960] The buggy address is located 0 bytes to the right of [ 29.245960] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.247473] [ 29.248434] The buggy address belongs to the physical page: [ 29.248857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.250937] flags: 0x200000000000000(node=0|zone=2) [ 29.251532] page_type: f5(slab) [ 29.251785] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.252583] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.253627] page dumped because: kasan: bad access detected [ 29.255340] [ 29.255542] Memory state around the buggy address: [ 29.255885] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.257822] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.259245] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.260402] ^ [ 29.260704] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.262002] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.262824] ================================================================== [ 30.664681] ================================================================== [ 30.667313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 30.668028] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.669358] [ 30.669712] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.670962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.671515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.672241] Call Trace: [ 30.672564] <TASK> [ 30.672799] dump_stack_lvl+0x73/0xb0 [ 30.673121] print_report+0xd1/0x640 [ 30.673622] ? __virt_addr_valid+0x1db/0x2d0 [ 30.674126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.674596] kasan_report+0x102/0x140 [ 30.675298] ? kasan_atomics_helper+0x16e8/0x5450 [ 30.675732] ? kasan_atomics_helper+0x16e8/0x5450 [ 30.676341] kasan_check_range+0x10c/0x1c0 [ 30.676741] __kasan_check_write+0x18/0x20 [ 30.677194] kasan_atomics_helper+0x16e8/0x5450 [ 30.677819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.678304] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.678690] ? kasan_atomics+0x153/0x310 [ 30.679181] kasan_atomics+0x1dd/0x310 [ 30.679671] ? __pfx_kasan_atomics+0x10/0x10 [ 30.680043] ? __pfx_read_tsc+0x10/0x10 [ 30.680496] ? ktime_get_ts64+0x86/0x230 [ 30.681176] kunit_try_run_case+0x1b3/0x490 [ 30.681610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.682079] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.682788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.683237] ? __kthread_parkme+0x82/0x160 [ 30.683619] ? preempt_count_sub+0x50/0x80 [ 30.684004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.684407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.685529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.686194] kthread+0x257/0x310 [ 30.686522] ? __pfx_kthread+0x10/0x10 [ 30.687117] ret_from_fork+0x41/0x80 [ 30.687547] ? __pfx_kthread+0x10/0x10 [ 30.687837] ret_from_fork_asm+0x1a/0x30 [ 30.688389] </TASK> [ 30.688686] [ 30.688977] Allocated by task 272: [ 30.689500] kasan_save_stack+0x3d/0x60 [ 30.689962] kasan_save_track+0x18/0x40 [ 30.690272] kasan_save_alloc_info+0x3b/0x50 [ 30.690657] __kasan_kmalloc+0xb7/0xc0 [ 30.691110] __kmalloc_cache_noprof+0x184/0x410 [ 30.691858] kasan_atomics+0x96/0x310 [ 30.692311] kunit_try_run_case+0x1b3/0x490 [ 30.692695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.693191] kthread+0x257/0x310 [ 30.693482] ret_from_fork+0x41/0x80 [ 30.693748] ret_from_fork_asm+0x1a/0x30 [ 30.694249] [ 30.694552] The buggy address belongs to the object at ffff888102969600 [ 30.694552] which belongs to the cache kmalloc-64 of size 64 [ 30.695835] The buggy address is located 0 bytes to the right of [ 30.695835] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.698893] [ 30.699076] The buggy address belongs to the physical page: [ 30.699426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.700364] flags: 0x200000000000000(node=0|zone=2) [ 30.701326] page_type: f5(slab) [ 30.701670] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.702426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.703358] page dumped because: kasan: bad access detected [ 30.704010] [ 30.704335] Memory state around the buggy address: [ 30.705139] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.705972] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.706587] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.707756] ^ [ 30.708219] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.709068] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.709854] ================================================================== [ 29.827048] ================================================================== [ 29.828575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 29.830239] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.830774] [ 29.830964] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.832659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.833231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.834099] Call Trace: [ 29.834542] <TASK> [ 29.834823] dump_stack_lvl+0x73/0xb0 [ 29.835526] print_report+0xd1/0x640 [ 29.836114] ? __virt_addr_valid+0x1db/0x2d0 [ 29.836587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.837633] kasan_report+0x102/0x140 [ 29.838114] ? kasan_atomics_helper+0xfaa/0x5450 [ 29.838615] ? kasan_atomics_helper+0xfaa/0x5450 [ 29.839420] kasan_check_range+0x10c/0x1c0 [ 29.839758] __kasan_check_write+0x18/0x20 [ 29.840201] kasan_atomics_helper+0xfaa/0x5450 [ 29.841121] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.841681] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.842721] ? kasan_atomics+0x153/0x310 [ 29.843471] kasan_atomics+0x1dd/0x310 [ 29.843976] ? __pfx_kasan_atomics+0x10/0x10 [ 29.844839] ? __pfx_read_tsc+0x10/0x10 [ 29.845427] ? ktime_get_ts64+0x86/0x230 [ 29.846157] kunit_try_run_case+0x1b3/0x490 [ 29.846655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.847651] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.848192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.848903] ? __kthread_parkme+0x82/0x160 [ 29.849524] ? preempt_count_sub+0x50/0x80 [ 29.850200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.850965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.851540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.852158] kthread+0x257/0x310 [ 29.852964] ? __pfx_kthread+0x10/0x10 [ 29.853509] ret_from_fork+0x41/0x80 [ 29.854137] ? __pfx_kthread+0x10/0x10 [ 29.854729] ret_from_fork_asm+0x1a/0x30 [ 29.855495] </TASK> [ 29.856099] [ 29.856307] Allocated by task 272: [ 29.856719] kasan_save_stack+0x3d/0x60 [ 29.857092] kasan_save_track+0x18/0x40 [ 29.857672] kasan_save_alloc_info+0x3b/0x50 [ 29.858132] __kasan_kmalloc+0xb7/0xc0 [ 29.858562] __kmalloc_cache_noprof+0x184/0x410 [ 29.859081] kasan_atomics+0x96/0x310 [ 29.859404] kunit_try_run_case+0x1b3/0x490 [ 29.859853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.860974] kthread+0x257/0x310 [ 29.861228] ret_from_fork+0x41/0x80 [ 29.861523] ret_from_fork_asm+0x1a/0x30 [ 29.861816] [ 29.862135] The buggy address belongs to the object at ffff888102969600 [ 29.862135] which belongs to the cache kmalloc-64 of size 64 [ 29.864124] The buggy address is located 0 bytes to the right of [ 29.864124] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.866281] [ 29.866702] The buggy address belongs to the physical page: [ 29.867185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.867561] flags: 0x200000000000000(node=0|zone=2) [ 29.867849] page_type: f5(slab) [ 29.868401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.869476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.870137] page dumped because: kasan: bad access detected [ 29.870748] [ 29.871049] Memory state around the buggy address: [ 29.871519] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.872099] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.872921] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.874237] ^ [ 29.875294] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.875853] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.876667] ================================================================== [ 30.365006] ================================================================== [ 30.366854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 30.368153] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.369659] [ 30.369900] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.370974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.371433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.372495] Call Trace: [ 30.372955] <TASK> [ 30.373629] dump_stack_lvl+0x73/0xb0 [ 30.374085] print_report+0xd1/0x640 [ 30.374629] ? __virt_addr_valid+0x1db/0x2d0 [ 30.375169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.375875] kasan_report+0x102/0x140 [ 30.376524] ? kasan_atomics_helper+0x4eb0/0x5450 [ 30.377688] ? kasan_atomics_helper+0x4eb0/0x5450 [ 30.378206] __asan_report_load8_noabort+0x18/0x20 [ 30.378925] kasan_atomics_helper+0x4eb0/0x5450 [ 30.379485] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.380029] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.381227] ? kasan_atomics+0x153/0x310 [ 30.381662] kasan_atomics+0x1dd/0x310 [ 30.382425] ? __pfx_kasan_atomics+0x10/0x10 [ 30.383031] ? __pfx_read_tsc+0x10/0x10 [ 30.383599] ? ktime_get_ts64+0x86/0x230 [ 30.384573] kunit_try_run_case+0x1b3/0x490 [ 30.385182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.385703] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.386572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.387342] ? __kthread_parkme+0x82/0x160 [ 30.388026] ? preempt_count_sub+0x50/0x80 [ 30.388488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.389565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.390323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.391110] kthread+0x257/0x310 [ 30.391771] ? __pfx_kthread+0x10/0x10 [ 30.392444] ret_from_fork+0x41/0x80 [ 30.393159] ? __pfx_kthread+0x10/0x10 [ 30.393756] ret_from_fork_asm+0x1a/0x30 [ 30.394540] </TASK> [ 30.395226] [ 30.395448] Allocated by task 272: [ 30.395693] kasan_save_stack+0x3d/0x60 [ 30.396629] kasan_save_track+0x18/0x40 [ 30.397426] kasan_save_alloc_info+0x3b/0x50 [ 30.398295] __kasan_kmalloc+0xb7/0xc0 [ 30.399048] __kmalloc_cache_noprof+0x184/0x410 [ 30.399605] kasan_atomics+0x96/0x310 [ 30.400119] kunit_try_run_case+0x1b3/0x490 [ 30.400554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.401438] kthread+0x257/0x310 [ 30.401688] ret_from_fork+0x41/0x80 [ 30.401964] ret_from_fork_asm+0x1a/0x30 [ 30.402240] [ 30.402446] The buggy address belongs to the object at ffff888102969600 [ 30.402446] which belongs to the cache kmalloc-64 of size 64 [ 30.403063] The buggy address is located 0 bytes to the right of [ 30.403063] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.407362] [ 30.407628] The buggy address belongs to the physical page: [ 30.408566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.409539] flags: 0x200000000000000(node=0|zone=2) [ 30.410604] page_type: f5(slab) [ 30.410940] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.411588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.412714] page dumped because: kasan: bad access detected [ 30.413704] [ 30.413935] Memory state around the buggy address: [ 30.414869] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.415617] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.416478] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.416860] ^ [ 30.417318] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.418598] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.419548] ================================================================== [ 30.910111] ================================================================== [ 30.910686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 30.911562] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.912205] [ 30.912679] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.913705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.914176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.915030] Call Trace: [ 30.915279] <TASK> [ 30.915666] dump_stack_lvl+0x73/0xb0 [ 30.916393] print_report+0xd1/0x640 [ 30.916942] ? __virt_addr_valid+0x1db/0x2d0 [ 30.917395] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.918072] kasan_report+0x102/0x140 [ 30.918720] ? kasan_atomics_helper+0x19e4/0x5450 [ 30.919079] ? kasan_atomics_helper+0x19e4/0x5450 [ 30.919637] kasan_check_range+0x10c/0x1c0 [ 30.920310] __kasan_check_write+0x18/0x20 [ 30.920922] kasan_atomics_helper+0x19e4/0x5450 [ 30.921429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.921981] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.922705] ? kasan_atomics+0x153/0x310 [ 30.923224] kasan_atomics+0x1dd/0x310 [ 30.923696] ? __pfx_kasan_atomics+0x10/0x10 [ 30.924315] ? __pfx_read_tsc+0x10/0x10 [ 30.924723] ? ktime_get_ts64+0x86/0x230 [ 30.925222] kunit_try_run_case+0x1b3/0x490 [ 30.925733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.926378] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.926894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.927307] ? __kthread_parkme+0x82/0x160 [ 30.927856] ? preempt_count_sub+0x50/0x80 [ 30.928167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.928510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.929003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.929746] kthread+0x257/0x310 [ 30.930491] ? __pfx_kthread+0x10/0x10 [ 30.930837] ret_from_fork+0x41/0x80 [ 30.931278] ? __pfx_kthread+0x10/0x10 [ 30.931743] ret_from_fork_asm+0x1a/0x30 [ 30.932277] </TASK> [ 30.932615] [ 30.932832] Allocated by task 272: [ 30.933172] kasan_save_stack+0x3d/0x60 [ 30.933546] kasan_save_track+0x18/0x40 [ 30.934428] kasan_save_alloc_info+0x3b/0x50 [ 30.934966] __kasan_kmalloc+0xb7/0xc0 [ 30.935459] __kmalloc_cache_noprof+0x184/0x410 [ 30.936184] kasan_atomics+0x96/0x310 [ 30.936588] kunit_try_run_case+0x1b3/0x490 [ 30.937192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.937798] kthread+0x257/0x310 [ 30.938213] ret_from_fork+0x41/0x80 [ 30.938530] ret_from_fork_asm+0x1a/0x30 [ 30.938885] [ 30.939184] The buggy address belongs to the object at ffff888102969600 [ 30.939184] which belongs to the cache kmalloc-64 of size 64 [ 30.941937] The buggy address is located 0 bytes to the right of [ 30.941937] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.943431] [ 30.943773] The buggy address belongs to the physical page: [ 30.944938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.945614] flags: 0x200000000000000(node=0|zone=2) [ 30.946438] page_type: f5(slab) [ 30.946851] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.947927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.948907] page dumped because: kasan: bad access detected [ 30.949645] [ 30.950176] Memory state around the buggy address: [ 30.950543] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.951457] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.952284] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.953189] ^ [ 30.953819] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.954520] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.955156] ================================================================== [ 31.540728] ================================================================== [ 31.541665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 31.542456] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.543290] [ 31.543545] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.544619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.545080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.545871] Call Trace: [ 31.546237] <TASK> [ 31.546530] dump_stack_lvl+0x73/0xb0 [ 31.546972] print_report+0xd1/0x640 [ 31.547482] ? __virt_addr_valid+0x1db/0x2d0 [ 31.547926] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.548513] kasan_report+0x102/0x140 [ 31.548863] ? kasan_atomics_helper+0x20c9/0x5450 [ 31.549396] ? kasan_atomics_helper+0x20c9/0x5450 [ 31.550171] kasan_check_range+0x10c/0x1c0 [ 31.550783] __kasan_check_write+0x18/0x20 [ 31.551222] kasan_atomics_helper+0x20c9/0x5450 [ 31.551846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.552499] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.553022] ? kasan_atomics+0x153/0x310 [ 31.553570] kasan_atomics+0x1dd/0x310 [ 31.554058] ? __pfx_kasan_atomics+0x10/0x10 [ 31.554569] ? __pfx_read_tsc+0x10/0x10 [ 31.555089] ? ktime_get_ts64+0x86/0x230 [ 31.555491] kunit_try_run_case+0x1b3/0x490 [ 31.556092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.556703] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.557820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.558302] ? __kthread_parkme+0x82/0x160 [ 31.559123] ? preempt_count_sub+0x50/0x80 [ 31.559751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.560238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.560953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.561595] kthread+0x257/0x310 [ 31.562223] ? __pfx_kthread+0x10/0x10 [ 31.562652] ret_from_fork+0x41/0x80 [ 31.563037] ? __pfx_kthread+0x10/0x10 [ 31.563449] ret_from_fork_asm+0x1a/0x30 [ 31.563873] </TASK> [ 31.564152] [ 31.564413] Allocated by task 272: [ 31.564768] kasan_save_stack+0x3d/0x60 [ 31.565160] kasan_save_track+0x18/0x40 [ 31.566451] kasan_save_alloc_info+0x3b/0x50 [ 31.566833] __kasan_kmalloc+0xb7/0xc0 [ 31.567513] __kmalloc_cache_noprof+0x184/0x410 [ 31.568242] kasan_atomics+0x96/0x310 [ 31.569003] kunit_try_run_case+0x1b3/0x490 [ 31.569585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.570657] kthread+0x257/0x310 [ 31.571221] ret_from_fork+0x41/0x80 [ 31.571489] ret_from_fork_asm+0x1a/0x30 [ 31.572019] [ 31.572236] The buggy address belongs to the object at ffff888102969600 [ 31.572236] which belongs to the cache kmalloc-64 of size 64 [ 31.573694] The buggy address is located 0 bytes to the right of [ 31.573694] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.575550] [ 31.576097] The buggy address belongs to the physical page: [ 31.576594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.577642] flags: 0x200000000000000(node=0|zone=2) [ 31.578536] page_type: f5(slab) [ 31.579028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.579873] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.580943] page dumped because: kasan: bad access detected [ 31.581513] [ 31.581713] Memory state around the buggy address: [ 31.582708] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.583316] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.583800] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.584596] ^ [ 31.585157] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.585655] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.586691] ================================================================== [ 29.930828] ================================================================== [ 29.932272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 29.933549] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.934690] [ 29.935518] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.936731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.937468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.938528] Call Trace: [ 29.939006] <TASK> [ 29.939319] dump_stack_lvl+0x73/0xb0 [ 29.939761] print_report+0xd1/0x640 [ 29.940875] ? __virt_addr_valid+0x1db/0x2d0 [ 29.941396] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.942354] kasan_report+0x102/0x140 [ 29.942943] ? kasan_atomics_helper+0x107a/0x5450 [ 29.943433] ? kasan_atomics_helper+0x107a/0x5450 [ 29.944049] kasan_check_range+0x10c/0x1c0 [ 29.944589] __kasan_check_write+0x18/0x20 [ 29.945358] kasan_atomics_helper+0x107a/0x5450 [ 29.946110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.946484] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.946993] ? kasan_atomics+0x153/0x310 [ 29.947566] kasan_atomics+0x1dd/0x310 [ 29.948315] ? __pfx_kasan_atomics+0x10/0x10 [ 29.949051] ? __pfx_read_tsc+0x10/0x10 [ 29.949617] ? ktime_get_ts64+0x86/0x230 [ 29.950099] kunit_try_run_case+0x1b3/0x490 [ 29.950556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.951474] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.952236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.952741] ? __kthread_parkme+0x82/0x160 [ 29.953200] ? preempt_count_sub+0x50/0x80 [ 29.953683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.954639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.955211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.955651] kthread+0x257/0x310 [ 29.956372] ? __pfx_kthread+0x10/0x10 [ 29.956786] ret_from_fork+0x41/0x80 [ 29.957526] ? __pfx_kthread+0x10/0x10 [ 29.958138] ret_from_fork_asm+0x1a/0x30 [ 29.959422] </TASK> [ 29.960053] [ 29.960234] Allocated by task 272: [ 29.960673] kasan_save_stack+0x3d/0x60 [ 29.961041] kasan_save_track+0x18/0x40 [ 29.961677] kasan_save_alloc_info+0x3b/0x50 [ 29.962173] __kasan_kmalloc+0xb7/0xc0 [ 29.962737] __kmalloc_cache_noprof+0x184/0x410 [ 29.963107] kasan_atomics+0x96/0x310 [ 29.963515] kunit_try_run_case+0x1b3/0x490 [ 29.963964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.964630] kthread+0x257/0x310 [ 29.964980] ret_from_fork+0x41/0x80 [ 29.965438] ret_from_fork_asm+0x1a/0x30 [ 29.965739] [ 29.965922] The buggy address belongs to the object at ffff888102969600 [ 29.965922] which belongs to the cache kmalloc-64 of size 64 [ 29.967187] The buggy address is located 0 bytes to the right of [ 29.967187] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.969215] [ 29.969530] The buggy address belongs to the physical page: [ 29.970166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.971338] flags: 0x200000000000000(node=0|zone=2) [ 29.971790] page_type: f5(slab) [ 29.972796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.973291] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.974463] page dumped because: kasan: bad access detected [ 29.975159] [ 29.975515] Memory state around the buggy address: [ 29.976339] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.976985] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.977829] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.978674] ^ [ 29.979334] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.980189] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.981064] ================================================================== [ 30.035198] ================================================================== [ 30.036559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 30.037438] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.038698] [ 30.039119] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.040222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.041087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.042342] Call Trace: [ 30.042581] <TASK> [ 30.042734] dump_stack_lvl+0x73/0xb0 [ 30.043071] print_report+0xd1/0x640 [ 30.043430] ? __virt_addr_valid+0x1db/0x2d0 [ 30.043740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.044491] kasan_report+0x102/0x140 [ 30.045148] ? kasan_atomics_helper+0x1149/0x5450 [ 30.045664] ? kasan_atomics_helper+0x1149/0x5450 [ 30.046037] kasan_check_range+0x10c/0x1c0 [ 30.046381] __kasan_check_write+0x18/0x20 [ 30.046868] kasan_atomics_helper+0x1149/0x5450 [ 30.047290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.047735] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.048320] ? kasan_atomics+0x153/0x310 [ 30.048627] kasan_atomics+0x1dd/0x310 [ 30.049100] ? __pfx_kasan_atomics+0x10/0x10 [ 30.049497] ? __pfx_read_tsc+0x10/0x10 [ 30.049969] ? ktime_get_ts64+0x86/0x230 [ 30.050566] kunit_try_run_case+0x1b3/0x490 [ 30.051011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.051640] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.052103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.052568] ? __kthread_parkme+0x82/0x160 [ 30.053076] ? preempt_count_sub+0x50/0x80 [ 30.053542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.053930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.054576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.055123] kthread+0x257/0x310 [ 30.055427] ? __pfx_kthread+0x10/0x10 [ 30.055976] ret_from_fork+0x41/0x80 [ 30.056313] ? __pfx_kthread+0x10/0x10 [ 30.056637] ret_from_fork_asm+0x1a/0x30 [ 30.057325] </TASK> [ 30.057718] [ 30.057946] Allocated by task 272: [ 30.058197] kasan_save_stack+0x3d/0x60 [ 30.058737] kasan_save_track+0x18/0x40 [ 30.059307] kasan_save_alloc_info+0x3b/0x50 [ 30.059732] __kasan_kmalloc+0xb7/0xc0 [ 30.060066] __kmalloc_cache_noprof+0x184/0x410 [ 30.060476] kasan_atomics+0x96/0x310 [ 30.060753] kunit_try_run_case+0x1b3/0x490 [ 30.061309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.062166] kthread+0x257/0x310 [ 30.062494] ret_from_fork+0x41/0x80 [ 30.062982] ret_from_fork_asm+0x1a/0x30 [ 30.063371] [ 30.063539] The buggy address belongs to the object at ffff888102969600 [ 30.063539] which belongs to the cache kmalloc-64 of size 64 [ 30.064659] The buggy address is located 0 bytes to the right of [ 30.064659] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.065953] [ 30.066157] The buggy address belongs to the physical page: [ 30.066531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.067431] flags: 0x200000000000000(node=0|zone=2) [ 30.068036] page_type: f5(slab) [ 30.068471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.069156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.069609] page dumped because: kasan: bad access detected [ 30.070149] [ 30.070548] Memory state around the buggy address: [ 30.071083] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.071525] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.072408] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.073089] ^ [ 30.073543] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.074165] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.074609] ================================================================== [ 29.726840] ================================================================== [ 29.727477] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 29.728179] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.728765] [ 29.729047] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.729870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.730597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.732459] Call Trace: [ 29.732878] <TASK> [ 29.733220] dump_stack_lvl+0x73/0xb0 [ 29.733765] print_report+0xd1/0x640 [ 29.734144] ? __virt_addr_valid+0x1db/0x2d0 [ 29.734648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.735399] kasan_report+0x102/0x140 [ 29.735789] ? kasan_atomics_helper+0xe79/0x5450 [ 29.736300] ? kasan_atomics_helper+0xe79/0x5450 [ 29.737033] kasan_check_range+0x10c/0x1c0 [ 29.737511] __kasan_check_write+0x18/0x20 [ 29.737994] kasan_atomics_helper+0xe79/0x5450 [ 29.738729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.739167] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.739741] ? kasan_atomics+0x153/0x310 [ 29.740450] kasan_atomics+0x1dd/0x310 [ 29.740828] ? __pfx_kasan_atomics+0x10/0x10 [ 29.741620] ? __pfx_read_tsc+0x10/0x10 [ 29.741963] ? ktime_get_ts64+0x86/0x230 [ 29.742551] kunit_try_run_case+0x1b3/0x490 [ 29.742923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.743601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.744297] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.744841] ? __kthread_parkme+0x82/0x160 [ 29.745409] ? preempt_count_sub+0x50/0x80 [ 29.745951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.746438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.747041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.747587] kthread+0x257/0x310 [ 29.748099] ? __pfx_kthread+0x10/0x10 [ 29.748476] ret_from_fork+0x41/0x80 [ 29.749160] ? __pfx_kthread+0x10/0x10 [ 29.749566] ret_from_fork_asm+0x1a/0x30 [ 29.750235] </TASK> [ 29.750483] [ 29.750833] Allocated by task 272: [ 29.751308] kasan_save_stack+0x3d/0x60 [ 29.751820] kasan_save_track+0x18/0x40 [ 29.752283] kasan_save_alloc_info+0x3b/0x50 [ 29.752801] __kasan_kmalloc+0xb7/0xc0 [ 29.753401] __kmalloc_cache_noprof+0x184/0x410 [ 29.753792] kasan_atomics+0x96/0x310 [ 29.754558] kunit_try_run_case+0x1b3/0x490 [ 29.755044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.755657] kthread+0x257/0x310 [ 29.756331] ret_from_fork+0x41/0x80 [ 29.756789] ret_from_fork_asm+0x1a/0x30 [ 29.757447] [ 29.757798] The buggy address belongs to the object at ffff888102969600 [ 29.757798] which belongs to the cache kmalloc-64 of size 64 [ 29.758516] The buggy address is located 0 bytes to the right of [ 29.758516] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.759709] [ 29.759934] The buggy address belongs to the physical page: [ 29.760636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.761500] flags: 0x200000000000000(node=0|zone=2) [ 29.762209] page_type: f5(slab) [ 29.763324] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.764084] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.764744] page dumped because: kasan: bad access detected [ 29.766070] [ 29.766279] Memory state around the buggy address: [ 29.767191] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.767791] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.768895] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.769544] ^ [ 29.770587] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.771476] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.772485] ================================================================== [ 28.448006] ================================================================== [ 28.449700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 28.451115] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.451561] [ 28.452156] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.453850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.454157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.455493] Call Trace: [ 28.455688] <TASK> [ 28.456134] dump_stack_lvl+0x73/0xb0 [ 28.457533] print_report+0xd1/0x640 [ 28.458613] ? __virt_addr_valid+0x1db/0x2d0 [ 28.459109] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.459832] kasan_report+0x102/0x140 [ 28.460684] ? kasan_atomics_helper+0x4bbe/0x5450 [ 28.461706] ? kasan_atomics_helper+0x4bbe/0x5450 [ 28.462202] __asan_report_load4_noabort+0x18/0x20 [ 28.463226] kasan_atomics_helper+0x4bbe/0x5450 [ 28.463669] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.465454] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.465960] ? kasan_atomics+0x153/0x310 [ 28.466892] kasan_atomics+0x1dd/0x310 [ 28.467556] ? __pfx_kasan_atomics+0x10/0x10 [ 28.468531] ? __pfx_read_tsc+0x10/0x10 [ 28.469340] ? ktime_get_ts64+0x86/0x230 [ 28.469643] kunit_try_run_case+0x1b3/0x490 [ 28.470141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.470570] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.471007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.472117] ? __kthread_parkme+0x82/0x160 [ 28.473141] ? preempt_count_sub+0x50/0x80 [ 28.473608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.474360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.475023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.475907] kthread+0x257/0x310 [ 28.476492] ? __pfx_kthread+0x10/0x10 [ 28.476850] ret_from_fork+0x41/0x80 [ 28.477405] ? __pfx_kthread+0x10/0x10 [ 28.478312] ret_from_fork_asm+0x1a/0x30 [ 28.479108] </TASK> [ 28.479599] [ 28.480075] Allocated by task 272: [ 28.480484] kasan_save_stack+0x3d/0x60 [ 28.481499] kasan_save_track+0x18/0x40 [ 28.482011] kasan_save_alloc_info+0x3b/0x50 [ 28.482555] __kasan_kmalloc+0xb7/0xc0 [ 28.483194] __kmalloc_cache_noprof+0x184/0x410 [ 28.483849] kasan_atomics+0x96/0x310 [ 28.484657] kunit_try_run_case+0x1b3/0x490 [ 28.485021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.486120] kthread+0x257/0x310 [ 28.486679] ret_from_fork+0x41/0x80 [ 28.487235] ret_from_fork_asm+0x1a/0x30 [ 28.487902] [ 28.488249] The buggy address belongs to the object at ffff888102969600 [ 28.488249] which belongs to the cache kmalloc-64 of size 64 [ 28.489584] The buggy address is located 0 bytes to the right of [ 28.489584] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.491715] [ 28.491910] The buggy address belongs to the physical page: [ 28.492651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.493311] flags: 0x200000000000000(node=0|zone=2) [ 28.493878] page_type: f5(slab) [ 28.494232] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.495050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.495690] page dumped because: kasan: bad access detected [ 28.496696] [ 28.497036] Memory state around the buggy address: [ 28.497393] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.498492] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.499127] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.499830] ^ [ 28.500239] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.500833] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.501435] ================================================================== [ 29.429874] ================================================================== [ 29.430868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 29.432046] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.432779] [ 29.432969] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.433946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.434470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.435350] Call Trace: [ 29.435681] <TASK> [ 29.435890] dump_stack_lvl+0x73/0xb0 [ 29.436797] print_report+0xd1/0x640 [ 29.437542] ? __virt_addr_valid+0x1db/0x2d0 [ 29.438584] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.439461] kasan_report+0x102/0x140 [ 29.439655] ? kasan_atomics_helper+0xac8/0x5450 [ 29.439989] ? kasan_atomics_helper+0xac8/0x5450 [ 29.440957] kasan_check_range+0x10c/0x1c0 [ 29.441722] __kasan_check_write+0x18/0x20 [ 29.442231] kasan_atomics_helper+0xac8/0x5450 [ 29.442725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.443170] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.443726] ? kasan_atomics+0x153/0x310 [ 29.444210] kasan_atomics+0x1dd/0x310 [ 29.444525] ? __pfx_kasan_atomics+0x10/0x10 [ 29.445100] ? __pfx_read_tsc+0x10/0x10 [ 29.445798] ? ktime_get_ts64+0x86/0x230 [ 29.446160] kunit_try_run_case+0x1b3/0x490 [ 29.446722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.447224] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.447604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.448612] ? __kthread_parkme+0x82/0x160 [ 29.448994] ? preempt_count_sub+0x50/0x80 [ 29.449602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.450056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.450629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.451182] kthread+0x257/0x310 [ 29.451700] ? __pfx_kthread+0x10/0x10 [ 29.452172] ret_from_fork+0x41/0x80 [ 29.452594] ? __pfx_kthread+0x10/0x10 [ 29.452931] ret_from_fork_asm+0x1a/0x30 [ 29.453620] </TASK> [ 29.454033] [ 29.454219] Allocated by task 272: [ 29.454610] kasan_save_stack+0x3d/0x60 [ 29.455505] kasan_save_track+0x18/0x40 [ 29.455903] kasan_save_alloc_info+0x3b/0x50 [ 29.456279] __kasan_kmalloc+0xb7/0xc0 [ 29.456735] __kmalloc_cache_noprof+0x184/0x410 [ 29.457186] kasan_atomics+0x96/0x310 [ 29.457681] kunit_try_run_case+0x1b3/0x490 [ 29.458037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.458432] kthread+0x257/0x310 [ 29.458853] ret_from_fork+0x41/0x80 [ 29.459455] ret_from_fork_asm+0x1a/0x30 [ 29.460153] [ 29.460462] The buggy address belongs to the object at ffff888102969600 [ 29.460462] which belongs to the cache kmalloc-64 of size 64 [ 29.461595] The buggy address is located 0 bytes to the right of [ 29.461595] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.462662] [ 29.462837] The buggy address belongs to the physical page: [ 29.463454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.464189] flags: 0x200000000000000(node=0|zone=2) [ 29.464834] page_type: f5(slab) [ 29.465216] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.466002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.466911] page dumped because: kasan: bad access detected [ 29.467418] [ 29.467525] Memory state around the buggy address: [ 29.467727] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.468991] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.470189] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.470797] ^ [ 29.471237] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.472033] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.472891] ================================================================== [ 30.578066] ================================================================== [ 30.578854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 30.580432] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.582150] [ 30.583215] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.583952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.584494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.585505] Call Trace: [ 30.585859] <TASK> [ 30.586231] dump_stack_lvl+0x73/0xb0 [ 30.586809] print_report+0xd1/0x640 [ 30.587309] ? __virt_addr_valid+0x1db/0x2d0 [ 30.587928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.588588] kasan_report+0x102/0x140 [ 30.589139] ? kasan_atomics_helper+0x15b7/0x5450 [ 30.589914] ? kasan_atomics_helper+0x15b7/0x5450 [ 30.590640] kasan_check_range+0x10c/0x1c0 [ 30.591327] __kasan_check_write+0x18/0x20 [ 30.591765] kasan_atomics_helper+0x15b7/0x5450 [ 30.592230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.593199] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.593980] ? kasan_atomics+0x153/0x310 [ 30.594599] kasan_atomics+0x1dd/0x310 [ 30.595323] ? __pfx_kasan_atomics+0x10/0x10 [ 30.596307] ? __pfx_read_tsc+0x10/0x10 [ 30.596708] ? ktime_get_ts64+0x86/0x230 [ 30.597166] kunit_try_run_case+0x1b3/0x490 [ 30.597664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.598905] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.599892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.600314] ? __kthread_parkme+0x82/0x160 [ 30.600779] ? preempt_count_sub+0x50/0x80 [ 30.601340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.601839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.602729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.603336] kthread+0x257/0x310 [ 30.603701] ? __pfx_kthread+0x10/0x10 [ 30.604726] ret_from_fork+0x41/0x80 [ 30.605028] ? __pfx_kthread+0x10/0x10 [ 30.605530] ret_from_fork_asm+0x1a/0x30 [ 30.606036] </TASK> [ 30.606359] [ 30.606571] Allocated by task 272: [ 30.606887] kasan_save_stack+0x3d/0x60 [ 30.607455] kasan_save_track+0x18/0x40 [ 30.607761] kasan_save_alloc_info+0x3b/0x50 [ 30.608222] __kasan_kmalloc+0xb7/0xc0 [ 30.608707] __kmalloc_cache_noprof+0x184/0x410 [ 30.609120] kasan_atomics+0x96/0x310 [ 30.609544] kunit_try_run_case+0x1b3/0x490 [ 30.610066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.610474] kthread+0x257/0x310 [ 30.610789] ret_from_fork+0x41/0x80 [ 30.611273] ret_from_fork_asm+0x1a/0x30 [ 30.611711] [ 30.612003] The buggy address belongs to the object at ffff888102969600 [ 30.612003] which belongs to the cache kmalloc-64 of size 64 [ 30.613046] The buggy address is located 0 bytes to the right of [ 30.613046] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.613888] [ 30.614057] The buggy address belongs to the physical page: [ 30.614683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.615592] flags: 0x200000000000000(node=0|zone=2) [ 30.616184] page_type: f5(slab) [ 30.616472] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.617099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.618299] page dumped because: kasan: bad access detected [ 30.618755] [ 30.618939] Memory state around the buggy address: [ 30.619273] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.620019] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.620576] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.621676] ^ [ 30.622194] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.622707] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.623298] ================================================================== [ 28.608077] ================================================================== [ 28.608758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 28.610620] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.611153] [ 28.611361] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.613200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.613517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.614372] Call Trace: [ 28.614661] <TASK> [ 28.614918] dump_stack_lvl+0x73/0xb0 [ 28.615890] print_report+0xd1/0x640 [ 28.616503] ? __virt_addr_valid+0x1db/0x2d0 [ 28.617009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.618164] kasan_report+0x102/0x140 [ 28.618764] ? kasan_atomics_helper+0x4b70/0x5450 [ 28.619569] ? kasan_atomics_helper+0x4b70/0x5450 [ 28.619923] __asan_report_store4_noabort+0x1b/0x30 [ 28.621285] kasan_atomics_helper+0x4b70/0x5450 [ 28.622363] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.623198] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.624188] ? kasan_atomics+0x153/0x310 [ 28.624801] kasan_atomics+0x1dd/0x310 [ 28.626014] ? __pfx_kasan_atomics+0x10/0x10 [ 28.626630] ? __pfx_read_tsc+0x10/0x10 [ 28.627543] ? ktime_get_ts64+0x86/0x230 [ 28.627958] kunit_try_run_case+0x1b3/0x490 [ 28.628619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.629475] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.630879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.631432] ? __kthread_parkme+0x82/0x160 [ 28.632370] ? preempt_count_sub+0x50/0x80 [ 28.633253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.633715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.634333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.634879] kthread+0x257/0x310 [ 28.635725] ? __pfx_kthread+0x10/0x10 [ 28.635992] ret_from_fork+0x41/0x80 [ 28.636225] ? __pfx_kthread+0x10/0x10 [ 28.636871] ret_from_fork_asm+0x1a/0x30 [ 28.637709] </TASK> [ 28.638181] [ 28.638956] Allocated by task 272: [ 28.639714] kasan_save_stack+0x3d/0x60 [ 28.640789] kasan_save_track+0x18/0x40 [ 28.641418] kasan_save_alloc_info+0x3b/0x50 [ 28.642245] __kasan_kmalloc+0xb7/0xc0 [ 28.642719] __kmalloc_cache_noprof+0x184/0x410 [ 28.643678] kasan_atomics+0x96/0x310 [ 28.643944] kunit_try_run_case+0x1b3/0x490 [ 28.644952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.645503] kthread+0x257/0x310 [ 28.645989] ret_from_fork+0x41/0x80 [ 28.646483] ret_from_fork_asm+0x1a/0x30 [ 28.647438] [ 28.647635] The buggy address belongs to the object at ffff888102969600 [ 28.647635] which belongs to the cache kmalloc-64 of size 64 [ 28.649455] The buggy address is located 0 bytes to the right of [ 28.649455] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.651477] [ 28.651669] The buggy address belongs to the physical page: [ 28.653056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.653772] flags: 0x200000000000000(node=0|zone=2) [ 28.654524] page_type: f5(slab) [ 28.655476] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.656959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.657951] page dumped because: kasan: bad access detected [ 28.658919] [ 28.659423] Memory state around the buggy address: [ 28.660143] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.661424] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.662878] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.663447] ^ [ 28.664397] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.665669] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.666221] ================================================================== [ 30.624625] ================================================================== [ 30.625840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 30.626993] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.627700] [ 30.627887] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.628924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.629246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.630095] Call Trace: [ 30.630446] <TASK> [ 30.630673] dump_stack_lvl+0x73/0xb0 [ 30.631025] print_report+0xd1/0x640 [ 30.631569] ? __virt_addr_valid+0x1db/0x2d0 [ 30.632323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.632761] kasan_report+0x102/0x140 [ 30.633051] ? kasan_atomics_helper+0x1650/0x5450 [ 30.633713] ? kasan_atomics_helper+0x1650/0x5450 [ 30.634221] kasan_check_range+0x10c/0x1c0 [ 30.634709] __kasan_check_write+0x18/0x20 [ 30.635084] kasan_atomics_helper+0x1650/0x5450 [ 30.635601] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.636130] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.636489] ? kasan_atomics+0x153/0x310 [ 30.636954] kasan_atomics+0x1dd/0x310 [ 30.637479] ? __pfx_kasan_atomics+0x10/0x10 [ 30.638068] ? __pfx_read_tsc+0x10/0x10 [ 30.638480] ? ktime_get_ts64+0x86/0x230 [ 30.638891] kunit_try_run_case+0x1b3/0x490 [ 30.639427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.640050] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.640511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.641147] ? __kthread_parkme+0x82/0x160 [ 30.641575] ? preempt_count_sub+0x50/0x80 [ 30.642066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.642658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.643159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.643850] kthread+0x257/0x310 [ 30.644147] ? __pfx_kthread+0x10/0x10 [ 30.644460] ret_from_fork+0x41/0x80 [ 30.644808] ? __pfx_kthread+0x10/0x10 [ 30.645112] ret_from_fork_asm+0x1a/0x30 [ 30.645612] </TASK> [ 30.645992] [ 30.646276] Allocated by task 272: [ 30.646791] kasan_save_stack+0x3d/0x60 [ 30.647290] kasan_save_track+0x18/0x40 [ 30.647850] kasan_save_alloc_info+0x3b/0x50 [ 30.648310] __kasan_kmalloc+0xb7/0xc0 [ 30.648798] __kmalloc_cache_noprof+0x184/0x410 [ 30.649282] kasan_atomics+0x96/0x310 [ 30.649794] kunit_try_run_case+0x1b3/0x490 [ 30.650131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.650705] kthread+0x257/0x310 [ 30.651164] ret_from_fork+0x41/0x80 [ 30.651537] ret_from_fork_asm+0x1a/0x30 [ 30.652014] [ 30.652291] The buggy address belongs to the object at ffff888102969600 [ 30.652291] which belongs to the cache kmalloc-64 of size 64 [ 30.653003] The buggy address is located 0 bytes to the right of [ 