Date
March 19, 2025, 10:35 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 22.588947] ================================================================== [ 22.589863] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 22.590357] Read of size 1 at addr ffff88810305a800 by task kunit_try_catch/217 [ 22.590780] [ 22.591036] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.591211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.591249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.591335] Call Trace: [ 22.591373] <TASK> [ 22.591409] dump_stack_lvl+0x73/0xb0 [ 22.591516] print_report+0xd1/0x660 [ 22.591579] ? __virt_addr_valid+0x1db/0x2d0 [ 22.591742] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.591812] kasan_report+0x104/0x140 [ 22.591867] ? ksize_uaf+0x19d/0x6c0 [ 22.591924] ? ksize_uaf+0x19d/0x6c0 [ 22.591997] ? ksize_uaf+0x19d/0x6c0 [ 22.592053] __kasan_check_byte+0x3d/0x50 [ 22.592134] ksize+0x20/0x60 [ 22.592191] ksize_uaf+0x19d/0x6c0 [ 22.592244] ? __pfx_ksize_uaf+0x10/0x10 [ 22.592300] ? __schedule+0xd46/0x29c0 [ 22.592356] ? __pfx_read_tsc+0x10/0x10 [ 22.592411] ? ktime_get_ts64+0x86/0x240 [ 22.593864] kunit_try_run_case+0x1b2/0x490 [ 22.593969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.594028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.594085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.594296] ? __kthread_parkme+0x82/0x160 [ 22.594387] ? preempt_count_sub+0x50/0x80 [ 22.594459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.594526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.594586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.595186] kthread+0x323/0x710 [ 22.595310] ? trace_preempt_on+0x20/0xc0 [ 22.595391] ? __pfx_kthread+0x10/0x10 [ 22.595451] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.595506] ? calculate_sigpending+0x7b/0xa0 [ 22.595564] ? __pfx_kthread+0x10/0x10 [ 22.595650] ret_from_fork+0x41/0x80 [ 22.596000] ? __pfx_kthread+0x10/0x10 [ 22.596098] ret_from_fork_asm+0x1a/0x30 [ 22.596234] </TASK> [ 22.596262] [ 22.618477] Allocated by task 217: [ 22.618620] kasan_save_stack+0x3d/0x60 [ 22.618777] kasan_save_track+0x18/0x40 [ 22.618920] kasan_save_alloc_info+0x3b/0x50 [ 22.619663] __kasan_kmalloc+0xb7/0xc0 [ 22.620395] __kmalloc_cache_noprof+0x183/0x410 [ 22.621188] ksize_uaf+0xaa/0x6c0 [ 22.621667] kunit_try_run_case+0x1b2/0x490 [ 22.622477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.623313] kthread+0x323/0x710 [ 22.624087] ret_from_fork+0x41/0x80 [ 22.624505] ret_from_fork_asm+0x1a/0x30 [ 22.624805] [ 22.625025] Freed by task 217: [ 22.625349] kasan_save_stack+0x3d/0x60 [ 22.625640] kasan_save_track+0x18/0x40 [ 22.626054] kasan_save_free_info+0x3f/0x60 [ 22.626920] __kasan_slab_free+0x56/0x70 [ 22.627285] kfree+0x222/0x3f0 [ 22.627669] ksize_uaf+0x12c/0x6c0 [ 22.628333] kunit_try_run_case+0x1b2/0x490 [ 22.629007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.629547] kthread+0x323/0x710 [ 22.630137] ret_from_fork+0x41/0x80 [ 22.630584] ret_from_fork_asm+0x1a/0x30 [ 22.631168] [ 22.631391] The buggy address belongs to the object at ffff88810305a800 [ 22.631391] which belongs to the cache kmalloc-128 of size 128 [ 22.632423] The buggy address is located 0 bytes inside of [ 22.632423] freed 128-byte region [ffff88810305a800, ffff88810305a880) [ 22.633654] [ 22.634140] The buggy address belongs to the physical page: [ 22.634512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 22.635452] flags: 0x200000000000000(node=0|zone=2) [ 22.636237] page_type: f5(slab) [ 22.636557] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.637381] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.638188] page dumped because: kasan: bad access detected [ 22.638874] [ 22.639097] Memory state around the buggy address: [ 22.639664] ffff88810305a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.641145] ffff88810305a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.641621] >ffff88810305a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.642440] ^ [ 22.643099] ffff88810305a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.643581] ffff88810305a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.644441] ================================================================== [ 22.698783] ================================================================== [ 22.699700] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 22.700407] Read of size 1 at addr ffff88810305a878 by task kunit_try_catch/217 [ 22.700797] [ 22.701051] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.701197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.701231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.701386] Call Trace: [ 22.701430] <TASK> [ 22.701464] dump_stack_lvl+0x73/0xb0 [ 22.701541] print_report+0xd1/0x660 [ 22.701603] ? __virt_addr_valid+0x1db/0x2d0 [ 22.701722] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.702235] kasan_report+0x104/0x140 [ 22.702346] ? ksize_uaf+0x5e4/0x6c0 [ 22.702419] ? ksize_uaf+0x5e4/0x6c0 [ 22.702489] __asan_report_load1_noabort+0x18/0x20 [ 22.702550] ksize_uaf+0x5e4/0x6c0 [ 22.702608] ? __pfx_ksize_uaf+0x10/0x10 [ 22.702690] ? __schedule+0xd46/0x29c0 [ 22.702775] ? __pfx_read_tsc+0x10/0x10 [ 22.702834] ? ktime_get_ts64+0x86/0x240 [ 22.703064] kunit_try_run_case+0x1b2/0x490 [ 22.703198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.703291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.703354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.703409] ? __kthread_parkme+0x82/0x160 [ 22.703442] ? preempt_count_sub+0x50/0x80 [ 22.703481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.703515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.703570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.703662] kthread+0x323/0x710 [ 22.703759] ? trace_preempt_on+0x20/0xc0 [ 22.703820] ? __pfx_kthread+0x10/0x10 [ 22.703882] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.703946] ? calculate_sigpending+0x7b/0xa0 [ 22.704271] ? __pfx_kthread+0x10/0x10 [ 22.704349] ret_from_fork+0x41/0x80 [ 22.704409] ? __pfx_kthread+0x10/0x10 [ 22.704519] ret_from_fork_asm+0x1a/0x30 [ 22.704616] </TASK> [ 22.704643] [ 22.719518] Allocated by task 217: [ 22.720238] kasan_save_stack+0x3d/0x60 [ 22.720826] kasan_save_track+0x18/0x40 [ 22.721244] kasan_save_alloc_info+0x3b/0x50 [ 22.721733] __kasan_kmalloc+0xb7/0xc0 [ 22.722715] __kmalloc_cache_noprof+0x183/0x410 [ 22.723366] ksize_uaf+0xaa/0x6c0 [ 22.723720] kunit_try_run_case+0x1b2/0x490 [ 22.724025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.724799] kthread+0x323/0x710 [ 22.725283] ret_from_fork+0x41/0x80 [ 22.725690] ret_from_fork_asm+0x1a/0x30 [ 22.726599] [ 22.726934] Freed by task 217: [ 22.727196] kasan_save_stack+0x3d/0x60 [ 22.727676] kasan_save_track+0x18/0x40 [ 22.728420] kasan_save_free_info+0x3f/0x60 [ 22.729214] __kasan_slab_free+0x56/0x70 [ 22.729554] kfree+0x222/0x3f0 [ 22.730486] ksize_uaf+0x12c/0x6c0 [ 22.731049] kunit_try_run_case+0x1b2/0x490 [ 22.731446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.732030] kthread+0x323/0x710 [ 22.732805] ret_from_fork+0x41/0x80 [ 22.733198] ret_from_fork_asm+0x1a/0x30 [ 22.733671] [ 22.733843] The buggy address belongs to the object at ffff88810305a800 [ 22.733843] which belongs to the cache kmalloc-128 of size 128 [ 22.734436] The buggy address is located 120 bytes inside of [ 22.734436] freed 128-byte region [ffff88810305a800, ffff88810305a880) [ 22.735004] [ 22.735210] The buggy address belongs to the physical page: [ 22.736252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 22.737634] flags: 0x200000000000000(node=0|zone=2) [ 22.738249] page_type: f5(slab) [ 22.738594] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.740306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.740809] page dumped because: kasan: bad access detected [ 22.741484] [ 22.741754] Memory state around the buggy address: [ 22.742099] ffff88810305a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.743032] ffff88810305a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.743602] >ffff88810305a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.744004] ^ [ 22.744613] ffff88810305a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.745786] ffff88810305a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.746447] ================================================================== [ 22.648044] ================================================================== [ 22.649198] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 22.650312] Read of size 1 at addr ffff88810305a800 by task kunit_try_catch/217 [ 22.650810] [ 22.651642] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.652073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.652098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.652152] Call Trace: [ 22.652171] <TASK> [ 22.652193] dump_stack_lvl+0x73/0xb0 [ 22.652235] print_report+0xd1/0x660 [ 22.652269] ? __virt_addr_valid+0x1db/0x2d0 [ 22.652332] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.652367] kasan_report+0x104/0x140 [ 22.652396] ? ksize_uaf+0x5fe/0x6c0 [ 22.652428] ? ksize_uaf+0x5fe/0x6c0 [ 22.652467] __asan_report_load1_noabort+0x18/0x20 [ 22.652496] ksize_uaf+0x5fe/0x6c0 [ 22.652526] ? __pfx_ksize_uaf+0x10/0x10 [ 22.652558] ? __schedule+0xd46/0x29c0 [ 22.652588] ? __pfx_read_tsc+0x10/0x10 [ 22.652617] ? ktime_get_ts64+0x86/0x240 [ 22.652653] kunit_try_run_case+0x1b2/0x490 [ 22.652745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.652835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.652894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.652950] ? __kthread_parkme+0x82/0x160 [ 22.653001] ? preempt_count_sub+0x50/0x80 [ 22.653066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.653103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.653175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.653209] kthread+0x323/0x710 [ 22.653239] ? trace_preempt_on+0x20/0xc0 [ 22.653274] ? __pfx_kthread+0x10/0x10 [ 22.653305] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.653334] ? calculate_sigpending+0x7b/0xa0 [ 22.653364] ? __pfx_kthread+0x10/0x10 [ 22.653396] ret_from_fork+0x41/0x80 [ 22.653426] ? __pfx_kthread+0x10/0x10 [ 22.653457] ret_from_fork_asm+0x1a/0x30 [ 22.653503] </TASK> [ 22.653519] [ 22.672826] Allocated by task 217: [ 22.673267] kasan_save_stack+0x3d/0x60 [ 22.673837] kasan_save_track+0x18/0x40 [ 22.674614] kasan_save_alloc_info+0x3b/0x50 [ 22.675182] __kasan_kmalloc+0xb7/0xc0 [ 22.675763] __kmalloc_cache_noprof+0x183/0x410 [ 22.676338] ksize_uaf+0xaa/0x6c0 [ 22.676806] kunit_try_run_case+0x1b2/0x490 [ 22.677368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.678044] kthread+0x323/0x710 [ 22.678468] ret_from_fork+0x41/0x80 [ 22.679026] ret_from_fork_asm+0x1a/0x30 [ 22.679566] [ 22.679948] Freed by task 217: [ 22.680369] kasan_save_stack+0x3d/0x60 [ 22.680830] kasan_save_track+0x18/0x40 [ 22.681167] kasan_save_free_info+0x3f/0x60 [ 22.681782] __kasan_slab_free+0x56/0x70 [ 22.682326] kfree+0x222/0x3f0 [ 22.682794] ksize_uaf+0x12c/0x6c0 [ 22.683304] kunit_try_run_case+0x1b2/0x490 [ 22.683905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.684574] kthread+0x323/0x710 [ 22.685094] ret_from_fork+0x41/0x80 [ 22.685610] ret_from_fork_asm+0x1a/0x30 [ 22.686194] [ 22.686373] The buggy address belongs to the object at ffff88810305a800 [ 22.686373] which belongs to the cache kmalloc-128 of size 128 [ 22.687813] The buggy address is located 0 bytes inside of [ 22.687813] freed 128-byte region [ffff88810305a800, ffff88810305a880) [ 22.689178] [ 22.689462] The buggy address belongs to the physical page: [ 22.689809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 22.690241] flags: 0x200000000000000(node=0|zone=2) [ 22.690541] page_type: f5(slab) [ 22.690980] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.691806] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.692611] page dumped because: kasan: bad access detected [ 22.693181] [ 22.693404] Memory state around the buggy address: [ 22.694023] ffff88810305a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.694608] ffff88810305a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.694985] >ffff88810305a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.695603] ^ [ 22.696042] ffff88810305a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.696727] ffff88810305a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.697772] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 22.535135] ================================================================== [ 22.536003] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 22.537572] Read of size 1 at addr ffff88810305a77f by task kunit_try_catch/215 [ 22.538420] [ 22.538686] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.538835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.538869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.539103] Call Trace: [ 22.539167] <TASK> [ 22.539203] dump_stack_lvl+0x73/0xb0 [ 22.539313] print_report+0xd1/0x660 [ 22.539414] ? __virt_addr_valid+0x1db/0x2d0 [ 22.539580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.539687] kasan_report+0x104/0x140 [ 22.539749] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 22.540214] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 22.540323] __asan_report_load1_noabort+0x18/0x20 [ 22.540387] ksize_unpoisons_memory+0x7b6/0x9b0 [ 22.540457] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 22.540522] ? finish_task_switch.isra.0+0x153/0x730 [ 22.540585] ? __switch_to+0x5d9/0xf70 [ 22.540655] ? __schedule+0xd46/0x29c0 [ 22.540750] ? __pfx_read_tsc+0x10/0x10 [ 22.540819] ? ktime_get_ts64+0x86/0x240 [ 22.540887] kunit_try_run_case+0x1b2/0x490 [ 22.541165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.541231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.541293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.541391] ? __kthread_parkme+0x82/0x160 [ 22.541466] ? preempt_count_sub+0x50/0x80 [ 22.541535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.541599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.541660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.541748] kthread+0x323/0x710 [ 22.541820] ? trace_preempt_on+0x20/0xc0 [ 22.541884] ? __pfx_kthread+0x10/0x10 [ 22.541939] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.541969] ? calculate_sigpending+0x7b/0xa0 [ 22.542000] ? __pfx_kthread+0x10/0x10 [ 22.542032] ret_from_fork+0x41/0x80 [ 22.542064] ? __pfx_kthread+0x10/0x10 [ 22.542095] ret_from_fork_asm+0x1a/0x30 [ 22.542165] </TASK> [ 22.542181] [ 22.558231] Allocated by task 215: [ 22.558460] kasan_save_stack+0x3d/0x60 [ 22.558732] kasan_save_track+0x18/0x40 [ 22.559855] kasan_save_alloc_info+0x3b/0x50 [ 22.560395] __kasan_kmalloc+0xb7/0xc0 [ 22.561071] __kmalloc_cache_noprof+0x183/0x410 [ 22.561575] ksize_unpoisons_memory+0xc7/0x9b0 [ 22.562345] kunit_try_run_case+0x1b2/0x490 [ 22.562707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.563140] kthread+0x323/0x710 [ 22.563949] ret_from_fork+0x41/0x80 [ 22.564402] ret_from_fork_asm+0x1a/0x30 [ 22.565055] [ 22.565310] The buggy address belongs to the object at ffff88810305a700 [ 22.565310] which belongs to the cache kmalloc-128 of size 128 [ 22.567044] The buggy address is located 12 bytes to the right of [ 22.567044] allocated 115-byte region [ffff88810305a700, ffff88810305a773) [ 22.568261] [ 22.568465] The buggy address belongs to the physical page: [ 22.569096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 22.569808] flags: 0x200000000000000(node=0|zone=2) [ 22.570550] page_type: f5(slab) [ 22.571562] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.573527] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.574990] page dumped because: kasan: bad access detected [ 22.577211] [ 22.577454] Memory state around the buggy address: [ 22.577843] ffff88810305a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.578397] ffff88810305a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.579445] >ffff88810305a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.580074] ^ [ 22.580524] ffff88810305a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.581295] ffff88810305a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.581871] ================================================================== [ 22.488476] ================================================================== [ 22.489352] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 22.490401] Read of size 1 at addr ffff88810305a778 by task kunit_try_catch/215 [ 22.491008] [ 22.491395] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.491542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.491578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.491656] Call Trace: [ 22.491690] <TASK> [ 22.491725] dump_stack_lvl+0x73/0xb0 [ 22.491801] print_report+0xd1/0x660 [ 22.491866] ? __virt_addr_valid+0x1db/0x2d0 [ 22.491998] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.492072] kasan_report+0x104/0x140 [ 22.492172] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 22.492335] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 22.492422] __asan_report_load1_noabort+0x18/0x20 [ 22.492485] ksize_unpoisons_memory+0x7e9/0x9b0 [ 22.492555] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 22.492619] ? finish_task_switch.isra.0+0x153/0x730 [ 22.492683] ? __switch_to+0x5d9/0xf70 [ 22.492757] ? __schedule+0xd46/0x29c0 [ 22.492818] ? __pfx_read_tsc+0x10/0x10 [ 22.492875] ? ktime_get_ts64+0x86/0x240 [ 22.492944] kunit_try_run_case+0x1b2/0x490 [ 22.493010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.493429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.493538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.493637] ? __kthread_parkme+0x82/0x160 [ 22.493834] ? preempt_count_sub+0x50/0x80 [ 22.493934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.493983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.494019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.494053] kthread+0x323/0x710 [ 22.494083] ? trace_preempt_on+0x20/0xc0 [ 22.494149] ? __pfx_kthread+0x10/0x10 [ 22.494194] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.494225] ? calculate_sigpending+0x7b/0xa0 [ 22.494255] ? __pfx_kthread+0x10/0x10 [ 22.494287] ret_from_fork+0x41/0x80 [ 22.494318] ? __pfx_kthread+0x10/0x10 [ 22.494349] ret_from_fork_asm+0x1a/0x30 [ 22.494396] </TASK> [ 22.494411] [ 22.511088] Allocated by task 215: [ 22.511837] kasan_save_stack+0x3d/0x60 [ 22.512151] kasan_save_track+0x18/0x40 [ 22.512423] kasan_save_alloc_info+0x3b/0x50 [ 22.514597] __kasan_kmalloc+0xb7/0xc0 [ 22.515229] __kmalloc_cache_noprof+0x183/0x410 [ 22.516016] ksize_unpoisons_memory+0xc7/0x9b0 [ 22.516541] kunit_try_run_case+0x1b2/0x490 [ 22.517425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.517941] kthread+0x323/0x710 [ 22.518502] ret_from_fork+0x41/0x80 [ 22.519240] ret_from_fork_asm+0x1a/0x30 [ 22.519882] [ 22.520144] The buggy address belongs to the object at ffff88810305a700 [ 22.520144] which belongs to the cache kmalloc-128 of size 128 [ 22.521398] The buggy address is located 5 bytes to the right of [ 22.521398] allocated 115-byte region [ffff88810305a700, ffff88810305a773) [ 22.522763] [ 22.522994] The buggy address belongs to the physical page: [ 22.523636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 22.524321] flags: 0x200000000000000(node=0|zone=2) [ 22.525325] page_type: f5(slab) [ 22.525703] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.526713] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.527316] page dumped because: kasan: bad access detected [ 22.527962] [ 22.528204] Memory state around the buggy address: [ 22.528577] ffff88810305a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.528956] ffff88810305a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.529685] >ffff88810305a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.531157] ^ [ 22.531743] ffff88810305a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.532349] ffff88810305a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.533512] ================================================================== [ 22.438194] ================================================================== [ 22.439023] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 22.439685] Read of size 1 at addr ffff88810305a773 by task kunit_try_catch/215 [ 22.440576] [ 22.440842] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.440966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.441001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.441055] Call Trace: [ 22.441089] <TASK> [ 22.441149] dump_stack_lvl+0x73/0xb0 [ 22.441433] print_report+0xd1/0x660 [ 22.441562] ? __virt_addr_valid+0x1db/0x2d0 [ 22.441943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.442006] kasan_report+0x104/0x140 [ 22.442038] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 22.442075] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 22.442148] __asan_report_load1_noabort+0x18/0x20 [ 22.442205] ksize_unpoisons_memory+0x81c/0x9b0 [ 22.442271] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 22.442334] ? finish_task_switch.isra.0+0x153/0x730 [ 22.442399] ? __switch_to+0x5d9/0xf70 [ 22.442475] ? __schedule+0xd46/0x29c0 [ 22.442535] ? __pfx_read_tsc+0x10/0x10 [ 22.442593] ? ktime_get_ts64+0x86/0x240 [ 22.442665] kunit_try_run_case+0x1b2/0x490 [ 22.442738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.442854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.442933] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.442970] ? __kthread_parkme+0x82/0x160 [ 22.443002] ? preempt_count_sub+0x50/0x80 [ 22.443038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.443072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.443106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.443162] kthread+0x323/0x710 [ 22.443192] ? trace_preempt_on+0x20/0xc0 [ 22.443227] ? __pfx_kthread+0x10/0x10 [ 22.443257] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.443286] ? calculate_sigpending+0x7b/0xa0 [ 22.443317] ? __pfx_kthread+0x10/0x10 [ 22.443348] ret_from_fork+0x41/0x80 [ 22.443378] ? __pfx_kthread+0x10/0x10 [ 22.443409] ret_from_fork_asm+0x1a/0x30 [ 22.443456] </TASK> [ 22.443471] [ 22.465445] Allocated by task 215: [ 22.465696] kasan_save_stack+0x3d/0x60 [ 22.466654] kasan_save_track+0x18/0x40 [ 22.467151] kasan_save_alloc_info+0x3b/0x50 [ 22.468435] __kasan_kmalloc+0xb7/0xc0 [ 22.468856] __kmalloc_cache_noprof+0x183/0x410 [ 22.469731] ksize_unpoisons_memory+0xc7/0x9b0 [ 22.470219] kunit_try_run_case+0x1b2/0x490 [ 22.470542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.471486] kthread+0x323/0x710 [ 22.472322] ret_from_fork+0x41/0x80 [ 22.472734] ret_from_fork_asm+0x1a/0x30 [ 22.473186] [ 22.473466] The buggy address belongs to the object at ffff88810305a700 [ 22.473466] which belongs to the cache kmalloc-128 of size 128 [ 22.474916] The buggy address is located 0 bytes to the right of [ 22.474916] allocated 115-byte region [ffff88810305a700, ffff88810305a773) [ 22.476321] [ 22.476580] The buggy address belongs to the physical page: [ 22.477215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 22.477904] flags: 0x200000000000000(node=0|zone=2) [ 22.478571] page_type: f5(slab) [ 22.479044] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.480261] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.481568] page dumped because: kasan: bad access detected [ 22.482234] [ 22.482454] Memory state around the buggy address: [ 22.482816] ffff88810305a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.483442] ffff88810305a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.484296] >ffff88810305a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 22.484766] ^ [ 22.485503] ffff88810305a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.486508] ffff88810305a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.487288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 22.374271] ================================================================== [ 22.375304] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 22.376434] Free of addr ffff8881025519a0 by task kunit_try_catch/213 [ 22.377483] [ 22.378366] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.378489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.378522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.378922] Call Trace: [ 22.378951] <TASK> [ 22.378973] dump_stack_lvl+0x73/0xb0 [ 22.379018] print_report+0xd1/0x660 [ 22.379051] ? __virt_addr_valid+0x1db/0x2d0 [ 22.379140] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.379177] ? kfree_sensitive+0x2e/0x90 [ 22.379207] kasan_report_invalid_free+0xce/0x100 [ 22.379243] ? kfree_sensitive+0x2e/0x90 [ 22.379277] ? kfree_sensitive+0x2e/0x90 [ 22.379307] check_slab_allocation+0x101/0x130 [ 22.379340] __kasan_slab_pre_free+0x28/0x40 [ 22.379371] kfree+0xf0/0x3f0 [ 22.379398] ? kfree_sensitive+0x2e/0x90 [ 22.379431] kfree_sensitive+0x2e/0x90 [ 22.379461] kmalloc_double_kzfree+0x19c/0x350 [ 22.379495] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 22.379529] ? __schedule+0xd46/0x29c0 [ 22.379561] ? __pfx_read_tsc+0x10/0x10 [ 22.379600] ? ktime_get_ts64+0x86/0x240 [ 22.379655] kunit_try_run_case+0x1b2/0x490 [ 22.379743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.379782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.379816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.379849] ? __kthread_parkme+0x82/0x160 [ 22.379882] ? preempt_count_sub+0x50/0x80 [ 22.379919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.379964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.379998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.380030] kthread+0x323/0x710 [ 22.380060] ? trace_preempt_on+0x20/0xc0 [ 22.380092] ? __pfx_kthread+0x10/0x10 [ 22.380145] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.380176] ? calculate_sigpending+0x7b/0xa0 [ 22.380207] ? __pfx_kthread+0x10/0x10 [ 22.380239] ret_from_fork+0x41/0x80 [ 22.380271] ? __pfx_kthread+0x10/0x10 [ 22.380302] ret_from_fork_asm+0x1a/0x30 [ 22.380348] </TASK> [ 22.380364] [ 22.402750] Allocated by task 213: [ 22.403258] kasan_save_stack+0x3d/0x60 [ 22.403672] kasan_save_track+0x18/0x40 [ 22.404328] kasan_save_alloc_info+0x3b/0x50 [ 22.404808] __kasan_kmalloc+0xb7/0xc0 [ 22.405083] __kmalloc_cache_noprof+0x183/0x410 [ 22.405469] kmalloc_double_kzfree+0xa9/0x350 [ 22.406239] kunit_try_run_case+0x1b2/0x490 [ 22.406887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.407687] kthread+0x323/0x710 [ 22.408106] ret_from_fork+0x41/0x80 [ 22.409134] ret_from_fork_asm+0x1a/0x30 [ 22.409441] [ 22.409927] Freed by task 213: [ 22.410308] kasan_save_stack+0x3d/0x60 [ 22.410765] kasan_save_track+0x18/0x40 [ 22.411655] kasan_save_free_info+0x3f/0x60 [ 22.412340] __kasan_slab_free+0x56/0x70 [ 22.413420] kfree+0x222/0x3f0 [ 22.413741] kfree_sensitive+0x67/0x90 [ 22.414167] kmalloc_double_kzfree+0x12b/0x350 [ 22.414606] kunit_try_run_case+0x1b2/0x490 [ 22.415673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.416466] kthread+0x323/0x710 [ 22.416914] ret_from_fork+0x41/0x80 [ 22.417748] ret_from_fork_asm+0x1a/0x30 [ 22.418308] [ 22.418552] The buggy address belongs to the object at ffff8881025519a0 [ 22.418552] which belongs to the cache kmalloc-16 of size 16 [ 22.420086] The buggy address is located 0 bytes inside of [ 22.420086] 16-byte region [ffff8881025519a0, ffff8881025519b0) [ 22.421393] [ 22.421656] The buggy address belongs to the physical page: [ 22.422344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102551 [ 22.422996] flags: 0x200000000000000(node=0|zone=2) [ 22.423331] page_type: f5(slab) [ 22.423635] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.424053] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.424822] page dumped because: kasan: bad access detected [ 22.425556] [ 22.426201] Memory state around the buggy address: [ 22.426720] ffff888102551880: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.427642] ffff888102551900: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.428553] >ffff888102551980: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 22.428956] ^ [ 22.429248] ffff888102551a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.430075] ffff888102551a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.431038] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 22.313899] ================================================================== [ 22.314911] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 22.315964] Read of size 1 at addr ffff8881025519a0 by task kunit_try_catch/213 [ 22.316787] [ 22.317070] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.317289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.317328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.317455] Call Trace: [ 22.317492] <TASK> [ 22.317528] dump_stack_lvl+0x73/0xb0 [ 22.317606] print_report+0xd1/0x660 [ 22.317671] ? __virt_addr_valid+0x1db/0x2d0 [ 22.317793] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.317864] kasan_report+0x104/0x140 [ 22.318104] ? kmalloc_double_kzfree+0x19c/0x350 [ 22.318207] ? kmalloc_double_kzfree+0x19c/0x350 [ 22.318283] ? kmalloc_double_kzfree+0x19c/0x350 [ 22.318349] __kasan_check_byte+0x3d/0x50 [ 22.318415] kfree_sensitive+0x22/0x90 [ 22.318485] kmalloc_double_kzfree+0x19c/0x350 [ 22.318552] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 22.318609] ? __schedule+0xd46/0x29c0 [ 22.318658] ? __pfx_read_tsc+0x10/0x10 [ 22.318707] ? ktime_get_ts64+0x86/0x240 [ 22.318972] kunit_try_run_case+0x1b2/0x490 [ 22.319103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.319206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.319289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.319372] ? __kthread_parkme+0x82/0x160 [ 22.319452] ? preempt_count_sub+0x50/0x80 [ 22.319739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.319810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.319900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.319972] kthread+0x323/0x710 [ 22.320032] ? trace_preempt_on+0x20/0xc0 [ 22.320092] ? __pfx_kthread+0x10/0x10 [ 22.320199] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.320257] ? calculate_sigpending+0x7b/0xa0 [ 22.320310] ? __pfx_kthread+0x10/0x10 [ 22.320369] ret_from_fork+0x41/0x80 [ 22.320430] ? __pfx_kthread+0x10/0x10 [ 22.320490] ret_from_fork_asm+0x1a/0x30 [ 22.320579] </TASK> [ 22.320608] [ 22.342146] Allocated by task 213: [ 22.342612] kasan_save_stack+0x3d/0x60 [ 22.343348] kasan_save_track+0x18/0x40 [ 22.344082] kasan_save_alloc_info+0x3b/0x50 [ 22.344878] __kasan_kmalloc+0xb7/0xc0 [ 22.345486] __kmalloc_cache_noprof+0x183/0x410 [ 22.346501] kmalloc_double_kzfree+0xa9/0x350 [ 22.347272] kunit_try_run_case+0x1b2/0x490 [ 22.348018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.348920] kthread+0x323/0x710 [ 22.349408] ret_from_fork+0x41/0x80 [ 22.350078] ret_from_fork_asm+0x1a/0x30 [ 22.350667] [ 22.351456] Freed by task 213: [ 22.351672] kasan_save_stack+0x3d/0x60 [ 22.352396] kasan_save_track+0x18/0x40 [ 22.352575] kasan_save_free_info+0x3f/0x60 [ 22.352796] __kasan_slab_free+0x56/0x70 [ 22.353387] kfree+0x222/0x3f0 [ 22.353758] kfree_sensitive+0x67/0x90 [ 22.354200] kmalloc_double_kzfree+0x12b/0x350 [ 22.354671] kunit_try_run_case+0x1b2/0x490 [ 22.355540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.356477] kthread+0x323/0x710 [ 22.356758] ret_from_fork+0x41/0x80 [ 22.357172] ret_from_fork_asm+0x1a/0x30 [ 22.358013] [ 22.358287] The buggy address belongs to the object at ffff8881025519a0 [ 22.358287] which belongs to the cache kmalloc-16 of size 16 [ 22.360181] The buggy address is located 0 bytes inside of [ 22.360181] freed 16-byte region [ffff8881025519a0, ffff8881025519b0) [ 22.361631] [ 22.362158] The buggy address belongs to the physical page: [ 22.362601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102551 [ 22.363571] flags: 0x200000000000000(node=0|zone=2) [ 22.364703] page_type: f5(slab) [ 22.365265] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.366155] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.366849] page dumped because: kasan: bad access detected [ 22.367504] [ 22.367967] Memory state around the buggy address: [ 22.368381] ffff888102551880: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.368893] ffff888102551900: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.369537] >ffff888102551980: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 22.370093] ^ [ 22.371095] ffff888102551a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.372011] ffff888102551a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.372659] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 22.254347] ================================================================== [ 22.255659] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 22.256608] Read of size 1 at addr ffff88810321e2a8 by task kunit_try_catch/209 [ 22.257342] [ 22.257545] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.257615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.257632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.257661] Call Trace: [ 22.257679] <TASK> [ 22.257700] dump_stack_lvl+0x73/0xb0 [ 22.258442] print_report+0xd1/0x660 [ 22.258540] ? __virt_addr_valid+0x1db/0x2d0 [ 22.258664] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.258739] kasan_report+0x104/0x140 [ 22.258832] ? kmalloc_uaf2+0x4a8/0x520 [ 22.258873] ? kmalloc_uaf2+0x4a8/0x520 [ 22.258914] __asan_report_load1_noabort+0x18/0x20 [ 22.258946] kmalloc_uaf2+0x4a8/0x520 [ 22.258977] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 22.259006] ? irqentry_exit+0x2a/0x60 [ 22.259038] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 22.259073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.259139] ? __pfx_read_tsc+0x10/0x10 [ 22.259172] ? ktime_get_ts64+0x86/0x240 [ 22.259210] kunit_try_run_case+0x1b2/0x490 [ 22.259244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.259275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.259307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.259339] ? __kthread_parkme+0x82/0x160 [ 22.259369] ? preempt_count_sub+0x50/0x80 [ 22.259405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.259439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.259472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.259504] kthread+0x323/0x710 [ 22.259533] ? trace_preempt_on+0x20/0xc0 [ 22.259567] ? __pfx_kthread+0x10/0x10 [ 22.259607] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.259655] ? calculate_sigpending+0x7b/0xa0 [ 22.259687] ? __pfx_kthread+0x10/0x10 [ 22.259768] ret_from_fork+0x41/0x80 [ 22.259805] ? __pfx_kthread+0x10/0x10 [ 22.259838] ret_from_fork_asm+0x1a/0x30 [ 22.259886] </TASK> [ 22.259902] [ 22.277609] Allocated by task 209: [ 22.277842] kasan_save_stack+0x3d/0x60 [ 22.278330] kasan_save_track+0x18/0x40 [ 22.278806] kasan_save_alloc_info+0x3b/0x50 [ 22.279290] __kasan_kmalloc+0xb7/0xc0 [ 22.279869] __kmalloc_cache_noprof+0x183/0x410 [ 22.280211] kmalloc_uaf2+0xc6/0x520 [ 22.280472] kunit_try_run_case+0x1b2/0x490 [ 22.281421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.282190] kthread+0x323/0x710 [ 22.282578] ret_from_fork+0x41/0x80 [ 22.283174] ret_from_fork_asm+0x1a/0x30 [ 22.283640] [ 22.284081] Freed by task 209: [ 22.284325] kasan_save_stack+0x3d/0x60 [ 22.284597] kasan_save_track+0x18/0x40 [ 22.284923] kasan_save_free_info+0x3f/0x60 [ 22.285770] __kasan_slab_free+0x56/0x70 [ 22.286406] kfree+0x222/0x3f0 [ 22.286821] kmalloc_uaf2+0x14c/0x520 [ 22.287249] kunit_try_run_case+0x1b2/0x490 [ 22.287882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.288638] kthread+0x323/0x710 [ 22.289288] ret_from_fork+0x41/0x80 [ 22.289648] ret_from_fork_asm+0x1a/0x30 [ 22.289976] [ 22.290148] The buggy address belongs to the object at ffff88810321e280 [ 22.290148] which belongs to the cache kmalloc-64 of size 64 [ 22.291488] The buggy address is located 40 bytes inside of [ 22.291488] freed 64-byte region [ffff88810321e280, ffff88810321e2c0) [ 22.292611] [ 22.292829] The buggy address belongs to the physical page: [ 22.293151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10321e [ 22.294069] flags: 0x200000000000000(node=0|zone=2) [ 22.295242] page_type: f5(slab) [ 22.295538] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.296645] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.297643] page dumped because: kasan: bad access detected [ 22.298760] [ 22.298952] Memory state around the buggy address: [ 22.299189] ffff88810321e180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.299422] ffff88810321e200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.299665] >ffff88810321e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.300023] ^ [ 22.300331] ffff88810321e300: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 22.301818] ffff88810321e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.302435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 22.197388] ================================================================== [ 22.198426] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 22.199386] Write of size 33 at addr ffff88810305ca80 by task kunit_try_catch/207 [ 22.200379] [ 22.200600] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.200769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.200809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.200867] Call Trace: [ 22.200956] <TASK> [ 22.201023] dump_stack_lvl+0x73/0xb0 [ 22.201132] print_report+0xd1/0x660 [ 22.201204] ? __virt_addr_valid+0x1db/0x2d0 [ 22.201324] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.201397] kasan_report+0x104/0x140 [ 22.201638] ? kmalloc_uaf_memset+0x1a3/0x360 [ 22.201916] ? kmalloc_uaf_memset+0x1a3/0x360 [ 22.202062] kasan_check_range+0x10c/0x1c0 [ 22.202188] __asan_memset+0x27/0x50 [ 22.202256] kmalloc_uaf_memset+0x1a3/0x360 [ 22.202314] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 22.202354] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 22.202394] kunit_try_run_case+0x1b2/0x490 [ 22.202434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.202465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.202497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.202529] ? __kthread_parkme+0x82/0x160 [ 22.202561] ? preempt_count_sub+0x50/0x80 [ 22.202597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.202631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.202664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.202773] kthread+0x323/0x710 [ 22.202864] ? trace_preempt_on+0x20/0xc0 [ 22.202908] ? __pfx_kthread+0x10/0x10 [ 22.202940] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.202971] ? calculate_sigpending+0x7b/0xa0 [ 22.203003] ? __pfx_kthread+0x10/0x10 [ 22.203036] ret_from_fork+0x41/0x80 [ 22.203068] ? __pfx_kthread+0x10/0x10 [ 22.203099] ret_from_fork_asm+0x1a/0x30 [ 22.203172] </TASK> [ 22.203189] [ 22.218927] Allocated by task 207: [ 22.219407] kasan_save_stack+0x3d/0x60 [ 22.219830] kasan_save_track+0x18/0x40 [ 22.220291] kasan_save_alloc_info+0x3b/0x50 [ 22.220689] __kasan_kmalloc+0xb7/0xc0 [ 22.220963] __kmalloc_cache_noprof+0x183/0x410 [ 22.221651] kmalloc_uaf_memset+0xa9/0x360 [ 22.222293] kunit_try_run_case+0x1b2/0x490 [ 22.223004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.223645] kthread+0x323/0x710 [ 22.224242] ret_from_fork+0x41/0x80 [ 22.224909] ret_from_fork_asm+0x1a/0x30 [ 22.225423] [ 22.225892] Freed by task 207: [ 22.226268] kasan_save_stack+0x3d/0x60 [ 22.226632] kasan_save_track+0x18/0x40 [ 22.227170] kasan_save_free_info+0x3f/0x60 [ 22.227861] __kasan_slab_free+0x56/0x70 [ 22.228360] kfree+0x222/0x3f0 [ 22.228939] kmalloc_uaf_memset+0x12b/0x360 [ 22.229411] kunit_try_run_case+0x1b2/0x490 [ 22.230100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.231014] kthread+0x323/0x710 [ 22.231380] ret_from_fork+0x41/0x80 [ 22.232128] ret_from_fork_asm+0x1a/0x30 [ 22.232532] [ 22.233038] The buggy address belongs to the object at ffff88810305ca80 [ 22.233038] which belongs to the cache kmalloc-64 of size 64 [ 22.234196] The buggy address is located 0 bytes inside of [ 22.234196] freed 64-byte region [ffff88810305ca80, ffff88810305cac0) [ 22.235312] [ 22.235538] The buggy address belongs to the physical page: [ 22.236358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305c [ 22.237304] flags: 0x200000000000000(node=0|zone=2) [ 22.237959] page_type: f5(slab) [ 22.238392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.239335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.240303] page dumped because: kasan: bad access detected [ 22.241063] [ 22.241314] Memory state around the buggy address: [ 22.241670] ffff88810305c980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.242072] ffff88810305ca00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.242724] >ffff88810305ca80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.243878] ^ [ 22.244352] ffff88810305cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.245263] ffff88810305cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.246194] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 22.138448] ================================================================== [ 22.139548] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 22.140226] Read of size 1 at addr ffff888100a7a988 by task kunit_try_catch/205 [ 22.140760] [ 22.141104] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.141261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.141294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.141349] Call Trace: [ 22.141382] <TASK> [ 22.141419] dump_stack_lvl+0x73/0xb0 [ 22.141496] print_report+0xd1/0x660 [ 22.141556] ? __virt_addr_valid+0x1db/0x2d0 [ 22.141680] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.141885] kasan_report+0x104/0x140 [ 22.141972] ? kmalloc_uaf+0x320/0x380 [ 22.142039] ? kmalloc_uaf+0x320/0x380 [ 22.142145] __asan_report_load1_noabort+0x18/0x20 [ 22.142207] kmalloc_uaf+0x320/0x380 [ 22.142263] ? __pfx_kmalloc_uaf+0x10/0x10 [ 22.142323] ? __schedule+0xd46/0x29c0 [ 22.142383] ? __pfx_read_tsc+0x10/0x10 [ 22.142440] ? ktime_get_ts64+0x86/0x240 [ 22.142509] kunit_try_run_case+0x1b2/0x490 [ 22.142579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.142637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.142698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.142758] ? __kthread_parkme+0x82/0x160 [ 22.142819] ? preempt_count_sub+0x50/0x80 [ 22.142889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.142956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.143023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.143089] kthread+0x323/0x710 [ 22.143280] ? trace_preempt_on+0x20/0xc0 [ 22.143325] ? __pfx_kthread+0x10/0x10 [ 22.143358] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.143389] ? calculate_sigpending+0x7b/0xa0 [ 22.143420] ? __pfx_kthread+0x10/0x10 [ 22.143452] ret_from_fork+0x41/0x80 [ 22.143483] ? __pfx_kthread+0x10/0x10 [ 22.143515] ret_from_fork_asm+0x1a/0x30 [ 22.143562] </TASK> [ 22.143578] [ 22.162237] Allocated by task 205: [ 22.162748] kasan_save_stack+0x3d/0x60 [ 22.163465] kasan_save_track+0x18/0x40 [ 22.164073] kasan_save_alloc_info+0x3b/0x50 [ 22.164798] __kasan_kmalloc+0xb7/0xc0 [ 22.165377] __kmalloc_cache_noprof+0x183/0x410 [ 22.166083] kmalloc_uaf+0xaa/0x380 [ 22.166465] kunit_try_run_case+0x1b2/0x490 [ 22.166930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.167481] kthread+0x323/0x710 [ 22.167780] ret_from_fork+0x41/0x80 [ 22.168342] ret_from_fork_asm+0x1a/0x30 [ 22.168763] [ 22.169434] Freed by task 205: [ 22.170087] kasan_save_stack+0x3d/0x60 [ 22.170622] kasan_save_track+0x18/0x40 [ 22.171150] kasan_save_free_info+0x3f/0x60 [ 22.171947] __kasan_slab_free+0x56/0x70 [ 22.172406] kfree+0x222/0x3f0 [ 22.172991] kmalloc_uaf+0x12c/0x380 [ 22.173471] kunit_try_run_case+0x1b2/0x490 [ 22.174349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.175106] kthread+0x323/0x710 [ 22.175501] ret_from_fork+0x41/0x80 [ 22.176190] ret_from_fork_asm+0x1a/0x30 [ 22.176598] [ 22.177071] The buggy address belongs to the object at ffff888100a7a980 [ 22.177071] which belongs to the cache kmalloc-16 of size 16 [ 22.178260] The buggy address is located 8 bytes inside of [ 22.178260] freed 16-byte region [ffff888100a7a980, ffff888100a7a990) [ 22.179545] [ 22.179870] The buggy address belongs to the physical page: [ 22.180320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 22.181335] flags: 0x200000000000000(node=0|zone=2) [ 22.182038] page_type: f5(slab) [ 22.182511] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.183331] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.184148] page dumped because: kasan: bad access detected [ 22.184574] [ 22.185366] Memory state around the buggy address: [ 22.186482] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 22.187152] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 22.187839] >ffff888100a7a980: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.188384] ^ [ 22.188705] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.189463] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.190229] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 22.088350] ================================================================== [ 22.089850] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 22.090263] Read of size 64 at addr ffff88810321e104 by task kunit_try_catch/203 [ 22.090740] [ 22.091007] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.091154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.091190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.091247] Call Trace: [ 22.091279] <TASK> [ 22.091314] dump_stack_lvl+0x73/0xb0 [ 22.091361] print_report+0xd1/0x660 [ 22.091396] ? __virt_addr_valid+0x1db/0x2d0 [ 22.091476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.091525] kasan_report+0x104/0x140 [ 22.091555] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 22.091602] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 22.091664] kasan_check_range+0x10c/0x1c0 [ 22.091700] __asan_memmove+0x27/0x70 [ 22.091984] kmalloc_memmove_invalid_size+0x16f/0x330 [ 22.092068] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 22.092167] ? __schedule+0xd46/0x29c0 [ 22.092234] ? __pfx_read_tsc+0x10/0x10 [ 22.092293] ? ktime_get_ts64+0x86/0x240 [ 22.092367] kunit_try_run_case+0x1b2/0x490 [ 22.092439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.092500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.092563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.092627] ? __kthread_parkme+0x82/0x160 [ 22.092751] ? preempt_count_sub+0x50/0x80 [ 22.092865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.092920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.092956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.092990] kthread+0x323/0x710 [ 22.093020] ? trace_preempt_on+0x20/0xc0 [ 22.093054] ? __pfx_kthread+0x10/0x10 [ 22.093086] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.093139] ? calculate_sigpending+0x7b/0xa0 [ 22.093172] ? __pfx_kthread+0x10/0x10 [ 22.093204] ret_from_fork+0x41/0x80 [ 22.093237] ? __pfx_kthread+0x10/0x10 [ 22.093268] ret_from_fork_asm+0x1a/0x30 [ 22.093315] </TASK> [ 22.093331] [ 22.109049] Allocated by task 203: [ 22.109433] kasan_save_stack+0x3d/0x60 [ 22.110087] kasan_save_track+0x18/0x40 [ 22.110576] kasan_save_alloc_info+0x3b/0x50 [ 22.111329] __kasan_kmalloc+0xb7/0xc0 [ 22.111852] __kmalloc_cache_noprof+0x183/0x410 [ 22.112202] kmalloc_memmove_invalid_size+0xac/0x330 [ 22.113028] kunit_try_run_case+0x1b2/0x490 [ 22.113530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.114295] kthread+0x323/0x710 [ 22.114876] ret_from_fork+0x41/0x80 [ 22.115321] ret_from_fork_asm+0x1a/0x30 [ 22.115731] [ 22.115894] The buggy address belongs to the object at ffff88810321e100 [ 22.115894] which belongs to the cache kmalloc-64 of size 64 [ 22.116930] The buggy address is located 4 bytes inside of [ 22.116930] allocated 64-byte region [ffff88810321e100, ffff88810321e140) [ 22.118455] [ 22.118649] The buggy address belongs to the physical page: [ 22.120599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10321e [ 22.122370] flags: 0x200000000000000(node=0|zone=2) [ 22.122853] page_type: f5(slab) [ 22.124324] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.125368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.126182] page dumped because: kasan: bad access detected [ 22.126553] [ 22.126760] Memory state around the buggy address: [ 22.127319] ffff88810321e000: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.127995] ffff88810321e080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.128748] >ffff88810321e100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.129508] ^ [ 22.129985] ffff88810321e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.130429] ffff88810321e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.131306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 22.039978] ================================================================== [ 22.040842] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 22.042033] Read of size 18446744073709551614 at addr ffff88810305c784 by task kunit_try_catch/201 [ 22.042814] [ 22.043023] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.043163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.043199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.043251] Call Trace: [ 22.043280] <TASK> [ 22.043312] dump_stack_lvl+0x73/0xb0 [ 22.043385] print_report+0xd1/0x660 [ 22.043448] ? __virt_addr_valid+0x1db/0x2d0 [ 22.043548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.043680] kasan_report+0x104/0x140 [ 22.043751] ? kmalloc_memmove_negative_size+0x171/0x330 [ 22.043828] ? kmalloc_memmove_negative_size+0x171/0x330 [ 22.043916] kasan_check_range+0x10c/0x1c0 [ 22.044970] __asan_memmove+0x27/0x70 [ 22.045056] kmalloc_memmove_negative_size+0x171/0x330 [ 22.045155] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 22.045235] ? __schedule+0xd46/0x29c0 [ 22.045294] ? __pfx_read_tsc+0x10/0x10 [ 22.045347] ? ktime_get_ts64+0x86/0x240 [ 22.045410] kunit_try_run_case+0x1b2/0x490 [ 22.045475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.045530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.045584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.045640] ? __kthread_parkme+0x82/0x160 [ 22.045695] ? preempt_count_sub+0x50/0x80 [ 22.045786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.045846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.045906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.045961] kthread+0x323/0x710 [ 22.046015] ? trace_preempt_on+0x20/0xc0 [ 22.046078] ? __pfx_kthread+0x10/0x10 [ 22.046165] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.046224] ? calculate_sigpending+0x7b/0xa0 [ 22.046283] ? __pfx_kthread+0x10/0x10 [ 22.046343] ret_from_fork+0x41/0x80 [ 22.046397] ? __pfx_kthread+0x10/0x10 [ 22.046452] ret_from_fork_asm+0x1a/0x30 [ 22.046532] </TASK> [ 22.046559] [ 22.058462] Allocated by task 201: [ 22.058807] kasan_save_stack+0x3d/0x60 [ 22.059209] kasan_save_track+0x18/0x40 [ 22.059586] kasan_save_alloc_info+0x3b/0x50 [ 22.060061] __kasan_kmalloc+0xb7/0xc0 [ 22.062034] __kmalloc_cache_noprof+0x183/0x410 [ 22.062530] kmalloc_memmove_negative_size+0xac/0x330 [ 22.063896] kunit_try_run_case+0x1b2/0x490 [ 22.064397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.064703] kthread+0x323/0x710 [ 22.064927] ret_from_fork+0x41/0x80 [ 22.065184] ret_from_fork_asm+0x1a/0x30 [ 22.065435] [ 22.065568] The buggy address belongs to the object at ffff88810305c780 [ 22.065568] which belongs to the cache kmalloc-64 of size 64 [ 22.066140] The buggy address is located 4 bytes inside of [ 22.066140] 64-byte region [ffff88810305c780, ffff88810305c7c0) [ 22.067053] [ 22.068265] The buggy address belongs to the physical page: [ 22.069590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305c [ 22.070388] flags: 0x200000000000000(node=0|zone=2) [ 22.070857] page_type: f5(slab) [ 22.071884] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.072396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.072792] page dumped because: kasan: bad access detected [ 22.073102] [ 22.073285] Memory state around the buggy address: [ 22.073569] ffff88810305c680: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 22.073943] ffff88810305c700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.077808] >ffff88810305c780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.079543] ^ [ 22.080364] ffff88810305c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.081618] ffff88810305c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.082849] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 21.991494] ================================================================== [ 21.993249] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 21.994088] Write of size 16 at addr ffff888103210369 by task kunit_try_catch/199 [ 21.995283] [ 21.995467] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.995601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.995653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.995706] Call Trace: [ 21.995738] <TASK> [ 21.995773] dump_stack_lvl+0x73/0xb0 [ 21.995853] print_report+0xd1/0x660 [ 21.995919] ? __virt_addr_valid+0x1db/0x2d0 [ 21.996049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.996140] kasan_report+0x104/0x140 [ 21.996203] ? kmalloc_oob_memset_16+0x166/0x330 [ 21.996267] ? kmalloc_oob_memset_16+0x166/0x330 [ 21.996344] kasan_check_range+0x10c/0x1c0 [ 21.996411] __asan_memset+0x27/0x50 [ 21.996467] kmalloc_oob_memset_16+0x166/0x330 [ 21.996561] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 21.996652] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 21.996759] kunit_try_run_case+0x1b2/0x490 [ 21.996806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.996838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.996870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.996902] ? __kthread_parkme+0x82/0x160 [ 21.996934] ? preempt_count_sub+0x50/0x80 [ 21.996970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.997004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.997037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.997070] kthread+0x323/0x710 [ 21.997099] ? trace_preempt_on+0x20/0xc0 [ 21.997185] ? __pfx_kthread+0x10/0x10 [ 21.997275] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.997310] ? calculate_sigpending+0x7b/0xa0 [ 21.997343] ? __pfx_kthread+0x10/0x10 [ 21.997375] ret_from_fork+0x41/0x80 [ 21.997409] ? __pfx_kthread+0x10/0x10 [ 21.997441] ret_from_fork_asm+0x1a/0x30 [ 21.997489] </TASK> [ 21.997504] [ 22.011432] Allocated by task 199: [ 22.011703] kasan_save_stack+0x3d/0x60 [ 22.012162] kasan_save_track+0x18/0x40 [ 22.012572] kasan_save_alloc_info+0x3b/0x50 [ 22.013469] __kasan_kmalloc+0xb7/0xc0 [ 22.014235] __kmalloc_cache_noprof+0x183/0x410 [ 22.014822] kmalloc_oob_memset_16+0xac/0x330 [ 22.015208] kunit_try_run_case+0x1b2/0x490 [ 22.015665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.016349] kthread+0x323/0x710 [ 22.016613] ret_from_fork+0x41/0x80 [ 22.017056] ret_from_fork_asm+0x1a/0x30 [ 22.017401] [ 22.017613] The buggy address belongs to the object at ffff888103210300 [ 22.017613] which belongs to the cache kmalloc-128 of size 128 [ 22.018709] The buggy address is located 105 bytes inside of [ 22.018709] allocated 120-byte region [ffff888103210300, ffff888103210378) [ 22.019928] [ 22.020178] The buggy address belongs to the physical page: [ 22.020962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103210 [ 22.021426] flags: 0x200000000000000(node=0|zone=2) [ 22.022214] page_type: f5(slab) [ 22.022736] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.023424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.024458] page dumped because: kasan: bad access detected [ 22.024993] [ 22.025179] Memory state around the buggy address: [ 22.025452] ffff888103210200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.025813] ffff888103210280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.026465] >ffff888103210300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.027089] ^ [ 22.028522] ffff888103210380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.029096] ffff888103210400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.029784] ==================================================================
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 158.305321] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 59.697037] ================================================================== [ 59.697632] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 59.697632] [ 59.698296] Use-after-free read at 0x(____ptrval____) (in kfence-#182): [ 59.698949] test_krealloc+0x6fc/0xbe0 [ 59.699335] kunit_try_run_case+0x1b2/0x490 [ 59.699827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 59.700242] kthread+0x323/0x710 [ 59.700635] ret_from_fork+0x41/0x80 [ 59.701033] ret_from_fork_asm+0x1a/0x30 [ 59.701591] [ 59.701872] kfence-#182: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 59.701872] [ 59.702554] allocated by task 358 on cpu 0 at 59.696108s (0.006440s ago): [ 59.703280] test_alloc+0x35e/0x10d0 [ 59.703641] test_krealloc+0xad/0xbe0 [ 59.704127] kunit_try_run_case+0x1b2/0x490 [ 59.704574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 59.705285] kthread+0x323/0x710 [ 59.705615] ret_from_fork+0x41/0x80 [ 59.705892] ret_from_fork_asm+0x1a/0x30 [ 59.706398] [ 59.706628] freed by task 358 on cpu 0 at 59.696384s (0.010239s ago): [ 59.707246] krealloc_noprof+0x109/0x370 [ 59.707626] test_krealloc+0x226/0xbe0 [ 59.708015] kunit_try_run_case+0x1b2/0x490 [ 59.708486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 59.709640] kthread+0x323/0x710 [ 59.710505] ret_from_fork+0x41/0x80 [ 59.712183] ret_from_fork_asm+0x1a/0x30 [ 59.712620] [ 59.714970] CPU: 0 UID: 0 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 59.717966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.719016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 59.720292] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 59.617025] ================================================================== [ 59.617564] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 59.617564] [ 59.618581] Use-after-free read at 0x(____ptrval____) (in kfence-#181): [ 59.619844] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 59.620894] kunit_try_run_case+0x1b2/0x490 [ 59.621511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 59.622493] kthread+0x323/0x710 [ 59.622810] ret_from_fork+0x41/0x80 [ 59.623510] ret_from_fork_asm+0x1a/0x30 [ 59.624000] [ 59.624191] kfence-#181: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 59.624191] [ 59.624504] allocated by task 356 on cpu 0 at 59.592284s (0.032217s ago): [ 59.624915] test_alloc+0x2a6/0x10d0 [ 59.625396] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 59.626016] kunit_try_run_case+0x1b2/0x490 [ 59.626679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 59.627350] kthread+0x323/0x710 [ 59.627908] ret_from_fork+0x41/0x80 [ 59.628427] ret_from_fork_asm+0x1a/0x30 [ 59.628997] [ 59.629313] freed by task 356 on cpu 0 at 59.592387s (0.036919s ago): [ 59.630262] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 59.630901] kunit_try_run_case+0x1b2/0x490 [ 59.631380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 59.631849] kthread+0x323/0x710 [ 59.632168] ret_from_fork+0x41/0x80 [ 59.632663] ret_from_fork_asm+0x1a/0x30 [ 59.633215] [ 59.633569] CPU: 0 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 59.634592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.634863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 59.635249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 21.946018] ================================================================== [ 21.946863] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 21.947410] Write of size 8 at addr ffff88810305a671 by task kunit_try_catch/197 [ 21.948219] [ 21.948518] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.948647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.948681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.948749] Call Trace: [ 21.948782] <TASK> [ 21.948817] dump_stack_lvl+0x73/0xb0 [ 21.948912] print_report+0xd1/0x660 [ 21.949009] ? __virt_addr_valid+0x1db/0x2d0 [ 21.949160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.949238] kasan_report+0x104/0x140 [ 21.949296] ? kmalloc_oob_memset_8+0x166/0x330 [ 21.949408] ? kmalloc_oob_memset_8+0x166/0x330 [ 21.949496] kasan_check_range+0x10c/0x1c0 [ 21.949567] __asan_memset+0x27/0x50 [ 21.949604] kmalloc_oob_memset_8+0x166/0x330 [ 21.949640] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 21.949679] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 21.949763] kunit_try_run_case+0x1b2/0x490 [ 21.949838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.949899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.949978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.950068] ? __kthread_parkme+0x82/0x160 [ 21.950159] ? preempt_count_sub+0x50/0x80 [ 21.950226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.950293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.950358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.950471] kthread+0x323/0x710 [ 21.950540] ? trace_preempt_on+0x20/0xc0 [ 21.950612] ? __pfx_kthread+0x10/0x10 [ 21.950671] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.950747] ? calculate_sigpending+0x7b/0xa0 [ 21.950813] ? __pfx_kthread+0x10/0x10 [ 21.950849] ret_from_fork+0x41/0x80 [ 21.950885] ? __pfx_kthread+0x10/0x10 [ 21.950918] ret_from_fork_asm+0x1a/0x30 [ 21.950967] </TASK> [ 21.950983] [ 21.963700] Allocated by task 197: [ 21.964159] kasan_save_stack+0x3d/0x60 [ 21.964636] kasan_save_track+0x18/0x40 [ 21.965056] kasan_save_alloc_info+0x3b/0x50 [ 21.965438] __kasan_kmalloc+0xb7/0xc0 [ 21.965714] __kmalloc_cache_noprof+0x183/0x410 [ 21.966006] kmalloc_oob_memset_8+0xac/0x330 [ 21.966513] kunit_try_run_case+0x1b2/0x490 [ 21.967005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.967646] kthread+0x323/0x710 [ 21.968190] ret_from_fork+0x41/0x80 [ 21.968642] ret_from_fork_asm+0x1a/0x30 [ 21.969090] [ 21.969368] The buggy address belongs to the object at ffff88810305a600 [ 21.969368] which belongs to the cache kmalloc-128 of size 128 [ 21.970495] The buggy address is located 113 bytes inside of [ 21.970495] allocated 120-byte region [ffff88810305a600, ffff88810305a678) [ 21.971315] [ 21.971586] The buggy address belongs to the physical page: [ 21.972376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 21.972849] flags: 0x200000000000000(node=0|zone=2) [ 21.973429] page_type: f5(slab) [ 21.973830] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.974677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.975311] page dumped because: kasan: bad access detected [ 21.975780] [ 21.975992] Memory state around the buggy address: [ 21.976272] ffff88810305a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.976940] ffff88810305a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.977512] >ffff88810305a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.978147] ^ [ 21.978525] ffff88810305a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.978907] ffff88810305a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.979548] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 21.899492] ================================================================== [ 21.900406] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 21.901032] Write of size 4 at addr ffff88810305a575 by task kunit_try_catch/195 [ 21.901589] [ 21.901944] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.902091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.902149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.902198] Call Trace: [ 21.902229] <TASK> [ 21.902263] dump_stack_lvl+0x73/0xb0 [ 21.902355] print_report+0xd1/0x660 [ 21.902453] ? __virt_addr_valid+0x1db/0x2d0 [ 21.902576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.902648] kasan_report+0x104/0x140 [ 21.902705] ? kmalloc_oob_memset_4+0x166/0x330 [ 21.902793] ? kmalloc_oob_memset_4+0x166/0x330 [ 21.902890] kasan_check_range+0x10c/0x1c0 [ 21.902989] __asan_memset+0x27/0x50 [ 21.903046] kmalloc_oob_memset_4+0x166/0x330 [ 21.903094] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 21.903166] ? __schedule+0xd46/0x29c0 [ 21.903198] ? __pfx_read_tsc+0x10/0x10 [ 21.903246] ? ktime_get_ts64+0x86/0x240 [ 21.903308] kunit_try_run_case+0x1b2/0x490 [ 21.903374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.903449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.903534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.903609] ? __kthread_parkme+0x82/0x160 [ 21.903683] ? preempt_count_sub+0x50/0x80 [ 21.903751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.903817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.903881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.903982] kthread+0x323/0x710 [ 21.904088] ? trace_preempt_on+0x20/0xc0 [ 21.904185] ? __pfx_kthread+0x10/0x10 [ 21.904237] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.904269] ? calculate_sigpending+0x7b/0xa0 [ 21.904301] ? __pfx_kthread+0x10/0x10 [ 21.904333] ret_from_fork+0x41/0x80 [ 21.904367] ? __pfx_kthread+0x10/0x10 [ 21.904398] ret_from_fork_asm+0x1a/0x30 [ 21.904444] </TASK> [ 21.904460] [ 21.916347] Allocated by task 195: [ 21.916788] kasan_save_stack+0x3d/0x60 [ 21.917242] kasan_save_track+0x18/0x40 [ 21.917698] kasan_save_alloc_info+0x3b/0x50 [ 21.918192] __kasan_kmalloc+0xb7/0xc0 [ 21.918645] __kmalloc_cache_noprof+0x183/0x410 [ 21.919149] kmalloc_oob_memset_4+0xac/0x330 [ 21.919647] kunit_try_run_case+0x1b2/0x490 [ 21.920023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.920600] kthread+0x323/0x710 [ 21.921136] ret_from_fork+0x41/0x80 [ 21.921456] ret_from_fork_asm+0x1a/0x30 [ 21.921977] [ 21.922185] The buggy address belongs to the object at ffff88810305a500 [ 21.922185] which belongs to the cache kmalloc-128 of size 128 [ 21.923140] The buggy address is located 117 bytes inside of [ 21.923140] allocated 120-byte region [ffff88810305a500, ffff88810305a578) [ 21.924273] [ 21.924488] The buggy address belongs to the physical page: [ 21.924990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 21.925613] flags: 0x200000000000000(node=0|zone=2) [ 21.926174] page_type: f5(slab) [ 21.926591] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.927295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.928097] page dumped because: kasan: bad access detected [ 21.928423] [ 21.928687] Memory state around the buggy address: [ 21.929160] ffff88810305a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.929740] ffff88810305a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.930345] >ffff88810305a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.931058] ^ [ 21.931751] ffff88810305a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.932169] ffff88810305a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.932540] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 21.852492] ================================================================== [ 21.853576] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 21.854217] Write of size 2 at addr ffff88810305a477 by task kunit_try_catch/193 [ 21.854873] [ 21.855209] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.855342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.855376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.855433] Call Trace: [ 21.855467] <TASK> [ 21.855505] dump_stack_lvl+0x73/0xb0 [ 21.855583] print_report+0xd1/0x660 [ 21.855680] ? __virt_addr_valid+0x1db/0x2d0 [ 21.855805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.855878] kasan_report+0x104/0x140 [ 21.856019] ? kmalloc_oob_memset_2+0x166/0x330 [ 21.856179] ? kmalloc_oob_memset_2+0x166/0x330 [ 21.856283] kasan_check_range+0x10c/0x1c0 [ 21.856359] __asan_memset+0x27/0x50 [ 21.856421] kmalloc_oob_memset_2+0x166/0x330 [ 21.856488] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 21.856548] ? __schedule+0xd46/0x29c0 [ 21.856590] ? __pfx_read_tsc+0x10/0x10 [ 21.856622] ? ktime_get_ts64+0x86/0x240 [ 21.856661] kunit_try_run_case+0x1b2/0x490 [ 21.856699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.856767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.856801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.856833] ? __kthread_parkme+0x82/0x160 [ 21.856864] ? preempt_count_sub+0x50/0x80 [ 21.856900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.856933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.856967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.856999] kthread+0x323/0x710 [ 21.857028] ? trace_preempt_on+0x20/0xc0 [ 21.857062] ? __pfx_kthread+0x10/0x10 [ 21.857093] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.857144] ? calculate_sigpending+0x7b/0xa0 [ 21.857177] ? __pfx_kthread+0x10/0x10 [ 21.857209] ret_from_fork+0x41/0x80 [ 21.857239] ? __pfx_kthread+0x10/0x10 [ 21.857270] ret_from_fork_asm+0x1a/0x30 [ 21.857318] </TASK> [ 21.857333] [ 21.873509] Allocated by task 193: [ 21.873892] kasan_save_stack+0x3d/0x60 [ 21.874199] kasan_save_track+0x18/0x40 [ 21.874485] kasan_save_alloc_info+0x3b/0x50 [ 21.875209] __kasan_kmalloc+0xb7/0xc0 [ 21.875742] __kmalloc_cache_noprof+0x183/0x410 [ 21.876253] kmalloc_oob_memset_2+0xac/0x330 [ 21.876776] kunit_try_run_case+0x1b2/0x490 [ 21.877242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.877686] kthread+0x323/0x710 [ 21.878180] ret_from_fork+0x41/0x80 [ 21.878553] ret_from_fork_asm+0x1a/0x30 [ 21.879108] [ 21.879451] The buggy address belongs to the object at ffff88810305a400 [ 21.879451] which belongs to the cache kmalloc-128 of size 128 [ 21.880426] The buggy address is located 119 bytes inside of [ 21.880426] allocated 120-byte region [ffff88810305a400, ffff88810305a478) [ 21.881601] [ 21.881852] The buggy address belongs to the physical page: [ 21.882301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 21.883219] flags: 0x200000000000000(node=0|zone=2) [ 21.883691] page_type: f5(slab) [ 21.884012] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.884437] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.884821] page dumped because: kasan: bad access detected [ 21.885203] [ 21.885442] Memory state around the buggy address: [ 21.885891] ffff88810305a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.886776] ffff88810305a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.887547] >ffff88810305a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.888462] ^ [ 21.889307] ffff88810305a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.889953] ffff88810305a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.890347] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 35.690984] ================================================================== [ 35.691947] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 35.691947] [ 35.692681] Invalid read at 0x(____ptrval____): [ 35.694201] test_invalid_access+0xf0/0x210 [ 35.694663] kunit_try_run_case+0x1b2/0x490 [ 35.695397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.696293] kthread+0x323/0x710 [ 35.696567] ret_from_fork+0x41/0x80 [ 35.697195] ret_from_fork_asm+0x1a/0x30 [ 35.697609] [ 35.698132] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 35.698945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.699641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.700562] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 35.464486] ================================================================== [ 35.465215] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 35.465215] [ 35.465605] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#177): [ 35.467534] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 35.467976] kunit_try_run_case+0x1b2/0x490 [ 35.468450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.469071] kthread+0x323/0x710 [ 35.469370] ret_from_fork+0x41/0x80 [ 35.469655] ret_from_fork_asm+0x1a/0x30 [ 35.470132] [ 35.470318] kfence-#177: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 35.470318] [ 35.471008] allocated by task 346 on cpu 1 at 35.464158s (0.006844s ago): [ 35.471686] test_alloc+0x35e/0x10d0 [ 35.472173] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 35.472515] kunit_try_run_case+0x1b2/0x490 [ 35.473012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.473504] kthread+0x323/0x710 [ 35.473923] ret_from_fork+0x41/0x80 [ 35.474239] ret_from_fork_asm+0x1a/0x30 [ 35.474672] [ 35.474912] freed by task 346 on cpu 1 at 35.464358s (0.010547s ago): [ 35.475319] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 35.475670] kunit_try_run_case+0x1b2/0x490 [ 35.476196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.476693] kthread+0x323/0x710 [ 35.477134] ret_from_fork+0x41/0x80 [ 35.477545] ret_from_fork_asm+0x1a/0x30 [ 35.478012] [ 35.478251] CPU: 1 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 35.479007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.479456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.480332] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 35.256407] ================================================================== [ 35.257103] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 35.257103] [ 35.258249] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#175): [ 35.259201] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 35.259548] kunit_try_run_case+0x1b2/0x490 [ 35.260670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.261458] kthread+0x323/0x710 [ 35.261868] ret_from_fork+0x41/0x80 [ 35.262319] ret_from_fork_asm+0x1a/0x30 [ 35.263028] [ 35.263235] kfence-#175: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 35.263235] [ 35.264699] allocated by task 344 on cpu 0 at 35.256095s (0.008598s ago): [ 35.265421] test_alloc+0x35e/0x10d0 [ 35.265927] test_kmalloc_aligned_oob_read+0x105/0x560 [ 35.266334] kunit_try_run_case+0x1b2/0x490 [ 35.266792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.267269] kthread+0x323/0x710 [ 35.267704] ret_from_fork+0x41/0x80 [ 35.268054] ret_from_fork_asm+0x1a/0x30 [ 35.268517] [ 35.269177] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 35.269985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.270294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.271030] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 31.512236] ================================================================== [ 31.512794] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 31.512794] [ 31.513394] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#139): [ 31.514303] test_corruption+0x216/0x3e0 [ 31.514616] kunit_try_run_case+0x1b2/0x490 [ 31.515222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.515577] kthread+0x323/0x710 [ 31.516060] ret_from_fork+0x41/0x80 [ 31.516505] ret_from_fork_asm+0x1a/0x30 [ 31.516933] [ 31.517150] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.517150] [ 31.517932] allocated by task 334 on cpu 1 at 31.512102s (0.005824s ago): [ 31.518485] test_alloc+0x2a6/0x10d0 [ 31.518826] test_corruption+0x1cb/0x3e0 [ 31.519286] kunit_try_run_case+0x1b2/0x490 [ 31.519779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.520353] kthread+0x323/0x710 [ 31.520717] ret_from_fork+0x41/0x80 [ 31.521188] ret_from_fork_asm+0x1a/0x30 [ 31.521477] [ 31.521699] freed by task 334 on cpu 1 at 31.512184s (0.009510s ago): [ 31.522410] test_corruption+0x216/0x3e0 [ 31.522932] kunit_try_run_case+0x1b2/0x490 [ 31.523408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.523870] kthread+0x323/0x710 [ 31.524270] ret_from_fork+0x41/0x80 [ 31.524834] ret_from_fork_asm+0x1a/0x30 [ 31.525299] [ 31.525606] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 31.526332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.526785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.528011] ================================================================== [ 31.200469] ================================================================== [ 31.201071] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 31.201071] [ 31.201634] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#136): [ 31.202448] test_corruption+0x2df/0x3e0 [ 31.203036] kunit_try_run_case+0x1b2/0x490 [ 31.203369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.203933] kthread+0x323/0x710 [ 31.204343] ret_from_fork+0x41/0x80 [ 31.204706] ret_from_fork_asm+0x1a/0x30 [ 31.205153] [ 31.205339] kfence-#136: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 31.205339] [ 31.206061] allocated by task 332 on cpu 0 at 31.200136s (0.005919s ago): [ 31.206665] test_alloc+0x35e/0x10d0 [ 31.207071] test_corruption+0x1cb/0x3e0 [ 31.207435] kunit_try_run_case+0x1b2/0x490 [ 31.207974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.208410] kthread+0x323/0x710 [ 31.208757] ret_from_fork+0x41/0x80 [ 31.209142] ret_from_fork_asm+0x1a/0x30 [ 31.209425] [ 31.209582] freed by task 332 on cpu 0 at 31.200271s (0.009307s ago): [ 31.210253] test_corruption+0x2df/0x3e0 [ 31.210768] kunit_try_run_case+0x1b2/0x490 [ 31.211073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.211427] kthread+0x323/0x710 [ 31.211716] ret_from_fork+0x41/0x80 [ 31.212155] ret_from_fork_asm+0x1a/0x30 [ 31.212588] [ 31.212886] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 31.213994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.214440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.215334] ================================================================== [ 30.992388] ================================================================== [ 30.993148] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 30.993148] [ 30.994094] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#134): [ 30.996038] test_corruption+0x2d2/0x3e0 [ 30.996505] kunit_try_run_case+0x1b2/0x490 [ 30.997206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.997864] kthread+0x323/0x710 [ 30.998325] ret_from_fork+0x41/0x80 [ 30.998772] ret_from_fork_asm+0x1a/0x30 [ 30.999191] [ 30.999360] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.999360] [ 31.000106] allocated by task 332 on cpu 0 at 30.992097s (0.008004s ago): [ 31.000774] test_alloc+0x35e/0x10d0 [ 31.001240] test_corruption+0xe6/0x3e0 [ 31.001618] kunit_try_run_case+0x1b2/0x490 [ 31.002052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.002429] kthread+0x323/0x710 [ 31.002884] ret_from_fork+0x41/0x80 [ 31.003321] ret_from_fork_asm+0x1a/0x30 [ 31.003861] [ 31.004068] freed by task 332 on cpu 0 at 30.992228s (0.011835s ago): [ 31.004630] test_corruption+0x2d2/0x3e0 [ 31.004961] kunit_try_run_case+0x1b2/0x490 [ 31.005449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.006017] kthread+0x323/0x710 [ 31.006411] ret_from_fork+0x41/0x80 [ 31.006761] ret_from_fork_asm+0x1a/0x30 [ 31.007039] [ 31.007320] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 31.008443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.008799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.009491] ================================================================== [ 31.408690] ================================================================== [ 31.409470] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 31.409470] [ 31.410143] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#138): [ 31.411566] test_corruption+0x131/0x3e0 [ 31.412102] kunit_try_run_case+0x1b2/0x490 [ 31.412527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.413147] kthread+0x323/0x710 [ 31.413642] ret_from_fork+0x41/0x80 [ 31.413948] ret_from_fork_asm+0x1a/0x30 [ 31.414489] [ 31.414707] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.414707] [ 31.415403] allocated by task 334 on cpu 1 at 31.408523s (0.006874s ago): [ 31.416077] test_alloc+0x2a6/0x10d0 [ 31.416442] test_corruption+0xe6/0x3e0 [ 31.416892] kunit_try_run_case+0x1b2/0x490 [ 31.417534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.417889] kthread+0x323/0x710 [ 31.418445] ret_from_fork+0x41/0x80 [ 31.418880] ret_from_fork_asm+0x1a/0x30 [ 31.419234] [ 31.419417] freed by task 334 on cpu 1 at 31.408590s (0.010821s ago): [ 31.420205] test_corruption+0x131/0x3e0 [ 31.420544] kunit_try_run_case+0x1b2/0x490 [ 31.420975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.421608] kthread+0x323/0x710 [ 31.422137] ret_from_fork+0x41/0x80 [ 31.422545] ret_from_fork_asm+0x1a/0x30 [ 31.423074] [ 31.423408] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 31.424797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.425162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.425718] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 30.784248] ================================================================== [ 30.784974] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 30.784974] [ 30.786178] Invalid free of 0x(____ptrval____) (in kfence-#132): [ 30.786618] test_invalid_addr_free+0x1e1/0x260 [ 30.787176] kunit_try_run_case+0x1b2/0x490 [ 30.787488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.787876] kthread+0x323/0x710 [ 30.788185] ret_from_fork+0x41/0x80 [ 30.788459] ret_from_fork_asm+0x1a/0x30 [ 30.788750] [ 30.788912] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.788912] [ 30.789760] allocated by task 328 on cpu 1 at 30.784087s (0.005667s ago): [ 30.790518] test_alloc+0x35e/0x10d0 [ 30.790954] test_invalid_addr_free+0xdb/0x260 [ 30.791449] kunit_try_run_case+0x1b2/0x490 [ 30.792055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.792621] kthread+0x323/0x710 [ 30.793092] ret_from_fork+0x41/0x80 [ 30.793568] ret_from_fork_asm+0x1a/0x30 [ 30.794008] [ 30.794238] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.795068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.795515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.796135] ================================================================== [ 30.888252] ================================================================== [ 30.888900] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 30.888900] [ 30.889466] Invalid free of 0x(____ptrval____) (in kfence-#133): [ 30.890224] test_invalid_addr_free+0xfb/0x260 [ 30.890541] kunit_try_run_case+0x1b2/0x490 [ 30.890984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.891347] kthread+0x323/0x710 [ 30.891768] ret_from_fork+0x41/0x80 [ 30.892183] ret_from_fork_asm+0x1a/0x30 [ 30.892476] [ 30.892722] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.892722] [ 30.893531] allocated by task 330 on cpu 0 at 30.888131s (0.005395s ago): [ 30.894404] test_alloc+0x2a6/0x10d0 [ 30.894732] test_invalid_addr_free+0xdb/0x260 [ 30.895029] kunit_try_run_case+0x1b2/0x490 [ 30.895528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.896092] kthread+0x323/0x710 [ 30.896518] ret_from_fork+0x41/0x80 [ 30.896793] ret_from_fork_asm+0x1a/0x30 [ 30.897268] [ 30.897618] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.898318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.898585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.899328] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 30.680326] ================================================================== [ 30.680915] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 30.680915] [ 30.681797] Invalid free of 0x(____ptrval____) (in kfence-#131): [ 30.682342] test_double_free+0x112/0x260 [ 30.682814] kunit_try_run_case+0x1b2/0x490 [ 30.683253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.683849] kthread+0x323/0x710 [ 30.684307] ret_from_fork+0x41/0x80 [ 30.684707] ret_from_fork_asm+0x1a/0x30 [ 30.685056] [ 30.685246] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.685246] [ 30.686039] allocated by task 326 on cpu 0 at 30.680099s (0.005934s ago): [ 30.686659] test_alloc+0x2a6/0x10d0 [ 30.687007] test_double_free+0xdb/0x260 [ 30.687467] kunit_try_run_case+0x1b2/0x490 [ 30.688084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.688616] kthread+0x323/0x710 [ 30.689050] ret_from_fork+0x41/0x80 [ 30.689423] ret_from_fork_asm+0x1a/0x30 [ 30.689798] [ 30.690022] freed by task 326 on cpu 0 at 30.680192s (0.009825s ago): [ 30.690822] test_double_free+0xfa/0x260 [ 30.691259] kunit_try_run_case+0x1b2/0x490 [ 30.691738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.692218] kthread+0x323/0x710 [ 30.692604] ret_from_fork+0x41/0x80 [ 30.692965] ret_from_fork_asm+0x1a/0x30 [ 30.693449] [ 30.693762] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.694669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.695104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.695734] ================================================================== [ 30.576415] ================================================================== [ 30.577057] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 30.577057] [ 30.577728] Invalid free of 0x(____ptrval____) (in kfence-#130): [ 30.578377] test_double_free+0x1d3/0x260 [ 30.578974] kunit_try_run_case+0x1b2/0x490 [ 30.579496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.579877] kthread+0x323/0x710 [ 30.580425] ret_from_fork+0x41/0x80 [ 30.580991] ret_from_fork_asm+0x1a/0x30 [ 30.581383] [ 30.581543] kfence-#130: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.581543] [ 30.582496] allocated by task 324 on cpu 1 at 30.576078s (0.006412s ago): [ 30.583025] test_alloc+0x35e/0x10d0 [ 30.583490] test_double_free+0xdb/0x260 [ 30.584030] kunit_try_run_case+0x1b2/0x490 [ 30.584460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.584873] kthread+0x323/0x710 [ 30.585327] ret_from_fork+0x41/0x80 [ 30.585735] ret_from_fork_asm+0x1a/0x30 [ 30.586195] [ 30.586421] freed by task 324 on cpu 1 at 30.576190s (0.010226s ago): [ 30.587166] test_double_free+0x1e0/0x260 [ 30.587514] kunit_try_run_case+0x1b2/0x490 [ 30.587852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.588378] kthread+0x323/0x710 [ 30.588753] ret_from_fork+0x41/0x80 [ 30.589303] ret_from_fork_asm+0x1a/0x30 [ 30.589731] [ 30.590006] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.590981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.591320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.591806] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 21.797935] ================================================================== [ 21.799452] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 21.801016] Write of size 128 at addr ffff88810305a300 by task kunit_try_catch/191 [ 21.801624] [ 21.802580] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.802667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.802695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.802796] Call Trace: [ 21.802829] <TASK> [ 21.802863] dump_stack_lvl+0x73/0xb0 [ 21.802935] print_report+0xd1/0x660 [ 21.802971] ? __virt_addr_valid+0x1db/0x2d0 [ 21.803036] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.803072] kasan_report+0x104/0x140 [ 21.803101] ? kmalloc_oob_in_memset+0x15f/0x320 [ 21.803161] ? kmalloc_oob_in_memset+0x15f/0x320 [ 21.803201] kasan_check_range+0x10c/0x1c0 [ 21.803237] __asan_memset+0x27/0x50 [ 21.803266] kmalloc_oob_in_memset+0x15f/0x320 [ 21.803299] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 21.803332] ? __schedule+0xd46/0x29c0 [ 21.803363] ? __pfx_read_tsc+0x10/0x10 [ 21.803392] ? ktime_get_ts64+0x86/0x240 [ 21.803430] kunit_try_run_case+0x1b2/0x490 [ 21.803465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.803496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.803527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.803557] ? __kthread_parkme+0x82/0x160 [ 21.803599] ? preempt_count_sub+0x50/0x80 [ 21.803653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.803713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.803802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.803891] kthread+0x323/0x710 [ 21.803926] ? trace_preempt_on+0x20/0xc0 [ 21.803973] ? __pfx_kthread+0x10/0x10 [ 21.804004] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.804034] ? calculate_sigpending+0x7b/0xa0 [ 21.804065] ? __pfx_kthread+0x10/0x10 [ 21.804097] ret_from_fork+0x41/0x80 [ 21.804151] ? __pfx_kthread+0x10/0x10 [ 21.804183] ret_from_fork_asm+0x1a/0x30 [ 21.804232] </TASK> [ 21.804247] [ 21.823172] Allocated by task 191: [ 21.823646] kasan_save_stack+0x3d/0x60 [ 21.824271] kasan_save_track+0x18/0x40 [ 21.824550] kasan_save_alloc_info+0x3b/0x50 [ 21.825290] __kasan_kmalloc+0xb7/0xc0 [ 21.826199] __kmalloc_cache_noprof+0x183/0x410 [ 21.826686] kmalloc_oob_in_memset+0xac/0x320 [ 21.827567] kunit_try_run_case+0x1b2/0x490 [ 21.828194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.829057] kthread+0x323/0x710 [ 21.829391] ret_from_fork+0x41/0x80 [ 21.829814] ret_from_fork_asm+0x1a/0x30 [ 21.830943] [ 21.831294] The buggy address belongs to the object at ffff88810305a300 [ 21.831294] which belongs to the cache kmalloc-128 of size 128 [ 21.832609] The buggy address is located 0 bytes inside of [ 21.832609] allocated 120-byte region [ffff88810305a300, ffff88810305a378) [ 21.834462] [ 21.834817] The buggy address belongs to the physical page: [ 21.835367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 21.836388] flags: 0x200000000000000(node=0|zone=2) [ 21.837077] page_type: f5(slab) [ 21.837460] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.838538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.839002] page dumped because: kasan: bad access detected [ 21.839404] [ 21.839653] Memory state around the buggy address: [ 21.840083] ffff88810305a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.841154] ffff88810305a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.841630] >ffff88810305a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.843166] ^ [ 21.844072] ffff88810305a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.844621] ffff88810305a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.845501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 21.740090] ================================================================== [ 21.740870] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 21.742030] Read of size 16 at addr ffff888102551980 by task kunit_try_catch/189 [ 21.742597] [ 21.742820] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.742940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.742973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.743024] Call Trace: [ 21.743056] <TASK> [ 21.743085] dump_stack_lvl+0x73/0xb0 [ 21.743160] print_report+0xd1/0x660 [ 21.743195] ? __virt_addr_valid+0x1db/0x2d0 [ 21.743286] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.743354] kasan_report+0x104/0x140 [ 21.743406] ? kmalloc_uaf_16+0x47b/0x4c0 [ 21.743467] ? kmalloc_uaf_16+0x47b/0x4c0 [ 21.743539] __asan_report_load16_noabort+0x18/0x20 [ 21.743625] kmalloc_uaf_16+0x47b/0x4c0 [ 21.743687] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 21.744197] ? __schedule+0xd46/0x29c0 [ 21.744259] ? __pfx_read_tsc+0x10/0x10 [ 21.744293] ? ktime_get_ts64+0x86/0x240 [ 21.744331] kunit_try_run_case+0x1b2/0x490 [ 21.744368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.744400] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.744430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.744462] ? __kthread_parkme+0x82/0x160 [ 21.744493] ? preempt_count_sub+0x50/0x80 [ 21.744529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.744562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.744595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.744627] kthread+0x323/0x710 [ 21.744656] ? trace_preempt_on+0x20/0xc0 [ 21.744689] ? __pfx_kthread+0x10/0x10 [ 21.744772] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.744803] ? calculate_sigpending+0x7b/0xa0 [ 21.744834] ? __pfx_kthread+0x10/0x10 [ 21.744866] ret_from_fork+0x41/0x80 [ 21.744898] ? __pfx_kthread+0x10/0x10 [ 21.744930] ret_from_fork_asm+0x1a/0x30 [ 21.744976] </TASK> [ 21.744991] [ 21.758764] Allocated by task 189: [ 21.759209] kasan_save_stack+0x3d/0x60 [ 21.759756] kasan_save_track+0x18/0x40 [ 21.760270] kasan_save_alloc_info+0x3b/0x50 [ 21.760897] __kasan_kmalloc+0xb7/0xc0 [ 21.761365] __kmalloc_cache_noprof+0x183/0x410 [ 21.761662] kmalloc_uaf_16+0x15b/0x4c0 [ 21.762204] kunit_try_run_case+0x1b2/0x490 [ 21.762773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.763473] kthread+0x323/0x710 [ 21.764065] ret_from_fork+0x41/0x80 [ 21.764634] ret_from_fork_asm+0x1a/0x30 [ 21.765276] [ 21.765559] Freed by task 189: [ 21.765995] kasan_save_stack+0x3d/0x60 [ 21.766462] kasan_save_track+0x18/0x40 [ 21.766994] kasan_save_free_info+0x3f/0x60 [ 21.767435] __kasan_slab_free+0x56/0x70 [ 21.767995] kfree+0x222/0x3f0 [ 21.768448] kmalloc_uaf_16+0x1d6/0x4c0 [ 21.769026] kunit_try_run_case+0x1b2/0x490 [ 21.769652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.770474] kthread+0x323/0x710 [ 21.770935] ret_from_fork+0x41/0x80 [ 21.771238] ret_from_fork_asm+0x1a/0x30 [ 21.771510] [ 21.771691] The buggy address belongs to the object at ffff888102551980 [ 21.771691] which belongs to the cache kmalloc-16 of size 16 [ 21.772624] The buggy address is located 0 bytes inside of [ 21.772624] freed 16-byte region [ffff888102551980, ffff888102551990) [ 21.773947] [ 21.774223] The buggy address belongs to the physical page: [ 21.774926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102551 [ 21.775850] flags: 0x200000000000000(node=0|zone=2) [ 21.776460] page_type: f5(slab) [ 21.776942] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.777779] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.778194] page dumped because: kasan: bad access detected [ 21.778560] [ 21.778799] Memory state around the buggy address: [ 21.779105] ffff888102551880: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.781166] ffff888102551900: 00 05 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 21.782615] >ffff888102551980: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.784589] ^ [ 21.785995] ffff888102551a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.788046] ffff888102551a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.789324] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 21.690539] ================================================================== [ 21.691258] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 21.691961] Write of size 16 at addr ffff888102551920 by task kunit_try_catch/187 [ 21.692452] [ 21.692672] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.692799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.692833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.692868] Call Trace: [ 21.692888] <TASK> [ 21.692909] dump_stack_lvl+0x73/0xb0 [ 21.692953] print_report+0xd1/0x660 [ 21.693003] ? __virt_addr_valid+0x1db/0x2d0 [ 21.693080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.693223] kasan_report+0x104/0x140 [ 21.693683] ? kmalloc_oob_16+0x452/0x4a0 [ 21.693913] ? kmalloc_oob_16+0x452/0x4a0 [ 21.693997] __asan_report_store16_noabort+0x1b/0x30 [ 21.694062] kmalloc_oob_16+0x452/0x4a0 [ 21.694148] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 21.694217] ? __schedule+0xd46/0x29c0 [ 21.694279] ? __pfx_read_tsc+0x10/0x10 [ 21.694333] ? ktime_get_ts64+0x86/0x240 [ 21.694376] kunit_try_run_case+0x1b2/0x490 [ 21.694414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.694446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.694477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.694508] ? __kthread_parkme+0x82/0x160 [ 21.694539] ? preempt_count_sub+0x50/0x80 [ 21.694575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.694608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.694641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.694674] kthread+0x323/0x710 [ 21.694759] ? trace_preempt_on+0x20/0xc0 [ 21.694796] ? __pfx_kthread+0x10/0x10 [ 21.694827] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.694856] ? calculate_sigpending+0x7b/0xa0 [ 21.694887] ? __pfx_kthread+0x10/0x10 [ 21.694919] ret_from_fork+0x41/0x80 [ 21.694950] ? __pfx_kthread+0x10/0x10 [ 21.694982] ret_from_fork_asm+0x1a/0x30 [ 21.695029] </TASK> [ 21.695044] [ 21.710450] Allocated by task 187: [ 21.710866] kasan_save_stack+0x3d/0x60 [ 21.711326] kasan_save_track+0x18/0x40 [ 21.711977] kasan_save_alloc_info+0x3b/0x50 [ 21.712461] __kasan_kmalloc+0xb7/0xc0 [ 21.713316] __kmalloc_cache_noprof+0x183/0x410 [ 21.713990] kmalloc_oob_16+0xa8/0x4a0 [ 21.714431] kunit_try_run_case+0x1b2/0x490 [ 21.715066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.715497] kthread+0x323/0x710 [ 21.716047] ret_from_fork+0x41/0x80 [ 21.716472] ret_from_fork_asm+0x1a/0x30 [ 21.717349] [ 21.717564] The buggy address belongs to the object at ffff888102551920 [ 21.717564] which belongs to the cache kmalloc-16 of size 16 [ 21.718528] The buggy address is located 0 bytes inside of [ 21.718528] allocated 13-byte region [ffff888102551920, ffff88810255192d) [ 21.719965] [ 21.720215] The buggy address belongs to the physical page: [ 21.720562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102551 [ 21.721874] flags: 0x200000000000000(node=0|zone=2) [ 21.722258] page_type: f5(slab) [ 21.722617] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.723338] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.723971] page dumped because: kasan: bad access detected [ 21.724444] [ 21.724666] Memory state around the buggy address: [ 21.725577] ffff888102551800: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 21.726419] ffff888102551880: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.727074] >ffff888102551900: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 21.727739] ^ [ 21.730982] ffff888102551980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.731361] ffff888102551a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.732790] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 30.160363] ================================================================== [ 30.161087] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 30.161087] [ 30.162170] Use-after-free read at 0x(____ptrval____) (in kfence-#126): [ 30.163210] test_use_after_free_read+0x129/0x270 [ 30.164200] kunit_try_run_case+0x1b2/0x490 [ 30.164603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.165644] kthread+0x323/0x710 [ 30.166248] ret_from_fork+0x41/0x80 [ 30.166599] ret_from_fork_asm+0x1a/0x30 [ 30.167326] [ 30.167987] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.167987] [ 30.168597] allocated by task 316 on cpu 0 at 30.160064s (0.008529s ago): [ 30.169403] test_alloc+0x35e/0x10d0 [ 30.170244] test_use_after_free_read+0xdc/0x270 [ 30.170673] kunit_try_run_case+0x1b2/0x490 [ 30.171101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.171436] kthread+0x323/0x710 [ 30.171858] ret_from_fork+0x41/0x80 [ 30.172347] ret_from_fork_asm+0x1a/0x30 [ 30.172666] [ 30.173159] freed by task 316 on cpu 0 at 30.160170s (0.012741s ago): [ 30.174018] test_use_after_free_read+0x1e7/0x270 [ 30.174518] kunit_try_run_case+0x1b2/0x490 [ 30.174957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.175351] kthread+0x323/0x710 [ 30.175971] ret_from_fork+0x41/0x80 [ 30.176310] ret_from_fork_asm+0x1a/0x30 [ 30.176625] [ 30.176926] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.178598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.178961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.180529] ================================================================== [ 30.264293] ================================================================== [ 30.265007] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 30.265007] [ 30.265695] Use-after-free read at 0x(____ptrval____) (in kfence-#127): [ 30.266382] test_use_after_free_read+0x129/0x270 [ 30.267021] kunit_try_run_case+0x1b2/0x490 [ 30.268286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.268986] kthread+0x323/0x710 [ 30.269543] ret_from_fork+0x41/0x80 [ 30.270191] ret_from_fork_asm+0x1a/0x30 [ 30.270836] [ 30.271023] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.271023] [ 30.272010] allocated by task 318 on cpu 1 at 30.264093s (0.007911s ago): [ 30.273207] test_alloc+0x2a6/0x10d0 [ 30.273797] test_use_after_free_read+0xdc/0x270 [ 30.274839] kunit_try_run_case+0x1b2/0x490 [ 30.275273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.276220] kthread+0x323/0x710 [ 30.276769] ret_from_fork+0x41/0x80 [ 30.277364] ret_from_fork_asm+0x1a/0x30 [ 30.278294] [ 30.278441] freed by task 318 on cpu 1 at 30.264183s (0.014254s ago): [ 30.278929] test_use_after_free_read+0xfb/0x270 [ 30.279437] kunit_try_run_case+0x1b2/0x490 [ 30.280535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.281373] kthread+0x323/0x710 [ 30.281684] ret_from_fork+0x41/0x80 [ 30.282220] ret_from_fork_asm+0x1a/0x30 [ 30.282636] [ 30.283544] CPU: 1 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.284747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.285086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.285752] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 30.056191] ================================================================== [ 30.056761] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 30.056761] [ 30.057463] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#125): [ 30.058220] test_out_of_bounds_write+0x10d/0x260 [ 30.058560] kunit_try_run_case+0x1b2/0x490 [ 30.059139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.059527] kthread+0x323/0x710 [ 30.060161] ret_from_fork+0x41/0x80 [ 30.060597] ret_from_fork_asm+0x1a/0x30 [ 30.061001] [ 30.061236] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.061236] [ 30.061866] allocated by task 314 on cpu 1 at 30.056104s (0.005757s ago): [ 30.062607] test_alloc+0x2a6/0x10d0 [ 30.062969] test_out_of_bounds_write+0xd4/0x260 [ 30.063532] kunit_try_run_case+0x1b2/0x490 [ 30.063957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.064576] kthread+0x323/0x710 [ 30.064912] ret_from_fork+0x41/0x80 [ 30.065230] ret_from_fork_asm+0x1a/0x30 [ 30.065507] [ 30.065798] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 30.067149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.067742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.068624] ================================================================== [ 29.952386] ================================================================== [ 29.952968] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 29.952968] [ 29.953613] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#124): [ 29.954486] test_out_of_bounds_write+0x10d/0x260 [ 29.955041] kunit_try_run_case+0x1b2/0x490 [ 29.955645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.956269] kthread+0x323/0x710 [ 29.956672] ret_from_fork+0x41/0x80 [ 29.956955] ret_from_fork_asm+0x1a/0x30 [ 29.957446] [ 29.957680] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.957680] [ 29.958348] allocated by task 312 on cpu 1 at 29.952235s (0.006108s ago): [ 29.959098] test_alloc+0x35e/0x10d0 [ 29.959563] test_out_of_bounds_write+0xd4/0x260 [ 29.960034] kunit_try_run_case+0x1b2/0x490 [ 29.960349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.960860] kthread+0x323/0x710 [ 29.961364] ret_from_fork+0x41/0x80 [ 29.961829] ret_from_fork_asm+0x1a/0x30 [ 29.962310] [ 29.962554] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.963400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.963690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.964553] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 29.640359] ================================================================== [ 29.641011] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 29.641011] [ 29.641750] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#121): [ 29.642534] test_out_of_bounds_read+0x216/0x4e0 [ 29.643106] kunit_try_run_case+0x1b2/0x490 [ 29.643470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.644091] kthread+0x323/0x710 [ 29.644502] ret_from_fork+0x41/0x80 [ 29.644979] ret_from_fork_asm+0x1a/0x30 [ 29.645294] [ 29.645521] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.645521] [ 29.646549] allocated by task 308 on cpu 0 at 29.640096s (0.006448s ago): [ 29.646979] test_alloc+0x35e/0x10d0 [ 29.647394] test_out_of_bounds_read+0x1e2/0x4e0 [ 29.647998] kunit_try_run_case+0x1b2/0x490 [ 29.648470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.649023] kthread+0x323/0x710 [ 29.649311] ret_from_fork+0x41/0x80 [ 29.649586] ret_from_fork_asm+0x1a/0x30 [ 29.650003] [ 29.650297] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.651412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.651710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.652327] ================================================================== [ 29.433636] ================================================================== [ 29.434389] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 29.434389] [ 29.435350] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#119): [ 29.436362] test_out_of_bounds_read+0x126/0x4e0 [ 29.436880] kunit_try_run_case+0x1b2/0x490 [ 29.437317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.437830] kthread+0x323/0x710 [ 29.438187] ret_from_fork+0x41/0x80 [ 29.438574] ret_from_fork_asm+0x1a/0x30 [ 29.439092] [ 29.439683] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.439683] [ 29.440703] allocated by task 308 on cpu 0 at 29.432104s (0.008459s ago): [ 29.442103] test_alloc+0x35e/0x10d0 [ 29.442523] test_out_of_bounds_read+0xed/0x4e0 [ 29.443161] kunit_try_run_case+0x1b2/0x490 [ 29.443639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.444038] kthread+0x323/0x710 [ 29.444438] ret_from_fork+0x41/0x80 [ 29.444894] ret_from_fork_asm+0x1a/0x30 [ 29.445396] [ 29.445707] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.446986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.447333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.448023] ================================================================== [ 29.848211] ================================================================== [ 29.848871] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 29.848871] [ 29.849525] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#123): [ 29.850078] test_out_of_bounds_read+0x216/0x4e0 [ 29.850665] kunit_try_run_case+0x1b2/0x490 [ 29.851178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.851784] kthread+0x323/0x710 [ 29.852246] ret_from_fork+0x41/0x80 [ 29.852526] ret_from_fork_asm+0x1a/0x30 [ 29.853048] [ 29.853304] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.853304] [ 29.854078] allocated by task 310 on cpu 1 at 29.848142s (0.005929s ago): [ 29.854651] test_alloc+0x2a6/0x10d0 [ 29.855100] test_out_of_bounds_read+0x1e2/0x4e0 [ 29.855569] kunit_try_run_case+0x1b2/0x490 [ 29.856176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.856518] kthread+0x323/0x710 [ 29.857004] ret_from_fork+0x41/0x80 [ 29.857417] ret_from_fork_asm+0x1a/0x30 [ 29.857807] [ 29.858142] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.859036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.859484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.860088] ================================================================== [ 29.744204] ================================================================== [ 29.744842] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 29.744842] [ 29.745554] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#122): [ 29.746408] test_out_of_bounds_read+0x126/0x4e0 [ 29.746818] kunit_try_run_case+0x1b2/0x490 [ 29.747166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.747757] kthread+0x323/0x710 [ 29.748213] ret_from_fork+0x41/0x80 [ 29.748570] ret_from_fork_asm+0x1a/0x30 [ 29.749378] [ 29.749619] kfence-#122: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.749619] [ 29.750525] allocated by task 310 on cpu 1 at 29.744102s (0.006417s ago): [ 29.752628] test_alloc+0x2a6/0x10d0 [ 29.753130] test_out_of_bounds_read+0xed/0x4e0 [ 29.753354] kunit_try_run_case+0x1b2/0x490 [ 29.753514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.753694] kthread+0x323/0x710 [ 29.754231] ret_from_fork+0x41/0x80 [ 29.754754] ret_from_fork_asm+0x1a/0x30 [ 29.755453] [ 29.755785] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.757279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.757870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.758720] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-cs_dsp_mock_bin_add_name_or_infoisra
[ 238.035868] ================================================================== [ 238.037116] BUG: KASAN: global-out-of-bounds in cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 238.037785] Read of size 12 at addr ffffffffb472a500 by task kunit_try_catch/4195 [ 238.038339] [ 238.038624] CPU: 0 UID: 0 PID: 4195 Comm: kunit_try_catch Tainted: G B D W N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 238.038809] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 238.038850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 238.038918] Call Trace: [ 238.038955] <TASK> [ 238.039004] dump_stack_lvl+0x73/0xb0 [ 238.039089] print_report+0xd1/0x660 [ 238.039163] ? __virt_addr_valid+0x1db/0x2d0 [ 238.039282] ? kasan_addr_to_slab+0x11/0xa0 [ 238.039347] kasan_report+0x104/0x140 [ 238.039389] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 238.039460] ? cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 238.039980] kasan_check_range+0x10c/0x1c0 [ 238.040073] __asan_memcpy+0x27/0x70 [ 238.040372] cs_dsp_mock_bin_add_name_or_info.isra.0+0x1c1/0x3d0 [ 238.040490] ? __pfx_cs_dsp_mock_bin_add_name_or_info.isra.0+0x10/0x10 [ 238.040565] ? __pfx_cs_dsp_mock_reg_addr_inc_per_unpacked_word+0x10/0x10 [ 238.040630] ? __pfx__cs_dsp_remove_wrapper+0x10/0x10 [ 238.040723] cs_dsp_mock_bin_add_info+0x12/0x20 [ 238.040763] bin_patch_name_and_info+0x1a1/0x8d0 [ 238.040799] ? __pfx_bin_patch_name_and_info+0x10/0x10 [ 238.040834] ? __pfx_kfree_action_wrapper+0x10/0x10 [ 238.040872] ? kunit_add_action_or_reset+0x1d/0x40 [ 238.040927] ? __pfx_read_tsc+0x10/0x10 [ 238.040960] ? ktime_get_ts64+0x86/0x240 [ 238.040999] kunit_try_run_case+0x1b2/0x490 [ 238.041032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 238.041062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 238.041092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 238.041122] ? __kthread_parkme+0x82/0x160 [ 238.041152] ? preempt_count_sub+0x50/0x80 [ 238.041189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 238.041220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 238.041250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 238.041279] kthread+0x323/0x710 [ 238.041308] ? trace_preempt_on+0x20/0xc0 [ 238.041344] ? __pfx_kthread+0x10/0x10 [ 238.041374] ? _raw_spin_unlock_irq+0x47/0x80 [ 238.041402] ? calculate_sigpending+0x7b/0xa0 [ 238.041433] ? __pfx_kthread+0x10/0x10 [ 238.041464] ret_from_fork+0x41/0x80 [ 238.041535] ? __pfx_kthread+0x10/0x10 [ 238.041568] ret_from_fork_asm+0x1a/0x30 [ 238.041619] </TASK> [ 238.041637] [ 238.059786] The buggy address belongs to the variable: [ 238.060098] __loc.16+0x80/0x540 [ 238.060487] [ 238.060710] The buggy address belongs to the physical page: [ 238.061293] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3952a [ 238.062047] flags: 0x100000000002000(reserved|node=0|zone=1) [ 238.062658] raw: 0100000000002000 ffffea0000e54a88 ffffea0000e54a88 0000000000000000 [ 238.063311] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 238.063975] page dumped because: kasan: bad access detected [ 238.064385] [ 238.064671] Memory state around the buggy address: [ 238.065154] ffffffffb472a400: 00 00 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 [ 238.065574] ffffffffb472a480: 00 00 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9 [ 238.065995] >ffffffffb472a500: 00 02 f9 f9 f9 f9 f9 f9 00 00 00 00 00 07 f9 f9 [ 238.066733] ^ [ 238.067173] ffffffffb472a580: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 06 f9 f9 [ 238.067968] ffffffffb472a600: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 01 f9 f9 [ 238.068657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 29.162632] ================================================================== [ 29.164352] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 29.165023] Write of size 1 at addr ffff88810305ae78 by task kunit_try_catch/306 [ 29.165683] [ 29.166816] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.166909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.166932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.166963] Call Trace: [ 29.166985] <TASK> [ 29.167006] dump_stack_lvl+0x73/0xb0 [ 29.167048] print_report+0xd1/0x660 [ 29.167083] ? __virt_addr_valid+0x1db/0x2d0 [ 29.167174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.167215] kasan_report+0x104/0x140 [ 29.167247] ? strncpy_from_user+0x1a5/0x1d0 [ 29.167285] ? strncpy_from_user+0x1a5/0x1d0 [ 29.167328] __asan_report_store1_noabort+0x1b/0x30 [ 29.167362] strncpy_from_user+0x1a5/0x1d0 [ 29.167401] copy_user_test_oob+0x760/0x1130 [ 29.167442] ? __pfx_copy_user_test_oob+0x10/0x10 [ 29.167477] ? finish_task_switch.isra.0+0x153/0x730 [ 29.167511] ? __switch_to+0x5d9/0xf70 [ 29.167551] ? __schedule+0xd46/0x29c0 [ 29.167593] ? __pfx_read_tsc+0x10/0x10 [ 29.167642] ? ktime_get_ts64+0x86/0x240 [ 29.167681] kunit_try_run_case+0x1b2/0x490 [ 29.167748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.167789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.167823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.167859] ? __kthread_parkme+0x82/0x160 [ 29.167894] ? preempt_count_sub+0x50/0x80 [ 29.167943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.167979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.168015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.168051] kthread+0x323/0x710 [ 29.168083] ? trace_preempt_on+0x20/0xc0 [ 29.168140] ? __pfx_kthread+0x10/0x10 [ 29.168175] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.168207] ? calculate_sigpending+0x7b/0xa0 [ 29.168240] ? __pfx_kthread+0x10/0x10 [ 29.168274] ret_from_fork+0x41/0x80 [ 29.168308] ? __pfx_kthread+0x10/0x10 [ 29.168342] ret_from_fork_asm+0x1a/0x30 [ 29.168391] </TASK> [ 29.168408] [ 29.187261] Allocated by task 306: [ 29.187625] kasan_save_stack+0x3d/0x60 [ 29.188095] kasan_save_track+0x18/0x40 [ 29.188504] kasan_save_alloc_info+0x3b/0x50 [ 29.188886] __kasan_kmalloc+0xb7/0xc0 [ 29.189325] __kmalloc_noprof+0x1c3/0x500 [ 29.189676] kunit_kmalloc_array+0x25/0x60 [ 29.191170] copy_user_test_oob+0xab/0x1130 [ 29.191574] kunit_try_run_case+0x1b2/0x490 [ 29.192349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.193043] kthread+0x323/0x710 [ 29.193457] ret_from_fork+0x41/0x80 [ 29.194262] ret_from_fork_asm+0x1a/0x30 [ 29.194757] [ 29.195001] The buggy address belongs to the object at ffff88810305ae00 [ 29.195001] which belongs to the cache kmalloc-128 of size 128 [ 29.195877] The buggy address is located 0 bytes to the right of [ 29.195877] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 29.197471] [ 29.197940] The buggy address belongs to the physical page: [ 29.198651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 29.199300] flags: 0x200000000000000(node=0|zone=2) [ 29.199707] page_type: f5(slab) [ 29.200571] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.201572] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.202201] page dumped because: kasan: bad access detected [ 29.202691] [ 29.202877] Memory state around the buggy address: [ 29.204003] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.204439] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.205295] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.206053] ^ [ 29.206675] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.207638] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.208357] ================================================================== [ 29.121476] ================================================================== [ 29.122198] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 29.123578] Write of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 29.124794] [ 29.124969] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.125049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.125082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.125152] Call Trace: [ 29.125188] <TASK> [ 29.125228] dump_stack_lvl+0x73/0xb0 [ 29.125343] print_report+0xd1/0x660 [ 29.125395] ? __virt_addr_valid+0x1db/0x2d0 [ 29.125484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.125526] kasan_report+0x104/0x140 [ 29.125559] ? strncpy_from_user+0x2e/0x1d0 [ 29.125597] ? strncpy_from_user+0x2e/0x1d0 [ 29.125640] kasan_check_range+0x10c/0x1c0 [ 29.125678] __kasan_check_write+0x18/0x20 [ 29.125717] strncpy_from_user+0x2e/0x1d0 [ 29.125829] ? __kasan_check_read+0x15/0x20 [ 29.125899] copy_user_test_oob+0x760/0x1130 [ 29.125954] ? __pfx_copy_user_test_oob+0x10/0x10 [ 29.125991] ? finish_task_switch.isra.0+0x153/0x730 [ 29.126027] ? __switch_to+0x5d9/0xf70 [ 29.126068] ? __schedule+0xd46/0x29c0 [ 29.126102] ? __pfx_read_tsc+0x10/0x10 [ 29.126163] ? ktime_get_ts64+0x86/0x240 [ 29.126202] kunit_try_run_case+0x1b2/0x490 [ 29.126240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.126274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.126307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.126341] ? __kthread_parkme+0x82/0x160 [ 29.126375] ? preempt_count_sub+0x50/0x80 [ 29.126413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.126448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.126483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.126519] kthread+0x323/0x710 [ 29.126551] ? trace_preempt_on+0x20/0xc0 [ 29.126586] ? __pfx_kthread+0x10/0x10 [ 29.126620] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.126652] ? calculate_sigpending+0x7b/0xa0 [ 29.126685] ? __pfx_kthread+0x10/0x10 [ 29.126767] ret_from_fork+0x41/0x80 [ 29.126805] ? __pfx_kthread+0x10/0x10 [ 29.126840] ret_from_fork_asm+0x1a/0x30 [ 29.126889] </TASK> [ 29.126909] [ 29.140304] Allocated by task 306: [ 29.140542] kasan_save_stack+0x3d/0x60 [ 29.140822] kasan_save_track+0x18/0x40 [ 29.141104] kasan_save_alloc_info+0x3b/0x50 [ 29.141619] __kasan_kmalloc+0xb7/0xc0 [ 29.142231] __kmalloc_noprof+0x1c3/0x500 [ 29.142861] kunit_kmalloc_array+0x25/0x60 [ 29.143489] copy_user_test_oob+0xab/0x1130 [ 29.144137] kunit_try_run_case+0x1b2/0x490 [ 29.144594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.145402] kthread+0x323/0x710 [ 29.145818] ret_from_fork+0x41/0x80 [ 29.146163] ret_from_fork_asm+0x1a/0x30 [ 29.146581] [ 29.146756] The buggy address belongs to the object at ffff88810305ae00 [ 29.146756] which belongs to the cache kmalloc-128 of size 128 [ 29.147800] The buggy address is located 0 bytes inside of [ 29.147800] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 29.148561] [ 29.148725] The buggy address belongs to the physical page: [ 29.149309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 29.150239] flags: 0x200000000000000(node=0|zone=2) [ 29.150789] page_type: f5(slab) [ 29.151196] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.151771] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.152471] page dumped because: kasan: bad access detected [ 29.153584] [ 29.153991] Memory state around the buggy address: [ 29.154472] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.154886] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.155304] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.155713] ^ [ 29.155978] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.158642] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 28.985041] ================================================================== [ 28.985754] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x1130 [ 28.986347] Read of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 28.986756] [ 28.986951] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.987082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.987144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.987202] Call Trace: [ 28.987236] <TASK> [ 28.987272] dump_stack_lvl+0x73/0xb0 [ 28.987348] print_report+0xd1/0x660 [ 28.987417] ? __virt_addr_valid+0x1db/0x2d0 [ 28.987544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.987691] kasan_report+0x104/0x140 [ 28.987796] ? copy_user_test_oob+0x4aa/0x1130 [ 28.987877] ? copy_user_test_oob+0x4aa/0x1130 [ 28.987978] kasan_check_range+0x10c/0x1c0 [ 28.988054] __kasan_check_read+0x15/0x20 [ 28.988138] copy_user_test_oob+0x4aa/0x1130 [ 28.988223] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.988298] ? finish_task_switch.isra.0+0x153/0x730 [ 28.988365] ? __switch_to+0x5d9/0xf70 [ 28.988444] ? __schedule+0xd46/0x29c0 [ 28.988509] ? __pfx_read_tsc+0x10/0x10 [ 28.988571] ? ktime_get_ts64+0x86/0x240 [ 28.988644] kunit_try_run_case+0x1b2/0x490 [ 28.988720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.988819] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.988883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.988953] ? __kthread_parkme+0x82/0x160 [ 28.989020] ? preempt_count_sub+0x50/0x80 [ 28.989094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.989194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.989264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.989335] kthread+0x323/0x710 [ 28.989399] ? trace_preempt_on+0x20/0xc0 [ 28.989468] ? __pfx_kthread+0x10/0x10 [ 28.989536] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.989598] ? calculate_sigpending+0x7b/0xa0 [ 28.989664] ? __pfx_kthread+0x10/0x10 [ 28.989758] ret_from_fork+0x41/0x80 [ 28.989853] ? __pfx_kthread+0x10/0x10 [ 28.989950] ret_from_fork_asm+0x1a/0x30 [ 28.990045] </TASK> [ 28.990081] [ 29.003313] Allocated by task 306: [ 29.003702] kasan_save_stack+0x3d/0x60 [ 29.004200] kasan_save_track+0x18/0x40 [ 29.004625] kasan_save_alloc_info+0x3b/0x50 [ 29.005098] __kasan_kmalloc+0xb7/0xc0 [ 29.005446] __kmalloc_noprof+0x1c3/0x500 [ 29.005733] kunit_kmalloc_array+0x25/0x60 [ 29.006229] copy_user_test_oob+0xab/0x1130 [ 29.006783] kunit_try_run_case+0x1b2/0x490 [ 29.007259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.007806] kthread+0x323/0x710 [ 29.008655] ret_from_fork+0x41/0x80 [ 29.010381] ret_from_fork_asm+0x1a/0x30 [ 29.012271] [ 29.012444] The buggy address belongs to the object at ffff88810305ae00 [ 29.012444] which belongs to the cache kmalloc-128 of size 128 [ 29.013075] The buggy address is located 0 bytes inside of [ 29.013075] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 29.014067] [ 29.014294] The buggy address belongs to the physical page: [ 29.014585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 29.015099] flags: 0x200000000000000(node=0|zone=2) [ 29.015444] page_type: f5(slab) [ 29.015719] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.016159] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.017735] page dumped because: kasan: bad access detected [ 29.018281] [ 29.020989] Memory state around the buggy address: [ 29.021339] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.021715] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.022077] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.022458] ^ [ 29.022848] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.023341] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.023752] ================================================================== [ 29.072686] ================================================================== [ 29.073380] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x1130 [ 29.073804] Read of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 29.074487] [ 29.074745] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.074881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.074917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.075504] Call Trace: [ 29.075561] <TASK> [ 29.076027] dump_stack_lvl+0x73/0xb0 [ 29.076171] print_report+0xd1/0x660 [ 29.076260] ? __virt_addr_valid+0x1db/0x2d0 [ 29.076392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.076473] kasan_report+0x104/0x140 [ 29.076536] ? copy_user_test_oob+0x604/0x1130 [ 29.076580] ? copy_user_test_oob+0x604/0x1130 [ 29.076628] kasan_check_range+0x10c/0x1c0 [ 29.076668] __kasan_check_read+0x15/0x20 [ 29.076699] copy_user_test_oob+0x604/0x1130 [ 29.076785] ? __pfx_copy_user_test_oob+0x10/0x10 [ 29.076822] ? finish_task_switch.isra.0+0x153/0x730 [ 29.076858] ? __switch_to+0x5d9/0xf70 [ 29.076897] ? __schedule+0xd46/0x29c0 [ 29.076931] ? __pfx_read_tsc+0x10/0x10 [ 29.076963] ? ktime_get_ts64+0x86/0x240 [ 29.077001] kunit_try_run_case+0x1b2/0x490 [ 29.077038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.077073] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.077106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.077164] ? __kthread_parkme+0x82/0x160 [ 29.077197] ? preempt_count_sub+0x50/0x80 [ 29.077235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.077271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.077307] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.077343] kthread+0x323/0x710 [ 29.077375] ? trace_preempt_on+0x20/0xc0 [ 29.077410] ? __pfx_kthread+0x10/0x10 [ 29.077444] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.077475] ? calculate_sigpending+0x7b/0xa0 [ 29.077508] ? __pfx_kthread+0x10/0x10 [ 29.077542] ret_from_fork+0x41/0x80 [ 29.077575] ? __pfx_kthread+0x10/0x10 [ 29.077608] ret_from_fork_asm+0x1a/0x30 [ 29.077657] </TASK> [ 29.077675] [ 29.097386] Allocated by task 306: [ 29.098130] kasan_save_stack+0x3d/0x60 [ 29.098544] kasan_save_track+0x18/0x40 [ 29.099344] kasan_save_alloc_info+0x3b/0x50 [ 29.099996] __kasan_kmalloc+0xb7/0xc0 [ 29.100416] __kmalloc_noprof+0x1c3/0x500 [ 29.101304] kunit_kmalloc_array+0x25/0x60 [ 29.101841] copy_user_test_oob+0xab/0x1130 [ 29.102485] kunit_try_run_case+0x1b2/0x490 [ 29.103291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.103752] kthread+0x323/0x710 [ 29.104252] ret_from_fork+0x41/0x80 [ 29.104660] ret_from_fork_asm+0x1a/0x30 [ 29.105457] [ 29.105843] The buggy address belongs to the object at ffff88810305ae00 [ 29.105843] which belongs to the cache kmalloc-128 of size 128 [ 29.106804] The buggy address is located 0 bytes inside of [ 29.106804] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 29.108014] [ 29.108525] The buggy address belongs to the physical page: [ 29.109037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 29.110155] flags: 0x200000000000000(node=0|zone=2) [ 29.110676] page_type: f5(slab) [ 29.111628] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.112240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.112790] page dumped because: kasan: bad access detected [ 29.113651] [ 29.114240] Memory state around the buggy address: [ 29.114505] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.115171] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.116003] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.117183] ^ [ 29.118103] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.118756] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.119885] ================================================================== [ 29.024556] ================================================================== [ 29.025238] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x1130 [ 29.026163] Write of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 29.026705] [ 29.026920] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 29.028554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.028606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.028668] Call Trace: [ 29.028707] <TASK> [ 29.028746] dump_stack_lvl+0x73/0xb0 [ 29.028830] print_report+0xd1/0x660 [ 29.028899] ? __virt_addr_valid+0x1db/0x2d0 [ 29.029027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.029519] kasan_report+0x104/0x140 [ 29.029621] ? copy_user_test_oob+0x557/0x1130 [ 29.029700] ? copy_user_test_oob+0x557/0x1130 [ 29.029810] kasan_check_range+0x10c/0x1c0 [ 29.029935] __kasan_check_write+0x18/0x20 [ 29.030013] copy_user_test_oob+0x557/0x1130 [ 29.030095] ? __pfx_copy_user_test_oob+0x10/0x10 [ 29.030190] ? finish_task_switch.isra.0+0x153/0x730 [ 29.030259] ? __switch_to+0x5d9/0xf70 [ 29.030337] ? __schedule+0xd46/0x29c0 [ 29.030401] ? __pfx_read_tsc+0x10/0x10 [ 29.030463] ? ktime_get_ts64+0x86/0x240 [ 29.030536] kunit_try_run_case+0x1b2/0x490 [ 29.030610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.030677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.030771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.030845] ? __kthread_parkme+0x82/0x160 [ 29.030915] ? preempt_count_sub+0x50/0x80 [ 29.030986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.031058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.031167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.031249] kthread+0x323/0x710 [ 29.031314] ? trace_preempt_on+0x20/0xc0 [ 29.031387] ? __pfx_kthread+0x10/0x10 [ 29.031454] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.031517] ? calculate_sigpending+0x7b/0xa0 [ 29.031595] ? __pfx_kthread+0x10/0x10 [ 29.031683] ret_from_fork+0x41/0x80 [ 29.031826] ? __pfx_kthread+0x10/0x10 [ 29.031900] ret_from_fork_asm+0x1a/0x30 [ 29.032002] </TASK> [ 29.032039] [ 29.045234] Allocated by task 306: [ 29.045537] kasan_save_stack+0x3d/0x60 [ 29.046001] kasan_save_track+0x18/0x40 [ 29.046310] kasan_save_alloc_info+0x3b/0x50 [ 29.046614] __kasan_kmalloc+0xb7/0xc0 [ 29.046888] __kmalloc_noprof+0x1c3/0x500 [ 29.047359] kunit_kmalloc_array+0x25/0x60 [ 29.047971] copy_user_test_oob+0xab/0x1130 [ 29.048438] kunit_try_run_case+0x1b2/0x490 [ 29.048974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.049465] kthread+0x323/0x710 [ 29.049797] ret_from_fork+0x41/0x80 [ 29.050255] ret_from_fork_asm+0x1a/0x30 [ 29.050654] [ 29.050945] The buggy address belongs to the object at ffff88810305ae00 [ 29.050945] which belongs to the cache kmalloc-128 of size 128 [ 29.051939] The buggy address is located 0 bytes inside of [ 29.051939] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 29.052795] [ 29.053018] The buggy address belongs to the physical page: [ 29.053531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 29.053955] flags: 0x200000000000000(node=0|zone=2) [ 29.055545] page_type: f5(slab) [ 29.056639] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 29.059659] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.060439] page dumped because: kasan: bad access detected [ 29.061262] [ 29.061470] Memory state around the buggy address: [ 29.063303] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.063764] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.064444] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 29.065131] ^ [ 29.066086] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.068529] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.069216] ================================================================== [ 28.949903] ================================================================== [ 28.950436] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x1130 [ 28.950950] Write of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 28.951674] [ 28.952010] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.952165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.952205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.952279] Call Trace: [ 28.952316] <TASK> [ 28.952378] dump_stack_lvl+0x73/0xb0 [ 28.952459] print_report+0xd1/0x660 [ 28.952522] ? __virt_addr_valid+0x1db/0x2d0 [ 28.952640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.952763] kasan_report+0x104/0x140 [ 28.952833] ? copy_user_test_oob+0x3fd/0x1130 [ 28.952935] ? copy_user_test_oob+0x3fd/0x1130 [ 28.953004] kasan_check_range+0x10c/0x1c0 [ 28.953045] __kasan_check_write+0x18/0x20 [ 28.953078] copy_user_test_oob+0x3fd/0x1130 [ 28.953152] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.953216] ? finish_task_switch.isra.0+0x153/0x730 [ 28.953284] ? __switch_to+0x5d9/0xf70 [ 28.953376] ? __schedule+0xd46/0x29c0 [ 28.953473] ? __pfx_read_tsc+0x10/0x10 [ 28.953536] ? ktime_get_ts64+0x86/0x240 [ 28.953604] kunit_try_run_case+0x1b2/0x490 [ 28.953676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.953756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.953871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.953948] ? __kthread_parkme+0x82/0x160 [ 28.954016] ? preempt_count_sub+0x50/0x80 [ 28.954074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.954139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.954180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.954216] kthread+0x323/0x710 [ 28.954249] ? trace_preempt_on+0x20/0xc0 [ 28.954285] ? __pfx_kthread+0x10/0x10 [ 28.954318] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.954350] ? calculate_sigpending+0x7b/0xa0 [ 28.954383] ? __pfx_kthread+0x10/0x10 [ 28.954417] ret_from_fork+0x41/0x80 [ 28.954449] ? __pfx_kthread+0x10/0x10 [ 28.954483] ret_from_fork_asm+0x1a/0x30 [ 28.954532] </TASK> [ 28.954550] [ 28.967880] Allocated by task 306: [ 28.968201] kasan_save_stack+0x3d/0x60 [ 28.968488] kasan_save_track+0x18/0x40 [ 28.968766] kasan_save_alloc_info+0x3b/0x50 [ 28.969280] __kasan_kmalloc+0xb7/0xc0 [ 28.969784] __kmalloc_noprof+0x1c3/0x500 [ 28.970436] kunit_kmalloc_array+0x25/0x60 [ 28.970893] copy_user_test_oob+0xab/0x1130 [ 28.971507] kunit_try_run_case+0x1b2/0x490 [ 28.971876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.972250] kthread+0x323/0x710 [ 28.972510] ret_from_fork+0x41/0x80 [ 28.972785] ret_from_fork_asm+0x1a/0x30 [ 28.973104] [ 28.973368] The buggy address belongs to the object at ffff88810305ae00 [ 28.973368] which belongs to the cache kmalloc-128 of size 128 [ 28.974387] The buggy address is located 0 bytes inside of [ 28.974387] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 28.975421] [ 28.975679] The buggy address belongs to the physical page: [ 28.976261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 28.976896] flags: 0x200000000000000(node=0|zone=2) [ 28.977304] page_type: f5(slab) [ 28.977545] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.977954] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.978752] page dumped because: kasan: bad access detected [ 28.979410] [ 28.979666] Memory state around the buggy address: [ 28.980148] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.980533] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.981041] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.981938] ^ [ 28.982655] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.983307] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.983792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 28.900051] ================================================================== [ 28.900811] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 28.901558] Read of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 28.902458] [ 28.902801] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.902962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.903057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.903159] Call Trace: [ 28.903199] <TASK> [ 28.903238] dump_stack_lvl+0x73/0xb0 [ 28.903318] print_report+0xd1/0x660 [ 28.903384] ? __virt_addr_valid+0x1db/0x2d0 [ 28.903628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.903714] kasan_report+0x104/0x140 [ 28.903810] ? _copy_to_user+0x4a/0x70 [ 28.903940] ? _copy_to_user+0x4a/0x70 [ 28.904077] kasan_check_range+0x10c/0x1c0 [ 28.904196] __kasan_check_read+0x15/0x20 [ 28.904345] _copy_to_user+0x4a/0x70 [ 28.904497] copy_user_test_oob+0x364/0x1130 [ 28.904643] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.904790] ? finish_task_switch.isra.0+0x153/0x730 [ 28.904894] ? __switch_to+0x5d9/0xf70 [ 28.904975] ? __schedule+0xd46/0x29c0 [ 28.905013] ? __pfx_read_tsc+0x10/0x10 [ 28.905046] ? ktime_get_ts64+0x86/0x240 [ 28.905087] kunit_try_run_case+0x1b2/0x490 [ 28.905146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.905182] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.905216] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.905250] ? __kthread_parkme+0x82/0x160 [ 28.905283] ? preempt_count_sub+0x50/0x80 [ 28.905320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.905357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.905393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.905428] kthread+0x323/0x710 [ 28.905460] ? trace_preempt_on+0x20/0xc0 [ 28.905495] ? __pfx_kthread+0x10/0x10 [ 28.905528] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.905559] ? calculate_sigpending+0x7b/0xa0 [ 28.905592] ? __pfx_kthread+0x10/0x10 [ 28.905626] ret_from_fork+0x41/0x80 [ 28.905659] ? __pfx_kthread+0x10/0x10 [ 28.905692] ret_from_fork_asm+0x1a/0x30 [ 28.905777] </TASK> [ 28.905797] [ 28.919705] Allocated by task 306: [ 28.920171] kasan_save_stack+0x3d/0x60 [ 28.920520] kasan_save_track+0x18/0x40 [ 28.921043] kasan_save_alloc_info+0x3b/0x50 [ 28.921551] __kasan_kmalloc+0xb7/0xc0 [ 28.921900] __kmalloc_noprof+0x1c3/0x500 [ 28.922356] kunit_kmalloc_array+0x25/0x60 [ 28.922725] copy_user_test_oob+0xab/0x1130 [ 28.924037] kunit_try_run_case+0x1b2/0x490 [ 28.925159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.925671] kthread+0x323/0x710 [ 28.927496] ret_from_fork+0x41/0x80 [ 28.929210] ret_from_fork_asm+0x1a/0x30 [ 28.929933] [ 28.930135] The buggy address belongs to the object at ffff88810305ae00 [ 28.930135] which belongs to the cache kmalloc-128 of size 128 [ 28.931352] The buggy address is located 0 bytes inside of [ 28.931352] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 28.932492] [ 28.932826] The buggy address belongs to the physical page: [ 28.933369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 28.934068] flags: 0x200000000000000(node=0|zone=2) [ 28.934656] page_type: f5(slab) [ 28.935153] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.935835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.936361] page dumped because: kasan: bad access detected [ 28.936952] [ 28.937165] Memory state around the buggy address: [ 28.937627] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.938177] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.938889] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.939489] ^ [ 28.940098] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.940666] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.941318] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 28.851725] ================================================================== [ 28.852834] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 28.853561] Write of size 121 at addr ffff88810305ae00 by task kunit_try_catch/306 [ 28.854474] [ 28.854872] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.855056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.855132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.855202] Call Trace: [ 28.855243] <TASK> [ 28.855285] dump_stack_lvl+0x73/0xb0 [ 28.855464] print_report+0xd1/0x660 [ 28.855598] ? __virt_addr_valid+0x1db/0x2d0 [ 28.855808] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.855922] kasan_report+0x104/0x140 [ 28.856005] ? _copy_from_user+0x32/0x90 [ 28.856062] ? _copy_from_user+0x32/0x90 [ 28.856103] kasan_check_range+0x10c/0x1c0 [ 28.856167] __kasan_check_write+0x18/0x20 [ 28.856200] _copy_from_user+0x32/0x90 [ 28.856232] copy_user_test_oob+0x2be/0x1130 [ 28.856275] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.856312] ? finish_task_switch.isra.0+0x153/0x730 [ 28.856347] ? __switch_to+0x5d9/0xf70 [ 28.856390] ? __schedule+0xd46/0x29c0 [ 28.856424] ? __pfx_read_tsc+0x10/0x10 [ 28.856455] ? ktime_get_ts64+0x86/0x240 [ 28.856496] kunit_try_run_case+0x1b2/0x490 [ 28.856532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.856566] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.856601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.856635] ? __kthread_parkme+0x82/0x160 [ 28.856668] ? preempt_count_sub+0x50/0x80 [ 28.856711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.856781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.856818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.856853] kthread+0x323/0x710 [ 28.856885] ? trace_preempt_on+0x20/0xc0 [ 28.856923] ? __pfx_kthread+0x10/0x10 [ 28.856958] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.856990] ? calculate_sigpending+0x7b/0xa0 [ 28.857023] ? __pfx_kthread+0x10/0x10 [ 28.857056] ret_from_fork+0x41/0x80 [ 28.857089] ? __pfx_kthread+0x10/0x10 [ 28.857143] ret_from_fork_asm+0x1a/0x30 [ 28.857194] </TASK> [ 28.857213] [ 28.872074] Allocated by task 306: [ 28.872469] kasan_save_stack+0x3d/0x60 [ 28.872950] kasan_save_track+0x18/0x40 [ 28.873469] kasan_save_alloc_info+0x3b/0x50 [ 28.874023] __kasan_kmalloc+0xb7/0xc0 [ 28.874431] __kmalloc_noprof+0x1c3/0x500 [ 28.874906] kunit_kmalloc_array+0x25/0x60 [ 28.875437] copy_user_test_oob+0xab/0x1130 [ 28.876025] kunit_try_run_case+0x1b2/0x490 [ 28.876371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.876709] kthread+0x323/0x710 [ 28.877094] ret_from_fork+0x41/0x80 [ 28.877532] ret_from_fork_asm+0x1a/0x30 [ 28.877979] [ 28.878241] The buggy address belongs to the object at ffff88810305ae00 [ 28.878241] which belongs to the cache kmalloc-128 of size 128 [ 28.879023] The buggy address is located 0 bytes inside of [ 28.879023] allocated 120-byte region [ffff88810305ae00, ffff88810305ae78) [ 28.880298] [ 28.880649] The buggy address belongs to the physical page: [ 28.881285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 28.882158] flags: 0x200000000000000(node=0|zone=2) [ 28.882738] page_type: f5(slab) [ 28.883202] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.883886] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.884567] page dumped because: kasan: bad access detected [ 28.885285] [ 28.885488] Memory state around the buggy address: [ 28.886197] ffff88810305ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.886682] ffff88810305ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.887600] >ffff88810305ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.888421] ^ [ 28.888793] ffff88810305ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.889218] ffff88810305af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.889993] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 28.778915] ================================================================== [ 28.779957] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 28.780791] Write of size 8 at addr ffff88810323a078 by task kunit_try_catch/302 [ 28.781360] [ 28.781631] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.781869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.781912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.781978] Call Trace: [ 28.782017] <TASK> [ 28.782058] dump_stack_lvl+0x73/0xb0 [ 28.782208] print_report+0xd1/0x660 [ 28.782285] ? __virt_addr_valid+0x1db/0x2d0 [ 28.782405] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.782479] kasan_report+0x104/0x140 [ 28.782539] ? copy_to_kernel_nofault+0x99/0x260 [ 28.782614] ? copy_to_kernel_nofault+0x99/0x260 [ 28.782717] kasan_check_range+0x10c/0x1c0 [ 28.782793] __kasan_check_write+0x18/0x20 [ 28.782852] copy_to_kernel_nofault+0x99/0x260 [ 28.782930] copy_to_kernel_nofault_oob+0x213/0x4e0 [ 28.783000] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 28.783061] ? finish_task_switch.isra.0+0x153/0x730 [ 28.783155] ? __schedule+0xd46/0x29c0 [ 28.783292] ? trace_hardirqs_on+0x37/0xe0 [ 28.783484] ? __pfx_read_tsc+0x10/0x10 [ 28.783621] ? ktime_get_ts64+0x86/0x240 [ 28.783751] kunit_try_run_case+0x1b2/0x490 [ 28.783838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.783910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.784045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.784173] ? __kthread_parkme+0x82/0x160 [ 28.784248] ? preempt_count_sub+0x50/0x80 [ 28.784362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.784446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.784515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.784580] kthread+0x323/0x710 [ 28.784645] ? trace_preempt_on+0x20/0xc0 [ 28.784725] ? __pfx_kthread+0x10/0x10 [ 28.784788] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.784849] ? calculate_sigpending+0x7b/0xa0 [ 28.785040] ? __pfx_kthread+0x10/0x10 [ 28.785147] ret_from_fork+0x41/0x80 [ 28.785219] ? __pfx_kthread+0x10/0x10 [ 28.785334] ret_from_fork_asm+0x1a/0x30 [ 28.785481] </TASK> [ 28.785547] [ 28.801462] Allocated by task 302: [ 28.801897] kasan_save_stack+0x3d/0x60 [ 28.802201] kasan_save_track+0x18/0x40 [ 28.802757] kasan_save_alloc_info+0x3b/0x50 [ 28.803326] __kasan_kmalloc+0xb7/0xc0 [ 28.803783] __kmalloc_cache_noprof+0x183/0x410 [ 28.804272] copy_to_kernel_nofault_oob+0xc4/0x4e0 [ 28.804881] kunit_try_run_case+0x1b2/0x490 [ 28.805314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.805657] kthread+0x323/0x710 [ 28.805938] ret_from_fork+0x41/0x80 [ 28.806307] ret_from_fork_asm+0x1a/0x30 [ 28.806747] [ 28.806975] The buggy address belongs to the object at ffff88810323a000 [ 28.806975] which belongs to the cache kmalloc-128 of size 128 [ 28.808523] The buggy address is located 0 bytes to the right of [ 28.808523] allocated 120-byte region [ffff88810323a000, ffff88810323a078) [ 28.809443] [ 28.809608] The buggy address belongs to the physical page: [ 28.809909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10323a [ 28.810396] flags: 0x200000000000000(node=0|zone=2) [ 28.810740] page_type: f5(slab) [ 28.811278] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.812293] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.812980] page dumped because: kasan: bad access detected [ 28.813868] [ 28.814096] Memory state around the buggy address: [ 28.814770] ffff888103239f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.815433] ffff888103239f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.816471] >ffff88810323a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.817339] ^ [ 28.817931] ffff88810323a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.818454] ffff88810323a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.818886] ================================================================== [ 28.722322] ================================================================== [ 28.723338] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 28.723960] Read of size 8 at addr ffff88810323a078 by task kunit_try_catch/302 [ 28.725662] [ 28.726025] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.726180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.726205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.726239] Call Trace: [ 28.726259] <TASK> [ 28.726284] dump_stack_lvl+0x73/0xb0 [ 28.726349] print_report+0xd1/0x660 [ 28.726396] ? __virt_addr_valid+0x1db/0x2d0 [ 28.726466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.726505] kasan_report+0x104/0x140 [ 28.726537] ? copy_to_kernel_nofault+0x225/0x260 [ 28.726577] ? copy_to_kernel_nofault+0x225/0x260 [ 28.726621] __asan_report_load8_noabort+0x18/0x20 [ 28.726654] copy_to_kernel_nofault+0x225/0x260 [ 28.726694] copy_to_kernel_nofault_oob+0x178/0x4e0 [ 28.727137] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 28.727195] ? finish_task_switch.isra.0+0x153/0x730 [ 28.727236] ? __schedule+0xd46/0x29c0 [ 28.727269] ? trace_hardirqs_on+0x37/0xe0 [ 28.727321] ? __pfx_read_tsc+0x10/0x10 [ 28.727354] ? ktime_get_ts64+0x86/0x240 [ 28.727394] kunit_try_run_case+0x1b2/0x490 [ 28.727436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.727471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.727504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.727538] ? __kthread_parkme+0x82/0x160 [ 28.727570] ? preempt_count_sub+0x50/0x80 [ 28.727635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.727673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.727766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.727807] kthread+0x323/0x710 [ 28.727840] ? trace_preempt_on+0x20/0xc0 [ 28.727875] ? __pfx_kthread+0x10/0x10 [ 28.727910] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.727953] ? calculate_sigpending+0x7b/0xa0 [ 28.727986] ? __pfx_kthread+0x10/0x10 [ 28.728021] ret_from_fork+0x41/0x80 [ 28.728055] ? __pfx_kthread+0x10/0x10 [ 28.728088] ret_from_fork_asm+0x1a/0x30 [ 28.728158] </TASK> [ 28.728178] [ 28.752526] Allocated by task 302: [ 28.752887] kasan_save_stack+0x3d/0x60 [ 28.756172] kasan_save_track+0x18/0x40 [ 28.757136] kasan_save_alloc_info+0x3b/0x50 [ 28.758021] __kasan_kmalloc+0xb7/0xc0 [ 28.758524] __kmalloc_cache_noprof+0x183/0x410 [ 28.759622] copy_to_kernel_nofault_oob+0xc4/0x4e0 [ 28.760550] kunit_try_run_case+0x1b2/0x490 [ 28.761233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.762091] kthread+0x323/0x710 [ 28.762634] ret_from_fork+0x41/0x80 [ 28.763414] ret_from_fork_asm+0x1a/0x30 [ 28.764142] [ 28.764380] The buggy address belongs to the object at ffff88810323a000 [ 28.764380] which belongs to the cache kmalloc-128 of size 128 [ 28.765999] The buggy address is located 0 bytes to the right of [ 28.765999] allocated 120-byte region [ffff88810323a000, ffff88810323a078) [ 28.766922] [ 28.767849] The buggy address belongs to the physical page: [ 28.768618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10323a [ 28.769216] flags: 0x200000000000000(node=0|zone=2) [ 28.769614] page_type: f5(slab) [ 28.769987] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.770624] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.771680] page dumped because: kasan: bad access detected [ 28.772471] [ 28.772743] Memory state around the buggy address: [ 28.773163] ffff888103239f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.773983] ffff888103239f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.774594] >ffff88810323a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.775207] ^ [ 28.775973] ffff88810323a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.776748] ffff88810323a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.777456] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 26.574186] ================================================================== [ 26.574857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 26.575856] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.576549] [ 26.576786] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.576918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.576995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.577063] Call Trace: [ 26.577100] <TASK> [ 26.577156] dump_stack_lvl+0x73/0xb0 [ 26.577281] print_report+0xd1/0x660 [ 26.577365] ? __virt_addr_valid+0x1db/0x2d0 [ 26.577491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.577571] kasan_report+0x104/0x140 [ 26.577631] ? kasan_atomics_helper+0xac7/0x5450 [ 26.577699] ? kasan_atomics_helper+0xac7/0x5450 [ 26.577887] kasan_check_range+0x10c/0x1c0 [ 26.577971] __kasan_check_write+0x18/0x20 [ 26.578082] kasan_atomics_helper+0xac7/0x5450 [ 26.578185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.578258] ? kasan_save_alloc_info+0x3b/0x50 [ 26.578395] kasan_atomics+0x1dc/0x310 [ 26.578470] ? __pfx_kasan_atomics+0x10/0x10 [ 26.578546] ? __pfx_read_tsc+0x10/0x10 [ 26.578611] ? ktime_get_ts64+0x86/0x240 [ 26.578688] kunit_try_run_case+0x1b2/0x490 [ 26.578821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.578891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.579004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.579078] ? __kthread_parkme+0x82/0x160 [ 26.579163] ? preempt_count_sub+0x50/0x80 [ 26.579241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.579365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.579438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.579505] kthread+0x323/0x710 [ 26.579569] ? trace_preempt_on+0x20/0xc0 [ 26.579669] ? __pfx_kthread+0x10/0x10 [ 26.579792] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.579909] ? calculate_sigpending+0x7b/0xa0 [ 26.579988] ? __pfx_kthread+0x10/0x10 [ 26.580054] ret_from_fork+0x41/0x80 [ 26.580148] ? __pfx_kthread+0x10/0x10 [ 26.580194] ret_from_fork_asm+0x1a/0x30 [ 26.580244] </TASK> [ 26.580262] [ 26.597551] Allocated by task 286: [ 26.599412] kasan_save_stack+0x3d/0x60 [ 26.600165] kasan_save_track+0x18/0x40 [ 26.601521] kasan_save_alloc_info+0x3b/0x50 [ 26.603220] __kasan_kmalloc+0xb7/0xc0 [ 26.603624] __kmalloc_cache_noprof+0x183/0x410 [ 26.605841] kasan_atomics+0x95/0x310 [ 26.606154] kunit_try_run_case+0x1b2/0x490 [ 26.607266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.608602] kthread+0x323/0x710 [ 26.609378] ret_from_fork+0x41/0x80 [ 26.609785] ret_from_fork_asm+0x1a/0x30 [ 26.610083] [ 26.610269] The buggy address belongs to the object at ffff888103231c00 [ 26.610269] which belongs to the cache kmalloc-64 of size 64 [ 26.611097] The buggy address is located 0 bytes to the right of [ 26.611097] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.612234] [ 26.612405] The buggy address belongs to the physical page: [ 26.612747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.613524] flags: 0x200000000000000(node=0|zone=2) [ 26.614163] page_type: f5(slab) [ 26.614540] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.615243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.615871] page dumped because: kasan: bad access detected [ 26.616473] [ 26.616742] Memory state around the buggy address: [ 26.617287] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.617803] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.618397] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.619067] ^ [ 26.619562] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.620316] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.620958] ================================================================== [ 26.979031] ================================================================== [ 26.980067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 26.980915] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.981373] [ 26.981568] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.981692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.981751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.981811] Call Trace: [ 26.981847] <TASK> [ 26.981884] dump_stack_lvl+0x73/0xb0 [ 26.981966] print_report+0xd1/0x660 [ 26.982033] ? __virt_addr_valid+0x1db/0x2d0 [ 26.982289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.982386] kasan_report+0x104/0x140 [ 26.982450] ? kasan_atomics_helper+0x1079/0x5450 [ 26.982524] ? kasan_atomics_helper+0x1079/0x5450 [ 26.982607] kasan_check_range+0x10c/0x1c0 [ 26.982682] __kasan_check_write+0x18/0x20 [ 26.982802] kasan_atomics_helper+0x1079/0x5450 [ 26.982876] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.982947] ? kasan_save_alloc_info+0x3b/0x50 [ 26.983134] kasan_atomics+0x1dc/0x310 [ 26.983223] ? __pfx_kasan_atomics+0x10/0x10 [ 26.983296] ? __pfx_read_tsc+0x10/0x10 [ 26.983358] ? ktime_get_ts64+0x86/0x240 [ 26.983524] kunit_try_run_case+0x1b2/0x490 [ 26.983637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.983748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.983882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.983996] ? __kthread_parkme+0x82/0x160 [ 26.984065] ? preempt_count_sub+0x50/0x80 [ 26.984162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.984295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.984403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.984473] kthread+0x323/0x710 [ 26.984534] ? trace_preempt_on+0x20/0xc0 [ 26.984670] ? __pfx_kthread+0x10/0x10 [ 26.984827] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.984919] ? calculate_sigpending+0x7b/0xa0 [ 26.985047] ? __pfx_kthread+0x10/0x10 [ 26.985176] ret_from_fork+0x41/0x80 [ 26.985276] ? __pfx_kthread+0x10/0x10 [ 26.985344] ret_from_fork_asm+0x1a/0x30 [ 26.985533] </TASK> [ 26.985598] [ 27.000585] Allocated by task 286: [ 27.000997] kasan_save_stack+0x3d/0x60 [ 27.001318] kasan_save_track+0x18/0x40 [ 27.001602] kasan_save_alloc_info+0x3b/0x50 [ 27.002187] __kasan_kmalloc+0xb7/0xc0 [ 27.002614] __kmalloc_cache_noprof+0x183/0x410 [ 27.003219] kasan_atomics+0x95/0x310 [ 27.003794] kunit_try_run_case+0x1b2/0x490 [ 27.004363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.005000] kthread+0x323/0x710 [ 27.005434] ret_from_fork+0x41/0x80 [ 27.005980] ret_from_fork_asm+0x1a/0x30 [ 27.006356] [ 27.006519] The buggy address belongs to the object at ffff888103231c00 [ 27.006519] which belongs to the cache kmalloc-64 of size 64 [ 27.007293] The buggy address is located 0 bytes to the right of [ 27.007293] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.008648] [ 27.008949] The buggy address belongs to the physical page: [ 27.009288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.009844] flags: 0x200000000000000(node=0|zone=2) [ 27.010495] page_type: f5(slab) [ 27.011002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.011855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.012552] page dumped because: kasan: bad access detected [ 27.013075] [ 27.013325] Memory state around the buggy address: [ 27.013799] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.014210] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.014855] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.015633] ^ [ 27.016194] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.016757] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.017161] ================================================================== [ 27.284961] ================================================================== [ 27.285780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 27.286492] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.287024] [ 27.287549] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.287712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.287842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.287949] Call Trace: [ 27.287990] <TASK> [ 27.288026] dump_stack_lvl+0x73/0xb0 [ 27.288378] print_report+0xd1/0x660 [ 27.288488] ? __virt_addr_valid+0x1db/0x2d0 [ 27.288618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.288697] kasan_report+0x104/0x140 [ 27.290072] ? kasan_atomics_helper+0x49ce/0x5450 [ 27.290213] ? kasan_atomics_helper+0x49ce/0x5450 [ 27.290303] __asan_report_load4_noabort+0x18/0x20 [ 27.290375] kasan_atomics_helper+0x49ce/0x5450 [ 27.290450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.290525] ? kasan_save_alloc_info+0x3b/0x50 [ 27.290615] kasan_atomics+0x1dc/0x310 [ 27.290688] ? __pfx_kasan_atomics+0x10/0x10 [ 27.290783] ? __pfx_read_tsc+0x10/0x10 [ 27.290856] ? ktime_get_ts64+0x86/0x240 [ 27.290922] kunit_try_run_case+0x1b2/0x490 [ 27.290963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.290998] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.291033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.291068] ? __kthread_parkme+0x82/0x160 [ 27.291102] ? preempt_count_sub+0x50/0x80 [ 27.291167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.291204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.291240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.291276] kthread+0x323/0x710 [ 27.291307] ? trace_preempt_on+0x20/0xc0 [ 27.291344] ? __pfx_kthread+0x10/0x10 [ 27.291378] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.291410] ? calculate_sigpending+0x7b/0xa0 [ 27.291443] ? __pfx_kthread+0x10/0x10 [ 27.291477] ret_from_fork+0x41/0x80 [ 27.291511] ? __pfx_kthread+0x10/0x10 [ 27.291545] ret_from_fork_asm+0x1a/0x30 [ 27.291618] </TASK> [ 27.291637] [ 27.305392] Allocated by task 286: [ 27.305780] kasan_save_stack+0x3d/0x60 [ 27.306235] kasan_save_track+0x18/0x40 [ 27.306775] kasan_save_alloc_info+0x3b/0x50 [ 27.307264] __kasan_kmalloc+0xb7/0xc0 [ 27.307735] __kmalloc_cache_noprof+0x183/0x410 [ 27.308396] kasan_atomics+0x95/0x310 [ 27.308782] kunit_try_run_case+0x1b2/0x490 [ 27.309299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.309992] kthread+0x323/0x710 [ 27.310286] ret_from_fork+0x41/0x80 [ 27.310780] ret_from_fork_asm+0x1a/0x30 [ 27.311221] [ 27.311559] The buggy address belongs to the object at ffff888103231c00 [ 27.311559] which belongs to the cache kmalloc-64 of size 64 [ 27.312533] The buggy address is located 0 bytes to the right of [ 27.312533] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.313751] [ 27.314067] The buggy address belongs to the physical page: [ 27.314547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.315313] flags: 0x200000000000000(node=0|zone=2) [ 27.315786] page_type: f5(slab) [ 27.316141] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.316810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.317388] page dumped because: kasan: bad access detected [ 27.317876] [ 27.318034] Memory state around the buggy address: [ 27.318419] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.319651] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.320578] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.323199] ^ [ 27.323536] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.324298] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.326466] ================================================================== [ 28.126713] ================================================================== [ 28.127406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 28.127994] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.129554] [ 28.129834] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.129971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.130009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.130074] Call Trace: [ 28.130140] <TASK> [ 28.130185] dump_stack_lvl+0x73/0xb0 [ 28.130264] print_report+0xd1/0x660 [ 28.130336] ? __virt_addr_valid+0x1db/0x2d0 [ 28.130465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.130546] kasan_report+0x104/0x140 [ 28.130659] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.130804] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.130965] kasan_check_range+0x10c/0x1c0 [ 28.131055] __kasan_check_write+0x18/0x20 [ 28.131142] kasan_atomics_helper+0x1d7a/0x5450 [ 28.131218] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.131288] ? kasan_save_alloc_info+0x3b/0x50 [ 28.131338] kasan_atomics+0x1dc/0x310 [ 28.131376] ? __pfx_kasan_atomics+0x10/0x10 [ 28.131415] ? __pfx_read_tsc+0x10/0x10 [ 28.131450] ? ktime_get_ts64+0x86/0x240 [ 28.131490] kunit_try_run_case+0x1b2/0x490 [ 28.131528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.131562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.131623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.131658] ? __kthread_parkme+0x82/0x160 [ 28.131694] ? preempt_count_sub+0x50/0x80 [ 28.131829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.131891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.131942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.131979] kthread+0x323/0x710 [ 28.132012] ? trace_preempt_on+0x20/0xc0 [ 28.132050] ? __pfx_kthread+0x10/0x10 [ 28.132085] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.132141] ? calculate_sigpending+0x7b/0xa0 [ 28.132176] ? __pfx_kthread+0x10/0x10 [ 28.132211] ret_from_fork+0x41/0x80 [ 28.132246] ? __pfx_kthread+0x10/0x10 [ 28.132280] ret_from_fork_asm+0x1a/0x30 [ 28.132329] </TASK> [ 28.132347] [ 28.151201] Allocated by task 286: [ 28.152361] kasan_save_stack+0x3d/0x60 [ 28.152888] kasan_save_track+0x18/0x40 [ 28.153244] kasan_save_alloc_info+0x3b/0x50 [ 28.153681] __kasan_kmalloc+0xb7/0xc0 [ 28.154220] __kmalloc_cache_noprof+0x183/0x410 [ 28.154650] kasan_atomics+0x95/0x310 [ 28.155040] kunit_try_run_case+0x1b2/0x490 [ 28.155528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.156048] kthread+0x323/0x710 [ 28.156387] ret_from_fork+0x41/0x80 [ 28.156884] ret_from_fork_asm+0x1a/0x30 [ 28.157202] [ 28.157352] The buggy address belongs to the object at ffff888103231c00 [ 28.157352] which belongs to the cache kmalloc-64 of size 64 [ 28.158107] The buggy address is located 0 bytes to the right of [ 28.158107] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.159369] [ 28.159632] The buggy address belongs to the physical page: [ 28.160162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.160752] flags: 0x200000000000000(node=0|zone=2) [ 28.161129] page_type: f5(slab) [ 28.161500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.162260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.162935] page dumped because: kasan: bad access detected [ 28.163409] [ 28.163696] Memory state around the buggy address: [ 28.164174] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.164850] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.165410] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.166225] ^ [ 28.166840] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.167659] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.168513] ================================================================== [ 27.713311] ================================================================== [ 27.714027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 27.714757] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.715491] [ 27.715739] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.715876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.715918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.715983] Call Trace: [ 27.716023] <TASK> [ 27.716074] dump_stack_lvl+0x73/0xb0 [ 27.716183] print_report+0xd1/0x660 [ 27.716257] ? __virt_addr_valid+0x1db/0x2d0 [ 27.716385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.716463] kasan_report+0x104/0x140 [ 27.716526] ? kasan_atomics_helper+0x1818/0x5450 [ 27.716600] ? kasan_atomics_helper+0x1818/0x5450 [ 27.716685] kasan_check_range+0x10c/0x1c0 [ 27.716760] __kasan_check_write+0x18/0x20 [ 27.716823] kasan_atomics_helper+0x1818/0x5450 [ 27.716896] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.716971] ? kasan_save_alloc_info+0x3b/0x50 [ 27.717061] kasan_atomics+0x1dc/0x310 [ 27.717366] ? __pfx_kasan_atomics+0x10/0x10 [ 27.717497] ? __pfx_read_tsc+0x10/0x10 [ 27.717572] ? ktime_get_ts64+0x86/0x240 [ 27.717654] kunit_try_run_case+0x1b2/0x490 [ 27.717765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.717841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.717950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.718051] ? __kthread_parkme+0x82/0x160 [ 27.718179] ? preempt_count_sub+0x50/0x80 [ 27.718293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.718399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.718479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.718550] kthread+0x323/0x710 [ 27.718612] ? trace_preempt_on+0x20/0xc0 [ 27.718674] ? __pfx_kthread+0x10/0x10 [ 27.718825] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.718921] ? calculate_sigpending+0x7b/0xa0 [ 27.718997] ? __pfx_kthread+0x10/0x10 [ 27.719098] ret_from_fork+0x41/0x80 [ 27.719227] ? __pfx_kthread+0x10/0x10 [ 27.719299] ret_from_fork_asm+0x1a/0x30 [ 27.719430] </TASK> [ 27.719490] [ 27.734488] Allocated by task 286: [ 27.734877] kasan_save_stack+0x3d/0x60 [ 27.735323] kasan_save_track+0x18/0x40 [ 27.735777] kasan_save_alloc_info+0x3b/0x50 [ 27.739691] __kasan_kmalloc+0xb7/0xc0 [ 27.740770] __kmalloc_cache_noprof+0x183/0x410 [ 27.741355] kasan_atomics+0x95/0x310 [ 27.741843] kunit_try_run_case+0x1b2/0x490 [ 27.742212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.742827] kthread+0x323/0x710 [ 27.743277] ret_from_fork+0x41/0x80 [ 27.743570] ret_from_fork_asm+0x1a/0x30 [ 27.744146] [ 27.744376] The buggy address belongs to the object at ffff888103231c00 [ 27.744376] which belongs to the cache kmalloc-64 of size 64 [ 27.745216] The buggy address is located 0 bytes to the right of [ 27.745216] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.746074] [ 27.746329] The buggy address belongs to the physical page: [ 27.746922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.747575] flags: 0x200000000000000(node=0|zone=2) [ 27.748187] page_type: f5(slab) [ 27.748556] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.749169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.749748] page dumped because: kasan: bad access detected [ 27.750304] [ 27.750532] Memory state around the buggy address: [ 27.750985] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.751640] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.752096] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.752790] ^ [ 27.753324] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.754009] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.754655] ================================================================== [ 25.963087] ================================================================== [ 25.964345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 25.965146] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 25.966401] [ 25.966671] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.967071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.967204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.967287] Call Trace: [ 25.967322] <TASK> [ 25.967356] dump_stack_lvl+0x73/0xb0 [ 25.967433] print_report+0xd1/0x660 [ 25.967497] ? __virt_addr_valid+0x1db/0x2d0 [ 25.967651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.967859] kasan_report+0x104/0x140 [ 25.967952] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.968021] ? kasan_atomics_helper+0x4b6e/0x5450 [ 25.968360] __asan_report_store4_noabort+0x1b/0x30 [ 25.968527] kasan_atomics_helper+0x4b6e/0x5450 [ 25.968702] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.968912] ? kasan_save_alloc_info+0x3b/0x50 [ 25.969005] kasan_atomics+0x1dc/0x310 [ 25.969074] ? __pfx_kasan_atomics+0x10/0x10 [ 25.969169] ? __pfx_read_tsc+0x10/0x10 [ 25.969232] ? ktime_get_ts64+0x86/0x240 [ 25.969307] kunit_try_run_case+0x1b2/0x490 [ 25.969375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.969440] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.969503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.969568] ? __kthread_parkme+0x82/0x160 [ 25.969632] ? preempt_count_sub+0x50/0x80 [ 25.969703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.969774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.969842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.969910] kthread+0x323/0x710 [ 25.969970] ? trace_preempt_on+0x20/0xc0 [ 25.970037] ? __pfx_kthread+0x10/0x10 [ 25.970101] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.970184] ? calculate_sigpending+0x7b/0xa0 [ 25.970248] ? __pfx_kthread+0x10/0x10 [ 25.970313] ret_from_fork+0x41/0x80 [ 25.970378] ? __pfx_kthread+0x10/0x10 [ 25.970440] ret_from_fork_asm+0x1a/0x30 [ 25.970533] </TASK> [ 25.970565] [ 25.988173] Allocated by task 286: [ 25.988411] kasan_save_stack+0x3d/0x60 [ 25.988684] kasan_save_track+0x18/0x40 [ 25.988944] kasan_save_alloc_info+0x3b/0x50 [ 25.989658] __kasan_kmalloc+0xb7/0xc0 [ 25.990729] __kmalloc_cache_noprof+0x183/0x410 [ 25.991510] kasan_atomics+0x95/0x310 [ 25.992305] kunit_try_run_case+0x1b2/0x490 [ 25.993569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.994261] kthread+0x323/0x710 [ 25.994645] ret_from_fork+0x41/0x80 [ 25.995456] ret_from_fork_asm+0x1a/0x30 [ 25.996443] [ 25.996785] The buggy address belongs to the object at ffff888103231c00 [ 25.996785] which belongs to the cache kmalloc-64 of size 64 [ 25.997628] The buggy address is located 0 bytes to the right of [ 25.997628] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 25.999547] [ 25.999903] The buggy address belongs to the physical page: [ 26.000461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.000891] flags: 0x200000000000000(node=0|zone=2) [ 26.001264] page_type: f5(slab) [ 26.002390] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.003546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.004552] page dumped because: kasan: bad access detected [ 26.005247] [ 26.005564] Memory state around the buggy address: [ 26.006030] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.006927] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.007939] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.008550] ^ [ 26.009570] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.010326] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.011534] ================================================================== [ 27.983355] ================================================================== [ 27.983871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 27.984572] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.985093] [ 27.985878] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.985958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.985978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.986010] Call Trace: [ 27.986031] <TASK> [ 27.986052] dump_stack_lvl+0x73/0xb0 [ 27.986096] print_report+0xd1/0x660 [ 27.986172] ? __virt_addr_valid+0x1db/0x2d0 [ 27.986292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.986372] kasan_report+0x104/0x140 [ 27.986434] ? kasan_atomics_helper+0x1c18/0x5450 [ 27.986508] ? kasan_atomics_helper+0x1c18/0x5450 [ 27.986593] kasan_check_range+0x10c/0x1c0 [ 27.986669] __kasan_check_write+0x18/0x20 [ 27.986733] kasan_atomics_helper+0x1c18/0x5450 [ 27.986809] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.986883] ? kasan_save_alloc_info+0x3b/0x50 [ 27.986973] kasan_atomics+0x1dc/0x310 [ 27.987046] ? __pfx_kasan_atomics+0x10/0x10 [ 27.987417] ? __pfx_read_tsc+0x10/0x10 [ 27.987511] ? ktime_get_ts64+0x86/0x240 [ 27.987623] kunit_try_run_case+0x1b2/0x490 [ 27.987763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.987869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.987951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.988022] ? __kthread_parkme+0x82/0x160 [ 27.988091] ? preempt_count_sub+0x50/0x80 [ 27.988200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.988270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.988315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.988353] kthread+0x323/0x710 [ 27.988385] ? trace_preempt_on+0x20/0xc0 [ 27.988424] ? __pfx_kthread+0x10/0x10 [ 27.988459] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.988491] ? calculate_sigpending+0x7b/0xa0 [ 27.988524] ? __pfx_kthread+0x10/0x10 [ 27.988560] ret_from_fork+0x41/0x80 [ 27.988594] ? __pfx_kthread+0x10/0x10 [ 27.988628] ret_from_fork_asm+0x1a/0x30 [ 27.988677] </TASK> [ 27.988696] [ 28.008596] Allocated by task 286: [ 28.008956] kasan_save_stack+0x3d/0x60 [ 28.009375] kasan_save_track+0x18/0x40 [ 28.009696] kasan_save_alloc_info+0x3b/0x50 [ 28.010383] __kasan_kmalloc+0xb7/0xc0 [ 28.010781] __kmalloc_cache_noprof+0x183/0x410 [ 28.011146] kasan_atomics+0x95/0x310 [ 28.011807] kunit_try_run_case+0x1b2/0x490 [ 28.012320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.012824] kthread+0x323/0x710 [ 28.013091] ret_from_fork+0x41/0x80 [ 28.014422] ret_from_fork_asm+0x1a/0x30 [ 28.014940] [ 28.015499] The buggy address belongs to the object at ffff888103231c00 [ 28.015499] which belongs to the cache kmalloc-64 of size 64 [ 28.016965] The buggy address is located 0 bytes to the right of [ 28.016965] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.017924] [ 28.018100] The buggy address belongs to the physical page: [ 28.018635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.020018] flags: 0x200000000000000(node=0|zone=2) [ 28.020576] page_type: f5(slab) [ 28.021275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.022045] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.022926] page dumped because: kasan: bad access detected [ 28.023682] [ 28.023985] Memory state around the buggy address: [ 28.024766] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.025397] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.026276] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.026964] ^ [ 28.028008] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.028520] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.029197] ================================================================== [ 25.869930] ================================================================== [ 25.871158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 25.871787] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 25.872535] [ 25.872999] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.873146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.873184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.873240] Call Trace: [ 25.873273] <TASK> [ 25.873360] dump_stack_lvl+0x73/0xb0 [ 25.873474] print_report+0xd1/0x660 [ 25.873547] ? __virt_addr_valid+0x1db/0x2d0 [ 25.873667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.873918] kasan_report+0x104/0x140 [ 25.873999] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.874072] ? kasan_atomics_helper+0x4ba2/0x5450 [ 25.874294] __asan_report_store4_noabort+0x1b/0x30 [ 25.874403] kasan_atomics_helper+0x4ba2/0x5450 [ 25.874491] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.874616] ? kasan_save_alloc_info+0x3b/0x50 [ 25.874740] kasan_atomics+0x1dc/0x310 [ 25.874959] ? __pfx_kasan_atomics+0x10/0x10 [ 25.875100] ? __pfx_read_tsc+0x10/0x10 [ 25.875212] ? ktime_get_ts64+0x86/0x240 [ 25.875285] kunit_try_run_case+0x1b2/0x490 [ 25.875355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.875473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.875573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.875677] ? __kthread_parkme+0x82/0x160 [ 25.875795] ? preempt_count_sub+0x50/0x80 [ 25.875844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.875882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.875920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.875966] kthread+0x323/0x710 [ 25.875996] ? trace_preempt_on+0x20/0xc0 [ 25.876030] ? __pfx_kthread+0x10/0x10 [ 25.876064] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.876094] ? calculate_sigpending+0x7b/0xa0 [ 25.876168] ? __pfx_kthread+0x10/0x10 [ 25.876264] ret_from_fork+0x41/0x80 [ 25.876337] ? __pfx_kthread+0x10/0x10 [ 25.876397] ret_from_fork_asm+0x1a/0x30 [ 25.876477] </TASK> [ 25.876502] [ 25.892101] Allocated by task 286: [ 25.892487] kasan_save_stack+0x3d/0x60 [ 25.893517] kasan_save_track+0x18/0x40 [ 25.894305] kasan_save_alloc_info+0x3b/0x50 [ 25.894916] __kasan_kmalloc+0xb7/0xc0 [ 25.895456] __kmalloc_cache_noprof+0x183/0x410 [ 25.896249] kasan_atomics+0x95/0x310 [ 25.896733] kunit_try_run_case+0x1b2/0x490 [ 25.897165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.897505] kthread+0x323/0x710 [ 25.898138] ret_from_fork+0x41/0x80 [ 25.898632] ret_from_fork_asm+0x1a/0x30 [ 25.899667] [ 25.899891] The buggy address belongs to the object at ffff888103231c00 [ 25.899891] which belongs to the cache kmalloc-64 of size 64 [ 25.900835] The buggy address is located 0 bytes to the right of [ 25.900835] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 25.902355] [ 25.902588] The buggy address belongs to the physical page: [ 25.903309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 25.904294] flags: 0x200000000000000(node=0|zone=2) [ 25.904877] page_type: f5(slab) [ 25.905286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.906436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.906833] page dumped because: kasan: bad access detected [ 25.907515] [ 25.908052] Memory state around the buggy address: [ 25.908502] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.909526] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.910300] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.911101] ^ [ 25.911410] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.912307] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.913278] ================================================================== [ 25.915593] ================================================================== [ 25.916457] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 25.917295] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 25.917977] [ 25.918350] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.918472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.918508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.918563] Call Trace: [ 25.918792] <TASK> [ 25.918867] dump_stack_lvl+0x73/0xb0 [ 25.918950] print_report+0xd1/0x660 [ 25.919079] ? __virt_addr_valid+0x1db/0x2d0 [ 25.919256] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.919334] kasan_report+0x104/0x140 [ 25.919449] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.919561] ? kasan_atomics_helper+0x4b88/0x5450 [ 25.919671] __asan_report_load4_noabort+0x18/0x20 [ 25.919741] kasan_atomics_helper+0x4b88/0x5450 [ 25.919935] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.920043] ? kasan_save_alloc_info+0x3b/0x50 [ 25.920154] kasan_atomics+0x1dc/0x310 [ 25.920229] ? __pfx_kasan_atomics+0x10/0x10 [ 25.920891] ? __pfx_read_tsc+0x10/0x10 [ 25.920985] ? ktime_get_ts64+0x86/0x240 [ 25.921064] kunit_try_run_case+0x1b2/0x490 [ 25.921157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.921214] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.921274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.921334] ? __kthread_parkme+0x82/0x160 [ 25.921554] ? preempt_count_sub+0x50/0x80 [ 25.921690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.921806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.922073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.922249] kthread+0x323/0x710 [ 25.922402] ? trace_preempt_on+0x20/0xc0 [ 25.922548] ? __pfx_kthread+0x10/0x10 [ 25.922714] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.922936] ? calculate_sigpending+0x7b/0xa0 [ 25.923023] ? __pfx_kthread+0x10/0x10 [ 25.923091] ret_from_fork+0x41/0x80 [ 25.923183] ? __pfx_kthread+0x10/0x10 [ 25.923250] ret_from_fork_asm+0x1a/0x30 [ 25.923337] </TASK> [ 25.923372] [ 25.940526] Allocated by task 286: [ 25.941069] kasan_save_stack+0x3d/0x60 [ 25.941802] kasan_save_track+0x18/0x40 [ 25.942103] kasan_save_alloc_info+0x3b/0x50 [ 25.942424] __kasan_kmalloc+0xb7/0xc0 [ 25.943285] __kmalloc_cache_noprof+0x183/0x410 [ 25.944083] kasan_atomics+0x95/0x310 [ 25.944547] kunit_try_run_case+0x1b2/0x490 [ 25.945078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.946031] kthread+0x323/0x710 [ 25.946469] ret_from_fork+0x41/0x80 [ 25.946985] ret_from_fork_asm+0x1a/0x30 [ 25.947574] [ 25.947883] The buggy address belongs to the object at ffff888103231c00 [ 25.947883] which belongs to the cache kmalloc-64 of size 64 [ 25.949392] The buggy address is located 0 bytes to the right of [ 25.949392] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 25.950714] [ 25.950919] The buggy address belongs to the physical page: [ 25.951691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 25.952642] flags: 0x200000000000000(node=0|zone=2) [ 25.953318] page_type: f5(slab) [ 25.954430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.955780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.956427] page dumped because: kasan: bad access detected [ 25.956785] [ 25.957005] Memory state around the buggy address: [ 25.957470] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.958223] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.959425] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.959897] ^ [ 25.960228] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.960605] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.961199] ================================================================== [ 27.195626] ================================================================== [ 27.196337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 27.197011] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.199304] [ 27.199559] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.199719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.200130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.200209] Call Trace: [ 27.200248] <TASK> [ 27.200287] dump_stack_lvl+0x73/0xb0 [ 27.200368] print_report+0xd1/0x660 [ 27.200436] ? __virt_addr_valid+0x1db/0x2d0 [ 27.200527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.200568] kasan_report+0x104/0x140 [ 27.200601] ? kasan_atomics_helper+0x49e8/0x5450 [ 27.200638] ? kasan_atomics_helper+0x49e8/0x5450 [ 27.200681] __asan_report_load4_noabort+0x18/0x20 [ 27.200741] kasan_atomics_helper+0x49e8/0x5450 [ 27.200783] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.200846] ? kasan_save_alloc_info+0x3b/0x50 [ 27.200894] kasan_atomics+0x1dc/0x310 [ 27.200930] ? __pfx_kasan_atomics+0x10/0x10 [ 27.200968] ? __pfx_read_tsc+0x10/0x10 [ 27.201002] ? ktime_get_ts64+0x86/0x240 [ 27.201042] kunit_try_run_case+0x1b2/0x490 [ 27.201079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.201135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.201171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.201205] ? __kthread_parkme+0x82/0x160 [ 27.201240] ? preempt_count_sub+0x50/0x80 [ 27.201280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.201316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.201352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.201388] kthread+0x323/0x710 [ 27.201420] ? trace_preempt_on+0x20/0xc0 [ 27.201454] ? __pfx_kthread+0x10/0x10 [ 27.201488] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.201519] ? calculate_sigpending+0x7b/0xa0 [ 27.201552] ? __pfx_kthread+0x10/0x10 [ 27.201587] ret_from_fork+0x41/0x80 [ 27.201621] ? __pfx_kthread+0x10/0x10 [ 27.201655] ret_from_fork_asm+0x1a/0x30 [ 27.201705] </TASK> [ 27.201752] [ 27.221461] Allocated by task 286: [ 27.222365] kasan_save_stack+0x3d/0x60 [ 27.223012] kasan_save_track+0x18/0x40 [ 27.223290] kasan_save_alloc_info+0x3b/0x50 [ 27.224033] __kasan_kmalloc+0xb7/0xc0 [ 27.224707] __kmalloc_cache_noprof+0x183/0x410 [ 27.225239] kasan_atomics+0x95/0x310 [ 27.225818] kunit_try_run_case+0x1b2/0x490 [ 27.226621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.227256] kthread+0x323/0x710 [ 27.227963] ret_from_fork+0x41/0x80 [ 27.228330] ret_from_fork_asm+0x1a/0x30 [ 27.228982] [ 27.229169] The buggy address belongs to the object at ffff888103231c00 [ 27.229169] which belongs to the cache kmalloc-64 of size 64 [ 27.230659] The buggy address is located 0 bytes to the right of [ 27.230659] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.231761] [ 27.232355] The buggy address belongs to the physical page: [ 27.232670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.234162] flags: 0x200000000000000(node=0|zone=2) [ 27.234553] page_type: f5(slab) [ 27.234913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.235981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.236787] page dumped because: kasan: bad access detected [ 27.237443] [ 27.237677] Memory state around the buggy address: [ 27.238477] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.239203] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.240106] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.240911] ^ [ 27.241311] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.242236] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.242924] ================================================================== [ 28.257569] ================================================================== [ 28.258275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 28.258848] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.259524] [ 28.259767] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.259898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.259935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.259998] Call Trace: [ 28.260045] <TASK> [ 28.260084] dump_stack_lvl+0x73/0xb0 [ 28.260649] print_report+0xd1/0x660 [ 28.261068] ? __virt_addr_valid+0x1db/0x2d0 [ 28.261463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.261563] kasan_report+0x104/0x140 [ 28.261631] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.261818] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.261937] kasan_check_range+0x10c/0x1c0 [ 28.262018] __kasan_check_write+0x18/0x20 [ 28.262082] kasan_atomics_helper+0x1f43/0x5450 [ 28.262186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.262262] ? kasan_save_alloc_info+0x3b/0x50 [ 28.262351] kasan_atomics+0x1dc/0x310 [ 28.262419] ? __pfx_kasan_atomics+0x10/0x10 [ 28.262492] ? __pfx_read_tsc+0x10/0x10 [ 28.262558] ? ktime_get_ts64+0x86/0x240 [ 28.262635] kunit_try_run_case+0x1b2/0x490 [ 28.262696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.262776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.262831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.262867] ? __kthread_parkme+0x82/0x160 [ 28.262904] ? preempt_count_sub+0x50/0x80 [ 28.262944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.262981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.263018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.263054] kthread+0x323/0x710 [ 28.263086] ? trace_preempt_on+0x20/0xc0 [ 28.263143] ? __pfx_kthread+0x10/0x10 [ 28.263177] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.263209] ? calculate_sigpending+0x7b/0xa0 [ 28.263242] ? __pfx_kthread+0x10/0x10 [ 28.263277] ret_from_fork+0x41/0x80 [ 28.263311] ? __pfx_kthread+0x10/0x10 [ 28.263345] ret_from_fork_asm+0x1a/0x30 [ 28.263393] </TASK> [ 28.263411] [ 28.275981] Allocated by task 286: [ 28.276241] kasan_save_stack+0x3d/0x60 [ 28.276678] kasan_save_track+0x18/0x40 [ 28.277143] kasan_save_alloc_info+0x3b/0x50 [ 28.277596] __kasan_kmalloc+0xb7/0xc0 [ 28.278130] __kmalloc_cache_noprof+0x183/0x410 [ 28.278512] kasan_atomics+0x95/0x310 [ 28.278803] kunit_try_run_case+0x1b2/0x490 [ 28.279101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.279682] kthread+0x323/0x710 [ 28.280215] ret_from_fork+0x41/0x80 [ 28.280635] ret_from_fork_asm+0x1a/0x30 [ 28.281136] [ 28.281366] The buggy address belongs to the object at ffff888103231c00 [ 28.281366] which belongs to the cache kmalloc-64 of size 64 [ 28.282729] The buggy address is located 0 bytes to the right of [ 28.282729] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.283360] [ 28.283641] The buggy address belongs to the physical page: [ 28.284226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.284811] flags: 0x200000000000000(node=0|zone=2) [ 28.285144] page_type: f5(slab) [ 28.285535] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.286391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.287067] page dumped because: kasan: bad access detected [ 28.287496] [ 28.287688] Memory state around the buggy address: [ 28.287990] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.288505] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.289223] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.289891] ^ [ 28.290370] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.290755] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.291188] ================================================================== [ 26.622366] ================================================================== [ 26.623153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 26.623953] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.624446] [ 26.624745] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.624883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.624924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.624989] Call Trace: [ 26.625028] <TASK> [ 26.625066] dump_stack_lvl+0x73/0xb0 [ 26.625174] print_report+0xd1/0x660 [ 26.625248] ? __virt_addr_valid+0x1db/0x2d0 [ 26.625375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.625445] kasan_report+0x104/0x140 [ 26.625508] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.625618] ? kasan_atomics_helper+0xb6a/0x5450 [ 26.625760] kasan_check_range+0x10c/0x1c0 [ 26.625851] __kasan_check_write+0x18/0x20 [ 26.625915] kasan_atomics_helper+0xb6a/0x5450 [ 26.625990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.626063] ? kasan_save_alloc_info+0x3b/0x50 [ 26.626169] kasan_atomics+0x1dc/0x310 [ 26.626235] ? __pfx_kasan_atomics+0x10/0x10 [ 26.626305] ? __pfx_read_tsc+0x10/0x10 [ 26.626370] ? ktime_get_ts64+0x86/0x240 [ 26.626444] kunit_try_run_case+0x1b2/0x490 [ 26.626519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.626586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.626653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.626742] ? __kthread_parkme+0x82/0x160 [ 26.626810] ? preempt_count_sub+0x50/0x80 [ 26.626890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.626960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.627033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.627102] kthread+0x323/0x710 [ 26.627185] ? trace_preempt_on+0x20/0xc0 [ 26.627256] ? __pfx_kthread+0x10/0x10 [ 26.627321] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.627385] ? calculate_sigpending+0x7b/0xa0 [ 26.627449] ? __pfx_kthread+0x10/0x10 [ 26.627515] ret_from_fork+0x41/0x80 [ 26.627592] ? __pfx_kthread+0x10/0x10 [ 26.627680] ret_from_fork_asm+0x1a/0x30 [ 26.627778] </TASK> [ 26.627814] [ 26.640378] Allocated by task 286: [ 26.640776] kasan_save_stack+0x3d/0x60 [ 26.641261] kasan_save_track+0x18/0x40 [ 26.641688] kasan_save_alloc_info+0x3b/0x50 [ 26.642227] __kasan_kmalloc+0xb7/0xc0 [ 26.642589] __kmalloc_cache_noprof+0x183/0x410 [ 26.644079] kasan_atomics+0x95/0x310 [ 26.644513] kunit_try_run_case+0x1b2/0x490 [ 26.645532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.646563] kthread+0x323/0x710 [ 26.647191] ret_from_fork+0x41/0x80 [ 26.647478] ret_from_fork_asm+0x1a/0x30 [ 26.647811] [ 26.648149] The buggy address belongs to the object at ffff888103231c00 [ 26.648149] which belongs to the cache kmalloc-64 of size 64 [ 26.649222] The buggy address is located 0 bytes to the right of [ 26.649222] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.650320] [ 26.650494] The buggy address belongs to the physical page: [ 26.650895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.651527] flags: 0x200000000000000(node=0|zone=2) [ 26.652131] page_type: f5(slab) [ 26.652500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.653244] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.653826] page dumped because: kasan: bad access detected [ 26.654168] [ 26.654327] Memory state around the buggy address: [ 26.654603] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.655306] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.656036] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.656695] ^ [ 26.657064] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.657684] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.658076] ================================================================== [ 27.789980] ================================================================== [ 27.790655] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 27.791421] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.792185] [ 27.792384] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.792516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.792555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.792618] Call Trace: [ 27.792657] <TASK> [ 27.792694] dump_stack_lvl+0x73/0xb0 [ 27.792832] print_report+0xd1/0x660 [ 27.792906] ? __virt_addr_valid+0x1db/0x2d0 [ 27.793038] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.793139] kasan_report+0x104/0x140 [ 27.793210] ? kasan_atomics_helper+0x194a/0x5450 [ 27.793282] ? kasan_atomics_helper+0x194a/0x5450 [ 27.793368] kasan_check_range+0x10c/0x1c0 [ 27.793444] __kasan_check_write+0x18/0x20 [ 27.793509] kasan_atomics_helper+0x194a/0x5450 [ 27.793583] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.793660] ? kasan_save_alloc_info+0x3b/0x50 [ 27.793804] kasan_atomics+0x1dc/0x310 [ 27.793890] ? __pfx_kasan_atomics+0x10/0x10 [ 27.793969] ? __pfx_read_tsc+0x10/0x10 [ 27.794036] ? ktime_get_ts64+0x86/0x240 [ 27.794189] kunit_try_run_case+0x1b2/0x490 [ 27.794291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.794629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.794839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.796417] ? __kthread_parkme+0x82/0x160 [ 27.796493] ? preempt_count_sub+0x50/0x80 [ 27.796574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.796649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.797091] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.798004] kthread+0x323/0x710 [ 27.798077] ? trace_preempt_on+0x20/0xc0 [ 27.798179] ? __pfx_kthread+0x10/0x10 [ 27.798251] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.798315] ? calculate_sigpending+0x7b/0xa0 [ 27.798384] ? __pfx_kthread+0x10/0x10 [ 27.798451] ret_from_fork+0x41/0x80 [ 27.798518] ? __pfx_kthread+0x10/0x10 [ 27.798587] ret_from_fork_asm+0x1a/0x30 [ 27.798681] </TASK> [ 27.798715] [ 27.816303] Allocated by task 286: [ 27.816546] kasan_save_stack+0x3d/0x60 [ 27.816851] kasan_save_track+0x18/0x40 [ 27.817332] kasan_save_alloc_info+0x3b/0x50 [ 27.818078] __kasan_kmalloc+0xb7/0xc0 [ 27.819147] __kmalloc_cache_noprof+0x183/0x410 [ 27.819663] kasan_atomics+0x95/0x310 [ 27.821132] kunit_try_run_case+0x1b2/0x490 [ 27.822392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.823054] kthread+0x323/0x710 [ 27.823766] ret_from_fork+0x41/0x80 [ 27.824521] ret_from_fork_asm+0x1a/0x30 [ 27.824987] [ 27.825188] The buggy address belongs to the object at ffff888103231c00 [ 27.825188] which belongs to the cache kmalloc-64 of size 64 [ 27.826776] The buggy address is located 0 bytes to the right of [ 27.826776] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.827740] [ 27.828072] The buggy address belongs to the physical page: [ 27.828603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.829409] flags: 0x200000000000000(node=0|zone=2) [ 27.830105] page_type: f5(slab) [ 27.830454] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.831049] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.831832] page dumped because: kasan: bad access detected [ 27.832438] [ 27.832738] Memory state around the buggy address: [ 27.833035] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.833769] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.834255] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.835191] ^ [ 27.835681] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.837131] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.837997] ================================================================== [ 26.415214] ================================================================== [ 26.415980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 26.416560] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.417238] [ 26.417517] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.417672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.417755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.417824] Call Trace: [ 26.417863] <TASK> [ 26.417901] dump_stack_lvl+0x73/0xb0 [ 26.417986] print_report+0xd1/0x660 [ 26.418061] ? __virt_addr_valid+0x1db/0x2d0 [ 26.418218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.418347] kasan_report+0x104/0x140 [ 26.418418] ? kasan_atomics_helper+0x860/0x5450 [ 26.418493] ? kasan_atomics_helper+0x860/0x5450 [ 26.418578] kasan_check_range+0x10c/0x1c0 [ 26.418653] __kasan_check_write+0x18/0x20 [ 26.418764] kasan_atomics_helper+0x860/0x5450 [ 26.418850] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.418922] ? kasan_save_alloc_info+0x3b/0x50 [ 26.419015] kasan_atomics+0x1dc/0x310 [ 26.419088] ? __pfx_kasan_atomics+0x10/0x10 [ 26.419183] ? __pfx_read_tsc+0x10/0x10 [ 26.419250] ? ktime_get_ts64+0x86/0x240 [ 26.419324] kunit_try_run_case+0x1b2/0x490 [ 26.419448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.419521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.419582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.419680] ? __kthread_parkme+0x82/0x160 [ 26.419824] ? preempt_count_sub+0x50/0x80 [ 26.419949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.420028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.420080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.420143] kthread+0x323/0x710 [ 26.420180] ? trace_preempt_on+0x20/0xc0 [ 26.420215] ? __pfx_kthread+0x10/0x10 [ 26.420249] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.420281] ? calculate_sigpending+0x7b/0xa0 [ 26.420313] ? __pfx_kthread+0x10/0x10 [ 26.420347] ret_from_fork+0x41/0x80 [ 26.420381] ? __pfx_kthread+0x10/0x10 [ 26.420415] ret_from_fork_asm+0x1a/0x30 [ 26.420464] </TASK> [ 26.420481] [ 26.433397] Allocated by task 286: [ 26.433638] kasan_save_stack+0x3d/0x60 [ 26.433928] kasan_save_track+0x18/0x40 [ 26.434367] kasan_save_alloc_info+0x3b/0x50 [ 26.434916] __kasan_kmalloc+0xb7/0xc0 [ 26.435359] __kmalloc_cache_noprof+0x183/0x410 [ 26.435913] kasan_atomics+0x95/0x310 [ 26.436445] kunit_try_run_case+0x1b2/0x490 [ 26.436980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.437559] kthread+0x323/0x710 [ 26.438035] ret_from_fork+0x41/0x80 [ 26.438424] ret_from_fork_asm+0x1a/0x30 [ 26.438974] [ 26.439186] The buggy address belongs to the object at ffff888103231c00 [ 26.439186] which belongs to the cache kmalloc-64 of size 64 [ 26.440302] The buggy address is located 0 bytes to the right of [ 26.440302] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.441303] [ 26.441468] The buggy address belongs to the physical page: [ 26.441772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.442592] flags: 0x200000000000000(node=0|zone=2) [ 26.443288] page_type: f5(slab) [ 26.443641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.444068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.444795] page dumped because: kasan: bad access detected [ 26.445387] [ 26.445682] Memory state around the buggy address: [ 26.446098] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.446505] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.446958] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.447745] ^ [ 26.448508] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.449394] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.449902] ================================================================== [ 26.699448] ================================================================== [ 26.700181] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 26.700589] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.701064] [ 26.701342] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.701476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.701514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.701576] Call Trace: [ 26.701616] <TASK> [ 26.701653] dump_stack_lvl+0x73/0xb0 [ 26.701793] print_report+0xd1/0x660 [ 26.701877] ? __virt_addr_valid+0x1db/0x2d0 [ 26.702008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.702088] kasan_report+0x104/0x140 [ 26.702174] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.702243] ? kasan_atomics_helper+0x4a84/0x5450 [ 26.702320] __asan_report_load4_noabort+0x18/0x20 [ 26.702384] kasan_atomics_helper+0x4a84/0x5450 [ 26.702456] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.702526] ? kasan_save_alloc_info+0x3b/0x50 [ 26.702614] kasan_atomics+0x1dc/0x310 [ 26.702691] ? __pfx_kasan_atomics+0x10/0x10 [ 26.702829] ? __pfx_read_tsc+0x10/0x10 [ 26.702899] ? ktime_get_ts64+0x86/0x240 [ 26.702975] kunit_try_run_case+0x1b2/0x490 [ 26.703046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.703135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.703198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.703264] ? __kthread_parkme+0x82/0x160 [ 26.703332] ? preempt_count_sub+0x50/0x80 [ 26.703410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.703481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.703555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.703657] kthread+0x323/0x710 [ 26.703773] ? trace_preempt_on+0x20/0xc0 [ 26.703858] ? __pfx_kthread+0x10/0x10 [ 26.703937] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.704001] ? calculate_sigpending+0x7b/0xa0 [ 26.704068] ? __pfx_kthread+0x10/0x10 [ 26.704162] ret_from_fork+0x41/0x80 [ 26.704236] ? __pfx_kthread+0x10/0x10 [ 26.704302] ret_from_fork_asm+0x1a/0x30 [ 26.704398] </TASK> [ 26.704433] [ 26.717357] Allocated by task 286: [ 26.717748] kasan_save_stack+0x3d/0x60 [ 26.718131] kasan_save_track+0x18/0x40 [ 26.718453] kasan_save_alloc_info+0x3b/0x50 [ 26.718821] __kasan_kmalloc+0xb7/0xc0 [ 26.719098] __kmalloc_cache_noprof+0x183/0x410 [ 26.719571] kasan_atomics+0x95/0x310 [ 26.720075] kunit_try_run_case+0x1b2/0x490 [ 26.720550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.721077] kthread+0x323/0x710 [ 26.721364] ret_from_fork+0x41/0x80 [ 26.721751] ret_from_fork_asm+0x1a/0x30 [ 26.722204] [ 26.722427] The buggy address belongs to the object at ffff888103231c00 [ 26.722427] which belongs to the cache kmalloc-64 of size 64 [ 26.723478] The buggy address is located 0 bytes to the right of [ 26.723478] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.724499] [ 26.724769] The buggy address belongs to the physical page: [ 26.725225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.725887] flags: 0x200000000000000(node=0|zone=2) [ 26.726392] page_type: f5(slab) [ 26.726702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.727279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.727855] page dumped because: kasan: bad access detected [ 26.728259] [ 26.728426] Memory state around the buggy address: [ 26.728759] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.729201] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.729881] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.730530] ^ [ 26.731079] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.731807] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.732427] ================================================================== [ 26.368637] ================================================================== [ 26.369263] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 26.369987] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.371299] [ 26.371567] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.371722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.371764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.371824] Call Trace: [ 26.371863] <TASK> [ 26.371901] dump_stack_lvl+0x73/0xb0 [ 26.372025] print_report+0xd1/0x660 [ 26.372136] ? __virt_addr_valid+0x1db/0x2d0 [ 26.372272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.372352] kasan_report+0x104/0x140 [ 26.372414] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.372479] ? kasan_atomics_helper+0x7c7/0x5450 [ 26.372526] kasan_check_range+0x10c/0x1c0 [ 26.372565] __kasan_check_write+0x18/0x20 [ 26.372597] kasan_atomics_helper+0x7c7/0x5450 [ 26.372634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.372672] ? kasan_save_alloc_info+0x3b/0x50 [ 26.372760] kasan_atomics+0x1dc/0x310 [ 26.372803] ? __pfx_kasan_atomics+0x10/0x10 [ 26.372841] ? __pfx_read_tsc+0x10/0x10 [ 26.372876] ? ktime_get_ts64+0x86/0x240 [ 26.372916] kunit_try_run_case+0x1b2/0x490 [ 26.372953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.372987] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.373022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.373056] ? __kthread_parkme+0x82/0x160 [ 26.373090] ? preempt_count_sub+0x50/0x80 [ 26.373152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.373191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.373228] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.373264] kthread+0x323/0x710 [ 26.373297] ? trace_preempt_on+0x20/0xc0 [ 26.373332] ? __pfx_kthread+0x10/0x10 [ 26.373365] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.373397] ? calculate_sigpending+0x7b/0xa0 [ 26.373430] ? __pfx_kthread+0x10/0x10 [ 26.373464] ret_from_fork+0x41/0x80 [ 26.373499] ? __pfx_kthread+0x10/0x10 [ 26.373532] ret_from_fork_asm+0x1a/0x30 [ 26.373582] </TASK> [ 26.373599] [ 26.394910] Allocated by task 286: [ 26.395195] kasan_save_stack+0x3d/0x60 [ 26.396207] kasan_save_track+0x18/0x40 [ 26.396585] kasan_save_alloc_info+0x3b/0x50 [ 26.397009] __kasan_kmalloc+0xb7/0xc0 [ 26.397376] __kmalloc_cache_noprof+0x183/0x410 [ 26.398707] kasan_atomics+0x95/0x310 [ 26.398980] kunit_try_run_case+0x1b2/0x490 [ 26.399704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.400907] kthread+0x323/0x710 [ 26.401259] ret_from_fork+0x41/0x80 [ 26.401583] ret_from_fork_asm+0x1a/0x30 [ 26.402271] [ 26.402436] The buggy address belongs to the object at ffff888103231c00 [ 26.402436] which belongs to the cache kmalloc-64 of size 64 [ 26.403568] The buggy address is located 0 bytes to the right of [ 26.403568] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.404759] [ 26.405010] The buggy address belongs to the physical page: [ 26.405548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.406285] flags: 0x200000000000000(node=0|zone=2) [ 26.407026] page_type: f5(slab) [ 26.407569] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.408321] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.408905] page dumped because: kasan: bad access detected [ 26.409443] [ 26.409681] Memory state around the buggy address: [ 26.410250] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.410673] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.411286] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.411894] ^ [ 26.412280] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.413012] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.413766] ================================================================== [ 26.733224] ================================================================== [ 26.734090] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 26.734817] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.735496] [ 26.735835] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.735978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.736016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.736075] Call Trace: [ 26.736129] <TASK> [ 26.736168] dump_stack_lvl+0x73/0xb0 [ 26.736249] print_report+0xd1/0x660 [ 26.736318] ? __virt_addr_valid+0x1db/0x2d0 [ 26.736445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.736527] kasan_report+0x104/0x140 [ 26.736592] ? kasan_atomics_helper+0xd47/0x5450 [ 26.736666] ? kasan_atomics_helper+0xd47/0x5450 [ 26.736810] kasan_check_range+0x10c/0x1c0 [ 26.736898] __kasan_check_write+0x18/0x20 [ 26.736965] kasan_atomics_helper+0xd47/0x5450 [ 26.737040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.737137] ? kasan_save_alloc_info+0x3b/0x50 [ 26.737230] kasan_atomics+0x1dc/0x310 [ 26.737303] ? __pfx_kasan_atomics+0x10/0x10 [ 26.737376] ? __pfx_read_tsc+0x10/0x10 [ 26.737442] ? ktime_get_ts64+0x86/0x240 [ 26.737518] kunit_try_run_case+0x1b2/0x490 [ 26.737591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.737654] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.737760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.737838] ? __kthread_parkme+0x82/0x160 [ 26.737908] ? preempt_count_sub+0x50/0x80 [ 26.737983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.738056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.738153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.738229] kthread+0x323/0x710 [ 26.738295] ? trace_preempt_on+0x20/0xc0 [ 26.738365] ? __pfx_kthread+0x10/0x10 [ 26.738433] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.738499] ? calculate_sigpending+0x7b/0xa0 [ 26.738563] ? __pfx_kthread+0x10/0x10 [ 26.738629] ret_from_fork+0x41/0x80 [ 26.738697] ? __pfx_kthread+0x10/0x10 [ 26.738817] ret_from_fork_asm+0x1a/0x30 [ 26.738914] </TASK> [ 26.738951] [ 26.751390] Allocated by task 286: [ 26.751653] kasan_save_stack+0x3d/0x60 [ 26.752179] kasan_save_track+0x18/0x40 [ 26.752613] kasan_save_alloc_info+0x3b/0x50 [ 26.753172] __kasan_kmalloc+0xb7/0xc0 [ 26.753599] __kmalloc_cache_noprof+0x183/0x410 [ 26.754784] kasan_atomics+0x95/0x310 [ 26.755202] kunit_try_run_case+0x1b2/0x490 [ 26.755657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.758573] kthread+0x323/0x710 [ 26.759296] ret_from_fork+0x41/0x80 [ 26.760540] ret_from_fork_asm+0x1a/0x30 [ 26.761904] [ 26.762077] The buggy address belongs to the object at ffff888103231c00 [ 26.762077] which belongs to the cache kmalloc-64 of size 64 [ 26.762684] The buggy address is located 0 bytes to the right of [ 26.762684] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.764064] [ 26.764907] The buggy address belongs to the physical page: [ 26.765447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.766584] flags: 0x200000000000000(node=0|zone=2) [ 26.768215] page_type: f5(slab) [ 26.768465] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.770303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.771596] page dumped because: kasan: bad access detected [ 26.772173] [ 26.772400] Memory state around the buggy address: [ 26.772849] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.773544] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.774017] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.774675] ^ [ 26.775103] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.775696] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.776669] ================================================================== [ 28.641896] ================================================================== [ 28.642832] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 28.643235] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.644384] [ 28.645494] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.645697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.645757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.645794] Call Trace: [ 28.645814] <TASK> [ 28.645836] dump_stack_lvl+0x73/0xb0 [ 28.645880] print_report+0xd1/0x660 [ 28.645916] ? __virt_addr_valid+0x1db/0x2d0 [ 28.645983] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.646021] kasan_report+0x104/0x140 [ 28.646053] ? kasan_atomics_helper+0x5115/0x5450 [ 28.646089] ? kasan_atomics_helper+0x5115/0x5450 [ 28.646153] __asan_report_load8_noabort+0x18/0x20 [ 28.646188] kasan_atomics_helper+0x5115/0x5450 [ 28.646225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.646262] ? kasan_save_alloc_info+0x3b/0x50 [ 28.646306] kasan_atomics+0x1dc/0x310 [ 28.646342] ? __pfx_kasan_atomics+0x10/0x10 [ 28.646379] ? __pfx_read_tsc+0x10/0x10 [ 28.646411] ? ktime_get_ts64+0x86/0x240 [ 28.646451] kunit_try_run_case+0x1b2/0x490 [ 28.646487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.646520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.646552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.646586] ? __kthread_parkme+0x82/0x160 [ 28.646619] ? preempt_count_sub+0x50/0x80 [ 28.646657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.646693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.646761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.646800] kthread+0x323/0x710 [ 28.646831] ? trace_preempt_on+0x20/0xc0 [ 28.646867] ? __pfx_kthread+0x10/0x10 [ 28.646900] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.646931] ? calculate_sigpending+0x7b/0xa0 [ 28.646964] ? __pfx_kthread+0x10/0x10 [ 28.646997] ret_from_fork+0x41/0x80 [ 28.647031] ? __pfx_kthread+0x10/0x10 [ 28.647066] ret_from_fork_asm+0x1a/0x30 [ 28.647134] </TASK> [ 28.647153] [ 28.659348] Allocated by task 286: [ 28.659773] kasan_save_stack+0x3d/0x60 [ 28.660179] kasan_save_track+0x18/0x40 [ 28.660590] kasan_save_alloc_info+0x3b/0x50 [ 28.661034] __kasan_kmalloc+0xb7/0xc0 [ 28.661431] __kmalloc_cache_noprof+0x183/0x410 [ 28.661784] kasan_atomics+0x95/0x310 [ 28.662141] kunit_try_run_case+0x1b2/0x490 [ 28.662642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.663272] kthread+0x323/0x710 [ 28.663765] ret_from_fork+0x41/0x80 [ 28.664227] ret_from_fork_asm+0x1a/0x30 [ 28.664604] [ 28.664843] The buggy address belongs to the object at ffff888103231c00 [ 28.664843] which belongs to the cache kmalloc-64 of size 64 [ 28.665655] The buggy address is located 0 bytes to the right of [ 28.665655] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.666462] [ 28.666635] The buggy address belongs to the physical page: [ 28.666986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.667781] flags: 0x200000000000000(node=0|zone=2) [ 28.668303] page_type: f5(slab) [ 28.668671] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.669414] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.669951] page dumped because: kasan: bad access detected [ 28.670499] [ 28.670763] Memory state around the buggy address: [ 28.671244] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.671893] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.672316] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.672869] ^ [ 28.673354] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.674038] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.674682] ================================================================== [ 27.885188] ================================================================== [ 27.885835] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 27.886460] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.886929] [ 27.887212] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.887352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.887391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.887453] Call Trace: [ 27.887490] <TASK> [ 27.887530] dump_stack_lvl+0x73/0xb0 [ 27.887641] print_report+0xd1/0x660 [ 27.887765] ? __virt_addr_valid+0x1db/0x2d0 [ 27.887903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.888041] kasan_report+0x104/0x140 [ 27.888137] ? kasan_atomics_helper+0x1a7f/0x5450 [ 27.888212] ? kasan_atomics_helper+0x1a7f/0x5450 [ 27.888340] kasan_check_range+0x10c/0x1c0 [ 27.888420] __kasan_check_write+0x18/0x20 [ 27.888483] kasan_atomics_helper+0x1a7f/0x5450 [ 27.888553] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.888626] ? kasan_save_alloc_info+0x3b/0x50 [ 27.888755] kasan_atomics+0x1dc/0x310 [ 27.888807] ? __pfx_kasan_atomics+0x10/0x10 [ 27.888848] ? __pfx_read_tsc+0x10/0x10 [ 27.888883] ? ktime_get_ts64+0x86/0x240 [ 27.888923] kunit_try_run_case+0x1b2/0x490 [ 27.888960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.888994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.889027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.889062] ? __kthread_parkme+0x82/0x160 [ 27.889095] ? preempt_count_sub+0x50/0x80 [ 27.889160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.889198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.889235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.889271] kthread+0x323/0x710 [ 27.889302] ? trace_preempt_on+0x20/0xc0 [ 27.889338] ? __pfx_kthread+0x10/0x10 [ 27.889371] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.889403] ? calculate_sigpending+0x7b/0xa0 [ 27.889436] ? __pfx_kthread+0x10/0x10 [ 27.889470] ret_from_fork+0x41/0x80 [ 27.889505] ? __pfx_kthread+0x10/0x10 [ 27.889540] ret_from_fork_asm+0x1a/0x30 [ 27.889589] </TASK> [ 27.889607] [ 27.909612] Allocated by task 286: [ 27.910021] kasan_save_stack+0x3d/0x60 [ 27.911572] kasan_save_track+0x18/0x40 [ 27.912027] kasan_save_alloc_info+0x3b/0x50 [ 27.912545] __kasan_kmalloc+0xb7/0xc0 [ 27.912963] __kmalloc_cache_noprof+0x183/0x410 [ 27.913424] kasan_atomics+0x95/0x310 [ 27.913786] kunit_try_run_case+0x1b2/0x490 [ 27.914826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.915442] kthread+0x323/0x710 [ 27.916101] ret_from_fork+0x41/0x80 [ 27.916518] ret_from_fork_asm+0x1a/0x30 [ 27.917260] [ 27.917486] The buggy address belongs to the object at ffff888103231c00 [ 27.917486] which belongs to the cache kmalloc-64 of size 64 [ 27.918697] The buggy address is located 0 bytes to the right of [ 27.918697] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.920197] [ 27.920429] The buggy address belongs to the physical page: [ 27.921284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.921544] flags: 0x200000000000000(node=0|zone=2) [ 27.921752] page_type: f5(slab) [ 27.922184] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.923566] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.924983] page dumped because: kasan: bad access detected [ 27.925418] [ 27.925638] Memory state around the buggy address: [ 27.926374] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.926793] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.928292] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.930186] ^ [ 27.930583] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.931181] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.931711] ================================================================== [ 26.191546] ================================================================== [ 26.192269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 26.193215] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.193783] [ 26.193977] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.194104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.194165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.194226] Call Trace: [ 26.194263] <TASK> [ 26.194297] dump_stack_lvl+0x73/0xb0 [ 26.194379] print_report+0xd1/0x660 [ 26.194451] ? __virt_addr_valid+0x1db/0x2d0 [ 26.194575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.194652] kasan_report+0x104/0x140 [ 26.194766] ? kasan_atomics_helper+0x565/0x5450 [ 26.194852] ? kasan_atomics_helper+0x565/0x5450 [ 26.194936] kasan_check_range+0x10c/0x1c0 [ 26.195010] __kasan_check_write+0x18/0x20 [ 26.195071] kasan_atomics_helper+0x565/0x5450 [ 26.195164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.195238] ? kasan_save_alloc_info+0x3b/0x50 [ 26.195329] kasan_atomics+0x1dc/0x310 [ 26.195400] ? __pfx_kasan_atomics+0x10/0x10 [ 26.195476] ? __pfx_read_tsc+0x10/0x10 [ 26.195537] ? ktime_get_ts64+0x86/0x240 [ 26.195641] kunit_try_run_case+0x1b2/0x490 [ 