30.653003] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.654147] [ 30.654725] The buggy address belongs to the physical page: [ 30.655377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.656111] flags: 0x200000000000000(node=0|zone=2) [ 30.656590] page_type: f5(slab) [ 30.656975] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.657640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.658362] page dumped because: kasan: bad access detected [ 30.658863] [ 30.659094] Memory state around the buggy address: [ 30.659599] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.660250] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.660890] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.661510] ^ [ 30.661990] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.662559] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.663311] ================================================================== [ 29.569395] ================================================================== [ 29.570000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 29.570870] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.571656] [ 29.571980] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.573221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.573548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.574684] Call Trace: [ 29.574963] <TASK> [ 29.575173] dump_stack_lvl+0x73/0xb0 [ 29.575974] print_report+0xd1/0x640 [ 29.576365] ? __virt_addr_valid+0x1db/0x2d0 [ 29.576693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.577451] kasan_report+0x102/0x140 [ 29.577751] ? kasan_atomics_helper+0x4a86/0x5450 [ 29.578458] ? kasan_atomics_helper+0x4a86/0x5450 [ 29.579302] __asan_report_load4_noabort+0x18/0x20 [ 29.579719] kasan_atomics_helper+0x4a86/0x5450 [ 29.580251] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.581168] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.581610] ? kasan_atomics+0x153/0x310 [ 29.582149] kasan_atomics+0x1dd/0x310 [ 29.582738] ? __pfx_kasan_atomics+0x10/0x10 [ 29.583483] ? __pfx_read_tsc+0x10/0x10 [ 29.584002] ? ktime_get_ts64+0x86/0x230 [ 29.584384] kunit_try_run_case+0x1b3/0x490 [ 29.584951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.585486] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.587067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.587827] ? __kthread_parkme+0x82/0x160 [ 29.588481] ? preempt_count_sub+0x50/0x80 [ 29.589355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.590080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.590844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.591641] kthread+0x257/0x310 [ 29.592290] ? __pfx_kthread+0x10/0x10 [ 29.592638] ret_from_fork+0x41/0x80 [ 29.593304] ? __pfx_kthread+0x10/0x10 [ 29.593705] ret_from_fork_asm+0x1a/0x30 [ 29.594620] </TASK> [ 29.595206] [ 29.595670] Allocated by task 272: [ 29.596226] kasan_save_stack+0x3d/0x60 [ 29.597301] kasan_save_track+0x18/0x40 [ 29.597720] kasan_save_alloc_info+0x3b/0x50 [ 29.598285] __kasan_kmalloc+0xb7/0xc0 [ 29.599044] __kmalloc_cache_noprof+0x184/0x410 [ 29.599432] kasan_atomics+0x96/0x310 [ 29.600223] kunit_try_run_case+0x1b3/0x490 [ 29.601310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.602422] kthread+0x257/0x310 [ 29.602766] ret_from_fork+0x41/0x80 [ 29.603464] ret_from_fork_asm+0x1a/0x30 [ 29.604510] [ 29.604704] The buggy address belongs to the object at ffff888102969600 [ 29.604704] which belongs to the cache kmalloc-64 of size 64 [ 29.606386] The buggy address is located 0 bytes to the right of [ 29.606386] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.608101] [ 29.608326] The buggy address belongs to the physical page: [ 29.608855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.609721] flags: 0x200000000000000(node=0|zone=2) [ 29.610539] page_type: f5(slab) [ 29.611142] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.611778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.612929] page dumped because: kasan: bad access detected [ 29.613504] [ 29.613704] Memory state around the buggy address: [ 29.615192] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.616516] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.617182] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.618105] ^ [ 29.618774] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.619482] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.620555] ================================================================== [ 30.209947] ================================================================== [ 30.211507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 30.212325] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.213026] [ 30.213423] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.214565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.215208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.216170] Call Trace: [ 30.216614] <TASK> [ 30.216998] dump_stack_lvl+0x73/0xb0 [ 30.217580] print_report+0xd1/0x640 [ 30.218195] ? __virt_addr_valid+0x1db/0x2d0 [ 30.218647] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.219517] kasan_report+0x102/0x140 [ 30.219867] ? kasan_atomics_helper+0x12e7/0x5450 [ 30.220570] ? kasan_atomics_helper+0x12e7/0x5450 [ 30.221136] kasan_check_range+0x10c/0x1c0 [ 30.221663] __kasan_check_write+0x18/0x20 [ 30.222229] kasan_atomics_helper+0x12e7/0x5450 [ 30.222879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.223502] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.224095] ? kasan_atomics+0x153/0x310 [ 30.224547] kasan_atomics+0x1dd/0x310 [ 30.225043] ? __pfx_kasan_atomics+0x10/0x10 [ 30.225562] ? __pfx_read_tsc+0x10/0x10 [ 30.226145] ? ktime_get_ts64+0x86/0x230 [ 30.226669] kunit_try_run_case+0x1b3/0x490 [ 30.227245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.227911] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.228375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.229145] ? __kthread_parkme+0x82/0x160 [ 30.229590] ? preempt_count_sub+0x50/0x80 [ 30.230308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.231000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.231746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.232495] kthread+0x257/0x310 [ 30.233001] ? __pfx_kthread+0x10/0x10 [ 30.233520] ret_from_fork+0x41/0x80 [ 30.234010] ? __pfx_kthread+0x10/0x10 [ 30.234598] ret_from_fork_asm+0x1a/0x30 [ 30.235154] </TASK> [ 30.235635] [ 30.235862] Allocated by task 272: [ 30.236403] kasan_save_stack+0x3d/0x60 [ 30.237087] kasan_save_track+0x18/0x40 [ 30.237633] kasan_save_alloc_info+0x3b/0x50 [ 30.238166] __kasan_kmalloc+0xb7/0xc0 [ 30.238794] __kmalloc_cache_noprof+0x184/0x410 [ 30.239197] kasan_atomics+0x96/0x310 [ 30.239917] kunit_try_run_case+0x1b3/0x490 [ 30.240239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.240930] kthread+0x257/0x310 [ 30.241388] ret_from_fork+0x41/0x80 [ 30.241977] ret_from_fork_asm+0x1a/0x30 [ 30.242683] [ 30.243089] The buggy address belongs to the object at ffff888102969600 [ 30.243089] which belongs to the cache kmalloc-64 of size 64 [ 30.244768] The buggy address is located 0 bytes to the right of [ 30.244768] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.246452] [ 30.246623] The buggy address belongs to the physical page: [ 30.247948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.248806] flags: 0x200000000000000(node=0|zone=2) [ 30.249797] page_type: f5(slab) [ 30.250059] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.250792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.252302] page dumped because: kasan: bad access detected [ 30.253525] [ 30.253736] Memory state around the buggy address: [ 30.254646] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.255624] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.256966] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.257247] ^ [ 30.258041] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.258630] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.259650] ================================================================== [ 31.052056] ================================================================== [ 31.052896] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 31.053653] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.054501] [ 31.055660] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.056363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.057239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.058486] Call Trace: [ 31.058804] <TASK> [ 31.059054] dump_stack_lvl+0x73/0xb0 [ 31.059499] print_report+0xd1/0x640 [ 31.059983] ? __virt_addr_valid+0x1db/0x2d0 [ 31.060506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.061145] kasan_report+0x102/0x140 [ 31.061567] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.062169] ? kasan_atomics_helper+0x1c19/0x5450 [ 31.062726] kasan_check_range+0x10c/0x1c0 [ 31.063220] __kasan_check_write+0x18/0x20 [ 31.063820] kasan_atomics_helper+0x1c19/0x5450 [ 31.064376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.064960] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.065457] ? kasan_atomics+0x153/0x310 [ 31.066054] kasan_atomics+0x1dd/0x310 [ 31.066575] ? __pfx_kasan_atomics+0x10/0x10 [ 31.067214] ? __pfx_read_tsc+0x10/0x10 [ 31.067595] ? ktime_get_ts64+0x86/0x230 [ 31.068243] kunit_try_run_case+0x1b3/0x490 [ 31.068827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.069339] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.069822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.070516] ? __kthread_parkme+0x82/0x160 [ 31.071001] ? preempt_count_sub+0x50/0x80 [ 31.071462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.072086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.072699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.073340] kthread+0x257/0x310 [ 31.073898] ? __pfx_kthread+0x10/0x10 [ 31.074206] ret_from_fork+0x41/0x80 [ 31.074715] ? __pfx_kthread+0x10/0x10 [ 31.075187] ret_from_fork_asm+0x1a/0x30 [ 31.075869] </TASK> [ 31.076115] [ 31.076303] Allocated by task 272: [ 31.076892] kasan_save_stack+0x3d/0x60 [ 31.077436] kasan_save_track+0x18/0x40 [ 31.077988] kasan_save_alloc_info+0x3b/0x50 [ 31.078576] __kasan_kmalloc+0xb7/0xc0 [ 31.079129] __kmalloc_cache_noprof+0x184/0x410 [ 31.079708] kasan_atomics+0x96/0x310 [ 31.080297] kunit_try_run_case+0x1b3/0x490 [ 31.080864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.081466] kthread+0x257/0x310 [ 31.081967] ret_from_fork+0x41/0x80 [ 31.082477] ret_from_fork_asm+0x1a/0x30 [ 31.083072] [ 31.083362] The buggy address belongs to the object at ffff888102969600 [ 31.083362] which belongs to the cache kmalloc-64 of size 64 [ 31.084486] The buggy address is located 0 bytes to the right of [ 31.084486] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.085544] [ 31.085751] The buggy address belongs to the physical page: [ 31.086215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.088585] flags: 0x200000000000000(node=0|zone=2) [ 31.089540] page_type: f5(slab) [ 31.090549] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.091537] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.092473] page dumped because: kasan: bad access detected [ 31.093120] [ 31.093346] Memory state around the buggy address: [ 31.094183] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.095620] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.096451] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.097277] ^ [ 31.098057] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.098961] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.099473] ================================================================== [ 31.396476] ================================================================== [ 31.397184] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 31.397983] Read of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.398818] [ 31.399109] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.400394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.400806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.401945] Call Trace: [ 31.402182] <TASK> [ 31.402772] dump_stack_lvl+0x73/0xb0 [ 31.403506] print_report+0xd1/0x640 [ 31.404638] ? __virt_addr_valid+0x1db/0x2d0 [ 31.405547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.406427] kasan_report+0x102/0x140 [ 31.406625] ? kasan_atomics_helper+0x4f73/0x5450 [ 31.407121] ? kasan_atomics_helper+0x4f73/0x5450 [ 31.407897] __asan_report_load8_noabort+0x18/0x20 [ 31.408646] kasan_atomics_helper+0x4f73/0x5450 [ 31.408975] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.409575] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.410051] ? kasan_atomics+0x153/0x310 [ 31.410583] kasan_atomics+0x1dd/0x310 [ 31.411166] ? __pfx_kasan_atomics+0x10/0x10 [ 31.411603] ? __pfx_read_tsc+0x10/0x10 [ 31.412006] ? ktime_get_ts64+0x86/0x230 [ 31.412569] kunit_try_run_case+0x1b3/0x490 [ 31.412936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.413526] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.414117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.414563] ? __kthread_parkme+0x82/0x160 [ 31.415302] ? preempt_count_sub+0x50/0x80 [ 31.415658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.416196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.416665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.417246] kthread+0x257/0x310 [ 31.417719] ? __pfx_kthread+0x10/0x10 [ 31.418087] ret_from_fork+0x41/0x80 [ 31.418471] ? __pfx_kthread+0x10/0x10 [ 31.418761] ret_from_fork_asm+0x1a/0x30 [ 31.419304] </TASK> [ 31.419630] [ 31.420015] Allocated by task 272: [ 31.420381] kasan_save_stack+0x3d/0x60 [ 31.420746] kasan_save_track+0x18/0x40 [ 31.421151] kasan_save_alloc_info+0x3b/0x50 [ 31.421481] __kasan_kmalloc+0xb7/0xc0 [ 31.421768] __kmalloc_cache_noprof+0x184/0x410 [ 31.422363] kasan_atomics+0x96/0x310 [ 31.423077] kunit_try_run_case+0x1b3/0x490 [ 31.423428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.423856] kthread+0x257/0x310 [ 31.424569] ret_from_fork+0x41/0x80 [ 31.425155] ret_from_fork_asm+0x1a/0x30 [ 31.425472] [ 31.425640] The buggy address belongs to the object at ffff888102969600 [ 31.425640] which belongs to the cache kmalloc-64 of size 64 [ 31.426916] The buggy address is located 0 bytes to the right of [ 31.426916] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.428223] [ 31.428447] The buggy address belongs to the physical page: [ 31.430348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.431076] flags: 0x200000000000000(node=0|zone=2) [ 31.431730] page_type: f5(slab) [ 31.432080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.432826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.433591] page dumped because: kasan: bad access detected [ 31.434180] [ 31.434473] Memory state around the buggy address: [ 31.435040] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.435824] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.436425] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.437216] ^ [ 31.437697] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.438366] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.439154] ================================================================== [ 30.714426] ================================================================== [ 30.715175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 30.716295] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.716794] [ 30.716997] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.718196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.718553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.720984] Call Trace: [ 30.721651] <TASK> [ 30.721859] dump_stack_lvl+0x73/0xb0 [ 30.722216] print_report+0xd1/0x640 [ 30.723040] ? __virt_addr_valid+0x1db/0x2d0 [ 30.723597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.724297] kasan_report+0x102/0x140 [ 30.724621] ? kasan_atomics_helper+0x1780/0x5450 [ 30.725002] ? kasan_atomics_helper+0x1780/0x5450 [ 30.726141] kasan_check_range+0x10c/0x1c0 [ 30.727114] __kasan_check_write+0x18/0x20 [ 30.727981] kasan_atomics_helper+0x1780/0x5450 [ 30.729278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.729725] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.730187] ? kasan_atomics+0x153/0x310 [ 30.731010] kasan_atomics+0x1dd/0x310 [ 30.731419] ? __pfx_kasan_atomics+0x10/0x10 [ 30.731709] ? __pfx_read_tsc+0x10/0x10 [ 30.732035] ? ktime_get_ts64+0x86/0x230 [ 30.732427] kunit_try_run_case+0x1b3/0x490 [ 30.733348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.733764] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.734965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.735486] ? __kthread_parkme+0x82/0x160 [ 30.736490] ? preempt_count_sub+0x50/0x80 [ 30.737282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.737988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.738665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.739359] kthread+0x257/0x310 [ 30.740015] ? __pfx_kthread+0x10/0x10 [ 30.740699] ret_from_fork+0x41/0x80 [ 30.741217] ? __pfx_kthread+0x10/0x10 [ 30.741661] ret_from_fork_asm+0x1a/0x30 [ 30.742172] </TASK> [ 30.742459] [ 30.742622] Allocated by task 272: [ 30.743272] kasan_save_stack+0x3d/0x60 [ 30.743957] kasan_save_track+0x18/0x40 [ 30.744451] kasan_save_alloc_info+0x3b/0x50 [ 30.745121] __kasan_kmalloc+0xb7/0xc0 [ 30.745937] __kmalloc_cache_noprof+0x184/0x410 [ 30.746309] kasan_atomics+0x96/0x310 [ 30.746738] kunit_try_run_case+0x1b3/0x490 [ 30.747108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.748156] kthread+0x257/0x310 [ 30.748540] ret_from_fork+0x41/0x80 [ 30.749497] ret_from_fork_asm+0x1a/0x30 [ 30.749771] [ 30.750240] The buggy address belongs to the object at ffff888102969600 [ 30.750240] which belongs to the cache kmalloc-64 of size 64 [ 30.751337] The buggy address is located 0 bytes to the right of [ 30.751337] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.753120] [ 30.753709] The buggy address belongs to the physical page: [ 30.754577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.755881] flags: 0x200000000000000(node=0|zone=2) [ 30.756290] page_type: f5(slab) [ 30.756712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.757832] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.758736] page dumped because: kasan: bad access detected [ 30.759524] [ 30.759695] Memory state around the buggy address: [ 30.760333] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.761591] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.762848] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.763489] ^ [ 30.764278] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.765120] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.765783] ================================================================== [ 31.248762] ================================================================== [ 31.249953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 31.250623] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.251513] [ 31.251828] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.253036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.253341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.254495] Call Trace: [ 31.254947] <TASK> [ 31.255289] dump_stack_lvl+0x73/0xb0 [ 31.255695] print_report+0xd1/0x640 [ 31.256336] ? __virt_addr_valid+0x1db/0x2d0 [ 31.257043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.257538] kasan_report+0x102/0x140 [ 31.257830] ? kasan_atomics_helper+0x1e13/0x5450 [ 31.258486] ? kasan_atomics_helper+0x1e13/0x5450 [ 31.259182] kasan_check_range+0x10c/0x1c0 [ 31.259683] __kasan_check_write+0x18/0x20 [ 31.260324] kasan_atomics_helper+0x1e13/0x5450 [ 31.260767] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.261320] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.262054] ? kasan_atomics+0x153/0x310 [ 31.262714] kasan_atomics+0x1dd/0x310 [ 31.263231] ? __pfx_kasan_atomics+0x10/0x10 [ 31.263574] ? __pfx_read_tsc+0x10/0x10 [ 31.264358] ? ktime_get_ts64+0x86/0x230 [ 31.264976] kunit_try_run_case+0x1b3/0x490 [ 31.265348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.266005] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.266876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.267372] ? __kthread_parkme+0x82/0x160 [ 31.267811] ? preempt_count_sub+0x50/0x80 [ 31.268465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.268902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.269780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.270609] kthread+0x257/0x310 [ 31.271103] ? __pfx_kthread+0x10/0x10 [ 31.271569] ret_from_fork+0x41/0x80 [ 31.271859] ? __pfx_kthread+0x10/0x10 [ 31.272070] ret_from_fork_asm+0x1a/0x30 [ 31.272305] </TASK> [ 31.272437] [ 31.272536] Allocated by task 272: [ 31.272694] kasan_save_stack+0x3d/0x60 [ 31.272885] kasan_save_track+0x18/0x40 [ 31.273067] kasan_save_alloc_info+0x3b/0x50 [ 31.273334] __kasan_kmalloc+0xb7/0xc0 [ 31.273950] __kmalloc_cache_noprof+0x184/0x410 [ 31.274653] kasan_atomics+0x96/0x310 [ 31.275311] kunit_try_run_case+0x1b3/0x490 [ 31.276036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.276926] kthread+0x257/0x310 [ 31.277498] ret_from_fork+0x41/0x80 [ 31.278110] ret_from_fork_asm+0x1a/0x30 [ 31.278752] [ 31.279129] The buggy address belongs to the object at ffff888102969600 [ 31.279129] which belongs to the cache kmalloc-64 of size 64 [ 31.279927] The buggy address is located 0 bytes to the right of [ 31.279927] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.281622] [ 31.282541] The buggy address belongs to the physical page: [ 31.283370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.284240] flags: 0x200000000000000(node=0|zone=2) [ 31.284757] page_type: f5(slab) [ 31.285118] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.286352] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.287543] page dumped because: kasan: bad access detected [ 31.288370] [ 31.288539] Memory state around the buggy address: [ 31.289054] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.289823] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.290450] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.291209] ^ [ 31.291827] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.292470] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.293683] ================================================================== [ 29.878648] ================================================================== [ 29.879360] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 29.880310] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.881547] [ 29.881996] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.883148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.883763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.884807] Call Trace: [ 29.885204] <TASK> [ 29.885531] dump_stack_lvl+0x73/0xb0 [ 29.886525] print_report+0xd1/0x640 [ 29.886901] ? __virt_addr_valid+0x1db/0x2d0 [ 29.887653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.888546] kasan_report+0x102/0x140 [ 29.889371] ? kasan_atomics_helper+0x4a38/0x5450 [ 29.890318] ? kasan_atomics_helper+0x4a38/0x5450 [ 29.891310] __asan_report_load4_noabort+0x18/0x20 [ 29.891757] kasan_atomics_helper+0x4a38/0x5450 [ 29.892566] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.893029] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.893716] ? kasan_atomics+0x153/0x310 [ 29.894429] kasan_atomics+0x1dd/0x310 [ 29.895239] ? __pfx_kasan_atomics+0x10/0x10 [ 29.895694] ? __pfx_read_tsc+0x10/0x10 [ 29.896344] ? ktime_get_ts64+0x86/0x230 [ 29.896948] kunit_try_run_case+0x1b3/0x490 [ 29.897561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.898133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.898643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.899272] ? __kthread_parkme+0x82/0x160 [ 29.900229] ? preempt_count_sub+0x50/0x80 [ 29.900921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.901604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.902386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.903316] kthread+0x257/0x310 [ 29.904004] ? __pfx_kthread+0x10/0x10 [ 29.904406] ret_from_fork+0x41/0x80 [ 29.905068] ? __pfx_kthread+0x10/0x10 [ 29.905517] ret_from_fork_asm+0x1a/0x30 [ 29.906878] </TASK> [ 29.907102] [ 29.907325] Allocated by task 272: [ 29.907867] kasan_save_stack+0x3d/0x60 [ 29.908562] kasan_save_track+0x18/0x40 [ 29.909058] kasan_save_alloc_info+0x3b/0x50 [ 29.909370] __kasan_kmalloc+0xb7/0xc0 [ 29.909793] __kmalloc_cache_noprof+0x184/0x410 [ 29.911211] kasan_atomics+0x96/0x310 [ 29.911591] kunit_try_run_case+0x1b3/0x490 [ 29.912440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.913404] kthread+0x257/0x310 [ 29.913752] ret_from_fork+0x41/0x80 [ 29.914152] ret_from_fork_asm+0x1a/0x30 [ 29.914912] [ 29.915361] The buggy address belongs to the object at ffff888102969600 [ 29.915361] which belongs to the cache kmalloc-64 of size 64 [ 29.916652] The buggy address is located 0 bytes to the right of [ 29.916652] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.918195] [ 29.918489] The buggy address belongs to the physical page: [ 29.919137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.920060] flags: 0x200000000000000(node=0|zone=2) [ 29.920591] page_type: f5(slab) [ 29.921383] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.922036] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.922483] page dumped because: kasan: bad access detected [ 29.922719] [ 29.923466] Memory state around the buggy address: [ 29.924478] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.925492] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.926514] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.927400] ^ [ 29.927892] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.928646] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.929706] ================================================================== [ 31.007031] ================================================================== [ 31.007593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 31.009103] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.010188] [ 31.010425] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.011838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.012242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.012997] Call Trace: [ 31.013458] <TASK> [ 31.013798] dump_stack_lvl+0x73/0xb0 [ 31.014205] print_report+0xd1/0x640 [ 31.014700] ? __virt_addr_valid+0x1db/0x2d0 [ 31.015186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.015780] kasan_report+0x102/0x140 [ 31.016189] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.016756] ? kasan_atomics_helper+0x1b23/0x5450 [ 31.017821] kasan_check_range+0x10c/0x1c0 [ 31.018225] __kasan_check_write+0x18/0x20 [ 31.018658] kasan_atomics_helper+0x1b23/0x5450 [ 31.019173] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.019881] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.020232] ? kasan_atomics+0x153/0x310 [ 31.020821] kasan_atomics+0x1dd/0x310 [ 31.021194] ? __pfx_kasan_atomics+0x10/0x10 [ 31.021839] ? __pfx_read_tsc+0x10/0x10 [ 31.022236] ? ktime_get_ts64+0x86/0x230 [ 31.022912] kunit_try_run_case+0x1b3/0x490 [ 31.023409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.023991] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.024518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.025117] ? __kthread_parkme+0x82/0x160 [ 31.025536] ? preempt_count_sub+0x50/0x80 [ 31.026131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.026656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.027279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.027882] kthread+0x257/0x310 [ 31.028412] ? __pfx_kthread+0x10/0x10 [ 31.028794] ret_from_fork+0x41/0x80 [ 31.029324] ? __pfx_kthread+0x10/0x10 [ 31.029933] ret_from_fork_asm+0x1a/0x30 [ 31.030309] </TASK> [ 31.030719] [ 31.031034] Allocated by task 272: [ 31.031316] kasan_save_stack+0x3d/0x60 [ 31.031898] kasan_save_track+0x18/0x40 [ 31.032487] kasan_save_alloc_info+0x3b/0x50 [ 31.033025] __kasan_kmalloc+0xb7/0xc0 [ 31.033376] __kmalloc_cache_noprof+0x184/0x410 [ 31.034013] kasan_atomics+0x96/0x310 [ 31.034427] kunit_try_run_case+0x1b3/0x490 [ 31.034914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.035726] kthread+0x257/0x310 [ 31.036191] ret_from_fork+0x41/0x80 [ 31.036587] ret_from_fork_asm+0x1a/0x30 [ 31.036943] [ 31.037210] The buggy address belongs to the object at ffff888102969600 [ 31.037210] which belongs to the cache kmalloc-64 of size 64 [ 31.038485] The buggy address is located 0 bytes to the right of [ 31.038485] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.039681] [ 31.039949] The buggy address belongs to the physical page: [ 31.040508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.041349] flags: 0x200000000000000(node=0|zone=2) [ 31.041879] page_type: f5(slab) [ 31.042355] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.043171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.043953] page dumped because: kasan: bad access detected [ 31.044502] [ 31.044841] Memory state around the buggy address: [ 31.045323] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.046037] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.046648] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.047365] ^ [ 31.047947] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.048686] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.049741] ================================================================== [ 31.151561] ================================================================== [ 31.152475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 31.153419] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.154608] [ 31.155047] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.156020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.156449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.157224] Call Trace: [ 31.157809] <TASK> [ 31.158329] dump_stack_lvl+0x73/0xb0 [ 31.159165] print_report+0xd1/0x640 [ 31.159591] ? __virt_addr_valid+0x1db/0x2d0 [ 31.160361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.160958] kasan_report+0x102/0x140 [ 31.161606] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.162177] ? kasan_atomics_helper+0x1ce2/0x5450 [ 31.162899] kasan_check_range+0x10c/0x1c0 [ 31.163507] __kasan_check_write+0x18/0x20 [ 31.164191] kasan_atomics_helper+0x1ce2/0x5450 [ 31.164687] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.165372] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.165985] ? kasan_atomics+0x153/0x310 [ 31.166624] kasan_atomics+0x1dd/0x310 [ 31.167019] ? __pfx_kasan_atomics+0x10/0x10 [ 31.167658] ? __pfx_read_tsc+0x10/0x10 [ 31.168182] ? ktime_get_ts64+0x86/0x230 [ 31.168833] kunit_try_run_case+0x1b3/0x490 [ 31.169395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.169978] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.170598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.171285] ? __kthread_parkme+0x82/0x160 [ 31.171830] ? preempt_count_sub+0x50/0x80 [ 31.172463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.172984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.173733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.174466] kthread+0x257/0x310 [ 31.175011] ? __pfx_kthread+0x10/0x10 [ 31.175571] ret_from_fork+0x41/0x80 [ 31.176244] ? __pfx_kthread+0x10/0x10 [ 31.176754] ret_from_fork_asm+0x1a/0x30 [ 31.177133] </TASK> [ 31.177516] [ 31.177761] Allocated by task 272: [ 31.178065] kasan_save_stack+0x3d/0x60 [ 31.178593] kasan_save_track+0x18/0x40 [ 31.178994] kasan_save_alloc_info+0x3b/0x50 [ 31.179329] __kasan_kmalloc+0xb7/0xc0 [ 31.179612] __kmalloc_cache_noprof+0x184/0x410 [ 31.180355] kasan_atomics+0x96/0x310 [ 31.180808] kunit_try_run_case+0x1b3/0x490 [ 31.181194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.182946] kthread+0x257/0x310 [ 31.183342] ret_from_fork+0x41/0x80 [ 31.183729] ret_from_fork_asm+0x1a/0x30 [ 31.184863] [ 31.185130] The buggy address belongs to the object at ffff888102969600 [ 31.185130] which belongs to the cache kmalloc-64 of size 64 [ 31.187143] The buggy address is located 0 bytes to the right of [ 31.187143] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.188772] [ 31.189383] The buggy address belongs to the physical page: [ 31.190054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.191246] flags: 0x200000000000000(node=0|zone=2) [ 31.191709] page_type: f5(slab) [ 31.192380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.193236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.194451] page dumped because: kasan: bad access detected [ 31.195335] [ 31.195522] Memory state around the buggy address: [ 31.196057] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.196855] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.197872] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.198576] ^ [ 31.199052] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.200688] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.201442] ================================================================== [ 31.348853] ================================================================== [ 31.350350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 31.351802] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.352647] [ 31.353164] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.354513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.355032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.355690] Call Trace: [ 31.356012] <TASK> [ 31.356419] dump_stack_lvl+0x73/0xb0 [ 31.356744] print_report+0xd1/0x640 [ 31.357200] ? __virt_addr_valid+0x1db/0x2d0 [ 31.357600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.358065] kasan_report+0x102/0x140 [ 31.358566] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.359427] ? kasan_atomics_helper+0x1f44/0x5450 [ 31.360081] kasan_check_range+0x10c/0x1c0 [ 31.360639] __kasan_check_write+0x18/0x20 [ 31.361294] kasan_atomics_helper+0x1f44/0x5450 [ 31.362317] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.363118] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.363542] ? kasan_atomics+0x153/0x310 [ 31.363953] kasan_atomics+0x1dd/0x310 [ 31.364509] ? __pfx_kasan_atomics+0x10/0x10 [ 31.364944] ? __pfx_read_tsc+0x10/0x10 [ 31.365715] ? ktime_get_ts64+0x86/0x230 [ 31.366642] kunit_try_run_case+0x1b3/0x490 [ 31.367329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.368300] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.368788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.369250] ? __kthread_parkme+0x82/0x160 [ 31.369672] ? preempt_count_sub+0x50/0x80 [ 31.370083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.370614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.371326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.372093] kthread+0x257/0x310 [ 31.372644] ? __pfx_kthread+0x10/0x10 [ 31.373176] ret_from_fork+0x41/0x80 [ 31.373782] ? __pfx_kthread+0x10/0x10 [ 31.374309] ret_from_fork_asm+0x1a/0x30 [ 31.374968] </TASK> [ 31.375202] [ 31.375540] Allocated by task 272: [ 31.376175] kasan_save_stack+0x3d/0x60 [ 31.376556] kasan_save_track+0x18/0x40 [ 31.377228] kasan_save_alloc_info+0x3b/0x50 [ 31.377703] __kasan_kmalloc+0xb7/0xc0 [ 31.378280] __kmalloc_cache_noprof+0x184/0x410 [ 31.378890] kasan_atomics+0x96/0x310 [ 31.379146] kunit_try_run_case+0x1b3/0x490 [ 31.379694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.380649] kthread+0x257/0x310 [ 31.381328] ret_from_fork+0x41/0x80 [ 31.381719] ret_from_fork_asm+0x1a/0x30 [ 31.382272] [ 31.382502] The buggy address belongs to the object at ffff888102969600 [ 31.382502] which belongs to the cache kmalloc-64 of size 64 [ 31.383801] The buggy address is located 0 bytes to the right of [ 31.383801] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.384840] [ 31.385139] The buggy address belongs to the physical page: [ 31.385629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.386510] flags: 0x200000000000000(node=0|zone=2) [ 31.387048] page_type: f5(slab) [ 31.387413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.388212] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.389031] page dumped because: kasan: bad access detected [ 31.389637] [ 31.389872] Memory state around the buggy address: [ 31.390361] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.391069] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.391688] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.392191] ^ [ 31.393002] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.393820] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.394299] ================================================================== [ 30.867805] ================================================================== [ 30.868595] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 30.869535] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.870244] [ 30.870617] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.871220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.871797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.872662] Call Trace: [ 30.873175] <TASK> [ 30.873492] dump_stack_lvl+0x73/0xb0 [ 30.874030] print_report+0xd1/0x640 [ 30.874462] ? __virt_addr_valid+0x1db/0x2d0 [ 30.874991] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.875576] kasan_report+0x102/0x140 [ 30.876040] ? kasan_atomics_helper+0x194b/0x5450 [ 30.876550] ? kasan_atomics_helper+0x194b/0x5450 [ 30.877105] kasan_check_range+0x10c/0x1c0 [ 30.877603] __kasan_check_write+0x18/0x20 [ 30.878089] kasan_atomics_helper+0x194b/0x5450 [ 30.878846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.879440] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.880013] ? kasan_atomics+0x153/0x310 [ 30.880343] kasan_atomics+0x1dd/0x310 [ 30.880868] ? __pfx_kasan_atomics+0x10/0x10 [ 30.881796] ? __pfx_read_tsc+0x10/0x10 [ 30.882116] ? ktime_get_ts64+0x86/0x230 [ 30.882638] kunit_try_run_case+0x1b3/0x490 [ 30.883274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.883825] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.884363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.884841] ? __kthread_parkme+0x82/0x160 [ 30.885336] ? preempt_count_sub+0x50/0x80 [ 30.885647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.886321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.886920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.887753] kthread+0x257/0x310 [ 30.888236] ? __pfx_kthread+0x10/0x10 [ 30.888645] ret_from_fork+0x41/0x80 [ 30.889170] ? __pfx_kthread+0x10/0x10 [ 30.889686] ret_from_fork_asm+0x1a/0x30 [ 30.890212] </TASK> [ 30.890634] [ 30.890906] Allocated by task 272: [ 30.891215] kasan_save_stack+0x3d/0x60 [ 30.891697] kasan_save_track+0x18/0x40 [ 30.892104] kasan_save_alloc_info+0x3b/0x50 [ 30.892527] __kasan_kmalloc+0xb7/0xc0 [ 30.892814] __kmalloc_cache_noprof+0x184/0x410 [ 30.893130] kasan_atomics+0x96/0x310 [ 30.893743] kunit_try_run_case+0x1b3/0x490 [ 30.894325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.895015] kthread+0x257/0x310 [ 30.895304] ret_from_fork+0x41/0x80 [ 30.895805] ret_from_fork_asm+0x1a/0x30 [ 30.896406] [ 30.896731] The buggy address belongs to the object at ffff888102969600 [ 30.896731] which belongs to the cache kmalloc-64 of size 64 [ 30.897985] The buggy address is located 0 bytes to the right of [ 30.897985] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.899205] [ 30.899427] The buggy address belongs to the physical page: [ 30.899770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.900594] flags: 0x200000000000000(node=0|zone=2) [ 30.900963] page_type: f5(slab) [ 30.901515] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.902491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.903527] page dumped because: kasan: bad access detected [ 30.904050] [ 30.904331] Memory state around the buggy address: [ 30.904648] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.905317] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.906037] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.906782] ^ [ 30.907432] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.908217] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.908821] ================================================================== [ 30.956680] ================================================================== [ 30.957364] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 30.959685] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.960585] [ 30.960826] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.961657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.962034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.962853] Call Trace: [ 30.963121] <TASK> [ 30.963482] dump_stack_lvl+0x73/0xb0 [ 30.964689] print_report+0xd1/0x640 [ 30.965291] ? __virt_addr_valid+0x1db/0x2d0 [ 30.965755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.966342] kasan_report+0x102/0x140 [ 30.966558] ? kasan_atomics_helper+0x1a80/0x5450 [ 30.966895] ? kasan_atomics_helper+0x1a80/0x5450 [ 30.968034] kasan_check_range+0x10c/0x1c0 [ 30.968654] __kasan_check_write+0x18/0x20 [ 30.969323] kasan_atomics_helper+0x1a80/0x5450 [ 30.969812] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.970329] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.970824] ? kasan_atomics+0x153/0x310 [ 30.971245] kasan_atomics+0x1dd/0x310 [ 30.971580] ? __pfx_kasan_atomics+0x10/0x10 [ 30.971897] ? __pfx_read_tsc+0x10/0x10 [ 30.973190] ? ktime_get_ts64+0x86/0x230 [ 30.973868] kunit_try_run_case+0x1b3/0x490 [ 30.974520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.975163] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.975646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.976223] ? __kthread_parkme+0x82/0x160 [ 30.976602] ? preempt_count_sub+0x50/0x80 [ 30.977300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.978242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.979224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.980014] kthread+0x257/0x310 [ 30.980542] ? __pfx_kthread+0x10/0x10 [ 30.980910] ret_from_fork+0x41/0x80 [ 30.981383] ? __pfx_kthread+0x10/0x10 [ 30.981747] ret_from_fork_asm+0x1a/0x30 [ 30.982241] </TASK> [ 30.982528] [ 30.982695] Allocated by task 272: [ 30.983190] kasan_save_stack+0x3d/0x60 [ 30.983647] kasan_save_track+0x18/0x40 [ 30.984119] kasan_save_alloc_info+0x3b/0x50 [ 30.984450] __kasan_kmalloc+0xb7/0xc0 [ 30.984948] __kmalloc_cache_noprof+0x184/0x410 [ 30.986063] kasan_atomics+0x96/0x310 [ 30.986607] kunit_try_run_case+0x1b3/0x490 [ 30.987200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.987785] kthread+0x257/0x310 [ 30.988453] ret_from_fork+0x41/0x80 [ 30.989096] ret_from_fork_asm+0x1a/0x30 [ 30.989626] [ 30.989870] The buggy address belongs to the object at ffff888102969600 [ 30.989870] which belongs to the cache kmalloc-64 of size 64 [ 30.991482] The buggy address is located 0 bytes to the right of [ 30.991482] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.992710] [ 30.993171] The buggy address belongs to the physical page: [ 30.994194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.995356] flags: 0x200000000000000(node=0|zone=2) [ 30.996196] page_type: f5(slab) [ 30.996732] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.997437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.999083] page dumped because: kasan: bad access detected [ 30.999537] [ 30.999795] Memory state around the buggy address: [ 31.000338] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.001738] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.002433] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.003324] ^ [ 31.003751] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.004449] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.005577] ================================================================== [ 28.667987] ================================================================== [ 28.668742] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 28.670125] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.671249] [ 28.671599] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.672907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.673596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.674981] Call Trace: [ 28.675489] <TASK> [ 28.675703] dump_stack_lvl+0x73/0xb0 [ 28.676945] print_report+0xd1/0x640 [ 28.677521] ? __virt_addr_valid+0x1db/0x2d0 [ 28.678636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.679245] kasan_report+0x102/0x140 [ 28.680244] ? kasan_atomics_helper+0x3e0/0x5450 [ 28.680686] ? kasan_atomics_helper+0x3e0/0x5450 [ 28.681322] kasan_check_range+0x10c/0x1c0 [ 28.682754] __kasan_check_read+0x15/0x20 [ 28.683186] kasan_atomics_helper+0x3e0/0x5450 [ 28.684123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.684927] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.686282] ? kasan_atomics+0x153/0x310 [ 28.687112] kasan_atomics+0x1dd/0x310 [ 28.687807] ? __pfx_kasan_atomics+0x10/0x10 [ 28.688617] ? __pfx_read_tsc+0x10/0x10 [ 28.689143] ? ktime_get_ts64+0x86/0x230 [ 28.690366] kunit_try_run_case+0x1b3/0x490 [ 28.691009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.691948] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.692698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.693192] ? __kthread_parkme+0x82/0x160 [ 28.694190] ? preempt_count_sub+0x50/0x80 [ 28.695323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.695856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.696118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.696444] kthread+0x257/0x310 [ 28.696891] ? __pfx_kthread+0x10/0x10 [ 28.697245] ret_from_fork+0x41/0x80 [ 28.698055] ? __pfx_kthread+0x10/0x10 [ 28.698949] ret_from_fork_asm+0x1a/0x30 [ 28.699592] </TASK> [ 28.699979] [ 28.700163] Allocated by task 272: [ 28.700815] kasan_save_stack+0x3d/0x60 [ 28.701845] kasan_save_track+0x18/0x40 [ 28.702631] kasan_save_alloc_info+0x3b/0x50 [ 28.703553] __kasan_kmalloc+0xb7/0xc0 [ 28.704025] __kmalloc_cache_noprof+0x184/0x410 [ 28.704699] kasan_atomics+0x96/0x310 [ 28.705304] kunit_try_run_case+0x1b3/0x490 [ 28.706180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.707178] kthread+0x257/0x310 [ 28.707881] ret_from_fork+0x41/0x80 [ 28.708724] ret_from_fork_asm+0x1a/0x30 [ 28.709720] [ 28.709890] The buggy address belongs to the object at ffff888102969600 [ 28.709890] which belongs to the cache kmalloc-64 of size 64 [ 28.712183] The buggy address is located 0 bytes to the right of [ 28.712183] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.713923] [ 28.714165] The buggy address belongs to the physical page: [ 28.715029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.716452] flags: 0x200000000000000(node=0|zone=2) [ 28.716979] page_type: f5(slab) [ 28.718018] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.718963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.720360] page dumped because: kasan: bad access detected [ 28.721174] [ 28.721638] Memory state around the buggy address: [ 28.723190] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.723864] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.724672] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.726078] ^ [ 28.727023] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.728038] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.728828] ================================================================== [ 29.382458] ================================================================== [ 29.384096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 29.385310] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.387036] [ 29.387452] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.389005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.389307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.390242] Call Trace: [ 29.390608] <TASK> [ 29.390846] dump_stack_lvl+0x73/0xb0 [ 29.391337] print_report+0xd1/0x640 [ 29.391789] ? __virt_addr_valid+0x1db/0x2d0 [ 29.392334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.393165] kasan_report+0x102/0x140 [ 29.393626] ? kasan_atomics_helper+0xa2c/0x5450 [ 29.394094] ? kasan_atomics_helper+0xa2c/0x5450 [ 29.394639] kasan_check_range+0x10c/0x1c0 [ 29.395003] __kasan_check_write+0x18/0x20 [ 29.395563] kasan_atomics_helper+0xa2c/0x5450 [ 29.395943] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.396485] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.396994] ? kasan_atomics+0x153/0x310 [ 29.397469] kasan_atomics+0x1dd/0x310 [ 29.398170] ? __pfx_kasan_atomics+0x10/0x10 [ 29.398613] ? __pfx_read_tsc+0x10/0x10 [ 29.399203] ? ktime_get_ts64+0x86/0x230 [ 29.399562] kunit_try_run_case+0x1b3/0x490 [ 29.400129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.400644] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.401172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.401610] ? __kthread_parkme+0x82/0x160 [ 29.402370] ? preempt_count_sub+0x50/0x80 [ 29.402858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.403231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.404010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.405184] kthread+0x257/0x310 [ 29.405601] ? __pfx_kthread+0x10/0x10 [ 29.406618] ret_from_fork+0x41/0x80 [ 29.407096] ? __pfx_kthread+0x10/0x10 [ 29.407658] ret_from_fork_asm+0x1a/0x30 [ 29.408414] </TASK> [ 29.408871] [ 29.409287] Allocated by task 272: [ 29.409661] kasan_save_stack+0x3d/0x60 [ 29.410339] kasan_save_track+0x18/0x40 [ 29.410973] kasan_save_alloc_info+0x3b/0x50 [ 29.411570] __kasan_kmalloc+0xb7/0xc0 [ 29.412341] __kmalloc_cache_noprof+0x184/0x410 [ 29.412802] kasan_atomics+0x96/0x310 [ 29.413298] kunit_try_run_case+0x1b3/0x490 [ 29.413701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.414225] kthread+0x257/0x310 [ 29.414681] ret_from_fork+0x41/0x80 [ 29.415305] ret_from_fork_asm+0x1a/0x30 [ 29.415682] [ 29.415968] The buggy address belongs to the object at ffff888102969600 [ 29.415968] which belongs to the cache kmalloc-64 of size 64 [ 29.417057] The buggy address is located 0 bytes to the right of [ 29.417057] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.418246] [ 29.418602] The buggy address belongs to the physical page: [ 29.419530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.420085] flags: 0x200000000000000(node=0|zone=2) [ 29.420625] page_type: f5(slab) [ 29.420898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.421767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.422751] page dumped because: kasan: bad access detected [ 29.423203] [ 29.423533] Memory state around the buggy address: [ 29.423864] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.424828] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.425876] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.426309] ^ [ 29.426866] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.427820] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.428619] ================================================================== [ 29.263833] ================================================================== [ 29.264454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 29.265238] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.266027] [ 29.266217] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.268163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.268566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.269765] Call Trace: [ 29.270019] <TASK> [ 29.270469] dump_stack_lvl+0x73/0xb0 [ 29.271436] print_report+0xd1/0x640 [ 29.271909] ? __virt_addr_valid+0x1db/0x2d0 [ 29.272413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.273522] kasan_report+0x102/0x140 [ 29.274747] ? kasan_atomics_helper+0x8fa/0x5450 [ 29.275541] ? kasan_atomics_helper+0x8fa/0x5450 [ 29.276381] kasan_check_range+0x10c/0x1c0 [ 29.277647] __kasan_check_write+0x18/0x20 [ 29.278519] kasan_atomics_helper+0x8fa/0x5450 [ 29.279195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.280056] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.280669] ? kasan_atomics+0x153/0x310 [ 29.281158] kasan_atomics+0x1dd/0x310 [ 29.281788] ? __pfx_kasan_atomics+0x10/0x10 [ 29.282576] ? __pfx_read_tsc+0x10/0x10 [ 29.283145] ? ktime_get_ts64+0x86/0x230 [ 29.283690] kunit_try_run_case+0x1b3/0x490 [ 29.284394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.285094] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.285630] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.286881] ? __kthread_parkme+0x82/0x160 [ 29.287359] ? preempt_count_sub+0x50/0x80 [ 29.287737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.288250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.288694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.289864] kthread+0x257/0x310 [ 29.290550] ? __pfx_kthread+0x10/0x10 [ 29.291087] ret_from_fork+0x41/0x80 [ 29.291550] ? __pfx_kthread+0x10/0x10 [ 29.292049] ret_from_fork_asm+0x1a/0x30 [ 29.293124] </TASK> [ 29.293747] [ 29.294037] Allocated by task 272: [ 29.294655] kasan_save_stack+0x3d/0x60 [ 29.295331] kasan_save_track+0x18/0x40 [ 29.295858] kasan_save_alloc_info+0x3b/0x50 [ 29.296174] __kasan_kmalloc+0xb7/0xc0 [ 29.296809] __kmalloc_cache_noprof+0x184/0x410 [ 29.297424] kasan_atomics+0x96/0x310 [ 29.297915] kunit_try_run_case+0x1b3/0x490 [ 29.298513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.299381] kthread+0x257/0x310 [ 29.300406] ret_from_fork+0x41/0x80 [ 29.300929] ret_from_fork_asm+0x1a/0x30 [ 29.301533] [ 29.301891] The buggy address belongs to the object at ffff888102969600 [ 29.301891] which belongs to the cache kmalloc-64 of size 64 [ 29.303157] The buggy address is located 0 bytes to the right of [ 29.303157] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.304478] [ 29.304695] The buggy address belongs to the physical page: [ 29.305226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.306175] flags: 0x200000000000000(node=0|zone=2) [ 29.306690] page_type: f5(slab) [ 29.307314] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.308636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.309513] page dumped because: kasan: bad access detected [ 29.310104] [ 29.310579] Memory state around the buggy address: [ 29.311069] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.312467] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.314151] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.314746] ^ [ 29.315232] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.315833] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.317686] ================================================================== [ 31.730017] ================================================================== [ 31.730879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 31.732998] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.733921] [ 31.734360] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.735482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.736092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.736847] Call Trace: [ 31.737120] <TASK> [ 31.737430] dump_stack_lvl+0x73/0xb0 [ 31.737834] print_report+0xd1/0x640 [ 31.738828] ? __virt_addr_valid+0x1db/0x2d0 [ 31.739472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.740235] kasan_report+0x102/0x140 [ 31.740844] ? kasan_atomics_helper+0x224d/0x5450 [ 31.741468] ? kasan_atomics_helper+0x224d/0x5450 [ 31.742382] kasan_check_range+0x10c/0x1c0 [ 31.743106] __kasan_check_write+0x18/0x20 [ 31.743706] kasan_atomics_helper+0x224d/0x5450 [ 31.744322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.745118] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.745769] ? kasan_atomics+0x153/0x310 [ 31.746429] kasan_atomics+0x1dd/0x310 [ 31.746999] ? __pfx_kasan_atomics+0x10/0x10 [ 31.747585] ? __pfx_read_tsc+0x10/0x10 [ 31.748467] ? ktime_get_ts64+0x86/0x230 [ 31.748854] kunit_try_run_case+0x1b3/0x490 [ 31.749526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.750087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.751071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.751738] ? __kthread_parkme+0x82/0x160 [ 31.752440] ? preempt_count_sub+0x50/0x80 [ 31.753014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.753584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.754530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.755478] kthread+0x257/0x310 [ 31.756107] ? __pfx_kthread+0x10/0x10 [ 31.756683] ret_from_fork+0x41/0x80 [ 31.757275] ? __pfx_kthread+0x10/0x10 [ 31.757920] ret_from_fork_asm+0x1a/0x30 [ 31.758354] </TASK> [ 31.758639] [ 31.758839] Allocated by task 272: [ 31.759702] kasan_save_stack+0x3d/0x60 [ 31.760300] kasan_save_track+0x18/0x40 [ 31.760900] kasan_save_alloc_info+0x3b/0x50 [ 31.761465] __kasan_kmalloc+0xb7/0xc0 [ 31.762128] __kmalloc_cache_noprof+0x184/0x410 [ 31.762752] kasan_atomics+0x96/0x310 [ 31.763340] kunit_try_run_case+0x1b3/0x490 [ 31.764179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.764683] kthread+0x257/0x310 [ 31.765439] ret_from_fork+0x41/0x80 [ 31.765806] ret_from_fork_asm+0x1a/0x30 [ 31.766299] [ 31.766577] The buggy address belongs to the object at ffff888102969600 [ 31.766577] which belongs to the cache kmalloc-64 of size 64 [ 31.767589] The buggy address is located 0 bytes to the right of [ 31.767589] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.768771] [ 31.769166] The buggy address belongs to the physical page: [ 31.769646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.770520] flags: 0x200000000000000(node=0|zone=2) [ 31.770942] page_type: f5(slab) [ 31.771323] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.772010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.772535] page dumped because: kasan: bad access detected [ 31.773220] [ 31.773527] Memory state around the buggy address: [ 31.773965] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.774847] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.775570] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.776372] ^ [ 31.777187] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.778339] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.779304] ================================================================== [ 28.729910] ================================================================== [ 28.731377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 28.734114] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.735773] [ 28.735942] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.736623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.737988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.739420] Call Trace: [ 28.740189] <TASK> [ 28.741029] dump_stack_lvl+0x73/0xb0 [ 28.741627] print_report+0xd1/0x640 [ 28.742043] ? __virt_addr_valid+0x1db/0x2d0 [ 28.743054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.743613] kasan_report+0x102/0x140 [ 28.744016] ? kasan_atomics_helper+0x4b56/0x5450 [ 28.745846] ? kasan_atomics_helper+0x4b56/0x5450 [ 28.746461] __asan_report_load4_noabort+0x18/0x20 [ 28.747070] kasan_atomics_helper+0x4b56/0x5450 [ 28.747757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.748754] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.749482] ? kasan_atomics+0x153/0x310 [ 28.749819] kasan_atomics+0x1dd/0x310 [ 28.750615] ? __pfx_kasan_atomics+0x10/0x10 [ 28.751365] ? __pfx_read_tsc+0x10/0x10 [ 28.751849] ? ktime_get_ts64+0x86/0x230 [ 28.752317] kunit_try_run_case+0x1b3/0x490 [ 28.753061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.753734] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.754218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.755035] ? __kthread_parkme+0x82/0x160 [ 28.756359] ? preempt_count_sub+0x50/0x80 [ 28.757665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.758490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.759419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.760516] kthread+0x257/0x310 [ 28.761058] ? __pfx_kthread+0x10/0x10 [ 28.761440] ret_from_fork+0x41/0x80 [ 28.762486] ? __pfx_kthread+0x10/0x10 [ 28.763653] ret_from_fork_asm+0x1a/0x30 [ 28.764964] </TASK> [ 28.765395] [ 28.765616] Allocated by task 272: [ 28.765917] kasan_save_stack+0x3d/0x60 [ 28.767008] kasan_save_track+0x18/0x40 [ 28.767301] kasan_save_alloc_info+0x3b/0x50 [ 28.768386] __kasan_kmalloc+0xb7/0xc0 [ 28.769003] __kmalloc_cache_noprof+0x184/0x410 [ 28.769550] kasan_atomics+0x96/0x310 [ 28.770344] kunit_try_run_case+0x1b3/0x490 [ 28.771140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.772440] kthread+0x257/0x310 [ 28.772665] ret_from_fork+0x41/0x80 [ 28.773058] ret_from_fork_asm+0x1a/0x30 [ 28.774293] [ 28.774729] The buggy address belongs to the object at ffff888102969600 [ 28.774729] which belongs to the cache kmalloc-64 of size 64 [ 28.777236] The buggy address is located 0 bytes to the right of [ 28.777236] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.778566] [ 28.779185] The buggy address belongs to the physical page: [ 28.779918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.781252] flags: 0x200000000000000(node=0|zone=2) [ 28.782610] page_type: f5(slab) [ 28.783088] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.784390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.785248] page dumped because: kasan: bad access detected [ 28.785805] [ 28.786167] Memory state around the buggy address: [ 28.787049] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.787606] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.789096] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.789788] ^ [ 28.790033] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.790819] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.792209] ================================================================== [ 29.139738] ================================================================== [ 29.140503] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 29.141224] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.142717] [ 29.143054] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.143869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.144833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.146728] Call Trace: [ 29.147409] <TASK> [ 29.147806] dump_stack_lvl+0x73/0xb0 [ 29.148100] print_report+0xd1/0x640 [ 29.148791] ? __virt_addr_valid+0x1db/0x2d0 [ 29.149623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.151034] kasan_report+0x102/0x140 [ 29.151779] ? kasan_atomics_helper+0x7c8/0x5450 [ 29.152424] ? kasan_atomics_helper+0x7c8/0x5450 [ 29.153004] kasan_check_range+0x10c/0x1c0 [ 29.154058] __kasan_check_write+0x18/0x20 [ 29.154643] kasan_atomics_helper+0x7c8/0x5450 [ 29.155580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.156607] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.157545] ? kasan_atomics+0x153/0x310 [ 29.158354] kasan_atomics+0x1dd/0x310 [ 29.158738] ? __pfx_kasan_atomics+0x10/0x10 [ 29.159648] ? __pfx_read_tsc+0x10/0x10 [ 29.160212] ? ktime_get_ts64+0x86/0x230 [ 29.160773] kunit_try_run_case+0x1b3/0x490 [ 29.161371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.162126] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.163342] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.163798] ? __kthread_parkme+0x82/0x160 [ 29.164561] ? preempt_count_sub+0x50/0x80 [ 29.164804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.165891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.166893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.167824] kthread+0x257/0x310 [ 29.168168] ? __pfx_kthread+0x10/0x10 [ 29.168582] ret_from_fork+0x41/0x80 [ 29.169482] ? __pfx_kthread+0x10/0x10 [ 29.169783] ret_from_fork_asm+0x1a/0x30 [ 29.170686] </TASK> [ 29.171348] [ 29.171865] Allocated by task 272: [ 29.172140] kasan_save_stack+0x3d/0x60 [ 29.172751] kasan_save_track+0x18/0x40 [ 29.173196] kasan_save_alloc_info+0x3b/0x50 [ 29.174443] __kasan_kmalloc+0xb7/0xc0 [ 29.175672] __kmalloc_cache_noprof+0x184/0x410 [ 29.176927] kasan_atomics+0x96/0x310 [ 29.177235] kunit_try_run_case+0x1b3/0x490 [ 29.177628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.178124] kthread+0x257/0x310 [ 29.178506] ret_from_fork+0x41/0x80 [ 29.178948] ret_from_fork_asm+0x1a/0x30 [ 29.180045] [ 29.180215] The buggy address belongs to the object at ffff888102969600 [ 29.180215] which belongs to the cache kmalloc-64 of size 64 [ 29.182463] The buggy address is located 0 bytes to the right of [ 29.182463] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.183674] [ 29.184859] The buggy address belongs to the physical page: [ 29.185722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.186761] flags: 0x200000000000000(node=0|zone=2) [ 29.187669] page_type: f5(slab) [ 29.187933] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.189450] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.190590] page dumped because: kasan: bad access detected [ 29.190927] [ 29.191093] Memory state around the buggy address: [ 29.192362] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.193049] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.193737] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.195873] ^ [ 29.196207] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.198026] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.199065] ================================================================== [ 31.634343] ================================================================== [ 31.635393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 31.636705] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.638134] [ 31.638781] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.639731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.640549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.641887] Call Trace: [ 31.642434] <TASK> [ 31.642718] dump_stack_lvl+0x73/0xb0 [ 31.643545] print_report+0xd1/0x640 [ 31.644103] ? __virt_addr_valid+0x1db/0x2d0 [ 31.644600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.645623] kasan_report+0x102/0x140 [ 31.646160] ? kasan_atomics_helper+0x218b/0x5450 [ 31.646709] ? kasan_atomics_helper+0x218b/0x5450 [ 31.647532] kasan_check_range+0x10c/0x1c0 [ 31.648338] __kasan_check_write+0x18/0x20 [ 31.648762] kasan_atomics_helper+0x218b/0x5450 [ 31.649240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.650240] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.650911] ? kasan_atomics+0x153/0x310 [ 31.651353] kasan_atomics+0x1dd/0x310 [ 31.651707] ? __pfx_kasan_atomics+0x10/0x10 [ 31.652186] ? __pfx_read_tsc+0x10/0x10 [ 31.653149] ? ktime_get_ts64+0x86/0x230 [ 31.653611] kunit_try_run_case+0x1b3/0x490 [ 31.654723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.655488] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.656150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.656724] ? __kthread_parkme+0x82/0x160 [ 31.657561] ? preempt_count_sub+0x50/0x80 [ 31.658128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.658978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.659531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.660300] kthread+0x257/0x310 [ 31.660851] ? __pfx_kthread+0x10/0x10 [ 31.661882] ret_from_fork+0x41/0x80 [ 31.662330] ? __pfx_kthread+0x10/0x10 [ 31.662753] ret_from_fork_asm+0x1a/0x30 [ 31.663195] </TASK> [ 31.663469] [ 31.663667] Allocated by task 272: [ 31.665024] kasan_save_stack+0x3d/0x60 [ 31.665554] kasan_save_track+0x18/0x40 [ 31.666122] kasan_save_alloc_info+0x3b/0x50 [ 31.666752] __kasan_kmalloc+0xb7/0xc0 [ 31.667360] __kmalloc_cache_noprof+0x184/0x410 [ 31.667831] kasan_atomics+0x96/0x310 [ 31.668582] kunit_try_run_case+0x1b3/0x490 [ 31.669194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.669721] kthread+0x257/0x310 [ 31.670502] ret_from_fork+0x41/0x80 [ 31.670757] ret_from_fork_asm+0x1a/0x30 [ 31.671400] [ 31.671605] The buggy address belongs to the object at ffff888102969600 [ 31.671605] which belongs to the cache kmalloc-64 of size 64 [ 31.672727] The buggy address is located 0 bytes to the right of [ 31.672727] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.673896] [ 31.674098] The buggy address belongs to the physical page: [ 31.674648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.675196] flags: 0x200000000000000(node=0|zone=2) [ 31.675550] page_type: f5(slab) [ 31.675935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.676821] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.677418] page dumped because: kasan: bad access detected [ 31.677800] [ 31.678060] Memory state around the buggy address: [ 31.678646] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.679390] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.680017] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.680585] ^ [ 31.681163] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.681627] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.682430] ================================================================== [ 30.767629] ================================================================== [ 30.768734] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 30.769905] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.770538] [ 30.771440] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.772392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.773084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.774356] Call Trace: [ 30.774883] <TASK> [ 30.775104] dump_stack_lvl+0x73/0xb0 [ 30.775657] print_report+0xd1/0x640 [ 30.776083] ? __virt_addr_valid+0x1db/0x2d0 [ 30.776500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.777236] kasan_report+0x102/0x140 [ 30.777747] ? kasan_atomics_helper+0x1819/0x5450 [ 30.778738] ? kasan_atomics_helper+0x1819/0x5450 [ 30.779273] kasan_check_range+0x10c/0x1c0 [ 30.780058] __kasan_check_write+0x18/0x20 [ 30.780512] kasan_atomics_helper+0x1819/0x5450 [ 30.781491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.782230] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.782725] ? kasan_atomics+0x153/0x310 [ 30.783386] kasan_atomics+0x1dd/0x310 [ 30.784227] ? __pfx_kasan_atomics+0x10/0x10 [ 30.785005] ? __pfx_read_tsc+0x10/0x10 [ 30.785468] ? ktime_get_ts64+0x86/0x230 [ 30.786371] kunit_try_run_case+0x1b3/0x490 [ 30.786775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.787476] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.788235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.789301] ? __kthread_parkme+0x82/0x160 [ 30.789703] ? preempt_count_sub+0x50/0x80 [ 30.790180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.790671] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.792199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.792801] kthread+0x257/0x310 [ 30.793410] ? __pfx_kthread+0x10/0x10 [ 30.793857] ret_from_fork+0x41/0x80 [ 30.794574] ? __pfx_kthread+0x10/0x10 [ 30.795287] ret_from_fork_asm+0x1a/0x30 [ 30.795714] </TASK> [ 30.796376] [ 30.796583] Allocated by task 272: [ 30.797208] kasan_save_stack+0x3d/0x60 [ 30.797612] kasan_save_track+0x18/0x40 [ 30.798406] kasan_save_alloc_info+0x3b/0x50 [ 30.799122] __kasan_kmalloc+0xb7/0xc0 [ 30.799750] __kmalloc_cache_noprof+0x184/0x410 [ 30.800325] kasan_atomics+0x96/0x310 [ 30.801033] kunit_try_run_case+0x1b3/0x490 [ 30.801558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.802557] kthread+0x257/0x310 [ 30.803304] ret_from_fork+0x41/0x80 [ 30.803916] ret_from_fork_asm+0x1a/0x30 [ 30.804553] [ 30.804840] The buggy address belongs to the object at ffff888102969600 [ 30.804840] which belongs to the cache kmalloc-64 of size 64 [ 30.805873] The buggy address is located 0 bytes to the right of [ 30.805873] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.807644] [ 30.807939] The buggy address belongs to the physical page: [ 30.808551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.809273] flags: 0x200000000000000(node=0|zone=2) [ 30.810135] page_type: f5(slab) [ 30.810836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.811610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.812426] page dumped because: kasan: bad access detected [ 30.813415] [ 30.813768] Memory state around the buggy address: [ 30.814427] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.815441] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.815734] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.816735] ^ [ 30.817305] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.818061] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.819006] ================================================================== [ 29.519978] ================================================================== [ 29.521013] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 29.521632] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.522511] [ 29.522791] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.523589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.524053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.524613] Call Trace: [ 29.525004] <TASK> [ 29.525374] dump_stack_lvl+0x73/0xb0 [ 29.525872] print_report+0xd1/0x640 [ 29.526279] ? __virt_addr_valid+0x1db/0x2d0 [ 29.526616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.527611] kasan_report+0x102/0x140 [ 29.528222] ? kasan_atomics_helper+0xc71/0x5450 [ 29.528801] ? kasan_atomics_helper+0xc71/0x5450 [ 29.530027] kasan_check_range+0x10c/0x1c0 [ 29.530350] __kasan_check_write+0x18/0x20 [ 29.531158] kasan_atomics_helper+0xc71/0x5450 [ 29.531786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.532486] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.533231] ? kasan_atomics+0x153/0x310 [ 29.533890] kasan_atomics+0x1dd/0x310 [ 29.534545] ? __pfx_kasan_atomics+0x10/0x10 [ 29.534981] ? __pfx_read_tsc+0x10/0x10 [ 29.535575] ? ktime_get_ts64+0x86/0x230 [ 29.536290] kunit_try_run_case+0x1b3/0x490 [ 29.536906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.537571] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.538301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.539033] ? __kthread_parkme+0x82/0x160 [ 29.539659] ? preempt_count_sub+0x50/0x80 [ 29.540428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.540883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.542053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.542784] kthread+0x257/0x310 [ 29.543536] ? __pfx_kthread+0x10/0x10 [ 29.544212] ret_from_fork+0x41/0x80 [ 29.544799] ? __pfx_kthread+0x10/0x10 [ 29.545446] ret_from_fork_asm+0x1a/0x30 [ 29.545904] </TASK> [ 29.546637] [ 29.546895] Allocated by task 272: [ 29.547160] kasan_save_stack+0x3d/0x60 [ 29.548075] kasan_save_track+0x18/0x40 [ 29.548497] kasan_save_alloc_info+0x3b/0x50 [ 29.549432] __kasan_kmalloc+0xb7/0xc0 [ 29.549718] __kmalloc_cache_noprof+0x184/0x410 [ 29.550588] kasan_atomics+0x96/0x310 [ 29.550935] kunit_try_run_case+0x1b3/0x490 [ 29.551418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.552363] kthread+0x257/0x310 [ 29.552646] ret_from_fork+0x41/0x80 [ 29.553447] ret_from_fork_asm+0x1a/0x30 [ 29.554019] [ 29.554443] The buggy address belongs to the object at ffff888102969600 [ 29.554443] which belongs to the cache kmalloc-64 of size 64 [ 29.555332] The buggy address is located 0 bytes to the right of [ 29.555332] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.556715] [ 29.557070] The buggy address belongs to the physical page: [ 29.557506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.558432] flags: 0x200000000000000(node=0|zone=2) [ 29.559007] page_type: f5(slab) [ 29.559532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.561218] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.562281] page dumped because: kasan: bad access detected [ 29.562769] [ 29.563051] Memory state around the buggy address: [ 29.563385] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.564249] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.564769] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.565535] ^ [ 29.566135] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.566986] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.567657] ================================================================== [ 31.440641] ================================================================== [ 31.441212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 31.442425] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.443154] [ 31.443544] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.444537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.444722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.445928] Call Trace: [ 31.446231] <TASK> [ 31.446546] dump_stack_lvl+0x73/0xb0 [ 31.447396] print_report+0xd1/0x640 [ 31.448004] ? __virt_addr_valid+0x1db/0x2d0 [ 31.448629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.449270] kasan_report+0x102/0x140 [ 31.450169] ? kasan_atomics_helper+0x2007/0x5450 [ 31.450612] ? kasan_atomics_helper+0x2007/0x5450 [ 31.451418] kasan_check_range+0x10c/0x1c0 [ 31.452487] __kasan_check_write+0x18/0x20 [ 31.452916] kasan_atomics_helper+0x2007/0x5450 [ 31.453562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.454779] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.455228] ? kasan_atomics+0x153/0x310 [ 31.456193] kasan_atomics+0x1dd/0x310 [ 31.456590] ? __pfx_kasan_atomics+0x10/0x10 [ 31.457283] ? __pfx_read_tsc+0x10/0x10 [ 31.457717] ? ktime_get_ts64+0x86/0x230 [ 31.458475] kunit_try_run_case+0x1b3/0x490 [ 31.459200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.459797] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.460355] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.461201] ? __kthread_parkme+0x82/0x160 [ 31.461597] ? preempt_count_sub+0x50/0x80 [ 31.462014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.463294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.463831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.464616] kthread+0x257/0x310 [ 31.465200] ? __pfx_kthread+0x10/0x10 [ 31.465717] ret_from_fork+0x41/0x80 [ 31.466436] ? __pfx_kthread+0x10/0x10 [ 31.466991] ret_from_fork_asm+0x1a/0x30 [ 31.467800] </TASK> [ 31.468182] [ 31.468391] Allocated by task 272: [ 31.469567] kasan_save_stack+0x3d/0x60 [ 31.469958] kasan_save_track+0x18/0x40 [ 31.470620] kasan_save_alloc_info+0x3b/0x50 [ 31.471113] __kasan_kmalloc+0xb7/0xc0 [ 31.471561] __kmalloc_cache_noprof+0x184/0x410 [ 31.472422] kasan_atomics+0x96/0x310 [ 31.473304] kunit_try_run_case+0x1b3/0x490 [ 31.473726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.474604] kthread+0x257/0x310 [ 31.475378] ret_from_fork+0x41/0x80 [ 31.475728] ret_from_fork_asm+0x1a/0x30 [ 31.476387] [ 31.476864] The buggy address belongs to the object at ffff888102969600 [ 31.476864] which belongs to the cache kmalloc-64 of size 64 [ 31.477797] The buggy address is located 0 bytes to the right of [ 31.477797] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.479576] [ 31.480348] The buggy address belongs to the physical page: [ 31.481017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.482323] flags: 0x200000000000000(node=0|zone=2) [ 31.482740] page_type: f5(slab) [ 31.483182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.484461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.485436] page dumped because: kasan: bad access detected [ 31.485767] [ 31.486507] Memory state around the buggy address: [ 31.487275] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.488159] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.488721] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.489626] ^ [ 31.490588] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.491365] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.492434] ================================================================== [ 30.820020] ================================================================== [ 30.820679] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 30.821578] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.822471] [ 30.822793] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.824540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.824952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.825641] Call Trace: [ 30.826307] <TASK> [ 30.826617] dump_stack_lvl+0x73/0xb0 [ 30.827402] print_report+0xd1/0x640 [ 30.828039] ? __virt_addr_valid+0x1db/0x2d0 [ 30.828428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.829239] kasan_report+0x102/0x140 [ 30.829697] ? kasan_atomics_helper+0x18b2/0x5450 [ 30.830597] ? kasan_atomics_helper+0x18b2/0x5450 [ 30.831735] kasan_check_range+0x10c/0x1c0 [ 30.832172] __kasan_check_write+0x18/0x20 [ 30.833144] kasan_atomics_helper+0x18b2/0x5450 [ 30.833599] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.834148] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.834618] ? kasan_atomics+0x153/0x310 [ 30.835228] kasan_atomics+0x1dd/0x310 [ 30.835613] ? __pfx_kasan_atomics+0x10/0x10 [ 30.837011] ? __pfx_read_tsc+0x10/0x10 [ 30.837575] ? ktime_get_ts64+0x86/0x230 [ 30.838344] kunit_try_run_case+0x1b3/0x490 [ 30.838724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.839426] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.840501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.841132] ? __kthread_parkme+0x82/0x160 [ 30.841775] ? preempt_count_sub+0x50/0x80 [ 30.842700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.843299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.844096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.844785] kthread+0x257/0x310 [ 30.845589] ? __pfx_kthread+0x10/0x10 [ 30.846039] ret_from_fork+0x41/0x80 [ 30.846383] ? __pfx_kthread+0x10/0x10 [ 30.846793] ret_from_fork_asm+0x1a/0x30 [ 30.847350] </TASK> [ 30.847813] [ 30.848124] Allocated by task 272: [ 30.848487] kasan_save_stack+0x3d/0x60 [ 30.848960] kasan_save_track+0x18/0x40 [ 30.849512] kasan_save_alloc_info+0x3b/0x50 [ 30.850030] __kasan_kmalloc+0xb7/0xc0 [ 30.850336] __kmalloc_cache_noprof+0x184/0x410 [ 30.851080] kasan_atomics+0x96/0x310 [ 30.851548] kunit_try_run_case+0x1b3/0x490 [ 30.852238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.852755] kthread+0x257/0x310 [ 30.853167] ret_from_fork+0x41/0x80 [ 30.853585] ret_from_fork_asm+0x1a/0x30 [ 30.854044] [ 30.854336] The buggy address belongs to the object at ffff888102969600 [ 30.854336] which belongs to the cache kmalloc-64 of size 64 [ 30.855571] The buggy address is located 0 bytes to the right of [ 30.855571] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.856697] [ 30.857010] The buggy address belongs to the physical page: [ 30.857551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.858188] flags: 0x200000000000000(node=0|zone=2) [ 30.858854] page_type: f5(slab) [ 30.859181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.859991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.860791] page dumped because: kasan: bad access detected [ 30.861132] [ 30.861361] Memory state around the buggy address: [ 30.861997] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.863089] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.863551] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.864471] ^ [ 30.865174] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.865707] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.866357] ================================================================== [ 31.295046] ================================================================== [ 31.295632] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 31.297363] Write of size 8 at addr ffff888102969630 by task kunit_try_catch/272 [ 31.298201] [ 31.298424] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 31.299755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.300097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.301305] Call Trace: [ 31.302453] <TASK> [ 31.302686] dump_stack_lvl+0x73/0xb0 [ 31.303321] print_report+0xd1/0x640 [ 31.303844] ? __virt_addr_valid+0x1db/0x2d0 [ 31.304600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 31.305241] kasan_report+0x102/0x140 [ 31.305652] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.306810] ? kasan_atomics_helper+0x1eab/0x5450 [ 31.307304] kasan_check_range+0x10c/0x1c0 [ 31.308170] __kasan_check_write+0x18/0x20 [ 31.308643] kasan_atomics_helper+0x1eab/0x5450 [ 31.309470] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 31.310198] ? __kmalloc_cache_noprof+0x184/0x410 [ 31.310800] ? kasan_atomics+0x153/0x310 [ 31.311316] kasan_atomics+0x1dd/0x310 [ 31.312201] ? __pfx_kasan_atomics+0x10/0x10 [ 31.312655] ? __pfx_read_tsc+0x10/0x10 [ 31.313430] ? ktime_get_ts64+0x86/0x230 [ 31.314425] kunit_try_run_case+0x1b3/0x490 [ 31.315200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.315617] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 31.316354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 31.317057] ? __kthread_parkme+0x82/0x160 [ 31.317514] ? preempt_count_sub+0x50/0x80 [ 31.318403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 31.318938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 31.319574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.320343] kthread+0x257/0x310 [ 31.321144] ? __pfx_kthread+0x10/0x10 [ 31.321527] ret_from_fork+0x41/0x80 [ 31.322543] ? __pfx_kthread+0x10/0x10 [ 31.322935] ret_from_fork_asm+0x1a/0x30 [ 31.323152] </TASK> [ 31.323319] [ 31.323482] Allocated by task 272: [ 31.324248] kasan_save_stack+0x3d/0x60 [ 31.325408] kasan_save_track+0x18/0x40 [ 31.325742] kasan_save_alloc_info+0x3b/0x50 [ 31.326762] __kasan_kmalloc+0xb7/0xc0 [ 31.327305] __kmalloc_cache_noprof+0x184/0x410 [ 31.328417] kasan_atomics+0x96/0x310 [ 31.328786] kunit_try_run_case+0x1b3/0x490 [ 31.329668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.330453] kthread+0x257/0x310 [ 31.330702] ret_from_fork+0x41/0x80 [ 31.331239] ret_from_fork_asm+0x1a/0x30 [ 31.331634] [ 31.331895] The buggy address belongs to the object at ffff888102969600 [ 31.331895] which belongs to the cache kmalloc-64 of size 64 [ 31.333779] The buggy address is located 0 bytes to the right of [ 31.333779] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 31.334804] [ 31.335478] The buggy address belongs to the physical page: [ 31.336209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 31.337127] flags: 0x200000000000000(node=0|zone=2) [ 31.338010] page_type: f5(slab) [ 31.338381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 31.339565] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 31.340553] page dumped because: kasan: bad access detected [ 31.341313] [ 31.341421] Memory state around the buggy address: [ 31.341627] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.342425] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 31.343612] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 31.344576] ^ [ 31.345591] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.346595] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.347499] ================================================================== [ 30.159037] ================================================================== [ 30.159739] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 30.160443] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.160989] [ 30.161177] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.162130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.162503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.163388] Call Trace: [ 30.163611] <TASK> [ 30.163946] dump_stack_lvl+0x73/0xb0 [ 30.164491] print_report+0xd1/0x640 [ 30.164939] ? __virt_addr_valid+0x1db/0x2d0 [ 30.165456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.166100] kasan_report+0x102/0x140 [ 30.166546] ? kasan_atomics_helper+0x49ea/0x5450 [ 30.166973] ? kasan_atomics_helper+0x49ea/0x5450 [ 30.167556] __asan_report_load4_noabort+0x18/0x20 [ 30.167897] kasan_atomics_helper+0x49ea/0x5450 [ 30.168488] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.170420] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.171685] ? kasan_atomics+0x153/0x310 [ 30.172709] kasan_atomics+0x1dd/0x310 [ 30.173134] ? __pfx_kasan_atomics+0x10/0x10 [ 30.173587] ? __pfx_read_tsc+0x10/0x10 [ 30.174184] ? ktime_get_ts64+0x86/0x230 [ 30.174929] kunit_try_run_case+0x1b3/0x490 [ 30.175617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.176521] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.177112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.177673] ? __kthread_parkme+0x82/0x160 [ 30.178668] ? preempt_count_sub+0x50/0x80 [ 30.179064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.179997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.180575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.181596] kthread+0x257/0x310 [ 30.181953] ? __pfx_kthread+0x10/0x10 [ 30.182601] ret_from_fork+0x41/0x80 [ 30.183223] ? __pfx_kthread+0x10/0x10 [ 30.183908] ret_from_fork_asm+0x1a/0x30 [ 30.184612] </TASK> [ 30.185076] [ 30.185310] Allocated by task 272: [ 30.185676] kasan_save_stack+0x3d/0x60 [ 30.186911] kasan_save_track+0x18/0x40 [ 30.187213] kasan_save_alloc_info+0x3b/0x50 [ 30.187933] __kasan_kmalloc+0xb7/0xc0 [ 30.188374] __kmalloc_cache_noprof+0x184/0x410 [ 30.189171] kasan_atomics+0x96/0x310 [ 30.189574] kunit_try_run_case+0x1b3/0x490 [ 30.190087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.190855] kthread+0x257/0x310 [ 30.191357] ret_from_fork+0x41/0x80 [ 30.191646] ret_from_fork_asm+0x1a/0x30 [ 30.192177] [ 30.192938] The buggy address belongs to the object at ffff888102969600 [ 30.192938] which belongs to the cache kmalloc-64 of size 64 [ 30.194105] The buggy address is located 0 bytes to the right of [ 30.194105] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.195441] [ 30.195634] The buggy address belongs to the physical page: [ 30.196733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.197386] flags: 0x200000000000000(node=0|zone=2) [ 30.198123] page_type: f5(slab) [ 30.198635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.199652] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.200387] page dumped because: kasan: bad access detected [ 30.201413] [ 30.201588] Memory state around the buggy address: [ 30.202460] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.203362] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.204560] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.205639] ^ [ 30.206309] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.207311] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.208067] ================================================================== [ 30.262285] ================================================================== [ 30.263002] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 30.264093] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 30.264576] [ 30.265416] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 30.266809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.267209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.268239] Call Trace: [ 30.268818] <TASK> [ 30.269075] dump_stack_lvl+0x73/0xb0 [ 30.269493] print_report+0xd1/0x640 [ 30.270358] ? __virt_addr_valid+0x1db/0x2d0 [ 30.270867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.271553] kasan_report+0x102/0x140 [ 30.272205] ? kasan_atomics_helper+0x49d0/0x5450 [ 30.272744] ? kasan_atomics_helper+0x49d0/0x5450 [ 30.273587] __asan_report_load4_noabort+0x18/0x20 [ 30.274062] kasan_atomics_helper+0x49d0/0x5450 [ 30.274832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 30.275476] ? __kmalloc_cache_noprof+0x184/0x410 [ 30.276190] ? kasan_atomics+0x153/0x310 [ 30.276618] kasan_atomics+0x1dd/0x310 [ 30.277558] ? __pfx_kasan_atomics+0x10/0x10 [ 30.278040] ? __pfx_read_tsc+0x10/0x10 [ 30.278628] ? ktime_get_ts64+0x86/0x230 [ 30.279353] kunit_try_run_case+0x1b3/0x490 [ 30.280000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.280633] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 30.281414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.282155] ? __kthread_parkme+0x82/0x160 [ 30.282852] ? preempt_count_sub+0x50/0x80 [ 30.283422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.284178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.284951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.285515] kthread+0x257/0x310 [ 30.286184] ? __pfx_kthread+0x10/0x10 [ 30.286758] ret_from_fork+0x41/0x80 [ 30.287394] ? __pfx_kthread+0x10/0x10 [ 30.288003] ret_from_fork_asm+0x1a/0x30 [ 30.288499] </TASK> [ 30.288771] [ 30.289439] Allocated by task 272: [ 30.289689] kasan_save_stack+0x3d/0x60 [ 30.290073] kasan_save_track+0x18/0x40 [ 30.290595] kasan_save_alloc_info+0x3b/0x50 [ 30.291047] __kasan_kmalloc+0xb7/0xc0 [ 30.291434] __kmalloc_cache_noprof+0x184/0x410 [ 30.292048] kasan_atomics+0x96/0x310 [ 30.292543] kunit_try_run_case+0x1b3/0x490 [ 30.293167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.293698] kthread+0x257/0x310 [ 30.294161] ret_from_fork+0x41/0x80 [ 30.294615] ret_from_fork_asm+0x1a/0x30 [ 30.295222] [ 30.295490] The buggy address belongs to the object at ffff888102969600 [ 30.295490] which belongs to the cache kmalloc-64 of size 64 [ 30.296501] The buggy address is located 0 bytes to the right of [ 30.296501] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 