26.195751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.195831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.195904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.195977] ? __kthread_parkme+0x82/0x160 [ 26.196041] ? preempt_count_sub+0x50/0x80 [ 26.196134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.196206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.196278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.196341] kthread+0x323/0x710 [ 26.196402] ? trace_preempt_on+0x20/0xc0 [ 26.196469] ? __pfx_kthread+0x10/0x10 [ 26.196533] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.196595] ? calculate_sigpending+0x7b/0xa0 [ 26.196652] ? __pfx_kthread+0x10/0x10 [ 26.196765] ret_from_fork+0x41/0x80 [ 26.196847] ? __pfx_kthread+0x10/0x10 [ 26.196914] ret_from_fork_asm+0x1a/0x30 [ 26.197009] </TASK> [ 26.197039] [ 26.211294] Allocated by task 286: [ 26.211698] kasan_save_stack+0x3d/0x60 [ 26.212228] kasan_save_track+0x18/0x40 [ 26.212629] kasan_save_alloc_info+0x3b/0x50 [ 26.212952] __kasan_kmalloc+0xb7/0xc0 [ 26.213456] __kmalloc_cache_noprof+0x183/0x410 [ 26.214045] kasan_atomics+0x95/0x310 [ 26.214494] kunit_try_run_case+0x1b2/0x490 [ 26.215032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.215531] kthread+0x323/0x710 [ 26.215950] ret_from_fork+0x41/0x80 [ 26.216397] ret_from_fork_asm+0x1a/0x30 [ 26.216851] [ 26.217064] The buggy address belongs to the object at ffff888103231c00 [ 26.217064] which belongs to the cache kmalloc-64 of size 64 [ 26.217978] The buggy address is located 0 bytes to the right of [ 26.217978] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.218906] [ 26.219161] The buggy address belongs to the physical page: [ 26.219746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.220432] flags: 0x200000000000000(node=0|zone=2) [ 26.220944] page_type: f5(slab) [ 26.221380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.222033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.222533] page dumped because: kasan: bad access detected [ 26.223150] [ 26.223382] Memory state around the buggy address: [ 26.223821] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.224536] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.225088] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.225780] ^ [ 26.226177] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.226909] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.227528] ================================================================== [ 28.424972] ================================================================== [ 28.425646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 28.426388] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.427089] [ 28.427392] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.427601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.427665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.427767] Call Trace: [ 28.427810] <TASK> [ 28.427849] dump_stack_lvl+0x73/0xb0 [ 28.427942] print_report+0xd1/0x660 [ 28.428010] ? __virt_addr_valid+0x1db/0x2d0 [ 28.428156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.428295] kasan_report+0x104/0x140 [ 28.428446] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.428562] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.428654] kasan_check_range+0x10c/0x1c0 [ 28.428773] __kasan_check_write+0x18/0x20 [ 28.428849] kasan_atomics_helper+0x20c8/0x5450 [ 28.428914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.428981] ? kasan_save_alloc_info+0x3b/0x50 [ 28.429140] kasan_atomics+0x1dc/0x310 [ 28.429235] ? __pfx_kasan_atomics+0x10/0x10 [ 28.429311] ? __pfx_read_tsc+0x10/0x10 [ 28.429376] ? ktime_get_ts64+0x86/0x240 [ 28.429502] kunit_try_run_case+0x1b2/0x490 [ 28.429617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.429687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.429804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.429960] ? __kthread_parkme+0x82/0x160 [ 28.430039] ? preempt_count_sub+0x50/0x80 [ 28.430150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.430284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.430393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.430464] kthread+0x323/0x710 [ 28.430524] ? trace_preempt_on+0x20/0xc0 [ 28.430593] ? __pfx_kthread+0x10/0x10 [ 28.430769] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.430930] ? calculate_sigpending+0x7b/0xa0 [ 28.431006] ? __pfx_kthread+0x10/0x10 [ 28.431078] ret_from_fork+0x41/0x80 [ 28.431171] ? __pfx_kthread+0x10/0x10 [ 28.431239] ret_from_fork_asm+0x1a/0x30 [ 28.431293] </TASK> [ 28.431313] [ 28.445241] Allocated by task 286: [ 28.445695] kasan_save_stack+0x3d/0x60 [ 28.446267] kasan_save_track+0x18/0x40 [ 28.446739] kasan_save_alloc_info+0x3b/0x50 [ 28.447309] __kasan_kmalloc+0xb7/0xc0 [ 28.447801] __kmalloc_cache_noprof+0x183/0x410 [ 28.448236] kasan_atomics+0x95/0x310 [ 28.448635] kunit_try_run_case+0x1b2/0x490 [ 28.449175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.449751] kthread+0x323/0x710 [ 28.450160] ret_from_fork+0x41/0x80 [ 28.450573] ret_from_fork_asm+0x1a/0x30 [ 28.451029] [ 28.451281] The buggy address belongs to the object at ffff888103231c00 [ 28.451281] which belongs to the cache kmalloc-64 of size 64 [ 28.452368] The buggy address is located 0 bytes to the right of [ 28.452368] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.453283] [ 28.453580] The buggy address belongs to the physical page: [ 28.454258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.455040] flags: 0x200000000000000(node=0|zone=2) [ 28.455530] page_type: f5(slab) [ 28.456031] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.456767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.457234] page dumped because: kasan: bad access detected [ 28.457554] [ 28.457732] Memory state around the buggy address: [ 28.458023] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.458688] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.459576] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.460333] ^ [ 28.460867] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.461607] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.462251] ================================================================== [ 28.328614] ================================================================== [ 28.329350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 28.329776] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.330489] [ 28.330798] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.330983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.331022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.331081] Call Trace: [ 28.331138] <TASK> [ 28.331178] dump_stack_lvl+0x73/0xb0 [ 28.331301] print_report+0xd1/0x660 [ 28.331381] ? __virt_addr_valid+0x1db/0x2d0 [ 28.331501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.331577] kasan_report+0x104/0x140 [ 28.331671] ? kasan_atomics_helper+0x2006/0x5450 [ 28.331796] ? kasan_atomics_helper+0x2006/0x5450 [ 28.331891] kasan_check_range+0x10c/0x1c0 [ 28.331979] __kasan_check_write+0x18/0x20 [ 28.332037] kasan_atomics_helper+0x2006/0x5450 [ 28.332128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.332205] ? kasan_save_alloc_info+0x3b/0x50 [ 28.332293] kasan_atomics+0x1dc/0x310 [ 28.332369] ? __pfx_kasan_atomics+0x10/0x10 [ 28.332447] ? __pfx_read_tsc+0x10/0x10 [ 28.332513] ? ktime_get_ts64+0x86/0x240 [ 28.332592] kunit_try_run_case+0x1b2/0x490 [ 28.332667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.332786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.332864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.332933] ? __kthread_parkme+0x82/0x160 [ 28.333004] ? preempt_count_sub+0x50/0x80 [ 28.333083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.333200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.333306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.333382] kthread+0x323/0x710 [ 28.333446] ? trace_preempt_on+0x20/0xc0 [ 28.333517] ? __pfx_kthread+0x10/0x10 [ 28.333585] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.333648] ? calculate_sigpending+0x7b/0xa0 [ 28.333760] ? __pfx_kthread+0x10/0x10 [ 28.333840] ret_from_fork+0x41/0x80 [ 28.333912] ? __pfx_kthread+0x10/0x10 [ 28.333981] ret_from_fork_asm+0x1a/0x30 [ 28.334077] </TASK> [ 28.334132] [ 28.347405] Allocated by task 286: [ 28.347780] kasan_save_stack+0x3d/0x60 [ 28.348289] kasan_save_track+0x18/0x40 [ 28.348747] kasan_save_alloc_info+0x3b/0x50 [ 28.349138] __kasan_kmalloc+0xb7/0xc0 [ 28.349519] __kmalloc_cache_noprof+0x183/0x410 [ 28.350066] kasan_atomics+0x95/0x310 [ 28.350428] kunit_try_run_case+0x1b2/0x490 [ 28.350774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.351398] kthread+0x323/0x710 [ 28.351833] ret_from_fork+0x41/0x80 [ 28.352280] ret_from_fork_asm+0x1a/0x30 [ 28.352704] [ 28.352905] The buggy address belongs to the object at ffff888103231c00 [ 28.352905] which belongs to the cache kmalloc-64 of size 64 [ 28.353680] The buggy address is located 0 bytes to the right of [ 28.353680] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.354546] [ 28.354846] The buggy address belongs to the physical page: [ 28.355407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.356287] flags: 0x200000000000000(node=0|zone=2) [ 28.357074] page_type: f5(slab) [ 28.358321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.359376] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.361575] page dumped because: kasan: bad access detected [ 28.362259] [ 28.364283] Memory state around the buggy address: [ 28.364641] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.365409] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.367250] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.369015] ^ [ 28.369460] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.371046] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.372030] ================================================================== [ 28.292311] ================================================================== [ 28.293102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 28.293807] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.294342] [ 28.294532] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.294662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.294696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.294759] Call Trace: [ 28.294793] <TASK> [ 28.294831] dump_stack_lvl+0x73/0xb0 [ 28.294908] print_report+0xd1/0x660 [ 28.295004] ? __virt_addr_valid+0x1db/0x2d0 [ 28.295159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.295244] kasan_report+0x104/0x140 [ 28.295306] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.295379] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.295462] __asan_report_load8_noabort+0x18/0x20 [ 28.295528] kasan_atomics_helper+0x4f71/0x5450 [ 28.295630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.295711] ? kasan_save_alloc_info+0x3b/0x50 [ 28.295809] kasan_atomics+0x1dc/0x310 [ 28.295886] ? __pfx_kasan_atomics+0x10/0x10 [ 28.295975] ? __pfx_read_tsc+0x10/0x10 [ 28.296042] ? ktime_get_ts64+0x86/0x240 [ 28.296142] kunit_try_run_case+0x1b2/0x490 [ 28.296221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.296290] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.296359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.296429] ? __kthread_parkme+0x82/0x160 [ 28.296497] ? preempt_count_sub+0x50/0x80 [ 28.296572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.296646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.296721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.296795] kthread+0x323/0x710 [ 28.296861] ? trace_preempt_on+0x20/0xc0 [ 28.296930] ? __pfx_kthread+0x10/0x10 [ 28.296999] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.297061] ? calculate_sigpending+0x7b/0xa0 [ 28.297167] ? __pfx_kthread+0x10/0x10 [ 28.297243] ret_from_fork+0x41/0x80 [ 28.297316] ? __pfx_kthread+0x10/0x10 [ 28.297381] ret_from_fork_asm+0x1a/0x30 [ 28.297478] </TASK> [ 28.297511] [ 28.310577] Allocated by task 286: [ 28.310909] kasan_save_stack+0x3d/0x60 [ 28.311501] kasan_save_track+0x18/0x40 [ 28.312182] kasan_save_alloc_info+0x3b/0x50 [ 28.312649] __kasan_kmalloc+0xb7/0xc0 [ 28.313094] __kmalloc_cache_noprof+0x183/0x410 [ 28.313475] kasan_atomics+0x95/0x310 [ 28.314062] kunit_try_run_case+0x1b2/0x490 [ 28.314422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.314761] kthread+0x323/0x710 [ 28.315015] ret_from_fork+0x41/0x80 [ 28.315443] ret_from_fork_asm+0x1a/0x30 [ 28.315970] [ 28.316323] The buggy address belongs to the object at ffff888103231c00 [ 28.316323] which belongs to the cache kmalloc-64 of size 64 [ 28.317700] The buggy address is located 0 bytes to the right of [ 28.317700] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.318470] [ 28.318637] The buggy address belongs to the physical page: [ 28.318942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.319725] flags: 0x200000000000000(node=0|zone=2) [ 28.320289] page_type: f5(slab) [ 28.320810] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.321542] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.322445] page dumped because: kasan: bad access detected [ 28.322769] [ 28.322926] Memory state around the buggy address: [ 28.323457] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.324406] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.324840] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.325520] ^ [ 28.326066] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.326671] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.327318] ================================================================== [ 26.319192] ================================================================== [ 26.320081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 26.321221] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.323417] [ 26.323635] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.325282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.325334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.325400] Call Trace: [ 26.325437] <TASK> [ 26.325476] dump_stack_lvl+0x73/0xb0 [ 26.325557] print_report+0xd1/0x660 [ 26.325629] ? __virt_addr_valid+0x1db/0x2d0 [ 26.326192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.326284] kasan_report+0x104/0x140 [ 26.326322] ? kasan_atomics_helper+0x72f/0x5450 [ 26.326359] ? kasan_atomics_helper+0x72f/0x5450 [ 26.326402] kasan_check_range+0x10c/0x1c0 [ 26.326440] __kasan_check_write+0x18/0x20 [ 26.326472] kasan_atomics_helper+0x72f/0x5450 [ 26.326509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.326546] ? kasan_save_alloc_info+0x3b/0x50 [ 26.326591] kasan_atomics+0x1dc/0x310 [ 26.326627] ? __pfx_kasan_atomics+0x10/0x10 [ 26.326664] ? __pfx_read_tsc+0x10/0x10 [ 26.326698] ? ktime_get_ts64+0x86/0x240 [ 26.327314] kunit_try_run_case+0x1b2/0x490 [ 26.327401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.327467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.327531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.327624] ? __kthread_parkme+0x82/0x160 [ 26.327690] ? preempt_count_sub+0x50/0x80 [ 26.327767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.327838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.327910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.327990] kthread+0x323/0x710 [ 26.328050] ? trace_preempt_on+0x20/0xc0 [ 26.328144] ? __pfx_kthread+0x10/0x10 [ 26.328212] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.328274] ? calculate_sigpending+0x7b/0xa0 [ 26.328335] ? __pfx_kthread+0x10/0x10 [ 26.328398] ret_from_fork+0x41/0x80 [ 26.328463] ? __pfx_kthread+0x10/0x10 [ 26.328525] ret_from_fork_asm+0x1a/0x30 [ 26.328619] </TASK> [ 26.328650] [ 26.348425] Allocated by task 286: [ 26.348745] kasan_save_stack+0x3d/0x60 [ 26.349400] kasan_save_track+0x18/0x40 [ 26.349789] kasan_save_alloc_info+0x3b/0x50 [ 26.350238] __kasan_kmalloc+0xb7/0xc0 [ 26.351020] __kmalloc_cache_noprof+0x183/0x410 [ 26.351417] kasan_atomics+0x95/0x310 [ 26.352042] kunit_try_run_case+0x1b2/0x490 [ 26.352757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.353192] kthread+0x323/0x710 [ 26.353584] ret_from_fork+0x41/0x80 [ 26.354331] ret_from_fork_asm+0x1a/0x30 [ 26.354656] [ 26.355051] The buggy address belongs to the object at ffff888103231c00 [ 26.355051] which belongs to the cache kmalloc-64 of size 64 [ 26.356201] The buggy address is located 0 bytes to the right of [ 26.356201] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.357292] [ 26.357524] The buggy address belongs to the physical page: [ 26.357882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.358670] flags: 0x200000000000000(node=0|zone=2) [ 26.359212] page_type: f5(slab) [ 26.359459] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.360098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.361209] page dumped because: kasan: bad access detected [ 26.361823] [ 26.362194] Memory state around the buggy address: [ 26.362615] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.363362] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.364091] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.364891] ^ [ 26.365391] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.366034] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.366859] ================================================================== [ 26.779051] ================================================================== [ 26.779598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 26.780594] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.781308] [ 26.781555] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.781686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.781727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.781827] Call Trace: [ 26.781867] <TASK> [ 26.781901] dump_stack_lvl+0x73/0xb0 [ 26.781980] print_report+0xd1/0x660 [ 26.782046] ? __virt_addr_valid+0x1db/0x2d0 [ 26.782196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.782277] kasan_report+0x104/0x140 [ 26.782341] ? kasan_atomics_helper+0xde0/0x5450 [ 26.782414] ? kasan_atomics_helper+0xde0/0x5450 [ 26.782495] kasan_check_range+0x10c/0x1c0 [ 26.782539] __kasan_check_write+0x18/0x20 [ 26.782572] kasan_atomics_helper+0xde0/0x5450 [ 26.782609] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.782646] ? kasan_save_alloc_info+0x3b/0x50 [ 26.782691] kasan_atomics+0x1dc/0x310 [ 26.782759] ? __pfx_kasan_atomics+0x10/0x10 [ 26.782801] ? __pfx_read_tsc+0x10/0x10 [ 26.782836] ? ktime_get_ts64+0x86/0x240 [ 26.782876] kunit_try_run_case+0x1b2/0x490 [ 26.782912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.782946] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.782979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.783014] ? __kthread_parkme+0x82/0x160 [ 26.783047] ? preempt_count_sub+0x50/0x80 [ 26.783086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.783145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.783181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.783217] kthread+0x323/0x710 [ 26.783261] ? trace_preempt_on+0x20/0xc0 [ 26.783319] ? __pfx_kthread+0x10/0x10 [ 26.783370] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.783424] ? calculate_sigpending+0x7b/0xa0 [ 26.783481] ? __pfx_kthread+0x10/0x10 [ 26.783539] ret_from_fork+0x41/0x80 [ 26.783626] ? __pfx_kthread+0x10/0x10 [ 26.783687] ret_from_fork_asm+0x1a/0x30 [ 26.783790] </TASK> [ 26.783820] [ 26.797958] Allocated by task 286: [ 26.798347] kasan_save_stack+0x3d/0x60 [ 26.798819] kasan_save_track+0x18/0x40 [ 26.799189] kasan_save_alloc_info+0x3b/0x50 [ 26.799523] __kasan_kmalloc+0xb7/0xc0 [ 26.800039] __kmalloc_cache_noprof+0x183/0x410 [ 26.800387] kasan_atomics+0x95/0x310 [ 26.800666] kunit_try_run_case+0x1b2/0x490 [ 26.801099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.801647] kthread+0x323/0x710 [ 26.802075] ret_from_fork+0x41/0x80 [ 26.802460] ret_from_fork_asm+0x1a/0x30 [ 26.802892] [ 26.803060] The buggy address belongs to the object at ffff888103231c00 [ 26.803060] which belongs to the cache kmalloc-64 of size 64 [ 26.804172] The buggy address is located 0 bytes to the right of [ 26.804172] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.804961] [ 26.805202] The buggy address belongs to the physical page: [ 26.805749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.806210] flags: 0x200000000000000(node=0|zone=2) [ 26.806737] page_type: f5(slab) [ 26.807131] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.807685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.808287] page dumped because: kasan: bad access detected [ 26.808652] [ 26.808868] Memory state around the buggy address: [ 26.809183] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.809567] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.810004] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.810647] ^ [ 26.811155] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.811875] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.812532] ================================================================== [ 26.938739] ================================================================== [ 26.939591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 26.940437] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.941625] [ 26.941847] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.941976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.942015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.942073] Call Trace: [ 26.942107] <TASK> [ 26.942328] dump_stack_lvl+0x73/0xb0 [ 26.942580] print_report+0xd1/0x660 [ 26.942680] ? __virt_addr_valid+0x1db/0x2d0 [ 26.943020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.943067] kasan_report+0x104/0x140 [ 26.943102] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.943186] ? kasan_atomics_helper+0x4a36/0x5450 [ 26.943233] __asan_report_load4_noabort+0x18/0x20 [ 26.943267] kasan_atomics_helper+0x4a36/0x5450 [ 26.943304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.943341] ? kasan_save_alloc_info+0x3b/0x50 [ 26.943387] kasan_atomics+0x1dc/0x310 [ 26.943422] ? __pfx_kasan_atomics+0x10/0x10 [ 26.943507] ? __pfx_read_tsc+0x10/0x10 [ 26.943544] ? ktime_get_ts64+0x86/0x240 [ 26.943592] kunit_try_run_case+0x1b2/0x490 [ 26.943649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.943684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.943779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.943856] ? __kthread_parkme+0x82/0x160 [ 26.943898] ? preempt_count_sub+0x50/0x80 [ 26.943952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.943989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.944026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.944063] kthread+0x323/0x710 [ 26.944094] ? trace_preempt_on+0x20/0xc0 [ 26.944154] ? __pfx_kthread+0x10/0x10 [ 26.944188] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.944219] ? calculate_sigpending+0x7b/0xa0 [ 26.944252] ? __pfx_kthread+0x10/0x10 [ 26.944287] ret_from_fork+0x41/0x80 [ 26.944321] ? __pfx_kthread+0x10/0x10 [ 26.944354] ret_from_fork_asm+0x1a/0x30 [ 26.944402] </TASK> [ 26.944420] [ 26.960039] Allocated by task 286: [ 26.960448] kasan_save_stack+0x3d/0x60 [ 26.961101] kasan_save_track+0x18/0x40 [ 26.961496] kasan_save_alloc_info+0x3b/0x50 [ 26.961808] __kasan_kmalloc+0xb7/0xc0 [ 26.962080] __kmalloc_cache_noprof+0x183/0x410 [ 26.962810] kasan_atomics+0x95/0x310 [ 26.963379] kunit_try_run_case+0x1b2/0x490 [ 26.963982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.964607] kthread+0x323/0x710 [ 26.965099] ret_from_fork+0x41/0x80 [ 26.965493] ret_from_fork_asm+0x1a/0x30 [ 26.966190] [ 26.966381] The buggy address belongs to the object at ffff888103231c00 [ 26.966381] which belongs to the cache kmalloc-64 of size 64 [ 26.967666] The buggy address is located 0 bytes to the right of [ 26.967666] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.968380] [ 26.968629] The buggy address belongs to the physical page: [ 26.969037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.969760] flags: 0x200000000000000(node=0|zone=2) [ 26.970358] page_type: f5(slab) [ 26.970730] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.971706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.972544] page dumped because: kasan: bad access detected [ 26.973251] [ 26.973553] Memory state around the buggy address: [ 26.974195] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.974741] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.975384] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.975798] ^ [ 26.976101] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.976927] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.977733] ================================================================== [ 26.110250] ================================================================== [ 26.111175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 26.112137] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.113465] [ 26.113964] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.114141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.114185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.114221] Call Trace: [ 26.114244] <TASK> [ 26.114266] dump_stack_lvl+0x73/0xb0 [ 26.114312] print_report+0xd1/0x660 [ 26.114348] ? __virt_addr_valid+0x1db/0x2d0 [ 26.114415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.114453] kasan_report+0x104/0x140 [ 26.114485] ? kasan_atomics_helper+0x4a0/0x5450 [ 26.114520] ? kasan_atomics_helper+0x4a0/0x5450 [ 26.114564] kasan_check_range+0x10c/0x1c0 [ 26.114600] __kasan_check_write+0x18/0x20 [ 26.114631] kasan_atomics_helper+0x4a0/0x5450 [ 26.114666] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.114707] ? kasan_save_alloc_info+0x3b/0x50 [ 26.114815] kasan_atomics+0x1dc/0x310 [ 26.114858] ? __pfx_kasan_atomics+0x10/0x10 [ 26.114896] ? __pfx_read_tsc+0x10/0x10 [ 26.114931] ? ktime_get_ts64+0x86/0x240 [ 26.114970] kunit_try_run_case+0x1b2/0x490 [ 26.115007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.115041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.115075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.115131] ? __kthread_parkme+0x82/0x160 [ 26.115166] ? preempt_count_sub+0x50/0x80 [ 26.115206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.115241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.115277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.115314] kthread+0x323/0x710 [ 26.115345] ? trace_preempt_on+0x20/0xc0 [ 26.115380] ? __pfx_kthread+0x10/0x10 [ 26.115414] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.115446] ? calculate_sigpending+0x7b/0xa0 [ 26.115479] ? __pfx_kthread+0x10/0x10 [ 26.115513] ret_from_fork+0x41/0x80 [ 26.115547] ? __pfx_kthread+0x10/0x10 [ 26.115580] ret_from_fork_asm+0x1a/0x30 [ 26.115660] </TASK> [ 26.115677] [ 26.130158] Allocated by task 286: [ 26.130561] kasan_save_stack+0x3d/0x60 [ 26.131077] kasan_save_track+0x18/0x40 [ 26.131570] kasan_save_alloc_info+0x3b/0x50 [ 26.132096] __kasan_kmalloc+0xb7/0xc0 [ 26.132535] __kmalloc_cache_noprof+0x183/0x410 [ 26.132911] kasan_atomics+0x95/0x310 [ 26.133350] kunit_try_run_case+0x1b2/0x490 [ 26.133698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.134267] kthread+0x323/0x710 [ 26.134772] ret_from_fork+0x41/0x80 [ 26.135216] ret_from_fork_asm+0x1a/0x30 [ 26.135680] [ 26.135896] The buggy address belongs to the object at ffff888103231c00 [ 26.135896] which belongs to the cache kmalloc-64 of size 64 [ 26.136923] The buggy address is located 0 bytes to the right of [ 26.136923] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.137749] [ 26.137923] The buggy address belongs to the physical page: [ 26.138325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.139128] flags: 0x200000000000000(node=0|zone=2) [ 26.139671] page_type: f5(slab) [ 26.140154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.140876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.141421] page dumped because: kasan: bad access detected [ 26.142016] [ 26.142272] Memory state around the buggy address: [ 26.142740] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.143204] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.144397] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.146091] ^ [ 26.147466] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.148312] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.149757] ================================================================== [ 27.496239] ================================================================== [ 27.496989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 27.497677] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.498398] [ 27.498657] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.498826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.498868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.498929] Call Trace: [ 27.498964] <TASK> [ 27.499003] dump_stack_lvl+0x73/0xb0 [ 27.499081] print_report+0xd1/0x660 [ 27.499178] ? __virt_addr_valid+0x1db/0x2d0 [ 27.499308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.499382] kasan_report+0x104/0x140 [ 27.499441] ? kasan_atomics_helper+0x151d/0x5450 [ 27.499512] ? kasan_atomics_helper+0x151d/0x5450 [ 27.499618] kasan_check_range+0x10c/0x1c0 [ 27.499696] __kasan_check_write+0x18/0x20 [ 27.499820] kasan_atomics_helper+0x151d/0x5450 [ 27.499900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.499986] ? kasan_save_alloc_info+0x3b/0x50 [ 27.500063] kasan_atomics+0x1dc/0x310 [ 27.500155] ? __pfx_kasan_atomics+0x10/0x10 [ 27.500233] ? __pfx_read_tsc+0x10/0x10 [ 27.500298] ? ktime_get_ts64+0x86/0x240 [ 27.500376] kunit_try_run_case+0x1b2/0x490 [ 27.500451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.500520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.500590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.500661] ? __kthread_parkme+0x82/0x160 [ 27.500784] ? preempt_count_sub+0x50/0x80 [ 27.500910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.500989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.501059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.502270] kthread+0x323/0x710 [ 27.502366] ? trace_preempt_on+0x20/0xc0 [ 27.502438] ? __pfx_kthread+0x10/0x10 [ 27.502509] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.502572] ? calculate_sigpending+0x7b/0xa0 [ 27.502639] ? __pfx_kthread+0x10/0x10 [ 27.502752] ret_from_fork+0x41/0x80 [ 27.502836] ? __pfx_kthread+0x10/0x10 [ 27.502906] ret_from_fork_asm+0x1a/0x30 [ 27.503000] </TASK> [ 27.503036] [ 27.521334] Allocated by task 286: [ 27.521698] kasan_save_stack+0x3d/0x60 [ 27.522588] kasan_save_track+0x18/0x40 [ 27.522970] kasan_save_alloc_info+0x3b/0x50 [ 27.523398] __kasan_kmalloc+0xb7/0xc0 [ 27.524138] __kmalloc_cache_noprof+0x183/0x410 [ 27.524677] kasan_atomics+0x95/0x310 [ 27.525222] kunit_try_run_case+0x1b2/0x490 [ 27.525571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.526299] kthread+0x323/0x710 [ 27.526523] ret_from_fork+0x41/0x80 [ 27.526684] ret_from_fork_asm+0x1a/0x30 [ 27.527060] [ 27.527342] The buggy address belongs to the object at ffff888103231c00 [ 27.527342] which belongs to the cache kmalloc-64 of size 64 [ 27.528600] The buggy address is located 0 bytes to the right of [ 27.528600] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.529274] [ 27.529544] The buggy address belongs to the physical page: [ 27.529972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.530420] flags: 0x200000000000000(node=0|zone=2) [ 27.530891] page_type: f5(slab) [ 27.531419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.532347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.532848] page dumped because: kasan: bad access detected [ 27.533366] [ 27.533527] Memory state around the buggy address: [ 27.533809] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.534268] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.534957] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.535962] ^ [ 27.536364] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.536749] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.537409] ================================================================== [ 28.214002] ================================================================== [ 28.214822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 28.215753] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.216624] [ 28.216974] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.217107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.217282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.217361] Call Trace: [ 28.217395] <TASK> [ 28.217433] dump_stack_lvl+0x73/0xb0 [ 28.217509] print_report+0xd1/0x660 [ 28.217570] ? __virt_addr_valid+0x1db/0x2d0 [ 28.217884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.217993] kasan_report+0x104/0x140 [ 28.218060] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.218159] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.218249] kasan_check_range+0x10c/0x1c0 [ 28.218326] __kasan_check_write+0x18/0x20 [ 28.218389] kasan_atomics_helper+0x1eaa/0x5450 [ 28.218462] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.218534] ? kasan_save_alloc_info+0x3b/0x50 [ 28.218624] kasan_atomics+0x1dc/0x310 [ 28.218695] ? __pfx_kasan_atomics+0x10/0x10 [ 28.218832] ? __pfx_read_tsc+0x10/0x10 [ 28.218897] ? ktime_get_ts64+0x86/0x240 [ 28.218964] kunit_try_run_case+0x1b2/0x490 [ 28.219035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.219218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.219454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.219666] ? __kthread_parkme+0x82/0x160 [ 28.219979] ? preempt_count_sub+0x50/0x80 [ 28.220187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.220274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.220349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.220420] kthread+0x323/0x710 [ 28.220488] ? trace_preempt_on+0x20/0xc0 [ 28.220558] ? __pfx_kthread+0x10/0x10 [ 28.220623] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.220687] ? calculate_sigpending+0x7b/0xa0 [ 28.220814] ? __pfx_kthread+0x10/0x10 [ 28.220891] ret_from_fork+0x41/0x80 [ 28.220961] ? __pfx_kthread+0x10/0x10 [ 28.221029] ret_from_fork_asm+0x1a/0x30 [ 28.221100] </TASK> [ 28.221150] [ 28.236416] Allocated by task 286: [ 28.236842] kasan_save_stack+0x3d/0x60 [ 28.237298] kasan_save_track+0x18/0x40 [ 28.237760] kasan_save_alloc_info+0x3b/0x50 [ 28.238423] __kasan_kmalloc+0xb7/0xc0 [ 28.238818] __kmalloc_cache_noprof+0x183/0x410 [ 28.239143] kasan_atomics+0x95/0x310 [ 28.239419] kunit_try_run_case+0x1b2/0x490 [ 28.240296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.240945] kthread+0x323/0x710 [ 28.241541] ret_from_fork+0x41/0x80 [ 28.242326] ret_from_fork_asm+0x1a/0x30 [ 28.242818] [ 28.243050] The buggy address belongs to the object at ffff888103231c00 [ 28.243050] which belongs to the cache kmalloc-64 of size 64 [ 28.244266] The buggy address is located 0 bytes to the right of [ 28.244266] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.245516] [ 28.246034] The buggy address belongs to the physical page: [ 28.246781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.247510] flags: 0x200000000000000(node=0|zone=2) [ 28.248086] page_type: f5(slab) [ 28.249424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.250202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.251407] page dumped because: kasan: bad access detected [ 28.251849] [ 28.252136] Memory state around the buggy address: [ 28.252608] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.253296] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.253831] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.254476] ^ [ 28.255018] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.255774] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.256287] ================================================================== [ 27.585012] ================================================================== [ 27.585528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 27.587794] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.588670] [ 27.589018] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.589175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.589214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.589531] Call Trace: [ 27.589569] <TASK> [ 27.589593] dump_stack_lvl+0x73/0xb0 [ 27.589641] print_report+0xd1/0x660 [ 27.589676] ? __virt_addr_valid+0x1db/0x2d0 [ 27.589765] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.589806] kasan_report+0x104/0x140 [ 27.589838] ? kasan_atomics_helper+0x164f/0x5450 [ 27.589875] ? kasan_atomics_helper+0x164f/0x5450 [ 27.589918] kasan_check_range+0x10c/0x1c0 [ 27.589955] __kasan_check_write+0x18/0x20 [ 27.589986] kasan_atomics_helper+0x164f/0x5450 [ 27.590022] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.590058] ? kasan_save_alloc_info+0x3b/0x50 [ 27.590103] kasan_atomics+0x1dc/0x310 [ 27.590161] ? __pfx_kasan_atomics+0x10/0x10 [ 27.590199] ? __pfx_read_tsc+0x10/0x10 [ 27.590232] ? ktime_get_ts64+0x86/0x240 [ 27.590271] kunit_try_run_case+0x1b2/0x490 [ 27.590307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.590340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.590375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.590408] ? __kthread_parkme+0x82/0x160 [ 27.590441] ? preempt_count_sub+0x50/0x80 [ 27.590478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.590514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.590549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.590584] kthread+0x323/0x710 [ 27.590615] ? trace_preempt_on+0x20/0xc0 [ 27.590650] ? __pfx_kthread+0x10/0x10 [ 27.590683] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.590744] ? calculate_sigpending+0x7b/0xa0 [ 27.590782] ? __pfx_kthread+0x10/0x10 [ 27.590817] ret_from_fork+0x41/0x80 [ 27.590881] ? __pfx_kthread+0x10/0x10 [ 27.590916] ret_from_fork_asm+0x1a/0x30 [ 27.590965] </TASK> [ 27.590982] [ 27.608800] Allocated by task 286: [ 27.609197] kasan_save_stack+0x3d/0x60 [ 27.609583] kasan_save_track+0x18/0x40 [ 27.609987] kasan_save_alloc_info+0x3b/0x50 [ 27.610456] __kasan_kmalloc+0xb7/0xc0 [ 27.610935] __kmalloc_cache_noprof+0x183/0x410 [ 27.611305] kasan_atomics+0x95/0x310 [ 27.611852] kunit_try_run_case+0x1b2/0x490 [ 27.612218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.612783] kthread+0x323/0x710 [ 27.613058] ret_from_fork+0x41/0x80 [ 27.613408] ret_from_fork_asm+0x1a/0x30 [ 27.613929] [ 27.614183] The buggy address belongs to the object at ffff888103231c00 [ 27.614183] which belongs to the cache kmalloc-64 of size 64 [ 27.615074] The buggy address is located 0 bytes to the right of [ 27.615074] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.616149] [ 27.616402] The buggy address belongs to the physical page: [ 27.616997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.617620] flags: 0x200000000000000(node=0|zone=2) [ 27.618069] page_type: f5(slab) [ 27.618342] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.618937] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.619697] page dumped because: kasan: bad access detected [ 27.620327] [ 27.620554] Memory state around the buggy address: [ 27.621045] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.621651] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.622222] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.622914] ^ [ 27.623374] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.623974] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.624536] ================================================================== [ 26.852076] ================================================================== [ 26.853650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 26.854585] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.855430] [ 26.855758] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.855892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.855939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.855998] Call Trace: [ 26.856036] <TASK> [ 26.856073] dump_stack_lvl+0x73/0xb0 [ 26.856188] print_report+0xd1/0x660 [ 26.856260] ? __virt_addr_valid+0x1db/0x2d0 [ 26.856384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.856461] kasan_report+0x104/0x140 [ 26.856523] ? kasan_atomics_helper+0xf10/0x5450 [ 26.856595] ? kasan_atomics_helper+0xf10/0x5450 [ 26.856676] kasan_check_range+0x10c/0x1c0 [ 26.856783] __kasan_check_write+0x18/0x20 [ 26.856853] kasan_atomics_helper+0xf10/0x5450 [ 26.856927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.856998] ? kasan_save_alloc_info+0x3b/0x50 [ 26.857079] kasan_atomics+0x1dc/0x310 [ 26.857177] ? __pfx_kasan_atomics+0x10/0x10 [ 26.857252] ? __pfx_read_tsc+0x10/0x10 [ 26.857318] ? ktime_get_ts64+0x86/0x240 [ 26.857390] kunit_try_run_case+0x1b2/0x490 [ 26.857461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.857523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.857586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.857652] ? __kthread_parkme+0x82/0x160 [ 26.857721] ? preempt_count_sub+0x50/0x80 [ 26.857829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.857882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.857922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.857959] kthread+0x323/0x710 [ 26.857993] ? trace_preempt_on+0x20/0xc0 [ 26.858029] ? __pfx_kthread+0x10/0x10 [ 26.858063] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.858095] ? calculate_sigpending+0x7b/0xa0 [ 26.858153] ? __pfx_kthread+0x10/0x10 [ 26.858191] ret_from_fork+0x41/0x80 [ 26.858226] ? __pfx_kthread+0x10/0x10 [ 26.858260] ret_from_fork_asm+0x1a/0x30 [ 26.858309] </TASK> [ 26.858326] [ 26.883675] Allocated by task 286: [ 26.884173] kasan_save_stack+0x3d/0x60 [ 26.884660] kasan_save_track+0x18/0x40 [ 26.885219] kasan_save_alloc_info+0x3b/0x50 [ 26.885759] __kasan_kmalloc+0xb7/0xc0 [ 26.886285] __kmalloc_cache_noprof+0x183/0x410 [ 26.886856] kasan_atomics+0x95/0x310 [ 26.887343] kunit_try_run_case+0x1b2/0x490 [ 26.887795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.888432] kthread+0x323/0x710 [ 26.888921] ret_from_fork+0x41/0x80 [ 26.889362] ret_from_fork_asm+0x1a/0x30 [ 26.889636] [ 26.889806] The buggy address belongs to the object at ffff888103231c00 [ 26.889806] which belongs to the cache kmalloc-64 of size 64 [ 26.890387] The buggy address is located 0 bytes to the right of [ 26.890387] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.891006] [ 26.891196] The buggy address belongs to the physical page: [ 26.891505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.892003] flags: 0x200000000000000(node=0|zone=2) [ 26.892340] page_type: f5(slab) [ 26.892582] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.893026] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.893438] page dumped because: kasan: bad access detected [ 26.893750] [ 26.893909] Memory state around the buggy address: [ 26.894218] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.894551] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.894866] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.895251] ^ [ 26.895547] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.896261] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.896636] ================================================================== [ 25.822158] ================================================================== [ 25.823701] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 25.824870] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 25.825467] [ 25.825921] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.826063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.826103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.826189] Call Trace: [ 25.826225] <TASK> [ 25.826321] dump_stack_lvl+0x73/0xb0 [ 25.826445] print_report+0xd1/0x660 [ 25.826522] ? __virt_addr_valid+0x1db/0x2d0 [ 25.826650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.826724] kasan_report+0x104/0x140 [ 25.826785] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.826854] ? kasan_atomics_helper+0x4bbc/0x5450 [ 25.827166] __asan_report_load4_noabort+0x18/0x20 [ 25.827254] kasan_atomics_helper+0x4bbc/0x5450 [ 25.827314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.827352] ? kasan_save_alloc_info+0x3b/0x50 [ 25.827396] kasan_atomics+0x1dc/0x310 [ 25.827432] ? __pfx_kasan_atomics+0x10/0x10 [ 25.827468] ? __pfx_read_tsc+0x10/0x10 [ 25.827498] ? ktime_get_ts64+0x86/0x240 [ 25.827536] kunit_try_run_case+0x1b2/0x490 [ 25.827575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.827639] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.827671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.827782] ? __kthread_parkme+0x82/0x160 [ 25.827872] ? preempt_count_sub+0x50/0x80 [ 25.827912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.827950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.827986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.828032] kthread+0x323/0x710 [ 25.828062] ? trace_preempt_on+0x20/0xc0 [ 25.828098] ? __pfx_kthread+0x10/0x10 [ 25.828152] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.828183] ? calculate_sigpending+0x7b/0xa0 [ 25.828215] ? __pfx_kthread+0x10/0x10 [ 25.828248] ret_from_fork+0x41/0x80 [ 25.828280] ? __pfx_kthread+0x10/0x10 [ 25.828313] ret_from_fork_asm+0x1a/0x30 [ 25.828362] </TASK> [ 25.828379] [ 25.846920] Allocated by task 286: [ 25.847343] kasan_save_stack+0x3d/0x60 [ 25.847659] kasan_save_track+0x18/0x40 [ 25.848294] kasan_save_alloc_info+0x3b/0x50 [ 25.848886] __kasan_kmalloc+0xb7/0xc0 [ 25.849447] __kmalloc_cache_noprof+0x183/0x410 [ 25.850177] kasan_atomics+0x95/0x310 [ 25.850765] kunit_try_run_case+0x1b2/0x490 [ 25.851480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.852254] kthread+0x323/0x710 [ 25.852725] ret_from_fork+0x41/0x80 [ 25.853253] ret_from_fork_asm+0x1a/0x30 [ 25.853906] [ 25.854199] The buggy address belongs to the object at ffff888103231c00 [ 25.854199] which belongs to the cache kmalloc-64 of size 64 [ 25.855512] The buggy address is located 0 bytes to the right of [ 25.855512] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 25.856580] [ 25.857157] The buggy address belongs to the physical page: [ 25.858095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 25.858850] flags: 0x200000000000000(node=0|zone=2) [ 25.859531] page_type: f5(slab) [ 25.859971] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.861464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.862052] page dumped because: kasan: bad access detected [ 25.862751] [ 25.863131] Memory state around the buggy address: [ 25.863675] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.864560] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.865904] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.866664] ^ [ 25.867183] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.868155] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.868701] ================================================================== [ 26.450964] ================================================================== [ 26.451396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 26.451840] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.453062] [ 26.453348] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.453482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.453520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.453578] Call Trace: [ 26.453615] <TASK> [ 26.453654] dump_stack_lvl+0x73/0xb0 [ 26.453783] print_report+0xd1/0x660 [ 26.453874] ? __virt_addr_valid+0x1db/0x2d0 [ 26.454004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.454083] kasan_report+0x104/0x140 [ 26.454172] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.454245] ? kasan_atomics_helper+0x8f9/0x5450 [ 26.454331] kasan_check_range+0x10c/0x1c0 [ 26.454406] __kasan_check_write+0x18/0x20 [ 26.454473] kasan_atomics_helper+0x8f9/0x5450 [ 26.454547] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.454621] ? kasan_save_alloc_info+0x3b/0x50 [ 26.454712] kasan_atomics+0x1dc/0x310 [ 26.454818] ? __pfx_kasan_atomics+0x10/0x10 [ 26.454892] ? __pfx_read_tsc+0x10/0x10 [ 26.454985] ? ktime_get_ts64+0x86/0x240 [ 26.455093] kunit_try_run_case+0x1b2/0x490 [ 26.455237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.455313] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.455423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.455499] ? __kthread_parkme+0x82/0x160 [ 26.455634] ? preempt_count_sub+0x50/0x80 [ 26.455751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.455834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.455911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.455996] kthread+0x323/0x710 [ 26.456061] ? trace_preempt_on+0x20/0xc0 [ 26.456160] ? __pfx_kthread+0x10/0x10 [ 26.456233] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.456295] ? calculate_sigpending+0x7b/0xa0 [ 26.456359] ? __pfx_kthread+0x10/0x10 [ 26.456424] ret_from_fork+0x41/0x80 [ 26.456494] ? __pfx_kthread+0x10/0x10 [ 26.456559] ret_from_fork_asm+0x1a/0x30 [ 26.456655] </TASK> [ 26.456690] [ 26.470543] Allocated by task 286: [ 26.470970] kasan_save_stack+0x3d/0x60 [ 26.471294] kasan_save_track+0x18/0x40 [ 26.471574] kasan_save_alloc_info+0x3b/0x50 [ 26.472066] __kasan_kmalloc+0xb7/0xc0 [ 26.472499] __kmalloc_cache_noprof+0x183/0x410 [ 26.473170] kasan_atomics+0x95/0x310 [ 26.473589] kunit_try_run_case+0x1b2/0x490 [ 26.474204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.474606] kthread+0x323/0x710 [ 26.474873] ret_from_fork+0x41/0x80 [ 26.475162] ret_from_fork_asm+0x1a/0x30 [ 26.475446] [ 26.475630] The buggy address belongs to the object at ffff888103231c00 [ 26.475630] which belongs to the cache kmalloc-64 of size 64 [ 26.476708] The buggy address is located 0 bytes to the right of [ 26.476708] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.477877] [ 26.478177] The buggy address belongs to the physical page: [ 26.478830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.479657] flags: 0x200000000000000(node=0|zone=2) [ 26.480219] page_type: f5(slab) [ 26.480596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.481106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.481524] page dumped because: kasan: bad access detected [ 26.481921] [ 26.482165] Memory state around the buggy address: [ 26.482620] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.483675] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.484378] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.484814] ^ [ 26.485373] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.485825] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.486469] ================================================================== [ 28.030408] ================================================================== [ 28.031037] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 28.032391] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.033692] [ 28.034477] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.034563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.034584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.034616] Call Trace: [ 28.034637] <TASK> [ 28.034658] dump_stack_lvl+0x73/0xb0 [ 28.034704] print_report+0xd1/0x660 [ 28.034784] ? __virt_addr_valid+0x1db/0x2d0 [ 28.034853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.034894] kasan_report+0x104/0x140 [ 28.034925] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.034962] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.035007] __asan_report_load8_noabort+0x18/0x20 [ 28.035041] kasan_atomics_helper+0x4f30/0x5450 [ 28.035078] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.035137] ? kasan_save_alloc_info+0x3b/0x50 [ 28.035184] kasan_atomics+0x1dc/0x310 [ 28.035221] ? __pfx_kasan_atomics+0x10/0x10 [ 28.035258] ? __pfx_read_tsc+0x10/0x10 [ 28.035290] ? ktime_get_ts64+0x86/0x240 [ 28.035328] kunit_try_run_case+0x1b2/0x490 [ 28.035365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.035398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.035431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.035465] ? __kthread_parkme+0x82/0x160 [ 28.035497] ? preempt_count_sub+0x50/0x80 [ 28.035536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.035572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.035637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.035674] kthread+0x323/0x710 [ 28.035710] ? trace_preempt_on+0x20/0xc0 [ 28.035780] ? __pfx_kthread+0x10/0x10 [ 28.035816] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.035848] ? calculate_sigpending+0x7b/0xa0 [ 28.035883] ? __pfx_kthread+0x10/0x10 [ 28.035919] ret_from_fork+0x41/0x80 [ 28.035965] ? __pfx_kthread+0x10/0x10 [ 28.035999] ret_from_fork_asm+0x1a/0x30 [ 28.036048] </TASK> [ 28.036065] [ 28.056588] Allocated by task 286: [ 28.057488] kasan_save_stack+0x3d/0x60 [ 28.057888] kasan_save_track+0x18/0x40 [ 28.058780] kasan_save_alloc_info+0x3b/0x50 [ 28.059223] __kasan_kmalloc+0xb7/0xc0 [ 28.060015] __kmalloc_cache_noprof+0x183/0x410 [ 28.060460] kasan_atomics+0x95/0x310 [ 28.060938] kunit_try_run_case+0x1b2/0x490 [ 28.061730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.062161] kthread+0x323/0x710 [ 28.062573] ret_from_fork+0x41/0x80 [ 28.063430] ret_from_fork_asm+0x1a/0x30 [ 28.064132] [ 28.064364] The buggy address belongs to the object at ffff888103231c00 [ 28.064364] which belongs to the cache kmalloc-64 of size 64 [ 28.065693] The buggy address is located 0 bytes to the right of [ 28.065693] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.066662] [ 28.067482] The buggy address belongs to the physical page: [ 28.067932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.068662] flags: 0x200000000000000(node=0|zone=2) [ 28.069462] page_type: f5(slab) [ 28.069798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.070789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.071719] page dumped because: kasan: bad access detected [ 28.072254] [ 28.072877] Memory state around the buggy address: [ 28.073300] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.073981] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.074559] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.075621] ^ [ 28.076386] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.077345] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.077790] ================================================================== [ 28.463187] ================================================================== [ 28.463818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 28.464419] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.464873] [ 28.465063] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.465279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.465353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.465422] Call Trace: [ 28.465485] <TASK> [ 28.465525] dump_stack_lvl+0x73/0xb0 [ 28.465634] print_report+0xd1/0x660 [ 28.465780] ? __virt_addr_valid+0x1db/0x2d0 [ 28.465980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.466095] kasan_report+0x104/0x140 [ 28.466210] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.466314] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.466402] __asan_report_load8_noabort+0x18/0x20 [ 28.466470] kasan_atomics_helper+0x4fb2/0x5450 [ 28.466542] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.466616] ? kasan_save_alloc_info+0x3b/0x50 [ 28.466748] kasan_atomics+0x1dc/0x310 [ 28.466835] ? __pfx_kasan_atomics+0x10/0x10 [ 28.466912] ? __pfx_read_tsc+0x10/0x10 [ 28.466977] ? ktime_get_ts64+0x86/0x240 [ 28.467053] kunit_try_run_case+0x1b2/0x490 [ 28.467150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.467221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.467282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.467436] ? __kthread_parkme+0x82/0x160 [ 28.467515] ? preempt_count_sub+0x50/0x80 [ 28.467618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.467690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.468294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.468514] kthread+0x323/0x710 [ 28.468599] ? trace_preempt_on+0x20/0xc0 [ 28.469795] ? __pfx_kthread+0x10/0x10 [ 28.469892] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.469959] ? calculate_sigpending+0x7b/0xa0 [ 28.470022] ? __pfx_kthread+0x10/0x10 [ 28.470088] ret_from_fork+0x41/0x80 [ 28.470951] ? __pfx_kthread+0x10/0x10 [ 28.471073] ret_from_fork_asm+0x1a/0x30 [ 28.471276] </TASK> [ 28.471319] [ 28.486820] Allocated by task 286: [ 28.487356] kasan_save_stack+0x3d/0x60 [ 28.487736] kasan_save_track+0x18/0x40 [ 28.488142] kasan_save_alloc_info+0x3b/0x50 [ 28.488613] __kasan_kmalloc+0xb7/0xc0 [ 28.490465] __kmalloc_cache_noprof+0x183/0x410 [ 28.491553] kasan_atomics+0x95/0x310 [ 28.492142] kunit_try_run_case+0x1b2/0x490 [ 28.492538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.493262] kthread+0x323/0x710 [ 28.493568] ret_from_fork+0x41/0x80 [ 28.493854] ret_from_fork_asm+0x1a/0x30 [ 28.494163] [ 28.494460] The buggy address belongs to the object at ffff888103231c00 [ 28.494460] which belongs to the cache kmalloc-64 of size 64 [ 28.495948] The buggy address is located 0 bytes to the right of [ 28.495948] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.497184] [ 28.497424] The buggy address belongs to the physical page: [ 28.497761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.498422] flags: 0x200000000000000(node=0|zone=2) [ 28.498897] page_type: f5(slab) [ 28.499291] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.500156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.500749] page dumped because: kasan: bad access detected [ 28.501170] [ 28.501401] Memory state around the buggy address: [ 28.501797] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.502211] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.502588] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.502985] ^ [ 28.503522] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.504463] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.505087] ================================================================== [ 27.018632] ================================================================== [ 27.019371] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 27.020293] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.020885] [ 27.021085] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.021240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.021277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.021335] Call Trace: [ 27.021372] <TASK> [ 27.021407] dump_stack_lvl+0x73/0xb0 [ 27.021577] print_report+0xd1/0x660 [ 27.021789] ? __virt_addr_valid+0x1db/0x2d0 [ 27.021980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.022061] kasan_report+0x104/0x140 [ 27.022150] ? kasan_atomics_helper+0x4a1c/0x5450 [ 27.022225] ? kasan_atomics_helper+0x4a1c/0x5450 [ 27.022305] __asan_report_load4_noabort+0x18/0x20 [ 27.022371] kasan_atomics_helper+0x4a1c/0x5450 [ 27.022531] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.022619] ? kasan_save_alloc_info+0x3b/0x50 [ 27.022745] kasan_atomics+0x1dc/0x310 [ 27.022913] ? __pfx_kasan_atomics+0x10/0x10 [ 27.022998] ? __pfx_read_tsc+0x10/0x10 [ 27.023064] ? ktime_get_ts64+0x86/0x240 [ 27.023163] kunit_try_run_case+0x1b2/0x490 [ 27.023329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.023405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.023474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.023538] ? __kthread_parkme+0x82/0x160 [ 27.023760] ? preempt_count_sub+0x50/0x80 [ 27.023854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.023939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.024095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.024198] kthread+0x323/0x710 [ 27.024263] ? trace_preempt_on+0x20/0xc0 [ 27.024332] ? __pfx_kthread+0x10/0x10 [ 27.024486] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.024585] ? calculate_sigpending+0x7b/0xa0 [ 27.024676] ? __pfx_kthread+0x10/0x10 [ 27.024867] ret_from_fork+0x41/0x80 [ 27.024971] ? __pfx_kthread+0x10/0x10 [ 27.025070] ret_from_fork_asm+0x1a/0x30 [ 27.025253] </TASK> [ 27.025300] [ 27.039679] Allocated by task 286: [ 27.040058] kasan_save_stack+0x3d/0x60 [ 27.040533] kasan_save_track+0x18/0x40 [ 27.041066] kasan_save_alloc_info+0x3b/0x50 [ 27.042373] __kasan_kmalloc+0xb7/0xc0 [ 27.042896] __kmalloc_cache_noprof+0x183/0x410 [ 27.043862] kasan_atomics+0x95/0x310 [ 27.044149] kunit_try_run_case+0x1b2/0x490 [ 27.045527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.046461] kthread+0x323/0x710 [ 27.046842] ret_from_fork+0x41/0x80 [ 27.047286] ret_from_fork_asm+0x1a/0x30 [ 27.047674] [ 27.047916] The buggy address belongs to the object at ffff888103231c00 [ 27.047916] which belongs to the cache kmalloc-64 of size 64 [ 27.052624] The buggy address is located 0 bytes to the right of [ 27.052624] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.053292] [ 27.053597] The buggy address belongs to the physical page: [ 27.054183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.054844] flags: 0x200000000000000(node=0|zone=2) [ 27.055338] page_type: f5(slab) [ 27.055807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.056437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.057014] page dumped because: kasan: bad access detected [ 27.057486] [ 27.057801] Memory state around the buggy address: [ 27.058202] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.058923] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.059430] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.059897] ^ [ 27.060401] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.061132] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.061820] ================================================================== [ 27.456217] ================================================================== [ 27.457145] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 27.457905] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.458589] [ 27.458901] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.459032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.459071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.459153] Call Trace: [ 27.459192] <TASK> [ 27.459231] dump_stack_lvl+0x73/0xb0 [ 27.459312] print_report+0xd1/0x660 [ 27.459384] ? __virt_addr_valid+0x1db/0x2d0 [ 27.459512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.459619] kasan_report+0x104/0x140 [ 27.459688] ? kasan_atomics_helper+0x50d4/0x5450 [ 27.459827] ? kasan_atomics_helper+0x50d4/0x5450 [ 27.459920] __asan_report_store8_noabort+0x1b/0x30 [ 27.459999] kasan_atomics_helper+0x50d4/0x5450 [ 27.460072] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.460169] ? kasan_save_alloc_info+0x3b/0x50 [ 27.460261] kasan_atomics+0x1dc/0x310 [ 27.460334] ? __pfx_kasan_atomics+0x10/0x10 [ 27.460442] ? __pfx_read_tsc+0x10/0x10 [ 27.460564] ? ktime_get_ts64+0x86/0x240 [ 27.460641] kunit_try_run_case+0x1b2/0x490 [ 27.460734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.460801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.460904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.460976] ? __kthread_parkme+0x82/0x160 [ 27.461044] ? preempt_count_sub+0x50/0x80 [ 27.461145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.461226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.461301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.461374] kthread+0x323/0x710 [ 27.461436] ? trace_preempt_on+0x20/0xc0 [ 27.461510] ? __pfx_kthread+0x10/0x10 [ 27.461575] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.461640] ? calculate_sigpending+0x7b/0xa0 [ 27.461709] ? __pfx_kthread+0x10/0x10 [ 27.461778] ret_from_fork+0x41/0x80 [ 27.461844] ? __pfx_kthread+0x10/0x10 [ 27.461910] ret_from_fork_asm+0x1a/0x30 [ 27.462005] </TASK> [ 27.462039] [ 27.480246] Allocated by task 286: [ 27.480623] kasan_save_stack+0x3d/0x60 [ 27.480977] kasan_save_track+0x18/0x40 [ 27.481426] kasan_save_alloc_info+0x3b/0x50 [ 27.481790] __kasan_kmalloc+0xb7/0xc0 [ 27.482177] __kmalloc_cache_noprof+0x183/0x410 [ 27.482491] kasan_atomics+0x95/0x310 [ 27.482954] kunit_try_run_case+0x1b2/0x490 [ 27.483417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.484045] kthread+0x323/0x710 [ 27.484453] ret_from_fork+0x41/0x80 [ 27.484911] ret_from_fork_asm+0x1a/0x30 [ 27.485265] [ 27.485425] The buggy address belongs to the object at ffff888103231c00 [ 27.485425] which belongs to the cache kmalloc-64 of size 64 [ 27.486353] The buggy address is located 0 bytes to the right of [ 27.486353] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.487326] [ 27.487493] The buggy address belongs to the physical page: [ 27.487886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.488519] flags: 0x200000000000000(node=0|zone=2) [ 27.489054] page_type: f5(slab) [ 27.489440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.490193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.490931] page dumped because: kasan: bad access detected [ 27.491440] [ 27.491696] Memory state around the buggy address: [ 27.492240] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.492742] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.493157] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.493842] ^ [ 27.494332] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.494863] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.495263] ================================================================== [ 27.419198] ================================================================== [ 27.420031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 27.420691] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.421232] [ 27.421529] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.421689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.421773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.421837] Call Trace: [ 27.421876] <TASK> [ 27.421912] dump_stack_lvl+0x73/0xb0 [ 27.421995] print_report+0xd1/0x660 [ 27.422065] ? __virt_addr_valid+0x1db/0x2d0 [ 27.422218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.422297] kasan_report+0x104/0x140 [ 27.422361] ? kasan_atomics_helper+0x1467/0x5450 [ 27.422433] ? kasan_atomics_helper+0x1467/0x5450 [ 27.422567] kasan_check_range+0x10c/0x1c0 [ 27.422648] __kasan_check_write+0x18/0x20 [ 27.422758] kasan_atomics_helper+0x1467/0x5450 [ 27.422836] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.422954] ? kasan_save_alloc_info+0x3b/0x50 [ 27.423045] kasan_atomics+0x1dc/0x310 [ 27.423142] ? __pfx_kasan_atomics+0x10/0x10 [ 27.423221] ? __pfx_read_tsc+0x10/0x10 [ 27.423321] ? ktime_get_ts64+0x86/0x240 [ 27.423409] kunit_try_run_case+0x1b2/0x490 [ 27.423486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.423548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.423618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.423656] ? __kthread_parkme+0x82/0x160 [ 27.423739] ? preempt_count_sub+0x50/0x80 [ 27.423821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.423886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.423968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.424075] kthread+0x323/0x710 [ 27.424172] ? trace_preempt_on+0x20/0xc0 [ 27.424246] ? __pfx_kthread+0x10/0x10 [ 27.424309] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.424370] ? calculate_sigpending+0x7b/0xa0 [ 27.424432] ? __pfx_kthread+0x10/0x10 [ 27.424547] ret_from_fork+0x41/0x80 [ 27.424616] ? __pfx_kthread+0x10/0x10 [ 27.424683] ret_from_fork_asm+0x1a/0x30 [ 27.424829] </TASK> [ 27.424905] [ 27.438043] Allocated by task 286: [ 27.438433] kasan_save_stack+0x3d/0x60 [ 27.438919] kasan_save_track+0x18/0x40 [ 27.439377] kasan_save_alloc_info+0x3b/0x50 [ 27.440657] __kasan_kmalloc+0xb7/0xc0 [ 27.441521] __kmalloc_cache_noprof+0x183/0x410 [ 27.441917] kasan_atomics+0x95/0x310 [ 27.442400] kunit_try_run_case+0x1b2/0x490 [ 27.442892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.443416] kthread+0x323/0x710 [ 27.443896] ret_from_fork+0x41/0x80 [ 27.444271] ret_from_fork_asm+0x1a/0x30 [ 27.444564] [ 27.444765] The buggy address belongs to the object at ffff888103231c00 [ 27.444765] which belongs to the cache kmalloc-64 of size 64 [ 27.445571] The buggy address is located 0 bytes to the right of [ 27.445571] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.446764] [ 27.447019] The buggy address belongs to the physical page: [ 27.447618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.448444] flags: 0x200000000000000(node=0|zone=2) [ 27.449005] page_type: f5(slab) [ 27.449399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.450084] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.450497] page dumped because: kasan: bad access detected [ 27.450885] [ 27.451051] Memory state around the buggy address: [ 27.451532] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.452298] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.453026] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.453778] ^ [ 27.454288] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.454850] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.455252] ================================================================== [ 26.897331] ================================================================== [ 26.897908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 26.898691] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.899503] [ 26.899862] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.900008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.900046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.900129] Call Trace: [ 26.900168] <TASK> [ 26.900204] dump_stack_lvl+0x73/0xb0 [ 26.900282] print_report+0xd1/0x660 [ 26.900350] ? __virt_addr_valid+0x1db/0x2d0 [ 26.900475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.900547] kasan_report+0x104/0x140 [ 26.900608] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.900677] ? kasan_atomics_helper+0xfa9/0x5450 [ 26.900771] kasan_check_range+0x10c/0x1c0 [ 26.900857] __kasan_check_write+0x18/0x20 [ 26.900923] kasan_atomics_helper+0xfa9/0x5450 [ 26.900991] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.901061] ? kasan_save_alloc_info+0x3b/0x50 [ 26.901167] kasan_atomics+0x1dc/0x310 [ 26.901224] ? __pfx_kasan_atomics+0x10/0x10 [ 26.901265] ? __pfx_read_tsc+0x10/0x10 [ 26.901300] ? ktime_get_ts64+0x86/0x240 [ 26.901352] kunit_try_run_case+0x1b2/0x490 [ 26.901423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.901481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.901542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.901606] ? __kthread_parkme+0x82/0x160 [ 26.901665] ? preempt_count_sub+0x50/0x80 [ 26.901762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.901836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.901902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.901973] kthread+0x323/0x710 [ 26.902030] ? trace_preempt_on+0x20/0xc0 [ 26.902094] ? __pfx_kthread+0x10/0x10 [ 26.902189] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.902250] ? calculate_sigpending+0x7b/0xa0 [ 26.902309] ? __pfx_kthread+0x10/0x10 [ 26.902370] ret_from_fork+0x41/0x80 [ 26.902437] ? __pfx_kthread+0x10/0x10 [ 26.902503] ret_from_fork_asm+0x1a/0x30 [ 26.902592] </TASK> [ 26.902622] [ 26.919994] Allocated by task 286: [ 26.920347] kasan_save_stack+0x3d/0x60 [ 26.920622] kasan_save_track+0x18/0x40 [ 26.921147] kasan_save_alloc_info+0x3b/0x50 [ 26.921604] __kasan_kmalloc+0xb7/0xc0 [ 26.922144] __kmalloc_cache_noprof+0x183/0x410 [ 26.922455] kasan_atomics+0x95/0x310 [ 26.922735] kunit_try_run_case+0x1b2/0x490 [ 26.923210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.923745] kthread+0x323/0x710 [ 26.924074] ret_from_fork+0x41/0x80 [ 26.924423] ret_from_fork_asm+0x1a/0x30 [ 26.924713] [ 26.924874] The buggy address belongs to the object at ffff888103231c00 [ 26.924874] which belongs to the cache kmalloc-64 of size 64 [ 26.925893] The buggy address is located 0 bytes to the right of [ 26.925893] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.926807] [ 26.927001] The buggy address belongs to the physical page: [ 26.927552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.929063] flags: 0x200000000000000(node=0|zone=2) [ 26.929562] page_type: f5(slab) [ 26.930500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.930980] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.931399] page dumped because: kasan: bad access detected [ 26.931746] [ 26.931906] Memory state around the buggy address: [ 26.932412] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.933452] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.934391] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.935221] ^ [ 26.935986] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.936840] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.937276] ================================================================== [ 27.675066] ================================================================== [ 27.675970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 27.676859] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.677645] [ 27.678009] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.678198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.678243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.678305] Call Trace: [ 27.678339] <TASK> [ 27.678378] dump_stack_lvl+0x73/0xb0 [ 27.678458] print_report+0xd1/0x660 [ 27.678524] ? __virt_addr_valid+0x1db/0x2d0 [ 27.678650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.678813] kasan_report+0x104/0x140 [ 27.678902] ? kasan_atomics_helper+0x177f/0x5450 [ 27.678978] ? kasan_atomics_helper+0x177f/0x5450 [ 27.679064] kasan_check_range+0x10c/0x1c0 [ 27.679164] __kasan_check_write+0x18/0x20 [ 27.679233] kasan_atomics_helper+0x177f/0x5450 [ 27.679357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.679436] ? kasan_save_alloc_info+0x3b/0x50 [ 27.679563] kasan_atomics+0x1dc/0x310 [ 27.679673] ? __pfx_kasan_atomics+0x10/0x10 [ 27.679811] ? __pfx_read_tsc+0x10/0x10 [ 27.679936] ? ktime_get_ts64+0x86/0x240 [ 27.680047] kunit_try_run_case+0x1b2/0x490 [ 27.680178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.680254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.680322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.680388] ? __kthread_parkme+0x82/0x160 [ 27.680455] ? preempt_count_sub+0x50/0x80 [ 27.680531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.680599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.680672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.680796] kthread+0x323/0x710 [ 27.680900] ? trace_preempt_on+0x20/0xc0 [ 27.680968] ? __pfx_kthread+0x10/0x10 [ 27.681005] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.681038] ? calculate_sigpending+0x7b/0xa0 [ 27.681072] ? __pfx_kthread+0x10/0x10 [ 27.681129] ret_from_fork+0x41/0x80 [ 27.681174] ? __pfx_kthread+0x10/0x10 [ 27.681208] ret_from_fork_asm+0x1a/0x30 [ 27.681258] </TASK> [ 27.681275] [ 27.694696] Allocated by task 286: [ 27.695167] kasan_save_stack+0x3d/0x60 [ 27.695549] kasan_save_track+0x18/0x40 [ 27.696094] kasan_save_alloc_info+0x3b/0x50 [ 27.696524] __kasan_kmalloc+0xb7/0xc0 [ 27.696952] __kmalloc_cache_noprof+0x183/0x410 [ 27.697381] kasan_atomics+0x95/0x310 [ 27.697795] kunit_try_run_case+0x1b2/0x490 [ 27.698196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.698774] kthread+0x323/0x710 [ 27.699181] ret_from_fork+0x41/0x80 [ 27.699618] ret_from_fork_asm+0x1a/0x30 [ 27.700126] [ 27.700349] The buggy address belongs to the object at ffff888103231c00 [ 27.700349] which belongs to the cache kmalloc-64 of size 64 [ 27.701454] The buggy address is located 0 bytes to the right of [ 27.701454] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.702568] [ 27.702895] The buggy address belongs to the physical page: [ 27.703364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.704038] flags: 0x200000000000000(node=0|zone=2) [ 27.704376] page_type: f5(slab) [ 27.704619] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.705416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.706153] page dumped because: kasan: bad access detected [ 27.706768] [ 27.707031] Memory state around the buggy address: [ 27.707519] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.708137] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.708835] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.709483] ^ [ 27.710010] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.710667] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.711301] ================================================================== [ 27.932977] ================================================================== [ 27.933610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 27.935693] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.939815] [ 27.940471] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.940609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.940646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.940723] Call Trace: [ 27.940761] <TASK> [ 27.940798] dump_stack_lvl+0x73/0xb0 [ 27.940883] print_report+0xd1/0x660 [ 27.940950] ? __virt_addr_valid+0x1db/0x2d0 [ 27.941069] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.941954] kasan_report+0x104/0x140 [ 27.942034] ? kasan_atomics_helper+0x1b22/0x5450 [ 27.942106] ? kasan_atomics_helper+0x1b22/0x5450 [ 27.942205] kasan_check_range+0x10c/0x1c0 [ 27.942280] __kasan_check_write+0x18/0x20 [ 27.942341] kasan_atomics_helper+0x1b22/0x5450 [ 27.942413] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.942485] ? kasan_save_alloc_info+0x3b/0x50 [ 27.942572] kasan_atomics+0x1dc/0x310 [ 27.942641] ? __pfx_kasan_atomics+0x10/0x10 [ 27.942752] ? __pfx_read_tsc+0x10/0x10 [ 27.942819] ? ktime_get_ts64+0x86/0x240 [ 27.942896] kunit_try_run_case+0x1b2/0x490 [ 27.942962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.943025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.943082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.943166] ? __kthread_parkme+0x82/0x160 [ 27.943231] ? preempt_count_sub+0x50/0x80 [ 27.943305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.943376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.943445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.943516] kthread+0x323/0x710 [ 27.943575] ? trace_preempt_on+0x20/0xc0 [ 27.943671] ? __pfx_kthread+0x10/0x10 [ 27.943782] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.943849] ? calculate_sigpending+0x7b/0xa0 [ 27.943911] ? __pfx_kthread+0x10/0x10 [ 27.943985] ret_from_fork+0x41/0x80 [ 27.944049] ? __pfx_kthread+0x10/0x10 [ 27.944130] ret_from_fork_asm+0x1a/0x30 [ 27.944202] </TASK> [ 27.944224] [ 27.964625] Allocated by task 286: [ 27.964912] kasan_save_stack+0x3d/0x60 [ 27.965487] kasan_save_track+0x18/0x40 [ 27.965908] kasan_save_alloc_info+0x3b/0x50 [ 27.966468] __kasan_kmalloc+0xb7/0xc0 [ 27.966894] __kmalloc_cache_noprof+0x183/0x410 [ 27.967231] kasan_atomics+0x95/0x310 [ 27.967506] kunit_try_run_case+0x1b2/0x490 [ 27.968099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.968687] kthread+0x323/0x710 [ 27.969276] ret_from_fork+0x41/0x80 [ 27.969896] ret_from_fork_asm+0x1a/0x30 [ 27.970435] [ 27.970667] The buggy address belongs to the object at ffff888103231c00 [ 27.970667] which belongs to the cache kmalloc-64 of size 64 [ 27.971779] The buggy address is located 0 bytes to the right of [ 27.971779] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.972787] [ 27.973093] The buggy address belongs to the physical page: [ 27.973432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.973907] flags: 0x200000000000000(node=0|zone=2) [ 27.974433] page_type: f5(slab) [ 27.974935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.975830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.976677] page dumped because: kasan: bad access detected [ 27.977142] [ 27.977312] Memory state around the buggy address: [ 27.977589] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.978027] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.978808] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.979481] ^ [ 27.980126] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.980806] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.981524] ================================================================== [ 28.079160] ================================================================== [ 28.080087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 28.080967] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.082090] [ 28.082333] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.082498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.082544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.082608] Call Trace: [ 28.082676] <TASK> [ 28.082702] dump_stack_lvl+0x73/0xb0 [ 28.082801] print_report+0xd1/0x660 [ 28.082862] ? __virt_addr_valid+0x1db/0x2d0 [ 28.082933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.082973] kasan_report+0x104/0x140 [ 28.083005] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.083042] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.083085] kasan_check_range+0x10c/0x1c0 [ 28.083144] __kasan_check_write+0x18/0x20 [ 28.083177] kasan_atomics_helper+0x1ce1/0x5450 [ 28.083215] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.083251] ? kasan_save_alloc_info+0x3b/0x50 [ 28.083297] kasan_atomics+0x1dc/0x310 [ 28.083333] ? __pfx_kasan_atomics+0x10/0x10 [ 28.083370] ? __pfx_read_tsc+0x10/0x10 [ 28.083403] ? ktime_get_ts64+0x86/0x240 [ 28.083441] kunit_try_run_case+0x1b2/0x490 [ 28.083478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.083512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.083546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.083580] ? __kthread_parkme+0x82/0x160 [ 28.083641] ? preempt_count_sub+0x50/0x80 [ 28.083682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.083761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.083851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.083938] kthread+0x323/0x710 [ 28.084003] ? trace_preempt_on+0x20/0xc0 [ 28.084069] ? __pfx_kthread+0x10/0x10 [ 28.084107] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.084168] ? calculate_sigpending+0x7b/0xa0 [ 28.084202] ? __pfx_kthread+0x10/0x10 [ 28.084238] ret_from_fork+0x41/0x80 [ 28.084275] ? __pfx_kthread+0x10/0x10 [ 28.084310] ret_from_fork_asm+0x1a/0x30 [ 28.084360] </TASK> [ 28.084377] [ 28.105568] Allocated by task 286: [ 28.105887] kasan_save_stack+0x3d/0x60 [ 28.106191] kasan_save_track+0x18/0x40 [ 28.106451] kasan_save_alloc_info+0x3b/0x50 [ 28.106737] __kasan_kmalloc+0xb7/0xc0 [ 28.106995] __kmalloc_cache_noprof+0x183/0x410 [ 28.108904] kasan_atomics+0x95/0x310 [ 28.109350] kunit_try_run_case+0x1b2/0x490 [ 28.110539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.111526] kthread+0x323/0x710 [ 28.112579] ret_from_fork+0x41/0x80 [ 28.113018] ret_from_fork_asm+0x1a/0x30 [ 28.113478] [ 28.113798] The buggy address belongs to the object at ffff888103231c00 [ 28.113798] which belongs to the cache kmalloc-64 of size 64 [ 28.114866] The buggy address is located 0 bytes to the right of [ 28.114866] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.115908] [ 28.116088] The buggy address belongs to the physical page: [ 28.116800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.117339] flags: 0x200000000000000(node=0|zone=2) [ 28.117925] page_type: f5(slab) [ 28.118336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.119076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.119871] page dumped because: kasan: bad access detected [ 28.120317] [ 28.120637] Memory state around the buggy address: [ 28.121174] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.121611] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.122385] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.123176] ^ [ 28.123765] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.124492] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.124930] ================================================================== [ 27.152426] ================================================================== [ 27.153171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 27.153892] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.154527] [ 27.154763] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.155434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.155481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.155542] Call Trace: [ 27.155582] <TASK> [ 27.155651] dump_stack_lvl+0x73/0xb0 [ 27.156522] print_report+0xd1/0x660 [ 27.156595] ? __virt_addr_valid+0x1db/0x2d0 [ 27.156665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.156713] kasan_report+0x104/0x140 [ 27.156817] ? kasan_atomics_helper+0x1217/0x5450 [ 27.156893] ? kasan_atomics_helper+0x1217/0x5450 [ 27.156983] kasan_check_range+0x10c/0x1c0 [ 27.157060] __kasan_check_write+0x18/0x20 [ 27.157107] kasan_atomics_helper+0x1217/0x5450 [ 27.157187] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.157226] ? kasan_save_alloc_info+0x3b/0x50 [ 27.157272] kasan_atomics+0x1dc/0x310 [ 27.157308] ? __pfx_kasan_atomics+0x10/0x10 [ 27.157346] ? __pfx_read_tsc+0x10/0x10 [ 27.157379] ? ktime_get_ts64+0x86/0x240 [ 27.157418] kunit_try_run_case+0x1b2/0x490 [ 27.157455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.157489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.157523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.157557] ? __kthread_parkme+0x82/0x160 [ 27.157591] ? preempt_count_sub+0x50/0x80 [ 27.157629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.157665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.157702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.157776] kthread+0x323/0x710 [ 27.157811] ? trace_preempt_on+0x20/0xc0 [ 27.157847] ? __pfx_kthread+0x10/0x10 [ 27.157880] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.157913] ? calculate_sigpending+0x7b/0xa0 [ 27.157945] ? __pfx_kthread+0x10/0x10 [ 27.157979] ret_from_fork+0x41/0x80 [ 27.158013] ? __pfx_kthread+0x10/0x10 [ 27.158046] ret_from_fork_asm+0x1a/0x30 [ 27.158094] </TASK> [ 27.158131] [ 27.174016] Allocated by task 286: [ 27.174383] kasan_save_stack+0x3d/0x60 [ 27.174857] kasan_save_track+0x18/0x40 [ 27.175389] kasan_save_alloc_info+0x3b/0x50 [ 27.175841] __kasan_kmalloc+0xb7/0xc0 [ 27.176359] __kmalloc_cache_noprof+0x183/0x410 [ 27.176838] kasan_atomics+0x95/0x310 [ 27.177252] kunit_try_run_case+0x1b2/0x490 [ 27.177782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.178249] kthread+0x323/0x710 [ 27.178697] ret_from_fork+0x41/0x80 [ 27.179275] ret_from_fork_asm+0x1a/0x30 [ 27.179921] [ 27.180106] The buggy address belongs to the object at ffff888103231c00 [ 27.180106] which belongs to the cache kmalloc-64 of size 64 [ 27.181072] The buggy address is located 0 bytes to the right of [ 27.181072] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.182424] [ 27.182596] The buggy address belongs to the physical page: [ 27.182913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.183363] flags: 0x200000000000000(node=0|zone=2) [ 27.183705] page_type: f5(slab) [ 27.184086] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.185016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.185705] page dumped because: kasan: bad access detected [ 27.186257] [ 27.186484] Memory state around the buggy address: [ 27.187033] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.187716] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.188487] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.190881] ^ [ 27.192154] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.194104] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.194510] ================================================================== [ 27.756407] ================================================================== [ 27.757873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 27.758487] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.758979] [ 27.759271] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.759396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.759432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.759492] Call Trace: [ 27.759528] <TASK> [ 27.759566] dump_stack_lvl+0x73/0xb0 [ 27.759677] print_report+0xd1/0x660 [ 27.759798] ? __virt_addr_valid+0x1db/0x2d0 [ 27.759942] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.760021] kasan_report+0x104/0x140 [ 27.760083] ? kasan_atomics_helper+0x18b1/0x5450 [ 27.760181] ? kasan_atomics_helper+0x18b1/0x5450 [ 27.760265] kasan_check_range+0x10c/0x1c0 [ 27.760340] __kasan_check_write+0x18/0x20 [ 27.760401] kasan_atomics_helper+0x18b1/0x5450 [ 27.760471] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.760542] ? kasan_save_alloc_info+0x3b/0x50 [ 27.760630] kasan_atomics+0x1dc/0x310 [ 27.760744] ? __pfx_kasan_atomics+0x10/0x10 [ 27.760804] ? __pfx_read_tsc+0x10/0x10 [ 27.760859] ? ktime_get_ts64+0x86/0x240 [ 27.760902] kunit_try_run_case+0x1b2/0x490 [ 27.760941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.760977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.761012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.761047] ? __kthread_parkme+0x82/0x160 [ 27.761082] ? preempt_count_sub+0x50/0x80 [ 27.761143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.761182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.761219] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.761256] kthread+0x323/0x710 [ 27.761290] ? trace_preempt_on+0x20/0xc0 [ 27.761326] ? __pfx_kthread+0x10/0x10 [ 27.761360] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.761391] ? calculate_sigpending+0x7b/0xa0 [ 27.761424] ? __pfx_kthread+0x10/0x10 [ 27.761458] ret_from_fork+0x41/0x80 [ 27.761492] ? __pfx_kthread+0x10/0x10 [ 27.761528] ret_from_fork_asm+0x1a/0x30 [ 27.761576] </TASK> [ 27.761594] [ 27.774318] Allocated by task 286: [ 27.774677] kasan_save_stack+0x3d/0x60 [ 27.775167] kasan_save_track+0x18/0x40 [ 27.775552] kasan_save_alloc_info+0x3b/0x50 [ 27.776053] __kasan_kmalloc+0xb7/0xc0 [ 27.776420] __kmalloc_cache_noprof+0x183/0x410 [ 27.776933] kasan_atomics+0x95/0x310 [ 27.777362] kunit_try_run_case+0x1b2/0x490 [ 27.777790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.778302] kthread+0x323/0x710 [ 27.778613] ret_from_fork+0x41/0x80 [ 27.779059] ret_from_fork_asm+0x1a/0x30 [ 27.779506] [ 27.779750] The buggy address belongs to the object at ffff888103231c00 [ 27.779750] which belongs to the cache kmalloc-64 of size 64 [ 27.780430] The buggy address is located 0 bytes to the right of [ 27.780430] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.781472] [ 27.781697] The buggy address belongs to the physical page: [ 27.782185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.782888] flags: 0x200000000000000(node=0|zone=2) [ 27.783242] page_type: f5(slab) [ 27.783491] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.784262] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.784940] page dumped because: kasan: bad access detected [ 27.785276] [ 27.785443] Memory state around the buggy address: [ 27.785774] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.786189] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.786574] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.786991] ^ [ 27.787451] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.788207] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.788882] ================================================================== [ 28.594216] ================================================================== [ 28.595061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 28.595983] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.596850] [ 28.597198] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.597321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.597358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.597417] Call Trace: [ 28.597490] <TASK> [ 28.597532] dump_stack_lvl+0x73/0xb0 [ 28.597612] print_report+0xd1/0x660 [ 28.597682] ? __virt_addr_valid+0x1db/0x2d0 [ 28.597812] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.597854] kasan_report+0x104/0x140 [ 28.597904] ? kasan_atomics_helper+0x224c/0x5450 [ 28.597968] ? kasan_atomics_helper+0x224c/0x5450 [ 28.598046] kasan_check_range+0x10c/0x1c0 [ 28.598145] __kasan_check_write+0x18/0x20 [ 28.598211] kasan_atomics_helper+0x224c/0x5450 [ 28.598318] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.598405] ? kasan_save_alloc_info+0x3b/0x50 [ 28.598492] kasan_atomics+0x1dc/0x310 [ 28.598565] ? __pfx_kasan_atomics+0x10/0x10 [ 28.598631] ? __pfx_read_tsc+0x10/0x10 [ 28.598670] ? ktime_get_ts64+0x86/0x240 [ 28.598767] kunit_try_run_case+0x1b2/0x490 [ 28.598808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.598843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.598876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.598910] ? __kthread_parkme+0x82/0x160 [ 28.598946] ? preempt_count_sub+0x50/0x80 [ 28.598984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.599020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.599056] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.599092] kthread+0x323/0x710 [ 28.599149] ? trace_preempt_on+0x20/0xc0 [ 28.599184] ? __pfx_kthread+0x10/0x10 [ 28.599217] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.599249] ? calculate_sigpending+0x7b/0xa0 [ 28.599282] ? __pfx_kthread+0x10/0x10 [ 28.599316] ret_from_fork+0x41/0x80 [ 28.599350] ? __pfx_kthread+0x10/0x10 [ 28.599385] ret_from_fork_asm+0x1a/0x30 [ 28.599435] </TASK> [ 28.599452] [ 28.617844] Allocated by task 286: [ 28.619080] kasan_save_stack+0x3d/0x60 [ 28.619504] kasan_save_track+0x18/0x40 [ 28.619966] kasan_save_alloc_info+0x3b/0x50 [ 28.620533] __kasan_kmalloc+0xb7/0xc0 [ 28.621509] __kmalloc_cache_noprof+0x183/0x410 [ 28.621885] kasan_atomics+0x95/0x310 [ 28.622324] kunit_try_run_case+0x1b2/0x490 [ 28.623140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.623679] kthread+0x323/0x710 [ 28.624183] ret_from_fork+0x41/0x80 [ 28.624599] ret_from_fork_asm+0x1a/0x30 [ 28.625688] [ 28.625863] The buggy address belongs to the object at ffff888103231c00 [ 28.625863] which belongs to the cache kmalloc-64 of size 64 [ 28.627350] The buggy address is located 0 bytes to the right of [ 28.627350] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.628711] [ 28.629208] The buggy address belongs to the physical page: [ 28.629677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.630407] flags: 0x200000000000000(node=0|zone=2) [ 28.631533] page_type: f5(slab) [ 28.631912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.632611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.633351] page dumped because: kasan: bad access detected [ 28.634099] [ 28.634284] Memory state around the buggy address: [ 28.634961] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.635817] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.636803] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.637505] ^ [ 28.638192] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.638620] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.639514] ================================================================== [ 26.228555] ================================================================== [ 26.229980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 26.232808] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.233425] [ 26.233619] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.234804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.234853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.234916] Call Trace: [ 26.234952] <TASK> [ 26.234991] dump_stack_lvl+0x73/0xb0 [ 26.235073] print_report+0xd1/0x660 [ 26.235170] ? __virt_addr_valid+0x1db/0x2d0 [ 26.235297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.235377] kasan_report+0x104/0x140 [ 26.235443] ? kasan_atomics_helper+0x5fe/0x5450 [ 26.235516] ? kasan_atomics_helper+0x5fe/0x5450 [ 26.235628] kasan_check_range+0x10c/0x1c0 [ 26.235823] __kasan_check_write+0x18/0x20 [ 26.236463] kasan_atomics_helper+0x5fe/0x5450 [ 26.236556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.236632] ? kasan_save_alloc_info+0x3b/0x50 [ 26.236847] kasan_atomics+0x1dc/0x310 [ 26.237031] ? __pfx_kasan_atomics+0x10/0x10 [ 26.237498] ? __pfx_read_tsc+0x10/0x10 [ 26.237574] ? ktime_get_ts64+0x86/0x240 [ 26.237649] kunit_try_run_case+0x1b2/0x490 [ 26.237768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.237835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.237873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.237911] ? __kthread_parkme+0x82/0x160 [ 26.237946] ? preempt_count_sub+0x50/0x80 [ 26.237984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.238020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.238057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.238092] kthread+0x323/0x710 [ 26.238149] ? trace_preempt_on+0x20/0xc0 [ 26.238186] ? __pfx_kthread+0x10/0x10 [ 26.238221] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.238252] ? calculate_sigpending+0x7b/0xa0 [ 26.238286] ? __pfx_kthread+0x10/0x10 [ 26.238320] ret_from_fork+0x41/0x80 [ 26.238354] ? __pfx_kthread+0x10/0x10 [ 26.238388] ret_from_fork_asm+0x1a/0x30 [ 26.238436] </TASK> [ 26.238453] [ 26.256227] Allocated by task 286: [ 26.257048] kasan_save_stack+0x3d/0x60 [ 26.257514] kasan_save_track+0x18/0x40 [ 26.258035] kasan_save_alloc_info+0x3b/0x50 [ 26.258361] __kasan_kmalloc+0xb7/0xc0 [ 26.258941] __kmalloc_cache_noprof+0x183/0x410 [ 26.259750] kasan_atomics+0x95/0x310 [ 26.260506] kunit_try_run_case+0x1b2/0x490 [ 26.261106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.261542] kthread+0x323/0x710 [ 26.261847] ret_from_fork+0x41/0x80 [ 26.262430] ret_from_fork_asm+0x1a/0x30 [ 26.262865] [ 26.263354] The buggy address belongs to the object at ffff888103231c00 [ 26.263354] which belongs to the cache kmalloc-64 of size 64 [ 26.264548] The buggy address is located 0 bytes to the right of [ 26.264548] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.265807] [ 26.266189] The buggy address belongs to the physical page: [ 26.266935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.267650] flags: 0x200000000000000(node=0|zone=2) [ 26.267982] page_type: f5(slab) [ 26.268309] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.269433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.270332] page dumped because: kasan: bad access detected [ 26.270650] [ 26.271056] Memory state around the buggy address: [ 26.271681] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.272385] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.273064] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.273593] ^ [ 26.274310] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.275172] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.276060] ================================================================== [ 26.487688] ================================================================== [ 26.488237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 26.489028] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.489457] [ 26.489651] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.489797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.489839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.489924] Call Trace: [ 26.489961] <TASK> [ 26.490000] dump_stack_lvl+0x73/0xb0 [ 26.490080] print_report+0xd1/0x660 [ 26.490174] ? __virt_addr_valid+0x1db/0x2d0 [ 26.490307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.490386] kasan_report+0x104/0x140 [ 26.490449] ? kasan_atomics_helper+0x992/0x5450 [ 26.490522] ? kasan_atomics_helper+0x992/0x5450 [ 26.490607] kasan_check_range+0x10c/0x1c0 [ 26.490678] __kasan_check_write+0x18/0x20 [ 26.490767] kasan_atomics_helper+0x992/0x5450 [ 26.490886] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.490971] ? kasan_save_alloc_info+0x3b/0x50 [ 26.491056] kasan_atomics+0x1dc/0x310 [ 26.491154] ? __pfx_kasan_atomics+0x10/0x10 [ 26.491229] ? __pfx_read_tsc+0x10/0x10 [ 26.491340] ? ktime_get_ts64+0x86/0x240 [ 26.491424] kunit_try_run_case+0x1b2/0x490 [ 26.491493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.491558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.491651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.491742] ? __kthread_parkme+0x82/0x160 [ 26.491838] ? preempt_count_sub+0x50/0x80 [ 26.491952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.492031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.492102] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.492223] kthread+0x323/0x710 [ 26.492316] ? trace_preempt_on+0x20/0xc0 [ 26.492386] ? __pfx_kthread+0x10/0x10 [ 26.492447] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.492510] ? calculate_sigpending+0x7b/0xa0 [ 26.492591] ? __pfx_kthread+0x10/0x10 [ 26.492689] ret_from_fork+0x41/0x80 [ 26.492789] ? __pfx_kthread+0x10/0x10 [ 26.492857] ret_from_fork_asm+0x1a/0x30 [ 26.492949] </TASK> [ 26.492983] [ 26.509132] Allocated by task 286: [ 26.509383] kasan_save_stack+0x3d/0x60 [ 26.509664] kasan_save_track+0x18/0x40 [ 26.509930] kasan_save_alloc_info+0x3b/0x50 [ 26.510380] __kasan_kmalloc+0xb7/0xc0 [ 26.510926] __kmalloc_cache_noprof+0x183/0x410 [ 26.511496] kasan_atomics+0x95/0x310 [ 26.512266] kunit_try_run_case+0x1b2/0x490 [ 26.512850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.513545] kthread+0x323/0x710 [ 26.514141] ret_from_fork+0x41/0x80 [ 26.514647] ret_from_fork_asm+0x1a/0x30 [ 26.515189] [ 26.515486] The buggy address belongs to the object at ffff888103231c00 [ 26.515486] which belongs to the cache kmalloc-64 of size 64 [ 26.516836] The buggy address is located 0 bytes to the right of [ 26.516836] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.518290] [ 26.518550] The buggy address belongs to the physical page: [ 26.519466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.520342] flags: 0x200000000000000(node=0|zone=2) [ 26.520904] page_type: f5(slab) [ 26.521404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.522223] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.522991] page dumped because: kasan: bad access detected [ 26.523885] [ 26.524212] Memory state around the buggy address: [ 26.524765] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.525573] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.526429] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.527046] ^ [ 26.527455] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.528347] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.528978] ================================================================== [ 27.625609] ================================================================== [ 27.626339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 27.626798] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.627579] [ 27.627953] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.628081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.628169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.628234] Call Trace: [ 27.628270] <TASK> [ 27.628307] dump_stack_lvl+0x73/0xb0 [ 27.628388] print_report+0xd1/0x660 [ 27.628459] ? __virt_addr_valid+0x1db/0x2d0 [ 27.628585] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.628664] kasan_report+0x104/0x140 [ 27.628774] ? kasan_atomics_helper+0x16e7/0x5450 [ 27.628848] ? kasan_atomics_helper+0x16e7/0x5450 [ 27.628928] kasan_check_range+0x10c/0x1c0 [ 27.629052] __kasan_check_write+0x18/0x20 [ 27.629143] kasan_atomics_helper+0x16e7/0x5450 [ 27.629214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.629283] ? kasan_save_alloc_info+0x3b/0x50 [ 27.629385] kasan_atomics+0x1dc/0x310 [ 27.629485] ? __pfx_kasan_atomics+0x10/0x10 [ 27.629563] ? __pfx_read_tsc+0x10/0x10 [ 27.629627] ? ktime_get_ts64+0x86/0x240 [ 27.629699] kunit_try_run_case+0x1b2/0x490 [ 27.629835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.629906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.629975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.630086] ? __kthread_parkme+0x82/0x160 [ 27.630178] ? preempt_count_sub+0x50/0x80 [ 27.630260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.630333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.630406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.630478] kthread+0x323/0x710 [ 27.630538] ? trace_preempt_on+0x20/0xc0 [ 27.630608] ? __pfx_kthread+0x10/0x10 [ 27.630664] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.630774] ? calculate_sigpending+0x7b/0xa0 [ 27.630870] ? __pfx_kthread+0x10/0x10 [ 27.630970] ret_from_fork+0x41/0x80 [ 27.631040] ? __pfx_kthread+0x10/0x10 [ 27.631100] ret_from_fork_asm+0x1a/0x30 [ 27.631217] </TASK> [ 27.631250] [ 27.648260] Allocated by task 286: [ 27.648674] kasan_save_stack+0x3d/0x60 [ 27.649145] kasan_save_track+0x18/0x40 [ 27.649770] kasan_save_alloc_info+0x3b/0x50 [ 27.650245] __kasan_kmalloc+0xb7/0xc0 [ 27.650635] __kmalloc_cache_noprof+0x183/0x410 [ 27.651351] kasan_atomics+0x95/0x310 [ 27.651664] kunit_try_run_case+0x1b2/0x490 [ 27.651982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.652534] kthread+0x323/0x710 [ 27.653026] ret_from_fork+0x41/0x80 [ 27.653623] ret_from_fork_asm+0x1a/0x30 [ 27.654076] [ 27.654331] The buggy address belongs to the object at ffff888103231c00 [ 27.654331] which belongs to the cache kmalloc-64 of size 64 [ 27.655668] The buggy address is located 0 bytes to the right of [ 27.655668] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.656794] [ 27.658322] The buggy address belongs to the physical page: [ 27.658752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.659716] flags: 0x200000000000000(node=0|zone=2) [ 27.662438] page_type: f5(slab) [ 27.663041] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.664640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.666517] page dumped because: kasan: bad access detected [ 27.667277] [ 27.667837] Memory state around the buggy address: [ 27.668605] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.669938] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.670350] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.670710] ^ [ 27.671014] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.671945] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.672741] ================================================================== [ 27.372004] ================================================================== [ 27.372857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 27.373706] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.374734] [ 27.374992] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.375147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.375189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.375228] Call Trace: [ 27.375248] <TASK> [ 27.375269] dump_stack_lvl+0x73/0xb0 [ 27.375314] print_report+0xd1/0x660 [ 27.375365] ? __virt_addr_valid+0x1db/0x2d0 [ 27.375484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.375560] kasan_report+0x104/0x140 [ 27.375655] ? kasan_atomics_helper+0x4eae/0x5450 [ 27.375730] ? kasan_atomics_helper+0x4eae/0x5450 [ 27.376263] __asan_report_load8_noabort+0x18/0x20 [ 27.376340] kasan_atomics_helper+0x4eae/0x5450 [ 27.376414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.376489] ? kasan_save_alloc_info+0x3b/0x50 [ 27.376549] kasan_atomics+0x1dc/0x310 [ 27.376589] ? __pfx_kasan_atomics+0x10/0x10 [ 27.376628] ? __pfx_read_tsc+0x10/0x10 [ 27.376663] ? ktime_get_ts64+0x86/0x240 [ 27.376719] kunit_try_run_case+0x1b2/0x490 [ 27.376786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.376821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.376856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.376892] ? __kthread_parkme+0x82/0x160 [ 27.376925] ? preempt_count_sub+0x50/0x80 [ 27.376965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.377001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.377037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.377072] kthread+0x323/0x710 [ 27.377105] ? trace_preempt_on+0x20/0xc0 [ 27.377163] ? __pfx_kthread+0x10/0x10 [ 27.377198] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.377231] ? calculate_sigpending+0x7b/0xa0 [ 27.377265] ? __pfx_kthread+0x10/0x10 [ 27.377299] ret_from_fork+0x41/0x80 [ 27.377333] ? __pfx_kthread+0x10/0x10 [ 27.377367] ret_from_fork_asm+0x1a/0x30 [ 27.377416] </TASK> [ 27.377433] [ 27.397468] Allocated by task 286: [ 27.397700] kasan_save_stack+0x3d/0x60 [ 27.398275] kasan_save_track+0x18/0x40 [ 27.398712] kasan_save_alloc_info+0x3b/0x50 [ 27.399462] __kasan_kmalloc+0xb7/0xc0 [ 27.401015] __kmalloc_cache_noprof+0x183/0x410 [ 27.401386] kasan_atomics+0x95/0x310 [ 27.403106] kunit_try_run_case+0x1b2/0x490 [ 27.403444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.403823] kthread+0x323/0x710 [ 27.404151] ret_from_fork+0x41/0x80 [ 27.404542] ret_from_fork_asm+0x1a/0x30 [ 27.404976] [ 27.405417] The buggy address belongs to the object at ffff888103231c00 [ 27.405417] which belongs to the cache kmalloc-64 of size 64 [ 27.405999] The buggy address is located 0 bytes to the right of [ 27.405999] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.406604] [ 27.406753] The buggy address belongs to the physical page: [ 27.408506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.408924] flags: 0x200000000000000(node=0|zone=2) [ 27.411014] page_type: f5(slab) [ 27.411696] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.412475] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.413214] page dumped because: kasan: bad access detected [ 27.413807] [ 27.414039] Memory state around the buggy address: [ 27.414565] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.415212] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.415624] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.416333] ^ [ 27.416905] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.417644] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.418325] ================================================================== [ 27.244063] ================================================================== [ 27.244700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 27.245227] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.246072] [ 27.246385] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.246516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.246555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.246617] Call Trace: [ 27.246652] <TASK> [ 27.246692] dump_stack_lvl+0x73/0xb0 [ 27.246832] print_report+0xd1/0x660 [ 27.246961] ? __virt_addr_valid+0x1db/0x2d0 [ 27.247183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.247302] kasan_report+0x104/0x140 [ 27.247402] ? kasan_atomics_helper+0x12e6/0x5450 [ 27.247529] ? kasan_atomics_helper+0x12e6/0x5450 [ 27.247648] kasan_check_range+0x10c/0x1c0 [ 27.247775] __kasan_check_write+0x18/0x20 [ 27.247850] kasan_atomics_helper+0x12e6/0x5450 [ 27.247937] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.248012] ? kasan_save_alloc_info+0x3b/0x50 [ 27.248087] kasan_atomics+0x1dc/0x310 [ 27.248154] ? __pfx_kasan_atomics+0x10/0x10 [ 27.248196] ? __pfx_read_tsc+0x10/0x10 [ 27.248231] ? ktime_get_ts64+0x86/0x240 [ 27.248271] kunit_try_run_case+0x1b2/0x490 [ 27.248308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.248342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.248375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.248410] ? __kthread_parkme+0x82/0x160 [ 27.248444] ? preempt_count_sub+0x50/0x80 [ 27.248483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.248519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.248554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.248590] kthread+0x323/0x710 [ 27.248623] ? trace_preempt_on+0x20/0xc0 [ 27.248658] ? __pfx_kthread+0x10/0x10 [ 27.248693] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.248769] ? calculate_sigpending+0x7b/0xa0 [ 27.248805] ? __pfx_kthread+0x10/0x10 [ 27.248840] ret_from_fork+0x41/0x80 [ 27.248874] ? __pfx_kthread+0x10/0x10 [ 27.248909] ret_from_fork_asm+0x1a/0x30 [ 27.248958] </TASK> [ 27.248975] [ 27.265226] Allocated by task 286: [ 27.265598] kasan_save_stack+0x3d/0x60 [ 27.266187] kasan_save_track+0x18/0x40 [ 27.266707] kasan_save_alloc_info+0x3b/0x50 [ 27.267287] __kasan_kmalloc+0xb7/0xc0 [ 27.267742] __kmalloc_cache_noprof+0x183/0x410 [ 27.268377] kasan_atomics+0x95/0x310 [ 27.268659] kunit_try_run_case+0x1b2/0x490 [ 27.269199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.269951] kthread+0x323/0x710 [ 27.270497] ret_from_fork+0x41/0x80 [ 27.270975] ret_from_fork_asm+0x1a/0x30 [ 27.271386] [ 27.271551] The buggy address belongs to the object at ffff888103231c00 [ 27.271551] which belongs to the cache kmalloc-64 of size 64 [ 27.272190] The buggy address is located 0 bytes to the right of [ 27.272190] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.273444] [ 27.273946] The buggy address belongs to the physical page: [ 27.274676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.275557] flags: 0x200000000000000(node=0|zone=2) [ 27.276249] page_type: f5(slab) [ 27.276749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.277332] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.278316] page dumped because: kasan: bad access detected [ 27.278833] [ 27.279158] Memory state around the buggy address: [ 27.279649] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.280356] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.281089] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.281999] ^ [ 27.282688] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.283375] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.284240] ================================================================== [ 26.060602] ================================================================== [ 26.064563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 26.066625] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.067011] [ 26.067258] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.067382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.067415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.068000] Call Trace: [ 26.068054] <TASK> [ 26.068092] dump_stack_lvl+0x73/0xb0 [ 26.068249] print_report+0xd1/0x660 [ 26.068319] ? __virt_addr_valid+0x1db/0x2d0 [ 26.068445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.068519] kasan_report+0x104/0x140 [ 26.068578] ? kasan_atomics_helper+0x4b54/0x5450 [ 26.068648] ? kasan_atomics_helper+0x4b54/0x5450 [ 26.068728] __asan_report_load4_noabort+0x18/0x20 [ 26.068793] kasan_atomics_helper+0x4b54/0x5450 [ 26.068851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.068917] ? kasan_save_alloc_info+0x3b/0x50 [ 26.068999] kasan_atomics+0x1dc/0x310 [ 26.069064] ? __pfx_kasan_atomics+0x10/0x10 [ 26.069769] ? __pfx_read_tsc+0x10/0x10 [ 26.069855] ? ktime_get_ts64+0x86/0x240 [ 26.069928] kunit_try_run_case+0x1b2/0x490 [ 26.069996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.070321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.070393] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.070504] ? __kthread_parkme+0x82/0x160 [ 26.070569] ? preempt_count_sub+0x50/0x80 [ 26.070643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.070712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.070783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.070884] kthread+0x323/0x710 [ 26.070947] ? trace_preempt_on+0x20/0xc0 [ 26.071015] ? __pfx_kthread+0x10/0x10 [ 26.071076] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.071163] ? calculate_sigpending+0x7b/0xa0 [ 26.071225] ? __pfx_kthread+0x10/0x10 [ 26.071287] ret_from_fork+0x41/0x80 [ 26.071352] ? __pfx_kthread+0x10/0x10 [ 26.071415] ret_from_fork_asm+0x1a/0x30 [ 26.071508] </TASK> [ 26.071541] [ 26.088035] Allocated by task 286: [ 26.088508] kasan_save_stack+0x3d/0x60 [ 26.089037] kasan_save_track+0x18/0x40 [ 26.089459] kasan_save_alloc_info+0x3b/0x50 [ 26.090036] __kasan_kmalloc+0xb7/0xc0 [ 26.090358] __kmalloc_cache_noprof+0x183/0x410 [ 26.091023] kasan_atomics+0x95/0x310 [ 26.091582] kunit_try_run_case+0x1b2/0x490 [ 26.092334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.093133] kthread+0x323/0x710 [ 26.093746] ret_from_fork+0x41/0x80 [ 26.094365] ret_from_fork_asm+0x1a/0x30 [ 26.094917] [ 26.095173] The buggy address belongs to the object at ffff888103231c00 [ 26.095173] which belongs to the cache kmalloc-64 of size 64 [ 26.096039] The buggy address is located 0 bytes to the right of [ 26.096039] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.097386] [ 26.097691] The buggy address belongs to the physical page: [ 26.098345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.099269] flags: 0x200000000000000(node=0|zone=2) [ 26.099926] page_type: f5(slab) [ 26.100658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.101272] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.102213] page dumped because: kasan: bad access detected [ 26.102992] [ 26.103400] Memory state around the buggy address: [ 26.104067] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.104693] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.105974] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.106449] ^ [ 26.107254] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.108096] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.109227] ================================================================== [ 26.014375] ================================================================== [ 26.015254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 26.015697] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.016462] [ 26.017571] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.017731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.017770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.017827] Call Trace: [ 26.017860] <TASK> [ 26.017892] dump_stack_lvl+0x73/0xb0 [ 26.018082] print_report+0xd1/0x660 [ 26.018187] ? __virt_addr_valid+0x1db/0x2d0 [ 26.018315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.018390] kasan_report+0x104/0x140 [ 26.018449] ? kasan_atomics_helper+0x3df/0x5450 [ 26.018517] ? kasan_atomics_helper+0x3df/0x5450 [ 26.018571] kasan_check_range+0x10c/0x1c0 [ 26.018608] __kasan_check_read+0x15/0x20 [ 26.018641] kasan_atomics_helper+0x3df/0x5450 [ 26.018675] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.018716] ? kasan_save_alloc_info+0x3b/0x50 [ 26.018830] kasan_atomics+0x1dc/0x310 [ 26.018866] ? __pfx_kasan_atomics+0x10/0x10 [ 26.018903] ? __pfx_read_tsc+0x10/0x10 [ 26.018936] ? ktime_get_ts64+0x86/0x240 [ 26.018973] kunit_try_run_case+0x1b2/0x490 [ 26.019008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.019040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.019072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.019104] ? __kthread_parkme+0x82/0x160 [ 26.019160] ? preempt_count_sub+0x50/0x80 [ 26.019197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.019231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.019265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.019299] kthread+0x323/0x710 [ 26.019329] ? trace_preempt_on+0x20/0xc0 [ 26.019363] ? __pfx_kthread+0x10/0x10 [ 26.019393] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.019423] ? calculate_sigpending+0x7b/0xa0 [ 26.019454] ? __pfx_kthread+0x10/0x10 [ 26.019487] ret_from_fork+0x41/0x80 [ 26.019519] ? __pfx_kthread+0x10/0x10 [ 26.019550] ret_from_fork_asm+0x1a/0x30 [ 26.019623] </TASK> [ 26.019639] [ 26.039399] Allocated by task 286: [ 26.039717] kasan_save_stack+0x3d/0x60 [ 26.040737] kasan_save_track+0x18/0x40 [ 26.041355] kasan_save_alloc_info+0x3b/0x50 [ 26.041682] __kasan_kmalloc+0xb7/0xc0 [ 26.042389] __kmalloc_cache_noprof+0x183/0x410 [ 26.042777] kasan_atomics+0x95/0x310 [ 26.043744] kunit_try_run_case+0x1b2/0x490 [ 26.044141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.044621] kthread+0x323/0x710 [ 26.045260] ret_from_fork+0x41/0x80 [ 26.045684] ret_from_fork_asm+0x1a/0x30 [ 26.046029] [ 26.046270] The buggy address belongs to the object at ffff888103231c00 [ 26.046270] which belongs to the cache kmalloc-64 of size 64 [ 26.047143] The buggy address is located 0 bytes to the right of [ 26.047143] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.048790] [ 26.049627] The buggy address belongs to the physical page: [ 26.050319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.051141] flags: 0x200000000000000(node=0|zone=2) [ 26.051527] page_type: f5(slab) [ 26.051926] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.053382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.053826] page dumped because: kasan: bad access detected [ 26.054131] [ 26.054332] Memory state around the buggy address: [ 26.054599] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.057700] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.058350] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.058706] ^ [ 26.058969] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.059344] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.059715] ================================================================== [ 28.550094] ================================================================== [ 28.550807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 28.551398] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.552270] [ 28.552717] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.552849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.552890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.552948] Call Trace: [ 28.552985] <TASK> [ 28.553024] dump_stack_lvl+0x73/0xb0 [ 28.553103] print_report+0xd1/0x660 [ 28.553192] ? __virt_addr_valid+0x1db/0x2d0 [ 28.553315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.553392] kasan_report+0x104/0x140 [ 28.553456] ? kasan_atomics_helper+0x4fa5/0x5450 [ 28.553586] ? kasan_atomics_helper+0x4fa5/0x5450 [ 28.553747] __asan_report_load8_noabort+0x18/0x20 [ 28.553826] kasan_atomics_helper+0x4fa5/0x5450 [ 28.553904] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.553979] ? kasan_save_alloc_info+0x3b/0x50 [ 28.554067] kasan_atomics+0x1dc/0x310 [ 28.554157] ? __pfx_kasan_atomics+0x10/0x10 [ 28.554202] ? __pfx_read_tsc+0x10/0x10 [ 28.554237] ? ktime_get_ts64+0x86/0x240 [ 28.554278] kunit_try_run_case+0x1b2/0x490 [ 28.554314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.554348] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.554382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.554417] ? __kthread_parkme+0x82/0x160 [ 28.554449] ? preempt_count_sub+0x50/0x80 [ 28.554488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.554525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.554559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.554595] kthread+0x323/0x710 [ 28.554626] ? trace_preempt_on+0x20/0xc0 [ 28.554662] ? __pfx_kthread+0x10/0x10 [ 28.554695] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.554774] ? calculate_sigpending+0x7b/0xa0 [ 28.554808] ? __pfx_kthread+0x10/0x10 [ 28.554843] ret_from_fork+0x41/0x80 [ 28.554878] ? __pfx_kthread+0x10/0x10 [ 28.554912] ret_from_fork_asm+0x1a/0x30 [ 28.554962] </TASK> [ 28.554979] [ 28.574270] Allocated by task 286: [ 28.574783] kasan_save_stack+0x3d/0x60 [ 28.575566] kasan_save_track+0x18/0x40 [ 28.576204] kasan_save_alloc_info+0x3b/0x50 [ 28.576659] __kasan_kmalloc+0xb7/0xc0 [ 28.577285] __kmalloc_cache_noprof+0x183/0x410 [ 28.577732] kasan_atomics+0x95/0x310 [ 28.578090] kunit_try_run_case+0x1b2/0x490 [ 28.578491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.579563] kthread+0x323/0x710 [ 28.580021] ret_from_fork+0x41/0x80 [ 28.580790] ret_from_fork_asm+0x1a/0x30 [ 28.581156] [ 28.581551] The buggy address belongs to the object at ffff888103231c00 [ 28.581551] which belongs to the cache kmalloc-64 of size 64 [ 28.582709] The buggy address is located 0 bytes to the right of [ 28.582709] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.583601] [ 28.583932] The buggy address belongs to the physical page: [ 28.584501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.584935] flags: 0x200000000000000(node=0|zone=2) [ 28.585458] page_type: f5(slab) [ 28.585973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.586657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.587351] page dumped because: kasan: bad access detected [ 28.587701] [ 28.587943] Memory state around the buggy address: [ 28.588591] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.589439] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.590047] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.590960] ^ [ 28.591554] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.592341] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.592762] ================================================================== [ 28.169595] ================================================================== [ 28.170203] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 28.170754] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.171426] [ 28.171745] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.171883] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.171933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.171992] Call Trace: [ 28.172028] <TASK> [ 28.172065] dump_stack_lvl+0x73/0xb0 [ 28.172201] print_report+0xd1/0x660 [ 28.172273] ? __virt_addr_valid+0x1db/0x2d0 [ 28.172380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.172423] kasan_report+0x104/0x140 [ 28.172457] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.172503] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.172587] kasan_check_range+0x10c/0x1c0 [ 28.172652] __kasan_check_write+0x18/0x20 [ 28.172758] kasan_atomics_helper+0x1e12/0x5450 [ 28.172866] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.172972] ? kasan_save_alloc_info+0x3b/0x50 [ 28.173058] kasan_atomics+0x1dc/0x310 [ 28.173153] ? __pfx_kasan_atomics+0x10/0x10 [ 28.173227] ? __pfx_read_tsc+0x10/0x10 [ 28.173294] ? ktime_get_ts64+0x86/0x240 [ 28.173370] kunit_try_run_case+0x1b2/0x490 [ 28.173444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.173575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.173645] ? __kthread_parkme+0x82/0x160 [ 28.173763] ? preempt_count_sub+0x50/0x80 [ 28.173904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.173987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.174062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.174155] kthread+0x323/0x710 [ 28.174224] ? trace_preempt_on+0x20/0xc0 [ 28.174295] ? __pfx_kthread+0x10/0x10 [ 28.174363] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.174426] ? calculate_sigpending+0x7b/0xa0 [ 28.174485] ? __pfx_kthread+0x10/0x10 [ 28.174524] ret_from_fork+0x41/0x80 [ 28.174562] ? __pfx_kthread+0x10/0x10 [ 28.174597] ret_from_fork_asm+0x1a/0x30 [ 28.174646] </TASK> [ 28.174664] [ 28.193868] Allocated by task 286: [ 28.194192] kasan_save_stack+0x3d/0x60 [ 28.195334] kasan_save_track+0x18/0x40 [ 28.195650] kasan_save_alloc_info+0x3b/0x50 [ 28.195966] __kasan_kmalloc+0xb7/0xc0 [ 28.196271] __kmalloc_cache_noprof+0x183/0x410 [ 28.196559] kasan_atomics+0x95/0x310 [ 28.196810] kunit_try_run_case+0x1b2/0x490 [ 28.197093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.198501] kthread+0x323/0x710 [ 28.198964] ret_from_fork+0x41/0x80 [ 28.199429] ret_from_fork_asm+0x1a/0x30 [ 28.200027] [ 28.200321] The buggy address belongs to the object at ffff888103231c00 [ 28.200321] which belongs to the cache kmalloc-64 of size 64 [ 28.202057] The buggy address is located 0 bytes to the right of [ 28.202057] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.203655] [ 28.203973] The buggy address belongs to the physical page: [ 28.204669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.205565] flags: 0x200000000000000(node=0|zone=2) [ 28.206214] page_type: f5(slab) [ 28.206634] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.207547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.208439] page dumped because: kasan: bad access detected [ 28.209131] [ 28.209455] Memory state around the buggy address: [ 28.210100] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.210918] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.211393] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.211798] ^ [ 28.212105] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.212505] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.212878] ================================================================== [ 27.105310] ================================================================== [ 27.106186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 27.106649] Read of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.107379] [ 27.107668] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.107800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.107841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.107905] Call Trace: [ 27.107954] <TASK> [ 27.107996] dump_stack_lvl+0x73/0xb0 [ 27.108077] print_report+0xd1/0x660 [ 27.108178] ? __virt_addr_valid+0x1db/0x2d0 [ 27.108304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.108419] kasan_report+0x104/0x140 [ 27.108497] ? kasan_atomics_helper+0x4a02/0x5450 [ 27.108572] ? kasan_atomics_helper+0x4a02/0x5450 [ 27.108652] __asan_report_load4_noabort+0x18/0x20 [ 27.108723] kasan_atomics_helper+0x4a02/0x5450 [ 27.108863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.108953] ? kasan_save_alloc_info+0x3b/0x50 [ 27.109042] kasan_atomics+0x1dc/0x310 [ 27.109136] ? __pfx_kasan_atomics+0x10/0x10 [ 27.109216] ? __pfx_read_tsc+0x10/0x10 [ 27.109280] ? ktime_get_ts64+0x86/0x240 [ 27.109412] kunit_try_run_case+0x1b2/0x490 [ 27.109489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.109555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.109608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.109646] ? __kthread_parkme+0x82/0x160 [ 27.109681] ? preempt_count_sub+0x50/0x80 [ 27.109765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.109842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.109909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.109976] kthread+0x323/0x710 [ 27.110036] ? trace_preempt_on+0x20/0xc0 [ 27.110107] ? __pfx_kthread+0x10/0x10 [ 27.110201] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.110270] ? calculate_sigpending+0x7b/0xa0 [ 27.110336] ? __pfx_kthread+0x10/0x10 [ 27.110406] ret_from_fork+0x41/0x80 [ 27.110475] ? __pfx_kthread+0x10/0x10 [ 27.110541] ret_from_fork_asm+0x1a/0x30 [ 27.110638] </TASK> [ 27.110673] [ 27.128511] Allocated by task 286: [ 27.128967] kasan_save_stack+0x3d/0x60 [ 27.129481] kasan_save_track+0x18/0x40 [ 27.130183] kasan_save_alloc_info+0x3b/0x50 [ 27.130868] __kasan_kmalloc+0xb7/0xc0 [ 27.132616] __kmalloc_cache_noprof+0x183/0x410 [ 27.134247] kasan_atomics+0x95/0x310 [ 27.135494] kunit_try_run_case+0x1b2/0x490 [ 27.136071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.137470] kthread+0x323/0x710 [ 27.138461] ret_from_fork+0x41/0x80 [ 27.138855] ret_from_fork_asm+0x1a/0x30 [ 27.139149] [ 27.139303] The buggy address belongs to the object at ffff888103231c00 [ 27.139303] which belongs to the cache kmalloc-64 of size 64 [ 27.139905] The buggy address is located 0 bytes to the right of [ 27.139905] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.141173] [ 27.141545] The buggy address belongs to the physical page: [ 27.142307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.143211] flags: 0x200000000000000(node=0|zone=2) [ 27.144000] page_type: f5(slab) [ 27.144515] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.145479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.146363] page dumped because: kasan: bad access detected [ 27.146908] [ 27.147215] Memory state around the buggy address: [ 27.147835] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.148238] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.148894] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.149449] ^ [ 27.149959] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.150470] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.151174] ================================================================== [ 28.374342] ================================================================== [ 28.376214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 28.378324] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.380451] [ 28.381073] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.381205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.381228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.381261] Call Trace: [ 28.381282] <TASK> [ 28.381303] dump_stack_lvl+0x73/0xb0 [ 28.381345] print_report+0xd1/0x660 [ 28.381381] ? __virt_addr_valid+0x1db/0x2d0 [ 28.381446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.381485] kasan_report+0x104/0x140 [ 28.381516] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.381551] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.381593] __asan_report_load8_noabort+0x18/0x20 [ 28.381626] kasan_atomics_helper+0x4f98/0x5450 [ 28.381661] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.381698] ? kasan_save_alloc_info+0x3b/0x50 [ 28.381838] kasan_atomics+0x1dc/0x310 [ 28.381910] ? __pfx_kasan_atomics+0x10/0x10 [ 28.382204] ? __pfx_read_tsc+0x10/0x10 [ 28.382248] ? ktime_get_ts64+0x86/0x240 [ 28.382289] kunit_try_run_case+0x1b2/0x490 [ 28.382328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.382363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.382397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.382432] ? __kthread_parkme+0x82/0x160 [ 28.382465] ? preempt_count_sub+0x50/0x80 [ 28.382504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.382540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.382575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.382611] kthread+0x323/0x710 [ 28.382642] ? trace_preempt_on+0x20/0xc0 [ 28.382677] ? __pfx_kthread+0x10/0x10 [ 28.382759] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.382798] ? calculate_sigpending+0x7b/0xa0 [ 28.382830] ? __pfx_kthread+0x10/0x10 [ 28.382866] ret_from_fork+0x41/0x80 [ 28.382902] ? __pfx_kthread+0x10/0x10 [ 28.382936] ret_from_fork_asm+0x1a/0x30 [ 28.382985] </TASK> [ 28.383002] [ 28.404338] Allocated by task 286: [ 28.404932] kasan_save_stack+0x3d/0x60 [ 28.405310] kasan_save_track+0x18/0x40 [ 28.406065] kasan_save_alloc_info+0x3b/0x50 [ 28.406506] __kasan_kmalloc+0xb7/0xc0 [ 28.407349] __kmalloc_cache_noprof+0x183/0x410 [ 28.407762] kasan_atomics+0x95/0x310 [ 28.408648] kunit_try_run_case+0x1b2/0x490 [ 28.409246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.410164] kthread+0x323/0x710 [ 28.410756] ret_from_fork+0x41/0x80 [ 28.411407] ret_from_fork_asm+0x1a/0x30 [ 28.412251] [ 28.412429] The buggy address belongs to the object at ffff888103231c00 [ 28.412429] which belongs to the cache kmalloc-64 of size 64 [ 28.413739] The buggy address is located 0 bytes to the right of [ 28.413739] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.414603] [ 28.414841] The buggy address belongs to the physical page: [ 28.415305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.415957] flags: 0x200000000000000(node=0|zone=2) [ 28.416512] page_type: f5(slab) [ 28.416935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.417556] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.418317] page dumped because: kasan: bad access detected [ 28.418822] [ 28.419082] Memory state around the buggy address: [ 28.419643] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.420291] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.421072] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.421472] ^ [ 28.422049] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.422898] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.423551] ================================================================== [ 27.064580] ================================================================== [ 27.065106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 27.065886] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.066511] [ 27.066871] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.067004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.067043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.067104] Call Trace: [ 27.067164] <TASK> [ 27.067236] dump_stack_lvl+0x73/0xb0 [ 27.067331] print_report+0xd1/0x660 [ 27.067405] ? __virt_addr_valid+0x1db/0x2d0 [ 27.067527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.067635] kasan_report+0x104/0x140 [ 27.067780] ? kasan_atomics_helper+0x1148/0x5450 [ 27.067878] ? kasan_atomics_helper+0x1148/0x5450 [ 27.067974] kasan_check_range+0x10c/0x1c0 [ 27.068051] __kasan_check_write+0x18/0x20 [ 27.068136] kasan_atomics_helper+0x1148/0x5450 [ 27.068262] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.068338] ? kasan_save_alloc_info+0x3b/0x50 [ 27.068423] kasan_atomics+0x1dc/0x310 [ 27.068496] ? __pfx_kasan_atomics+0x10/0x10 [ 27.068605] ? __pfx_read_tsc+0x10/0x10 [ 27.068688] ? ktime_get_ts64+0x86/0x240 [ 27.068818] kunit_try_run_case+0x1b2/0x490 [ 27.068897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.068964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.069082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.069175] ? __kthread_parkme+0x82/0x160 [ 27.069241] ? preempt_count_sub+0x50/0x80 [ 27.069295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.069335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.069373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.069422] kthread+0x323/0x710 [ 27.069478] ? trace_preempt_on+0x20/0xc0 [ 27.069544] ? __pfx_kthread+0x10/0x10 [ 27.069644] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.069763] ? calculate_sigpending+0x7b/0xa0 [ 27.069839] ? __pfx_kthread+0x10/0x10 [ 27.069904] ret_from_fork+0x41/0x80 [ 27.069976] ? __pfx_kthread+0x10/0x10 [ 27.070086] ret_from_fork_asm+0x1a/0x30 [ 27.070206] </TASK> [ 27.070247] [ 27.084031] Allocated by task 286: [ 27.085380] kasan_save_stack+0x3d/0x60 [ 27.085819] kasan_save_track+0x18/0x40 [ 27.086258] kasan_save_alloc_info+0x3b/0x50 [ 27.086657] __kasan_kmalloc+0xb7/0xc0 [ 27.087002] __kmalloc_cache_noprof+0x183/0x410 [ 27.090065] kasan_atomics+0x95/0x310 [ 27.090598] kunit_try_run_case+0x1b2/0x490 [ 27.091243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.091777] kthread+0x323/0x710 [ 27.092161] ret_from_fork+0x41/0x80 [ 27.092972] ret_from_fork_asm+0x1a/0x30 [ 27.093590] [ 27.093823] The buggy address belongs to the object at ffff888103231c00 [ 27.093823] which belongs to the cache kmalloc-64 of size 64 [ 27.094847] The buggy address is located 0 bytes to the right of [ 27.094847] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.095708] [ 27.096009] The buggy address belongs to the physical page: [ 27.096601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.097089] flags: 0x200000000000000(node=0|zone=2) [ 27.097680] page_type: f5(slab) [ 27.098130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.098644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.099245] page dumped because: kasan: bad access detected [ 27.099696] [ 27.100015] Memory state around the buggy address: [ 27.100513] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.101107] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.101523] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.102347] ^ [ 27.102853] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.103730] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.104186] ================================================================== [ 26.530096] ================================================================== [ 26.530749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 26.531309] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.532153] [ 26.532457] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.532610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.532651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.532713] Call Trace: [ 26.532774] <TASK> [ 26.532813] dump_stack_lvl+0x73/0xb0 [ 26.532893] print_report+0xd1/0x660 [ 26.532961] ? __virt_addr_valid+0x1db/0x2d0 [ 26.533085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.533193] kasan_report+0x104/0x140 [ 26.533260] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.533334] ? kasan_atomics_helper+0xa2b/0x5450 [ 26.533419] kasan_check_range+0x10c/0x1c0 [ 26.533496] __kasan_check_write+0x18/0x20 [ 26.533561] kasan_atomics_helper+0xa2b/0x5450 [ 26.533636] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.533712] ? kasan_save_alloc_info+0x3b/0x50 [ 26.533797] kasan_atomics+0x1dc/0x310 [ 26.533867] ? __pfx_kasan_atomics+0x10/0x10 [ 26.533991] ? __pfx_read_tsc+0x10/0x10 [ 26.534063] ? ktime_get_ts64+0x86/0x240 [ 26.534160] kunit_try_run_case+0x1b2/0x490 [ 26.534239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.534304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.534371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.534439] ? __kthread_parkme+0x82/0x160 [ 26.534506] ? preempt_count_sub+0x50/0x80 [ 26.534583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.534656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.534757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.534838] kthread+0x323/0x710 [ 26.534950] ? trace_preempt_on+0x20/0xc0 [ 26.535031] ? __pfx_kthread+0x10/0x10 [ 26.535141] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.535214] ? calculate_sigpending+0x7b/0xa0 [ 26.535278] ? __pfx_kthread+0x10/0x10 [ 26.535341] ret_from_fork+0x41/0x80 [ 26.535409] ? __pfx_kthread+0x10/0x10 [ 26.535475] ret_from_fork_asm+0x1a/0x30 [ 26.535570] </TASK> [ 26.535636] [ 26.554969] Allocated by task 286: [ 26.555474] kasan_save_stack+0x3d/0x60 [ 26.556089] kasan_save_track+0x18/0x40 [ 26.556636] kasan_save_alloc_info+0x3b/0x50 [ 26.557254] __kasan_kmalloc+0xb7/0xc0 [ 26.557801] __kmalloc_cache_noprof+0x183/0x410 [ 26.558405] kasan_atomics+0x95/0x310 [ 26.558963] kunit_try_run_case+0x1b2/0x490 [ 26.559535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.560071] kthread+0x323/0x710 [ 26.560383] ret_from_fork+0x41/0x80 [ 26.560895] ret_from_fork_asm+0x1a/0x30 [ 26.561293] [ 26.561455] The buggy address belongs to the object at ffff888103231c00 [ 26.561455] which belongs to the cache kmalloc-64 of size 64 [ 26.562519] The buggy address is located 0 bytes to the right of [ 26.562519] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.563375] [ 26.563669] The buggy address belongs to the physical page: [ 26.564292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.565028] flags: 0x200000000000000(node=0|zone=2) [ 26.565524] page_type: f5(slab) [ 26.565932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.566438] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.567174] page dumped because: kasan: bad access detected [ 26.567809] [ 26.568055] Memory state around the buggy address: [ 26.568485] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.569043] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.569729] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.570382] ^ [ 26.570884] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.571532] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.572199] ================================================================== [ 26.659411] ================================================================== [ 26.660166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 26.660876] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.661306] [ 26.661505] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.661639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.661682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.661798] Call Trace: [ 26.661841] <TASK> [ 26.661879] dump_stack_lvl+0x73/0xb0 [ 26.661965] print_report+0xd1/0x660 [ 26.662037] ? __virt_addr_valid+0x1db/0x2d0 [ 26.662191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.662275] kasan_report+0x104/0x140 [ 26.662338] ? kasan_atomics_helper+0xc70/0x5450 [ 26.662410] ? kasan_atomics_helper+0xc70/0x5450 [ 26.662492] kasan_check_range+0x10c/0x1c0 [ 26.662569] __kasan_check_write+0x18/0x20 [ 26.662632] kasan_atomics_helper+0xc70/0x5450 [ 26.662752] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.662841] ? kasan_save_alloc_info+0x3b/0x50 [ 26.662934] kasan_atomics+0x1dc/0x310 [ 26.663008] ? __pfx_kasan_atomics+0x10/0x10 [ 26.663084] ? __pfx_read_tsc+0x10/0x10 [ 26.663172] ? ktime_get_ts64+0x86/0x240 [ 26.663250] kunit_try_run_case+0x1b2/0x490 [ 26.663325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.663390] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.663458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.663525] ? __kthread_parkme+0x82/0x160 [ 26.663620] ? preempt_count_sub+0x50/0x80 [ 26.663748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.663834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.663911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.663994] kthread+0x323/0x710 [ 26.664057] ? trace_preempt_on+0x20/0xc0 [ 26.664146] ? __pfx_kthread+0x10/0x10 [ 26.664186] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.664220] ? calculate_sigpending+0x7b/0xa0 [ 26.664259] ? __pfx_kthread+0x10/0x10 [ 26.664324] ret_from_fork+0x41/0x80 [ 26.664390] ? __pfx_kthread+0x10/0x10 [ 26.664447] ret_from_fork_asm+0x1a/0x30 [ 26.664538] </TASK> [ 26.664569] [ 26.682585] Allocated by task 286: [ 26.682863] kasan_save_stack+0x3d/0x60 [ 26.683210] kasan_save_track+0x18/0x40 [ 26.683657] kasan_save_alloc_info+0x3b/0x50 [ 26.684160] __kasan_kmalloc+0xb7/0xc0 [ 26.684517] __kmalloc_cache_noprof+0x183/0x410 [ 26.685020] kasan_atomics+0x95/0x310 [ 26.685384] kunit_try_run_case+0x1b2/0x490 [ 26.685851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.686326] kthread+0x323/0x710 [ 26.686746] ret_from_fork+0x41/0x80 [ 26.687042] ret_from_fork_asm+0x1a/0x30 [ 26.687356] [ 26.687522] The buggy address belongs to the object at ffff888103231c00 [ 26.687522] which belongs to the cache kmalloc-64 of size 64 [ 26.688250] The buggy address is located 0 bytes to the right of [ 26.688250] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.689361] [ 26.689594] The buggy address belongs to the physical page: [ 26.690170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.690956] flags: 0x200000000000000(node=0|zone=2) [ 26.691464] page_type: f5(slab) [ 26.691913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.692413] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.693025] page dumped because: kasan: bad access detected [ 26.693513] [ 26.693677] Memory state around the buggy address: [ 26.694012] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.694679] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.695386] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.696107] ^ [ 26.696459] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.696906] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.697447] ================================================================== [ 27.538723] ================================================================== [ 27.539473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 27.540077] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.540773] [ 27.541514] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.541651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.541691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.541779] Call Trace: [ 27.541819] <TASK> [ 27.541860] dump_stack_lvl+0x73/0xb0 [ 27.541939] print_report+0xd1/0x660 [ 27.542012] ? __virt_addr_valid+0x1db/0x2d0 [ 27.542168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.542253] kasan_report+0x104/0x140 [ 27.542307] ? kasan_atomics_helper+0x15b6/0x5450 [ 27.542376] ? kasan_atomics_helper+0x15b6/0x5450 [ 27.542494] kasan_check_range+0x10c/0x1c0 [ 27.542582] __kasan_check_write+0x18/0x20 [ 27.542650] kasan_atomics_helper+0x15b6/0x5450 [ 27.542803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.543001] ? kasan_save_alloc_info+0x3b/0x50 [ 27.543262] kasan_atomics+0x1dc/0x310 [ 27.543466] ? __pfx_kasan_atomics+0x10/0x10 [ 27.543596] ? __pfx_read_tsc+0x10/0x10 [ 27.543687] ? ktime_get_ts64+0x86/0x240 [ 27.543769] kunit_try_run_case+0x1b2/0x490 [ 27.543847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.543918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.543994] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.544062] ? __kthread_parkme+0x82/0x160 [ 27.544152] ? preempt_count_sub+0x50/0x80 [ 27.544230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.544305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.544377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.544482] kthread+0x323/0x710 [ 27.544521] ? trace_preempt_on+0x20/0xc0 [ 27.544561] ? __pfx_kthread+0x10/0x10 [ 27.544596] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.544629] ? calculate_sigpending+0x7b/0xa0 [ 27.544662] ? __pfx_kthread+0x10/0x10 [ 27.544696] ret_from_fork+0x41/0x80 [ 27.544768] ? __pfx_kthread+0x10/0x10 [ 27.544803] ret_from_fork_asm+0x1a/0x30 [ 27.544855] </TASK> [ 27.544872] [ 27.563835] Allocated by task 286: [ 27.564416] kasan_save_stack+0x3d/0x60 [ 27.564690] kasan_save_track+0x18/0x40 [ 27.565597] kasan_save_alloc_info+0x3b/0x50 [ 27.566166] __kasan_kmalloc+0xb7/0xc0 [ 27.566678] __kmalloc_cache_noprof+0x183/0x410 [ 27.567306] kasan_atomics+0x95/0x310 [ 27.567696] kunit_try_run_case+0x1b2/0x490 [ 27.568656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.569459] kthread+0x323/0x710 [ 27.570168] ret_from_fork+0x41/0x80 [ 27.570880] ret_from_fork_asm+0x1a/0x30 [ 27.571277] [ 27.571502] The buggy address belongs to the object at ffff888103231c00 [ 27.571502] which belongs to the cache kmalloc-64 of size 64 [ 27.572554] The buggy address is located 0 bytes to the right of [ 27.572554] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.574100] [ 27.574360] The buggy address belongs to the physical page: [ 27.574868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.575553] flags: 0x200000000000000(node=0|zone=2) [ 27.576194] page_type: f5(slab) [ 27.576450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.577484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.578167] page dumped because: kasan: bad access detected [ 27.578638] [ 27.578806] Memory state around the buggy address: [ 27.579235] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.579636] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.581144] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.582082] ^ [ 27.582795] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.583429] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.584188] ================================================================== [ 28.506604] ================================================================== [ 28.507374] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 28.507967] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 28.508750] [ 28.509015] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 28.509172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.509213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.509275] Call Trace: [ 28.509313] <TASK> [ 28.509353] dump_stack_lvl+0x73/0xb0 [ 28.509431] print_report+0xd1/0x660 [ 28.509501] ? __virt_addr_valid+0x1db/0x2d0 [ 28.509631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.509711] kasan_report+0x104/0x140 [ 28.509774] ? kasan_atomics_helper+0x218a/0x5450 [ 28.509844] ? kasan_atomics_helper+0x218a/0x5450 [ 28.509929] kasan_check_range+0x10c/0x1c0 [ 28.510003] __kasan_check_write+0x18/0x20 [ 28.510064] kasan_atomics_helper+0x218a/0x5450 [ 28.510208] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.510309] ? kasan_save_alloc_info+0x3b/0x50 [ 28.510392] kasan_atomics+0x1dc/0x310 [ 28.510458] ? __pfx_kasan_atomics+0x10/0x10 [ 28.510525] ? __pfx_read_tsc+0x10/0x10 [ 28.510579] ? ktime_get_ts64+0x86/0x240 [ 28.510655] kunit_try_run_case+0x1b2/0x490 [ 28.510797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.510915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.510986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.511083] ? __kthread_parkme+0x82/0x160 [ 28.511217] ? preempt_count_sub+0x50/0x80 [ 28.511328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.511431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.511536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.511670] kthread+0x323/0x710 [ 28.511821] ? trace_preempt_on+0x20/0xc0 [ 28.511946] ? __pfx_kthread+0x10/0x10 [ 28.512049] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.512167] ? calculate_sigpending+0x7b/0xa0 [ 28.512243] ? __pfx_kthread+0x10/0x10 [ 28.512314] ret_from_fork+0x41/0x80 [ 28.512382] ? __pfx_kthread+0x10/0x10 [ 28.512449] ret_from_fork_asm+0x1a/0x30 [ 28.512542] </TASK> [ 28.512576] [ 28.525947] Allocated by task 286: [ 28.526337] kasan_save_stack+0x3d/0x60 [ 28.526925] kasan_save_track+0x18/0x40 [ 28.527333] kasan_save_alloc_info+0x3b/0x50 [ 28.527794] __kasan_kmalloc+0xb7/0xc0 [ 28.528258] __kmalloc_cache_noprof+0x183/0x410 [ 28.528768] kasan_atomics+0x95/0x310 [ 28.529197] kunit_try_run_case+0x1b2/0x490 [ 28.529586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.530089] kthread+0x323/0x710 [ 28.530465] ret_from_fork+0x41/0x80 [ 28.530894] ret_from_fork_asm+0x1a/0x30 [ 28.531390] [ 28.531643] The buggy address belongs to the object at ffff888103231c00 [ 28.531643] which belongs to the cache kmalloc-64 of size 64 [ 28.532769] The buggy address is located 0 bytes to the right of [ 28.532769] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 28.533895] [ 28.534135] The buggy address belongs to the physical page: [ 28.534650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 28.535476] flags: 0x200000000000000(node=0|zone=2) [ 28.536053] page_type: f5(slab) [ 28.536480] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.537106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.537592] page dumped because: kasan: bad access detected [ 28.537965] [ 28.539168] Memory state around the buggy address: [ 28.539952] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.542430] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.543652] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.546838] ^ [ 28.547407] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.548496] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.549249] ================================================================== [ 26.277315] ================================================================== [ 26.278286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 26.279012] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.279641] [ 26.280018] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.280334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.280475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.280573] Call Trace: [ 26.280614] <TASK> [ 26.280653] dump_stack_lvl+0x73/0xb0 [ 26.280737] print_report+0xd1/0x660 [ 26.280838] ? __virt_addr_valid+0x1db/0x2d0 [ 26.280973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.281053] kasan_report+0x104/0x140 [ 26.281139] ? kasan_atomics_helper+0x697/0x5450 [ 26.281217] ? kasan_atomics_helper+0x697/0x5450 [ 26.281302] kasan_check_range+0x10c/0x1c0 [ 26.281378] __kasan_check_write+0x18/0x20 [ 26.281441] kasan_atomics_helper+0x697/0x5450 [ 26.281544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.281626] ? kasan_save_alloc_info+0x3b/0x50 [ 26.281790] kasan_atomics+0x1dc/0x310 [ 26.282075] ? __pfx_kasan_atomics+0x10/0x10 [ 26.282304] ? __pfx_read_tsc+0x10/0x10 [ 26.282383] ? ktime_get_ts64+0x86/0x240 [ 26.282461] kunit_try_run_case+0x1b2/0x490 [ 26.282536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.282603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.282673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.282756] ? __kthread_parkme+0x82/0x160 [ 26.282825] ? preempt_count_sub+0x50/0x80 [ 26.282870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.282908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.282946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.282983] kthread+0x323/0x710 [ 26.283015] ? trace_preempt_on+0x20/0xc0 [ 26.283050] ? __pfx_kthread+0x10/0x10 [ 26.283083] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.283138] ? calculate_sigpending+0x7b/0xa0 [ 26.283173] ? __pfx_kthread+0x10/0x10 [ 26.283208] ret_from_fork+0x41/0x80 [ 26.283243] ? __pfx_kthread+0x10/0x10 [ 26.283277] ret_from_fork_asm+0x1a/0x30 [ 26.283325] </TASK> [ 26.283342] [ 26.298611] Allocated by task 286: [ 26.299147] kasan_save_stack+0x3d/0x60 [ 26.299597] kasan_save_track+0x18/0x40 [ 26.300257] kasan_save_alloc_info+0x3b/0x50 [ 26.301289] __kasan_kmalloc+0xb7/0xc0 [ 26.301712] __kmalloc_cache_noprof+0x183/0x410 [ 26.302225] kasan_atomics+0x95/0x310 [ 26.302789] kunit_try_run_case+0x1b2/0x490 [ 26.303384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.304211] kthread+0x323/0x710 [ 26.304478] ret_from_fork+0x41/0x80 [ 26.304743] ret_from_fork_asm+0x1a/0x30 [ 26.305016] [ 26.305216] The buggy address belongs to the object at ffff888103231c00 [ 26.305216] which belongs to the cache kmalloc-64 of size 64 [ 26.306641] The buggy address is located 0 bytes to the right of [ 26.306641] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.307961] [ 26.308309] The buggy address belongs to the physical page: [ 26.308847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.309645] flags: 0x200000000000000(node=0|zone=2) [ 26.310268] page_type: f5(slab) [ 26.310635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.311571] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.312431] page dumped because: kasan: bad access detected [ 26.312936] [ 26.313193] Memory state around the buggy address: [ 26.313585] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.314454] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.315050] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.315452] ^ [ 26.315777] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.316758] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.317636] ================================================================== [ 26.150719] ================================================================== [ 26.151171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 26.153514] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.154351] [ 26.155023] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.155144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.155184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.155244] Call Trace: [ 26.155277] <TASK> [ 26.155497] dump_stack_lvl+0x73/0xb0 [ 26.155570] print_report+0xd1/0x660 [ 26.155638] ? __virt_addr_valid+0x1db/0x2d0 [ 26.155713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.155788] kasan_report+0x104/0x140 [ 26.155821] ? kasan_atomics_helper+0x4b3a/0x5450 [ 26.155861] ? kasan_atomics_helper+0x4b3a/0x5450 [ 26.155905] __asan_report_store4_noabort+0x1b/0x30 [ 26.155950] kasan_atomics_helper+0x4b3a/0x5450 [ 26.155987] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.156023] ? kasan_save_alloc_info+0x3b/0x50 [ 26.156067] kasan_atomics+0x1dc/0x310 [ 26.156103] ? __pfx_kasan_atomics+0x10/0x10 [ 26.156175] ? __pfx_read_tsc+0x10/0x10 [ 26.156211] ? ktime_get_ts64+0x86/0x240 [ 26.156250] kunit_try_run_case+0x1b2/0x490 [ 26.156287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.156320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.156354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.156388] ? __kthread_parkme+0x82/0x160 [ 26.156421] ? preempt_count_sub+0x50/0x80 [ 26.156459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.156495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.156530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.156566] kthread+0x323/0x710 [ 26.156597] ? trace_preempt_on+0x20/0xc0 [ 26.156632] ? __pfx_kthread+0x10/0x10 [ 26.156665] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.156696] ? calculate_sigpending+0x7b/0xa0 [ 26.156765] ? __pfx_kthread+0x10/0x10 [ 26.156801] ret_from_fork+0x41/0x80 [ 26.156836] ? __pfx_kthread+0x10/0x10 [ 26.156871] ret_from_fork_asm+0x1a/0x30 [ 26.156920] </TASK> [ 26.156937] [ 26.174045] Allocated by task 286: [ 26.174567] kasan_save_stack+0x3d/0x60 [ 26.175100] kasan_save_track+0x18/0x40 [ 26.175570] kasan_save_alloc_info+0x3b/0x50 [ 26.176388] __kasan_kmalloc+0xb7/0xc0 [ 26.176980] __kmalloc_cache_noprof+0x183/0x410 [ 26.177326] kasan_atomics+0x95/0x310 [ 26.177762] kunit_try_run_case+0x1b2/0x490 [ 26.178219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.178587] kthread+0x323/0x710 [ 26.178977] ret_from_fork+0x41/0x80 [ 26.179404] ret_from_fork_asm+0x1a/0x30 [ 26.179773] [ 26.179969] The buggy address belongs to the object at ffff888103231c00 [ 26.179969] which belongs to the cache kmalloc-64 of size 64 [ 26.180740] The buggy address is located 0 bytes to the right of [ 26.180740] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.181776] [ 26.182000] The buggy address belongs to the physical page: [ 26.182535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.183148] flags: 0x200000000000000(node=0|zone=2) [ 26.183461] page_type: f5(slab) [ 26.183911] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.184621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.185326] page dumped because: kasan: bad access detected [ 26.185666] [ 26.185935] Memory state around the buggy address: [ 26.186329] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.186925] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.187341] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.187847] ^ [ 26.188338] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.189008] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.189660] ================================================================== [ 27.839637] ================================================================== [ 27.840578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 27.842027] Write of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.842668] [ 27.843286] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.843703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.844167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.844208] Call Trace: [ 27.844232] <TASK> [ 27.844254] dump_stack_lvl+0x73/0xb0 [ 27.844301] print_report+0xd1/0x660 [ 27.844338] ? __virt_addr_valid+0x1db/0x2d0 [ 27.844406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.844445] kasan_report+0x104/0x140 [ 27.844477] ? kasan_atomics_helper+0x19e3/0x5450 [ 27.844514] ? kasan_atomics_helper+0x19e3/0x5450 [ 27.844557] kasan_check_range+0x10c/0x1c0 [ 27.844594] __kasan_check_write+0x18/0x20 [ 27.844625] kasan_atomics_helper+0x19e3/0x5450 [ 27.844663] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.844699] ? kasan_save_alloc_info+0x3b/0x50 [ 27.844788] kasan_atomics+0x1dc/0x310 [ 27.844827] ? __pfx_kasan_atomics+0x10/0x10 [ 27.844866] ? __pfx_read_tsc+0x10/0x10 [ 27.844900] ? ktime_get_ts64+0x86/0x240 [ 27.844939] kunit_try_run_case+0x1b2/0x490 [ 27.844977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.845012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.845045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.845080] ? __kthread_parkme+0x82/0x160 [ 27.845133] ? preempt_count_sub+0x50/0x80 [ 27.845176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.845212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.845248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.845285] kthread+0x323/0x710 [ 27.845317] ? trace_preempt_on+0x20/0xc0 [ 27.845353] ? __pfx_kthread+0x10/0x10 [ 27.845387] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.845418] ? calculate_sigpending+0x7b/0xa0 [ 27.845452] ? __pfx_kthread+0x10/0x10 [ 27.845486] ret_from_fork+0x41/0x80 [ 27.845521] ? __pfx_kthread+0x10/0x10 [ 27.845555] ret_from_fork_asm+0x1a/0x30 [ 27.845603] </TASK> [ 27.845619] [ 27.865215] Allocated by task 286: [ 27.865821] kasan_save_stack+0x3d/0x60 [ 27.866358] kasan_save_track+0x18/0x40 [ 27.866770] kasan_save_alloc_info+0x3b/0x50 [ 27.867441] __kasan_kmalloc+0xb7/0xc0 [ 27.868003] __kmalloc_cache_noprof+0x183/0x410 [ 27.868511] kasan_atomics+0x95/0x310 [ 27.869081] kunit_try_run_case+0x1b2/0x490 [ 27.869544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.870184] kthread+0x323/0x710 [ 27.870574] ret_from_fork+0x41/0x80 [ 27.871037] ret_from_fork_asm+0x1a/0x30 [ 27.871624] [ 27.872033] The buggy address belongs to the object at ffff888103231c00 [ 27.872033] which belongs to the cache kmalloc-64 of size 64 [ 27.872902] The buggy address is located 0 bytes to the right of [ 27.872902] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.874061] [ 27.874315] The buggy address belongs to the physical page: [ 27.874995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.875651] flags: 0x200000000000000(node=0|zone=2) [ 27.876242] page_type: f5(slab) [ 27.876623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.877347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.878071] page dumped because: kasan: bad access detected [ 27.878604] [ 27.878913] Memory state around the buggy address: [ 27.879408] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.880102] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.880589] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.881346] ^ [ 27.881937] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.882519] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.882941] ================================================================== [ 27.329055] ================================================================== [ 27.329977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 27.331169] Read of size 8 at addr ffff888103231c30 by task kunit_try_catch/286 [ 27.331437] [ 27.331544] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 27.331644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.331665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.331697] Call Trace: [ 27.331717] <TASK> [ 27.331740] dump_stack_lvl+0x73/0xb0 [ 27.331783] print_report+0xd1/0x660 [ 27.331821] ? __virt_addr_valid+0x1db/0x2d0 [ 27.331889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.331940] kasan_report+0x104/0x140 [ 27.331971] ? kasan_atomics_helper+0x13b5/0x5450 [ 27.332008] ? kasan_atomics_helper+0x13b5/0x5450 [ 27.332050] kasan_check_range+0x10c/0x1c0 [ 27.332087] __kasan_check_read+0x15/0x20 [ 27.332221] kasan_atomics_helper+0x13b5/0x5450 [ 27.332308] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.332440] ? kasan_save_alloc_info+0x3b/0x50 [ 27.332548] kasan_atomics+0x1dc/0x310 [ 27.332699] ? __pfx_kasan_atomics+0x10/0x10 [ 27.332778] ? __pfx_read_tsc+0x10/0x10 [ 27.332920] ? ktime_get_ts64+0x86/0x240 [ 27.333008] kunit_try_run_case+0x1b2/0x490 [ 27.333086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.333176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.333247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.333314] ? __kthread_parkme+0x82/0x160 [ 27.333381] ? preempt_count_sub+0x50/0x80 [ 27.333457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.333529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.333602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.333674] kthread+0x323/0x710 [ 27.333741] ? trace_preempt_on+0x20/0xc0 [ 27.333810] ? __pfx_kthread+0x10/0x10 [ 27.333876] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.333935] ? calculate_sigpending+0x7b/0xa0 [ 27.333999] ? __pfx_kthread+0x10/0x10 [ 27.334066] ret_from_fork+0x41/0x80 [ 27.334220] ? __pfx_kthread+0x10/0x10 [ 27.334305] ret_from_fork_asm+0x1a/0x30 [ 27.334404] </TASK> [ 27.334441] [ 27.352161] Allocated by task 286: [ 27.352398] kasan_save_stack+0x3d/0x60 [ 27.352878] kasan_save_track+0x18/0x40 [ 27.353335] kasan_save_alloc_info+0x3b/0x50 [ 27.353866] __kasan_kmalloc+0xb7/0xc0 [ 27.354195] __kmalloc_cache_noprof+0x183/0x410 [ 27.354571] kasan_atomics+0x95/0x310 [ 27.355075] kunit_try_run_case+0x1b2/0x490 [ 27.355602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.356127] kthread+0x323/0x710 [ 27.356439] ret_from_fork+0x41/0x80 [ 27.356912] ret_from_fork_asm+0x1a/0x30 [ 27.357400] [ 27.357630] The buggy address belongs to the object at ffff888103231c00 [ 27.357630] which belongs to the cache kmalloc-64 of size 64 [ 27.358383] The buggy address is located 0 bytes to the right of [ 27.358383] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 27.359419] [ 27.359681] The buggy address belongs to the physical page: [ 27.360288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 27.362563] flags: 0x200000000000000(node=0|zone=2) [ 27.363042] page_type: f5(slab) [ 27.363432] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.364440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.365193] page dumped because: kasan: bad access detected [ 27.365635] [ 27.366459] Memory state around the buggy address: [ 27.366840] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.367086] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.367996] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.368520] ^ [ 27.369080] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.369885] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.370563] ================================================================== [ 26.816978] ================================================================== [ 26.817647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 26.818371] Write of size 4 at addr ffff888103231c30 by task kunit_try_catch/286 [ 26.819077] [ 26.819358] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 26.819494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.819532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.819617] Call Trace: [ 26.819657] <TASK> [ 26.819695] dump_stack_lvl+0x73/0xb0 [ 26.819978] print_report+0xd1/0x660 [ 26.820424] ? __virt_addr_valid+0x1db/0x2d0 [ 26.821065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.821219] kasan_report+0x104/0x140 [ 26.821289] ? kasan_atomics_helper+0xe78/0x5450 [ 26.821363] ? kasan_atomics_helper+0xe78/0x5450 [ 26.821449] kasan_check_range+0x10c/0x1c0 [ 26.821523] __kasan_check_write+0x18/0x20 [ 26.821589] kasan_atomics_helper+0xe78/0x5450 [ 26.821660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.822184] ? kasan_save_alloc_info+0x3b/0x50 [ 26.822297] kasan_atomics+0x1dc/0x310 [ 26.822376] ? __pfx_kasan_atomics+0x10/0x10 [ 26.822431] ? __pfx_read_tsc+0x10/0x10 [ 26.822469] ? ktime_get_ts64+0x86/0x240 [ 26.822509] kunit_try_run_case+0x1b2/0x490 [ 26.822547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.822582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.822616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.822650] ? __kthread_parkme+0x82/0x160 [ 26.822684] ? preempt_count_sub+0x50/0x80 [ 26.822776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.822817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.822855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.822891] kthread+0x323/0x710 [ 26.822923] ? trace_preempt_on+0x20/0xc0 [ 26.822959] ? __pfx_kthread+0x10/0x10 [ 26.822994] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.823025] ? calculate_sigpending+0x7b/0xa0 [ 26.823058] ? __pfx_kthread+0x10/0x10 [ 26.823093] ret_from_fork+0x41/0x80 [ 26.823150] ? __pfx_kthread+0x10/0x10 [ 26.823185] ret_from_fork_asm+0x1a/0x30 [ 26.823234] </TASK> [ 26.823251] [ 26.831973] Allocated by task 286: [ 26.832241] kasan_save_stack+0x3d/0x60 [ 26.832523] kasan_save_track+0x18/0x40 [ 26.832828] kasan_save_alloc_info+0x3b/0x50 [ 26.833155] __kasan_kmalloc+0xb7/0xc0 [ 26.833439] __kmalloc_cache_noprof+0x183/0x410 [ 26.833742] kasan_atomics+0x95/0x310 [ 26.834020] kunit_try_run_case+0x1b2/0x490 [ 26.834341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.834679] kthread+0x323/0x710 [ 26.835152] ret_from_fork+0x41/0x80 [ 26.835657] ret_from_fork_asm+0x1a/0x30 [ 26.836216] [ 26.836470] The buggy address belongs to the object at ffff888103231c00 [ 26.836470] which belongs to the cache kmalloc-64 of size 64 [ 26.837681] The buggy address is located 0 bytes to the right of [ 26.837681] allocated 48-byte region [ffff888103231c00, ffff888103231c30) [ 26.839086] [ 26.839372] The buggy address belongs to the physical page: [ 26.840205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103231 [ 26.841035] flags: 0x200000000000000(node=0|zone=2) [ 26.841627] page_type: f5(slab) [ 26.842237] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.843204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.844219] page dumped because: kasan: bad access detected [ 26.844854] [ 26.845133] Memory state around the buggy address: [ 26.845674] ffff888103231b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.846427] ffff888103231b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.847453] >ffff888103231c00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.848360] ^ [ 26.849002] ffff888103231c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.849767] ffff888103231d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.850530] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 25.719082] ================================================================== [ 25.719554] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.720566] Read of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.721315] [ 25.721641] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.721814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.721853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.721909] Call Trace: [ 25.721941] <TASK> [ 25.721975] dump_stack_lvl+0x73/0xb0 [ 25.722052] print_report+0xd1/0x660 [ 25.722136] ? __virt_addr_valid+0x1db/0x2d0 [ 25.722259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.722336] kasan_report+0x104/0x140 [ 25.722455] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.722626] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.722799] kasan_check_range+0x10c/0x1c0 [ 25.722883] __kasan_check_read+0x15/0x20 [ 25.722944] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.723042] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.723198] ? kasan_save_alloc_info+0x3b/0x50 [ 25.723314] ? kasan_save_stack+0x3d/0x60 [ 25.723393] kasan_bitops_generic+0x121/0x1c0 [ 25.723469] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.723546] ? __pfx_read_tsc+0x10/0x10 [ 25.723618] ? ktime_get_ts64+0x86/0x240 [ 25.723671] kunit_try_run_case+0x1b2/0x490 [ 25.723759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.723797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.723832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.723865] ? __kthread_parkme+0x82/0x160 [ 25.723896] ? preempt_count_sub+0x50/0x80 [ 25.723934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.723980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.724013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.724048] kthread+0x323/0x710 [ 25.724078] ? trace_preempt_on+0x20/0xc0 [ 25.724135] ? __pfx_kthread+0x10/0x10 [ 25.724170] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.724198] ? calculate_sigpending+0x7b/0xa0 [ 25.724230] ? __pfx_kthread+0x10/0x10 [ 25.724263] ret_from_fork+0x41/0x80 [ 25.724294] ? __pfx_kthread+0x10/0x10 [ 25.724326] ret_from_fork_asm+0x1a/0x30 [ 25.724373] </TASK> [ 25.724387] [ 25.738569] Allocated by task 282: [ 25.738821] kasan_save_stack+0x3d/0x60 [ 25.739351] kasan_save_track+0x18/0x40 [ 25.739800] kasan_save_alloc_info+0x3b/0x50 [ 25.740371] __kasan_kmalloc+0xb7/0xc0 [ 25.741105] __kmalloc_cache_noprof+0x183/0x410 [ 25.741676] kasan_bitops_generic+0x92/0x1c0 [ 25.742199] kunit_try_run_case+0x1b2/0x490 [ 25.742700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.743242] kthread+0x323/0x710 [ 25.743508] ret_from_fork+0x41/0x80 [ 25.743785] ret_from_fork_asm+0x1a/0x30 [ 25.744070] [ 25.744315] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.744315] which belongs to the cache kmalloc-16 of size 16 [ 25.745459] The buggy address is located 8 bytes inside of [ 25.745459] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.746650] [ 25.747673] The buggy address belongs to the physical page: [ 25.748940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.750601] flags: 0x200000000000000(node=0|zone=2) [ 25.751546] page_type: f5(slab) [ 25.751864] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.753884] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.754300] page dumped because: kasan: bad access detected [ 25.754598] [ 25.755140] Memory state around the buggy address: [ 25.755752] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.756425] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.757144] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.757885] ^ [ 25.758367] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.759062] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.759867] ================================================================== [ 25.449215] ================================================================== [ 25.450408] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.451981] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.452608] [ 25.452888] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.453066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.453146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.453201] Call Trace: [ 25.453235] <TASK> [ 25.453270] dump_stack_lvl+0x73/0xb0 [ 25.453345] print_report+0xd1/0x660 [ 25.453410] ? __virt_addr_valid+0x1db/0x2d0 [ 25.453534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.453607] kasan_report+0x104/0x140 [ 25.453665] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.453749] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.453844] kasan_check_range+0x10c/0x1c0 [ 25.453915] __kasan_check_write+0x18/0x20 [ 25.453975] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.454055] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.454155] ? kasan_save_alloc_info+0x3b/0x50 [ 25.454227] ? kasan_save_stack+0x3d/0x60 [ 25.454339] kasan_bitops_generic+0x121/0x1c0 [ 25.454444] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.454544] ? __pfx_read_tsc+0x10/0x10 [ 25.454616] ? ktime_get_ts64+0x86/0x240 [ 25.454719] kunit_try_run_case+0x1b2/0x490 [ 25.454817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.454942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.455044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.455129] ? __kthread_parkme+0x82/0x160 [ 25.455197] ? preempt_count_sub+0x50/0x80 [ 25.455269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.455340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.455409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.455475] kthread+0x323/0x710 [ 25.455536] ? trace_preempt_on+0x20/0xc0 [ 25.455630] ? __pfx_kthread+0x10/0x10 [ 25.455694] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.455786] ? calculate_sigpending+0x7b/0xa0 [ 25.455854] ? __pfx_kthread+0x10/0x10 [ 25.455913] ret_from_fork+0x41/0x80 [ 25.455981] ? __pfx_kthread+0x10/0x10 [ 25.456042] ret_from_fork_asm+0x1a/0x30 [ 25.456236] </TASK> [ 25.456275] [ 25.471967] Allocated by task 282: [ 25.472495] kasan_save_stack+0x3d/0x60 [ 25.472783] kasan_save_track+0x18/0x40 [ 25.473082] kasan_save_alloc_info+0x3b/0x50 [ 25.473859] __kasan_kmalloc+0xb7/0xc0 [ 25.474392] __kmalloc_cache_noprof+0x183/0x410 [ 25.475055] kasan_bitops_generic+0x92/0x1c0 [ 25.475467] kunit_try_run_case+0x1b2/0x490 [ 25.476048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.476498] kthread+0x323/0x710 [ 25.476967] ret_from_fork+0x41/0x80 [ 25.477339] ret_from_fork_asm+0x1a/0x30 [ 25.477636] [ 25.477914] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.477914] which belongs to the cache kmalloc-16 of size 16 [ 25.481222] The buggy address is located 8 bytes inside of [ 25.481222] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.482063] [ 25.482253] The buggy address belongs to the physical page: [ 25.482567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.482987] flags: 0x200000000000000(node=0|zone=2) [ 25.485619] page_type: f5(slab) [ 25.486406] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.487792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.488497] page dumped because: kasan: bad access detected [ 25.490259] [ 25.490491] Memory state around the buggy address: [ 25.491494] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.492499] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.493207] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.493983] ^ [ 25.494509] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.495181] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.495801] ================================================================== [ 25.761098] ================================================================== [ 25.761908] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.762594] Read of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.763339] [ 25.763665] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.763888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.763951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.764023] Call Trace: [ 25.764055] <TASK> [ 25.764086] dump_stack_lvl+0x73/0xb0 [ 25.764186] print_report+0xd1/0x660 [ 25.764316] ? __virt_addr_valid+0x1db/0x2d0 [ 25.764466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.764540] kasan_report+0x104/0x140 [ 25.764601] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.764789] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.764905] __asan_report_load8_noabort+0x18/0x20 [ 25.764972] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.765104] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.765232] ? kasan_save_alloc_info+0x3b/0x50 [ 25.765305] ? kasan_save_stack+0x3d/0x60 [ 25.765374] kasan_bitops_generic+0x121/0x1c0 [ 25.765443] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.765607] ? __pfx_read_tsc+0x10/0x10 [ 25.765675] ? ktime_get_ts64+0x86/0x240 [ 25.765797] kunit_try_run_case+0x1b2/0x490 [ 25.765922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.766023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.766092] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.766174] ? __kthread_parkme+0x82/0x160 [ 25.766233] ? preempt_count_sub+0x50/0x80 [ 25.766356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.766470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.766588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.766662] kthread+0x323/0x710 [ 25.766853] ? trace_preempt_on+0x20/0xc0 [ 25.766924] ? __pfx_kthread+0x10/0x10 [ 25.766975] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.767008] ? calculate_sigpending+0x7b/0xa0 [ 25.767040] ? __pfx_kthread+0x10/0x10 [ 25.767074] ret_from_fork+0x41/0x80 [ 25.767105] ? __pfx_kthread+0x10/0x10 [ 25.767164] ret_from_fork_asm+0x1a/0x30 [ 25.767212] </TASK> [ 25.767230] [ 25.782459] Allocated by task 282: [ 25.782695] kasan_save_stack+0x3d/0x60 [ 25.783753] kasan_save_track+0x18/0x40 [ 25.784088] kasan_save_alloc_info+0x3b/0x50 [ 25.785540] __kasan_kmalloc+0xb7/0xc0 [ 25.786572] __kmalloc_cache_noprof+0x183/0x410 [ 25.788042] kasan_bitops_generic+0x92/0x1c0 [ 25.788530] kunit_try_run_case+0x1b2/0x490 [ 25.788880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.792266] kthread+0x323/0x710 [ 25.792654] ret_from_fork+0x41/0x80 [ 25.793225] ret_from_fork_asm+0x1a/0x30 [ 25.793699] [ 25.793898] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.793898] which belongs to the cache kmalloc-16 of size 16 [ 25.794498] The buggy address is located 8 bytes inside of [ 25.794498] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.796211] [ 25.797555] The buggy address belongs to the physical page: [ 25.797924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.799078] flags: 0x200000000000000(node=0|zone=2) [ 25.800095] page_type: f5(slab) [ 25.800480] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.801239] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.801741] page dumped because: kasan: bad access detected [ 25.802056] [ 25.802215] Memory state around the buggy address: [ 25.802476] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.804083] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.804807] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.805529] ^ [ 25.806098] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.806873] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.807450] ================================================================== [ 25.666986] ================================================================== [ 25.667693] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.670900] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.671476] [ 25.671682] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.672084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.672141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.672442] Call Trace: [ 25.672492] <TASK> [ 25.672528] dump_stack_lvl+0x73/0xb0 [ 25.672913] print_report+0xd1/0x660 [ 25.672991] ? __virt_addr_valid+0x1db/0x2d0 [ 25.674528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.674582] kasan_report+0x104/0x140 [ 25.674614] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.674657] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.674711] kasan_check_range+0x10c/0x1c0 [ 25.674783] __kasan_check_write+0x18/0x20 [ 25.674814] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.674854] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.674896] ? kasan_save_alloc_info+0x3b/0x50 [ 25.674933] ? kasan_save_stack+0x3d/0x60 [ 25.674971] kasan_bitops_generic+0x121/0x1c0 [ 25.675006] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.675042] ? __pfx_read_tsc+0x10/0x10 [ 25.675073] ? ktime_get_ts64+0x86/0x240 [ 25.675126] kunit_try_run_case+0x1b2/0x490 [ 25.675164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.675196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.675228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.675259] ? __kthread_parkme+0x82/0x160 [ 25.675291] ? preempt_count_sub+0x50/0x80 [ 25.675328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.675362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.675396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.675429] kthread+0x323/0x710 [ 25.675458] ? trace_preempt_on+0x20/0xc0 [ 25.675492] ? __pfx_kthread+0x10/0x10 [ 25.675523] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.675552] ? calculate_sigpending+0x7b/0xa0 [ 25.675583] ? __pfx_kthread+0x10/0x10 [ 25.675641] ret_from_fork+0x41/0x80 [ 25.675673] ? __pfx_kthread+0x10/0x10 [ 25.675709] ret_from_fork_asm+0x1a/0x30 [ 25.675837] </TASK> [ 25.675871] [ 25.697499] Allocated by task 282: [ 25.697738] kasan_save_stack+0x3d/0x60 [ 25.698181] kasan_save_track+0x18/0x40 [ 25.698542] kasan_save_alloc_info+0x3b/0x50 [ 25.699072] __kasan_kmalloc+0xb7/0xc0 [ 25.700249] __kmalloc_cache_noprof+0x183/0x410 [ 25.700689] kasan_bitops_generic+0x92/0x1c0 [ 25.701442] kunit_try_run_case+0x1b2/0x490 [ 25.702193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.702794] kthread+0x323/0x710 [ 25.703232] ret_from_fork+0x41/0x80 [ 25.703978] ret_from_fork_asm+0x1a/0x30 [ 25.704269] [ 25.704973] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.704973] which belongs to the cache kmalloc-16 of size 16 [ 25.705721] The buggy address is located 8 bytes inside of [ 25.705721] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.707143] [ 25.707425] The buggy address belongs to the physical page: [ 25.708838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.709331] flags: 0x200000000000000(node=0|zone=2) [ 25.709868] page_type: f5(slab) [ 25.710742] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.711302] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.712167] page dumped because: kasan: bad access detected [ 25.712725] [ 25.713332] Memory state around the buggy address: [ 25.713803] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.714676] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.715483] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.716094] ^ [ 25.716431] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717079] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717636] ================================================================== [ 25.538962] ================================================================== [ 25.539730] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.540567] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.543202] [ 25.543391] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.543519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.543555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.543622] Call Trace: [ 25.543645] <TASK> [ 25.543667] dump_stack_lvl+0x73/0xb0 [ 25.543722] print_report+0xd1/0x660 [ 25.543822] ? __virt_addr_valid+0x1db/0x2d0 [ 25.543914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.543966] kasan_report+0x104/0x140 [ 25.543997] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.544040] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.544090] kasan_check_range+0x10c/0x1c0 [ 25.544145] __kasan_check_write+0x18/0x20 [ 25.544176] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.544216] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.544258] ? kasan_save_alloc_info+0x3b/0x50 [ 25.544292] ? kasan_save_stack+0x3d/0x60 [ 25.544330] kasan_bitops_generic+0x121/0x1c0 [ 25.544366] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.544404] ? __pfx_read_tsc+0x10/0x10 [ 25.544432] ? ktime_get_ts64+0x86/0x240 [ 25.544469] kunit_try_run_case+0x1b2/0x490 [ 25.544503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.544534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.544565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.544598] ? __kthread_parkme+0x82/0x160 [ 25.544628] ? preempt_count_sub+0x50/0x80 [ 25.544664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.544697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.544781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.544848] kthread+0x323/0x710 [ 25.544903] ? trace_preempt_on+0x20/0xc0 [ 25.544967] ? __pfx_kthread+0x10/0x10 [ 25.545030] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.545090] ? calculate_sigpending+0x7b/0xa0 [ 25.545181] ? __pfx_kthread+0x10/0x10 [ 25.545247] ret_from_fork+0x41/0x80 [ 25.545310] ? __pfx_kthread+0x10/0x10 [ 25.545373] ret_from_fork_asm+0x1a/0x30 [ 25.545468] </TASK> [ 25.545498] [ 25.559859] Allocated by task 282: [ 25.560258] kasan_save_stack+0x3d/0x60 [ 25.560589] kasan_save_track+0x18/0x40 [ 25.561127] kasan_save_alloc_info+0x3b/0x50 [ 25.561536] __kasan_kmalloc+0xb7/0xc0 [ 25.562039] __kmalloc_cache_noprof+0x183/0x410 [ 25.562461] kasan_bitops_generic+0x92/0x1c0 [ 25.562856] kunit_try_run_case+0x1b2/0x490 [ 25.563335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.564014] kthread+0x323/0x710 [ 25.564313] ret_from_fork+0x41/0x80 [ 25.564723] ret_from_fork_asm+0x1a/0x30 [ 25.565133] [ 25.565391] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.565391] which belongs to the cache kmalloc-16 of size 16 [ 25.566328] The buggy address is located 8 bytes inside of [ 25.566328] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.567416] [ 25.567665] The buggy address belongs to the physical page: [ 25.568089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.568852] flags: 0x200000000000000(node=0|zone=2) [ 25.569359] page_type: f5(slab) [ 25.569720] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.570470] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.571407] page dumped because: kasan: bad access detected [ 25.573045] [ 25.573289] Memory state around the buggy address: [ 25.573766] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.574183] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.574568] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.574935] ^ [ 25.576812] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.578019] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.579305] ================================================================== [ 25.411179] ================================================================== [ 25.411922] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.412829] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.413558] [ 25.413883] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.413994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.414065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.414140] Call Trace: [ 25.414223] <TASK> [ 25.414266] dump_stack_lvl+0x73/0xb0 [ 25.414369] print_report+0xd1/0x660 [ 25.414435] ? __virt_addr_valid+0x1db/0x2d0 [ 25.414551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.414624] kasan_report+0x104/0x140 [ 25.414767] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.414900] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.414997] kasan_check_range+0x10c/0x1c0 [ 25.415071] __kasan_check_write+0x18/0x20 [ 25.415207] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.415352] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.415464] ? kasan_save_alloc_info+0x3b/0x50 [ 25.415536] ? kasan_save_stack+0x3d/0x60 [ 25.415621] kasan_bitops_generic+0x121/0x1c0 [ 25.415661] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.415719] ? __pfx_read_tsc+0x10/0x10 [ 25.415836] ? ktime_get_ts64+0x86/0x240 [ 25.415951] kunit_try_run_case+0x1b2/0x490 [ 25.416005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.416040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.416072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.416104] ? __kthread_parkme+0x82/0x160 [ 25.416159] ? preempt_count_sub+0x50/0x80 [ 25.416196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.416231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.416264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.416297] kthread+0x323/0x710 [ 25.416327] ? trace_preempt_on+0x20/0xc0 [ 25.416361] ? __pfx_kthread+0x10/0x10 [ 25.416393] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.416423] ? calculate_sigpending+0x7b/0xa0 [ 25.416454] ? __pfx_kthread+0x10/0x10 [ 25.416486] ret_from_fork+0x41/0x80 [ 25.416517] ? __pfx_kthread+0x10/0x10 [ 25.416548] ret_from_fork_asm+0x1a/0x30 [ 25.416595] </TASK> [ 25.416610] [ 25.431047] Allocated by task 282: [ 25.431496] kasan_save_stack+0x3d/0x60 [ 25.431927] kasan_save_track+0x18/0x40 [ 25.432440] kasan_save_alloc_info+0x3b/0x50 [ 25.432949] __kasan_kmalloc+0xb7/0xc0 [ 25.433309] __kmalloc_cache_noprof+0x183/0x410 [ 25.433744] kasan_bitops_generic+0x92/0x1c0 [ 25.434292] kunit_try_run_case+0x1b2/0x490 [ 25.434860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.435347] kthread+0x323/0x710 [ 25.435786] ret_from_fork+0x41/0x80 [ 25.436228] ret_from_fork_asm+0x1a/0x30 [ 25.436714] [ 25.437022] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.437022] which belongs to the cache kmalloc-16 of size 16 [ 25.437926] The buggy address is located 8 bytes inside of [ 25.437926] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.438908] [ 25.439232] The buggy address belongs to the physical page: [ 25.439674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.440220] flags: 0x200000000000000(node=0|zone=2) [ 25.440622] page_type: f5(slab) [ 25.441004] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.442058] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.442740] page dumped because: kasan: bad access detected [ 25.443259] [ 25.443476] Memory state around the buggy address: [ 25.444092] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.444839] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.445532] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.446497] ^ [ 25.447093] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.447677] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.448272] ================================================================== [ 25.581049] ================================================================== [ 25.582056] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.582846] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.584611] [ 25.584858] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.584979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.585016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.585071] Call Trace: [ 25.585103] <TASK> [ 25.585163] dump_stack_lvl+0x73/0xb0 [ 25.585240] print_report+0xd1/0x660 [ 25.585303] ? __virt_addr_valid+0x1db/0x2d0 [ 25.585953] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.586035] kasan_report+0x104/0x140 [ 25.586091] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.586195] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.586276] kasan_check_range+0x10c/0x1c0 [ 25.586315] __kasan_check_write+0x18/0x20 [ 25.586345] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.586385] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.586429] ? kasan_save_alloc_info+0x3b/0x50 [ 25.586463] ? kasan_save_stack+0x3d/0x60 [ 25.586501] kasan_bitops_generic+0x121/0x1c0 [ 25.586537] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.586573] ? __pfx_read_tsc+0x10/0x10 [ 25.586603] ? ktime_get_ts64+0x86/0x240 [ 25.586640] kunit_try_run_case+0x1b2/0x490 [ 25.586674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.586709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.586772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.586805] ? __kthread_parkme+0x82/0x160 [ 25.586836] ? preempt_count_sub+0x50/0x80 [ 25.586872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.586906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.586941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.586975] kthread+0x323/0x710 [ 25.587003] ? trace_preempt_on+0x20/0xc0 [ 25.587037] ? __pfx_kthread+0x10/0x10 [ 25.587069] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.587099] ? calculate_sigpending+0x7b/0xa0 [ 25.587154] ? __pfx_kthread+0x10/0x10 [ 25.587187] ret_from_fork+0x41/0x80 [ 25.587218] ? __pfx_kthread+0x10/0x10 [ 25.587249] ret_from_fork_asm+0x1a/0x30 [ 25.587296] </TASK> [ 25.587312] [ 25.607353] Allocated by task 282: [ 25.607736] kasan_save_stack+0x3d/0x60 [ 25.608064] kasan_save_track+0x18/0x40 [ 25.608499] kasan_save_alloc_info+0x3b/0x50 [ 25.608901] __kasan_kmalloc+0xb7/0xc0 [ 25.610058] __kmalloc_cache_noprof+0x183/0x410 [ 25.610679] kasan_bitops_generic+0x92/0x1c0 [ 25.611298] kunit_try_run_case+0x1b2/0x490 [ 25.611724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.612588] kthread+0x323/0x710 [ 25.613198] ret_from_fork+0x41/0x80 [ 25.613627] ret_from_fork_asm+0x1a/0x30 [ 25.614035] [ 25.614231] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.614231] which belongs to the cache kmalloc-16 of size 16 [ 25.614998] The buggy address is located 8 bytes inside of [ 25.614998] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.616610] [ 25.617292] The buggy address belongs to the physical page: [ 25.617942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.618546] flags: 0x200000000000000(node=0|zone=2) [ 25.618991] page_type: f5(slab) [ 25.619833] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.620411] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.621404] page dumped because: kasan: bad access detected [ 25.622084] [ 25.622281] Memory state around the buggy address: [ 25.622729] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.623725] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.624259] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.625086] ^ [ 25.625550] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.626290] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.627293] ================================================================== [ 25.496646] ================================================================== [ 25.497793] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.498328] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.498779] [ 25.499036] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.499221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.499258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.499344] Call Trace: [ 25.499380] <TASK> [ 25.499416] dump_stack_lvl+0x73/0xb0 [ 25.499493] print_report+0xd1/0x660 [ 25.499560] ? __virt_addr_valid+0x1db/0x2d0 [ 25.499712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.499793] kasan_report+0x104/0x140 [ 25.499854] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.499950] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.500047] kasan_check_range+0x10c/0x1c0 [ 25.500137] __kasan_check_write+0x18/0x20 [ 25.500204] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.500288] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.500611] ? kasan_save_alloc_info+0x3b/0x50 [ 25.500711] ? kasan_save_stack+0x3d/0x60 [ 25.500845] kasan_bitops_generic+0x121/0x1c0 [ 25.500931] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.501045] ? __pfx_read_tsc+0x10/0x10 [ 25.501145] ? ktime_get_ts64+0x86/0x240 [ 25.501223] kunit_try_run_case+0x1b2/0x490 [ 25.501292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.501353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.501391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.501426] ? __kthread_parkme+0x82/0x160 [ 25.501460] ? preempt_count_sub+0x50/0x80 [ 25.501497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.501532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.501568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.501603] kthread+0x323/0x710 [ 25.501633] ? trace_preempt_on+0x20/0xc0 [ 25.501667] ? __pfx_kthread+0x10/0x10 [ 25.501700] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.501770] ? calculate_sigpending+0x7b/0xa0 [ 25.501806] ? __pfx_kthread+0x10/0x10 [ 25.501840] ret_from_fork+0x41/0x80 [ 25.501873] ? __pfx_kthread+0x10/0x10 [ 25.501906] ret_from_fork_asm+0x1a/0x30 [ 25.501954] </TASK> [ 25.501970] [ 25.516226] Allocated by task 282: [ 25.516652] kasan_save_stack+0x3d/0x60 [ 25.517188] kasan_save_track+0x18/0x40 [ 25.517636] kasan_save_alloc_info+0x3b/0x50 [ 25.519137] __kasan_kmalloc+0xb7/0xc0 [ 25.519405] __kmalloc_cache_noprof+0x183/0x410 [ 25.522486] kasan_bitops_generic+0x92/0x1c0 [ 25.523056] kunit_try_run_case+0x1b2/0x490 [ 25.523660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.524339] kthread+0x323/0x710 [ 25.524586] ret_from_fork+0x41/0x80 [ 25.524895] ret_from_fork_asm+0x1a/0x30 [ 25.525378] [ 25.525528] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.525528] which belongs to the cache kmalloc-16 of size 16 [ 25.526143] The buggy address is located 8 bytes inside of [ 25.526143] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.526722] [ 25.526870] The buggy address belongs to the physical page: [ 25.527179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.527943] flags: 0x200000000000000(node=0|zone=2) [ 25.528440] page_type: f5(slab) [ 25.528882] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.531022] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.531470] page dumped because: kasan: bad access detected [ 25.532501] [ 25.532659] Memory state around the buggy address: [ 25.533277] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.533923] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.534344] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.534827] ^ [ 25.535240] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.535923] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.536873] ================================================================== [ 25.628471] ================================================================== [ 25.630172] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.630883] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.631370] [ 25.631565] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.631723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.632499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.632534] Call Trace: [ 25.632553] <TASK> [ 25.632574] dump_stack_lvl+0x73/0xb0 [ 25.632617] print_report+0xd1/0x660 [ 25.632650] ? __virt_addr_valid+0x1db/0x2d0 [ 25.632720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.632796] kasan_report+0x104/0x140 [ 25.632826] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.632870] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.632917] kasan_check_range+0x10c/0x1c0 [ 25.632953] __kasan_check_write+0x18/0x20 [ 25.632981] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.633021] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.633063] ? kasan_save_alloc_info+0x3b/0x50 [ 25.633096] ? kasan_save_stack+0x3d/0x60 [ 25.633155] kasan_bitops_generic+0x121/0x1c0 [ 25.633191] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.633226] ? __pfx_read_tsc+0x10/0x10 [ 25.633257] ? ktime_get_ts64+0x86/0x240 [ 25.633293] kunit_try_run_case+0x1b2/0x490 [ 25.633326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.633358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.633389] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.633420] ? __kthread_parkme+0x82/0x160 [ 25.633451] ? preempt_count_sub+0x50/0x80 [ 25.633486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.633519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.633553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.633587] kthread+0x323/0x710 [ 25.633617] ? trace_preempt_on+0x20/0xc0 [ 25.633651] ? __pfx_kthread+0x10/0x10 [ 25.633682] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.633719] ? calculate_sigpending+0x7b/0xa0 [ 25.633774] ? __pfx_kthread+0x10/0x10 [ 25.633806] ret_from_fork+0x41/0x80 [ 25.633838] ? __pfx_kthread+0x10/0x10 [ 25.633870] ret_from_fork_asm+0x1a/0x30 [ 25.633917] </TASK> [ 25.633932] [ 25.648908] Allocated by task 282: [ 25.649162] kasan_save_stack+0x3d/0x60 [ 25.649582] kasan_save_track+0x18/0x40 [ 25.650170] kasan_save_alloc_info+0x3b/0x50 [ 25.650539] __kasan_kmalloc+0xb7/0xc0 [ 25.650879] __kmalloc_cache_noprof+0x183/0x410 [ 25.651420] kasan_bitops_generic+0x92/0x1c0 [ 25.652007] kunit_try_run_case+0x1b2/0x490 [ 25.652326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.652660] kthread+0x323/0x710 [ 25.653027] ret_from_fork+0x41/0x80 [ 25.653477] ret_from_fork_asm+0x1a/0x30 [ 25.653890] [ 25.654190] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.654190] which belongs to the cache kmalloc-16 of size 16 [ 25.655058] The buggy address is located 8 bytes inside of [ 25.655058] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.655784] [ 25.656023] The buggy address belongs to the physical page: [ 25.656594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.657562] flags: 0x200000000000000(node=0|zone=2) [ 25.658306] page_type: f5(slab) [ 25.658606] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.659008] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.659725] page dumped because: kasan: bad access detected [ 25.660350] [ 25.660609] Memory state around the buggy address: [ 25.661159] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.661539] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.661912] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.662460] ^ [ 25.662928] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.663798] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.664555] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 25.097077] ================================================================== [ 25.097522] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.098558] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.099385] [ 25.100164] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.100303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.100342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.100398] Call Trace: [ 25.100433] <TASK> [ 25.100486] dump_stack_lvl+0x73/0xb0 [ 25.100594] print_report+0xd1/0x660 [ 25.100667] ? __virt_addr_valid+0x1db/0x2d0 [ 25.101031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.101135] kasan_report+0x104/0x140 [ 25.101201] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.101245] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.101293] kasan_check_range+0x10c/0x1c0 [ 25.101329] __kasan_check_write+0x18/0x20 [ 25.101358] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.101397] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.101436] ? kasan_save_alloc_info+0x3b/0x50 [ 25.101470] ? kasan_save_stack+0x3d/0x60 [ 25.101508] kasan_bitops_generic+0x116/0x1c0 [ 25.101542] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.101579] ? __pfx_read_tsc+0x10/0x10 [ 25.101612] ? ktime_get_ts64+0x86/0x240 [ 25.101648] kunit_try_run_case+0x1b2/0x490 [ 25.101753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.101815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.101897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.101932] ? __kthread_parkme+0x82/0x160 [ 25.101964] ? preempt_count_sub+0x50/0x80 [ 25.102001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.102037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.102072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.102106] kthread+0x323/0x710 [ 25.102160] ? trace_preempt_on+0x20/0xc0 [ 25.102196] ? __pfx_kthread+0x10/0x10 [ 25.102227] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.102257] ? calculate_sigpending+0x7b/0xa0 [ 25.102289] ? __pfx_kthread+0x10/0x10 [ 25.102321] ret_from_fork+0x41/0x80 [ 25.102353] ? __pfx_kthread+0x10/0x10 [ 25.102384] ret_from_fork_asm+0x1a/0x30 [ 25.102432] </TASK> [ 25.102448] [ 25.121954] Allocated by task 282: [ 25.122305] kasan_save_stack+0x3d/0x60 [ 25.122659] kasan_save_track+0x18/0x40 [ 25.123371] kasan_save_alloc_info+0x3b/0x50 [ 25.124103] __kasan_kmalloc+0xb7/0xc0 [ 25.124584] __kmalloc_cache_noprof+0x183/0x410 [ 25.125185] kasan_bitops_generic+0x92/0x1c0 [ 25.125932] kunit_try_run_case+0x1b2/0x490 [ 25.126574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.127350] kthread+0x323/0x710 [ 25.127879] ret_from_fork+0x41/0x80 [ 25.128430] ret_from_fork_asm+0x1a/0x30 [ 25.128916] [ 25.129250] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.129250] which belongs to the cache kmalloc-16 of size 16 [ 25.130574] The buggy address is located 8 bytes inside of [ 25.130574] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.132106] [ 25.132393] The buggy address belongs to the physical page: [ 25.132885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.133845] flags: 0x200000000000000(node=0|zone=2) [ 25.134496] page_type: f5(slab) [ 25.135035] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.135924] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.136973] page dumped because: kasan: bad access detected [ 25.137537] [ 25.138198] Memory state around the buggy address: [ 25.139037] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.139695] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.140392] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.141570] ^ [ 25.142293] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.143254] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.144284] ================================================================== [ 25.353584] ================================================================== [ 25.354747] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 25.355340] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.356652] [ 25.357175] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.357379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.357422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.357481] Call Trace: [ 25.357516] <TASK> [ 25.357552] dump_stack_lvl+0x73/0xb0 [ 25.357626] print_report+0xd1/0x660 [ 25.357695] ? __virt_addr_valid+0x1db/0x2d0 [ 25.357814] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.358054] kasan_report+0x104/0x140 [ 25.358211] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 25.358294] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 25.358381] kasan_check_range+0x10c/0x1c0 [ 25.358452] __kasan_check_write+0x18/0x20 [ 25.358508] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 25.358583] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.358656] ? kasan_save_alloc_info+0x3b/0x50 [ 25.358992] ? kasan_save_stack+0x3d/0x60 [ 25.359077] kasan_bitops_generic+0x116/0x1c0 [ 25.359145] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.359187] ? __pfx_read_tsc+0x10/0x10 [ 25.359219] ? ktime_get_ts64+0x86/0x240 [ 25.359256] kunit_try_run_case+0x1b2/0x490 [ 25.359292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.359323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.359354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.359386] ? __kthread_parkme+0x82/0x160 [ 25.359415] ? preempt_count_sub+0x50/0x80 [ 25.359452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.359486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.359519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.359552] kthread+0x323/0x710 [ 25.359582] ? trace_preempt_on+0x20/0xc0 [ 25.359642] ? __pfx_kthread+0x10/0x10 [ 25.359677] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.359778] ? calculate_sigpending+0x7b/0xa0 [ 25.359858] ? __pfx_kthread+0x10/0x10 [ 25.359917] ret_from_fork+0x41/0x80 [ 25.359983] ? __pfx_kthread+0x10/0x10 [ 25.360039] ret_from_fork_asm+0x1a/0x30 [ 25.360142] </TASK> [ 25.360168] [ 25.384925] Allocated by task 282: [ 25.385626] kasan_save_stack+0x3d/0x60 [ 25.386420] kasan_save_track+0x18/0x40 [ 25.386997] kasan_save_alloc_info+0x3b/0x50 [ 25.387682] __kasan_kmalloc+0xb7/0xc0 [ 25.388448] __kmalloc_cache_noprof+0x183/0x410 [ 25.388807] kasan_bitops_generic+0x92/0x1c0 [ 25.389414] kunit_try_run_case+0x1b2/0x490 [ 25.390359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.391074] kthread+0x323/0x710 [ 25.391483] ret_from_fork+0x41/0x80 [ 25.392208] ret_from_fork_asm+0x1a/0x30 [ 25.392637] [ 25.393368] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.393368] which belongs to the cache kmalloc-16 of size 16 [ 25.394444] The buggy address is located 8 bytes inside of [ 25.394444] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.396232] [ 25.396586] The buggy address belongs to the physical page: [ 25.397165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.398023] flags: 0x200000000000000(node=0|zone=2) [ 25.398570] page_type: f5(slab) [ 25.399142] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.400359] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.401145] page dumped because: kasan: bad access detected [ 25.401975] [ 25.402289] Memory state around the buggy address: [ 25.402948] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.404288] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.404824] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.405917] ^ [ 25.406405] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.407273] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.408381] ================================================================== [ 25.240465] ================================================================== [ 25.241507] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 25.243045] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.244179] [ 25.244385] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.244510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.244541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.244592] Call Trace: [ 25.244623] <TASK> [ 25.244656] dump_stack_lvl+0x73/0xb0 [ 25.244743] print_report+0xd1/0x660 [ 25.244803] ? __virt_addr_valid+0x1db/0x2d0 [ 25.244910] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.244969] kasan_report+0x104/0x140 [ 25.245019] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 25.245093] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 25.246636] kasan_check_range+0x10c/0x1c0 [ 25.246973] __kasan_check_write+0x18/0x20 [ 25.247036] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 25.247129] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.247215] ? kasan_save_alloc_info+0x3b/0x50 [ 25.247280] ? kasan_save_stack+0x3d/0x60 [ 25.247355] kasan_bitops_generic+0x116/0x1c0 [ 25.247421] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.247492] ? __pfx_read_tsc+0x10/0x10 [ 25.247548] ? ktime_get_ts64+0x86/0x240 [ 25.247636] kunit_try_run_case+0x1b2/0x490 [ 25.248181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.248263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.248319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.248379] ? __kthread_parkme+0x82/0x160 [ 25.248430] ? preempt_count_sub+0x50/0x80 [ 25.248489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.248546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.248608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.248672] kthread+0x323/0x710 [ 25.249039] ? trace_preempt_on+0x20/0xc0 [ 25.249101] ? __pfx_kthread+0x10/0x10 [ 25.249182] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.249232] ? calculate_sigpending+0x7b/0xa0 [ 25.249285] ? __pfx_kthread+0x10/0x10 [ 25.249339] ret_from_fork+0x41/0x80 [ 25.249392] ? __pfx_kthread+0x10/0x10 [ 25.249446] ret_from_fork_asm+0x1a/0x30 [ 25.249530] </TASK> [ 25.249560] [ 25.274931] Allocated by task 282: [ 25.275393] kasan_save_stack+0x3d/0x60 [ 25.275891] kasan_save_track+0x18/0x40 [ 25.276510] kasan_save_alloc_info+0x3b/0x50 [ 25.277059] __kasan_kmalloc+0xb7/0xc0 [ 25.279198] __kmalloc_cache_noprof+0x183/0x410 [ 25.279685] kasan_bitops_generic+0x92/0x1c0 [ 25.280199] kunit_try_run_case+0x1b2/0x490 [ 25.281215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.281891] kthread+0x323/0x710 [ 25.282252] ret_from_fork+0x41/0x80 [ 25.283504] ret_from_fork_asm+0x1a/0x30 [ 25.284055] [ 25.284344] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.284344] which belongs to the cache kmalloc-16 of size 16 [ 25.286018] The buggy address is located 8 bytes inside of [ 25.286018] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.286843] [ 25.287103] The buggy address belongs to the physical page: [ 25.288072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.288991] flags: 0x200000000000000(node=0|zone=2) [ 25.289534] page_type: f5(slab) [ 25.290182] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.290922] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.291370] page dumped because: kasan: bad access detected [ 25.292745] [ 25.292971] Memory state around the buggy address: [ 25.293314] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.293993] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.295022] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.295803] ^ [ 25.296274] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.297582] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.298270] ================================================================== [ 25.045448] ================================================================== [ 25.046339] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.047172] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.047819] [ 25.048202] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.048349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.048385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.048437] Call Trace: [ 25.048475] <TASK> [ 25.048531] dump_stack_lvl+0x73/0xb0 [ 25.048639] print_report+0xd1/0x660 [ 25.048789] ? __virt_addr_valid+0x1db/0x2d0 [ 25.049312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.049427] kasan_report+0x104/0x140 [ 25.049492] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.049574] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.049668] kasan_check_range+0x10c/0x1c0 [ 25.049743] __kasan_check_write+0x18/0x20 [ 25.049806] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.049879] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.049958] ? kasan_save_alloc_info+0x3b/0x50 [ 25.050148] ? kasan_save_stack+0x3d/0x60 [ 25.050241] kasan_bitops_generic+0x116/0x1c0 [ 25.050316] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.050390] ? __pfx_read_tsc+0x10/0x10 [ 25.050455] ? ktime_get_ts64+0x86/0x240 [ 25.050522] kunit_try_run_case+0x1b2/0x490 [ 25.050591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.050651] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.050881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.050973] ? __kthread_parkme+0x82/0x160 [ 25.051034] ? preempt_count_sub+0x50/0x80 [ 25.051107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.051220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.051319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.051392] kthread+0x323/0x710 [ 25.051451] ? trace_preempt_on+0x20/0xc0 [ 25.051501] ? __pfx_kthread+0x10/0x10 [ 25.051534] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.051566] ? calculate_sigpending+0x7b/0xa0 [ 25.051628] ? __pfx_kthread+0x10/0x10 [ 25.051664] ret_from_fork+0x41/0x80 [ 25.051752] ? __pfx_kthread+0x10/0x10 [ 25.051859] ret_from_fork_asm+0x1a/0x30 [ 25.051922] </TASK> [ 25.051953] [ 25.074230] Allocated by task 282: [ 25.074465] kasan_save_stack+0x3d/0x60 [ 25.074919] kasan_save_track+0x18/0x40 [ 25.075773] kasan_save_alloc_info+0x3b/0x50 [ 25.076439] __kasan_kmalloc+0xb7/0xc0 [ 25.077149] __kmalloc_cache_noprof+0x183/0x410 [ 25.077888] kasan_bitops_generic+0x92/0x1c0 [ 25.078426] kunit_try_run_case+0x1b2/0x490 [ 25.079086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.080035] kthread+0x323/0x710 [ 25.080571] ret_from_fork+0x41/0x80 [ 25.081165] ret_from_fork_asm+0x1a/0x30 [ 25.081987] [ 25.082348] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.082348] which belongs to the cache kmalloc-16 of size 16 [ 25.083837] The buggy address is located 8 bytes inside of [ 25.083837] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.085388] [ 25.085636] The buggy address belongs to the physical page: [ 25.086155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.086420] flags: 