30.297895] [ 30.298096] The buggy address belongs to the physical page: [ 30.298645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 30.299592] flags: 0x200000000000000(node=0|zone=2) [ 30.300242] page_type: f5(slab) [ 30.300644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 30.301575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 30.302248] page dumped because: kasan: bad access detected [ 30.302898] [ 30.303171] Memory state around the buggy address: [ 30.303714] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.304526] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 30.305367] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 30.306440] ^ [ 30.307339] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.308031] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.308748] ================================================================== [ 29.674757] ================================================================== [ 29.676278] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 29.677166] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.678811] [ 29.679069] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.680499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.680966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.681548] Call Trace: [ 29.681699] <TASK> [ 29.682009] dump_stack_lvl+0x73/0xb0 [ 29.682721] print_report+0xd1/0x640 [ 29.683533] ? __virt_addr_valid+0x1db/0x2d0 [ 29.684747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.685381] kasan_report+0x102/0x140 [ 29.686086] ? kasan_atomics_helper+0xde1/0x5450 [ 29.686779] ? kasan_atomics_helper+0xde1/0x5450 [ 29.687397] kasan_check_range+0x10c/0x1c0 [ 29.688137] __kasan_check_write+0x18/0x20 [ 29.688676] kasan_atomics_helper+0xde1/0x5450 [ 29.689189] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.689802] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.690300] ? kasan_atomics+0x153/0x310 [ 29.690677] kasan_atomics+0x1dd/0x310 [ 29.691228] ? __pfx_kasan_atomics+0x10/0x10 [ 29.691651] ? __pfx_read_tsc+0x10/0x10 [ 29.692096] ? ktime_get_ts64+0x86/0x230 [ 29.692616] kunit_try_run_case+0x1b3/0x490 [ 29.693336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.694225] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.694900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.695613] ? __kthread_parkme+0x82/0x160 [ 29.696378] ? preempt_count_sub+0x50/0x80 [ 29.697544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.698335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.698978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.699629] kthread+0x257/0x310 [ 29.700389] ? __pfx_kthread+0x10/0x10 [ 29.700970] ret_from_fork+0x41/0x80 [ 29.701570] ? __pfx_kthread+0x10/0x10 [ 29.702110] ret_from_fork_asm+0x1a/0x30 [ 29.702531] </TASK> [ 29.703230] [ 29.703622] Allocated by task 272: [ 29.704045] kasan_save_stack+0x3d/0x60 [ 29.704747] kasan_save_track+0x18/0x40 [ 29.705305] kasan_save_alloc_info+0x3b/0x50 [ 29.705754] __kasan_kmalloc+0xb7/0xc0 [ 29.706838] __kmalloc_cache_noprof+0x184/0x410 [ 29.707482] kasan_atomics+0x96/0x310 [ 29.708021] kunit_try_run_case+0x1b3/0x490 [ 29.708415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.709323] kthread+0x257/0x310 [ 29.709656] ret_from_fork+0x41/0x80 [ 29.710222] ret_from_fork_asm+0x1a/0x30 [ 29.710674] [ 29.711297] The buggy address belongs to the object at ffff888102969600 [ 29.711297] which belongs to the cache kmalloc-64 of size 64 [ 29.712384] The buggy address is located 0 bytes to the right of [ 29.712384] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.713860] [ 29.714319] The buggy address belongs to the physical page: [ 29.714912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.715991] flags: 0x200000000000000(node=0|zone=2) [ 29.716548] page_type: f5(slab) [ 29.717412] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.718538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.719028] page dumped because: kasan: bad access detected [ 29.719277] [ 29.719479] Memory state around the buggy address: [ 29.720534] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.721277] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.721911] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.723078] ^ [ 29.723571] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.724432] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.725290] ================================================================== [ 29.622016] ================================================================== [ 29.624065] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 29.625117] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.625873] [ 29.626423] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.628032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.628672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.629445] Call Trace: [ 29.629750] <TASK> [ 29.630041] dump_stack_lvl+0x73/0xb0 [ 29.631475] print_report+0xd1/0x640 [ 29.632136] ? __virt_addr_valid+0x1db/0x2d0 [ 29.632637] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.633048] kasan_report+0x102/0x140 [ 29.633774] ? kasan_atomics_helper+0xd48/0x5450 [ 29.634687] ? kasan_atomics_helper+0xd48/0x5450 [ 29.635409] kasan_check_range+0x10c/0x1c0 [ 29.636163] __kasan_check_write+0x18/0x20 [ 29.636841] kasan_atomics_helper+0xd48/0x5450 [ 29.637324] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.637791] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.638301] ? kasan_atomics+0x153/0x310 [ 29.639065] kasan_atomics+0x1dd/0x310 [ 29.639513] ? __pfx_kasan_atomics+0x10/0x10 [ 29.640342] ? __pfx_read_tsc+0x10/0x10 [ 29.641372] ? ktime_get_ts64+0x86/0x230 [ 29.642097] kunit_try_run_case+0x1b3/0x490 [ 29.642699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.643517] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.643976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.644726] ? __kthread_parkme+0x82/0x160 [ 29.645163] ? preempt_count_sub+0x50/0x80 [ 29.645984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.646509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.647412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.647798] kthread+0x257/0x310 [ 29.648278] ? __pfx_kthread+0x10/0x10 [ 29.649133] ret_from_fork+0x41/0x80 [ 29.649540] ? __pfx_kthread+0x10/0x10 [ 29.650193] ret_from_fork_asm+0x1a/0x30 [ 29.650962] </TASK> [ 29.651224] [ 29.651461] Allocated by task 272: [ 29.652296] kasan_save_stack+0x3d/0x60 [ 29.652744] kasan_save_track+0x18/0x40 [ 29.653049] kasan_save_alloc_info+0x3b/0x50 [ 29.653547] __kasan_kmalloc+0xb7/0xc0 [ 29.654390] __kmalloc_cache_noprof+0x184/0x410 [ 29.654706] kasan_atomics+0x96/0x310 [ 29.655209] kunit_try_run_case+0x1b3/0x490 [ 29.655585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.656033] kthread+0x257/0x310 [ 29.656679] ret_from_fork+0x41/0x80 [ 29.657287] ret_from_fork_asm+0x1a/0x30 [ 29.658586] [ 29.658808] The buggy address belongs to the object at ffff888102969600 [ 29.658808] which belongs to the cache kmalloc-64 of size 64 [ 29.660063] The buggy address is located 0 bytes to the right of [ 29.660063] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.661734] [ 29.662025] The buggy address belongs to the physical page: [ 29.662585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.663784] flags: 0x200000000000000(node=0|zone=2) [ 29.664646] page_type: f5(slab) [ 29.665044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.666135] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.667149] page dumped because: kasan: bad access detected [ 29.667493] [ 29.667950] Memory state around the buggy address: [ 29.668895] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.669731] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.670470] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.671302] ^ [ 29.671913] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.672569] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.673468] ================================================================== [ 28.547556] ================================================================== [ 28.548790] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 28.550009] Read of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 28.551017] [ 28.551421] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.552564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.552971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.553835] Call Trace: [ 28.554131] <TASK> [ 28.554968] dump_stack_lvl+0x73/0xb0 [ 28.555680] print_report+0xd1/0x640 [ 28.556149] ? __virt_addr_valid+0x1db/0x2d0 [ 28.556823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.557682] kasan_report+0x102/0x140 [ 28.558162] ? kasan_atomics_helper+0x4b8a/0x5450 [ 28.559137] ? kasan_atomics_helper+0x4b8a/0x5450 [ 28.560152] __asan_report_load4_noabort+0x18/0x20 [ 28.561426] kasan_atomics_helper+0x4b8a/0x5450 [ 28.562609] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.563131] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.564150] ? kasan_atomics+0x153/0x310 [ 28.565362] kasan_atomics+0x1dd/0x310 [ 28.565908] ? __pfx_kasan_atomics+0x10/0x10 [ 28.567359] ? __pfx_read_tsc+0x10/0x10 [ 28.567843] ? ktime_get_ts64+0x86/0x230 [ 28.568928] kunit_try_run_case+0x1b3/0x490 [ 28.569422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.569739] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.570236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.571532] ? __kthread_parkme+0x82/0x160 [ 28.572008] ? preempt_count_sub+0x50/0x80 [ 28.572849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.573500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.574566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.575326] kthread+0x257/0x310 [ 28.576030] ? __pfx_kthread+0x10/0x10 [ 28.576534] ret_from_fork+0x41/0x80 [ 28.577326] ? __pfx_kthread+0x10/0x10 [ 28.577674] ret_from_fork_asm+0x1a/0x30 [ 28.578524] </TASK> [ 28.579515] [ 28.579794] Allocated by task 272: [ 28.580748] kasan_save_stack+0x3d/0x60 [ 28.581419] kasan_save_track+0x18/0x40 [ 28.581957] kasan_save_alloc_info+0x3b/0x50 [ 28.582821] __kasan_kmalloc+0xb7/0xc0 [ 28.583440] __kmalloc_cache_noprof+0x184/0x410 [ 28.584426] kasan_atomics+0x96/0x310 [ 28.584821] kunit_try_run_case+0x1b3/0x490 [ 28.585614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.586718] kthread+0x257/0x310 [ 28.587438] ret_from_fork+0x41/0x80 [ 28.587793] ret_from_fork_asm+0x1a/0x30 [ 28.588527] [ 28.589159] The buggy address belongs to the object at ffff888102969600 [ 28.589159] which belongs to the cache kmalloc-64 of size 64 [ 28.591037] The buggy address is located 0 bytes to the right of [ 28.591037] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 28.593072] [ 28.593347] The buggy address belongs to the physical page: [ 28.593828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 28.594959] flags: 0x200000000000000(node=0|zone=2) [ 28.595178] page_type: f5(slab) [ 28.595820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.597178] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.597765] page dumped because: kasan: bad access detected [ 28.598753] [ 28.598954] Memory state around the buggy address: [ 28.600030] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.601231] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.602475] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.603321] ^ [ 28.604471] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.605850] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.606393] ================================================================== [ 29.083588] ================================================================== [ 29.084303] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 29.084951] Write of size 4 at addr ffff888102969630 by task kunit_try_catch/272 [ 29.085694] [ 29.086003] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 29.087420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.087665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.089554] Call Trace: [ 29.090203] <TASK> [ 29.090737] dump_stack_lvl+0x73/0xb0 [ 29.091173] print_report+0xd1/0x640 [ 29.092216] ? __virt_addr_valid+0x1db/0x2d0 [ 29.092694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.093227] kasan_report+0x102/0x140 [ 29.093650] ? kasan_atomics_helper+0x730/0x5450 [ 29.094144] ? kasan_atomics_helper+0x730/0x5450 [ 29.095337] kasan_check_range+0x10c/0x1c0 [ 29.095896] __kasan_check_write+0x18/0x20 [ 29.096507] kasan_atomics_helper+0x730/0x5450 [ 29.097449] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 29.098654] ? __kmalloc_cache_noprof+0x184/0x410 [ 29.099430] ? kasan_atomics+0x153/0x310 [ 29.100035] kasan_atomics+0x1dd/0x310 [ 29.100942] ? __pfx_kasan_atomics+0x10/0x10 [ 29.101439] ? __pfx_read_tsc+0x10/0x10 [ 29.101975] ? ktime_get_ts64+0x86/0x230 [ 29.102542] kunit_try_run_case+0x1b3/0x490 [ 29.103066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.104433] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 29.104667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.105992] ? __kthread_parkme+0x82/0x160 [ 29.106456] ? preempt_count_sub+0x50/0x80 [ 29.107086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.108171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.108855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.109572] kthread+0x257/0x310 [ 29.110170] ? __pfx_kthread+0x10/0x10 [ 29.110728] ret_from_fork+0x41/0x80 [ 29.111230] ? __pfx_kthread+0x10/0x10 [ 29.111725] ret_from_fork_asm+0x1a/0x30 [ 29.112879] </TASK> [ 29.113285] [ 29.113752] Allocated by task 272: [ 29.114514] kasan_save_stack+0x3d/0x60 [ 29.115062] kasan_save_track+0x18/0x40 [ 29.115478] kasan_save_alloc_info+0x3b/0x50 [ 29.116072] __kasan_kmalloc+0xb7/0xc0 [ 29.117110] __kmalloc_cache_noprof+0x184/0x410 [ 29.117468] kasan_atomics+0x96/0x310 [ 29.117957] kunit_try_run_case+0x1b3/0x490 [ 29.118693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.119061] kthread+0x257/0x310 [ 29.119791] ret_from_fork+0x41/0x80 [ 29.120322] ret_from_fork_asm+0x1a/0x30 [ 29.121310] [ 29.121502] The buggy address belongs to the object at ffff888102969600 [ 29.121502] which belongs to the cache kmalloc-64 of size 64 [ 29.123196] The buggy address is located 0 bytes to the right of [ 29.123196] allocated 48-byte region [ffff888102969600, ffff888102969630) [ 29.125024] [ 29.125305] The buggy address belongs to the physical page: [ 29.126047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102969 [ 29.127501] flags: 0x200000000000000(node=0|zone=2) [ 29.128379] page_type: f5(slab) [ 29.128978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 29.129698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 29.131349] page dumped because: kasan: bad access detected [ 29.131722] [ 29.132067] Memory state around the buggy address: [ 29.133432] ffff888102969500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.134276] ffff888102969580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 29.135173] >ffff888102969600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 29.136100] ^ [ 29.136728] ffff888102969680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.137846] ffff888102969700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.138731] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 28.013384] ================================================================== [ 28.014792] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.016112] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.016804] [ 28.017121] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.018002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.018537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.019463] Call Trace: [ 28.019748] <TASK> [ 28.020420] dump_stack_lvl+0x73/0xb0 [ 28.021354] print_report+0xd1/0x640 [ 28.021713] ? __virt_addr_valid+0x1db/0x2d0 [ 28.022289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.022773] kasan_report+0x102/0x140 [ 28.023191] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.023736] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.024341] kasan_check_range+0x10c/0x1c0 [ 28.024811] __kasan_check_write+0x18/0x20 [ 28.025307] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 28.025729] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.026430] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.026975] ? trace_hardirqs_on+0x37/0xe0 [ 28.027376] ? kasan_bitops_generic+0x93/0x1c0 [ 28.027946] kasan_bitops_generic+0x122/0x1c0 [ 28.028421] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.028796] ? __pfx_read_tsc+0x10/0x10 [ 28.029301] ? ktime_get_ts64+0x86/0x230 [ 28.029726] kunit_try_run_case+0x1b3/0x490 [ 28.030248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.030620] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.031171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.031705] ? __kthread_parkme+0x82/0x160 [ 28.032044] ? preempt_count_sub+0x50/0x80 [ 28.032573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.033202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.033706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.034279] kthread+0x257/0x310 [ 28.034569] ? __pfx_kthread+0x10/0x10 [ 28.035056] ret_from_fork+0x41/0x80 [ 28.035544] ? __pfx_kthread+0x10/0x10 [ 28.036064] ret_from_fork_asm+0x1a/0x30 [ 28.036406] </TASK> [ 28.036740] [ 28.037022] Allocated by task 268: [ 28.037484] kasan_save_stack+0x3d/0x60 [ 28.038008] kasan_save_track+0x18/0x40 [ 28.038419] kasan_save_alloc_info+0x3b/0x50 [ 28.038825] __kasan_kmalloc+0xb7/0xc0 [ 28.039190] __kmalloc_cache_noprof+0x184/0x410 [ 28.039521] kasan_bitops_generic+0x93/0x1c0 [ 28.039820] kunit_try_run_case+0x1b3/0x490 [ 28.040388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.041109] kthread+0x257/0x310 [ 28.041400] ret_from_fork+0x41/0x80 [ 28.041672] ret_from_fork_asm+0x1a/0x30 [ 28.042475] [ 28.042724] The buggy address belongs to the object at ffff888101094760 [ 28.042724] which belongs to the cache kmalloc-16 of size 16 [ 28.043709] The buggy address is located 8 bytes inside of [ 28.043709] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.044648] [ 28.045010] The buggy address belongs to the physical page: [ 28.045444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.046148] flags: 0x200000000000000(node=0|zone=2) [ 28.046632] page_type: f5(slab) [ 28.047064] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.047758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.048588] page dumped because: kasan: bad access detected [ 28.049110] [ 28.049289] Memory state around the buggy address: [ 28.049815] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.050565] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.052083] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.052730] ^ [ 28.053712] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.054083] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.054734] ================================================================== [ 28.247633] ================================================================== [ 28.248564] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.249332] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.250047] [ 28.250233] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.251454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.251809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.252661] Call Trace: [ 28.252891] <TASK> [ 28.253279] dump_stack_lvl+0x73/0xb0 [ 28.253672] print_report+0xd1/0x640 [ 28.254133] ? __virt_addr_valid+0x1db/0x2d0 [ 28.254672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.255321] kasan_report+0x102/0x140 [ 28.255802] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.256359] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.257215] kasan_check_range+0x10c/0x1c0 [ 28.257624] __kasan_check_write+0x18/0x20 [ 28.258124] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 28.258916] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.259479] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.260118] ? trace_hardirqs_on+0x37/0xe0 [ 28.260589] ? kasan_bitops_generic+0x93/0x1c0 [ 28.261105] kasan_bitops_generic+0x122/0x1c0 [ 28.261492] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.262105] ? __pfx_read_tsc+0x10/0x10 [ 28.262610] ? ktime_get_ts64+0x86/0x230 [ 28.263169] kunit_try_run_case+0x1b3/0x490 [ 28.263586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.264165] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.264638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.265433] ? __kthread_parkme+0x82/0x160 [ 28.266028] ? preempt_count_sub+0x50/0x80 [ 28.266503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.267087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.267700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.268297] kthread+0x257/0x310 [ 28.268764] ? __pfx_kthread+0x10/0x10 [ 28.269237] ret_from_fork+0x41/0x80 [ 28.269720] ? __pfx_kthread+0x10/0x10 [ 28.270011] ret_from_fork_asm+0x1a/0x30 [ 28.270363] </TASK> [ 28.270830] [ 28.271133] Allocated by task 268: [ 28.271598] kasan_save_stack+0x3d/0x60 [ 28.271881] kasan_save_track+0x18/0x40 [ 28.272393] kasan_save_alloc_info+0x3b/0x50 [ 28.273003] __kasan_kmalloc+0xb7/0xc0 [ 28.273407] __kmalloc_cache_noprof+0x184/0x410 [ 28.273717] kasan_bitops_generic+0x93/0x1c0 [ 28.274427] kunit_try_run_case+0x1b3/0x490 [ 28.275105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.275587] kthread+0x257/0x310 [ 28.275901] ret_from_fork+0x41/0x80 [ 28.276493] ret_from_fork_asm+0x1a/0x30 [ 28.277152] [ 28.277332] The buggy address belongs to the object at ffff888101094760 [ 28.277332] which belongs to the cache kmalloc-16 of size 16 [ 28.278425] The buggy address is located 8 bytes inside of [ 28.278425] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.279560] [ 28.279722] The buggy address belongs to the physical page: [ 28.280199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.281330] flags: 0x200000000000000(node=0|zone=2) [ 28.282191] page_type: f5(slab) [ 28.282608] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.283051] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.284231] page dumped because: kasan: bad access detected [ 28.284858] [ 28.285123] Memory state around the buggy address: [ 28.285926] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.286672] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.287529] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.288182] ^ [ 28.288918] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.289601] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.290008] ================================================================== [ 28.106295] ================================================================== [ 28.106900] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.107818] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.108766] [ 28.108947] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.110305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.111355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.112919] Call Trace: [ 28.113527] <TASK> [ 28.114004] dump_stack_lvl+0x73/0xb0 [ 28.114664] print_report+0xd1/0x640 [ 28.115349] ? __virt_addr_valid+0x1db/0x2d0 [ 28.116096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.116752] kasan_report+0x102/0x140 [ 28.117189] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.117811] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.118645] kasan_check_range+0x10c/0x1c0 [ 28.119340] __kasan_check_write+0x18/0x20 [ 28.120078] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 28.120655] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.121784] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.122782] ? trace_hardirqs_on+0x37/0xe0 [ 28.123344] ? kasan_bitops_generic+0x93/0x1c0 [ 28.123776] kasan_bitops_generic+0x122/0x1c0 [ 28.124394] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.125116] ? __pfx_read_tsc+0x10/0x10 [ 28.125618] ? ktime_get_ts64+0x86/0x230 [ 28.126184] kunit_try_run_case+0x1b3/0x490 [ 28.126505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.127511] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.128290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.128747] ? __kthread_parkme+0x82/0x160 [ 28.129202] ? preempt_count_sub+0x50/0x80 [ 28.129693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.130762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.131543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.132155] kthread+0x257/0x310 [ 28.132540] ? __pfx_kthread+0x10/0x10 [ 28.133316] ret_from_fork+0x41/0x80 [ 28.133601] ? __pfx_kthread+0x10/0x10 [ 28.134131] ret_from_fork_asm+0x1a/0x30 [ 28.134497] </TASK> [ 28.134895] [ 28.135121] Allocated by task 268: [ 28.135485] kasan_save_stack+0x3d/0x60 [ 28.135822] kasan_save_track+0x18/0x40 [ 28.136387] kasan_save_alloc_info+0x3b/0x50 [ 28.137082] __kasan_kmalloc+0xb7/0xc0 [ 28.137443] __kmalloc_cache_noprof+0x184/0x410 [ 28.138103] kasan_bitops_generic+0x93/0x1c0 [ 28.138511] kunit_try_run_case+0x1b3/0x490 [ 28.139062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.139477] kthread+0x257/0x310 [ 28.140010] ret_from_fork+0x41/0x80 [ 28.140561] ret_from_fork_asm+0x1a/0x30 [ 28.140905] [ 28.141229] The buggy address belongs to the object at ffff888101094760 [ 28.141229] which belongs to the cache kmalloc-16 of size 16 [ 28.142290] The buggy address is located 8 bytes inside of [ 28.142290] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.143511] [ 28.143812] The buggy address belongs to the physical page: [ 28.144237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.145076] flags: 0x200000000000000(node=0|zone=2) [ 28.145603] page_type: f5(slab) [ 28.146026] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.146867] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.147514] page dumped because: kasan: bad access detected [ 28.148118] [ 28.148393] Memory state around the buggy address: [ 28.148919] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.149634] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.150283] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.151011] ^ [ 28.151720] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.152352] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.153030] ================================================================== [ 28.056843] ================================================================== [ 28.058217] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.059026] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.059710] [ 28.059988] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.061585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.062506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.063726] Call Trace: [ 28.064145] <TASK> [ 28.064388] dump_stack_lvl+0x73/0xb0 [ 28.065172] print_report+0xd1/0x640 [ 28.065896] ? __virt_addr_valid+0x1db/0x2d0 [ 28.066338] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.067205] kasan_report+0x102/0x140 [ 28.067904] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.068676] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.069251] kasan_check_range+0x10c/0x1c0 [ 28.069811] __kasan_check_write+0x18/0x20 [ 28.070334] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 28.071021] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.071725] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.072618] ? trace_hardirqs_on+0x37/0xe0 [ 28.072998] ? kasan_bitops_generic+0x93/0x1c0 [ 28.073620] kasan_bitops_generic+0x122/0x1c0 [ 28.074313] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.074853] ? __pfx_read_tsc+0x10/0x10 [ 28.075385] ? ktime_get_ts64+0x86/0x230 [ 28.076345] kunit_try_run_case+0x1b3/0x490 [ 28.077361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.077802] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.078423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.079280] ? __kthread_parkme+0x82/0x160 [ 28.080052] ? preempt_count_sub+0x50/0x80 [ 28.080366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.080860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.081667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.082301] kthread+0x257/0x310 [ 28.082575] ? __pfx_kthread+0x10/0x10 [ 28.083076] ret_from_fork+0x41/0x80 [ 28.083538] ? __pfx_kthread+0x10/0x10 [ 28.084197] ret_from_fork_asm+0x1a/0x30 [ 28.084619] </TASK> [ 28.085372] [ 28.085964] Allocated by task 268: [ 28.086364] kasan_save_stack+0x3d/0x60 [ 28.087097] kasan_save_track+0x18/0x40 [ 28.087904] kasan_save_alloc_info+0x3b/0x50 [ 28.088367] __kasan_kmalloc+0xb7/0xc0 [ 28.088763] __kmalloc_cache_noprof+0x184/0x410 [ 28.089219] kasan_bitops_generic+0x93/0x1c0 [ 28.089527] kunit_try_run_case+0x1b3/0x490 [ 28.089847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.090486] kthread+0x257/0x310 [ 28.091148] ret_from_fork+0x41/0x80 [ 28.091441] ret_from_fork_asm+0x1a/0x30 [ 28.091670] [ 28.092315] The buggy address belongs to the object at ffff888101094760 [ 28.092315] which belongs to the cache kmalloc-16 of size 16 [ 28.093613] The buggy address is located 8 bytes inside of [ 28.093613] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.094739] [ 28.095071] The buggy address belongs to the physical page: [ 28.095661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.097162] flags: 0x200000000000000(node=0|zone=2) [ 28.097833] page_type: f5(slab) [ 28.098490] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.099346] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.099633] page dumped because: kasan: bad access detected [ 28.100050] [ 28.100333] Memory state around the buggy address: [ 28.100891] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.101342] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.102107] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.102558] ^ [ 28.103695] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.104506] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.105131] ================================================================== [ 28.343378] ================================================================== [ 28.344101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.344779] Read of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.345595] [ 28.345995] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.347111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.347684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.348806] Call Trace: [ 28.349431] <TASK> [ 28.349857] dump_stack_lvl+0x73/0xb0 [ 28.350481] print_report+0xd1/0x640 [ 28.351042] ? __virt_addr_valid+0x1db/0x2d0 [ 28.351625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.352404] kasan_report+0x102/0x140 [ 28.352797] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.353589] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.354493] kasan_check_range+0x10c/0x1c0 [ 28.355095] __kasan_check_read+0x15/0x20 [ 28.355643] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 28.356280] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.357098] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.357671] ? trace_hardirqs_on+0x37/0xe0 [ 28.358213] ? kasan_bitops_generic+0x93/0x1c0 [ 28.358798] kasan_bitops_generic+0x122/0x1c0 [ 28.359439] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.360082] ? __pfx_read_tsc+0x10/0x10 [ 28.360544] ? ktime_get_ts64+0x86/0x230 [ 28.361216] kunit_try_run_case+0x1b3/0x490 [ 28.361794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.362505] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.363150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.363866] ? __kthread_parkme+0x82/0x160 [ 28.364427] ? preempt_count_sub+0x50/0x80 [ 28.364979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.365595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.366338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.367035] kthread+0x257/0x310 [ 28.367444] ? __pfx_kthread+0x10/0x10 [ 28.368054] ret_from_fork+0x41/0x80 [ 28.368546] ? __pfx_kthread+0x10/0x10 [ 28.369115] ret_from_fork_asm+0x1a/0x30 [ 28.369669] </TASK> [ 28.370155] [ 28.370348] Allocated by task 268: [ 28.370767] kasan_save_stack+0x3d/0x60 [ 28.371119] kasan_save_track+0x18/0x40 [ 28.371662] kasan_save_alloc_info+0x3b/0x50 [ 28.372008] __kasan_kmalloc+0xb7/0xc0 [ 28.372716] __kmalloc_cache_noprof+0x184/0x410 [ 28.373092] kasan_bitops_generic+0x93/0x1c0 [ 28.373731] kunit_try_run_case+0x1b3/0x490 [ 28.374359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.375052] kthread+0x257/0x310 [ 28.375480] ret_from_fork+0x41/0x80 [ 28.375952] ret_from_fork_asm+0x1a/0x30 [ 28.376524] [ 28.376860] The buggy address belongs to the object at ffff888101094760 [ 28.376860] which belongs to the cache kmalloc-16 of size 16 [ 28.378123] The buggy address is located 8 bytes inside of [ 28.378123] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.379339] [ 28.379633] The buggy address belongs to the physical page: [ 28.380446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.381217] flags: 0x200000000000000(node=0|zone=2) [ 28.381699] page_type: f5(slab) [ 28.382298] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.383121] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.383963] page dumped because: kasan: bad access detected [ 28.384498] [ 28.384865] Memory state around the buggy address: [ 28.385442] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.386122] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.386934] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.387548] ^ [ 28.388293] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.389038] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.389640] ================================================================== [ 28.291654] ================================================================== [ 28.292741] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.293815] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.294502] [ 28.294769] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.295750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.296090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.296938] Call Trace: [ 28.297189] <TASK> [ 28.297489] dump_stack_lvl+0x73/0xb0 [ 28.297840] print_report+0xd1/0x640 [ 28.298364] ? __virt_addr_valid+0x1db/0x2d0 [ 28.299037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.299468] kasan_report+0x102/0x140 [ 28.300136] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.300664] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.301325] kasan_check_range+0x10c/0x1c0 [ 28.301936] __kasan_check_write+0x18/0x20 [ 28.302633] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 28.304074] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.304592] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.305047] ? trace_hardirqs_on+0x37/0xe0 [ 28.305563] ? kasan_bitops_generic+0x93/0x1c0 [ 28.306830] kasan_bitops_generic+0x122/0x1c0 [ 28.307131] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.307721] ? __pfx_read_tsc+0x10/0x10 [ 28.308304] ? ktime_get_ts64+0x86/0x230 [ 28.309069] kunit_try_run_case+0x1b3/0x490 [ 28.309952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.310478] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.310974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.311504] ? __kthread_parkme+0x82/0x160 [ 28.311931] ? preempt_count_sub+0x50/0x80 [ 28.313500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.314657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.315440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.316149] kthread+0x257/0x310 [ 28.316503] ? __pfx_kthread+0x10/0x10 [ 28.317190] ret_from_fork+0x41/0x80 [ 28.317744] ? __pfx_kthread+0x10/0x10 [ 28.318330] ret_from_fork_asm+0x1a/0x30 [ 28.318955] </TASK> [ 28.319291] [ 28.319767] Allocated by task 268: [ 28.320087] kasan_save_stack+0x3d/0x60 [ 28.320514] kasan_save_track+0x18/0x40 [ 28.321386] kasan_save_alloc_info+0x3b/0x50 [ 28.321782] __kasan_kmalloc+0xb7/0xc0 [ 28.322143] __kmalloc_cache_noprof+0x184/0x410 [ 28.322966] kasan_bitops_generic+0x93/0x1c0 [ 28.323449] kunit_try_run_case+0x1b3/0x490 [ 28.324350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.325237] kthread+0x257/0x310 [ 28.325592] ret_from_fork+0x41/0x80 [ 28.325926] ret_from_fork_asm+0x1a/0x30 [ 28.326618] [ 28.326980] The buggy address belongs to the object at ffff888101094760 [ 28.326980] which belongs to the cache kmalloc-16 of size 16 [ 28.328378] The buggy address is located 8 bytes inside of [ 28.328378] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.329823] [ 28.330276] The buggy address belongs to the physical page: [ 28.331423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.332159] flags: 0x200000000000000(node=0|zone=2) [ 28.332981] page_type: f5(slab) [ 28.333597] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.334437] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.335326] page dumped because: kasan: bad access detected [ 28.336125] [ 28.336357] Memory state around the buggy address: [ 28.337461] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.338080] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.338703] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.339392] ^ [ 28.340117] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.340957] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.341715] ================================================================== [ 28.390920] ================================================================== [ 28.391622] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.392683] Read of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.393786] [ 28.393982] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.395039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.395332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.396783] Call Trace: [ 28.397283] <TASK> [ 28.397689] dump_stack_lvl+0x73/0xb0 [ 28.398222] print_report+0xd1/0x640 [ 28.398844] ? __virt_addr_valid+0x1db/0x2d0 [ 28.399443] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.400238] kasan_report+0x102/0x140 [ 28.400678] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.401414] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.402149] __asan_report_load8_noabort+0x18/0x20 [ 28.402708] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 28.403446] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.404243] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.404803] ? trace_hardirqs_on+0x37/0xe0 [ 28.405346] ? kasan_bitops_generic+0x93/0x1c0 [ 28.405975] kasan_bitops_generic+0x122/0x1c0 [ 28.406438] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.407009] ? __pfx_read_tsc+0x10/0x10 [ 28.407534] ? ktime_get_ts64+0x86/0x230 [ 28.408036] kunit_try_run_case+0x1b3/0x490 [ 28.408642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.409192] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.409979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.410696] ? __kthread_parkme+0x82/0x160 [ 28.411181] ? preempt_count_sub+0x50/0x80 [ 28.411815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.412436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.413063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.413684] kthread+0x257/0x310 [ 28.414201] ? __pfx_kthread+0x10/0x10 [ 28.414716] ret_from_fork+0x41/0x80 [ 28.415320] ? __pfx_kthread+0x10/0x10 [ 28.415873] ret_from_fork_asm+0x1a/0x30 [ 28.416400] </TASK> [ 28.416865] [ 28.417022] Allocated by task 268: [ 28.417656] kasan_save_stack+0x3d/0x60 [ 28.418188] kasan_save_track+0x18/0x40 [ 28.418794] kasan_save_alloc_info+0x3b/0x50 [ 28.419312] __kasan_kmalloc+0xb7/0xc0 [ 28.419875] __kmalloc_cache_noprof+0x184/0x410 [ 28.420427] kasan_bitops_generic+0x93/0x1c0 [ 28.420852] kunit_try_run_case+0x1b3/0x490 [ 28.421120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.421887] kthread+0x257/0x310 [ 28.422141] ret_from_fork+0x41/0x80 [ 28.422585] ret_from_fork_asm+0x1a/0x30 [ 28.423424] [ 28.423613] The buggy address belongs to the object at ffff888101094760 [ 28.423613] which belongs to the cache kmalloc-16 of size 16 [ 28.425111] The buggy address is located 8 bytes inside of [ 28.425111] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.426362] [ 28.426614] The buggy address belongs to the physical page: [ 28.427399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.428227] flags: 0x200000000000000(node=0|zone=2) [ 28.428885] page_type: f5(slab) [ 28.429416] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.430282] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.431041] page dumped because: kasan: bad access detected [ 28.431662] [ 28.431960] Memory state around the buggy address: [ 28.432488] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.433159] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.433891] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.434365] ^ [ 28.434983] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.435590] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.436347] ================================================================== [ 28.154335] ================================================================== [ 28.154834] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.155890] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.156440] [ 28.156716] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.157836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.158309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.159142] Call Trace: [ 28.159541] <TASK> [ 28.159959] dump_stack_lvl+0x73/0xb0 [ 28.160296] print_report+0xd1/0x640 [ 28.160896] ? __virt_addr_valid+0x1db/0x2d0 [ 28.161441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.161965] kasan_report+0x102/0x140 [ 28.162513] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.163153] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.163812] kasan_check_range+0x10c/0x1c0 [ 28.164443] __kasan_check_write+0x18/0x20 [ 28.165292] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 28.165560] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.166013] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.166696] ? trace_hardirqs_on+0x37/0xe0 [ 28.167156] ? kasan_bitops_generic+0x93/0x1c0 [ 28.167645] kasan_bitops_generic+0x122/0x1c0 [ 28.168303] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.168851] ? __pfx_read_tsc+0x10/0x10 [ 28.169412] ? ktime_get_ts64+0x86/0x230 [ 28.169993] kunit_try_run_case+0x1b3/0x490 [ 28.170490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.171092] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.171687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.172188] ? __kthread_parkme+0x82/0x160 [ 28.172730] ? preempt_count_sub+0x50/0x80 [ 28.173133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.174233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.174928] kthread+0x257/0x310 [ 28.175254] ? __pfx_kthread+0x10/0x10 [ 28.175801] ret_from_fork+0x41/0x80 [ 28.176204] ? __pfx_kthread+0x10/0x10 [ 28.176608] ret_from_fork_asm+0x1a/0x30 [ 28.177202] </TASK> [ 28.177488] [ 28.177792] Allocated by task 268: [ 28.178242] kasan_save_stack+0x3d/0x60 [ 28.178703] kasan_save_track+0x18/0x40 [ 28.179190] kasan_save_alloc_info+0x3b/0x50 [ 28.179716] __kasan_kmalloc+0xb7/0xc0 [ 28.180236] __kmalloc_cache_noprof+0x184/0x410 [ 28.180726] kasan_bitops_generic+0x93/0x1c0 [ 28.181350] kunit_try_run_case+0x1b3/0x490 [ 28.181806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.182436] kthread+0x257/0x310 [ 28.182811] ret_from_fork+0x41/0x80 [ 28.183189] ret_from_fork_asm+0x1a/0x30 [ 28.183810] [ 28.184097] The buggy address belongs to the object at ffff888101094760 [ 28.184097] which belongs to the cache kmalloc-16 of size 16 [ 28.185034] The buggy address is located 8 bytes inside of [ 28.185034] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.186300] [ 28.186558] The buggy address belongs to the physical page: [ 28.187176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.187929] flags: 0x200000000000000(node=0|zone=2) [ 28.188454] page_type: f5(slab) [ 28.188862] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.189652] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.190470] page dumped because: kasan: bad access detected [ 28.191129] [ 28.191324] Memory state around the buggy address: [ 28.191908] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.192643] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.193299] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.194122] ^ [ 28.194799] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.195495] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.196214] ================================================================== [ 28.197533] ================================================================== [ 28.198014] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.199148] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 28.199887] [ 28.200187] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 28.201497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.201971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.202794] Call Trace: [ 28.203055] <TASK> [ 28.203564] dump_stack_lvl+0x73/0xb0 [ 28.204217] print_report+0xd1/0x640 [ 28.205044] ? __virt_addr_valid+0x1db/0x2d0 [ 28.205625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.206380] kasan_report+0x102/0x140 [ 28.206889] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.207925] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.208679] kasan_check_range+0x10c/0x1c0 [ 28.209283] __kasan_check_write+0x18/0x20 [ 28.210005] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 28.210727] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.211488] ? __kmalloc_cache_noprof+0x184/0x410 [ 28.212078] ? trace_hardirqs_on+0x37/0xe0 [ 28.212642] ? kasan_bitops_generic+0x93/0x1c0 [ 28.213226] kasan_bitops_generic+0x122/0x1c0 [ 28.213712] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.214377] ? __pfx_read_tsc+0x10/0x10 [ 28.214965] ? ktime_get_ts64+0x86/0x230 [ 28.215429] kunit_try_run_case+0x1b3/0x490 [ 28.215940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.216510] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 28.216972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.217642] ? __kthread_parkme+0x82/0x160 [ 28.218120] ? preempt_count_sub+0x50/0x80 [ 28.218529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.219108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.219795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.220302] kthread+0x257/0x310 [ 28.220789] ? __pfx_kthread+0x10/0x10 [ 28.221175] ret_from_fork+0x41/0x80 [ 28.221564] ? __pfx_kthread+0x10/0x10 [ 28.221964] ret_from_fork_asm+0x1a/0x30 [ 28.222531] </TASK> [ 28.222931] [ 28.223187] Allocated by task 268: [ 28.223613] kasan_save_stack+0x3d/0x60 [ 28.224092] kasan_save_track+0x18/0x40 [ 28.224551] kasan_save_alloc_info+0x3b/0x50 [ 28.225134] __kasan_kmalloc+0xb7/0xc0 [ 28.225497] __kmalloc_cache_noprof+0x184/0x410 [ 28.226066] kasan_bitops_generic+0x93/0x1c0 [ 28.226500] kunit_try_run_case+0x1b3/0x490 [ 28.227106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.228009] kthread+0x257/0x310 [ 28.228247] ret_from_fork+0x41/0x80 [ 28.229331] ret_from_fork_asm+0x1a/0x30 [ 28.230005] [ 28.230169] The buggy address belongs to the object at ffff888101094760 [ 28.230169] which belongs to the cache kmalloc-16 of size 16 [ 28.231391] The buggy address is located 8 bytes inside of [ 28.231391] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.233154] [ 28.233583] The buggy address belongs to the physical page: [ 28.234097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.235606] flags: 0x200000000000000(node=0|zone=2) [ 28.236328] page_type: f5(slab) [ 28.236805] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.237745] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.238380] page dumped because: kasan: bad access detected [ 28.239508] [ 28.239716] Memory state around the buggy address: [ 28.240068] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.241172] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.242082] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.243099] ^ [ 28.243641] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.244634] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.245563] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 27.634798] ================================================================== [ 27.636600] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.637395] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.637998] [ 27.638309] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.639040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.639486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.641709] Call Trace: [ 27.642012] <TASK> [ 27.642655] dump_stack_lvl+0x73/0xb0 [ 27.643191] print_report+0xd1/0x640 [ 27.643917] ? __virt_addr_valid+0x1db/0x2d0 [ 27.645058] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.646543] kasan_report+0x102/0x140 [ 27.646811] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.647899] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.648559] kasan_check_range+0x10c/0x1c0 [ 27.649002] __kasan_check_write+0x18/0x20 [ 27.649379] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 27.649917] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.652020] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.652609] ? trace_hardirqs_on+0x37/0xe0 [ 27.653371] ? kasan_bitops_generic+0x93/0x1c0 [ 27.654060] kasan_bitops_generic+0x117/0x1c0 [ 27.654747] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.655774] ? __pfx_read_tsc+0x10/0x10 [ 27.656664] ? ktime_get_ts64+0x86/0x230 [ 27.657429] kunit_try_run_case+0x1b3/0x490 [ 27.657855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.658474] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.659705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.660299] ? __kthread_parkme+0x82/0x160 [ 27.661048] ? preempt_count_sub+0x50/0x80 [ 27.662209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.662600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.663602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.664096] kthread+0x257/0x310 [ 27.664783] ? __pfx_kthread+0x10/0x10 [ 27.665198] ret_from_fork+0x41/0x80 [ 27.665621] ? __pfx_kthread+0x10/0x10 [ 27.666644] ret_from_fork_asm+0x1a/0x30 [ 27.666972] </TASK> [ 27.668037] [ 27.669007] Allocated by task 268: [ 27.669289] kasan_save_stack+0x3d/0x60 [ 27.670026] kasan_save_track+0x18/0x40 [ 27.670432] kasan_save_alloc_info+0x3b/0x50 [ 27.671375] __kasan_kmalloc+0xb7/0xc0 [ 27.671856] __kmalloc_cache_noprof+0x184/0x410 [ 27.672879] kasan_bitops_generic+0x93/0x1c0 [ 27.673678] kunit_try_run_case+0x1b3/0x490 [ 27.674584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.675243] kthread+0x257/0x310 [ 27.676075] ret_from_fork+0x41/0x80 [ 27.676861] ret_from_fork_asm+0x1a/0x30 [ 27.677558] [ 27.677806] The buggy address belongs to the object at ffff888101094760 [ 27.677806] which belongs to the cache kmalloc-16 of size 16 [ 27.678707] The buggy address is located 8 bytes inside of [ 27.678707] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.679633] [ 27.679795] The buggy address belongs to the physical page: [ 27.681108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.682859] flags: 0x200000000000000(node=0|zone=2) [ 27.683303] page_type: f5(slab) [ 27.684056] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.685455] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.686966] page dumped because: kasan: bad access detected [ 27.687807] [ 27.688060] Memory state around the buggy address: [ 27.688753] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.689970] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.691160] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.692581] ^ [ 27.693481] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.694918] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.695840] ================================================================== [ 27.758969] ================================================================== [ 27.759561] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.761889] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.763054] [ 27.763525] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.764644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.765041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.765817] Call Trace: [ 27.766106] <TASK> [ 27.766967] dump_stack_lvl+0x73/0xb0 [ 27.767480] print_report+0xd1/0x640 [ 27.767925] ? __virt_addr_valid+0x1db/0x2d0 [ 27.768593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.769109] kasan_report+0x102/0x140 [ 27.769677] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.770514] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.770834] kasan_check_range+0x10c/0x1c0 [ 27.771034] __kasan_check_write+0x18/0x20 [ 27.771227] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 27.771955] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.772622] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.773201] ? trace_hardirqs_on+0x37/0xe0 [ 27.773724] ? kasan_bitops_generic+0x93/0x1c0 [ 27.774792] kasan_bitops_generic+0x117/0x1c0 [ 27.775516] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.776084] ? __pfx_read_tsc+0x10/0x10 [ 27.776633] ? ktime_get_ts64+0x86/0x230 [ 27.777105] kunit_try_run_case+0x1b3/0x490 [ 27.777648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.778140] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.779133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.779725] ? __kthread_parkme+0x82/0x160 [ 27.780324] ? preempt_count_sub+0x50/0x80 [ 27.780697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.781202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.781845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.782975] kthread+0x257/0x310 [ 27.783583] ? __pfx_kthread+0x10/0x10 [ 27.784048] ret_from_fork+0x41/0x80 [ 27.784622] ? __pfx_kthread+0x10/0x10 [ 27.785148] ret_from_fork_asm+0x1a/0x30 [ 27.785673] </TASK> [ 27.786036] [ 27.786857] Allocated by task 268: [ 27.787150] kasan_save_stack+0x3d/0x60 [ 27.787747] kasan_save_track+0x18/0x40 [ 27.788449] kasan_save_alloc_info+0x3b/0x50 [ 27.788847] __kasan_kmalloc+0xb7/0xc0 [ 27.789312] __kmalloc_cache_noprof+0x184/0x410 [ 27.789757] kasan_bitops_generic+0x93/0x1c0 [ 27.790204] kunit_try_run_case+0x1b3/0x490 [ 27.790550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.791824] kthread+0x257/0x310 [ 27.792141] ret_from_fork+0x41/0x80 [ 27.792634] ret_from_fork_asm+0x1a/0x30 [ 27.793151] [ 27.793510] The buggy address belongs to the object at ffff888101094760 [ 27.793510] which belongs to the cache kmalloc-16 of size 16 [ 27.795143] The buggy address is located 8 bytes inside of [ 27.795143] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.796425] [ 27.796676] The buggy address belongs to the physical page: [ 27.797155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.798112] flags: 0x200000000000000(node=0|zone=2) [ 27.799134] page_type: f5(slab) [ 27.799582] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.800580] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.801433] page dumped because: kasan: bad access detected [ 27.802059] [ 27.802613] Memory state around the buggy address: [ 27.802954] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.804096] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.804992] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.805687] ^ [ 27.806338] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.806975] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.807590] ================================================================== [ 27.578154] ================================================================== [ 27.579565] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.581176] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.583061] [ 27.583480] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.584809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.585394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.586191] Call Trace: [ 27.586572] <TASK> [ 27.586834] dump_stack_lvl+0x73/0xb0 [ 27.587232] print_report+0xd1/0x640 [ 27.587983] ? __virt_addr_valid+0x1db/0x2d0 [ 27.588581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.589388] kasan_report+0x102/0x140 [ 27.589873] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.591021] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.592088] kasan_check_range+0x10c/0x1c0 [ 27.592665] __kasan_check_write+0x18/0x20 [ 27.593200] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 27.593924] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.594519] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.595387] ? trace_hardirqs_on+0x37/0xe0 [ 27.595733] ? kasan_bitops_generic+0x93/0x1c0 [ 27.596654] kasan_bitops_generic+0x117/0x1c0 [ 27.597317] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.598201] ? __pfx_read_tsc+0x10/0x10 [ 27.598771] ? ktime_get_ts64+0x86/0x230 [ 27.599584] kunit_try_run_case+0x1b3/0x490 [ 27.599940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.601166] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.601775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.602336] ? __kthread_parkme+0x82/0x160 [ 27.602912] ? preempt_count_sub+0x50/0x80 [ 27.603656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.604241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.604841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.606159] kthread+0x257/0x310 [ 27.606670] ? __pfx_kthread+0x10/0x10 [ 27.607113] ret_from_fork+0x41/0x80 [ 27.607628] ? __pfx_kthread+0x10/0x10 [ 27.608107] ret_from_fork_asm+0x1a/0x30 [ 27.608969] </TASK> [ 27.609209] [ 27.609544] Allocated by task 268: [ 27.609923] kasan_save_stack+0x3d/0x60 [ 27.610798] kasan_save_track+0x18/0x40 [ 27.610994] kasan_save_alloc_info+0x3b/0x50 [ 27.611188] __kasan_kmalloc+0xb7/0xc0 [ 27.611845] __kmalloc_cache_noprof+0x184/0x410 [ 27.612672] kasan_bitops_generic+0x93/0x1c0 [ 27.613905] kunit_try_run_case+0x1b3/0x490 [ 27.614733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.615506] kthread+0x257/0x310 [ 27.615735] ret_from_fork+0x41/0x80 [ 27.616004] ret_from_fork_asm+0x1a/0x30 [ 27.616196] [ 27.616335] The buggy address belongs to the object at ffff888101094760 [ 27.616335] which belongs to the cache kmalloc-16 of size 16 [ 27.618070] The buggy address is located 8 bytes inside of [ 27.618070] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.619802] [ 27.620058] The buggy address belongs to the physical page: [ 27.621018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.622529] flags: 0x200000000000000(node=0|zone=2) [ 27.622756] page_type: f5(slab) [ 27.623562] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.624758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.625717] page dumped because: kasan: bad access detected [ 27.626654] [ 27.626877] Memory state around the buggy address: [ 27.627647] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.628607] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.629577] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.630069] ^ [ 27.631401] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.632065] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.632682] ================================================================== [ 27.968782] ================================================================== [ 27.969510] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.970259] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.970924] [ 27.971171] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.972047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.973078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.974192] Call Trace: [ 27.974596] <TASK> [ 27.974953] dump_stack_lvl+0x73/0xb0 [ 27.975437] print_report+0xd1/0x640 [ 27.975762] ? __virt_addr_valid+0x1db/0x2d0 [ 27.976399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.976804] kasan_report+0x102/0x140 [ 27.977163] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.977759] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.978249] kasan_check_range+0x10c/0x1c0 [ 27.978707] __kasan_check_write+0x18/0x20 [ 27.979430] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 27.980005] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.980583] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.981048] ? trace_hardirqs_on+0x37/0xe0 [ 27.981584] ? kasan_bitops_generic+0x93/0x1c0 [ 27.982014] kasan_bitops_generic+0x117/0x1c0 [ 27.982621] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.982960] ? __pfx_read_tsc+0x10/0x10 [ 27.983608] ? ktime_get_ts64+0x86/0x230 [ 27.984076] kunit_try_run_case+0x1b3/0x490 [ 27.984446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.984882] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.985409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.985747] ? __kthread_parkme+0x82/0x160 [ 27.986331] ? preempt_count_sub+0x50/0x80 [ 27.986902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.987373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.988079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.989426] kthread+0x257/0x310 [ 27.990179] ? __pfx_kthread+0x10/0x10 [ 27.990766] ret_from_fork+0x41/0x80 [ 27.991412] ? __pfx_kthread+0x10/0x10 [ 27.991858] ret_from_fork_asm+0x1a/0x30 [ 27.992586] </TASK> [ 27.992901] [ 27.993064] Allocated by task 268: [ 27.993549] kasan_save_stack+0x3d/0x60 [ 27.994064] kasan_save_track+0x18/0x40 [ 27.994557] kasan_save_alloc_info+0x3b/0x50 [ 27.995107] __kasan_kmalloc+0xb7/0xc0 [ 27.995699] __kmalloc_cache_noprof+0x184/0x410 [ 27.996223] kasan_bitops_generic+0x93/0x1c0 [ 27.996712] kunit_try_run_case+0x1b3/0x490 [ 27.997333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.997837] kthread+0x257/0x310 [ 27.998091] ret_from_fork+0x41/0x80 [ 27.998617] ret_from_fork_asm+0x1a/0x30 [ 27.999144] [ 27.999435] The buggy address belongs to the object at ffff888101094760 [ 27.999435] which belongs to the cache kmalloc-16 of size 16 [ 28.000567] The buggy address is located 8 bytes inside of [ 28.000567] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 28.001447] [ 28.001743] The buggy address belongs to the physical page: [ 28.002471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 28.003364] flags: 0x200000000000000(node=0|zone=2) [ 28.003697] page_type: f5(slab) [ 28.003950] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.004917] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.006076] page dumped because: kasan: bad access detected [ 28.006590] [ 28.006748] Memory state around the buggy address: [ 28.007078] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 28.008159] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 28.009147] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 28.009731] ^ [ 28.010563] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.011150] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.011933] ================================================================== [ 27.696669] ================================================================== [ 27.697089] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.699067] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.700455] [ 27.700635] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.702729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.704292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.705432] Call Trace: [ 27.705942] <TASK> [ 27.706870] dump_stack_lvl+0x73/0xb0 [ 27.707357] print_report+0xd1/0x640 [ 27.708019] ? __virt_addr_valid+0x1db/0x2d0 [ 27.708833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.709842] kasan_report+0x102/0x140 [ 27.710867] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.711513] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.712318] kasan_check_range+0x10c/0x1c0 [ 27.712708] __kasan_check_write+0x18/0x20 [ 27.713860] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 27.714727] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.715265] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.716020] ? trace_hardirqs_on+0x37/0xe0 [ 27.717092] ? kasan_bitops_generic+0x93/0x1c0 [ 27.717572] kasan_bitops_generic+0x117/0x1c0 [ 27.718555] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.719053] ? __pfx_read_tsc+0x10/0x10 [ 27.719558] ? ktime_get_ts64+0x86/0x230 [ 27.719945] kunit_try_run_case+0x1b3/0x490 [ 27.720553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.721635] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.723307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.723778] ? __kthread_parkme+0x82/0x160 [ 27.724161] ? preempt_count_sub+0x50/0x80 [ 27.724553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.724982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.726463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.727057] kthread+0x257/0x310 [ 27.727695] ? __pfx_kthread+0x10/0x10 [ 27.728672] ret_from_fork+0x41/0x80 [ 27.729065] ? __pfx_kthread+0x10/0x10 [ 27.729303] ret_from_fork_asm+0x1a/0x30 [ 27.729720] </TASK> [ 27.730051] [ 27.730966] Allocated by task 268: [ 27.731318] kasan_save_stack+0x3d/0x60 [ 27.732062] kasan_save_track+0x18/0x40 [ 27.732719] kasan_save_alloc_info+0x3b/0x50 [ 27.733909] __kasan_kmalloc+0xb7/0xc0 [ 27.735036] __kmalloc_cache_noprof+0x184/0x410 [ 27.735745] kasan_bitops_generic+0x93/0x1c0 [ 27.736217] kunit_try_run_case+0x1b3/0x490 [ 27.736693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.738516] kthread+0x257/0x310 [ 27.739122] ret_from_fork+0x41/0x80 [ 27.739673] ret_from_fork_asm+0x1a/0x30 [ 27.740156] [ 27.740452] The buggy address belongs to the object at ffff888101094760 [ 27.740452] which belongs to the cache kmalloc-16 of size 16 [ 27.741640] The buggy address is located 8 bytes inside of [ 27.741640] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.743159] [ 27.743675] The buggy address belongs to the physical page: [ 27.744309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.745759] flags: 0x200000000000000(node=0|zone=2) [ 27.746258] page_type: f5(slab) [ 27.746526] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.748146] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.749505] page dumped because: kasan: bad access detected [ 27.750513] [ 27.750698] Memory state around the buggy address: [ 27.751620] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.753072] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.753937] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.754735] ^ [ 27.755536] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.756841] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.757496] ================================================================== [ 27.864992] ================================================================== [ 27.866243] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.867416] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.868951] [ 27.869158] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.870933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.871557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.872699] Call Trace: [ 27.872964] <TASK> [ 27.873760] dump_stack_lvl+0x73/0xb0 [ 27.874162] print_report+0xd1/0x640 [ 27.874560] ? __virt_addr_valid+0x1db/0x2d0 [ 27.874998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.876760] kasan_report+0x102/0x140 [ 27.877145] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.878127] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.878967] kasan_check_range+0x10c/0x1c0 [ 27.879506] __kasan_check_write+0x18/0x20 [ 27.879708] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 27.880972] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.881696] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.882721] ? trace_hardirqs_on+0x37/0xe0 [ 27.883350] ? kasan_bitops_generic+0x93/0x1c0 [ 27.884035] kasan_bitops_generic+0x117/0x1c0 [ 27.885031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.885508] ? __pfx_read_tsc+0x10/0x10 [ 27.886896] ? ktime_get_ts64+0x86/0x230 [ 27.887582] kunit_try_run_case+0x1b3/0x490 [ 27.888050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.888501] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.888873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.889676] ? __kthread_parkme+0x82/0x160 [ 27.890020] ? preempt_count_sub+0x50/0x80 [ 27.890677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.891457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.892082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.892647] kthread+0x257/0x310 [ 27.893351] ? __pfx_kthread+0x10/0x10 [ 27.893721] ret_from_fork+0x41/0x80 [ 27.893983] ? __pfx_kthread+0x10/0x10 [ 27.894496] ret_from_fork_asm+0x1a/0x30 [ 27.895338] </TASK> [ 27.895675] [ 27.895915] Allocated by task 268: [ 27.896704] kasan_save_stack+0x3d/0x60 [ 27.897063] kasan_save_track+0x18/0x40 [ 27.897526] kasan_save_alloc_info+0x3b/0x50 [ 27.898085] __kasan_kmalloc+0xb7/0xc0 [ 27.898404] __kmalloc_cache_noprof+0x184/0x410 [ 27.898930] kasan_bitops_generic+0x93/0x1c0 [ 27.899484] kunit_try_run_case+0x1b3/0x490 [ 27.900686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.901069] kthread+0x257/0x310 [ 27.901502] ret_from_fork+0x41/0x80 [ 27.902074] ret_from_fork_asm+0x1a/0x30 [ 27.902613] [ 27.902816] The buggy address belongs to the object at ffff888101094760 [ 27.902816] which belongs to the cache kmalloc-16 of size 16 [ 27.904005] The buggy address is located 8 bytes inside of [ 27.904005] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.904762] [ 27.904923] The buggy address belongs to the physical page: [ 27.906197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.906989] flags: 0x200000000000000(node=0|zone=2) [ 27.907363] page_type: f5(slab) [ 27.907621] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.908402] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.909335] page dumped because: kasan: bad access detected [ 27.910436] [ 27.910620] Memory state around the buggy address: [ 27.911058] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.911767] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.912461] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.913103] ^ [ 27.913775] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.915089] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.916031] ================================================================== [ 27.808935] ================================================================== [ 27.809702] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.810617] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.811140] [ 27.811546] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.813186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.813723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.814639] Call Trace: [ 27.815059] <TASK> [ 27.815532] dump_stack_lvl+0x73/0xb0 [ 27.816000] print_report+0xd1/0x640 [ 27.816932] ? __virt_addr_valid+0x1db/0x2d0 [ 27.817434] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.818029] kasan_report+0x102/0x140 [ 27.818628] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.819292] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.819827] kasan_check_range+0x10c/0x1c0 [ 27.820659] __kasan_check_write+0x18/0x20 [ 27.821139] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 27.821634] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.822112] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.822652] ? trace_hardirqs_on+0x37/0xe0 [ 27.823291] ? kasan_bitops_generic+0x93/0x1c0 [ 27.823746] kasan_bitops_generic+0x117/0x1c0 [ 27.824630] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.825104] ? __pfx_read_tsc+0x10/0x10 [ 27.825688] ? ktime_get_ts64+0x86/0x230 [ 27.826114] kunit_try_run_case+0x1b3/0x490 [ 27.826849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.827287] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.828008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.828749] ? __kthread_parkme+0x82/0x160 [ 27.829455] ? preempt_count_sub+0x50/0x80 [ 27.830079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.830919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.831348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.832457] kthread+0x257/0x310 [ 27.832700] ? __pfx_kthread+0x10/0x10 [ 27.834020] ret_from_fork+0x41/0x80 [ 27.834920] ? __pfx_kthread+0x10/0x10 [ 27.835511] ret_from_fork_asm+0x1a/0x30 [ 27.836657] </TASK> [ 27.836842] [ 27.836977] Allocated by task 268: [ 27.837226] kasan_save_stack+0x3d/0x60 [ 27.838007] kasan_save_track+0x18/0x40 [ 27.838810] kasan_save_alloc_info+0x3b/0x50 [ 27.839691] __kasan_kmalloc+0xb7/0xc0 [ 27.840855] __kmalloc_cache_noprof+0x184/0x410 [ 27.841232] kasan_bitops_generic+0x93/0x1c0 [ 27.841663] kunit_try_run_case+0x1b3/0x490 [ 27.842328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.842977] kthread+0x257/0x310 [ 27.843812] ret_from_fork+0x41/0x80 [ 27.844479] ret_from_fork_asm+0x1a/0x30 [ 27.846371] [ 27.846645] The buggy address belongs to the object at ffff888101094760 [ 27.846645] which belongs to the cache kmalloc-16 of size 16 [ 27.847675] The buggy address is located 8 bytes inside of [ 27.847675] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.849763] [ 27.850007] The buggy address belongs to the physical page: [ 27.850562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.851588] flags: 0x200000000000000(node=0|zone=2) [ 27.852090] page_type: f5(slab) [ 27.852793] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.854315] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.855070] page dumped because: kasan: bad access detected [ 27.855427] [ 27.855663] Memory state around the buggy address: [ 27.856200] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.857617] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.859172] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.859932] ^ [ 27.860964] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.861406] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.862904] ================================================================== [ 27.917075] ================================================================== [ 27.917847] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.919386] Write of size 8 at addr ffff888101094768 by task kunit_try_catch/268 [ 27.919909] [ 27.920094] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.921728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.922098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.923496] Call Trace: [ 27.923968] <TASK> [ 27.924174] dump_stack_lvl+0x73/0xb0 [ 27.924702] print_report+0xd1/0x640 [ 27.925090] ? __virt_addr_valid+0x1db/0x2d0 [ 27.925730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.926363] kasan_report+0x102/0x140 [ 27.926725] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.927352] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.928729] kasan_check_range+0x10c/0x1c0 [ 27.929401] __kasan_check_write+0x18/0x20 [ 27.929743] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 27.930350] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.931012] ? __kmalloc_cache_noprof+0x184/0x410 [ 27.932072] ? trace_hardirqs_on+0x37/0xe0 [ 27.932623] ? kasan_bitops_generic+0x93/0x1c0 [ 27.933180] kasan_bitops_generic+0x117/0x1c0 [ 27.933851] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.934434] ? __pfx_read_tsc+0x10/0x10 [ 27.935121] ? ktime_get_ts64+0x86/0x230 [ 27.936134] kunit_try_run_case+0x1b3/0x490 [ 27.936722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.937230] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.937942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.938622] ? __kthread_parkme+0x82/0x160 [ 27.939193] ? preempt_count_sub+0x50/0x80 [ 27.939586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.940050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.940691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.941308] kthread+0x257/0x310 [ 27.941712] ? __pfx_kthread+0x10/0x10 [ 27.942057] ret_from_fork+0x41/0x80 [ 27.942354] ? __pfx_kthread+0x10/0x10 [ 27.943934] ret_from_fork_asm+0x1a/0x30 [ 27.944655] </TASK> [ 27.945079] [ 27.945356] Allocated by task 268: [ 27.945633] kasan_save_stack+0x3d/0x60 [ 27.946376] kasan_save_track+0x18/0x40 [ 27.946699] kasan_save_alloc_info+0x3b/0x50 [ 27.947127] __kasan_kmalloc+0xb7/0xc0 [ 27.948065] __kmalloc_cache_noprof+0x184/0x410 [ 27.949017] kasan_bitops_generic+0x93/0x1c0 [ 27.949421] kunit_try_run_case+0x1b3/0x490 [ 27.950076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.950733] kthread+0x257/0x310 [ 27.951155] ret_from_fork+0x41/0x80 [ 27.952060] ret_from_fork_asm+0x1a/0x30 [ 27.952535] [ 27.952969] The buggy address belongs to the object at ffff888101094760 [ 27.952969] which belongs to the cache kmalloc-16 of size 16 [ 27.954061] The buggy address is located 8 bytes inside of [ 27.954061] allocated 9-byte region [ffff888101094760, ffff888101094769) [ 27.955090] [ 27.955244] The buggy address belongs to the physical page: [ 27.956161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 27.957055] flags: 0x200000000000000(node=0|zone=2) [ 27.957582] page_type: f5(slab) [ 27.958777] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.959888] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.960574] page dumped because: kasan: bad access detected [ 27.961116] [ 27.961336] Memory state around the buggy address: [ 27.961840] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 27.962749] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 27.963913] >ffff888101094700: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 27.964535] ^ [ 27.965363] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.966063] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.966892] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 27.525936] ================================================================== [ 27.526707] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 27.528207] Read of size 1 at addr ffff888102964dd0 by task kunit_try_catch/266 [ 27.528909] [ 27.529330] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.530397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.530901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.531683] Call Trace: [ 27.532212] <TASK> [ 27.532530] dump_stack_lvl+0x73/0xb0 [ 27.533083] print_report+0xd1/0x640 [ 27.533601] ? __virt_addr_valid+0x1db/0x2d0 [ 27.534248] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.534949] kasan_report+0x102/0x140 [ 27.535521] ? strnlen+0x73/0x80 [ 27.535925] ? strnlen+0x73/0x80 [ 27.536411] __asan_report_load1_noabort+0x18/0x20 [ 27.536947] strnlen+0x73/0x80 [ 27.537446] kasan_strings+0x4c3/0xb60 [ 27.537884] ? __pfx_kasan_strings+0x10/0x10 [ 27.538737] ? __schedule+0xc70/0x27e0 [ 27.539181] ? __pfx_read_tsc+0x10/0x10 [ 27.539585] ? ktime_get_ts64+0x86/0x230 [ 27.540405] kunit_try_run_case+0x1b3/0x490 [ 27.541604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.542672] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.543190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.543606] ? __kthread_parkme+0x82/0x160 [ 27.544165] ? preempt_count_sub+0x50/0x80 [ 27.544563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.544974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.545488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.546069] kthread+0x257/0x310 [ 27.546591] ? __pfx_kthread+0x10/0x10 [ 27.547037] ret_from_fork+0x41/0x80 [ 27.547360] ? __pfx_kthread+0x10/0x10 [ 27.547745] ret_from_fork_asm+0x1a/0x30 [ 27.548214] </TASK> [ 27.548479] [ 27.548708] Allocated by task 266: [ 27.549117] kasan_save_stack+0x3d/0x60 [ 27.549447] kasan_save_track+0x18/0x40 [ 27.549799] kasan_save_alloc_info+0x3b/0x50 [ 27.550359] __kasan_kmalloc+0xb7/0xc0 [ 27.550837] __kmalloc_cache_noprof+0x184/0x410 [ 27.551197] kasan_strings+0xb9/0xb60 [ 27.551640] kunit_try_run_case+0x1b3/0x490 [ 27.551998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.552445] kthread+0x257/0x310 [ 27.552705] ret_from_fork+0x41/0x80 [ 27.553184] ret_from_fork_asm+0x1a/0x30 [ 27.553722] [ 27.554099] Freed by task 266: [ 27.554366] kasan_save_stack+0x3d/0x60 [ 27.554856] kasan_save_track+0x18/0x40 [ 27.555177] kasan_save_free_info+0x3f/0x60 [ 27.555659] __kasan_slab_free+0x56/0x70 [ 27.556200] kfree+0x123/0x3f0 [ 27.556468] kasan_strings+0x13c/0xb60 [ 27.556833] kunit_try_run_case+0x1b3/0x490 [ 27.557381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.558159] kthread+0x257/0x310 [ 27.558517] ret_from_fork+0x41/0x80 [ 27.559050] ret_from_fork_asm+0x1a/0x30 [ 27.559414] [ 27.559661] The buggy address belongs to the object at ffff888102964dc0 [ 27.559661] which belongs to the cache kmalloc-32 of size 32 [ 27.560356] The buggy address is located 16 bytes inside of [ 27.560356] freed 32-byte region [ffff888102964dc0, ffff888102964de0) [ 27.561430] [ 27.561591] The buggy address belongs to the physical page: [ 27.562531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102964 [ 27.563248] flags: 0x200000000000000(node=0|zone=2) [ 27.563683] page_type: f5(slab) [ 27.564076] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.564924] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.565415] page dumped because: kasan: bad access detected [ 27.565788] [ 27.566050] Memory state around the buggy address: [ 27.566882] ffff888102964c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.567464] ffff888102964d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.568075] >ffff888102964d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.568898] ^ [ 27.569437] ffff888102964e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.570100] ffff888102964e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.570655] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 27.475131] ================================================================== [ 27.475767] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 27.476734] Read of size 1 at addr ffff888102964dd0 by task kunit_try_catch/266 [ 27.477551] [ 27.478660] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.479611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.480206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.481060] Call Trace: [ 27.481396] <TASK> [ 27.481738] dump_stack_lvl+0x73/0xb0 [ 27.482192] print_report+0xd1/0x640 [ 27.482770] ? __virt_addr_valid+0x1db/0x2d0 [ 27.483228] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.483740] kasan_report+0x102/0x140 [ 27.484248] ? strlen+0x8f/0xb0 [ 27.484697] ? strlen+0x8f/0xb0 [ 27.485410] __asan_report_load1_noabort+0x18/0x20 [ 27.485970] strlen+0x8f/0xb0 [ 27.486495] kasan_strings+0x425/0xb60 [ 27.487078] ? __pfx_kasan_strings+0x10/0x10 [ 27.487639] ? __schedule+0xc70/0x27e0 [ 27.487979] ? __pfx_read_tsc+0x10/0x10 [ 27.488573] ? ktime_get_ts64+0x86/0x230 [ 27.488880] kunit_try_run_case+0x1b3/0x490 [ 27.489664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.490310] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.490778] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.491155] ? __kthread_parkme+0x82/0x160 [ 27.491907] ? preempt_count_sub+0x50/0x80 [ 27.492527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.493113] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.493692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.494498] kthread+0x257/0x310 [ 27.494933] ? __pfx_kthread+0x10/0x10 [ 27.495338] ret_from_fork+0x41/0x80 [ 27.495790] ? __pfx_kthread+0x10/0x10 [ 27.496504] ret_from_fork_asm+0x1a/0x30 [ 27.496842] </TASK> [ 27.497367] [ 27.497689] Allocated by task 266: [ 27.498122] kasan_save_stack+0x3d/0x60 [ 27.498664] kasan_save_track+0x18/0x40 [ 27.499243] kasan_save_alloc_info+0x3b/0x50 [ 27.499762] __kasan_kmalloc+0xb7/0xc0 [ 27.500264] __kmalloc_cache_noprof+0x184/0x410 [ 27.500808] kasan_strings+0xb9/0xb60 [ 27.501264] kunit_try_run_case+0x1b3/0x490 [ 27.501753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.502500] kthread+0x257/0x310 [ 27.503027] ret_from_fork+0x41/0x80 [ 27.503409] ret_from_fork_asm+0x1a/0x30 [ 27.503874] [ 27.504189] Freed by task 266: [ 27.504566] kasan_save_stack+0x3d/0x60 [ 27.504857] kasan_save_track+0x18/0x40 [ 27.505514] kasan_save_free_info+0x3f/0x60 [ 27.506128] __kasan_slab_free+0x56/0x70 [ 27.506570] kfree+0x123/0x3f0 [ 27.507151] kasan_strings+0x13c/0xb60 [ 27.507717] kunit_try_run_case+0x1b3/0x490 [ 27.508216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.508829] kthread+0x257/0x310 [ 27.509323] ret_from_fork+0x41/0x80 [ 27.509693] ret_from_fork_asm+0x1a/0x30 [ 27.510246] [ 27.510462] The buggy address belongs to the object at ffff888102964dc0 [ 27.510462] which belongs to the cache kmalloc-32 of size 32 [ 27.511491] The buggy address is located 16 bytes inside of [ 27.511491] freed 32-byte region [ffff888102964dc0, ffff888102964de0) [ 27.513030] [ 27.513196] The buggy address belongs to the physical page: [ 27.514075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102964 [ 27.515110] flags: 0x200000000000000(node=0|zone=2) [ 27.515550] page_type: f5(slab) [ 27.516182] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.516941] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.517771] page dumped because: kasan: bad access detected [ 27.518616] [ 27.518893] Memory state around the buggy address: [ 27.519384] ffff888102964c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.520171] ffff888102964d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.520855] >ffff888102964d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.521807] ^ [ 27.522716] ffff888102964e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.523514] ffff888102964e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.524327] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 27.418754] ================================================================== [ 27.420064] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 27.420641] Read of size 1 at addr ffff888102964dd0 by task kunit_try_catch/266 [ 27.421539] [ 27.421844] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.422752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.423393] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.425438] Call Trace: [ 27.426389] <TASK> [ 27.426641] dump_stack_lvl+0x73/0xb0 [ 27.427669] print_report+0xd1/0x640 [ 27.428145] ? __virt_addr_valid+0x1db/0x2d0 [ 27.428795] ? kasan_complete_mode_report_info+0x64/0x200 [ 27.429367] kasan_report+0x102/0x140 [ 27.429794] ? kasan_strings+0xa0c/0xb60 [ 27.430647] ? kasan_strings+0xa0c/0xb60 [ 27.431557] __asan_report_load1_noabort+0x18/0x20 [ 27.432237] kasan_strings+0xa0c/0xb60 [ 27.432904] ? __pfx_kasan_strings+0x10/0x10 [ 27.433603] ? __schedule+0xc70/0x27e0 [ 27.434328] ? __pfx_read_tsc+0x10/0x10 [ 27.435033] ? ktime_get_ts64+0x86/0x230 [ 27.435499] kunit_try_run_case+0x1b3/0x490 [ 27.436704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.437346] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.438078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.438647] ? __kthread_parkme+0x82/0x160 [ 27.439727] ? preempt_count_sub+0x50/0x80 [ 27.440063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.440788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.441581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.442200] kthread+0x257/0x310 [ 27.442951] ? __pfx_kthread+0x10/0x10 [ 27.443410] ret_from_fork+0x41/0x80 [ 27.444357] ? __pfx_kthread+0x10/0x10 [ 27.444789] ret_from_fork_asm+0x1a/0x30 [ 27.445691] </TASK> [ 27.446009] [ 27.446219] Allocated by task 266: [ 27.446604] kasan_save_stack+0x3d/0x60 [ 27.446962] kasan_save_track+0x18/0x40 [ 27.447475] kasan_save_alloc_info+0x3b/0x50 [ 27.448057] __kasan_kmalloc+0xb7/0xc0 [ 27.448638] __kmalloc_cache_noprof+0x184/0x410 [ 27.449251] kasan_strings+0xb9/0xb60 [ 27.449630] kunit_try_run_case+0x1b3/0x490 [ 27.450409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.450872] kthread+0x257/0x310 [ 27.451529] ret_from_fork+0x41/0x80 [ 27.452098] ret_from_fork_asm+0x1a/0x30 [ 27.452697] [ 27.452945] Freed by task 266: [ 27.453429] kasan_save_stack+0x3d/0x60 [ 27.453864] kasan_save_track+0x18/0x40 [ 27.454426] kasan_save_free_info+0x3f/0x60 [ 27.454892] __kasan_slab_free+0x56/0x70 [ 27.455552] kfree+0x123/0x3f0 [ 27.456210] kasan_strings+0x13c/0xb60 [ 27.456489] kunit_try_run_case+0x1b3/0x490 [ 27.457189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.457874] kthread+0x257/0x310 [ 27.458321] ret_from_fork+0x41/0x80 [ 27.458878] ret_from_fork_asm+0x1a/0x30 [ 27.459396] [ 27.459633] The buggy address belongs to the object at ffff888102964dc0 [ 27.459633] which belongs to the cache kmalloc-32 of size 32 [ 27.460852] The buggy address is located 16 bytes inside of [ 27.460852] freed 32-byte region [ffff888102964dc0, ffff888102964de0) [ 27.462019] [ 27.462368] The buggy address belongs to the physical page: [ 27.462932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102964 [ 27.463903] flags: 0x200000000000000(node=0|zone=2) [ 27.464336] page_type: f5(slab) [ 27.464723] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 27.465647] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 27.466489] page dumped because: kasan: bad access detected [ 27.467061] [ 27.467406] Memory state around the buggy address: [ 27.468023] ffff888102964c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.468819] ffff888102964d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.469447] >ffff888102964d80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.470223] ^ [ 27.470938] ffff888102964e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 27.471717] ffff888102964e80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 27.472475] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 27.225804] ================================================================== [ 27.227623] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x328/0x390 [ 27.228467] Read of size 1 at addr ffff888102b9fcaa by task kunit_try_catch/260 [ 27.229555] [ 27.229782] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.231231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.232029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.233206] Call Trace: [ 27.234195] <TASK> [ 27.235033] dump_stack_lvl+0x73/0xb0 [ 27.235662] print_report+0xd1/0x640 [ 27.236065] ? __virt_addr_valid+0x1db/0x2d0 [ 27.236817] ? kasan_addr_to_slab+0x11/0xa0 [ 27.237790] kasan_report+0x102/0x140 [ 27.238188] ? kasan_alloca_oob_right+0x328/0x390 [ 27.239463] ? kasan_alloca_oob_right+0x328/0x390 [ 27.240224] __asan_report_load1_noabort+0x18/0x20 [ 27.241582] kasan_alloca_oob_right+0x328/0x390 [ 27.242124] ? trace_raw_output_sched_switch+0xa0/0x250 [ 27.243273] ? __schedule+0xc70/0x27e0 [ 27.243735] ? trace_hardirqs_on+0x37/0xe0 [ 27.244484] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 27.245375] ? __schedule+0xc70/0x27e0 [ 27.245845] ? __pfx_read_tsc+0x10/0x10 [ 27.246560] ? ktime_get_ts64+0x86/0x230 [ 27.247370] kunit_try_run_case+0x1b3/0x490 [ 27.247988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.248881] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.249486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.250483] ? __kthread_parkme+0x82/0x160 [ 27.251599] ? preempt_count_sub+0x50/0x80 [ 27.252366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.252822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.253688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.254651] kthread+0x257/0x310 [ 27.255315] ? __pfx_kthread+0x10/0x10 [ 27.256162] ret_from_fork+0x41/0x80 [ 27.256648] ? __pfx_kthread+0x10/0x10 [ 27.257593] ret_from_fork_asm+0x1a/0x30 [ 27.258476] </TASK> [ 27.258721] [ 27.258866] The buggy address belongs to stack of task kunit_try_catch/260 [ 27.259737] [ 27.260446] The buggy address belongs to the physical page: [ 27.261528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9f [ 27.262305] flags: 0x200000000000000(node=0|zone=2) [ 27.263054] raw: 0200000000000000 ffffea00040ae7c8 ffffea00040ae7c8 0000000000000000 [ 27.264094] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.264746] page dumped because: kasan: bad access detected [ 27.265984] [ 27.266184] Memory state around the buggy address: [ 27.266688] ffff888102b9fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.268558] ffff888102b9fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.269486] >ffff888102b9fc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 27.270752] ^ [ 27.271167] ffff888102b9fd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 27.272012] ffff888102b9fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.273126] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 27.181886] ================================================================== [ 27.183060] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31f/0x380 [ 27.183752] Read