0x200000000000000(node=0|zone=2) [ 25.086593] page_type: f5(slab) [ 25.086722] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.086950] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.088963] page dumped because: kasan: bad access detected [ 25.089518] [ 25.089747] Memory state around the buggy address: [ 25.090231] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.090907] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.092231] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.092749] ^ [ 25.093854] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.094419] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.094973] ================================================================== [ 24.991995] ================================================================== [ 24.992910] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 24.994034] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 24.994559] [ 24.994822] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.994977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.995017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.995075] Call Trace: [ 24.995482] <TASK> [ 24.995547] dump_stack_lvl+0x73/0xb0 [ 24.995662] print_report+0xd1/0x660 [ 24.995776] ? __virt_addr_valid+0x1db/0x2d0 [ 24.996214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.996305] kasan_report+0x104/0x140 [ 24.996356] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 24.996401] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 24.996449] kasan_check_range+0x10c/0x1c0 [ 24.996485] __kasan_check_write+0x18/0x20 [ 24.996516] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 24.996554] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.996594] ? kasan_save_alloc_info+0x3b/0x50 [ 24.996629] ? kasan_save_stack+0x3d/0x60 [ 24.996667] kasan_bitops_generic+0x116/0x1c0 [ 24.997016] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.997142] ? __pfx_read_tsc+0x10/0x10 [ 24.997185] ? ktime_get_ts64+0x86/0x240 [ 24.997226] kunit_try_run_case+0x1b2/0x490 [ 24.997265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.997299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.997331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.997364] ? __kthread_parkme+0x82/0x160 [ 24.997396] ? preempt_count_sub+0x50/0x80 [ 24.997435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.997471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.997505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.997539] kthread+0x323/0x710 [ 24.997570] ? trace_preempt_on+0x20/0xc0 [ 24.997604] ? __pfx_kthread+0x10/0x10 [ 24.997636] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.997666] ? calculate_sigpending+0x7b/0xa0 [ 24.997751] ? __pfx_kthread+0x10/0x10 [ 24.997828] ret_from_fork+0x41/0x80 [ 24.997887] ? __pfx_kthread+0x10/0x10 [ 24.997922] ret_from_fork_asm+0x1a/0x30 [ 24.997972] </TASK> [ 24.997990] [ 25.019961] Allocated by task 282: [ 25.020239] kasan_save_stack+0x3d/0x60 [ 25.020651] kasan_save_track+0x18/0x40 [ 25.022798] kasan_save_alloc_info+0x3b/0x50 [ 25.023510] __kasan_kmalloc+0xb7/0xc0 [ 25.023971] __kmalloc_cache_noprof+0x183/0x410 [ 25.024915] kasan_bitops_generic+0x92/0x1c0 [ 25.025593] kunit_try_run_case+0x1b2/0x490 [ 25.026277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.026703] kthread+0x323/0x710 [ 25.027574] ret_from_fork+0x41/0x80 [ 25.028056] ret_from_fork_asm+0x1a/0x30 [ 25.028918] [ 25.029222] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.029222] which belongs to the cache kmalloc-16 of size 16 [ 25.031139] The buggy address is located 8 bytes inside of [ 25.031139] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.032420] [ 25.033149] The buggy address belongs to the physical page: [ 25.033763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.034528] flags: 0x200000000000000(node=0|zone=2) [ 25.035403] page_type: f5(slab) [ 25.036257] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.037152] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.038066] page dumped because: kasan: bad access detected [ 25.039130] [ 25.039291] Memory state around the buggy address: [ 25.039772] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.040345] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.041133] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.041530] ^ [ 25.042574] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.043475] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.044016] ================================================================== [ 25.299865] ================================================================== [ 25.301508] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 25.302365] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.302943] [ 25.303475] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.303624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.303663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.303760] Call Trace: [ 25.303803] <TASK> [ 25.303842] dump_stack_lvl+0x73/0xb0 [ 25.303946] print_report+0xd1/0x660 [ 25.304055] ? __virt_addr_valid+0x1db/0x2d0 [ 25.304206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.304727] kasan_report+0x104/0x140 [ 25.304862] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 25.304951] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 25.305039] kasan_check_range+0x10c/0x1c0 [ 25.305131] __kasan_check_write+0x18/0x20 [ 25.305193] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 25.305640] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.305770] ? kasan_save_alloc_info+0x3b/0x50 [ 25.305850] ? kasan_save_stack+0x3d/0x60 [ 25.305928] kasan_bitops_generic+0x116/0x1c0 [ 25.305998] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.306065] ? __pfx_read_tsc+0x10/0x10 [ 25.306100] ? ktime_get_ts64+0x86/0x240 [ 25.306180] kunit_try_run_case+0x1b2/0x490 [ 25.306292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.306332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.306365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.306397] ? __kthread_parkme+0x82/0x160 [ 25.306428] ? preempt_count_sub+0x50/0x80 [ 25.306466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.306501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.306536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.306569] kthread+0x323/0x710 [ 25.306599] ? trace_preempt_on+0x20/0xc0 [ 25.306633] ? __pfx_kthread+0x10/0x10 [ 25.306665] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.306735] ? calculate_sigpending+0x7b/0xa0 [ 25.306803] ? __pfx_kthread+0x10/0x10 [ 25.306862] ret_from_fork+0x41/0x80 [ 25.306927] ? __pfx_kthread+0x10/0x10 [ 25.306961] ret_from_fork_asm+0x1a/0x30 [ 25.307009] </TASK> [ 25.307027] [ 25.330784] Allocated by task 282: [ 25.331042] kasan_save_stack+0x3d/0x60 [ 25.331340] kasan_save_track+0x18/0x40 [ 25.331542] kasan_save_alloc_info+0x3b/0x50 [ 25.331740] __kasan_kmalloc+0xb7/0xc0 [ 25.331886] __kmalloc_cache_noprof+0x183/0x410 [ 25.332059] kasan_bitops_generic+0x92/0x1c0 [ 25.332577] kunit_try_run_case+0x1b2/0x490 [ 25.333039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.333868] kthread+0x323/0x710 [ 25.334580] ret_from_fork+0x41/0x80 [ 25.335070] ret_from_fork_asm+0x1a/0x30 [ 25.335525] [ 25.336382] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.336382] which belongs to the cache kmalloc-16 of size 16 [ 25.337749] The buggy address is located 8 bytes inside of [ 25.337749] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.338955] [ 25.339242] The buggy address belongs to the physical page: [ 25.339776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.340328] flags: 0x200000000000000(node=0|zone=2) [ 25.340732] page_type: f5(slab) [ 25.341184] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.342559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.343544] page dumped because: kasan: bad access detected [ 25.344564] [ 25.344955] Memory state around the buggy address: [ 25.345423] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.346336] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.346986] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.348767] ^ [ 25.349422] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.350784] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.351695] ================================================================== [ 25.145612] ================================================================== [ 25.146048] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.146528] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.147241] [ 25.147491] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.148039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.148084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.148167] Call Trace: [ 25.148225] <TASK> [ 25.148264] dump_stack_lvl+0x73/0xb0 [ 25.148339] print_report+0xd1/0x660 [ 25.148406] ? __virt_addr_valid+0x1db/0x2d0 [ 25.148526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.148602] kasan_report+0x104/0x140 [ 25.148660] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.148739] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.148833] kasan_check_range+0x10c/0x1c0 [ 25.148906] __kasan_check_write+0x18/0x20 [ 25.148965] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.149041] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.149144] ? kasan_save_alloc_info+0x3b/0x50 [ 25.149389] ? kasan_save_stack+0x3d/0x60 [ 25.149475] kasan_bitops_generic+0x116/0x1c0 [ 25.149550] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.149619] ? __pfx_read_tsc+0x10/0x10 [ 25.149678] ? ktime_get_ts64+0x86/0x240 [ 25.149903] kunit_try_run_case+0x1b2/0x490 [ 25.149986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.150047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.150083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.150150] ? __kthread_parkme+0x82/0x160 [ 25.150186] ? preempt_count_sub+0x50/0x80 [ 25.150225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.150260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.150295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.150328] kthread+0x323/0x710 [ 25.150359] ? trace_preempt_on+0x20/0xc0 [ 25.150392] ? __pfx_kthread+0x10/0x10 [ 25.150424] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.150453] ? calculate_sigpending+0x7b/0xa0 [ 25.150483] ? __pfx_kthread+0x10/0x10 [ 25.150515] ret_from_fork+0x41/0x80 [ 25.150547] ? __pfx_kthread+0x10/0x10 [ 25.150578] ret_from_fork_asm+0x1a/0x30 [ 25.150626] </TASK> [ 25.150641] [ 25.170617] Allocated by task 282: [ 25.171033] kasan_save_stack+0x3d/0x60 [ 25.171453] kasan_save_track+0x18/0x40 [ 25.171903] kasan_save_alloc_info+0x3b/0x50 [ 25.172738] __kasan_kmalloc+0xb7/0xc0 [ 25.173925] __kmalloc_cache_noprof+0x183/0x410 [ 25.174388] kasan_bitops_generic+0x92/0x1c0 [ 25.175037] kunit_try_run_case+0x1b2/0x490 [ 25.175396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.176166] kthread+0x323/0x710 [ 25.176497] ret_from_fork+0x41/0x80 [ 25.177353] ret_from_fork_asm+0x1a/0x30 [ 25.177890] [ 25.178141] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.178141] which belongs to the cache kmalloc-16 of size 16 [ 25.178888] The buggy address is located 8 bytes inside of [ 25.178888] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.179718] [ 25.179883] The buggy address belongs to the physical page: [ 25.180596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.181925] flags: 0x200000000000000(node=0|zone=2) [ 25.182433] page_type: f5(slab) [ 25.182990] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.183501] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.184415] page dumped because: kasan: bad access detected [ 25.185165] [ 25.185397] Memory state around the buggy address: [ 25.186040] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.186529] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.187361] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.187966] ^ [ 25.188439] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.189528] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.190319] ================================================================== [ 25.191342] ================================================================== [ 25.192260] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.193391] Write of size 8 at addr ffff888100a7a9a8 by task kunit_try_catch/282 [ 25.194144] [ 25.194335] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 25.194462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.194499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.194554] Call Trace: [ 25.194588] <TASK> [ 25.194621] dump_stack_lvl+0x73/0xb0 [ 25.194888] print_report+0xd1/0x660 [ 25.194979] ? __virt_addr_valid+0x1db/0x2d0 [ 25.195101] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.195205] kasan_report+0x104/0x140 [ 25.195267] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.195345] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.195438] kasan_check_range+0x10c/0x1c0 [ 25.195510] __kasan_check_write+0x18/0x20 [ 25.195570] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.195853] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.195975] ? kasan_save_alloc_info+0x3b/0x50 [ 25.196046] ? kasan_save_stack+0x3d/0x60 [ 25.196142] kasan_bitops_generic+0x116/0x1c0 [ 25.196219] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.196291] ? __pfx_read_tsc+0x10/0x10 [ 25.196348] ? ktime_get_ts64+0x86/0x240 [ 25.196416] kunit_try_run_case+0x1b2/0x490 [ 25.196485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.196549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.196609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.196666] ? __kthread_parkme+0x82/0x160 [ 25.196835] ? preempt_count_sub+0x50/0x80 [ 25.196913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.196975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.197041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.197105] kthread+0x323/0x710 [ 25.197180] ? trace_preempt_on+0x20/0xc0 [ 25.197219] ? __pfx_kthread+0x10/0x10 [ 25.197251] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.197281] ? calculate_sigpending+0x7b/0xa0 [ 25.197314] ? __pfx_kthread+0x10/0x10 [ 25.197345] ret_from_fork+0x41/0x80 [ 25.197376] ? __pfx_kthread+0x10/0x10 [ 25.197408] ret_from_fork_asm+0x1a/0x30 [ 25.197454] </TASK> [ 25.197471] [ 25.216316] Allocated by task 282: [ 25.216961] kasan_save_stack+0x3d/0x60 [ 25.217474] kasan_save_track+0x18/0x40 [ 25.218244] kasan_save_alloc_info+0x3b/0x50 [ 25.218626] __kasan_kmalloc+0xb7/0xc0 [ 25.219101] __kmalloc_cache_noprof+0x183/0x410 [ 25.220264] kasan_bitops_generic+0x92/0x1c0 [ 25.220749] kunit_try_run_case+0x1b2/0x490 [ 25.221574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.222141] kthread+0x323/0x710 [ 25.222523] ret_from_fork+0x41/0x80 [ 25.222803] ret_from_fork_asm+0x1a/0x30 [ 25.223597] [ 25.224306] The buggy address belongs to the object at ffff888100a7a9a0 [ 25.224306] which belongs to the cache kmalloc-16 of size 16 [ 25.225304] The buggy address is located 8 bytes inside of [ 25.225304] allocated 9-byte region [ffff888100a7a9a0, ffff888100a7a9a9) [ 25.226576] [ 25.227046] The buggy address belongs to the physical page: [ 25.228107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 25.229101] flags: 0x200000000000000(node=0|zone=2) [ 25.229481] page_type: f5(slab) [ 25.229901] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.231004] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.232284] page dumped because: kasan: bad access detected [ 25.232844] [ 25.233066] Memory state around the buggy address: [ 25.233499] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 25.234552] ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc fa fb fc fc [ 25.235507] >ffff888100a7a980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 25.236205] ^ [ 25.237277] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.237902] ffff888100a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.238392] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 24.925852] ================================================================== [ 24.927324] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 24.928332] Read of size 1 at addr ffff88810306e390 by task kunit_try_catch/280 [ 24.929498] [ 24.929695] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.930044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.930070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.930107] Call Trace: [ 24.930154] <TASK> [ 24.930184] dump_stack_lvl+0x73/0xb0 [ 24.930228] print_report+0xd1/0x660 [ 24.930262] ? __virt_addr_valid+0x1db/0x2d0 [ 24.930325] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.930361] kasan_report+0x104/0x140 [ 24.930391] ? strnlen+0x73/0x80 [ 24.930422] ? strnlen+0x73/0x80 [ 24.930460] __asan_report_load1_noabort+0x18/0x20 [ 24.930490] strnlen+0x73/0x80 [ 24.930522] kasan_strings+0x4c2/0xb50 [ 24.930554] ? __pfx_kasan_strings+0x10/0x10 [ 24.930587] ? __schedule+0xd46/0x29c0 [ 24.930616] ? __pfx_read_tsc+0x10/0x10 [ 24.930646] ? ktime_get_ts64+0x86/0x240 [ 24.930680] kunit_try_run_case+0x1b2/0x490 [ 24.930757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.930835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.930895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.930958] ? __kthread_parkme+0x82/0x160 [ 24.930995] ? preempt_count_sub+0x50/0x80 [ 24.931033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.931068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.931104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.931160] kthread+0x323/0x710 [ 24.931190] ? trace_preempt_on+0x20/0xc0 [ 24.931223] ? __pfx_kthread+0x10/0x10 [ 24.931255] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.931284] ? calculate_sigpending+0x7b/0xa0 [ 24.931314] ? __pfx_kthread+0x10/0x10 [ 24.931346] ret_from_fork+0x41/0x80 [ 24.931378] ? __pfx_kthread+0x10/0x10 [ 24.931410] ret_from_fork_asm+0x1a/0x30 [ 24.931457] </TASK> [ 24.931472] [ 24.950535] Allocated by task 280: [ 24.951297] kasan_save_stack+0x3d/0x60 [ 24.952231] kasan_save_track+0x18/0x40 [ 24.952765] kasan_save_alloc_info+0x3b/0x50 [ 24.953182] __kasan_kmalloc+0xb7/0xc0 [ 24.953531] __kmalloc_cache_noprof+0x183/0x410 [ 24.954663] kasan_strings+0xb8/0xb50 [ 24.955035] kunit_try_run_case+0x1b2/0x490 [ 24.955600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.956285] kthread+0x323/0x710 [ 24.956671] ret_from_fork+0x41/0x80 [ 24.957363] ret_from_fork_asm+0x1a/0x30 [ 24.957631] [ 24.957852] Freed by task 280: [ 24.958584] kasan_save_stack+0x3d/0x60 [ 24.959420] kasan_save_track+0x18/0x40 [ 24.959914] kasan_save_free_info+0x3f/0x60 [ 24.960217] __kasan_slab_free+0x56/0x70 [ 24.960888] kfree+0x222/0x3f0 [ 24.961160] kasan_strings+0x13b/0xb50 [ 24.961564] kunit_try_run_case+0x1b2/0x490 [ 24.962659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.963147] kthread+0x323/0x710 [ 24.963534] ret_from_fork+0x41/0x80 [ 24.964274] ret_from_fork_asm+0x1a/0x30 [ 24.964637] [ 24.964865] The buggy address belongs to the object at ffff88810306e380 [ 24.964865] which belongs to the cache kmalloc-32 of size 32 [ 24.966141] The buggy address is located 16 bytes inside of [ 24.966141] freed 32-byte region [ffff88810306e380, ffff88810306e3a0) [ 24.967809] [ 24.968052] The buggy address belongs to the physical page: [ 24.968782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306e [ 24.969526] flags: 0x200000000000000(node=0|zone=2) [ 24.970036] page_type: f5(slab) [ 24.970715] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.971582] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.972570] page dumped because: kasan: bad access detected [ 24.973270] [ 24.973419] Memory state around the buggy address: [ 24.973728] ffff88810306e280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.974774] ffff88810306e300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.976040] >ffff88810306e380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.976691] ^ [ 24.978065] ffff88810306e400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.979847] ffff88810306e480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.980428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 24.877477] ================================================================== [ 24.878166] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 24.878547] Read of size 1 at addr ffff88810306e390 by task kunit_try_catch/280 [ 24.878926] [ 24.879100] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.879827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.879866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.879919] Call Trace: [ 24.879964] <TASK> [ 24.879999] dump_stack_lvl+0x73/0xb0 [ 24.880072] print_report+0xd1/0x660 [ 24.880169] ? __virt_addr_valid+0x1db/0x2d0 [ 24.880291] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.880366] kasan_report+0x104/0x140 [ 24.880425] ? strlen+0x8f/0xb0 [ 24.880487] ? strlen+0x8f/0xb0 [ 24.880561] __asan_report_load1_noabort+0x18/0x20 [ 24.880624] strlen+0x8f/0xb0 [ 24.880689] kasan_strings+0x424/0xb50 [ 24.880789] ? __pfx_kasan_strings+0x10/0x10 [ 24.880865] ? __schedule+0xd46/0x29c0 [ 24.880917] ? __pfx_read_tsc+0x10/0x10 [ 24.880970] ? ktime_get_ts64+0x86/0x240 [ 24.881037] kunit_try_run_case+0x1b2/0x490 [ 24.881103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.881207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.881267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.881333] ? __kthread_parkme+0x82/0x160 [ 24.881395] ? preempt_count_sub+0x50/0x80 [ 24.881464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.881534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.881604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.881672] kthread+0x323/0x710 [ 24.882044] ? trace_preempt_on+0x20/0xc0 [ 24.882314] ? __pfx_kthread+0x10/0x10 [ 24.882640] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.882988] ? calculate_sigpending+0x7b/0xa0 [ 24.883258] ? __pfx_kthread+0x10/0x10 [ 24.883320] ret_from_fork+0x41/0x80 [ 24.883363] ? __pfx_kthread+0x10/0x10 [ 24.883425] ret_from_fork_asm+0x1a/0x30 [ 24.883513] </TASK> [ 24.883539] [ 24.898414] Allocated by task 280: [ 24.898785] kasan_save_stack+0x3d/0x60 [ 24.899197] kasan_save_track+0x18/0x40 [ 24.899473] kasan_save_alloc_info+0x3b/0x50 [ 24.899917] __kasan_kmalloc+0xb7/0xc0 [ 24.900389] __kmalloc_cache_noprof+0x183/0x410 [ 24.900925] kasan_strings+0xb8/0xb50 [ 24.901364] kunit_try_run_case+0x1b2/0x490 [ 24.901864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.902402] kthread+0x323/0x710 [ 24.902751] ret_from_fork+0x41/0x80 [ 24.903148] ret_from_fork_asm+0x1a/0x30 [ 24.903596] [ 24.903863] Freed by task 280: [ 24.904227] kasan_save_stack+0x3d/0x60 [ 24.904642] kasan_save_track+0x18/0x40 [ 24.905079] kasan_save_free_info+0x3f/0x60 [ 24.905553] __kasan_slab_free+0x56/0x70 [ 24.906173] kfree+0x222/0x3f0 [ 24.906502] kasan_strings+0x13b/0xb50 [ 24.906799] kunit_try_run_case+0x1b2/0x490 [ 24.907297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.907829] kthread+0x323/0x710 [ 24.908220] ret_from_fork+0x41/0x80 [ 24.908489] ret_from_fork_asm+0x1a/0x30 [ 24.908760] [ 24.909001] The buggy address belongs to the object at ffff88810306e380 [ 24.909001] which belongs to the cache kmalloc-32 of size 32 [ 24.910220] The buggy address is located 16 bytes inside of [ 24.910220] freed 32-byte region [ffff88810306e380, ffff88810306e3a0) [ 24.911311] [ 24.911475] The buggy address belongs to the physical page: [ 24.911809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306e [ 24.912599] flags: 0x200000000000000(node=0|zone=2) [ 24.913088] page_type: f5(slab) [ 24.916705] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.917600] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.918298] page dumped because: kasan: bad access detected [ 24.919305] [ 24.919496] Memory state around the buggy address: [ 24.920257] ffff88810306e280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.920640] ffff88810306e300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.921068] >ffff88810306e380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.922908] ^ [ 24.923284] ffff88810306e400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.924178] ffff88810306e480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.924596] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 24.834199] ================================================================== [ 24.835072] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0a/0xb50 [ 24.835813] Read of size 1 at addr ffff88810306e390 by task kunit_try_catch/280 [ 24.836741] [ 24.836956] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.837081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.837139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.837197] Call Trace: [ 24.837228] <TASK> [ 24.837265] dump_stack_lvl+0x73/0xb0 [ 24.837340] print_report+0xd1/0x660 [ 24.837407] ? __virt_addr_valid+0x1db/0x2d0 [ 24.837525] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.837598] kasan_report+0x104/0x140 [ 24.837657] ? kasan_strings+0xa0a/0xb50 [ 24.837723] ? kasan_strings+0xa0a/0xb50 [ 24.837998] __asan_report_load1_noabort+0x18/0x20 [ 24.838085] kasan_strings+0xa0a/0xb50 [ 24.838180] ? __pfx_kasan_strings+0x10/0x10 [ 24.838248] ? __schedule+0xd46/0x29c0 [ 24.838309] ? __pfx_read_tsc+0x10/0x10 [ 24.838367] ? ktime_get_ts64+0x86/0x240 [ 24.838435] kunit_try_run_case+0x1b2/0x490 [ 24.838500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.838583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.838678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.838767] ? __kthread_parkme+0x82/0x160 [ 24.838832] ? preempt_count_sub+0x50/0x80 [ 24.838904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.838989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.839082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.839179] kthread+0x323/0x710 [ 24.839243] ? trace_preempt_on+0x20/0xc0 [ 24.839305] ? __pfx_kthread+0x10/0x10 [ 24.839364] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.839419] ? calculate_sigpending+0x7b/0xa0 [ 24.839501] ? __pfx_kthread+0x10/0x10 [ 24.839600] ret_from_fork+0x41/0x80 [ 24.839679] ? __pfx_kthread+0x10/0x10 [ 24.839771] ret_from_fork_asm+0x1a/0x30 [ 24.839842] </TASK> [ 24.839860] [ 24.852572] Allocated by task 280: [ 24.852937] kasan_save_stack+0x3d/0x60 [ 24.853315] kasan_save_track+0x18/0x40 [ 24.853775] kasan_save_alloc_info+0x3b/0x50 [ 24.854268] __kasan_kmalloc+0xb7/0xc0 [ 24.854579] __kmalloc_cache_noprof+0x183/0x410 [ 24.855135] kasan_strings+0xb8/0xb50 [ 24.855408] kunit_try_run_case+0x1b2/0x490 [ 24.856002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.856585] kthread+0x323/0x710 [ 24.857004] ret_from_fork+0x41/0x80 [ 24.857462] ret_from_fork_asm+0x1a/0x30 [ 24.858024] [ 24.858214] Freed by task 280: [ 24.858432] kasan_save_stack+0x3d/0x60 [ 24.858901] kasan_save_track+0x18/0x40 [ 24.859363] kasan_save_free_info+0x3f/0x60 [ 24.859837] __kasan_slab_free+0x56/0x70 [ 24.860321] kfree+0x222/0x3f0 [ 24.860577] kasan_strings+0x13b/0xb50 [ 24.861139] kunit_try_run_case+0x1b2/0x490 [ 24.861624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.862140] kthread+0x323/0x710 [ 24.862463] ret_from_fork+0x41/0x80 [ 24.862978] ret_from_fork_asm+0x1a/0x30 [ 24.863354] [ 24.863512] The buggy address belongs to the object at ffff88810306e380 [ 24.863512] which belongs to the cache kmalloc-32 of size 32 [ 24.864539] The buggy address is located 16 bytes inside of [ 24.864539] freed 32-byte region [ffff88810306e380, ffff88810306e3a0) [ 24.865507] [ 24.865699] The buggy address belongs to the physical page: [ 24.866155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306e [ 24.866874] flags: 0x200000000000000(node=0|zone=2) [ 24.867382] page_type: f5(slab) [ 24.867679] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.868484] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.868868] page dumped because: kasan: bad access detected [ 24.869197] [ 24.869351] Memory state around the buggy address: [ 24.869627] ffff88810306e280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.870000] ffff88810306e300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.870904] >ffff88810306e380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.871557] ^ [ 24.872143] ffff88810306e400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.872861] ffff88810306e480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.873551] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 24.782410] ================================================================== [ 24.784890] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 24.785248] Read of size 1 at addr ffff88810306e390 by task kunit_try_catch/280 [ 24.786323] [ 24.786596] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.787046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.787106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.787191] Call Trace: [ 24.787225] <TASK> [ 24.787263] dump_stack_lvl+0x73/0xb0 [ 24.787651] print_report+0xd1/0x660 [ 24.787740] ? __virt_addr_valid+0x1db/0x2d0 [ 24.787863] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.787905] kasan_report+0x104/0x140 [ 24.787949] ? strcmp+0xb0/0xc0 [ 24.787983] ? strcmp+0xb0/0xc0 [ 24.788021] __asan_report_load1_noabort+0x18/0x20 [ 24.788052] strcmp+0xb0/0xc0 [ 24.788086] kasan_strings+0x2d2/0xb50 [ 24.788146] ? __pfx_kasan_strings+0x10/0x10 [ 24.788201] ? __schedule+0xd46/0x29c0 [ 24.788233] ? __pfx_read_tsc+0x10/0x10 [ 24.788264] ? ktime_get_ts64+0x86/0x240 [ 24.788301] kunit_try_run_case+0x1b2/0x490 [ 24.788339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.788370] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.788402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.788434] ? __kthread_parkme+0x82/0x160 [ 24.788466] ? preempt_count_sub+0x50/0x80 [ 24.788501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.788535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.788568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.788603] kthread+0x323/0x710 [ 24.788632] ? trace_preempt_on+0x20/0xc0 [ 24.788665] ? __pfx_kthread+0x10/0x10 [ 24.788696] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.788775] ? calculate_sigpending+0x7b/0xa0 [ 24.788854] ? __pfx_kthread+0x10/0x10 [ 24.788923] ret_from_fork+0x41/0x80 [ 24.788959] ? __pfx_kthread+0x10/0x10 [ 24.788992] ret_from_fork_asm+0x1a/0x30 [ 24.789039] </TASK> [ 24.789055] [ 24.802067] Allocated by task 280: [ 24.802329] kasan_save_stack+0x3d/0x60 [ 24.802605] kasan_save_track+0x18/0x40 [ 24.803047] kasan_save_alloc_info+0x3b/0x50 [ 24.803909] __kasan_kmalloc+0xb7/0xc0 [ 24.804403] __kmalloc_cache_noprof+0x183/0x410 [ 24.805071] kasan_strings+0xb8/0xb50 [ 24.805548] kunit_try_run_case+0x1b2/0x490 [ 24.806247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.807083] kthread+0x323/0x710 [ 24.807370] ret_from_fork+0x41/0x80 [ 24.807662] ret_from_fork_asm+0x1a/0x30 [ 24.807951] [ 24.808097] Freed by task 280: [ 24.808604] kasan_save_stack+0x3d/0x60 [ 24.809268] kasan_save_track+0x18/0x40 [ 24.809969] kasan_save_free_info+0x3f/0x60 [ 24.810477] __kasan_slab_free+0x56/0x70 [ 24.811210] kfree+0x222/0x3f0 [ 24.811571] kasan_strings+0x13b/0xb50 [ 24.812428] kunit_try_run_case+0x1b2/0x490 [ 24.813095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.813802] kthread+0x323/0x710 [ 24.814175] ret_from_fork+0x41/0x80 [ 24.814446] ret_from_fork_asm+0x1a/0x30 [ 24.814713] [ 24.814934] The buggy address belongs to the object at ffff88810306e380 [ 24.814934] which belongs to the cache kmalloc-32 of size 32 [ 24.816295] The buggy address is located 16 bytes inside of [ 24.816295] freed 32-byte region [ffff88810306e380, ffff88810306e3a0) [ 24.817885] [ 24.818085] The buggy address belongs to the physical page: [ 24.822980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306e [ 24.824027] flags: 0x200000000000000(node=0|zone=2) [ 24.825053] page_type: f5(slab) [ 24.825442] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 24.826099] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 24.826716] page dumped because: kasan: bad access detected [ 24.827597] [ 24.827882] Memory state around the buggy address: [ 24.828420] ffff88810306e280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.829268] ffff88810306e300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 24.829976] >ffff88810306e380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.830582] ^ [ 24.831027] ffff88810306e400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 24.832074] ffff88810306e480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 24.832626] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 21.564991] ================================================================== [ 21.566247] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 21.567252] Read of size 1 at addr ffff888100338200 by task kunit_try_catch/185 [ 21.568400] [ 21.568692] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.568852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.568890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.568945] Call Trace: [ 21.568976] <TASK> [ 21.569013] dump_stack_lvl+0x73/0xb0 [ 21.569146] print_report+0xd1/0x660 [ 21.569239] ? __virt_addr_valid+0x1db/0x2d0 [ 21.569364] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.569433] kasan_report+0x104/0x140 [ 21.569469] ? krealloc_uaf+0x1b8/0x5e0 [ 21.569504] ? krealloc_uaf+0x1b8/0x5e0 [ 21.569541] ? krealloc_uaf+0x1b8/0x5e0 [ 21.569573] __kasan_check_byte+0x3d/0x50 [ 21.569605] krealloc_noprof+0x3f/0x370 [ 21.569641] krealloc_uaf+0x1b8/0x5e0 [ 21.569672] ? __pfx_krealloc_uaf+0x10/0x10 [ 21.569820] ? finish_task_switch.isra.0+0x153/0x730 [ 21.569862] ? __switch_to+0x5d9/0xf70 [ 21.569903] ? __schedule+0xd46/0x29c0 [ 21.569934] ? __pfx_read_tsc+0x10/0x10 [ 21.569964] ? ktime_get_ts64+0x86/0x240 [ 21.570003] kunit_try_run_case+0x1b2/0x490 [ 21.570040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.570071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.570102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.570160] ? __kthread_parkme+0x82/0x160 [ 21.570191] ? preempt_count_sub+0x50/0x80 [ 21.570225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.570258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.570291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.570324] kthread+0x323/0x710 [ 21.570353] ? trace_preempt_on+0x20/0xc0 [ 21.570387] ? __pfx_kthread+0x10/0x10 [ 21.570418] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.570446] ? calculate_sigpending+0x7b/0xa0 [ 21.570477] ? __pfx_kthread+0x10/0x10 [ 21.570508] ret_from_fork+0x41/0x80 [ 21.570538] ? __pfx_kthread+0x10/0x10 [ 21.570569] ret_from_fork_asm+0x1a/0x30 [ 21.570616] </TASK> [ 21.570631] [ 21.590957] Allocated by task 185: [ 21.591413] kasan_save_stack+0x3d/0x60 [ 21.592073] kasan_save_track+0x18/0x40 [ 21.592375] kasan_save_alloc_info+0x3b/0x50 [ 21.593158] __kasan_kmalloc+0xb7/0xc0 [ 21.593651] __kmalloc_cache_noprof+0x183/0x410 [ 21.594443] krealloc_uaf+0xbb/0x5e0 [ 21.594840] kunit_try_run_case+0x1b2/0x490 [ 21.595451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.596391] kthread+0x323/0x710 [ 21.596990] ret_from_fork+0x41/0x80 [ 21.597480] ret_from_fork_asm+0x1a/0x30 [ 21.598071] [ 21.598471] Freed by task 185: [ 21.599078] kasan_save_stack+0x3d/0x60 [ 21.599602] kasan_save_track+0x18/0x40 [ 21.600312] kasan_save_free_info+0x3f/0x60 [ 21.601065] __kasan_slab_free+0x56/0x70 [ 21.601500] kfree+0x222/0x3f0 [ 21.601761] krealloc_uaf+0x13d/0x5e0 [ 21.602222] kunit_try_run_case+0x1b2/0x490 [ 21.602735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.603475] kthread+0x323/0x710 [ 21.604161] ret_from_fork+0x41/0x80 [ 21.604621] ret_from_fork_asm+0x1a/0x30 [ 21.605408] [ 21.605850] The buggy address belongs to the object at ffff888100338200 [ 21.605850] which belongs to the cache kmalloc-256 of size 256 [ 21.607304] The buggy address is located 0 bytes inside of [ 21.607304] freed 256-byte region [ffff888100338200, ffff888100338300) [ 21.608519] [ 21.609022] The buggy address belongs to the physical page: [ 21.609536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 21.610549] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.611281] flags: 0x200000000000040(head|node=0|zone=2) [ 21.611684] page_type: f5(slab) [ 21.611968] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.612672] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.613828] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.614504] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.615415] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 21.616050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.617041] page dumped because: kasan: bad access detected [ 21.617570] [ 21.618069] Memory state around the buggy address: [ 21.618560] ffff888100338100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.619480] ffff888100338180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.620252] >ffff888100338200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.621204] ^ [ 21.621518] ffff888100338280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.622451] ffff888100338300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.623317] ================================================================== [ 21.626398] ================================================================== [ 21.627489] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 21.628416] Read of size 1 at addr ffff888100338200 by task kunit_try_catch/185 [ 21.629010] [ 21.629248] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.630099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.630183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.630233] Call Trace: [ 21.630264] <TASK> [ 21.630295] dump_stack_lvl+0x73/0xb0 [ 21.630456] print_report+0xd1/0x660 [ 21.630610] ? __virt_addr_valid+0x1db/0x2d0 [ 21.630775] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.630858] kasan_report+0x104/0x140 [ 21.631055] ? krealloc_uaf+0x53c/0x5e0 [ 21.631145] ? krealloc_uaf+0x53c/0x5e0 [ 21.631189] __asan_report_load1_noabort+0x18/0x20 [ 21.631222] krealloc_uaf+0x53c/0x5e0 [ 21.631254] ? __pfx_krealloc_uaf+0x10/0x10 [ 21.631284] ? finish_task_switch.isra.0+0x153/0x730 [ 21.631318] ? __switch_to+0x5d9/0xf70 [ 21.631355] ? __schedule+0xd46/0x29c0 [ 21.631385] ? __pfx_read_tsc+0x10/0x10 [ 21.631414] ? ktime_get_ts64+0x86/0x240 [ 21.631451] kunit_try_run_case+0x1b2/0x490 [ 21.631498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.631530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.631585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.631671] ? __kthread_parkme+0x82/0x160 [ 21.631785] ? preempt_count_sub+0x50/0x80 [ 21.631874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.631914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.631961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.631994] kthread+0x323/0x710 [ 21.632023] ? trace_preempt_on+0x20/0xc0 [ 21.632057] ? __pfx_kthread+0x10/0x10 [ 21.632088] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.632141] ? calculate_sigpending+0x7b/0xa0 [ 21.632173] ? __pfx_kthread+0x10/0x10 [ 21.632205] ret_from_fork+0x41/0x80 [ 21.632236] ? __pfx_kthread+0x10/0x10 [ 21.632266] ret_from_fork_asm+0x1a/0x30 [ 21.632313] </TASK> [ 21.632329] [ 21.650551] Allocated by task 185: [ 21.651187] kasan_save_stack+0x3d/0x60 [ 21.652261] kasan_save_track+0x18/0x40 [ 21.652857] kasan_save_alloc_info+0x3b/0x50 [ 21.653548] __kasan_kmalloc+0xb7/0xc0 [ 21.654091] __kmalloc_cache_noprof+0x183/0x410 [ 21.654485] krealloc_uaf+0xbb/0x5e0 [ 21.654856] kunit_try_run_case+0x1b2/0x490 [ 21.655468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.656350] kthread+0x323/0x710 [ 21.656652] ret_from_fork+0x41/0x80 [ 21.657563] ret_from_fork_asm+0x1a/0x30 [ 21.658257] [ 21.658502] Freed by task 185: [ 21.658835] kasan_save_stack+0x3d/0x60 [ 21.659132] kasan_save_track+0x18/0x40 [ 21.659739] kasan_save_free_info+0x3f/0x60 [ 21.660422] __kasan_slab_free+0x56/0x70 [ 21.660832] kfree+0x222/0x3f0 [ 21.661521] krealloc_uaf+0x13d/0x5e0 [ 21.661814] kunit_try_run_case+0x1b2/0x490 [ 21.662865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.663257] kthread+0x323/0x710 [ 21.663666] ret_from_fork+0x41/0x80 [ 21.664375] ret_from_fork_asm+0x1a/0x30 [ 21.665073] [ 21.665402] The buggy address belongs to the object at ffff888100338200 [ 21.665402] which belongs to the cache kmalloc-256 of size 256 [ 21.666249] The buggy address is located 0 bytes inside of [ 21.666249] freed 256-byte region [ffff888100338200, ffff888100338300) [ 21.668080] [ 21.668338] The buggy address belongs to the physical page: [ 21.669019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 21.669535] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.670475] flags: 0x200000000000040(head|node=0|zone=2) [ 21.671471] page_type: f5(slab) [ 21.672103] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.672621] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.673438] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.674030] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.674822] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 21.675954] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.676520] page dumped because: kasan: bad access detected [ 21.676902] [ 21.677057] Memory state around the buggy address: [ 21.677605] ffff888100338100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.678851] ffff888100338180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.679422] >ffff888100338200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.680206] ^ [ 21.680548] ffff888100338280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.680932] ffff888100338300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.681738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 21.080884] ================================================================== [ 21.081773] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 21.082209] Write of size 1 at addr ffff888100abc4da by task kunit_try_catch/179 [ 21.083364] [ 21.083743] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.084057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.084104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.084181] Call Trace: [ 21.084216] <TASK> [ 21.084301] dump_stack_lvl+0x73/0xb0 [ 21.084416] print_report+0xd1/0x660 [ 21.084485] ? __virt_addr_valid+0x1db/0x2d0 [ 21.084604] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.084678] kasan_report+0x104/0x140 [ 21.084758] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 21.084836] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 21.084920] __asan_report_store1_noabort+0x1b/0x30 [ 21.084980] krealloc_less_oob_helper+0xec6/0x11d0 [ 21.085602] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.085656] ? finish_task_switch.isra.0+0x153/0x730 [ 21.085740] ? __switch_to+0x5d9/0xf70 [ 21.085849] ? __schedule+0xd46/0x29c0 [ 21.085890] ? __pfx_read_tsc+0x10/0x10 [ 21.085928] krealloc_less_oob+0x1c/0x30 [ 21.085962] kunit_try_run_case+0x1b2/0x490 [ 21.085997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.086028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.086059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.086091] ? __kthread_parkme+0x82/0x160 [ 21.086146] ? preempt_count_sub+0x50/0x80 [ 21.086182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.086216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.086249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.086282] kthread+0x323/0x710 [ 21.086311] ? trace_preempt_on+0x20/0xc0 [ 21.086346] ? __pfx_kthread+0x10/0x10 [ 21.086378] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.086406] ? calculate_sigpending+0x7b/0xa0 [ 21.086437] ? __pfx_kthread+0x10/0x10 [ 21.086469] ret_from_fork+0x41/0x80 [ 21.086500] ? __pfx_kthread+0x10/0x10 [ 21.086531] ret_from_fork_asm+0x1a/0x30 [ 21.086578] </TASK> [ 21.086593] [ 21.104982] Allocated by task 179: [ 21.105961] kasan_save_stack+0x3d/0x60 [ 21.106421] kasan_save_track+0x18/0x40 [ 21.107056] kasan_save_alloc_info+0x3b/0x50 [ 21.107376] __kasan_krealloc+0x190/0x1f0 [ 21.108205] krealloc_noprof+0xf4/0x370 [ 21.108624] krealloc_less_oob_helper+0x1aa/0x11d0 [ 21.109660] krealloc_less_oob+0x1c/0x30 [ 21.110092] kunit_try_run_case+0x1b2/0x490 [ 21.110459] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.111017] kthread+0x323/0x710 [ 21.111395] ret_from_fork+0x41/0x80 [ 21.111839] ret_from_fork_asm+0x1a/0x30 [ 21.112445] [ 21.112667] The buggy address belongs to the object at ffff888100abc400 [ 21.112667] which belongs to the cache kmalloc-256 of size 256 [ 21.113639] The buggy address is located 17 bytes to the right of [ 21.113639] allocated 201-byte region [ffff888100abc400, ffff888100abc4c9) [ 21.114839] [ 21.115179] The buggy address belongs to the physical page: [ 21.116183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100abc [ 21.116904] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.117852] flags: 0x200000000000040(head|node=0|zone=2) [ 21.118356] page_type: f5(slab) [ 21.118853] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.119586] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.120440] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.121881] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.122976] head: 0200000000000001 ffffea000402af01 00000000ffffffff 00000000ffffffff [ 21.123524] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.124423] page dumped because: kasan: bad access detected [ 21.125085] [ 21.125326] Memory state around the buggy address: [ 21.126174] ffff888100abc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.126909] ffff888100abc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.127566] >ffff888100abc480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 21.128433] ^ [ 21.129148] ffff888100abc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.129932] ffff888100abc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.130577] ================================================================== [ 21.424606] ================================================================== [ 21.425929] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 21.426537] Write of size 1 at addr ffff8881026920da by task kunit_try_catch/183 [ 21.427221] [ 21.427506] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.427945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.427991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.428046] Call Trace: [ 21.428077] <TASK> [ 21.428135] dump_stack_lvl+0x73/0xb0 [ 21.428214] print_report+0xd1/0x660 [ 21.428279] ? __virt_addr_valid+0x1db/0x2d0 [ 21.428400] ? kasan_addr_to_slab+0x11/0xa0 [ 21.428467] kasan_report+0x104/0x140 [ 21.428524] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 21.428597] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 21.429098] __asan_report_store1_noabort+0x1b/0x30 [ 21.429218] krealloc_less_oob_helper+0xec6/0x11d0 [ 21.429301] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.429371] ? finish_task_switch.isra.0+0x153/0x730 [ 21.429416] ? __switch_to+0x5d9/0xf70 [ 21.429455] ? __schedule+0xd46/0x29c0 [ 21.429486] ? __pfx_read_tsc+0x10/0x10 [ 21.429522] krealloc_large_less_oob+0x1c/0x30 [ 21.429556] kunit_try_run_case+0x1b2/0x490 [ 21.429590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.429621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.429653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.429752] ? __kthread_parkme+0x82/0x160 [ 21.429843] ? preempt_count_sub+0x50/0x80 [ 21.429922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.429988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.430037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.430071] kthread+0x323/0x710 [ 21.430131] ? trace_preempt_on+0x20/0xc0 [ 21.430176] ? __pfx_kthread+0x10/0x10 [ 21.430211] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.430241] ? calculate_sigpending+0x7b/0xa0 [ 21.430282] ? __pfx_kthread+0x10/0x10 [ 21.430314] ret_from_fork+0x41/0x80 [ 21.430356] ? __pfx_kthread+0x10/0x10 [ 21.430387] ret_from_fork_asm+0x1a/0x30 [ 21.430444] </TASK> [ 21.430460] [ 21.449840] The buggy address belongs to the physical page: [ 21.451719] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102690 [ 21.452514] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.452927] flags: 0x200000000000040(head|node=0|zone=2) [ 21.454030] page_type: f8(unknown) [ 21.454501] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.456145] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.456663] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.457740] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.458622] head: 0200000000000002 ffffea000409a401 00000000ffffffff 00000000ffffffff [ 21.459482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.460047] page dumped because: kasan: bad access detected [ 21.460571] [ 21.460769] Memory state around the buggy address: [ 21.462140] ffff888102691f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.462539] ffff888102692000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.463554] >ffff888102692080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.464429] ^ [ 21.465445] ffff888102692100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.466861] ffff888102692180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.467321] ================================================================== [ 21.384825] ================================================================== [ 21.385343] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 21.385755] Write of size 1 at addr ffff8881026920d0 by task kunit_try_catch/183 [ 21.386569] [ 21.386876] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.387000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.387033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.387087] Call Trace: [ 21.387140] <TASK> [ 21.387176] dump_stack_lvl+0x73/0xb0 [ 21.387251] print_report+0xd1/0x660 [ 21.387315] ? __virt_addr_valid+0x1db/0x2d0 [ 21.387581] ? kasan_addr_to_slab+0x11/0xa0 [ 21.387851] kasan_report+0x104/0x140 [ 21.387922] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 21.388001] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 21.388081] __asan_report_store1_noabort+0x1b/0x30 [ 21.388171] krealloc_less_oob_helper+0xe23/0x11d0 [ 21.388220] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.388256] ? finish_task_switch.isra.0+0x153/0x730 [ 21.388295] ? __switch_to+0x5d9/0xf70 [ 21.388333] ? __schedule+0xd46/0x29c0 [ 21.388364] ? __pfx_read_tsc+0x10/0x10 [ 21.388400] krealloc_large_less_oob+0x1c/0x30 [ 21.388433] kunit_try_run_case+0x1b2/0x490 [ 21.388468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.388499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.388529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.388560] ? __kthread_parkme+0x82/0x160 [ 21.388590] ? preempt_count_sub+0x50/0x80 [ 21.388625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.388658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.388902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.388996] kthread+0x323/0x710 [ 21.389059] ? trace_preempt_on+0x20/0xc0 [ 21.389151] ? __pfx_kthread+0x10/0x10 [ 21.389212] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.389269] ? calculate_sigpending+0x7b/0xa0 [ 21.389326] ? __pfx_kthread+0x10/0x10 [ 21.389386] ret_from_fork+0x41/0x80 [ 21.389450] ? __pfx_kthread+0x10/0x10 [ 21.389511] ret_from_fork_asm+0x1a/0x30 [ 21.389592] </TASK> [ 21.389620] [ 21.408556] The buggy address belongs to the physical page: [ 21.409613] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102690 [ 21.410416] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.411314] flags: 0x200000000000040(head|node=0|zone=2) [ 21.412154] page_type: f8(unknown) [ 21.412542] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.413554] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.414022] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.414731] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.415438] head: 0200000000000002 ffffea000409a401 00000000ffffffff 00000000ffffffff [ 21.416450] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.417443] page dumped because: kasan: bad access detected [ 21.418133] [ 21.418353] Memory state around the buggy address: [ 21.419095] ffff888102691f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.419904] ffff888102692000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.420659] >ffff888102692080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.421803] ^ [ 21.422102] ffff888102692100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.422972] ffff888102692180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.423586] ================================================================== [ 20.969623] ================================================================== [ 20.970392] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 20.971141] Write of size 1 at addr ffff888100abc4c9 by task kunit_try_catch/179 [ 20.971740] [ 20.972083] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.972237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.972271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.972327] Call Trace: [ 20.972357] <TASK> [ 20.972390] dump_stack_lvl+0x73/0xb0 [ 20.972468] print_report+0xd1/0x660 [ 20.972534] ? __virt_addr_valid+0x1db/0x2d0 [ 20.972649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.972847] kasan_report+0x104/0x140 [ 20.972922] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 20.972994] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 20.973072] __asan_report_store1_noabort+0x1b/0x30 [ 20.973164] krealloc_less_oob_helper+0xd70/0x11d0 [ 20.973242] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 20.973305] ? finish_task_switch.isra.0+0x153/0x730 [ 20.973369] ? __switch_to+0x5d9/0xf70 [ 20.973445] ? __schedule+0xd46/0x29c0 [ 20.973506] ? __pfx_read_tsc+0x10/0x10 [ 20.973574] krealloc_less_oob+0x1c/0x30 [ 20.973638] kunit_try_run_case+0x1b2/0x490 [ 20.973734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.973799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.973861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.973921] ? __kthread_parkme+0x82/0x160 [ 20.973982] ? preempt_count_sub+0x50/0x80 [ 20.974050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.974136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.974237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.974279] kthread+0x323/0x710 [ 20.974310] ? trace_preempt_on+0x20/0xc0 [ 20.974345] ? __pfx_kthread+0x10/0x10 [ 20.974376] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.974407] ? calculate_sigpending+0x7b/0xa0 [ 20.974437] ? __pfx_kthread+0x10/0x10 [ 20.974469] ret_from_fork+0x41/0x80 [ 20.974502] ? __pfx_kthread+0x10/0x10 [ 20.974533] ret_from_fork_asm+0x1a/0x30 [ 20.974579] </TASK> [ 20.974594] [ 21.001916] Allocated by task 179: [ 21.002316] kasan_save_stack+0x3d/0x60 [ 21.002747] kasan_save_track+0x18/0x40 [ 21.004144] kasan_save_alloc_info+0x3b/0x50 [ 21.004499] __kasan_krealloc+0x190/0x1f0 [ 21.004800] krealloc_noprof+0xf4/0x370 [ 21.005238] krealloc_less_oob_helper+0x1aa/0x11d0 [ 21.005912] krealloc_less_oob+0x1c/0x30 [ 21.006405] kunit_try_run_case+0x1b2/0x490 [ 21.007018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.007662] kthread+0x323/0x710 [ 21.008534] ret_from_fork+0x41/0x80 [ 21.009082] ret_from_fork_asm+0x1a/0x30 [ 21.009511] [ 21.009880] The buggy address belongs to the object at ffff888100abc400 [ 21.009880] which belongs to the cache kmalloc-256 of size 256 [ 21.010928] The buggy address is located 0 bytes to the right of [ 21.010928] allocated 201-byte region [ffff888100abc400, ffff888100abc4c9) [ 21.011896] [ 21.012155] The buggy address belongs to the physical page: [ 21.012660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100abc [ 21.013561] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.014235] flags: 0x200000000000040(head|node=0|zone=2) [ 21.014752] page_type: f5(slab) [ 21.015016] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.016357] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.017212] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.017866] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.018487] head: 0200000000000001 ffffea000402af01 00000000ffffffff 00000000ffffffff [ 21.019608] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.020370] page dumped because: kasan: bad access detected [ 21.021077] [ 21.021288] Memory state around the buggy address: [ 21.021884] ffff888100abc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.022395] ffff888100abc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.023137] >ffff888100abc480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 21.024176] ^ [ 21.024882] ffff888100abc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.025440] ffff888100abc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.026014] ================================================================== [ 21.132458] ================================================================== [ 21.132989] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 21.133666] Write of size 1 at addr ffff888100abc4ea by task kunit_try_catch/179 [ 21.134284] [ 21.134532] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.134657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.134860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.134927] Call Trace: [ 21.134960] <TASK> [ 21.134993] dump_stack_lvl+0x73/0xb0 [ 21.135070] print_report+0xd1/0x660 [ 21.135154] ? __virt_addr_valid+0x1db/0x2d0 [ 21.135278] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.135348] kasan_report+0x104/0x140 [ 21.135405] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 21.135474] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 21.135552] __asan_report_store1_noabort+0x1b/0x30 [ 21.135641] krealloc_less_oob_helper+0xe90/0x11d0 [ 21.135908] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.136004] ? finish_task_switch.isra.0+0x153/0x730 [ 21.136070] ? __switch_to+0x5d9/0xf70 [ 21.136165] ? __schedule+0xd46/0x29c0 [ 21.136226] ? __pfx_read_tsc+0x10/0x10 [ 21.136292] krealloc_less_oob+0x1c/0x30 [ 21.136360] kunit_try_run_case+0x1b2/0x490 [ 21.136425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.136484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.136541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.136599] ? __kthread_parkme+0x82/0x160 [ 21.136654] ? preempt_count_sub+0x50/0x80 [ 21.136915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.136987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.137054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.137138] kthread+0x323/0x710 [ 21.137198] ? trace_preempt_on+0x20/0xc0 [ 21.137262] ? __pfx_kthread+0x10/0x10 [ 21.137318] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.137359] ? calculate_sigpending+0x7b/0xa0 [ 21.137391] ? __pfx_kthread+0x10/0x10 [ 21.137423] ret_from_fork+0x41/0x80 [ 21.137458] ? __pfx_kthread+0x10/0x10 [ 21.137489] ret_from_fork_asm+0x1a/0x30 [ 21.137538] </TASK> [ 21.137554] [ 21.153327] Allocated by task 179: [ 21.153639] kasan_save_stack+0x3d/0x60 [ 21.156080] kasan_save_track+0x18/0x40 [ 21.156508] kasan_save_alloc_info+0x3b/0x50 [ 21.158234] __kasan_krealloc+0x190/0x1f0 [ 21.158607] krealloc_noprof+0xf4/0x370 [ 21.160016] krealloc_less_oob_helper+0x1aa/0x11d0 [ 21.160769] krealloc_less_oob+0x1c/0x30 [ 21.161154] kunit_try_run_case+0x1b2/0x490 [ 21.161539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.163042] kthread+0x323/0x710 [ 21.163358] ret_from_fork+0x41/0x80 [ 21.163656] ret_from_fork_asm+0x1a/0x30 [ 21.164290] [ 21.164510] The buggy address belongs to the object at ffff888100abc400 [ 21.164510] which belongs to the cache kmalloc-256 of size 256 [ 21.165388] The buggy address is located 33 bytes to the right of [ 21.165388] allocated 201-byte region [ffff888100abc400, ffff888100abc4c9) [ 21.167483] [ 21.168010] The buggy address belongs to the physical page: [ 21.168442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100abc [ 21.169635] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.170506] flags: 0x200000000000040(head|node=0|zone=2) [ 21.171072] page_type: f5(slab) [ 21.172027] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.172588] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.174163] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.175333] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.175913] head: 0200000000000001 ffffea000402af01 00000000ffffffff 00000000ffffffff [ 21.177215] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.177723] page dumped because: kasan: bad access detected [ 21.178604] [ 21.178835] Memory state around the buggy address: [ 21.179713] ffff888100abc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.180524] ffff888100abc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.181297] >ffff888100abc480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 21.182323] ^ [ 21.183468] ffff888100abc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.184594] ffff888100abc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.185158] ================================================================== [ 21.514590] ================================================================== [ 21.515226] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 21.515670] Write of size 1 at addr ffff8881026920eb by task kunit_try_catch/183 [ 21.516256] [ 21.516633] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.516923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.516959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.517010] Call Trace: [ 21.517039] <TASK> [ 21.517071] dump_stack_lvl+0x73/0xb0 [ 21.517212] print_report+0xd1/0x660 [ 21.517285] ? __virt_addr_valid+0x1db/0x2d0 [ 21.517406] ? kasan_addr_to_slab+0x11/0xa0 [ 21.517473] kasan_report+0x104/0x140 [ 21.517532] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 21.517603] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 21.519215] __asan_report_store1_noabort+0x1b/0x30 [ 21.519311] krealloc_less_oob_helper+0xd47/0x11d0 [ 21.519399] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.519486] ? finish_task_switch.isra.0+0x153/0x730 [ 21.519551] ? __switch_to+0x5d9/0xf70 [ 21.519648] ? __schedule+0xd46/0x29c0 [ 21.519725] ? __pfx_read_tsc+0x10/0x10 [ 21.519801] krealloc_large_less_oob+0x1c/0x30 [ 21.519871] kunit_try_run_case+0x1b2/0x490 [ 21.519952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.520014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.520073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.520165] ? __kthread_parkme+0x82/0x160 [ 21.520231] ? preempt_count_sub+0x50/0x80 [ 21.520296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.520356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.520417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.520477] kthread+0x323/0x710 [ 21.520530] ? trace_preempt_on+0x20/0xc0 [ 21.520588] ? __pfx_kthread+0x10/0x10 [ 21.520643] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.520694] ? calculate_sigpending+0x7b/0xa0 [ 21.520753] ? __pfx_kthread+0x10/0x10 [ 21.520818] ret_from_fork+0x41/0x80 [ 21.520873] ? __pfx_kthread+0x10/0x10 [ 21.520929] ret_from_fork_asm+0x1a/0x30 [ 21.521018] </TASK> [ 21.521047] [ 21.541004] The buggy address belongs to the physical page: [ 21.541553] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102690 [ 21.543215] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.544239] flags: 0x200000000000040(head|node=0|zone=2) [ 21.545516] page_type: f8(unknown) [ 21.546277] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.547219] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.548130] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.548848] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.549915] head: 0200000000000002 ffffea000409a401 00000000ffffffff 00000000ffffffff [ 21.550554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.551565] page dumped because: kasan: bad access detected [ 21.552174] [ 21.552570] Memory state around the buggy address: [ 21.553436] ffff888102691f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.554799] ffff888102692000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.555538] >ffff888102692080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.556134] ^ [ 21.556706] ffff888102692100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.557366] ffff888102692180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.558042] ================================================================== [ 21.468923] ================================================================== [ 21.469710] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 21.471572] Write of size 1 at addr ffff8881026920ea by task kunit_try_catch/183 [ 21.472513] [ 21.472991] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.473154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.473192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.473246] Call Trace: [ 21.473278] <TASK> [ 21.473314] dump_stack_lvl+0x73/0xb0 [ 21.473388] print_report+0xd1/0x660 [ 21.473427] ? __virt_addr_valid+0x1db/0x2d0 [ 21.473491] ? kasan_addr_to_slab+0x11/0xa0 [ 21.473525] kasan_report+0x104/0x140 [ 21.473554] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 21.473591] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 21.473633] __asan_report_store1_noabort+0x1b/0x30 [ 21.473664] krealloc_less_oob_helper+0xe90/0x11d0 [ 21.473777] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.473861] ? finish_task_switch.isra.0+0x153/0x730 [ 21.473904] ? __switch_to+0x5d9/0xf70 [ 21.473942] ? __schedule+0xd46/0x29c0 [ 21.473973] ? __pfx_read_tsc+0x10/0x10 [ 21.474008] krealloc_large_less_oob+0x1c/0x30 [ 21.474042] kunit_try_run_case+0x1b2/0x490 [ 21.474077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.474128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.474162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.474194] ? __kthread_parkme+0x82/0x160 [ 21.474225] ? preempt_count_sub+0x50/0x80 [ 21.474259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.474293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.474326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.474359] kthread+0x323/0x710 [ 21.474388] ? trace_preempt_on+0x20/0xc0 [ 21.474422] ? __pfx_kthread+0x10/0x10 [ 21.474453] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.474482] ? calculate_sigpending+0x7b/0xa0 [ 21.474512] ? __pfx_kthread+0x10/0x10 [ 21.474543] ret_from_fork+0x41/0x80 [ 21.474574] ? __pfx_kthread+0x10/0x10 [ 21.474606] ret_from_fork_asm+0x1a/0x30 [ 21.474652] </TASK> [ 21.474667] [ 21.493612] The buggy address belongs to the physical page: [ 21.494497] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102690 [ 21.495483] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.496520] flags: 0x200000000000040(head|node=0|zone=2) [ 21.497545] page_type: f8(unknown) [ 21.498281] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.498989] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.499984] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.500619] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.501963] head: 0200000000000002 ffffea000409a401 00000000ffffffff 00000000ffffffff [ 21.502641] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.504182] page dumped because: kasan: bad access detected [ 21.504964] [ 21.505861] Memory state around the buggy address: [ 21.506232] ffff888102691f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.507428] ffff888102692000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.508191] >ffff888102692080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.508816] ^ [ 21.509877] ffff888102692100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.510523] ffff888102692180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.511071] ================================================================== [ 21.345420] ================================================================== [ 21.346682] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 21.347289] Write of size 1 at addr ffff8881026920c9 by task kunit_try_catch/183 [ 21.348066] [ 21.348334] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.348456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.348493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.348553] Call Trace: [ 21.348586] <TASK> [ 21.348626] dump_stack_lvl+0x73/0xb0 [ 21.349173] print_report+0xd1/0x660 [ 21.349261] ? __virt_addr_valid+0x1db/0x2d0 [ 21.349385] ? kasan_addr_to_slab+0x11/0xa0 [ 21.349454] kasan_report+0x104/0x140 [ 21.349515] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 21.349586] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 21.349665] __asan_report_store1_noabort+0x1b/0x30 [ 21.349981] krealloc_less_oob_helper+0xd70/0x11d0 [ 21.350029] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.350066] ? finish_task_switch.isra.0+0x153/0x730 [ 21.350102] ? __switch_to+0x5d9/0xf70 [ 21.350187] ? __schedule+0xd46/0x29c0 [ 21.350221] ? __pfx_read_tsc+0x10/0x10 [ 21.350258] krealloc_large_less_oob+0x1c/0x30 [ 21.350292] kunit_try_run_case+0x1b2/0x490 [ 21.350330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.350361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.350392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.350423] ? __kthread_parkme+0x82/0x160 [ 21.350454] ? preempt_count_sub+0x50/0x80 [ 21.350489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.350522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.350555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.350588] kthread+0x323/0x710 [ 21.350617] ? trace_preempt_on+0x20/0xc0 [ 21.350651] ? __pfx_kthread+0x10/0x10 [ 21.350762] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.350854] ? calculate_sigpending+0x7b/0xa0 [ 21.350895] ? __pfx_kthread+0x10/0x10 [ 21.350928] ret_from_fork+0x41/0x80 [ 21.350962] ? __pfx_kthread+0x10/0x10 [ 21.350993] ret_from_fork_asm+0x1a/0x30 [ 21.351042] </TASK> [ 21.351060] [ 21.368088] The buggy address belongs to the physical page: [ 21.368454] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102690 [ 21.369066] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.369928] flags: 0x200000000000040(head|node=0|zone=2) [ 21.370473] page_type: f8(unknown) [ 21.371353] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.372194] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.372923] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.373565] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.374342] head: 0200000000000002 ffffea000409a401 00000000ffffffff 00000000ffffffff [ 21.375012] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.377994] page dumped because: kasan: bad access detected [ 21.378460] [ 21.378687] Memory state around the buggy address: [ 21.379576] ffff888102691f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.379992] ffff888102692000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.381067] >ffff888102692080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 21.381534] ^ [ 21.382141] ffff888102692100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.382609] ffff888102692180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.384030] ================================================================== [ 21.186170] ================================================================== [ 21.186651] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 21.187069] Write of size 1 at addr ffff888100abc4eb by task kunit_try_catch/179 [ 21.189222] [ 21.189491] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.189613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.189646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.189695] Call Trace: [ 21.189777] <TASK> [ 21.189815] dump_stack_lvl+0x73/0xb0 [ 21.189889] print_report+0xd1/0x660 [ 21.189950] ? __virt_addr_valid+0x1db/0x2d0 [ 21.190071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.190172] kasan_report+0x104/0x140 [ 21.190214] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 21.190254] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 21.190298] __asan_report_store1_noabort+0x1b/0x30 [ 21.190330] krealloc_less_oob_helper+0xd47/0x11d0 [ 21.190369] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.190404] ? finish_task_switch.isra.0+0x153/0x730 [ 21.190437] ? __switch_to+0x5d9/0xf70 [ 21.190475] ? __schedule+0xd46/0x29c0 [ 21.190505] ? __pfx_read_tsc+0x10/0x10 [ 21.190541] krealloc_less_oob+0x1c/0x30 [ 21.190573] kunit_try_run_case+0x1b2/0x490 [ 21.190608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.190639] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.190670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.190701] ? __kthread_parkme+0x82/0x160 [ 21.190758] ? preempt_count_sub+0x50/0x80 [ 21.190796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.190831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.190865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.190898] kthread+0x323/0x710 [ 21.190928] ? trace_preempt_on+0x20/0xc0 [ 21.190964] ? __pfx_kthread+0x10/0x10 [ 21.190996] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.191025] ? calculate_sigpending+0x7b/0xa0 [ 21.191056] ? __pfx_kthread+0x10/0x10 [ 21.191088] ret_from_fork+0x41/0x80 [ 21.191149] ? __pfx_kthread+0x10/0x10 [ 21.191204] ret_from_fork_asm+0x1a/0x30 [ 21.191253] </TASK> [ 21.191269] [ 21.207772] Allocated by task 179: [ 21.208174] kasan_save_stack+0x3d/0x60 [ 21.208604] kasan_save_track+0x18/0x40 [ 21.209296] kasan_save_alloc_info+0x3b/0x50 [ 21.210254] __kasan_krealloc+0x190/0x1f0 [ 21.211001] krealloc_noprof+0xf4/0x370 [ 21.211664] krealloc_less_oob_helper+0x1aa/0x11d0 [ 21.212247] krealloc_less_oob+0x1c/0x30 [ 21.212677] kunit_try_run_case+0x1b2/0x490 [ 