of size 1 at addr ffff888102ba7c9f by task kunit_try_catch/258 [ 27.184581] [ 27.184816] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.186073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.186506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.187346] Call Trace: [ 27.187637] <TASK> [ 27.188564] dump_stack_lvl+0x73/0xb0 [ 27.189235] print_report+0xd1/0x640 [ 27.189704] ? __virt_addr_valid+0x1db/0x2d0 [ 27.190478] ? kasan_addr_to_slab+0x11/0xa0 [ 27.190909] kasan_report+0x102/0x140 [ 27.191266] ? kasan_alloca_oob_left+0x31f/0x380 [ 27.191715] ? kasan_alloca_oob_left+0x31f/0x380 [ 27.192201] __asan_report_load1_noabort+0x18/0x20 [ 27.193258] kasan_alloca_oob_left+0x31f/0x380 [ 27.193854] ? trace_raw_output_sched_switch+0xa0/0x250 [ 27.194534] ? __schedule+0xc70/0x27e0 [ 27.195119] ? trace_hardirqs_on+0x37/0xe0 [ 27.195724] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 27.196395] ? __schedule+0xc70/0x27e0 [ 27.197000] ? __pfx_read_tsc+0x10/0x10 [ 27.197575] ? ktime_get_ts64+0x86/0x230 [ 27.198508] kunit_try_run_case+0x1b3/0x490 [ 27.199046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.199613] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.200322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.200809] ? __kthread_parkme+0x82/0x160 [ 27.201637] ? preempt_count_sub+0x50/0x80 [ 27.202347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.202997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.203630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.204648] kthread+0x257/0x310 [ 27.205081] ? __pfx_kthread+0x10/0x10 [ 27.205673] ret_from_fork+0x41/0x80 [ 27.206353] ? __pfx_kthread+0x10/0x10 [ 27.206757] ret_from_fork_asm+0x1a/0x30 [ 27.207137] </TASK> [ 27.207481] [ 27.207717] The buggy address belongs to stack of task kunit_try_catch/258 [ 27.208277] [ 27.208645] The buggy address belongs to the physical page: [ 27.209704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ba7 [ 27.210627] flags: 0x200000000000000(node=0|zone=2) [ 27.211159] raw: 0200000000000000 ffffea00040ae9c8 ffffea00040ae9c8 0000000000000000 [ 27.211872] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.212632] page dumped because: kasan: bad access detected [ 27.213208] [ 27.213579] Memory state around the buggy address: [ 27.214613] ffff888102ba7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.215476] ffff888102ba7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.216366] >ffff888102ba7c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 27.216999] ^ [ 27.217426] ffff888102ba7d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 27.218524] ffff888102ba7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.219243] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 27.133145] ================================================================== [ 27.134570] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ae/0x300 [ 27.135178] Read of size 1 at addr ffff888102bb7d72 by task kunit_try_catch/256 [ 27.136886] [ 27.137075] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.138481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.139085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.139758] Call Trace: [ 27.140418] <TASK> [ 27.140735] dump_stack_lvl+0x73/0xb0 [ 27.141549] print_report+0xd1/0x640 [ 27.142540] ? __virt_addr_valid+0x1db/0x2d0 [ 27.143260] ? kasan_addr_to_slab+0x11/0xa0 [ 27.143715] kasan_report+0x102/0x140 [ 27.144525] ? kasan_stack_oob+0x2ae/0x300 [ 27.144953] ? kasan_stack_oob+0x2ae/0x300 [ 27.145391] __asan_report_load1_noabort+0x18/0x20 [ 27.145843] kasan_stack_oob+0x2ae/0x300 [ 27.146733] ? __pfx_kasan_stack_oob+0x10/0x10 [ 27.147375] ? finish_task_switch.isra.0+0x153/0x700 [ 27.148183] ? __switch_to+0x5d9/0xf60 [ 27.148600] ? __schedule+0xc70/0x27e0 [ 27.149404] ? __pfx_read_tsc+0x10/0x10 [ 27.149768] ? ktime_get_ts64+0x86/0x230 [ 27.150799] kunit_try_run_case+0x1b3/0x490 [ 27.151154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.151648] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.152981] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.153761] ? __kthread_parkme+0x82/0x160 [ 27.154201] ? preempt_count_sub+0x50/0x80 [ 27.154678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.155176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.155989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.156558] kthread+0x257/0x310 [ 27.157181] ? __pfx_kthread+0x10/0x10 [ 27.158066] ret_from_fork+0x41/0x80 [ 27.158419] ? __pfx_kthread+0x10/0x10 [ 27.158719] ret_from_fork_asm+0x1a/0x30 [ 27.159249] </TASK> [ 27.159966] [ 27.160249] The buggy address belongs to stack of task kunit_try_catch/256 [ 27.160941] and is located at offset 138 in frame: [ 27.161373] kasan_stack_oob+0x0/0x300 [ 27.162399] [ 27.162588] This frame has 4 objects: [ 27.163082] [48, 49) '__assertion' [ 27.163161] [64, 72) 'array' [ 27.163489] [96, 112) '__assertion' [ 27.164312] [128, 138) 'stack_array' [ 27.164668] [ 27.165352] The buggy address belongs to the physical page: [ 27.165982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bb7 [ 27.166388] flags: 0x200000000000000(node=0|zone=2) [ 27.166954] raw: 0200000000000000 ffffea00040aedc8 ffffea00040aedc8 0000000000000000 [ 27.167692] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 27.168535] page dumped because: kasan: bad access detected [ 27.169827] [ 27.169991] Memory state around the buggy address: [ 27.170624] ffff888102bb7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.171612] ffff888102bb7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.172546] >ffff888102bb7d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 27.173714] ^ [ 27.174256] ffff888102bb7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 27.175028] ffff888102bb7e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 27.175336] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 27.089699] ================================================================== [ 27.090866] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 27.091434] Read of size 1 at addr ffffffff9da0fbad by task kunit_try_catch/252 [ 27.092436] [ 27.092703] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.093764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.094147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.095113] Call Trace: [ 27.095764] <TASK> [ 27.096101] dump_stack_lvl+0x73/0xb0 [ 27.096647] print_report+0xd1/0x640 [ 27.097057] ? __virt_addr_valid+0x1db/0x2d0 [ 27.097449] ? kasan_addr_to_slab+0x11/0xa0 [ 27.098010] kasan_report+0x102/0x140 [ 27.098662] ? kasan_global_oob_right+0x288/0x2d0 [ 27.099550] ? kasan_global_oob_right+0x288/0x2d0 [ 27.100019] __asan_report_load1_noabort+0x18/0x20 [ 27.100445] kasan_global_oob_right+0x288/0x2d0 [ 27.101188] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 27.102023] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 27.102730] kunit_try_run_case+0x1b3/0x490 [ 27.103157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.103568] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.104262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.104681] ? __kthread_parkme+0x82/0x160 [ 27.105191] ? preempt_count_sub+0x50/0x80 [ 27.105519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.106232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.107191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.107668] kthread+0x257/0x310 [ 27.108392] ? __pfx_kthread+0x10/0x10 [ 27.108772] ret_from_fork+0x41/0x80 [ 27.109134] ? __pfx_kthread+0x10/0x10 [ 27.109735] ret_from_fork_asm+0x1a/0x30 [ 27.110175] </TASK> [ 27.110619] [ 27.110909] The buggy address belongs to the variable: [ 27.111481] global_array+0xd/0x40 [ 27.111987] [ 27.112591] The buggy address belongs to the physical page: [ 27.113157] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3620f [ 27.113749] flags: 0x100000000002000(reserved|node=0|zone=1) [ 27.114210] raw: 0100000000002000 ffffea0000d883c8 ffffea0000d883c8 0000000000000000 [ 27.115141] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.115673] page dumped because: kasan: bad access detected [ 27.116640] [ 27.116886] Memory state around the buggy address: [ 27.117444] ffffffff9da0fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.117883] ffffffff9da0fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.118540] >ffffffff9da0fb80: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 27.119378] ^ [ 27.119675] ffffffff9da0fc00: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 27.120084] ffffffff9da0fc80: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 27.121073] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 26.971548] ================================================================== [ 26.972820] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.973474] Free of addr ffff888102414b01 by task kunit_try_catch/248 [ 26.974391] [ 26.974823] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.975962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.976708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.977731] Call Trace: [ 26.978032] <TASK> [ 26.978330] dump_stack_lvl+0x73/0xb0 [ 26.978757] print_report+0xd1/0x640 [ 26.979155] ? __virt_addr_valid+0x1db/0x2d0 [ 26.980036] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.980842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.981595] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.982456] kasan_report_invalid_free+0xc0/0xf0 [ 26.983042] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.983891] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.984632] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.985457] check_slab_allocation+0x11f/0x130 [ 26.986052] __kasan_mempool_poison_object+0x91/0x1d0 [ 26.986937] mempool_free+0x2ec/0x380 [ 26.987619] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 26.988374] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 26.989085] ? finish_task_switch.isra.0+0x153/0x700 [ 26.990107] mempool_kmalloc_invalid_free+0xb1/0x100 [ 26.990915] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 26.991707] ? __switch_to+0x5d9/0xf60 [ 26.992380] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.993208] ? __pfx_mempool_kfree+0x10/0x10 [ 26.993851] ? __pfx_read_tsc+0x10/0x10 [ 26.994765] ? ktime_get_ts64+0x86/0x230 [ 26.995268] kunit_try_run_case+0x1b3/0x490 [ 26.996502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.997142] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.998031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.998862] ? __kthread_parkme+0x82/0x160 [ 26.999609] ? preempt_count_sub+0x50/0x80 [ 27.000482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.000923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.001702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.003306] kthread+0x257/0x310 [ 27.003683] ? __pfx_kthread+0x10/0x10 [ 27.004662] ret_from_fork+0x41/0x80 [ 27.005121] ? __pfx_kthread+0x10/0x10 [ 27.005740] ret_from_fork_asm+0x1a/0x30 [ 27.006968] </TASK> [ 27.007307] [ 27.007502] Allocated by task 248: [ 27.008089] kasan_save_stack+0x3d/0x60 [ 27.008676] kasan_save_track+0x18/0x40 [ 27.009601] kasan_save_alloc_info+0x3b/0x50 [ 27.009886] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 27.011067] remove_element+0x11e/0x190 [ 27.011701] mempool_alloc_preallocated+0x4d/0x90 [ 27.012904] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 27.013784] mempool_kmalloc_invalid_free+0xb1/0x100 [ 27.014990] kunit_try_run_case+0x1b3/0x490 [ 27.015749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.017070] kthread+0x257/0x310 [ 27.017481] ret_from_fork+0x41/0x80 [ 27.018099] ret_from_fork_asm+0x1a/0x30 [ 27.019015] [ 27.019367] The buggy address belongs to the object at ffff888102414b00 [ 27.019367] which belongs to the cache kmalloc-128 of size 128 [ 27.020512] The buggy address is located 1 bytes inside of [ 27.020512] 128-byte region [ffff888102414b00, ffff888102414b80) [ 27.021720] [ 27.021983] The buggy address belongs to the physical page: [ 27.022752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102414 [ 27.024008] flags: 0x200000000000000(node=0|zone=2) [ 27.024577] page_type: f5(slab) [ 27.025444] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.026701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.027552] page dumped because: kasan: bad access detected [ 27.027775] [ 27.028076] Memory state around the buggy address: [ 27.029420] ffff888102414a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.030711] ffff888102414a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.032202] >ffff888102414b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.033455] ^ [ 27.034424] ffff888102414b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.035169] ffff888102414c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.036106] ================================================================== [ 27.042651] ================================================================== [ 27.044791] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.045580] Free of addr ffff8881023b0001 by task kunit_try_catch/250 [ 27.046709] [ 27.047398] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 27.048158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.048411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.049454] Call Trace: [ 27.049747] <TASK> [ 27.050619] dump_stack_lvl+0x73/0xb0 [ 27.051117] print_report+0xd1/0x640 [ 27.051591] ? __virt_addr_valid+0x1db/0x2d0 [ 27.052588] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.053566] ? kasan_addr_to_slab+0x11/0xa0 [ 27.053960] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.054678] kasan_report_invalid_free+0xc0/0xf0 [ 27.055567] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.056455] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.057366] __kasan_mempool_poison_object+0x102/0x1d0 [ 27.057828] mempool_free+0x2ec/0x380 [ 27.058342] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 27.059060] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 27.059551] ? irqentry_exit+0x2a/0x60 [ 27.059958] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.060547] mempool_kmalloc_large_invalid_free+0xb1/0x100 [ 27.061097] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 27.061626] ? __pfx_mempool_kmalloc+0x10/0x10 [ 27.062133] ? __pfx_mempool_kfree+0x10/0x10 [ 27.062567] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 27.063116] kunit_try_run_case+0x1b3/0x490 [ 27.063614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.064134] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 27.064561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.065089] ? __kthread_parkme+0x82/0x160 [ 27.065596] ? preempt_count_sub+0x50/0x80 [ 27.066102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.066515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.067220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.067626] kthread+0x257/0x310 [ 27.068131] ? __pfx_kthread+0x10/0x10 [ 27.068554] ret_from_fork+0x41/0x80 [ 27.068873] ? __pfx_kthread+0x10/0x10 [ 27.069339] ret_from_fork_asm+0x1a/0x30 [ 27.069942] </TASK> [ 27.070216] [ 27.070426] The buggy address belongs to the physical page: [ 27.071047] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b0 [ 27.071825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 27.072498] flags: 0x200000000000040(head|node=0|zone=2) [ 27.072942] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.073843] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.074404] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 27.075158] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 27.076067] head: 0200000000000002 ffffea000408ec01 ffffffffffffffff 0000000000000000 [ 27.076719] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 27.077310] page dumped because: kasan: bad access detected [ 27.077922] [ 27.078154] Memory state around the buggy address: [ 27.078576] ffff8881023aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.079165] ffff8881023aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 27.079944] >ffff8881023b0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.080605] ^ [ 27.080942] ffff8881023b0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.081504] ffff8881023b0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.082218] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 26.779110] ================================================================== [ 26.781247] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 26.782313] Free of addr ffff888102960f00 by task kunit_try_catch/242 [ 26.783672] [ 26.783849] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.785972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.786759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.787784] Call Trace: [ 26.787998] <TASK> [ 26.788459] dump_stack_lvl+0x73/0xb0 [ 26.789270] print_report+0xd1/0x640 [ 26.790014] ? __virt_addr_valid+0x1db/0x2d0 [ 26.790412] ? mempool_double_free_helper+0x185/0x370 [ 26.791137] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.792111] ? mempool_double_free_helper+0x185/0x370 [ 26.792797] kasan_report_invalid_free+0xc0/0xf0 [ 26.793624] ? mempool_double_free_helper+0x185/0x370 [ 26.794447] ? mempool_double_free_helper+0x185/0x370 [ 26.794947] ? mempool_double_free_helper+0x185/0x370 [ 26.795652] check_slab_allocation+0x101/0x130 [ 26.796361] __kasan_mempool_poison_object+0x91/0x1d0 [ 26.797080] mempool_free+0x2ec/0x380 [ 26.797590] mempool_double_free_helper+0x185/0x370 [ 26.798204] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.798975] mempool_kmalloc_double_free+0xb1/0x100 [ 26.799970] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 26.800638] ? __switch_to+0x5d9/0xf60 [ 26.801093] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.801807] ? __pfx_mempool_kfree+0x10/0x10 [ 26.802474] ? __pfx_read_tsc+0x10/0x10 [ 26.803007] ? ktime_get_ts64+0x86/0x230 [ 26.803772] kunit_try_run_case+0x1b3/0x490 [ 26.804536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.805154] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.805744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.806480] ? __kthread_parkme+0x82/0x160 [ 26.806858] ? preempt_count_sub+0x50/0x80 [ 26.807241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.807735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.808762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.809671] kthread+0x257/0x310 [ 26.810060] ? __pfx_kthread+0x10/0x10 [ 26.810464] ret_from_fork+0x41/0x80 [ 26.811114] ? __pfx_kthread+0x10/0x10 [ 26.811509] ret_from_fork_asm+0x1a/0x30 [ 26.812098] </TASK> [ 26.812973] [ 26.813175] Allocated by task 242: [ 26.813760] kasan_save_stack+0x3d/0x60 [ 26.814262] kasan_save_track+0x18/0x40 [ 26.814720] kasan_save_alloc_info+0x3b/0x50 [ 26.815667] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.816894] remove_element+0x11e/0x190 [ 26.817421] mempool_alloc_preallocated+0x4d/0x90 [ 26.818078] mempool_double_free_helper+0x8b/0x370 [ 26.818647] mempool_kmalloc_double_free+0xb1/0x100 [ 26.819062] kunit_try_run_case+0x1b3/0x490 [ 26.820018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.821550] kthread+0x257/0x310 [ 26.821954] ret_from_fork+0x41/0x80 [ 26.822327] ret_from_fork_asm+0x1a/0x30 [ 26.822936] [ 26.823323] Freed by task 242: [ 26.823589] kasan_save_stack+0x3d/0x60 [ 26.824083] kasan_save_track+0x18/0x40 [ 26.824482] kasan_save_free_info+0x3f/0x60 [ 26.825826] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.826698] mempool_free+0x2ec/0x380 [ 26.827342] mempool_double_free_helper+0x10a/0x370 [ 26.828158] mempool_kmalloc_double_free+0xb1/0x100 [ 26.829049] kunit_try_run_case+0x1b3/0x490 [ 26.829604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.830776] kthread+0x257/0x310 [ 26.831471] ret_from_fork+0x41/0x80 [ 26.832052] ret_from_fork_asm+0x1a/0x30 [ 26.832640] [ 26.833026] The buggy address belongs to the object at ffff888102960f00 [ 26.833026] which belongs to the cache kmalloc-128 of size 128 [ 26.835216] The buggy address is located 0 bytes inside of [ 26.835216] 128-byte region [ffff888102960f00, ffff888102960f80) [ 26.836141] [ 26.836582] The buggy address belongs to the physical page: [ 26.837059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102960 [ 26.837989] flags: 0x200000000000000(node=0|zone=2) [ 26.839031] page_type: f5(slab) [ 26.839580] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.840235] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 26.841403] page dumped because: kasan: bad access detected [ 26.841841] [ 26.842000] Memory state around the buggy address: [ 26.842706] ffff888102960e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.843977] ffff888102960e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.844384] >ffff888102960f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.845967] ^ [ 26.846540] ffff888102960f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.847269] ffff888102961000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.848278] ================================================================== [ 26.914851] ================================================================== [ 26.916079] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 26.917157] Free of addr ffff888102b40000 by task kunit_try_catch/246 [ 26.917680] [ 26.918058] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.920194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.920950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.922235] Call Trace: [ 26.922679] <TASK> [ 26.923726] dump_stack_lvl+0x73/0xb0 [ 26.924888] print_report+0xd1/0x640 [ 26.925271] ? __virt_addr_valid+0x1db/0x2d0 [ 26.926163] ? mempool_double_free_helper+0x185/0x370 [ 26.927825] ? kasan_addr_to_slab+0x11/0xa0 [ 26.928303] ? mempool_double_free_helper+0x185/0x370 [ 26.929382] kasan_report_invalid_free+0xc0/0xf0 [ 26.930012] ? mempool_double_free_helper+0x185/0x370 [ 26.931329] ? mempool_double_free_helper+0x185/0x370 [ 26.931811] __kasan_mempool_poison_pages+0x115/0x130 [ 26.932224] mempool_free+0x290/0x380 [ 26.932768] mempool_double_free_helper+0x185/0x370 [ 26.933490] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.934049] ? finish_task_switch.isra.0+0x153/0x700 [ 26.934652] mempool_page_alloc_double_free+0xac/0x100 [ 26.935393] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 26.936251] ? __switch_to+0x5d9/0xf60 [ 26.936928] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 26.937870] ? __pfx_mempool_free_pages+0x10/0x10 [ 26.938827] ? __pfx_read_tsc+0x10/0x10 [ 26.939261] ? ktime_get_ts64+0x86/0x230 [ 26.940038] kunit_try_run_case+0x1b3/0x490 [ 26.941064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.942045] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.942695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.943685] ? __kthread_parkme+0x82/0x160 [ 26.944503] ? preempt_count_sub+0x50/0x80 [ 26.945503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.945796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.947373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.948357] kthread+0x257/0x310 [ 26.948741] ? __pfx_kthread+0x10/0x10 [ 26.949525] ret_from_fork+0x41/0x80 [ 26.952426] ? __pfx_kthread+0x10/0x10 [ 26.953252] ret_from_fork_asm+0x1a/0x30 [ 26.953982] </TASK> [ 26.954350] [ 26.954839] The buggy address belongs to the physical page: [ 26.955730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 26.956867] flags: 0x200000000000000(node=0|zone=2) [ 26.957457] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.958269] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.958935] page dumped because: kasan: bad access detected [ 26.959230] [ 26.959400] Memory state around the buggy address: [ 26.960391] ffff888102b3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.961456] ffff888102b3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.962184] >ffff888102b40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.962836] ^ [ 26.963173] ffff888102b40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.963766] ffff888102b40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.964258] ================================================================== [ 26.855015] ================================================================== [ 26.856706] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 26.857413] Free of addr ffff888102b40000 by task kunit_try_catch/244 [ 26.857923] [ 26.858106] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.858970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.859506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.860271] Call Trace: [ 26.860943] <TASK> [ 26.861488] dump_stack_lvl+0x73/0xb0 [ 26.862017] print_report+0xd1/0x640 [ 26.862533] ? __virt_addr_valid+0x1db/0x2d0 [ 26.862996] ? mempool_double_free_helper+0x185/0x370 [ 26.863637] ? kasan_addr_to_slab+0x11/0xa0 [ 26.864032] ? mempool_double_free_helper+0x185/0x370 [ 26.864898] kasan_report_invalid_free+0xc0/0xf0 [ 26.865772] ? mempool_double_free_helper+0x185/0x370 [ 26.866486] ? mempool_double_free_helper+0x185/0x370 [ 26.867066] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 26.867715] mempool_free+0x2ec/0x380 [ 26.868694] mempool_double_free_helper+0x185/0x370 [ 26.869254] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.869920] ? finish_task_switch.isra.0+0x153/0x700 [ 26.870438] mempool_kmalloc_large_double_free+0xb1/0x100 [ 26.870892] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 26.872029] ? __switch_to+0x5d9/0xf60 [ 26.872660] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.873113] ? __pfx_mempool_kfree+0x10/0x10 [ 26.873742] ? __pfx_read_tsc+0x10/0x10 [ 26.874089] ? ktime_get_ts64+0x86/0x230 [ 26.874637] kunit_try_run_case+0x1b3/0x490 [ 26.875113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.876020] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.877168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.878482] ? __kthread_parkme+0x82/0x160 [ 26.879327] ? preempt_count_sub+0x50/0x80 [ 26.880408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.881136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.881871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.882766] kthread+0x257/0x310 [ 26.883832] ? __pfx_kthread+0x10/0x10 [ 26.884223] ret_from_fork+0x41/0x80 [ 26.884770] ? __pfx_kthread+0x10/0x10 [ 26.885669] ret_from_fork_asm+0x1a/0x30 [ 26.886186] </TASK> [ 26.887077] [ 26.887848] The buggy address belongs to the physical page: [ 26.888500] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 26.889416] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.890582] flags: 0x200000000000040(head|node=0|zone=2) [ 26.891033] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.892750] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.893896] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.894551] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.896043] head: 0200000000000002 ffffea00040ad001 ffffffffffffffff 0000000000000000 [ 26.896625] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.897807] page dumped because: kasan: bad access detected [ 26.898472] [ 26.898740] Memory state around the buggy address: [ 26.899910] ffff888102b3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.900445] ffff888102b3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.900889] >ffff888102b40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.901912] ^ [ 26.902190] ffff888102b40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.903347] ffff888102b40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.904068] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 26.589866] ================================================================== [ 26.591079] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.591865] Read of size 1 at addr ffff8881023ac000 by task kunit_try_catch/236 [ 26.592645] [ 26.593070] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.593923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.594426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.595268] Call Trace: [ 26.595507] <TASK> [ 26.595829] dump_stack_lvl+0x73/0xb0 [ 26.596350] print_report+0xd1/0x640 [ 26.597170] ? __virt_addr_valid+0x1db/0x2d0 [ 26.598045] ? kasan_addr_to_slab+0x11/0xa0 [ 26.598634] kasan_report+0x102/0x140 [ 26.599259] ? mempool_uaf_helper+0x394/0x400 [ 26.599730] ? mempool_uaf_helper+0x394/0x400 [ 26.600564] __asan_report_load1_noabort+0x18/0x20 [ 26.601433] mempool_uaf_helper+0x394/0x400 [ 26.602080] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.602597] ? finish_task_switch.isra.0+0x153/0x700 [ 26.603692] mempool_kmalloc_large_uaf+0xb3/0x100 [ 26.604423] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 26.605304] ? __switch_to+0x5d9/0xf60 [ 26.605580] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.606483] ? __pfx_mempool_kfree+0x10/0x10 [ 26.607075] ? __pfx_read_tsc+0x10/0x10 [ 26.607649] ? ktime_get_ts64+0x86/0x230 [ 26.608252] kunit_try_run_case+0x1b3/0x490 [ 26.608665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.609486] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.609882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.610529] ? __kthread_parkme+0x82/0x160 [ 26.611085] ? preempt_count_sub+0x50/0x80 [ 26.611523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.612497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.613153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.613699] kthread+0x257/0x310 [ 26.614887] ? __pfx_kthread+0x10/0x10 [ 26.615238] ret_from_fork+0x41/0x80 [ 26.615855] ? __pfx_kthread+0x10/0x10 [ 26.616424] ret_from_fork_asm+0x1a/0x30 [ 26.616917] </TASK> [ 26.617156] [ 26.617406] The buggy address belongs to the physical page: [ 26.618400] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023ac [ 26.619425] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.620197] flags: 0x200000000000040(head|node=0|zone=2) [ 26.620844] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.622040] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.623087] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.624155] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.625220] head: 0200000000000002 ffffea000408eb01 ffffffffffffffff 0000000000000000 [ 26.626241] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.626969] page dumped because: kasan: bad access detected [ 26.627724] [ 26.628084] Memory state around the buggy address: [ 26.628535] ffff8881023abf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.629517] ffff8881023abf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.630185] >ffff8881023ac000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.631068] ^ [ 26.631572] ffff8881023ac080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.632332] ffff8881023ac100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.633600] ================================================================== [ 26.727088] ================================================================== [ 26.728007] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.728997] Read of size 1 at addr ffff888102b3c000 by task kunit_try_catch/240 [ 26.730051] [ 26.730634] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.732224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.732764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.734129] Call Trace: [ 26.734671] <TASK> [ 26.734889] dump_stack_lvl+0x73/0xb0 [ 26.735753] print_report+0xd1/0x640 [ 26.736642] ? __virt_addr_valid+0x1db/0x2d0 [ 26.737062] ? kasan_addr_to_slab+0x11/0xa0 [ 26.737750] kasan_report+0x102/0x140 [ 26.738165] ? mempool_uaf_helper+0x394/0x400 [ 26.739418] ? mempool_uaf_helper+0x394/0x400 [ 26.740126] __asan_report_load1_noabort+0x18/0x20 [ 26.741046] mempool_uaf_helper+0x394/0x400 [ 26.741848] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.742579] ? finish_task_switch.isra.0+0x153/0x700 [ 26.743512] mempool_page_alloc_uaf+0xb1/0x100 [ 26.744143] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 26.745126] ? __switch_to+0x5d9/0xf60 [ 26.745804] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 26.746536] ? __pfx_mempool_free_pages+0x10/0x10 [ 26.747318] ? __pfx_read_tsc+0x10/0x10 [ 26.748097] ? ktime_get_ts64+0x86/0x230 [ 26.748765] kunit_try_run_case+0x1b3/0x490 [ 26.749548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.750204] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.750740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.752036] ? __kthread_parkme+0x82/0x160 [ 26.752881] ? preempt_count_sub+0x50/0x80 [ 26.753240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.753898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.754326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.755009] kthread+0x257/0x310 [ 26.755311] ? __pfx_kthread+0x10/0x10 [ 26.755999] ret_from_fork+0x41/0x80 [ 26.756779] ? __pfx_kthread+0x10/0x10 [ 26.757680] ret_from_fork_asm+0x1a/0x30 [ 26.758124] </TASK> [ 26.758887] [ 26.759193] The buggy address belongs to the physical page: [ 26.760141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 26.761224] flags: 0x200000000000000(node=0|zone=2) [ 26.762138] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.763134] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.764351] page dumped because: kasan: bad access detected [ 26.765055] [ 26.765321] Memory state around the buggy address: [ 26.766359] ffff888102b3bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.767435] ffff888102b3bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.768066] >ffff888102b3c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.769078] ^ [ 26.769342] ffff888102b3c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.770608] ffff888102b3c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.771407] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 26.641571] ================================================================== [ 26.642745] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.644229] Read of size 1 at addr ffff888102417240 by task kunit_try_catch/238 [ 26.645900] [ 26.646387] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.648024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.648540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.649363] Call Trace: [ 26.650493] <TASK> [ 26.650756] dump_stack_lvl+0x73/0xb0 [ 26.651606] print_report+0xd1/0x640 [ 26.652677] ? __virt_addr_valid+0x1db/0x2d0 [ 26.653433] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.654869] kasan_report+0x102/0x140 [ 26.655225] ? mempool_uaf_helper+0x394/0x400 [ 26.656183] ? mempool_uaf_helper+0x394/0x400 [ 26.656969] __asan_report_load1_noabort+0x18/0x20 [ 26.658178] mempool_uaf_helper+0x394/0x400 [ 26.658705] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.659493] ? finish_task_switch.isra.0+0x153/0x700 [ 26.661035] mempool_slab_uaf+0xae/0x100 [ 26.661565] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 26.662404] ? __switch_to+0x5d9/0xf60 [ 26.662770] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 26.663313] ? __pfx_mempool_free_slab+0x10/0x10 [ 26.663761] ? __pfx_read_tsc+0x10/0x10 [ 26.664211] ? ktime_get_ts64+0x86/0x230 [ 26.665230] kunit_try_run_case+0x1b3/0x490 [ 26.666364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.667130] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.667942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.668561] ? __kthread_parkme+0x82/0x160 [ 26.669547] ? preempt_count_sub+0x50/0x80 [ 26.670008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.670640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.671620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.672575] kthread+0x257/0x310 [ 26.672924] ? __pfx_kthread+0x10/0x10 [ 26.673337] ret_from_fork+0x41/0x80 [ 26.673691] ? __pfx_kthread+0x10/0x10 [ 26.674386] ret_from_fork_asm+0x1a/0x30 [ 26.674800] </TASK> [ 26.675062] [ 26.675425] Allocated by task 238: [ 26.675715] kasan_save_stack+0x3d/0x60 [ 26.676184] kasan_save_track+0x18/0x40 [ 26.676636] kasan_save_alloc_info+0x3b/0x50 [ 26.677246] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 26.677942] remove_element+0x11e/0x190 [ 26.678831] mempool_alloc_preallocated+0x4d/0x90 [ 26.679341] mempool_uaf_helper+0x97/0x400 [ 26.679909] mempool_slab_uaf+0xae/0x100 [ 26.680902] kunit_try_run_case+0x1b3/0x490 [ 26.681601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.682395] kthread+0x257/0x310 [ 26.683021] ret_from_fork+0x41/0x80 [ 26.684028] ret_from_fork_asm+0x1a/0x30 [ 26.684833] [ 26.685336] Freed by task 238: [ 26.685942] kasan_save_stack+0x3d/0x60 [ 26.687020] kasan_save_track+0x18/0x40 [ 26.687394] kasan_save_free_info+0x3f/0x60 [ 26.688022] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.688633] mempool_free+0x2ec/0x380 [ 26.689063] mempool_uaf_helper+0x11b/0x400 [ 26.690576] mempool_slab_uaf+0xae/0x100 [ 26.690828] kunit_try_run_case+0x1b3/0x490 [ 26.691807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.692527] kthread+0x257/0x310 [ 26.692787] ret_from_fork+0x41/0x80 [ 26.693128] ret_from_fork_asm+0x1a/0x30 [ 26.694004] [ 26.694445] The buggy address belongs to the object at ffff888102417240 [ 26.694445] which belongs to the cache test_cache of size 123 [ 26.696106] The buggy address is located 0 bytes inside of [ 26.696106] freed 123-byte region [ffff888102417240, ffff8881024172bb) [ 26.698844] [ 26.699153] The buggy address belongs to the physical page: [ 26.700163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102417 [ 26.701835] flags: 0x200000000000000(node=0|zone=2) [ 26.702456] page_type: f5(slab) [ 26.702715] raw: 0200000000000000 ffff888102415000 dead000000000122 0000000000000000 [ 26.703354] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.703955] page dumped because: kasan: bad access detected [ 26.704646] [ 26.705424] Memory state around the buggy address: [ 26.706681] ffff888102417100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.707781] ffff888102417180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.708736] >ffff888102417200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 26.710900] ^ [ 26.711620] ffff888102417280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.712500] ffff888102417300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.714098] ================================================================== [ 26.516122] ================================================================== [ 26.517141] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 26.517587] Read of size 1 at addr ffff888102414100 by task kunit_try_catch/234 [ 26.518962] [ 26.519156] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.520761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.521249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.522092] Call Trace: [ 26.522518] <TASK> [ 26.522870] dump_stack_lvl+0x73/0xb0 [ 26.523237] print_report+0xd1/0x640 [ 26.523583] ? __virt_addr_valid+0x1db/0x2d0 [ 26.524257] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.525012] kasan_report+0x102/0x140 [ 26.525803] ? mempool_uaf_helper+0x394/0x400 [ 26.526716] ? mempool_uaf_helper+0x394/0x400 [ 26.527408] __asan_report_load1_noabort+0x18/0x20 [ 26.528066] mempool_uaf_helper+0x394/0x400 [ 26.528765] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.529537] ? finish_task_switch.isra.0+0x153/0x700 [ 26.530739] mempool_kmalloc_uaf+0xb3/0x100 [ 26.531448] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 26.531847] ? __switch_to+0x5d9/0xf60 [ 26.532580] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.532942] ? __pfx_mempool_kfree+0x10/0x10 [ 26.533715] ? __pfx_read_tsc+0x10/0x10 [ 26.534682] ? ktime_get_ts64+0x86/0x230 [ 26.535324] kunit_try_run_case+0x1b3/0x490 [ 26.536072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.536815] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.537613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.538427] ? __kthread_parkme+0x82/0x160 [ 26.539087] ? preempt_count_sub+0x50/0x80 [ 26.540231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.540722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.542262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.543009] kthread+0x257/0x310 [ 26.543329] ? __pfx_kthread+0x10/0x10 [ 26.543840] ret_from_fork+0x41/0x80 [ 26.544339] ? __pfx_kthread+0x10/0x10 [ 26.544645] ret_from_fork_asm+0x1a/0x30 [ 26.545534] </TASK> [ 26.546373] [ 26.546583] Allocated by task 234: [ 26.546879] kasan_save_stack+0x3d/0x60 [ 26.547604] kasan_save_track+0x18/0x40 [ 26.548030] kasan_save_alloc_info+0x3b/0x50 [ 26.549022] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.549655] remove_element+0x11e/0x190 [ 26.550367] mempool_alloc_preallocated+0x4d/0x90 [ 26.552004] mempool_uaf_helper+0x97/0x400 [ 26.552903] mempool_kmalloc_uaf+0xb3/0x100 [ 26.553945] kunit_try_run_case+0x1b3/0x490 [ 26.555152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.555786] kthread+0x257/0x310 [ 26.556553] ret_from_fork+0x41/0x80 [ 26.557363] ret_from_fork_asm+0x1a/0x30 [ 26.557736] [ 26.558443] Freed by task 234: [ 26.558766] kasan_save_stack+0x3d/0x60 [ 26.559205] kasan_save_track+0x18/0x40 [ 26.559488] kasan_save_free_info+0x3f/0x60 [ 26.560720] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.561374] mempool_free+0x2ec/0x380 [ 26.562200] mempool_uaf_helper+0x11b/0x400 [ 26.562688] mempool_kmalloc_uaf+0xb3/0x100 [ 26.563458] kunit_try_run_case+0x1b3/0x490 [ 26.563781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.564915] kthread+0x257/0x310 [ 26.565242] ret_from_fork+0x41/0x80 [ 26.566131] ret_from_fork_asm+0x1a/0x30 [ 26.566750] [ 26.566955] The buggy address belongs to the object at ffff888102414100 [ 26.566955] which belongs to the cache kmalloc-128 of size 128 [ 26.568864] The buggy address is located 0 bytes inside of [ 26.568864] freed 128-byte region [ffff888102414100, ffff888102414180) [ 26.570149] [ 26.570358] The buggy address belongs to the physical page: [ 26.571643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102414 [ 26.572098] flags: 0x200000000000000(node=0|zone=2) [ 26.572423] page_type: f5(slab) [ 26.573491] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.574253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.575607] page dumped because: kasan: bad access detected [ 26.576945] [ 26.577094] Memory state around the buggy address: [ 26.578149] ffff888102414000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.579005] ffff888102414080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.579559] >ffff888102414100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.580389] ^ [ 26.580719] ffff888102414180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.581687] ffff888102414200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.582339] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 26.446628] ================================================================== [ 26.447970] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 26.449820] Read of size 1 at addr ffff8881029672bb by task kunit_try_catch/232 [ 26.450860] [ 26.451426] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.452497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.452876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.453632] Call Trace: [ 26.453932] <TASK> [ 26.454197] dump_stack_lvl+0x73/0xb0 [ 26.455504] print_report+0xd1/0x640 [ 26.455923] ? __virt_addr_valid+0x1db/0x2d0 [ 26.456357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.456929] kasan_report+0x102/0x140 [ 26.457480] ? mempool_oob_right_helper+0x31a/0x380 [ 26.457990] ? mempool_oob_right_helper+0x31a/0x380 [ 26.458610] __asan_report_load1_noabort+0x18/0x20 [ 26.459382] mempool_oob_right_helper+0x31a/0x380 [ 26.460333] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.461286] ? finish_task_switch.isra.0+0x153/0x700 [ 26.462585] mempool_slab_oob_right+0xb1/0x100 [ 26.463482] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 26.464332] ? __switch_to+0x5d9/0xf60 [ 26.464733] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 26.465207] ? __pfx_mempool_free_slab+0x10/0x10 [ 26.465677] ? __pfx_read_tsc+0x10/0x10 [ 26.466060] ? ktime_get_ts64+0x86/0x230 [ 26.466669] kunit_try_run_case+0x1b3/0x490 [ 26.467041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.468261] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.469161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.469824] ? __kthread_parkme+0x82/0x160 [ 26.470167] ? preempt_count_sub+0x50/0x80 [ 26.470885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.471953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.473183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.474033] kthread+0x257/0x310 [ 26.474454] ? __pfx_kthread+0x10/0x10 [ 26.475334] ret_from_fork+0x41/0x80 [ 26.476561] ? __pfx_kthread+0x10/0x10 [ 26.477112] ret_from_fork_asm+0x1a/0x30 [ 26.478181] </TASK> [ 26.478677] [ 26.479651] Allocated by task 232: [ 26.480837] kasan_save_stack+0x3d/0x60 [ 26.481402] kasan_save_track+0x18/0x40 [ 26.481988] kasan_save_alloc_info+0x3b/0x50 [ 26.482773] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 26.484108] remove_element+0x11e/0x190 [ 26.485375] mempool_alloc_preallocated+0x4d/0x90 [ 26.485852] mempool_oob_right_helper+0x8b/0x380 [ 26.486728] mempool_slab_oob_right+0xb1/0x100 [ 26.487354] kunit_try_run_case+0x1b3/0x490 [ 26.487956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.488442] kthread+0x257/0x310 [ 26.488906] ret_from_fork+0x41/0x80 [ 26.489976] ret_from_fork_asm+0x1a/0x30 [ 26.490414] [ 26.490586] The buggy address belongs to the object at ffff888102967240 [ 26.490586] which belongs to the cache test_cache of size 123 [ 26.491839] The buggy address is located 0 bytes to the right of [ 26.491839] allocated 123-byte region [ffff888102967240, ffff8881029672bb) [ 26.493524] [ 26.493870] The buggy address belongs to the physical page: [ 26.494514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102967 [ 26.495342] flags: 0x200000000000000(node=0|zone=2) [ 26.496380] page_type: f5(slab) [ 26.496761] raw: 0200000000000000 ffff888101a8e8c0 dead000000000122 0000000000000000 [ 26.497750] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.498791] page dumped because: kasan: bad access detected [ 26.499158] [ 26.499518] Memory state around the buggy address: [ 26.500873] ffff888102967180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.501546] ffff888102967200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 26.502603] >ffff888102967280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 26.503505] ^ [ 26.504057] ffff888102967300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.505223] ffff888102967380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.505978] ================================================================== [ 26.317124] ================================================================== [ 26.318014] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 26.318662] Read of size 1 at addr ffff888102960373 by task kunit_try_catch/228 [ 26.320015] [ 26.320565] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.321593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.322061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.323117] Call Trace: [ 26.323831] <TASK> [ 26.324469] dump_stack_lvl+0x73/0xb0 [ 26.325239] print_report+0xd1/0x640 [ 26.326119] ? __virt_addr_valid+0x1db/0x2d0 [ 26.326786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.327532] kasan_report+0x102/0x140 [ 26.327730] ? mempool_oob_right_helper+0x31a/0x380 [ 26.328593] ? mempool_oob_right_helper+0x31a/0x380 [ 26.329929] __asan_report_load1_noabort+0x18/0x20 [ 26.330851] mempool_oob_right_helper+0x31a/0x380 [ 26.331110] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.331505] ? finish_task_switch.isra.0+0x153/0x700 [ 26.331769] mempool_kmalloc_oob_right+0xb6/0x100 [ 26.332902] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 26.333962] ? __switch_to+0x5d9/0xf60 [ 26.334927] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.335744] ? __pfx_mempool_kfree+0x10/0x10 [ 26.336251] ? __pfx_read_tsc+0x10/0x10 [ 26.336661] ? ktime_get_ts64+0x86/0x230 [ 26.337068] kunit_try_run_case+0x1b3/0x490 [ 26.338044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.338938] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.339847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.340730] ? __kthread_parkme+0x82/0x160 [ 26.341620] ? preempt_count_sub+0x50/0x80 [ 26.342069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.343131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.343844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.344786] kthread+0x257/0x310 [ 26.345703] ? __pfx_kthread+0x10/0x10 [ 26.346254] ret_from_fork+0x41/0x80 [ 26.347490] ? __pfx_kthread+0x10/0x10 [ 26.347861] ret_from_fork_asm+0x1a/0x30 [ 26.349036] </TASK> [ 26.349268] [ 26.349432] Allocated by task 228: [ 26.349851] kasan_save_stack+0x3d/0x60 [ 26.350824] kasan_save_track+0x18/0x40 [ 26.351472] kasan_save_alloc_info+0x3b/0x50 [ 26.352379] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.352809] remove_element+0x11e/0x190 [ 26.353385] mempool_alloc_preallocated+0x4d/0x90 [ 26.353798] mempool_oob_right_helper+0x8b/0x380 [ 26.354791] mempool_kmalloc_oob_right+0xb6/0x100 [ 26.355725] kunit_try_run_case+0x1b3/0x490 [ 26.356321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.357232] kthread+0x257/0x310 [ 26.357740] ret_from_fork+0x41/0x80 [ 26.358411] ret_from_fork_asm+0x1a/0x30 [ 26.358795] [ 26.359040] The buggy address belongs to the object at ffff888102960300 [ 26.359040] which belongs to the cache kmalloc-128 of size 128 [ 26.360464] The buggy address is located 0 bytes to the right of [ 26.360464] allocated 115-byte region [ffff888102960300, ffff888102960373) [ 26.362491] [ 26.362679] The buggy address belongs to the physical page: [ 26.363516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102960 [ 26.364502] flags: 0x200000000000000(node=0|zone=2) [ 26.365190] page_type: f5(slab) [ 26.365542] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.366964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.367500] page dumped because: kasan: bad access detected [ 26.368600] [ 26.368790] Memory state around the buggy address: [ 26.369207] ffff888102960200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.370399] ffff888102960280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.371625] >ffff888102960300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.372612] ^ [ 26.373470] ffff888102960380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.374409] ffff888102960400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.374968] ================================================================== [ 26.381826] ================================================================== [ 26.383629] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 26.384631] Read of size 1 at addr ffff8881023ae001 by task kunit_try_catch/230 [ 26.385515] [ 26.385724] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 26.386653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.387064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.389644] Call Trace: [ 26.390223] <TASK> [ 26.391085] dump_stack_lvl+0x73/0xb0 [ 26.392112] print_report+0xd1/0x640 [ 26.392818] ? __virt_addr_valid+0x1db/0x2d0 [ 26.393749] ? kasan_addr_to_slab+0x11/0xa0 [ 26.394189] kasan_report+0x102/0x140 [ 26.395155] ? mempool_oob_right_helper+0x31a/0x380 [ 26.396150] ? mempool_oob_right_helper+0x31a/0x380 [ 26.397159] __asan_report_load1_noabort+0x18/0x20 [ 26.398055] mempool_oob_right_helper+0x31a/0x380 [ 26.398434] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.398705] ? finish_task_switch.isra.0+0x153/0x700 [ 26.399867] mempool_kmalloc_large_oob_right+0xb6/0x100 [ 26.401178] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 26.401736] ? __switch_to+0x5d9/0xf60 [ 26.403233] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.404024] ? __pfx_mempool_kfree+0x10/0x10 [ 26.404714] ? __pfx_read_tsc+0x10/0x10 [ 26.405648] ? ktime_get_ts64+0x86/0x230 [ 26.406705] kunit_try_run_case+0x1b3/0x490 [ 26.407172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.408244] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 26.409030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.409476] ? __kthread_parkme+0x82/0x160 [ 26.410524] ? preempt_count_sub+0x50/0x80 [ 26.411629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.412447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.413641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.414163] kthread+0x257/0x310 [ 26.414715] ? __pfx_kthread+0x10/0x10 [ 26.415601] ret_from_fork+0x41/0x80 [ 26.415961] ? __pfx_kthread+0x10/0x10 [ 26.416784] ret_from_fork_asm+0x1a/0x30 [ 26.418224] </TASK> [ 26.418598] [ 26.418836] The buggy address belongs to the physical page: [ 26.420366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023ac [ 26.421750] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.422848] flags: 0x200000000000040(head|node=0|zone=2) [ 26.424379] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.425991] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.426770] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.428005] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.430260] head: 0200000000000002 ffffea000408eb01 ffffffffffffffff 0000000000000000 [ 26.430690] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 26.431999] page dumped because: kasan: bad access detected [ 26.432834] [ 26.433036] Memory state around the buggy address: [ 26.434054] ffff8881023adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.435152] ffff8881023adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.435763] >ffff8881023ae000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.436518] ^ [ 26.436877] ffff8881023ae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.437918] ffff8881023ae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.438614] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 25.714479] ================================================================== [ 25.715557] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 25.716340] Read of size 1 at addr ffff888101012dc0 by task kunit_try_catch/222 [ 25.716745] [ 25.716936] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.717931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.718406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.719251] Call Trace: [ 25.719637] <TASK> [ 25.720040] dump_stack_lvl+0x73/0xb0 [ 25.720542] print_report+0xd1/0x640 [ 25.721170] ? __virt_addr_valid+0x1db/0x2d0 [ 25.721598] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.722276] kasan_report+0x102/0x140 [ 25.722773] ? kmem_cache_double_destroy+0x1bd/0x380 [ 25.723374] ? kmem_cache_double_destroy+0x1bd/0x380 [ 25.723897] ? kmem_cache_double_destroy+0x1bd/0x380 [ 25.724562] __kasan_check_byte+0x3d/0x50 [ 25.725046] kmem_cache_destroy+0x25/0x1d0 [ 25.725392] kmem_cache_double_destroy+0x1bd/0x380 [ 25.726227] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 25.726615] ? __schedule+0x1bdb/0x27e0 [ 25.727369] ? schedule+0x7c/0x310 [ 25.727823] ? trace_hardirqs_on+0x37/0xe0 [ 25.728252] ? __pfx_empty_cache_ctor+0x10/0x10 [ 25.728664] ? __pfx_read_tsc+0x10/0x10 [ 25.729006] ? ktime_get_ts64+0x86/0x230 [ 25.729600] kunit_try_run_case+0x1b3/0x490 [ 25.730149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.730756] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.731242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.731959] ? __kthread_parkme+0x82/0x160 [ 25.732514] ? preempt_count_sub+0x50/0x80 [ 25.732825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.733489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.733986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.734712] kthread+0x257/0x310 [ 25.735413] ? __pfx_kthread+0x10/0x10 [ 25.735826] ret_from_fork+0x41/0x80 [ 25.736280] ? __pfx_kthread+0x10/0x10 [ 25.736751] ret_from_fork_asm+0x1a/0x30 [ 25.737338] </TASK> [ 25.737668] [ 25.738028] Allocated by task 222: [ 25.738271] kasan_save_stack+0x3d/0x60 [ 25.738601] kasan_save_track+0x18/0x40 [ 25.739195] kasan_save_alloc_info+0x3b/0x50 [ 25.739702] __kasan_slab_alloc+0x91/0xa0 [ 25.740213] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.740879] __kmem_cache_create_args+0x177/0x250 [ 25.741313] kmem_cache_double_destroy+0xd3/0x380 [ 25.741738] kunit_try_run_case+0x1b3/0x490 [ 25.742139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.742686] kthread+0x257/0x310 [ 25.742940] ret_from_fork+0x41/0x80 [ 25.743448] ret_from_fork_asm+0x1a/0x30 [ 25.744054] [ 25.744455] Freed by task 222: [ 25.744738] kasan_save_stack+0x3d/0x60 [ 25.745255] kasan_save_track+0x18/0x40 [ 25.745667] kasan_save_free_info+0x3f/0x60 [ 25.746015] __kasan_slab_free+0x56/0x70 [ 25.746589] kmem_cache_free+0x120/0x420 [ 25.747075] slab_kmem_cache_release+0x2e/0x40 [ 25.747408] kmem_cache_release+0x16/0x20 [ 25.747958] kobject_put+0x181/0x450 [ 25.748557] sysfs_slab_release+0x16/0x20 [ 25.749100] kmem_cache_destroy+0xf0/0x1d0 [ 25.749573] kmem_cache_double_destroy+0x14c/0x380 [ 25.750023] kunit_try_run_case+0x1b3/0x490 [ 25.750331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.751021] kthread+0x257/0x310 [ 25.751274] ret_from_fork+0x41/0x80 [ 25.751908] ret_from_fork_asm+0x1a/0x30 [ 25.752537] [ 25.752874] The buggy address belongs to the object at ffff888101012dc0 [ 25.752874] which belongs to the cache kmem_cache of size 208 [ 25.753824] The buggy address is located 0 bytes inside of [ 25.753824] freed 208-byte region [ffff888101012dc0, ffff888101012e90) [ 25.754766] [ 25.755053] The buggy address belongs to the physical page: [ 25.755512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101012 [ 25.756613] flags: 0x200000000000000(node=0|zone=2) [ 25.757276] page_type: f5(slab) [ 25.757662] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 25.758714] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 25.759333] page dumped because: kasan: bad access detected [ 25.759663] [ 25.759821] Memory state around the buggy address: [ 25.760467] ffff888101012c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.761192] ffff888101012d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 25.761827] >ffff888101012d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 25.762620] ^ [ 25.763207] ffff888101012e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.764019] ffff888101012e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.764692] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 25.631619] ================================================================== [ 25.632583] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.633319] Read of size 1 at addr ffff888102411000 by task kunit_try_catch/220 [ 25.634399] [ 25.634677] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.636259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.636792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.637580] Call Trace: [ 25.637869] <TASK> [ 25.638146] dump_stack_lvl+0x73/0xb0 [ 25.638588] print_report+0xd1/0x640 [ 25.639072] ? __virt_addr_valid+0x1db/0x2d0 [ 25.639409] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.640051] kasan_report+0x102/0x140 [ 25.640624] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.641162] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.641678] __asan_report_load1_noabort+0x18/0x20 [ 25.642309] kmem_cache_rcu_uaf+0x3e5/0x510 [ 25.642656] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 25.643362] ? finish_task_switch.isra.0+0x153/0x700 [ 25.643836] ? __switch_to+0x5d9/0xf60 [ 25.644381] ? __pfx_read_tsc+0x10/0x10 [ 25.645031] ? ktime_get_ts64+0x86/0x230 [ 25.645436] kunit_try_run_case+0x1b3/0x490 [ 25.646069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.646540] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.647140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.647632] ? __kthread_parkme+0x82/0x160 [ 25.648174] ? preempt_count_sub+0x50/0x80 [ 25.648736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.649180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.649979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.650500] kthread+0x257/0x310 [ 25.651049] ? __pfx_kthread+0x10/0x10 [ 25.651421] ret_from_fork+0x41/0x80 [ 25.651952] ? __pfx_kthread+0x10/0x10 [ 25.652432] ret_from_fork_asm+0x1a/0x30 [ 25.652930] </TASK> [ 25.653327] [ 25.653503] Allocated by task 220: [ 25.653966] kasan_save_stack+0x3d/0x60 [ 25.654456] kasan_save_track+0x18/0x40 [ 25.655006] kasan_save_alloc_info+0x3b/0x50 [ 25.655512] __kasan_slab_alloc+0x91/0xa0 [ 25.656037] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.656479] kmem_cache_rcu_uaf+0x156/0x510 [ 25.657062] kunit_try_run_case+0x1b3/0x490 [ 25.657474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.658083] kthread+0x257/0x310 [ 25.658446] ret_from_fork+0x41/0x80 [ 25.658948] ret_from_fork_asm+0x1a/0x30 [ 25.659387] [ 25.659695] Freed by task 0: [ 25.660089] kasan_save_stack+0x3d/0x60 [ 25.660638] kasan_save_track+0x18/0x40 [ 25.661168] kasan_save_free_info+0x3f/0x60 [ 25.661574] __kasan_slab_free+0x56/0x70 [ 25.662153] slab_free_after_rcu_debug+0xe4/0x310 [ 25.662590] rcu_core+0x680/0x1d70 [ 25.663155] rcu_core_si+0x12/0x20 [ 25.663589] handle_softirqs+0x209/0x720 [ 25.664075] __irq_exit_rcu+0xc9/0x110 [ 25.664582] irq_exit_rcu+0x12/0x20 [ 25.665116] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.665726] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.666321] [ 25.666640] Last potentially related work creation: [ 25.667180] kasan_save_stack+0x3d/0x60 [ 25.667590] kasan_record_aux_stack+0xb2/0xc0 [ 25.668065] kmem_cache_free+0x284/0x420 [ 25.668623] kmem_cache_rcu_uaf+0x195/0x510 [ 25.669138] kunit_try_run_case+0x1b3/0x490 [ 25.669696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.670243] kthread+0x257/0x310 [ 25.670690] ret_from_fork+0x41/0x80 [ 25.671180] ret_from_fork_asm+0x1a/0x30 [ 25.671597] [ 25.671842] The buggy address belongs to the object at ffff888102411000 [ 25.671842] which belongs to the cache test_cache of size 200 [ 25.672756] The buggy address is located 0 bytes inside of [ 25.672756] freed 200-byte region [ffff888102411000, ffff8881024110c8) [ 25.674095] [ 25.674410] The buggy address belongs to the physical page: [ 25.674837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102411 [ 25.675696] flags: 0x200000000000000(node=0|zone=2) [ 25.676327] page_type: f5(slab) [ 25.676789] raw: 0200000000000000 ffff888101012c80 dead000000000122 0000000000000000 [ 25.677473] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.678095] page dumped because: kasan: bad access detected [ 25.678680] [ 25.679035] Memory state around the buggy address: [ 25.679452] ffff888102410f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.680334] ffff888102410f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.681089] >ffff888102411000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.682003] ^ [ 25.682225] ffff888102411080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.683604] ffff888102411100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.684483] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 25.538818] ================================================================== [ 25.539945] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 25.540576] Free of addr ffff88810240f001 by task kunit_try_catch/218 [ 25.541503] [ 25.541825] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.543019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.543477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.544495] Call Trace: [ 25.544879] <TASK> [ 25.545144] dump_stack_lvl+0x73/0xb0 [ 25.545716] print_report+0xd1/0x640 [ 25.546283] ? __virt_addr_valid+0x1db/0x2d0 [ 25.546983] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.547407] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.548148] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.548751] kasan_report_invalid_free+0xc0/0xf0 [ 25.549279] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.549728] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.550307] check_slab_allocation+0x11f/0x130 [ 25.550673] __kasan_slab_pre_free+0x28/0x40 [ 25.551081] kmem_cache_free+0xee/0x420 [ 25.551691] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.552030] ? kmem_cache_invalid_free+0x1d9/0x470 [ 25.552631] kmem_cache_invalid_free+0x1d9/0x470 [ 25.553737] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 25.554350] ? finish_task_switch.isra.0+0x153/0x700 [ 25.554951] ? __switch_to+0x5d9/0xf60 [ 25.555356] ? __pfx_read_tsc+0x10/0x10 [ 25.555859] ? ktime_get_ts64+0x86/0x230 [ 25.556608] kunit_try_run_case+0x1b3/0x490 [ 25.557418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.557840] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.558648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.559593] ? __kthread_parkme+0x82/0x160 [ 25.560418] ? preempt_count_sub+0x50/0x80 [ 25.560833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.561510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.562562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.563372] kthread+0x257/0x310 [ 25.563760] ? __pfx_kthread+0x10/0x10 [ 25.564768] ret_from_fork+0x41/0x80 [ 25.565476] ? __pfx_kthread+0x10/0x10 [ 25.565875] ret_from_fork_asm+0x1a/0x30 [ 25.566840] </TASK> [ 25.567354] [ 25.567519] Allocated by task 218: [ 25.568284] kasan_save_stack+0x3d/0x60 [ 25.568697] kasan_save_track+0x18/0x40 [ 25.569713] kasan_save_alloc_info+0x3b/0x50 [ 25.570513] __kasan_slab_alloc+0x91/0xa0 [ 25.570710] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.571359] kmem_cache_invalid_free+0x158/0x470 [ 25.572168] kunit_try_run_case+0x1b3/0x490 [ 25.572585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.573804] kthread+0x257/0x310 [ 25.574547] ret_from_fork+0x41/0x80 [ 25.575132] ret_from_fork_asm+0x1a/0x30 [ 25.575605] [ 25.575829] The buggy address belongs to the object at ffff88810240f000 [ 25.575829] which belongs to the cache test_cache of size 200 [ 25.577665] The buggy address is located 1 bytes inside of [ 25.577665] 200-byte region [ffff88810240f000, ffff88810240f0c8) [ 25.578714] [ 25.579048] The buggy address belongs to the physical page: [ 25.579651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10240f [ 25.581372] flags: 0x200000000000000(node=0|zone=2) [ 25.581964] page_type: f5(slab) [ 25.582225] raw: 0200000000000000 ffff888101012b40 dead000000000122 0000000000000000 [ 25.582851] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.583684] page dumped because: kasan: bad access detected [ 25.584698] [ 25.585141] Memory state around the buggy address: [ 25.585471] ffff88810240ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.586613] ffff88810240ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.587249] >ffff88810240f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.588226] ^ [ 25.588787] ffff88810240f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.589519] ffff88810240f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.590533] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 25.456686] ================================================================== [ 25.457632] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 25.458712] Free of addr ffff88810240d000 by task kunit_try_catch/216 [ 25.460115] [ 25.460747] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.461785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.462164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.462903] Call Trace: [ 25.463193] <TASK> [ 25.463787] dump_stack_lvl+0x73/0xb0 [ 25.464159] print_report+0xd1/0x640 [ 25.464912] ? __virt_addr_valid+0x1db/0x2d0 [ 25.465326] ? kmem_cache_double_free+0x1e6/0x490 [ 25.465779] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.467087] ? kmem_cache_double_free+0x1e6/0x490 [ 25.468143] kasan_report_invalid_free+0xc0/0xf0 [ 25.468812] ? kmem_cache_double_free+0x1e6/0x490 [ 25.469666] ? kmem_cache_double_free+0x1e6/0x490 [ 25.470541] check_slab_allocation+0x101/0x130 [ 25.471259] __kasan_slab_pre_free+0x28/0x40 [ 25.472134] kmem_cache_free+0xee/0x420 [ 25.472492] ? kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.473499] ? kmem_cache_double_free+0x1e6/0x490 [ 25.474018] kmem_cache_double_free+0x1e6/0x490 [ 25.474784] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 25.475311] ? finish_task_switch.isra.0+0x153/0x700 [ 25.476061] ? __switch_to+0x5d9/0xf60 [ 25.476926] ? __pfx_read_tsc+0x10/0x10 [ 25.477327] ? ktime_get_ts64+0x86/0x230 [ 25.478572] kunit_try_run_case+0x1b3/0x490 [ 25.479475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.480429] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.480763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.482289] ? __kthread_parkme+0x82/0x160 [ 25.482767] ? preempt_count_sub+0x50/0x80 [ 25.483228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.483548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.484752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.485174] kthread+0x257/0x310 [ 25.486375] ? __pfx_kthread+0x10/0x10 [ 25.486879] ret_from_fork+0x41/0x80 [ 25.487246] ? __pfx_kthread+0x10/0x10 [ 25.488134] ret_from_fork_asm+0x1a/0x30 [ 25.488956] </TASK> [ 25.489586] [ 25.489767] Allocated by task 216: [ 25.490743] kasan_save_stack+0x3d/0x60 [ 25.491168] kasan_save_track+0x18/0x40 [ 25.491837] kasan_save_alloc_info+0x3b/0x50 [ 25.492349] __kasan_slab_alloc+0x91/0xa0 [ 25.492727] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.493795] kmem_cache_double_free+0x150/0x490 [ 25.494096] kunit_try_run_case+0x1b3/0x490 [ 25.494892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.495451] kthread+0x257/0x310 [ 25.495792] ret_from_fork+0x41/0x80 [ 25.496765] ret_from_fork_asm+0x1a/0x30 [ 25.497251] [ 25.498065] Freed by task 216: [ 25.498358] kasan_save_stack+0x3d/0x60 [ 25.499517] kasan_save_track+0x18/0x40 [ 25.500136] kasan_save_free_info+0x3f/0x60 [ 25.501013] __kasan_slab_free+0x56/0x70 [ 25.501480] kmem_cache_free+0x120/0x420 [ 25.502487] kmem_cache_double_free+0x16b/0x490 [ 25.502733] kunit_try_run_case+0x1b3/0x490 [ 25.502936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.503163] kthread+0x257/0x310 [ 25.503357] ret_from_fork+0x41/0x80 [ 25.504515] ret_from_fork_asm+0x1a/0x30 [ 25.505492] [ 25.506162] The buggy address belongs to the object at ffff88810240d000 [ 25.506162] which belongs to the cache test_cache of size 200 [ 25.507648] The buggy address is located 0 bytes inside of [ 25.507648] 200-byte region [ffff88810240d000, ffff88810240d0c8) [ 25.509137] [ 25.509247] The buggy address belongs to the physical page: [ 25.509560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10240d [ 25.510037] flags: 0x200000000000000(node=0|zone=2) [ 25.512084] page_type: f5(slab) [ 25.513400] raw: 0200000000000000 ffff888101012a00 dead000000000122 0000000000000000 [ 25.514814] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.515666] page dumped because: kasan: bad access detected [ 25.516235] [ 25.516860] Memory state around the buggy address: [ 25.517897] ffff88810240cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.519129] ffff88810240cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.520894] >ffff88810240d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.522403] ^ [ 25.522833] ffff88810240d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.523456] ffff88810240d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.524611] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 25.374828] ================================================================== [ 25.376015] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 25.376690] Read of size 1 at addr ffff88810295f0c8 by task kunit_try_catch/214 [ 25.377896] [ 25.379022] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.380523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.381273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.382476] Call Trace: [ 25.382758] <TASK> [ 25.383374] dump_stack_lvl+0x73/0xb0 [ 25.384128] print_report+0xd1/0x640 [ 25.384619] ? __virt_addr_valid+0x1db/0x2d0 [ 25.385388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.387738] kasan_report+0x102/0x140 [ 25.388469] ? kmem_cache_oob+0x404/0x530 [ 25.388856] ? kmem_cache_oob+0x404/0x530 [ 25.390019] __asan_report_load1_noabort+0x18/0x20 [ 25.391040] kmem_cache_oob+0x404/0x530 [ 25.391429] ? trace_hardirqs_on+0x37/0xe0 [ 25.392160] ? __pfx_kmem_cache_oob+0x10/0x10 [ 25.392691] ? finish_task_switch.isra.0+0x153/0x700 [ 25.393236] ? __switch_to+0x5d9/0xf60 [ 25.393645] ? __pfx_read_tsc+0x10/0x10 [ 25.394687] ? ktime_get_ts64+0x86/0x230 [ 25.395114] kunit_try_run_case+0x1b3/0x490 [ 25.395569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.396558] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.397188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.397715] ? __kthread_parkme+0x82/0x160 [ 25.398765] ? preempt_count_sub+0x50/0x80 [ 25.399588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.400370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.401602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.402814] kthread+0x257/0x310 [ 25.403380] ? __pfx_kthread+0x10/0x10 [ 25.403745] ret_from_fork+0x41/0x80 [ 25.404571] ? __pfx_kthread+0x10/0x10 [ 25.404846] ret_from_fork_asm+0x1a/0x30 [ 25.405450] </TASK> [ 25.405724] [ 25.405949] Allocated by task 214: [ 25.406336] kasan_save_stack+0x3d/0x60 [ 25.406790] kasan_save_track+0x18/0x40 [ 25.407260] kasan_save_alloc_info+0x3b/0x50 [ 25.407582] __kasan_slab_alloc+0x91/0xa0 [ 25.407869] kmem_cache_alloc_noprof+0x11e/0x3e0 [ 25.408455] kmem_cache_oob+0x158/0x530 [ 25.409066] kunit_try_run_case+0x1b3/0x490 [ 25.409731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.410540] kthread+0x257/0x310 [ 25.411516] ret_from_fork+0x41/0x80 [ 25.412135] ret_from_fork_asm+0x1a/0x30 [ 25.412571] [ 25.412768] The buggy address belongs to the object at ffff88810295f000 [ 25.412768] which belongs to the cache test_cache of size 200 [ 25.413641] The buggy address is located 0 bytes to the right of [ 25.413641] allocated 200-byte region [ffff88810295f000, ffff88810295f0c8) [ 25.415469] [ 25.416196] The buggy address belongs to the physical page: [ 25.416680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10295f [ 25.417853] flags: 0x200000000000000(node=0|zone=2) [ 25.418375] page_type: f5(slab) [ 25.418737] raw: 0200000000000000 ffff888101a8e500 dead000000000122 0000000000000000 [ 25.420370] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.421458] page dumped because: kasan: bad access detected [ 25.422351] [ 25.422955] Memory state around the buggy address: [ 25.423405] ffff88810295ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.424244] ffff88810295f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.425098] >ffff88810295f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.426010] ^ [ 25.426461] ffff88810295f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.427638] ffff88810295f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.428370] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 25.295498] ================================================================== [ 25.297346] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 25.298651] Read of size 8 at addr ffff888102956940 by task kunit_try_catch/207 [ 25.299968] [ 25.300421] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.301129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.301875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.303340] Call Trace: [ 25.303557] <TASK> [ 25.304072] dump_stack_lvl+0x73/0xb0 [ 25.304889] print_report+0xd1/0x640 [ 25.305083] ? __virt_addr_valid+0x1db/0x2d0 [ 25.305319] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.305671] kasan_report+0x102/0x140 [ 25.306166] ? workqueue_uaf+0x4d8/0x560 [ 25.306872] ? workqueue_uaf+0x4d8/0x560 [ 25.307248] __asan_report_load8_noabort+0x18/0x20 [ 25.307596] workqueue_uaf+0x4d8/0x560 [ 25.307939] ? __pfx_workqueue_uaf+0x10/0x10 [ 25.308528] ? __schedule+0xc70/0x27e0 [ 25.309422] ? __pfx_read_tsc+0x10/0x10 [ 25.310043] ? ktime_get_ts64+0x86/0x230 [ 25.310609] kunit_try_run_case+0x1b3/0x490 [ 25.311458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.312354] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.313195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.314073] ? __kthread_parkme+0x82/0x160 [ 25.314733] ? preempt_count_sub+0x50/0x80 [ 25.315246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.315896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.316182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.317365] kthread+0x257/0x310 [ 25.317710] ? __pfx_kthread+0x10/0x10 [ 25.318504] ret_from_fork+0x41/0x80 [ 25.318974] ? __pfx_kthread+0x10/0x10 [ 25.319584] ret_from_fork_asm+0x1a/0x30 [ 25.319871] </TASK> [ 25.320205] [ 25.320486] Allocated by task 207: [ 25.320922] kasan_save_stack+0x3d/0x60 [ 25.321358] kasan_save_track+0x18/0x40 [ 25.321707] kasan_save_alloc_info+0x3b/0x50 [ 25.322135] __kasan_kmalloc+0xb7/0xc0 [ 25.323139] __kmalloc_cache_noprof+0x184/0x410 [ 25.323966] workqueue_uaf+0x153/0x560 [ 25.325242] kunit_try_run_case+0x1b3/0x490 [ 25.325836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.326882] kthread+0x257/0x310 [ 25.327409] ret_from_fork+0x41/0x80 [ 25.327711] ret_from_fork_asm+0x1a/0x30 [ 25.328253] [ 25.328510] Freed by task 8: [ 25.328748] kasan_save_stack+0x3d/0x60 [ 25.329535] kasan_save_track+0x18/0x40 [ 25.330037] kasan_save_free_info+0x3f/0x60 [ 25.330921] __kasan_slab_free+0x56/0x70 [ 25.331130] kfree+0x123/0x3f0 [ 25.331627] workqueue_uaf_work+0x12/0x20 [ 25.332286] process_one_work+0x5ee/0xf60 [ 25.332738] worker_thread+0x720/0x1300 [ 25.333150] kthread+0x257/0x310 [ 25.333737] ret_from_fork+0x41/0x80 [ 25.334073] ret_from_fork_asm+0x1a/0x30 [ 25.335049] [ 25.335374] Last potentially related work creation: [ 25.335997] kasan_save_stack+0x3d/0x60 [ 25.336756] kasan_record_aux_stack+0xb2/0xc0 [ 25.337509] __queue_work+0x626/0xe60 [ 25.338018] queue_work_on+0x74/0xa0 [ 25.339265] workqueue_uaf+0x26e/0x560 [ 25.339726] kunit_try_run_case+0x1b3/0x490 [ 25.340141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.340780] kthread+0x257/0x310 [ 25.341340] ret_from_fork+0x41/0x80 [ 25.341744] ret_from_fork_asm+0x1a/0x30 [ 25.342829] [ 25.343103] The buggy address belongs to the object at ffff888102956940 [ 25.343103] which belongs to the cache kmalloc-32 of size 32 [ 25.344546] The buggy address is located 0 bytes inside of [ 25.344546] freed 32-byte region [ffff888102956940, ffff888102956960) [ 25.345974] [ 25.346819] The buggy address belongs to the physical page: [ 25.347278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102956 [ 25.348021] flags: 0x200000000000000(node=0|zone=2) [ 25.348580] page_type: f5(slab) [ 25.349053] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 25.349730] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.350390] page dumped because: kasan: bad access detected [ 25.350848] [ 25.351059] Memory state around the buggy address: [ 25.351913] ffff888102956800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.352665] ffff888102956880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.353507] >ffff888102956900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.354107] ^ [ 25.354737] ffff888102956980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.355918] ffff888102956a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.356504] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 25.228446] ================================================================== [ 25.229454] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 25.230143] Read of size 4 at addr ffff888102407a00 by task swapper/1/0 [ 25.230564] [ 25.230823] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.231657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.232177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.232884] Call Trace: [ 25.233273] <IRQ> [ 25.233610] dump_stack_lvl+0x73/0xb0 [ 25.233968] print_report+0xd1/0x640 [ 25.234451] ? __virt_addr_valid+0x1db/0x2d0 [ 25.235011] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.235518] kasan_report+0x102/0x140 [ 25.235981] ? rcu_uaf_reclaim+0x50/0x60 [ 25.236388] ? rcu_uaf_reclaim+0x50/0x60 [ 25.236851] __asan_report_load4_noabort+0x18/0x20 [ 25.237456] rcu_uaf_reclaim+0x50/0x60 [ 25.237930] rcu_core+0x680/0x1d70 [ 25.238239] ? __pfx_rcu_core+0x10/0x10 [ 25.238749] ? ktime_get+0x6b/0x150 [ 25.239100] ? handle_softirqs+0x18e/0x720 [ 25.239429] rcu_core_si+0x12/0x20 [ 25.239924] handle_softirqs+0x209/0x720 [ 25.240437] ? hrtimer_interrupt+0x2fe/0x780 [ 25.240929] ? __pfx_handle_softirqs+0x10/0x10 [ 25.241322] __irq_exit_rcu+0xc9/0x110 [ 25.241824] irq_exit_rcu+0x12/0x20 [ 25.242169] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.242709] </IRQ> [ 25.242956] <TASK> [ 25.243145] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.243957] RIP: 0010:default_idle+0xf/0x20 [ 25.244676] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 53 fb 12 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 25.246260] RSP: 0000:ffff888100877de0 EFLAGS: 00010212 [ 25.247116] RAX: ffff88815b100000 RBX: ffff888100845000 RCX: ffffffff9b52b165 [ 25.247802] RDX: ffffed102b626b23 RSI: 0000000000000004 RDI: 000000000000eabc [ 25.248375] RBP: ffff888100877de8 R08: 0000000000000001 R09: ffffed102b626b22 [ 25.249251] R10: ffff88815b135913 R11: 0000000000000000 R12: 0000000000000001 [ 25.250065] R13: ffffed1020108a00 R14: ffffffff9d183490 R15: 0000000000000000 [ 25.250757] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 25.251507] ? arch_cpu_idle+0xd/0x20 [ 25.251989] default_idle_call+0x48/0x80 [ 25.252331] do_idle+0x310/0x3c0 [ 25.252750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.253218] ? __pfx_do_idle+0x10/0x10 [ 25.253697] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 25.254199] ? complete+0x15b/0x1d0 [ 25.254635] cpu_startup_entry+0x5c/0x70 [ 25.255011] start_secondary+0x216/0x290 [ 25.255483] ? __pfx_start_secondary+0x10/0x10 [ 25.255966] common_startup_64+0x12c/0x138 [ 25.256557] </TASK> [ 25.256816] [ 25.257052] Allocated by task 205: [ 25.257424] kasan_save_stack+0x3d/0x60 [ 25.258365] kasan_save_track+0x18/0x40 [ 25.259016] kasan_save_alloc_info+0x3b/0x50 [ 25.259647] __kasan_kmalloc+0xb7/0xc0 [ 25.259972] __kmalloc_cache_noprof+0x184/0x410 [ 25.260514] rcu_uaf+0xb1/0x330 [ 25.260950] kunit_try_run_case+0x1b3/0x490 [ 25.261421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.261988] kthread+0x257/0x310 [ 25.262341] ret_from_fork+0x41/0x80 [ 25.262653] ret_from_fork_asm+0x1a/0x30 [ 25.263168] [ 25.263387] Freed by task 0: [ 25.263645] kasan_save_stack+0x3d/0x60 [ 25.264117] kasan_save_track+0x18/0x40 [ 25.264643] kasan_save_free_info+0x3f/0x60 [ 25.265077] __kasan_slab_free+0x56/0x70 [ 25.265418] kfree+0x123/0x3f0 [ 25.265850] rcu_uaf_reclaim+0x1f/0x60 [ 25.266339] rcu_core+0x680/0x1d70 [ 25.266706] rcu_core_si+0x12/0x20 [ 25.267091] handle_softirqs+0x209/0x720 [ 25.267495] __irq_exit_rcu+0xc9/0x110 [ 25.267874] irq_exit_rcu+0x12/0x20 [ 25.268141] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.268747] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.269289] [ 25.269504] Last potentially related work creation: [ 25.270042] kasan_save_stack+0x3d/0x60 [ 25.270579] kasan_record_aux_stack+0xb2/0xc0 [ 25.271160] __call_rcu_common.constprop.0+0x72/0xaa0 [ 25.271582] call_rcu+0x12/0x20 [ 25.271990] rcu_uaf+0x169/0x330 [ 25.272396] kunit_try_run_case+0x1b3/0x490 [ 25.272755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.273264] kthread+0x257/0x310 [ 25.273542] ret_from_fork+0x41/0x80 [ 25.273973] ret_from_fork_asm+0x1a/0x30 [ 25.274535] [ 25.274864] The buggy address belongs to the object at ffff888102407a00 [ 25.274864] which belongs to the cache kmalloc-32 of size 32 [ 25.275942] The buggy address is located 0 bytes inside of [ 25.275942] freed 32-byte region [ffff888102407a00, ffff888102407a20) [ 25.276977] [ 25.277169] The buggy address belongs to the physical page: [ 25.277712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102407 [ 25.278364] flags: 0x200000000000000(node=0|zone=2) [ 25.278984] page_type: f5(slab) [ 25.279362] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 25.280045] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.280665] page dumped because: kasan: bad access detected [ 25.281090] [ 25.281244] Memory state around the buggy address: [ 25.281567] ffff888102407900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.282374] ffff888102407980: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.283069] >ffff888102407a00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 25.283699] ^ [ 25.284162] ffff888102407a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.284711] ffff888102407b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.285340] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 25.106973] ================================================================== [ 25.108378] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 25.109638] Read of size 1 at addr ffff888102409100 by task kunit_try_catch/203 [ 25.110815] [ 25.111153] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.112475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.113358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.115509] Call Trace: [ 25.115967] <TASK> [ 25.116188] dump_stack_lvl+0x73/0xb0 [ 25.116761] print_report+0xd1/0x640 [ 25.117255] ? __virt_addr_valid+0x1db/0x2d0 [ 25.117639] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.118553] kasan_report+0x102/0x140 [ 25.119003] ? ksize_uaf+0x600/0x6c0 [ 25.119335] ? ksize_uaf+0x600/0x6c0 [ 25.120456] __asan_report_load1_noabort+0x18/0x20 [ 25.120998] ksize_uaf+0x600/0x6c0 [ 25.121575] ? __pfx_ksize_uaf+0x10/0x10 [ 25.122028] ? __schedule+0xc70/0x27e0 [ 25.122372] ? __pfx_read_tsc+0x10/0x10 [ 25.122975] ? ktime_get_ts64+0x86/0x230 [ 25.123427] kunit_try_run_case+0x1b3/0x490 [ 25.123863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.124598] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.124968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.125584] ? __kthread_parkme+0x82/0x160 [ 25.126210] ? preempt_count_sub+0x50/0x80 [ 25.126765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.127951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.128549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.129405] kthread+0x257/0x310 [ 25.129834] ? __pfx_kthread+0x10/0x10 [ 25.130362] ret_from_fork+0x41/0x80 [ 25.130678] ? __pfx_kthread+0x10/0x10 [ 25.131285] ret_from_fork_asm+0x1a/0x30 [ 25.131642] </TASK> [ 25.131900] [ 25.132315] Allocated by task 203: [ 25.132614] kasan_save_stack+0x3d/0x60 [ 25.133146] kasan_save_track+0x18/0x40 [ 25.133671] kasan_save_alloc_info+0x3b/0x50 [ 25.134265] __kasan_kmalloc+0xb7/0xc0 [ 25.134671] __kmalloc_cache_noprof+0x184/0x410 [ 25.135338] ksize_uaf+0xab/0x6c0 [ 25.136436] kunit_try_run_case+0x1b3/0x490 [ 25.136742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.137356] kthread+0x257/0x310 [ 25.137641] ret_from_fork+0x41/0x80 [ 25.138188] ret_from_fork_asm+0x1a/0x30 [ 25.138667] [ 25.138858] Freed by task 203: [ 25.139088] kasan_save_stack+0x3d/0x60 [ 25.139525] kasan_save_track+0x18/0x40 [ 25.140062] kasan_save_free_info+0x3f/0x60 [ 25.140604] __kasan_slab_free+0x56/0x70 [ 25.141021] kfree+0x123/0x3f0 [ 25.142456] ksize_uaf+0x12d/0x6c0 [ 25.142857] kunit_try_run_case+0x1b3/0x490 [ 25.143737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.144696] kthread+0x257/0x310 [ 25.146117] ret_from_fork+0x41/0x80 [ 25.146510] ret_from_fork_asm+0x1a/0x30 [ 25.147331] [ 25.147531] The buggy address belongs to the object at ffff888102409100 [ 25.147531] which belongs to the cache kmalloc-128 of size 128 [ 25.149098] The buggy address is located 0 bytes inside of [ 25.149098] freed 128-byte region [ffff888102409100, ffff888102409180) [ 25.150153] [ 25.150486] The buggy address belongs to the physical page: [ 25.150927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102409 [ 25.151979] flags: 0x200000000000000(node=0|zone=2) [ 25.152361] page_type: f5(slab) [ 25.152872] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.153878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.154814] page dumped because: kasan: bad access detected [ 25.155381] [ 25.155717] Memory state around the buggy address: [ 25.156203] ffff888102409000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.157035] ffff888102409080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.157830] >ffff888102409100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.158477] ^ [ 25.158739] ffff888102409180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.160058] ffff888102409200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.160989] ================================================================== [ 25.162053] ================================================================== [ 25.162689] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 25.163166] Read of size 1 at addr ffff888102409178 by task kunit_try_catch/203 [ 25.164864] [ 25.165081] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.165952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.166448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.167163] Call Trace: [ 25.167534] <TASK> [ 25.167736] dump_stack_lvl+0x73/0xb0 [ 25.168455] print_report+0xd1/0x640 [ 25.168784] ? __virt_addr_valid+0x1db/0x2d0 [ 25.169239] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.170838] kasan_report+0x102/0x140 [ 25.171352] ? ksize_uaf+0x5e6/0x6c0 [ 25.171667] ? ksize_uaf+0x5e6/0x6c0 [ 25.172137] __asan_report_load1_noabort+0x18/0x20 [ 25.172698] ksize_uaf+0x5e6/0x6c0 [ 25.173063] ? __pfx_ksize_uaf+0x10/0x10 [ 25.173539] ? __schedule+0xc70/0x27e0 [ 25.173921] ? __pfx_read_tsc+0x10/0x10 [ 25.174556] ? ktime_get_ts64+0x86/0x230 [ 25.175083] kunit_try_run_case+0x1b3/0x490 [ 25.175669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.176150] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.176598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.177824] ? __kthread_parkme+0x82/0x160 [ 25.178286] ? preempt_count_sub+0x50/0x80 [ 25.178991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.179654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.180316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.180725] kthread+0x257/0x310 [ 25.181108] ? __pfx_kthread+0x10/0x10 [ 25.181724] ret_from_fork+0x41/0x80 [ 25.182139] ? __pfx_kthread+0x10/0x10 [ 25.182740] ret_from_fork_asm+0x1a/0x30 [ 25.183861] </TASK> [ 25.184186] [ 25.184497] Allocated by task 203: [ 25.184949] kasan_save_stack+0x3d/0x60 [ 25.185568] kasan_save_track+0x18/0x40 [ 25.185941] kasan_save_alloc_info+0x3b/0x50 [ 25.186573] __kasan_kmalloc+0xb7/0xc0 [ 25.187058] __kmalloc_cache_noprof+0x184/0x410 [ 25.187647] ksize_uaf+0xab/0x6c0 [ 25.188035] kunit_try_run_case+0x1b3/0x490 [ 25.188569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.189139] kthread+0x257/0x310 [ 25.189443] ret_from_fork+0x41/0x80 [ 25.189826] ret_from_fork_asm+0x1a/0x30 [ 25.190890] [ 25.191057] Freed by task 203: [ 25.191485] kasan_save_stack+0x3d/0x60 [ 25.191963] kasan_save_track+0x18/0x40 [ 25.192599] kasan_save_free_info+0x3f/0x60 [ 25.193073] __kasan_slab_free+0x56/0x70 [ 25.193597] kfree+0x123/0x3f0 [ 25.193904] ksize_uaf+0x12d/0x6c0 [ 25.194483] kunit_try_run_case+0x1b3/0x490 [ 25.194902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.196261] kthread+0x257/0x310 [ 25.196570] ret_from_fork+0x41/0x80 [ 25.197062] ret_from_fork_asm+0x1a/0x30 [ 25.197649] [ 25.197886] The buggy address belongs to the object at ffff888102409100 [ 25.197886] which belongs to the cache kmalloc-128 of size 128 [ 25.198826] The buggy address is located 120 bytes inside of [ 25.198826] freed 128-byte region [ffff888102409100, ffff888102409180) [ 25.200027] [ 25.200396] The buggy address belongs to the physical page: [ 25.201053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102409 [ 25.202570] flags: 0x200000000000000(node=0|zone=2) [ 25.203094] page_type: f5(slab) [ 25.203614] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.204522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.205255] page dumped because: kasan: bad access detected [ 25.205792] [ 25.206111] Memory state around the buggy address: [ 25.207195] ffff888102409000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.207977] ffff888102409080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.208998] >ffff888102409100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.209819] ^ [ 25.210563] ffff888102409180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.210929] ffff888102409200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.212623] ================================================================== [ 25.044424] ================================================================== [ 25.045668] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 25.046199] Read of size 1 at addr ffff888102409100 by task kunit_try_catch/203 [ 25.047155] [ 25.048493] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 25.050350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.050752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.052615] Call Trace: [ 25.053347] <TASK> [ 25.053579] dump_stack_lvl+0x73/0xb0 [ 25.054405] print_report+0xd1/0x640 [ 25.054843] ? __virt_addr_valid+0x1db/0x2d0 [ 25.055453] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.056281] kasan_report+0x102/0x140 [ 25.056720] ? ksize_uaf+0x19e/0x6c0 [ 25.057992] ? ksize_uaf+0x19e/0x6c0 [ 25.058702] ? ksize_uaf+0x19e/0x6c0 [ 25.059510] __kasan_check_byte+0x3d/0x50 [ 25.060214] ksize+0x20/0x60 [ 25.060628] ksize_uaf+0x19e/0x6c0 [ 25.061118] ? __pfx_ksize_uaf+0x10/0x10 [ 25.061643] ? __schedule+0xc70/0x27e0 [ 25.062238] ? __pfx_read_tsc+0x10/0x10 [ 25.062745] ? ktime_get_ts64+0x86/0x230 [ 25.064260] kunit_try_run_case+0x1b3/0x490 [ 25.064697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.065106] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.065603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.066134] ? __kthread_parkme+0x82/0x160 [ 25.066764] ? preempt_count_sub+0x50/0x80 [ 25.067454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.068003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.069024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.069598] kthread+0x257/0x310 [ 25.070334] ? __pfx_kthread+0x10/0x10 [ 25.070944] ret_from_fork+0x41/0x80 [ 25.071223] ? __pfx_kthread+0x10/0x10 [ 25.071741] ret_from_fork_asm+0x1a/0x30 [ 25.072634] </TASK> [ 25.073006] [ 25.073737] Allocated by task 203: [ 25.074345] kasan_save_stack+0x3d/0x60 [ 25.074824] kasan_save_track+0x18/0x40 [ 25.075489] kasan_save_alloc_info+0x3b/0x50 [ 25.075691] __kasan_kmalloc+0xb7/0xc0 [ 25.075923] __kmalloc_cache_noprof+0x184/0x410 [ 25.076974] ksize_uaf+0xab/0x6c0 [ 25.077965] kunit_try_run_case+0x1b3/0x490 [ 25.078393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.079491] kthread+0x257/0x310 [ 25.079986] ret_from_fork+0x41/0x80 [ 25.080425] ret_from_fork_asm+0x1a/0x30 [ 25.081080] [ 25.081239] Freed by task 203: [ 25.081608] kasan_save_stack+0x3d/0x60 [ 25.082146] kasan_save_track+0x18/0x40 [ 25.082797] kasan_save_free_info+0x3f/0x60 [ 25.083585] __kasan_slab_free+0x56/0x70 [ 25.084033] kfree+0x123/0x3f0 [ 25.085057] ksize_uaf+0x12d/0x6c0 [ 25.085423] kunit_try_run_case+0x1b3/0x490 [ 25.085931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.086709] kthread+0x257/0x310 [ 25.087107] ret_from_fork+0x41/0x80 [ 25.087754] ret_from_fork_asm+0x1a/0x30 [ 25.088235] [ 25.088654] The buggy address belongs to the object at ffff888102409100 [ 25.088654] which belongs to the cache kmalloc-128 of size 128 [ 25.090315] The buggy address is located 0 bytes inside of [ 25.090315] freed 128-byte region [ffff888102409100, ffff888102409180) [ 25.091883] [ 25.092172] The buggy address belongs to the physical page: [ 25.092679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102409 [ 25.093623] flags: 0x200000000000000(node=0|zone=2) [ 25.094188] page_type: f5(slab) [ 25.094670] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.095446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.096152] page dumped because: kasan: bad access detected [ 25.097154] [ 25.097831] Memory state around the buggy address: [ 25.098900] ffff888102409000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.099881] ffff888102409080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.100499] >ffff888102409100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.101189] ^ [ 25.101614] ffff888102409180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.103108] ffff888102409200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.104141] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 24.872692] ================================================================== [ 24.874356] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 24.876070] Read of size 1 at addr ffff888102957e73 by task kunit_try_catch/201 [ 24.876932] [ 24.877776] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.878945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.879626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.880754] Call Trace: [ 24.881221] <TASK> [ 24.881863] dump_stack_lvl+0x73/0xb0 [ 24.883239] print_report+0xd1/0x640 [ 24.884029] ? __virt_addr_valid+0x1db/0x2d0 [ 24.884941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.886050] kasan_report+0x102/0x140 [ 24.886946] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 24.887970] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 24.888587] __asan_report_load1_noabort+0x18/0x20 [ 24.889587] ksize_unpoisons_memory+0x81e/0x9b0 [ 24.890539] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 24.891270] ? finish_task_switch.isra.0+0x153/0x700 [ 24.891798] ? __switch_to+0x5d9/0xf60 [ 24.892606] ? __schedule+0xc70/0x27e0 [ 24.892917] ? __pfx_read_tsc+0x10/0x10 [ 24.893565] ? ktime_get_ts64+0x86/0x230 [ 24.894193] kunit_try_run_case+0x1b3/0x490 [ 24.894729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.895169] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.896188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.897108] ? __kthread_parkme+0x82/0x160 [ 24.897672] ? preempt_count_sub+0x50/0x80 [ 24.898138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.898700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.899253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.900227] kthread+0x257/0x310 [ 24.900684] ? __pfx_kthread+0x10/0x10 [ 24.901498] ret_from_fork+0x41/0x80 [ 24.902076] ? __pfx_kthread+0x10/0x10 [ 24.902661] ret_from_fork_asm+0x1a/0x30 [ 24.903259] </TASK> [ 24.903598] [ 24.903759] Allocated by task 201: [ 24.904798] kasan_save_stack+0x3d/0x60 [ 24.905210] kasan_save_track+0x18/0x40 [ 24.905858] kasan_save_alloc_info+0x3b/0x50 [ 24.906356] __kasan_kmalloc+0xb7/0xc0 [ 24.906918] __kmalloc_cache_noprof+0x184/0x410 [ 24.907678] ksize_unpoisons_memory+0xc8/0x9b0 [ 24.908381] kunit_try_run_case+0x1b3/0x490 [ 24.909404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.910051] kthread+0x257/0x310 [ 24.910540] ret_from_fork+0x41/0x80 [ 24.910924] ret_from_fork_asm+0x1a/0x30 [ 24.911378] [ 24.911583] The buggy address belongs to the object at ffff888102957e00 [ 24.911583] which belongs to the cache kmalloc-128 of size 128 [ 24.912920] The buggy address is located 0 bytes to the right of [ 24.912920] allocated 115-byte region [ffff888102957e00, ffff888102957e73) [ 24.914393] [ 24.914642] The buggy address belongs to the physical page: [ 24.915139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102957 [ 24.916007] flags: 0x200000000000000(node=0|zone=2) [ 24.916556] page_type: f5(slab) [ 24.916821] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.918649] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.919498] page dumped because: kasan: bad access detected [ 24.919721] [ 24.919849] Memory state around the buggy address: [ 24.920613] ffff888102957d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.921969] ffff888102957d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.923366] >ffff888102957e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.924207] ^ [ 24.925154] ffff888102957e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.925900] ffff888102957f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.927075] ================================================================== [ 24.928517] ================================================================== [ 24.929078] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.929924] Read of size 1 at addr ffff888102957e78 by task kunit_try_catch/201 [ 24.931654] [ 24.932462] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.933133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.933988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.935244] Call Trace: [ 24.935539] <TASK> [ 24.935838] dump_stack_lvl+0x73/0xb0 [ 24.937104] print_report+0xd1/0x640 [ 24.938064] ? __virt_addr_valid+0x1db/0x2d0 [ 24.938819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.939383] kasan_report+0x102/0x140 [ 24.939791] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.941407] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.941806] __asan_report_load1_noabort+0x18/0x20 [ 24.943075] ksize_unpoisons_memory+0x7eb/0x9b0 [ 24.944338] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 24.945021] ? finish_task_switch.isra.0+0x153/0x700 [ 24.945632] ? __switch_to+0x5d9/0xf60 [ 24.946402] ? __schedule+0xc70/0x27e0 [ 24.946916] ? __pfx_read_tsc+0x10/0x10 [ 24.947441] ? ktime_get_ts64+0x86/0x230 [ 24.948187] kunit_try_run_case+0x1b3/0x490 [ 24.948700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.950184] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.950765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.951469] ? __kthread_parkme+0x82/0x160 [ 24.952278] ? preempt_count_sub+0x50/0x80 [ 24.953026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.953556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.954593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.955643] kthread+0x257/0x310 [ 24.956321] ? __pfx_kthread+0x10/0x10 [ 24.956727] ret_from_fork+0x41/0x80 [ 24.957860] ? __pfx_kthread+0x10/0x10 [ 24.958244] ret_from_fork_asm+0x1a/0x30 [ 24.959454] </TASK> [ 24.959925] [ 24.960565] Allocated by task 201: [ 24.961309] kasan_save_stack+0x3d/0x60 [ 24.961708] kasan_save_track+0x18/0x40 [ 24.962860] kasan_save_alloc_info+0x3b/0x50 [ 24.963411] __kasan_kmalloc+0xb7/0xc0 [ 24.964045] __kmalloc_cache_noprof+0x184/0x410 [ 24.964787] ksize_unpoisons_memory+0xc8/0x9b0 [ 24.965604] kunit_try_run_case+0x1b3/0x490 [ 24.966171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.967454] kthread+0x257/0x310 [ 24.968108] ret_from_fork+0x41/0x80 [ 24.968711] ret_from_fork_asm+0x1a/0x30 [ 24.969533] [ 24.969808] The buggy address belongs to the object at ffff888102957e00 [ 24.969808] which belongs to the cache kmalloc-128 of size 128 [ 24.972119] The buggy address is located 5 bytes to the right of [ 24.972119] allocated 115-byte region [ffff888102957e00, ffff888102957e73) [ 24.973730] [ 24.973982] The buggy address belongs to the physical page: [ 24.975021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102957 [ 24.976167] flags: 0x200000000000000(node=0|zone=2) [ 24.976851] page_type: f5(slab) [ 24.977712] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.978940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.979680] page dumped because: kasan: bad access detected [ 24.980664] [ 24.980859] Memory state around the buggy address: [ 24.981151] ffff888102957d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 24.982484] ffff888102957d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.982989] >ffff888102957e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.984329] ^ [ 24.985060] ffff888102957e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.986089] ffff888102957f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.986972] ================================================================== [ 24.989193] ================================================================== [ 24.990503] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.991238] Read of size 1 at addr ffff888102957e7f by task kunit_try_catch/201 [ 24.992701] [ 24.992883] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 24.993777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.994169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.995537] Call Trace: [ 24.995722] <TASK> [ 24.995934] dump_stack_lvl+0x73/0xb0 [ 24.996387] print_report+0xd1/0x640 [ 24.996837] ? __virt_addr_valid+0x1db/0x2d0 [ 24.997183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.997509] kasan_report+0x102/0x140 [ 24.997794] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.998966] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 24.999879] __asan_report_load1_noabort+0x18/0x20 [ 25.000754] ksize_unpoisons_memory+0x7b8/0x9b0 [ 25.001558] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.002073] ? finish_task_switch.isra.0+0x153/0x700 [ 25.002614] ? __switch_to+0x5d9/0xf60 [ 25.003026] ? __schedule+0xc70/0x27e0 [ 25.004271] ? __pfx_read_tsc+0x10/0x10 [ 25.004928] ? ktime_get_ts64+0x86/0x230 [ 25.006081] kunit_try_run_case+0x1b3/0x490 [ 25.007089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.007678] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 25.008144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.009143] ? __kthread_parkme+0x82/0x160 [ 25.009724] ? preempt_count_sub+0x50/0x80 [ 25.010163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.010898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.011592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.012149] kthread+0x257/0x310 [ 25.012989] ? __pfx_kthread+0x10/0x10 [ 25.013613] ret_from_fork+0x41/0x80 [ 25.014075] ? __pfx_kthread+0x10/0x10 [ 25.014712] ret_from_fork_asm+0x1a/0x30 [ 25.015104] </TASK> [ 25.015574] [ 25.015791] Allocated by task 201: [ 25.016144] kasan_save_stack+0x3d/0x60 [ 25.016996] kasan_save_track+0x18/0x40 [ 25.017500] kasan_save_alloc_info+0x3b/0x50 [ 25.017962] __kasan_kmalloc+0xb7/0xc0 [ 25.018272] __kmalloc_cache_noprof+0x184/0x410 [ 25.018830] ksize_unpoisons_memory+0xc8/0x9b0 [ 25.019588] kunit_try_run_case+0x1b3/0x490 [ 25.020105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.021109] kthread+0x257/0x310 [ 25.021679] ret_from_fork+0x41/0x80 [ 25.022350] ret_from_fork_asm+0x1a/0x30 [ 25.022691] [ 25.022995] The buggy address belongs to the object at ffff888102957e00 [ 25.022995] which belongs to the cache kmalloc-128 of size 128 [ 25.024044] The buggy address is located 12 bytes to the right of [ 25.024044] allocated 115-byte region [ffff888102957e00, ffff888102957e73) [ 25.025983] [ 25.026276] The buggy address belongs to the physical page: [ 25.026783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102957 [ 25.027859] flags: 0x200000000000000(node=0|zone=2) [ 25.028867] page_type: f5(slab) [ 25.029285] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.029814] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.030782] page dumped because: kasan: bad access detected [ 25.031794] [ 25.032005] Memory state around the buggy address: [ 25.032492] ffff888102957d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 25.033084] ffff888102957d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.033723] >ffff888102957e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.034982] ^ [ 25.035777] ffff888102957e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.036428] ffff888102957f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.037130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 23.038111] ================================================================== [ 23.039969] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 23.041153] Read of size 1 at addr ffff888102ac0000 by task kunit_try_catch/161 [ 23.042191] [ 23.042505] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 23.043861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.044891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.045942] Call Trace: [ 23.046621] <TASK> [ 23.046822] dump_stack_lvl+0x73/0xb0 [ 23.048060] print_report+0xd1/0x640 [ 23.048686] ? __virt_addr_valid+0x1db/0x2d0 [ 23.049612] ? kasan_addr_to_slab+0x11/0xa0 [ 23.050500] kasan_report+0x102/0x140 [ 23.051108] ? page_alloc_uaf+0x358/0x3d0 [ 23.051532] ? page_alloc_uaf+0x358/0x3d0 [ 23.052450] __asan_report_load1_noabort+0x18/0x20 [ 23.053611] page_alloc_uaf+0x358/0x3d0 [ 23.053899] ? __pfx_page_alloc_uaf+0x10/0x10 [ 23.054856] ? __schedule+0xc70/0x27e0 [ 23.055320] ? __pfx_read_tsc+0x10/0x10 [ 23.055741] ? ktime_get_ts64+0x86/0x230 [ 23.056987] kunit_try_run_case+0x1b3/0x490 [ 23.057698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.058414] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.058850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.059721] ? __kthread_parkme+0x82/0x160 [ 23.060614] ? preempt_count_sub+0x50/0x80 [ 23.061806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.062873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.063719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.064732] kthread+0x257/0x310 [ 23.065273] ? __pfx_kthread+0x10/0x10 [ 23.065795] ret_from_fork+0x41/0x80 [ 23.066685] ? __pfx_kthread+0x10/0x10 [ 23.067696] ret_from_fork_asm+0x1a/0x30 [ 23.068073] </TASK> [ 23.068703] [ 23.069358] The buggy address belongs to the physical page: [ 23.069746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac0 [ 23.072128] flags: 0x200000000000000(node=0|zone=2) [ 23.073026] page_type: f0(buddy) [ 23.073314] raw: 0200000000000000 ffff88817fffb530 ffff88817fffb530 0000000000000000 [ 23.073895] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 23.075310] page dumped because: kasan: bad access detected [ 23.076132] [ 23.076345] Memory state around the buggy address: [ 23.077556] ffff888102abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.078160] ffff888102abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.079109] >ffff888102ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.079799] ^ [ 23.080129] ffff888102ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.081044] ffff888102ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 23.081844] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 22.979166] ================================================================== [ 22.980133] BUG: KASAN: invalid-free in kfree+0x271/0x3f0 [ 22.981488] Free of addr ffff8881022e4001 by task kunit_try_catch/157 [ 22.982719] [ 22.983129] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.984241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.984736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.985921] Call Trace: [ 22.986576] <TASK> [ 22.987070] dump_stack_lvl+0x73/0xb0 [ 22.987970] print_report+0xd1/0x640 [ 22.989228] ? __virt_addr_valid+0x1db/0x2d0 [ 22.989676] ? kfree+0x271/0x3f0 [ 22.990457] ? kasan_addr_to_slab+0x11/0xa0 [ 22.991220] ? kfree+0x271/0x3f0 [ 22.991588] kasan_report_invalid_free+0xc0/0xf0 [ 22.992529] ? kfree+0x271/0x3f0 [ 22.993381] ? kfree+0x271/0x3f0 [ 22.994365] __kasan_kfree_large+0x86/0xd0 [ 22.994840] free_large_kmalloc+0x3b/0xd0 [ 22.995248] kfree+0x271/0x3f0 [ 22.995616] kmalloc_large_invalid_free+0x121/0x2b0 [ 22.996078] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 22.996624] ? __schedule+0xc70/0x27e0 [ 22.997477] ? __pfx_read_tsc+0x10/0x10 [ 22.998286] ? ktime_get_ts64+0x86/0x230 [ 22.998836] kunit_try_run_case+0x1b3/0x490 [ 22.999509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.000365] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.001089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.001602] ? __kthread_parkme+0x82/0x160 [ 23.001997] ? preempt_count_sub+0x50/0x80 [ 23.002941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.003682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.004526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.005520] kthread+0x257/0x310 [ 23.005881] ? __pfx_kthread+0x10/0x10 [ 23.006735] ret_from_fork+0x41/0x80 [ 23.007364] ? __pfx_kthread+0x10/0x10 [ 23.008028] ret_from_fork_asm+0x1a/0x30 [ 23.008904] </TASK> [ 23.009526] [ 23.009684] The buggy address belongs to the physical page: [ 23.010738] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e4 [ 23.012112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.013030] flags: 0x200000000000040(head|node=0|zone=2) [ 23.013739] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.014653] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.015278] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.016090] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 23.017046] head: 0200000000000002 ffffea000408b901 ffffffffffffffff 0000000000000000 [ 23.018043] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 23.018999] page dumped because: kasan: bad access detected [ 23.019729] [ 23.020155] Memory state around the buggy address: [ 23.020913] ffff8881022e3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.021869] ffff8881022e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.022657] >ffff8881022e4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.023248] ^ [ 23.023886] ffff8881022e4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.024738] ffff8881022e4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.025526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 22.935967] ================================================================== [ 22.937372] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 22.938172] Read of size 1 at addr ffff888102398000 by task kunit_try_catch/155 [ 22.938902] [ 22.939176] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.940608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.941459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.942517] Call Trace: [ 22.943019] <TASK> [ 22.943208] dump_stack_lvl+0x73/0xb0 [ 22.943727] print_report+0xd1/0x640 [ 22.944154] ? __virt_addr_valid+0x1db/0x2d0 [ 22.944657] ? kasan_addr_to_slab+0x11/0xa0 [ 22.945015] kasan_report+0x102/0x140 [ 22.945950] ? kmalloc_large_uaf+0x2f3/0x340 [ 22.947033] ? kmalloc_large_uaf+0x2f3/0x340 [ 22.947594] __asan_report_load1_noabort+0x18/0x20 [ 22.947980] kmalloc_large_uaf+0x2f3/0x340 [ 22.948824] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 22.949480] ? __schedule+0xc70/0x27e0 [ 22.950069] ? __pfx_read_tsc+0x10/0x10 [ 22.950616] ? ktime_get_ts64+0x86/0x230 [ 22.951422] kunit_try_run_case+0x1b3/0x490 [ 22.952436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.953220] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.953964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.954521] ? __kthread_parkme+0x82/0x160 [ 22.954926] ? preempt_count_sub+0x50/0x80 [ 22.955899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.956572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.957499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.958179] kthread+0x257/0x310 [ 22.958874] ? __pfx_kthread+0x10/0x10 [ 22.959482] ret_from_fork+0x41/0x80 [ 22.959914] ? __pfx_kthread+0x10/0x10 [ 22.960553] ret_from_fork_asm+0x1a/0x30 [ 22.961003] </TASK> [ 22.961512] [ 22.961788] The buggy address belongs to the physical page: [ 22.962657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102398 [ 22.963567] flags: 0x200000000000000(node=0|zone=2) [ 22.964133] raw: 0200000000000000 ffffea000408e708 ffff88815b13f0c0 0000000000000000 [ 22.964858] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.965731] page dumped because: kasan: bad access detected [ 22.966447] [ 22.966954] Memory state around the buggy address: [ 22.967447] ffff888102397f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.968670] ffff888102397f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.969334] >ffff888102398000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.970102] ^ [ 22.970519] ffff888102398080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.971655] ffff888102398100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.972391] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 22.882098] ================================================================== [ 22.883352] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 22.884618] Write of size 1 at addr ffff8881022e600a by task kunit_try_catch/153 [ 22.885386] [ 22.885694] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.887528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.888113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.889377] Call Trace: [ 22.889609] <TASK> [ 22.890392] dump_stack_lvl+0x73/0xb0 [ 22.891217] print_report+0xd1/0x640 [ 22.891575] ? __virt_addr_valid+0x1db/0x2d0 [ 22.891917] ? kasan_addr_to_slab+0x11/0xa0 [ 22.892482] kasan_report+0x102/0x140 [ 22.893136] ? kmalloc_large_oob_right+0x2eb/0x340 [ 22.893745] ? kmalloc_large_oob_right+0x2eb/0x340 [ 22.894321] __asan_report_store1_noabort+0x1b/0x30 [ 22.895768] kmalloc_large_oob_right+0x2eb/0x340 [ 22.896478] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 22.897001] ? __schedule+0xc70/0x27e0 [ 22.897555] ? __pfx_read_tsc+0x10/0x10 [ 22.898721] ? ktime_get_ts64+0x86/0x230 [ 22.899651] kunit_try_run_case+0x1b3/0x490 [ 22.900405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.900627] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.900926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.901843] ? __kthread_parkme+0x82/0x160 [ 22.903130] ? preempt_count_sub+0x50/0x80 [ 22.904054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.904645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.905332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.906207] kthread+0x257/0x310 [ 22.906882] ? __pfx_kthread+0x10/0x10 [ 22.907970] ret_from_fork+0x41/0x80 [ 22.908346] ? __pfx_kthread+0x10/0x10 [ 22.908896] ret_from_fork_asm+0x1a/0x30 [ 22.909372] </TASK> [ 22.909632] [ 22.909871] The buggy address belongs to the physical page: [ 22.910425] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e4 [ 22.910945] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.913119] flags: 0x200000000000040(head|node=0|zone=2) [ 22.913983] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.914955] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.915858] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.916813] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.918277] head: 0200000000000002 ffffea000408b901 ffffffffffffffff 0000000000000000 [ 22.919374] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 22.920449] page dumped because: kasan: bad access detected [ 22.921496] [ 22.922001] Memory state around the buggy address: [ 22.922668] ffff8881022e5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.924058] ffff8881022e5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.924604] >ffff8881022e6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.926430] ^ [ 22.926700] ffff8881022e6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.928221] ffff8881022e6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 22.929135] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 22.815972] ================================================================== [ 22.817205] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 22.817958] Write of size 1 at addr ffff8881029ddf00 by task kunit_try_catch/151 [ 22.818735] [ 22.819122] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.819856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.820388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.821184] Call Trace: [ 22.821887] <TASK> [ 22.822598] dump_stack_lvl+0x73/0xb0 [ 22.823549] print_report+0xd1/0x640 [ 22.824193] ? __virt_addr_valid+0x1db/0x2d0 [ 22.824658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.826348] kasan_report+0x102/0x140 [ 22.826928] ? kmalloc_big_oob_right+0x318/0x370 [ 22.827732] ? kmalloc_big_oob_right+0x318/0x370 [ 22.828526] __asan_report_store1_noabort+0x1b/0x30 [ 22.829291] kmalloc_big_oob_right+0x318/0x370 [ 22.829597] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 22.831077] ? __schedule+0xc70/0x27e0 [ 22.831484] ? __pfx_read_tsc+0x10/0x10 [ 22.831706] ? ktime_get_ts64+0x86/0x230 [ 22.832400] kunit_try_run_case+0x1b3/0x490 [ 22.833348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.834003] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.835386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.835871] ? __kthread_parkme+0x82/0x160 [ 22.836741] ? preempt_count_sub+0x50/0x80 [ 22.837614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.838594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.839129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.840010] kthread+0x257/0x310 [ 22.841091] ? __pfx_kthread+0x10/0x10 [ 22.841502] ret_from_fork+0x41/0x80 [ 22.842348] ? __pfx_kthread+0x10/0x10 [ 22.842844] ret_from_fork_asm+0x1a/0x30 [ 22.843407] </TASK> [ 22.843718] [ 22.843882] Allocated by task 151: [ 22.844655] kasan_save_stack+0x3d/0x60 [ 22.846046] kasan_save_track+0x18/0x40 [ 22.846589] kasan_save_alloc_info+0x3b/0x50 [ 22.847517] __kasan_kmalloc+0xb7/0xc0 [ 22.848384] __kmalloc_cache_noprof+0x184/0x410 [ 22.848701] kmalloc_big_oob_right+0xaa/0x370 [ 22.849025] kunit_try_run_case+0x1b3/0x490 [ 22.849530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.849895] kthread+0x257/0x310 [ 22.850379] ret_from_fork+0x41/0x80 [ 22.850995] ret_from_fork_asm+0x1a/0x30 [ 22.852096] [ 22.852759] The buggy address belongs to the object at ffff8881029dc000 [ 22.852759] which belongs to the cache kmalloc-8k of size 8192 [ 22.853836] The buggy address is located 0 bytes to the right of [ 22.853836] allocated 7936-byte region [ffff8881029dc000, ffff8881029ddf00) [ 22.856161] [ 22.856526] The buggy address belongs to the physical page: [ 22.856914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d8 [ 22.858066] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.858806] flags: 0x200000000000040(head|node=0|zone=2) [ 22.859987] page_type: f5(slab) [ 22.860799] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 22.861557] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 22.863281] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 22.864597] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 22.865804] head: 0200000000000003 ffffea00040a7601 ffffffffffffffff 0000000000000000 [ 22.866824] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 22.867804] page dumped because: kasan: bad access detected [ 22.869052] [ 22.869198] Memory state around the buggy address: [ 22.869795] ffff8881029dde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.870569] ffff8881029dde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.871870] >ffff8881029ddf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.872727] ^ [ 22.873374] ffff8881029ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.874134] ffff8881029de000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.875237] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 22.763157] ================================================================== [ 22.764360] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 22.765010] Write of size 1 at addr ffff888102954778 by task kunit_try_catch/149 [ 22.765597] [ 22.765830] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.767747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.768287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.769468] Call Trace: [ 22.769773] <TASK> [ 22.770477] dump_stack_lvl+0x73/0xb0 [ 22.770897] print_report+0xd1/0x640 [ 22.771260] ? __virt_addr_valid+0x1db/0x2d0 [ 22.771680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.772713] kasan_report+0x102/0x140 [ 22.773182] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 22.773518] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 22.774740] __asan_report_store1_noabort+0x1b/0x30 [ 22.775234] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 22.776031] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 22.776657] ? __schedule+0xc70/0x27e0 [ 22.777610] ? __pfx_read_tsc+0x10/0x10 [ 22.777909] ? ktime_get_ts64+0x86/0x230 [ 22.778661] kunit_try_run_case+0x1b3/0x490 [ 22.779319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.779733] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.780580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.781345] ? __kthread_parkme+0x82/0x160 [ 22.782504] ? preempt_count_sub+0x50/0x80 [ 22.782920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.783958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.784448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.785437] kthread+0x257/0x310 [ 22.785808] ? __pfx_kthread+0x10/0x10 [ 22.786216] ret_from_fork+0x41/0x80 [ 22.786501] ? __pfx_kthread+0x10/0x10 [ 22.786850] ret_from_fork_asm+0x1a/0x30 [ 22.787407] </TASK> [ 22.787734] [ 22.788949] Allocated by task 149: [ 22.789264] kasan_save_stack+0x3d/0x60 [ 22.790008] kasan_save_track+0x18/0x40 [ 22.790575] kasan_save_alloc_info+0x3b/0x50 [ 22.791263] __kasan_kmalloc+0xb7/0xc0 [ 22.791553] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 22.792218] kmalloc_track_caller_oob_right+0x19b/0x530 [ 22.792876] kunit_try_run_case+0x1b3/0x490 [ 22.793360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.793800] kthread+0x257/0x310 [ 22.794252] ret_from_fork+0x41/0x80 [ 22.794791] ret_from_fork_asm+0x1a/0x30 [ 22.795331] [ 22.795584] The buggy address belongs to the object at ffff888102954700 [ 22.795584] which belongs to the cache kmalloc-128 of size 128 [ 22.796824] The buggy address is located 0 bytes to the right of [ 22.796824] allocated 120-byte region [ffff888102954700, ffff888102954778) [ 22.798228] [ 22.798428] The buggy address belongs to the physical page: [ 22.799097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 22.800236] flags: 0x200000000000000(node=0|zone=2) [ 22.800642] page_type: f5(slab) [ 22.801726] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.802566] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.803607] page dumped because: kasan: bad access detected [ 22.804210] [ 22.804411] Memory state around the buggy address: [ 22.804974] ffff888102954600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.805867] ffff888102954680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.806419] >ffff888102954700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.807241] ^ [ 22.807900] ffff888102954780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.808356] ffff888102954800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.809109] ================================================================== [ 22.722206] ================================================================== [ 22.723142] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.723946] Write of size 1 at addr ffff888102954678 by task kunit_try_catch/149 [ 22.724530] [ 22.724841] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.725540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.726093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.726761] Call Trace: [ 22.727126] <TASK> [ 22.727495] dump_stack_lvl+0x73/0xb0 [ 22.727962] print_report+0xd1/0x640 [ 22.728455] ? __virt_addr_valid+0x1db/0x2d0 [ 22.728864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.729438] kasan_report+0x102/0x140 [ 22.729740] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.730400] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.730823] __asan_report_store1_noabort+0x1b/0x30 [ 22.731418] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 22.732069] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 22.732546] ? __schedule+0xc70/0x27e0 [ 22.732926] ? __pfx_read_tsc+0x10/0x10 [ 22.733427] ? ktime_get_ts64+0x86/0x230 [ 22.733962] kunit_try_run_case+0x1b3/0x490 [ 22.734514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.735053] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.735429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.736023] ? __kthread_parkme+0x82/0x160 [ 22.736344] ? preempt_count_sub+0x50/0x80 [ 22.736923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.737474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.738094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.738517] kthread+0x257/0x310 [ 22.739009] ? __pfx_kthread+0x10/0x10 [ 22.739507] ret_from_fork+0x41/0x80 [ 22.739980] ? __pfx_kthread+0x10/0x10 [ 22.740272] ret_from_fork_asm+0x1a/0x30 [ 22.740640] </TASK> [ 22.741011] [ 22.741253] Allocated by task 149: [ 22.741702] kasan_save_stack+0x3d/0x60 [ 22.742237] kasan_save_track+0x18/0x40 [ 22.742644] kasan_save_alloc_info+0x3b/0x50 [ 22.743189] __kasan_kmalloc+0xb7/0xc0 [ 22.743537] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 22.744145] kmalloc_track_caller_oob_right+0x9a/0x530 [ 22.744814] kunit_try_run_case+0x1b3/0x490 [ 22.745171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.745700] kthread+0x257/0x310 [ 22.746023] ret_from_fork+0x41/0x80 [ 22.746290] ret_from_fork_asm+0x1a/0x30 [ 22.746849] [ 22.747107] The buggy address belongs to the object at ffff888102954600 [ 22.747107] which belongs to the cache kmalloc-128 of size 128 [ 22.747990] The buggy address is located 0 bytes to the right of [ 22.747990] allocated 120-byte region [ffff888102954600, ffff888102954678) [ 22.749270] [ 22.749542] The buggy address belongs to the physical page: [ 22.750040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 22.750705] flags: 0x200000000000000(node=0|zone=2) [ 22.751081] page_type: f5(slab) [ 22.751420] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.752398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.754057] page dumped because: kasan: bad access detected [ 22.754556] [ 22.754705] Memory state around the buggy address: [ 22.755578] ffff888102954500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 22.756551] ffff888102954580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.757471] >ffff888102954600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.758680] ^ [ 22.759085] ffff888102954680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.759441] ffff888102954700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.760886] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 22.650921] ================================================================== [ 22.651658] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 22.653109] Read of size 1 at addr ffff8881027e7000 by task kunit_try_catch/147 [ 22.654778] [ 22.655051] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.656485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.656753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.658481] Call Trace: [ 22.658733] <TASK> [ 22.659258] dump_stack_lvl+0x73/0xb0 [ 22.660047] print_report+0xd1/0x640 [ 22.660550] ? __virt_addr_valid+0x1db/0x2d0 [ 22.661625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.662197] kasan_report+0x102/0x140 [ 22.663355] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 22.664500] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 22.665004] __asan_report_load1_noabort+0x18/0x20 [ 22.665483] kmalloc_node_oob_right+0x36b/0x3d0 [ 22.665905] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 22.666878] ? __schedule+0xc70/0x27e0 [ 22.667496] ? __pfx_read_tsc+0x10/0x10 [ 22.668090] ? ktime_get_ts64+0x86/0x230 [ 22.668723] kunit_try_run_case+0x1b3/0x490 [ 22.670282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.670763] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.671673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.672632] ? __kthread_parkme+0x82/0x160 [ 22.673256] ? preempt_count_sub+0x50/0x80 [ 22.674203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.674782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.675783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.676418] kthread+0x257/0x310 [ 22.677411] ? __pfx_kthread+0x10/0x10 [ 22.677990] ret_from_fork+0x41/0x80 [ 22.678331] ? __pfx_kthread+0x10/0x10 [ 22.678817] ret_from_fork_asm+0x1a/0x30 [ 22.679457] </TASK> [ 22.679858] [ 22.680074] Allocated by task 147: [ 22.680640] kasan_save_stack+0x3d/0x60 [ 22.681546] kasan_save_track+0x18/0x40 [ 22.681913] kasan_save_alloc_info+0x3b/0x50 [ 22.683221] __kasan_kmalloc+0xb7/0xc0 [ 22.684324] __kmalloc_cache_node_noprof+0x183/0x410 [ 22.684893] kmalloc_node_oob_right+0xac/0x3d0 [ 22.685771] kunit_try_run_case+0x1b3/0x490 [ 22.686547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.687256] kthread+0x257/0x310 [ 22.687719] ret_from_fork+0x41/0x80 [ 22.688382] ret_from_fork_asm+0x1a/0x30 [ 22.689511] [ 22.690039] The buggy address belongs to the object at ffff8881027e6000 [ 22.690039] which belongs to the cache kmalloc-4k of size 4096 [ 22.691618] The buggy address is located 0 bytes to the right of [ 22.691618] allocated 4096-byte region [ffff8881027e6000, ffff8881027e7000) [ 22.693932] [ 22.694152] The buggy address belongs to the physical page: [ 22.695348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e0 [ 22.696331] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.697962] flags: 0x200000000000040(head|node=0|zone=2) [ 22.699153] page_type: f5(slab) [ 22.699659] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 22.700626] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 22.701595] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 22.702148] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 22.703456] head: 0200000000000003 ffffea000409f801 ffffffffffffffff 0000000000000000 [ 22.703758] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 22.706224] page dumped because: kasan: bad access detected [ 22.706709] [ 22.707514] Memory state around the buggy address: [ 22.707894] ffff8881027e6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.709067] ffff8881027e6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.709922] >ffff8881027e7000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.710955] ^ [ 22.711663] ffff8881027e7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.713087] ffff8881027e7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.713770] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 22.554586] ================================================================== [ 22.555971] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 22.557022] Read of size 1 at addr ffff88810109471f by task kunit_try_catch/145 [ 22.559073] [ 22.559269] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.13.0-rc2-next-20241209 #1 [ 22.561980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.562871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.563762] Call Trace: [ 22.564627] <TASK> [ 22.565072] dump_stack_lvl+0x73/0xb0 [ 22.566283] print_report+0xd1/0x640 [ 22.566985] ? __virt_addr_valid+0x1db/0x2d0 [ 22.567329] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.568076] kasan_report+0x102/0x140 [ 22.568673] ? kmalloc_oob_left+0x363/0x3c0 [ 22.570006] ? kmalloc_oob_left+0x363/0x3c0 [ 22.570588] __asan_report_load1_noabort+0x18/0x20 [ 22.571043] kmalloc_oob_left+0x363/0x3c0 [ 22.571785] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 22.572202] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 22.572971] kunit_try_run_case+0x1b3/0x490 [ 22.574012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.574981] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.575504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.576626] ? __kthread_parkme+0x82/0x160 [ 22.577267] ? preempt_count_sub+0x50/0x80 [ 22.578253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.578539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.578805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.580474] kthread+0x257/0x310 [ 22.580974] ? __pfx_kthread+0x10/0x10 [ 22.582329] ret_from_fork+0x41/0x80 [ 22.583375] ? __pfx_kthread+0x10/0x10 [ 22.583836] ret_from_fork_asm+0x1a/0x30 [ 22.584525] </TASK> [ 22.584774] [ 22.585019] Allocated by task 43: [ 22.586011] kasan_save_stack+0x3d/0x60 [ 22.587059] kasan_save_track+0x18/0x40 [ 22.588027] kasan_save_alloc_info+0x3b/0x50 [ 22.588429] __kasan_kmalloc+0xb7/0xc0 [ 22.588846] __kmalloc_node_track_caller_noprof+0x1c6/0x500 [ 22.589700] kvasprintf+0xc6/0x150 [ 22.590442] kasprintf+0xb3/0xe0 [ 22.590695] input_devnode+0x46/0x80 [ 22.591158] device_get_devnode+0x145/0x2a0 [ 22.592161] dev_uevent+0x38d/0x680 [ 22.592530] kobject_uevent_env+0x50d/0xff0 [ 22.593707] kobject_uevent+0xf/0x20 [ 22.594134] device_add+0xe49/0x1820 [ 22.594840] cdev_device_add+0xab/0x1c0 [ 22.595277] evdev_connect+0x356/0x480 [ 22.595676] input_attach_handler.isra.0+0x117/0x1f0 [ 22.596763] input_register_device+0x724/0xe00 [ 22.597533] psmouse_connect+0x6ed/0xe30 [ 22.598566] serio_driver_probe+0x7a/0xb0 [ 22.599513] really_probe+0x1d4/0x920 [ 22.599871] __driver_probe_device+0x18f/0x3e0 [ 22.600434] driver_probe_device+0x4f/0x130 [ 22.601212] __driver_attach+0x1eb/0x4b0 [ 22.601632] bus_for_each_dev+0x112/0x1a0 [ 22.602163] driver_attach+0x41/0x60 [ 22.602547] serio_handle_event+0x254/0x940 [ 22.603502] process_one_work+0x5ee/0xf60 [ 22.603991] worker_thread+0x720/0x1300 [ 22.604867] kthread+0x257/0x310 [ 22.605552] ret_from_fork+0x41/0x80 [ 22.605837] ret_from_fork_asm+0x1a/0x30 [ 22.606587] [ 22.606829] Freed by task 43: [ 22.607201] kasan_save_stack+0x3d/0x60 [ 22.607595] kasan_save_track+0x18/0x40 [ 22.608642] kasan_save_free_info+0x3f/0x60 [ 22.608954] __kasan_slab_free+0x56/0x70 [ 22.609660] kfree+0x123/0x3f0 [ 22.610491] dev_uevent+0x3db/0x680 [ 22.611033] kobject_uevent_env+0x50d/0xff0 [ 22.611562] kobject_uevent+0xf/0x20 [ 22.612001] device_add+0xe49/0x1820 [ 22.613144] cdev_device_add+0xab/0x1c0 [ 22.613895] evdev_connect+0x356/0x480 [ 22.614660] input_attach_handler.isra.0+0x117/0x1f0 [ 22.615338] input_register_device+0x724/0xe00 [ 22.616117] psmouse_connect+0x6ed/0xe30 [ 22.617176] serio_driver_probe+0x7a/0xb0 [ 22.617615] really_probe+0x1d4/0x920 [ 22.618073] __driver_probe_device+0x18f/0x3e0 [ 22.619062] driver_probe_device+0x4f/0x130 [ 22.619635] __driver_attach+0x1eb/0x4b0 [ 22.620586] bus_for_each_dev+0x112/0x1a0 [ 22.621424] driver_attach+0x41/0x60 [ 22.621754] serio_handle_event+0x254/0x940 [ 22.622131] process_one_work+0x5ee/0xf60 [ 22.622559] worker_thread+0x720/0x1300 [ 22.622942] kthread+0x257/0x310 [ 22.623261] ret_from_fork+0x41/0x80 [ 22.624790] ret_from_fork_asm+0x1a/0x30 [ 22.625408] [ 22.625625] The buggy address belongs to the object at ffff888101094700 [ 22.625625] which belongs to the cache kmalloc-16 of size 16 [ 22.627144] The buggy address is located 15 bytes to the right of [ 22.627144] allocated 16-byte region [ffff888101094700, ffff888101094710) [ 22.629337] [ 22.629712] The buggy address belongs to the physical page: [ 22.630662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101094 [ 22.631686] flags: 0x200000000000000(node=0|zone=2) [ 22.632278] page_type: f5(slab) [ 22.632787] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.634152] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.634812] page dumped because: kasan: bad access detected [ 22.636148] [ 22.636756] Memory state around the buggy address: [ 22.637702] ffff888101094600: fa fb fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 22.638808] ffff888101094680: 00 02 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 22.640716] >ffff888101094700: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 22.641088] ^ [ 22.641889] ffff888101094780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.643198] ffff888101094800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.644312] ==================================================================