21.213398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.213871] kthread+0x323/0x710 [ 21.215155] ret_from_fork+0x41/0x80 [ 21.216174] ret_from_fork_asm+0x1a/0x30 [ 21.216731] [ 21.216974] The buggy address belongs to the object at ffff888100abc400 [ 21.216974] which belongs to the cache kmalloc-256 of size 256 [ 21.217574] The buggy address is located 34 bytes to the right of [ 21.217574] allocated 201-byte region [ffff888100abc400, ffff888100abc4c9) [ 21.218962] [ 21.219301] The buggy address belongs to the physical page: [ 21.220018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100abc [ 21.221084] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.222141] flags: 0x200000000000040(head|node=0|zone=2) [ 21.223308] page_type: f5(slab) [ 21.223605] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.224331] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.225201] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.225599] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.225987] head: 0200000000000001 ffffea000402af01 00000000ffffffff 00000000ffffffff [ 21.226527] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.227799] page dumped because: kasan: bad access detected [ 21.228739] [ 21.229839] Memory state around the buggy address: [ 21.230330] ffff888100abc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.231169] ffff888100abc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.232164] >ffff888100abc480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 21.232869] ^ [ 21.233569] ffff888100abc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.234776] ffff888100abc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.235425] ================================================================== [ 21.028235] ================================================================== [ 21.028853] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 21.030654] Write of size 1 at addr ffff888100abc4d0 by task kunit_try_catch/179 [ 21.031503] [ 21.031897] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.032037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.032072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.032145] Call Trace: [ 21.032179] <TASK> [ 21.032216] dump_stack_lvl+0x73/0xb0 [ 21.032291] print_report+0xd1/0x660 [ 21.032354] ? __virt_addr_valid+0x1db/0x2d0 [ 21.032471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.032540] kasan_report+0x104/0x140 [ 21.032593] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 21.032662] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 21.032935] __asan_report_store1_noabort+0x1b/0x30 [ 21.033007] krealloc_less_oob_helper+0xe23/0x11d0 [ 21.033082] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 21.033178] ? finish_task_switch.isra.0+0x153/0x730 [ 21.033218] ? __switch_to+0x5d9/0xf70 [ 21.033258] ? __schedule+0xd46/0x29c0 [ 21.033289] ? __pfx_read_tsc+0x10/0x10 [ 21.033324] krealloc_less_oob+0x1c/0x30 [ 21.033357] kunit_try_run_case+0x1b2/0x490 [ 21.033393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.033424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.033454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.033485] ? __kthread_parkme+0x82/0x160 [ 21.033515] ? preempt_count_sub+0x50/0x80 [ 21.033550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.033583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.033615] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.033647] kthread+0x323/0x710 [ 21.033693] ? trace_preempt_on+0x20/0xc0 [ 21.034055] ? __pfx_kthread+0x10/0x10 [ 21.034090] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.034145] ? calculate_sigpending+0x7b/0xa0 [ 21.034178] ? __pfx_kthread+0x10/0x10 [ 21.034210] ret_from_fork+0x41/0x80 [ 21.034243] ? __pfx_kthread+0x10/0x10 [ 21.034275] ret_from_fork_asm+0x1a/0x30 [ 21.034322] </TASK> [ 21.034337] [ 21.052884] Allocated by task 179: [ 21.053481] kasan_save_stack+0x3d/0x60 [ 21.054367] kasan_save_track+0x18/0x40 [ 21.055033] kasan_save_alloc_info+0x3b/0x50 [ 21.055625] __kasan_krealloc+0x190/0x1f0 [ 21.056350] krealloc_noprof+0xf4/0x370 [ 21.056887] krealloc_less_oob_helper+0x1aa/0x11d0 [ 21.057290] krealloc_less_oob+0x1c/0x30 [ 21.057942] kunit_try_run_case+0x1b2/0x490 [ 21.058425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.059474] kthread+0x323/0x710 [ 21.060206] ret_from_fork+0x41/0x80 [ 21.060542] ret_from_fork_asm+0x1a/0x30 [ 21.061278] [ 21.061506] The buggy address belongs to the object at ffff888100abc400 [ 21.061506] which belongs to the cache kmalloc-256 of size 256 [ 21.062655] The buggy address is located 7 bytes to the right of [ 21.062655] allocated 201-byte region [ffff888100abc400, ffff888100abc4c9) [ 21.063461] [ 21.064258] The buggy address belongs to the physical page: [ 21.065028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100abc [ 21.065987] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.066660] flags: 0x200000000000040(head|node=0|zone=2) [ 21.067450] page_type: f5(slab) [ 21.068062] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.069367] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.070147] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 21.070687] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.071427] head: 0200000000000001 ffffea000402af01 00000000ffffffff 00000000ffffffff [ 21.072068] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 21.072766] page dumped because: kasan: bad access detected [ 21.073443] [ 21.073600] Memory state around the buggy address: [ 21.074229] ffff888100abc380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.075168] ffff888100abc400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.075636] >ffff888100abc480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 21.076811] ^ [ 21.077453] ffff888100abc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.078288] ffff888100abc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.078787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 20.914632] ================================================================== [ 20.915261] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 20.916029] Write of size 1 at addr ffff8881003380f0 by task kunit_try_catch/177 [ 20.916838] [ 20.917452] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.917580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.917612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.917657] Call Trace: [ 20.917685] <TASK> [ 20.918030] dump_stack_lvl+0x73/0xb0 [ 20.918188] print_report+0xd1/0x660 [ 20.918431] ? __virt_addr_valid+0x1db/0x2d0 [ 20.918581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.918657] kasan_report+0x104/0x140 [ 20.918717] ? krealloc_more_oob_helper+0x7eb/0x930 [ 20.918788] ? krealloc_more_oob_helper+0x7eb/0x930 [ 20.918919] __asan_report_store1_noabort+0x1b/0x30 [ 20.919504] krealloc_more_oob_helper+0x7eb/0x930 [ 20.919550] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 20.919584] ? irqentry_exit+0x2a/0x60 [ 20.919642] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.919685] ? __pfx_krealloc_more_oob+0x10/0x10 [ 20.919735] krealloc_more_oob+0x1c/0x30 [ 20.919768] kunit_try_run_case+0x1b2/0x490 [ 20.919804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.919836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.919868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.919900] ? __kthread_parkme+0x82/0x160 [ 20.919932] ? preempt_count_sub+0x50/0x80 [ 20.919978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.920011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.920043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.920075] kthread+0x323/0x710 [ 20.920104] ? trace_preempt_on+0x20/0xc0 [ 20.920436] ? __pfx_kthread+0x10/0x10 [ 20.920507] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.920566] ? calculate_sigpending+0x7b/0xa0 [ 20.920627] ? __pfx_kthread+0x10/0x10 [ 20.920726] ret_from_fork+0x41/0x80 [ 20.920790] ? __pfx_kthread+0x10/0x10 [ 20.920825] ret_from_fork_asm+0x1a/0x30 [ 20.920873] </TASK> [ 20.920889] [ 20.939509] Allocated by task 177: [ 20.940033] kasan_save_stack+0x3d/0x60 [ 20.940967] kasan_save_track+0x18/0x40 [ 20.941463] kasan_save_alloc_info+0x3b/0x50 [ 20.942206] __kasan_krealloc+0x190/0x1f0 [ 20.942713] krealloc_noprof+0xf4/0x370 [ 20.943278] krealloc_more_oob_helper+0x1a9/0x930 [ 20.943575] krealloc_more_oob+0x1c/0x30 [ 20.944236] kunit_try_run_case+0x1b2/0x490 [ 20.944664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.945348] kthread+0x323/0x710 [ 20.945900] ret_from_fork+0x41/0x80 [ 20.946302] ret_from_fork_asm+0x1a/0x30 [ 20.947147] [ 20.947356] The buggy address belongs to the object at ffff888100338000 [ 20.947356] which belongs to the cache kmalloc-256 of size 256 [ 20.948243] The buggy address is located 5 bytes to the right of [ 20.948243] allocated 235-byte region [ffff888100338000, ffff8881003380eb) [ 20.949035] [ 20.949286] The buggy address belongs to the physical page: [ 20.949786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 20.950648] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.951959] flags: 0x200000000000040(head|node=0|zone=2) [ 20.952393] page_type: f5(slab) [ 20.952947] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.953479] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.954390] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.955385] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.956100] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 20.956988] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.957638] page dumped because: kasan: bad access detected [ 20.958354] [ 20.958556] Memory state around the buggy address: [ 20.959377] ffff888100337f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.960162] ffff888100338000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.960931] >ffff888100338080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 20.961365] ^ [ 20.962204] ffff888100338100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963067] ffff888100338180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963943] ================================================================== [ 20.858607] ================================================================== [ 20.859793] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 20.860509] Write of size 1 at addr ffff8881003380eb by task kunit_try_catch/177 [ 20.861647] [ 20.862169] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.862361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.862427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.862495] Call Trace: [ 20.862526] <TASK> [ 20.862561] dump_stack_lvl+0x73/0xb0 [ 20.862635] print_report+0xd1/0x660 [ 20.863086] ? __virt_addr_valid+0x1db/0x2d0 [ 20.863266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.863343] kasan_report+0x104/0x140 [ 20.863380] ? krealloc_more_oob_helper+0x821/0x930 [ 20.863418] ? krealloc_more_oob_helper+0x821/0x930 [ 20.863462] __asan_report_store1_noabort+0x1b/0x30 [ 20.863493] krealloc_more_oob_helper+0x821/0x930 [ 20.863531] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 20.863564] ? irqentry_exit+0x2a/0x60 [ 20.863604] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.863665] ? __pfx_krealloc_more_oob+0x10/0x10 [ 20.863793] krealloc_more_oob+0x1c/0x30 [ 20.863851] kunit_try_run_case+0x1b2/0x490 [ 20.863891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.863924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.863967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.863999] ? __kthread_parkme+0x82/0x160 [ 20.864030] ? preempt_count_sub+0x50/0x80 [ 20.864065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.864098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.864156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.864189] kthread+0x323/0x710 [ 20.864219] ? trace_preempt_on+0x20/0xc0 [ 20.864253] ? __pfx_kthread+0x10/0x10 [ 20.864284] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.864313] ? calculate_sigpending+0x7b/0xa0 [ 20.864343] ? __pfx_kthread+0x10/0x10 [ 20.864375] ret_from_fork+0x41/0x80 [ 20.864406] ? __pfx_kthread+0x10/0x10 [ 20.864437] ret_from_fork_asm+0x1a/0x30 [ 20.864483] </TASK> [ 20.864498] [ 20.884701] Allocated by task 177: [ 20.885730] kasan_save_stack+0x3d/0x60 [ 20.886607] kasan_save_track+0x18/0x40 [ 20.887271] kasan_save_alloc_info+0x3b/0x50 [ 20.887724] __kasan_krealloc+0x190/0x1f0 [ 20.888307] krealloc_noprof+0xf4/0x370 [ 20.889047] krealloc_more_oob_helper+0x1a9/0x930 [ 20.889648] krealloc_more_oob+0x1c/0x30 [ 20.890457] kunit_try_run_case+0x1b2/0x490 [ 20.891199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.891705] kthread+0x323/0x710 [ 20.892373] ret_from_fork+0x41/0x80 [ 20.893275] ret_from_fork_asm+0x1a/0x30 [ 20.893618] [ 20.894201] The buggy address belongs to the object at ffff888100338000 [ 20.894201] which belongs to the cache kmalloc-256 of size 256 [ 20.896203] The buggy address is located 0 bytes to the right of [ 20.896203] allocated 235-byte region [ffff888100338000, ffff8881003380eb) [ 20.896969] [ 20.897217] The buggy address belongs to the physical page: [ 20.897718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100338 [ 20.898586] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.899419] flags: 0x200000000000040(head|node=0|zone=2) [ 20.900219] page_type: f5(slab) [ 20.900585] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.901307] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.902236] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 20.903307] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.904215] head: 0200000000000001 ffffea000400ce01 00000000ffffffff 00000000ffffffff [ 20.904742] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 20.905801] page dumped because: kasan: bad access detected [ 20.906342] [ 20.906645] Memory state around the buggy address: [ 20.907505] ffff888100337f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.908645] ffff888100338000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.909190] >ffff888100338080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 20.909626] ^ [ 20.910230] ffff888100338100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.911224] ffff888100338180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.912206] ================================================================== [ 21.294479] ================================================================== [ 21.295820] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 21.296220] Write of size 1 at addr ffff8881032460f0 by task kunit_try_catch/181 [ 21.296703] [ 21.296921] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.297043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.297078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.297184] Call Trace: [ 21.298079] <TASK> [ 21.298140] dump_stack_lvl+0x73/0xb0 [ 21.298193] print_report+0xd1/0x660 [ 21.298227] ? __virt_addr_valid+0x1db/0x2d0 [ 21.298292] ? kasan_addr_to_slab+0x11/0xa0 [ 21.298326] kasan_report+0x104/0x140 [ 21.298355] ? krealloc_more_oob_helper+0x7eb/0x930 [ 21.298392] ? krealloc_more_oob_helper+0x7eb/0x930 [ 21.298434] __asan_report_store1_noabort+0x1b/0x30 [ 21.298464] krealloc_more_oob_helper+0x7eb/0x930 [ 21.298496] ? __schedule+0xd46/0x29c0 [ 21.298526] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 21.298561] ? finish_task_switch.isra.0+0x153/0x730 [ 21.298592] ? __switch_to+0x5d9/0xf70 [ 21.298629] ? __schedule+0xd46/0x29c0 [ 21.298656] ? irqentry_exit+0x2a/0x60 [ 21.298728] ? __pfx_read_tsc+0x10/0x10 [ 21.298799] krealloc_large_more_oob+0x1c/0x30 [ 21.298878] kunit_try_run_case+0x1b2/0x490 [ 21.298942] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.298977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.299010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.299053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.299087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.299142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.299177] kthread+0x323/0x710 [ 21.299206] ? trace_preempt_on+0x20/0xc0 [ 21.299240] ? __pfx_kthread+0x10/0x10 [ 21.299271] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.299300] ? calculate_sigpending+0x7b/0xa0 [ 21.299330] ? __pfx_kthread+0x10/0x10 [ 21.299361] ret_from_fork+0x41/0x80 [ 21.299391] ? __pfx_kthread+0x10/0x10 [ 21.299422] ret_from_fork_asm+0x1a/0x30 [ 21.299468] </TASK> [ 21.299483] [ 21.322288] The buggy address belongs to the physical page: [ 21.322643] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103244 [ 21.323528] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.325026] flags: 0x200000000000040(head|node=0|zone=2) [ 21.325540] page_type: f8(unknown) [ 21.326449] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.327083] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.327684] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.329164] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.329483] head: 0200000000000002 ffffea00040c9101 00000000ffffffff 00000000ffffffff [ 21.329837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.330749] page dumped because: kasan: bad access detected [ 21.331474] [ 21.331777] Memory state around the buggy address: [ 21.332637] ffff888103245f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.333891] ffff888103246000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.334516] >ffff888103246080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 21.336173] ^ [ 21.336663] ffff888103246100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.337845] ffff888103246180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.338597] ================================================================== [ 21.245360] ================================================================== [ 21.248203] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 21.248966] Write of size 1 at addr ffff8881032460eb by task kunit_try_catch/181 [ 21.250475] [ 21.250676] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 21.252548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.252583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.252643] Call Trace: [ 21.252873] <TASK> [ 21.252945] dump_stack_lvl+0x73/0xb0 [ 21.253032] print_report+0xd1/0x660 [ 21.253094] ? __virt_addr_valid+0x1db/0x2d0 [ 21.253243] ? kasan_addr_to_slab+0x11/0xa0 [ 21.253306] kasan_report+0x104/0x140 [ 21.253360] ? krealloc_more_oob_helper+0x821/0x930 [ 21.253428] ? krealloc_more_oob_helper+0x821/0x930 [ 21.253502] __asan_report_store1_noabort+0x1b/0x30 [ 21.253571] krealloc_more_oob_helper+0x821/0x930 [ 21.253629] ? __schedule+0xd46/0x29c0 [ 21.253708] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 21.253794] ? finish_task_switch.isra.0+0x153/0x730 [ 21.253864] ? __switch_to+0x5d9/0xf70 [ 21.253941] ? __schedule+0xd46/0x29c0 [ 21.253996] ? irqentry_exit+0x2a/0x60 [ 21.254053] ? __pfx_read_tsc+0x10/0x10 [ 21.254391] krealloc_large_more_oob+0x1c/0x30 [ 21.254497] kunit_try_run_case+0x1b2/0x490 [ 21.254569] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.254631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.254908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.255017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.255081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.255177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.255238] kthread+0x323/0x710 [ 21.255300] ? trace_preempt_on+0x20/0xc0 [ 21.255369] ? __pfx_kthread+0x10/0x10 [ 21.255431] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.255491] ? calculate_sigpending+0x7b/0xa0 [ 21.255551] ? __pfx_kthread+0x10/0x10 [ 21.255640] ret_from_fork+0x41/0x80 [ 21.255899] ? __pfx_kthread+0x10/0x10 [ 21.255984] ret_from_fork_asm+0x1a/0x30 [ 21.256078] </TASK> [ 21.256129] [ 21.276822] The buggy address belongs to the physical page: [ 21.277456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103244 [ 21.278672] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.279534] flags: 0x200000000000040(head|node=0|zone=2) [ 21.280351] page_type: f8(unknown) [ 21.280796] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.281831] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.282379] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.283299] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.284386] head: 0200000000000002 ffffea00040c9101 00000000ffffffff 00000000ffffffff [ 21.285552] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.286405] page dumped because: kasan: bad access detected [ 21.287051] [ 21.287328] Memory state around the buggy address: [ 21.288388] ffff888103245f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.289158] ffff888103246000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.289871] >ffff888103246080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 21.290549] ^ [ 21.291440] ffff888103246100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.292230] ffff888103246180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.292946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 24.725342] ================================================================== [ 24.726446] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x326/0x390 [ 24.726784] Read of size 1 at addr ffff8881038d7c4a by task kunit_try_catch/274 [ 24.727668] [ 24.728021] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.728173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.728214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.728266] Call Trace: [ 24.728426] <TASK> [ 24.728471] dump_stack_lvl+0x73/0xb0 [ 24.728548] print_report+0xd1/0x660 [ 24.728586] ? __virt_addr_valid+0x1db/0x2d0 [ 24.728651] ? kasan_addr_to_slab+0x11/0xa0 [ 24.728686] kasan_report+0x104/0x140 [ 24.728776] ? kasan_alloca_oob_right+0x326/0x390 [ 24.728853] ? kasan_alloca_oob_right+0x326/0x390 [ 24.729255] __asan_report_load1_noabort+0x18/0x20 [ 24.729353] kasan_alloca_oob_right+0x326/0x390 [ 24.729437] ? finish_task_switch.isra.0+0x153/0x730 [ 24.729485] ? pci_mmcfg_reserved+0xf0/0x440 [ 24.729519] ? trace_hardirqs_on+0x37/0xe0 [ 24.729557] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 24.729597] ? __schedule+0xd46/0x29c0 [ 24.729628] ? __pfx_read_tsc+0x10/0x10 [ 24.729658] ? ktime_get_ts64+0x86/0x240 [ 24.729695] kunit_try_run_case+0x1b2/0x490 [ 24.729771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.729806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.729838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.729871] ? __kthread_parkme+0x82/0x160 [ 24.729902] ? preempt_count_sub+0x50/0x80 [ 24.729938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.729972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.730006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.730041] kthread+0x323/0x710 [ 24.730071] ? trace_preempt_on+0x20/0xc0 [ 24.730104] ? __pfx_kthread+0x10/0x10 [ 24.730166] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.730196] ? calculate_sigpending+0x7b/0xa0 [ 24.730227] ? __pfx_kthread+0x10/0x10 [ 24.730260] ret_from_fork+0x41/0x80 [ 24.730292] ? __pfx_kthread+0x10/0x10 [ 24.730322] ret_from_fork_asm+0x1a/0x30 [ 24.730369] </TASK> [ 24.730385] [ 24.743790] The buggy address belongs to stack of task kunit_try_catch/274 [ 24.744419] [ 24.744582] The buggy address belongs to the physical page: [ 24.745314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d7 [ 24.745879] flags: 0x200000000000000(node=0|zone=2) [ 24.746456] raw: 0200000000000000 ffffea00040e35c8 ffffea00040e35c8 0000000000000000 [ 24.746999] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.747628] page dumped because: kasan: bad access detected [ 24.748377] [ 24.748604] Memory state around the buggy address: [ 24.749090] ffff8881038d7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.749487] ffff8881038d7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.749863] >ffff8881038d7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 24.750417] ^ [ 24.750983] ffff8881038d7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 24.751666] ffff8881038d7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 24.752342] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 24.678366] ================================================================== [ 24.679366] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x31d/0x380 [ 24.680196] Read of size 1 at addr ffff88810399fc3f by task kunit_try_catch/272 [ 24.680985] [ 24.681344] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.681473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.681559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.681645] Call Trace: [ 24.681684] <TASK> [ 24.681937] dump_stack_lvl+0x73/0xb0 [ 24.682030] print_report+0xd1/0x660 [ 24.682101] ? __virt_addr_valid+0x1db/0x2d0 [ 24.682249] ? kasan_addr_to_slab+0x11/0xa0 [ 24.682318] kasan_report+0x104/0x140 [ 24.682375] ? kasan_alloca_oob_left+0x31d/0x380 [ 24.682539] ? kasan_alloca_oob_left+0x31d/0x380 [ 24.682634] __asan_report_load1_noabort+0x18/0x20 [ 24.682744] kasan_alloca_oob_left+0x31d/0x380 [ 24.682802] ? irqentry_exit+0x2a/0x60 [ 24.682838] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.682874] ? trace_hardirqs_on+0x37/0xe0 [ 24.682913] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 24.682955] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 24.682996] kunit_try_run_case+0x1b2/0x490 [ 24.683031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.683063] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.683095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.683164] ? __kthread_parkme+0x82/0x160 [ 24.683267] ? preempt_count_sub+0x50/0x80 [ 24.683316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.683351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.683387] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.683420] kthread+0x323/0x710 [ 24.683451] ? trace_preempt_on+0x20/0xc0 [ 24.683484] ? __pfx_kthread+0x10/0x10 [ 24.683516] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.683545] ? calculate_sigpending+0x7b/0xa0 [ 24.683576] ? __pfx_kthread+0x10/0x10 [ 24.683636] ret_from_fork+0x41/0x80 [ 24.683669] ? __pfx_kthread+0x10/0x10 [ 24.683759] ret_from_fork_asm+0x1a/0x30 [ 24.683860] </TASK> [ 24.683892] [ 24.699082] The buggy address belongs to stack of task kunit_try_catch/272 [ 24.699488] [ 24.699667] The buggy address belongs to the physical page: [ 24.700336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10399f [ 24.701878] flags: 0x200000000000000(node=0|zone=2) [ 24.702419] raw: 0200000000000000 ffffea00040e67c8 ffffea00040e67c8 0000000000000000 [ 24.703940] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.704549] page dumped because: kasan: bad access detected [ 24.705263] [ 24.705422] Memory state around the buggy address: [ 24.705704] ffff88810399fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.706084] ffff88810399fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.706585] >ffff88810399fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 24.709055] ^ [ 24.710468] ffff88810399fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 24.711019] ffff88810399fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 24.711911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 24.628608] ================================================================== [ 24.630226] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2ac/0x300 [ 24.631254] Read of size 1 at addr ffff8881039afd02 by task kunit_try_catch/270 [ 24.632331] [ 24.632605] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.632767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.632970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.633022] Call Trace: [ 24.633056] <TASK> [ 24.633087] dump_stack_lvl+0x73/0xb0 [ 24.633174] print_report+0xd1/0x660 [ 24.633230] ? __virt_addr_valid+0x1db/0x2d0 [ 24.633307] ? kasan_addr_to_slab+0x11/0xa0 [ 24.633343] kasan_report+0x104/0x140 [ 24.633373] ? kasan_stack_oob+0x2ac/0x300 [ 24.633407] ? kasan_stack_oob+0x2ac/0x300 [ 24.633446] __asan_report_load1_noabort+0x18/0x20 [ 24.633478] kasan_stack_oob+0x2ac/0x300 [ 24.633509] ? __pfx_kasan_stack_oob+0x10/0x10 [ 24.633538] ? finish_task_switch.isra.0+0x153/0x730 [ 24.633572] ? __switch_to+0x5d9/0xf70 [ 24.633611] ? __schedule+0xd46/0x29c0 [ 24.633643] ? __pfx_read_tsc+0x10/0x10 [ 24.633672] ? ktime_get_ts64+0x86/0x240 [ 24.633958] kunit_try_run_case+0x1b2/0x490 [ 24.634055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.634188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.634273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.634310] ? __kthread_parkme+0x82/0x160 [ 24.634344] ? preempt_count_sub+0x50/0x80 [ 24.634379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.634414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.634449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.634482] kthread+0x323/0x710 [ 24.634512] ? trace_preempt_on+0x20/0xc0 [ 24.634547] ? __pfx_kthread+0x10/0x10 [ 24.634579] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.634608] ? calculate_sigpending+0x7b/0xa0 [ 24.634641] ? __pfx_kthread+0x10/0x10 [ 24.634672] ret_from_fork+0x41/0x80 [ 24.634758] ? __pfx_kthread+0x10/0x10 [ 24.634817] ret_from_fork_asm+0x1a/0x30 [ 24.634891] </TASK> [ 24.634907] [ 24.654774] The buggy address belongs to stack of task kunit_try_catch/270 [ 24.655694] and is located at offset 138 in frame: [ 24.656521] kasan_stack_oob+0x0/0x300 [ 24.657700] [ 24.658002] This frame has 4 objects: [ 24.658480] [48, 49) '__assertion' [ 24.658541] [64, 72) 'array' [ 24.658934] [96, 112) '__assertion' [ 24.659336] [128, 138) 'stack_array' [ 24.659750] [ 24.661283] The buggy address belongs to the physical page: [ 24.661752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039af [ 24.662859] flags: 0x200000000000000(node=0|zone=2) [ 24.663696] raw: 0200000000000000 ffffea00040e6bc8 ffffea00040e6bc8 0000000000000000 [ 24.665209] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.665770] page dumped because: kasan: bad access detected [ 24.666444] [ 24.666579] Memory state around the buggy address: [ 24.666967] ffff8881039afc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 24.667875] ffff8881039afc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 24.669011] >ffff8881039afd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 24.669539] ^ [ 24.670305] ffff8881039afd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 24.670805] ffff8881039afe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.671311] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 24.586629] ================================================================== [ 24.587530] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 24.588182] Read of size 1 at addr ffffffffb654fe8d by task kunit_try_catch/266 [ 24.588706] [ 24.589696] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.590197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.590222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.590253] Call Trace: [ 24.590271] <TASK> [ 24.590292] dump_stack_lvl+0x73/0xb0 [ 24.590335] print_report+0xd1/0x660 [ 24.590371] ? __virt_addr_valid+0x1db/0x2d0 [ 24.590436] ? kasan_addr_to_slab+0x11/0xa0 [ 24.590470] kasan_report+0x104/0x140 [ 24.590500] ? kasan_global_oob_right+0x286/0x2d0 [ 24.590536] ? kasan_global_oob_right+0x286/0x2d0 [ 24.590576] __asan_report_load1_noabort+0x18/0x20 [ 24.590606] kasan_global_oob_right+0x286/0x2d0 [ 24.590638] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 24.590674] ? __schedule+0xd46/0x29c0 [ 24.590749] ? __pfx_read_tsc+0x10/0x10 [ 24.590799] ? ktime_get_ts64+0x86/0x240 [ 24.590845] kunit_try_run_case+0x1b2/0x490 [ 24.590882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.590915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.590948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.590980] ? __kthread_parkme+0x82/0x160 [ 24.591011] ? preempt_count_sub+0x50/0x80 [ 24.591046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.591080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.591136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.591172] kthread+0x323/0x710 [ 24.591202] ? trace_preempt_on+0x20/0xc0 [ 24.591236] ? __pfx_kthread+0x10/0x10 [ 24.591268] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.591297] ? calculate_sigpending+0x7b/0xa0 [ 24.591328] ? __pfx_kthread+0x10/0x10 [ 24.591360] ret_from_fork+0x41/0x80 [ 24.591392] ? __pfx_kthread+0x10/0x10 [ 24.591423] ret_from_fork_asm+0x1a/0x30 [ 24.591470] </TASK> [ 24.591486] [ 24.604948] The buggy address belongs to the variable: [ 24.605480] global_array+0xd/0x40 [ 24.606492] [ 24.606992] The buggy address belongs to the physical page: [ 24.607545] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3b34f [ 24.608430] flags: 0x100000000002000(reserved|node=0|zone=1) [ 24.609180] raw: 0100000000002000 ffffea0000ecd3c8 ffffea0000ecd3c8 0000000000000000 [ 24.609986] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.610506] page dumped because: kasan: bad access detected [ 24.610905] [ 24.611330] Memory state around the buggy address: [ 24.611949] ffffffffb654fd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.612793] ffffffffb654fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.613360] >ffffffffb654fe80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 24.613727] ^ [ 24.613962] ffffffffb654ff00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 24.614838] ffffffffb654ff80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 24.615954] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 24.533420] ================================================================== [ 24.535582] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.536278] Free of addr ffff888103920001 by task kunit_try_catch/264 [ 24.537597] [ 24.537838] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.537962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.537984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.538015] Call Trace: [ 24.538034] <TASK> [ 24.538056] dump_stack_lvl+0x73/0xb0 [ 24.538146] print_report+0xd1/0x660 [ 24.538185] ? __virt_addr_valid+0x1db/0x2d0 [ 24.538252] ? kasan_addr_to_slab+0x11/0xa0 [ 24.538285] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.538323] kasan_report_invalid_free+0xce/0x100 [ 24.538360] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.538402] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.538438] __kasan_mempool_poison_object+0x102/0x1d0 [ 24.538473] mempool_free+0x2ec/0x380 [ 24.538508] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.538546] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 24.538591] ? finish_task_switch.isra.0+0x153/0x730 [ 24.538629] mempool_kmalloc_large_invalid_free+0xb0/0x100 [ 24.538665] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 24.538700] ? __switch_to+0x5d9/0xf70 [ 24.538813] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.538871] ? __pfx_mempool_kfree+0x10/0x10 [ 24.538932] ? __pfx_read_tsc+0x10/0x10 [ 24.538989] ? ktime_get_ts64+0x86/0x240 [ 24.539055] kunit_try_run_case+0x1b2/0x490 [ 24.539146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.539245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.539314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.539379] ? __kthread_parkme+0x82/0x160 [ 24.539440] ? preempt_count_sub+0x50/0x80 [ 24.539497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.539535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.539571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.539634] kthread+0x323/0x710 [ 24.539666] ? trace_preempt_on+0x20/0xc0 [ 24.539778] ? __pfx_kthread+0x10/0x10 [ 24.539861] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.539895] ? calculate_sigpending+0x7b/0xa0 [ 24.539941] ? __pfx_kthread+0x10/0x10 [ 24.539973] ret_from_fork+0x41/0x80 [ 24.540007] ? __pfx_kthread+0x10/0x10 [ 24.540038] ret_from_fork_asm+0x1a/0x30 [ 24.540087] </TASK> [ 24.540103] [ 24.562671] The buggy address belongs to the physical page: [ 24.563684] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103920 [ 24.564802] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.565849] flags: 0x200000000000040(head|node=0|zone=2) [ 24.566364] page_type: f8(unknown) [ 24.566890] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.567976] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.568815] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.569318] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.570585] head: 0200000000000002 ffffea00040e4801 00000000ffffffff 00000000ffffffff [ 24.571737] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.573208] page dumped because: kasan: bad access detected [ 24.573620] [ 24.574041] Memory state around the buggy address: [ 24.574521] ffff88810391ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.575697] ffff88810391ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.576525] >ffff888103920000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.577430] ^ [ 24.577884] ffff888103920080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.578335] ffff888103920100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.579481] ================================================================== [ 24.470288] ================================================================== [ 24.471680] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.472560] Free of addr ffff888103210e01 by task kunit_try_catch/262 [ 24.473182] [ 24.473788] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.474472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.474502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.474537] Call Trace: [ 24.474556] <TASK> [ 24.474577] dump_stack_lvl+0x73/0xb0 [ 24.474624] print_report+0xd1/0x660 [ 24.474659] ? __virt_addr_valid+0x1db/0x2d0 [ 24.474835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.474888] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.474927] kasan_report_invalid_free+0xce/0x100 [ 24.474965] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.475007] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.475043] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.475078] check_slab_allocation+0x11f/0x130 [ 24.475131] __kasan_mempool_poison_object+0x91/0x1d0 [ 24.475171] mempool_free+0x2ec/0x380 [ 24.475207] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 24.475245] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 24.475291] ? finish_task_switch.isra.0+0x153/0x730 [ 24.475328] mempool_kmalloc_invalid_free+0xb0/0x100 [ 24.475363] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 24.475396] ? __switch_to+0x5d9/0xf70 [ 24.475433] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.475461] ? __pfx_mempool_kfree+0x10/0x10 [ 24.475494] ? __pfx_read_tsc+0x10/0x10 [ 24.475523] ? ktime_get_ts64+0x86/0x240 [ 24.475558] kunit_try_run_case+0x1b2/0x490 [ 24.475602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.475650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.475741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.475808] ? __kthread_parkme+0x82/0x160 [ 24.475873] ? preempt_count_sub+0x50/0x80 [ 24.475912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.475959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.475994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.476028] kthread+0x323/0x710 [ 24.476058] ? trace_preempt_on+0x20/0xc0 [ 24.476092] ? __pfx_kthread+0x10/0x10 [ 24.476144] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.476174] ? calculate_sigpending+0x7b/0xa0 [ 24.476206] ? __pfx_kthread+0x10/0x10 [ 24.476238] ret_from_fork+0x41/0x80 [ 24.476269] ? __pfx_kthread+0x10/0x10 [ 24.476301] ret_from_fork_asm+0x1a/0x30 [ 24.476347] </TASK> [ 24.476364] [ 24.502408] Allocated by task 262: [ 24.503909] kasan_save_stack+0x3d/0x60 [ 24.504271] kasan_save_track+0x18/0x40 [ 24.504630] kasan_save_alloc_info+0x3b/0x50 [ 24.505594] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 24.506083] remove_element+0x11e/0x190 [ 24.506951] mempool_alloc_preallocated+0x4d/0x90 [ 24.507294] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 24.508797] mempool_kmalloc_invalid_free+0xb0/0x100 [ 24.509332] kunit_try_run_case+0x1b2/0x490 [ 24.509789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.510613] kthread+0x323/0x710 [ 24.511343] ret_from_fork+0x41/0x80 [ 24.511734] ret_from_fork_asm+0x1a/0x30 [ 24.512142] [ 24.513453] The buggy address belongs to the object at ffff888103210e00 [ 24.513453] which belongs to the cache kmalloc-128 of size 128 [ 24.515076] The buggy address is located 1 bytes inside of [ 24.515076] 128-byte region [ffff888103210e00, ffff888103210e80) [ 24.516069] [ 24.516445] The buggy address belongs to the physical page: [ 24.517035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103210 [ 24.517490] flags: 0x200000000000000(node=0|zone=2) [ 24.518488] page_type: f5(slab) [ 24.519032] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.519531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.520430] page dumped because: kasan: bad access detected [ 24.520875] [ 24.521101] Memory state around the buggy address: [ 24.521823] ffff888103210d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.522306] ffff888103210d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.523158] >ffff888103210e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.523960] ^ [ 24.524521] ffff888103210e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.525436] ffff888103210f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.526387] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 24.294503] ================================================================== [ 24.296660] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 24.297535] Free of addr ffff88810305ab00 by task kunit_try_catch/256 [ 24.299433] [ 24.299628] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.300219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.300248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.300281] Call Trace: [ 24.300302] <TASK> [ 24.300323] dump_stack_lvl+0x73/0xb0 [ 24.300371] print_report+0xd1/0x660 [ 24.300407] ? __virt_addr_valid+0x1db/0x2d0 [ 24.300476] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.300512] ? mempool_double_free_helper+0x184/0x370 [ 24.300547] kasan_report_invalid_free+0xce/0x100 [ 24.300583] ? mempool_double_free_helper+0x184/0x370 [ 24.300623] ? mempool_double_free_helper+0x184/0x370 [ 24.300656] ? mempool_double_free_helper+0x184/0x370 [ 24.300746] check_slab_allocation+0x101/0x130 [ 24.300883] __kasan_mempool_poison_object+0x91/0x1d0 [ 24.300943] mempool_free+0x2ec/0x380 [ 24.300984] mempool_double_free_helper+0x184/0x370 [ 24.301023] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 24.301059] ? update_load_avg+0x1c3/0x2170 [ 24.301097] ? update_curr+0x80/0x810 [ 24.301159] ? finish_task_switch.isra.0+0x153/0x730 [ 24.301199] mempool_kmalloc_double_free+0xb0/0x100 [ 24.301236] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 24.301270] ? __switch_to+0x5d9/0xf70 [ 24.301308] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.301337] ? __pfx_mempool_kfree+0x10/0x10 [ 24.301372] ? __pfx_read_tsc+0x10/0x10 [ 24.301402] ? ktime_get_ts64+0x86/0x240 [ 24.301441] kunit_try_run_case+0x1b2/0x490 [ 24.301478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.301509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.301541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.301574] ? __kthread_parkme+0x82/0x160 [ 24.301605] ? preempt_count_sub+0x50/0x80 [ 24.301641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.301689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.301822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.301894] kthread+0x323/0x710 [ 24.301952] ? trace_preempt_on+0x20/0xc0 [ 24.302017] ? __pfx_kthread+0x10/0x10 [ 24.302060] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.302092] ? calculate_sigpending+0x7b/0xa0 [ 24.302152] ? __pfx_kthread+0x10/0x10 [ 24.302187] ret_from_fork+0x41/0x80 [ 24.302221] ? __pfx_kthread+0x10/0x10 [ 24.302254] ret_from_fork_asm+0x1a/0x30 [ 24.302305] </TASK> [ 24.302321] [ 24.327251] Allocated by task 256: [ 24.327600] kasan_save_stack+0x3d/0x60 [ 24.327906] kasan_save_track+0x18/0x40 [ 24.328387] kasan_save_alloc_info+0x3b/0x50 [ 24.329829] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 24.330475] remove_element+0x11e/0x190 [ 24.330915] mempool_alloc_preallocated+0x4d/0x90 [ 24.332070] mempool_double_free_helper+0x8a/0x370 [ 24.332560] mempool_kmalloc_double_free+0xb0/0x100 [ 24.333106] kunit_try_run_case+0x1b2/0x490 [ 24.334286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.334982] kthread+0x323/0x710 [ 24.335332] ret_from_fork+0x41/0x80 [ 24.336549] ret_from_fork_asm+0x1a/0x30 [ 24.337156] [ 24.337660] Freed by task 256: [ 24.338014] kasan_save_stack+0x3d/0x60 [ 24.338399] kasan_save_track+0x18/0x40 [ 24.339430] kasan_save_free_info+0x3f/0x60 [ 24.339775] __kasan_mempool_poison_object+0x131/0x1d0 [ 24.341020] mempool_free+0x2ec/0x380 [ 24.341447] mempool_double_free_helper+0x109/0x370 [ 24.341810] mempool_kmalloc_double_free+0xb0/0x100 [ 24.342407] kunit_try_run_case+0x1b2/0x490 [ 24.342887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.343360] kthread+0x323/0x710 [ 24.343729] ret_from_fork+0x41/0x80 [ 24.344683] ret_from_fork_asm+0x1a/0x30 [ 24.346031] [ 24.346326] The buggy address belongs to the object at ffff88810305ab00 [ 24.346326] which belongs to the cache kmalloc-128 of size 128 [ 24.347152] The buggy address is located 0 bytes inside of [ 24.347152] 128-byte region [ffff88810305ab00, ffff88810305ab80) [ 24.348194] [ 24.348372] The buggy address belongs to the physical page: [ 24.349381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 24.350043] flags: 0x200000000000000(node=0|zone=2) [ 24.350795] page_type: f5(slab) [ 24.351409] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.352354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.353398] page dumped because: kasan: bad access detected [ 24.354180] [ 24.354443] Memory state around the buggy address: [ 24.355017] ffff88810305aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.355333] ffff88810305aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.355556] >ffff88810305ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.355797] ^ [ 24.355925] ffff88810305ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.356173] ffff88810305ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.356382] ================================================================== [ 24.415952] ================================================================== [ 24.417250] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 24.417859] Free of addr ffff888103920000 by task kunit_try_catch/260 [ 24.418415] [ 24.418688] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.418854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.419063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.419154] Call Trace: [ 24.419192] <TASK> [ 24.419228] dump_stack_lvl+0x73/0xb0 [ 24.419307] print_report+0xd1/0x660 [ 24.419415] ? __virt_addr_valid+0x1db/0x2d0 [ 24.419558] ? kasan_addr_to_slab+0x11/0xa0 [ 24.419655] ? mempool_double_free_helper+0x184/0x370 [ 24.419766] kasan_report_invalid_free+0xce/0x100 [ 24.419850] ? mempool_double_free_helper+0x184/0x370 [ 24.419978] ? mempool_double_free_helper+0x184/0x370 [ 24.420051] __kasan_mempool_poison_pages+0x115/0x130 [ 24.420154] mempool_free+0x290/0x380 [ 24.420266] mempool_double_free_helper+0x184/0x370 [ 24.420341] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 24.420429] ? finish_task_switch.isra.0+0x153/0x730 [ 24.420511] mempool_page_alloc_double_free+0xab/0x100 [ 24.420557] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 24.420595] ? __switch_to+0x5d9/0xf70 [ 24.420633] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 24.420665] ? __pfx_mempool_free_pages+0x10/0x10 [ 24.420700] ? __pfx_read_tsc+0x10/0x10 [ 24.421022] ? ktime_get_ts64+0x86/0x240 [ 24.421094] kunit_try_run_case+0x1b2/0x490 [ 24.421165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.421199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.421233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.421265] ? __kthread_parkme+0x82/0x160 [ 24.421300] ? preempt_count_sub+0x50/0x80 [ 24.421336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.421371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.421404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.421438] kthread+0x323/0x710 [ 24.421469] ? trace_preempt_on+0x20/0xc0 [ 24.421504] ? __pfx_kthread+0x10/0x10 [ 24.421539] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.421569] ? calculate_sigpending+0x7b/0xa0 [ 24.421600] ? __pfx_kthread+0x10/0x10 [ 24.421634] ret_from_fork+0x41/0x80 [ 24.421666] ? __pfx_kthread+0x10/0x10 [ 24.421769] ret_from_fork_asm+0x1a/0x30 [ 24.421869] </TASK> [ 24.421887] [ 24.449205] The buggy address belongs to the physical page: [ 24.449510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103920 [ 24.449956] flags: 0x200000000000000(node=0|zone=2) [ 24.452703] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.454730] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.456330] page dumped because: kasan: bad access detected [ 24.457366] [ 24.457587] Memory state around the buggy address: [ 24.457955] ffff88810391ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.458395] ffff88810391ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.458944] >ffff888103920000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.460553] ^ [ 24.461300] ffff888103920080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.462222] ffff888103920100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.463436] ================================================================== [ 24.363978] ================================================================== [ 24.365680] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 24.366278] Free of addr ffff8881039c0000 by task kunit_try_catch/258 [ 24.366955] [ 24.367539] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.367772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.367857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.367916] Call Trace: [ 24.367956] <TASK> [ 24.367980] dump_stack_lvl+0x73/0xb0 [ 24.368026] print_report+0xd1/0x660 [ 24.368075] ? __virt_addr_valid+0x1db/0x2d0 [ 24.368213] ? kasan_addr_to_slab+0x11/0xa0 [ 24.368273] ? mempool_double_free_helper+0x184/0x370 [ 24.368335] kasan_report_invalid_free+0xce/0x100 [ 24.368376] ? mempool_double_free_helper+0x184/0x370 [ 24.368416] ? mempool_double_free_helper+0x184/0x370 [ 24.368450] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 24.368487] mempool_free+0x2ec/0x380 [ 24.368525] mempool_double_free_helper+0x184/0x370 [ 24.368561] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 24.368603] ? finish_task_switch.isra.0+0x153/0x730 [ 24.368643] mempool_kmalloc_large_double_free+0xb0/0x100 [ 24.368683] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 24.368973] ? __switch_to+0x5d9/0xf70 [ 24.369050] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.369105] ? __pfx_mempool_kfree+0x10/0x10 [ 24.369192] ? __pfx_read_tsc+0x10/0x10 [ 24.369245] ? ktime_get_ts64+0x86/0x240 [ 24.369316] kunit_try_run_case+0x1b2/0x490 [ 24.369371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.369403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.369437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.369470] ? __kthread_parkme+0x82/0x160 [ 24.369502] ? preempt_count_sub+0x50/0x80 [ 24.369537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.369572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.369605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.369639] kthread+0x323/0x710 [ 24.369668] ? trace_preempt_on+0x20/0xc0 [ 24.369801] ? __pfx_kthread+0x10/0x10 [ 24.369855] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.369887] ? calculate_sigpending+0x7b/0xa0 [ 24.369921] ? __pfx_kthread+0x10/0x10 [ 24.369955] ret_from_fork+0x41/0x80 [ 24.369987] ? __pfx_kthread+0x10/0x10 [ 24.370018] ret_from_fork_asm+0x1a/0x30 [ 24.370066] </TASK> [ 24.370082] [ 24.394045] The buggy address belongs to the physical page: [ 24.394477] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 24.395186] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.396341] flags: 0x200000000000040(head|node=0|zone=2) [ 24.396930] page_type: f8(unknown) [ 24.398190] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.399215] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.399805] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.400353] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.401017] head: 0200000000000002 ffffea00040e7001 00000000ffffffff 00000000ffffffff [ 24.402565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.403541] page dumped because: kasan: bad access detected [ 24.404101] [ 24.404347] Memory state around the buggy address: [ 24.404796] ffff8881039bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.405316] ffff8881039bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.406166] >ffff8881039c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.406649] ^ [ 24.406884] ffff8881039c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.407509] ffff8881039c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.408413] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 24.256526] ================================================================== [ 24.257521] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 24.258239] Read of size 1 at addr ffff8881039c0000 by task kunit_try_catch/254 [ 24.258478] [ 24.258589] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.258661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.258679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.258734] Call Trace: [ 24.258767] <TASK> [ 24.258802] dump_stack_lvl+0x73/0xb0 [ 24.258886] print_report+0xd1/0x660 [ 24.259016] ? __virt_addr_valid+0x1db/0x2d0 [ 24.259185] ? kasan_addr_to_slab+0x11/0xa0 [ 24.259262] kasan_report+0x104/0x140 [ 24.259321] ? mempool_uaf_helper+0x392/0x400 [ 24.259388] ? mempool_uaf_helper+0x392/0x400 [ 24.259469] __asan_report_load1_noabort+0x18/0x20 [ 24.259529] mempool_uaf_helper+0x392/0x400 [ 24.259601] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 24.259697] ? finish_task_switch.isra.0+0x153/0x730 [ 24.259781] mempool_page_alloc_uaf+0xb0/0x100 [ 24.259853] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 24.259956] ? __switch_to+0x5d9/0xf70 [ 24.260087] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 24.260192] ? __pfx_mempool_free_pages+0x10/0x10 [ 24.260312] ? __pfx_read_tsc+0x10/0x10 [ 24.260397] ? ktime_get_ts64+0x86/0x240 [ 24.260497] kunit_try_run_case+0x1b2/0x490 [ 24.260615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.260663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.260700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.260790] ? __kthread_parkme+0x82/0x160 [ 24.260833] ? preempt_count_sub+0x50/0x80 [ 24.260870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.260905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.260940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.260973] kthread+0x323/0x710 [ 24.261004] ? trace_preempt_on+0x20/0xc0 [ 24.261038] ? __pfx_kthread+0x10/0x10 [ 24.261070] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.261100] ? calculate_sigpending+0x7b/0xa0 [ 24.261156] ? __pfx_kthread+0x10/0x10 [ 24.261189] ret_from_fork+0x41/0x80 [ 24.261220] ? __pfx_kthread+0x10/0x10 [ 24.261254] ret_from_fork_asm+0x1a/0x30 [ 24.261300] </TASK> [ 24.261316] [ 24.276803] The buggy address belongs to the physical page: [ 24.277368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 24.278278] flags: 0x200000000000000(node=0|zone=2) [ 24.278681] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 24.279417] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 24.279888] page dumped because: kasan: bad access detected [ 24.280286] [ 24.280506] Memory state around the buggy address: [ 24.281106] ffff8881039bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.281798] ffff8881039bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.282303] >ffff8881039c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.283013] ^ [ 24.283273] ffff8881039c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.283678] ffff8881039c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.284346] ================================================================== [ 24.124665] ================================================================== [ 24.126335] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 24.126896] Read of size 1 at addr ffff888103918000 by task kunit_try_catch/250 [ 24.128411] [ 24.128651] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.129312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.129351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.129388] Call Trace: [ 24.129407] <TASK> [ 24.129430] dump_stack_lvl+0x73/0xb0 [ 24.129477] print_report+0xd1/0x660 [ 24.129513] ? __virt_addr_valid+0x1db/0x2d0 [ 24.129579] ? kasan_addr_to_slab+0x11/0xa0 [ 24.129614] kasan_report+0x104/0x140 [ 24.129643] ? mempool_uaf_helper+0x392/0x400 [ 24.129685] ? mempool_uaf_helper+0x392/0x400 [ 24.129796] __asan_report_load1_noabort+0x18/0x20 [ 24.129873] mempool_uaf_helper+0x392/0x400 [ 24.129914] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 24.129955] ? finish_task_switch.isra.0+0x153/0x730 [ 24.129999] mempool_kmalloc_large_uaf+0xb2/0x100 [ 24.130035] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 24.130068] ? __switch_to+0x5d9/0xf70 [ 24.130128] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.130163] ? __pfx_mempool_kfree+0x10/0x10 [ 24.130196] ? __pfx_read_tsc+0x10/0x10 [ 24.130228] ? ktime_get_ts64+0x86/0x240 [ 24.130266] kunit_try_run_case+0x1b2/0x490 [ 24.130303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.130334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.130367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.130399] ? __kthread_parkme+0x82/0x160 [ 24.130431] ? preempt_count_sub+0x50/0x80 [ 24.130465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.130499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.130532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.130565] kthread+0x323/0x710 [ 24.130595] ? trace_preempt_on+0x20/0xc0 [ 24.130628] ? __pfx_kthread+0x10/0x10 [ 24.130661] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.130757] ? calculate_sigpending+0x7b/0xa0 [ 24.130887] ? __pfx_kthread+0x10/0x10 [ 24.130929] ret_from_fork+0x41/0x80 [ 24.130964] ? __pfx_kthread+0x10/0x10 [ 24.130996] ret_from_fork_asm+0x1a/0x30 [ 24.131044] </TASK> [ 24.131060] [ 24.154557] The buggy address belongs to the physical page: [ 24.156127] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103918 [ 24.156685] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.158007] flags: 0x200000000000040(head|node=0|zone=2) [ 24.158703] page_type: f8(unknown) [ 24.159226] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.160203] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.160833] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.162142] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 24.163349] head: 0200000000000002 ffffea00040e4601 00000000ffffffff 00000000ffffffff [ 24.164179] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.164942] page dumped because: kasan: bad access detected [ 24.165918] [ 24.166103] Memory state around the buggy address: [ 24.166905] ffff888103917f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.167548] ffff888103917f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.168512] >ffff888103918000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.169560] ^ [ 24.170043] ffff888103918080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.170656] ffff888103918100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.171530] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 24.188192] ================================================================== [ 24.188820] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 24.190942] Read of size 1 at addr ffff888103230240 by task kunit_try_catch/252 [ 24.191509] [ 24.192256] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.192391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.192428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.192493] Call Trace: [ 24.192526] <TASK> [ 24.192568] dump_stack_lvl+0x73/0xb0 [ 24.192649] print_report+0xd1/0x660 [ 24.192756] ? __virt_addr_valid+0x1db/0x2d0 [ 24.192877] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.192920] kasan_report+0x104/0x140 [ 24.192953] ? mempool_uaf_helper+0x392/0x400 [ 24.192989] ? mempool_uaf_helper+0x392/0x400 [ 24.193032] __asan_report_load1_noabort+0x18/0x20 [ 24.193063] mempool_uaf_helper+0x392/0x400 [ 24.193097] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 24.193202] ? finish_task_switch.isra.0+0x153/0x730 [ 24.193245] mempool_slab_uaf+0xad/0x100 [ 24.193280] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 24.193313] ? __switch_to+0x5d9/0xf70 [ 24.193351] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 24.193382] ? __pfx_mempool_free_slab+0x10/0x10 [ 24.193416] ? __pfx_read_tsc+0x10/0x10 [ 24.193446] ? ktime_get_ts64+0x86/0x240 [ 24.193484] kunit_try_run_case+0x1b2/0x490 [ 24.193521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.193552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.193585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.193616] ? __kthread_parkme+0x82/0x160 [ 24.193647] ? preempt_count_sub+0x50/0x80 [ 24.193690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.193793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.193841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.193876] kthread+0x323/0x710 [ 24.193907] ? trace_preempt_on+0x20/0xc0 [ 24.193943] ? __pfx_kthread+0x10/0x10 [ 24.193975] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.194005] ? calculate_sigpending+0x7b/0xa0 [ 24.194038] ? __pfx_kthread+0x10/0x10 [ 24.194072] ret_from_fork+0x41/0x80 [ 24.194103] ? __pfx_kthread+0x10/0x10 [ 24.194185] ret_from_fork_asm+0x1a/0x30 [ 24.194236] </TASK> [ 24.194252] [ 24.212215] Allocated by task 252: [ 24.212582] kasan_save_stack+0x3d/0x60 [ 24.213205] kasan_save_track+0x18/0x40 [ 24.213494] kasan_save_alloc_info+0x3b/0x50 [ 24.214148] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 24.214550] remove_element+0x11e/0x190 [ 24.215403] mempool_alloc_preallocated+0x4d/0x90 [ 24.216134] mempool_uaf_helper+0x96/0x400 [ 24.216582] mempool_slab_uaf+0xad/0x100 [ 24.217205] kunit_try_run_case+0x1b2/0x490 [ 24.217512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.218175] kthread+0x323/0x710 [ 24.218542] ret_from_fork+0x41/0x80 [ 24.219134] ret_from_fork_asm+0x1a/0x30 [ 24.219562] [ 24.220300] Freed by task 252: [ 24.220614] kasan_save_stack+0x3d/0x60 [ 24.220966] kasan_save_track+0x18/0x40 [ 24.221524] kasan_save_free_info+0x3f/0x60 [ 24.222001] __kasan_mempool_poison_object+0x131/0x1d0 [ 24.222540] mempool_free+0x2ec/0x380 [ 24.223097] mempool_uaf_helper+0x11a/0x400 [ 24.223572] mempool_slab_uaf+0xad/0x100 [ 24.224053] kunit_try_run_case+0x1b2/0x490 [ 24.224472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.224805] kthread+0x323/0x710 [ 24.225059] ret_from_fork+0x41/0x80 [ 24.226245] ret_from_fork_asm+0x1a/0x30 [ 24.226877] [ 24.227106] The buggy address belongs to the object at ffff888103230240 [ 24.227106] which belongs to the cache test_cache of size 123 [ 24.228353] The buggy address is located 0 bytes inside of [ 24.228353] freed 123-byte region [ffff888103230240, ffff8881032302bb) [ 24.229408] [ 24.229631] The buggy address belongs to the physical page: [ 24.230228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103230 [ 24.231364] flags: 0x200000000000000(node=0|zone=2) [ 24.232054] page_type: f5(slab) [ 24.232442] raw: 0200000000000000 ffff88810322e000 dead000000000122 0000000000000000 [ 24.233255] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 24.233988] page dumped because: kasan: bad access detected [ 24.234327] [ 24.234487] Memory state around the buggy address: [ 24.235138] ffff888103230100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.236273] ffff888103230180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.237093] >ffff888103230200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 24.237914] ^ [ 24.238412] ffff888103230280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.238978] ffff888103230300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.239623] ================================================================== [ 24.068141] ================================================================== [ 24.069188] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 24.070001] Read of size 1 at addr ffff888103210a00 by task kunit_try_catch/248 [ 24.070832] [ 24.071098] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.071251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.071287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.071332] Call Trace: [ 24.071352] <TASK> [ 24.071374] dump_stack_lvl+0x73/0xb0 [ 24.071422] print_report+0xd1/0x660 [ 24.071464] ? __virt_addr_valid+0x1db/0x2d0 [ 24.071553] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.071603] kasan_report+0x104/0x140 [ 24.071652] ? mempool_uaf_helper+0x392/0x400 [ 24.071688] ? mempool_uaf_helper+0x392/0x400 [ 24.071876] __asan_report_load1_noabort+0x18/0x20 [ 24.071977] mempool_uaf_helper+0x392/0x400 [ 24.072047] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 24.072150] ? finish_task_switch.isra.0+0x153/0x730 [ 24.072239] mempool_kmalloc_uaf+0xb2/0x100 [ 24.072306] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 24.072369] ? __switch_to+0x5d9/0xf70 [ 24.072441] ? __pfx_mempool_kmalloc+0x10/0x10 [ 24.072476] ? __pfx_mempool_kfree+0x10/0x10 [ 24.072512] ? __pfx_read_tsc+0x10/0x10 [ 24.072543] ? ktime_get_ts64+0x86/0x240 [ 24.072581] kunit_try_run_case+0x1b2/0x490 [ 24.072619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.072651] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.072684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.072751] ? __kthread_parkme+0x82/0x160 [ 24.072787] ? preempt_count_sub+0x50/0x80 [ 24.072823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.072858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.072892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.072926] kthread+0x323/0x710 [ 24.072956] ? trace_preempt_on+0x20/0xc0 [ 24.072990] ? __pfx_kthread+0x10/0x10 [ 24.073021] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.073052] ? calculate_sigpending+0x7b/0xa0 [ 24.073084] ? __pfx_kthread+0x10/0x10 [ 24.073138] ret_from_fork+0x41/0x80 [ 24.073172] ? __pfx_kthread+0x10/0x10 [ 24.073205] ret_from_fork_asm+0x1a/0x30 [ 24.073252] </TASK> [ 24.073269] [ 24.088637] Allocated by task 248: [ 24.089253] kasan_save_stack+0x3d/0x60 [ 24.089782] kasan_save_track+0x18/0x40 [ 24.090226] kasan_save_alloc_info+0x3b/0x50 [ 24.090683] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 24.091357] remove_element+0x11e/0x190 [ 24.091960] mempool_alloc_preallocated+0x4d/0x90 [ 24.092485] mempool_uaf_helper+0x96/0x400 [ 24.093096] mempool_kmalloc_uaf+0xb2/0x100 [ 24.093572] kunit_try_run_case+0x1b2/0x490 [ 24.094145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.094818] kthread+0x323/0x710 [ 24.095810] ret_from_fork+0x41/0x80 [ 24.096484] ret_from_fork_asm+0x1a/0x30 [ 24.096964] [ 24.097205] Freed by task 248: [ 24.097533] kasan_save_stack+0x3d/0x60 [ 24.097985] kasan_save_track+0x18/0x40 [ 24.098419] kasan_save_free_info+0x3f/0x60 [ 24.098915] __kasan_mempool_poison_object+0x131/0x1d0 [ 24.099478] mempool_free+0x2ec/0x380 [ 24.100039] mempool_uaf_helper+0x11a/0x400 [ 24.100510] mempool_kmalloc_uaf+0xb2/0x100 [ 24.101106] kunit_try_run_case+0x1b2/0x490 [ 24.101773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.102562] kthread+0x323/0x710 [ 24.103002] ret_from_fork+0x41/0x80 [ 24.103509] ret_from_fork_asm+0x1a/0x30 [ 24.104300] [ 24.104527] The buggy address belongs to the object at ffff888103210a00 [ 24.104527] which belongs to the cache kmalloc-128 of size 128 [ 24.105601] The buggy address is located 0 bytes inside of [ 24.105601] freed 128-byte region [ffff888103210a00, ffff888103210a80) [ 24.106667] [ 24.106940] The buggy address belongs to the physical page: [ 24.107585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103210 [ 24.108098] flags: 0x200000000000000(node=0|zone=2) [ 24.108427] page_type: f5(slab) [ 24.108663] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.109129] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.110105] page dumped because: kasan: bad access detected [ 24.110645] [ 24.111093] Memory state around the buggy address: [ 24.111622] ffff888103210900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.112564] ffff888103210980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.113460] >ffff888103210a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.114160] ^ [ 24.114599] ffff888103210a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.115474] ffff888103210b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.116300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 23.954441] ================================================================== [ 23.955532] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 23.956627] Read of size 1 at addr ffff88810391a001 by task kunit_try_catch/244 [ 23.957637] [ 23.958007] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 23.958166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.958206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.958267] Call Trace: [ 23.958302] <TASK> [ 23.958329] dump_stack_lvl+0x73/0xb0 [ 23.958378] print_report+0xd1/0x660 [ 23.958433] ? __virt_addr_valid+0x1db/0x2d0 [ 23.958512] ? kasan_addr_to_slab+0x11/0xa0 [ 23.958547] kasan_report+0x104/0x140 [ 23.958577] ? mempool_oob_right_helper+0x318/0x380 [ 23.958615] ? mempool_oob_right_helper+0x318/0x380 [ 23.958658] __asan_report_load1_noabort+0x18/0x20 [ 23.958688] mempool_oob_right_helper+0x318/0x380 [ 23.958919] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 23.959051] ? finish_task_switch.isra.0+0x153/0x730 [ 23.959152] mempool_kmalloc_large_oob_right+0xb5/0x100 [ 23.959196] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 23.959233] ? __switch_to+0x5d9/0xf70 [ 23.959270] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.959302] ? __pfx_mempool_kfree+0x10/0x10 [ 23.959335] ? __pfx_read_tsc+0x10/0x10 [ 23.959366] ? ktime_get_ts64+0x86/0x240 [ 23.959404] kunit_try_run_case+0x1b2/0x490 [ 23.959442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.959475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.959508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.959541] ? __kthread_parkme+0x82/0x160 [ 23.959572] ? preempt_count_sub+0x50/0x80 [ 23.959635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.959670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.959764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.959840] kthread+0x323/0x710 [ 23.959891] ? trace_preempt_on+0x20/0xc0 [ 23.959929] ? __pfx_kthread+0x10/0x10 [ 23.959974] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.960004] ? calculate_sigpending+0x7b/0xa0 [ 23.960038] ? __pfx_kthread+0x10/0x10 [ 23.960070] ret_from_fork+0x41/0x80 [ 23.960102] ? __pfx_kthread+0x10/0x10 [ 23.960183] ret_from_fork_asm+0x1a/0x30 [ 23.960233] </TASK> [ 23.960249] [ 23.977978] The buggy address belongs to the physical page: [ 23.978962] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103918 [ 23.980038] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 23.981081] flags: 0x200000000000040(head|node=0|zone=2) [ 23.981882] page_type: f8(unknown) [ 23.982174] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.983139] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.984246] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 23.985181] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 23.986171] head: 0200000000000002 ffffea00040e4601 00000000ffffffff 00000000ffffffff [ 23.986581] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 23.987505] page dumped because: kasan: bad access detected [ 23.988399] [ 23.988622] Memory state around the buggy address: [ 23.989364] ffff888103919f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.990195] ffff888103919f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.990840] >ffff88810391a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.991241] ^ [ 23.991635] ffff88810391a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.992881] ffff88810391a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 23.993549] ================================================================== [ 23.894229] ================================================================== [ 23.895450] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 23.896779] Read of size 1 at addr ffff888103210673 by task kunit_try_catch/242 [ 23.897554] [ 23.898539] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 23.898624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.898642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.898675] Call Trace: [ 23.898694] <TASK> [ 23.898751] dump_stack_lvl+0x73/0xb0 [ 23.898808] print_report+0xd1/0x660 [ 23.898843] ? __virt_addr_valid+0x1db/0x2d0 [ 23.898913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.898950] kasan_report+0x104/0x140 [ 23.898980] ? mempool_oob_right_helper+0x318/0x380 [ 23.899017] ? mempool_oob_right_helper+0x318/0x380 [ 23.899060] __asan_report_load1_noabort+0x18/0x20 [ 23.899090] mempool_oob_right_helper+0x318/0x380 [ 23.899150] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 23.899185] ? update_load_avg+0x1c3/0x2170 [ 23.899221] ? update_curr+0x80/0x810 [ 23.899257] ? finish_task_switch.isra.0+0x153/0x730 [ 23.899295] mempool_kmalloc_oob_right+0xb5/0x100 [ 23.899330] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 23.899363] ? __switch_to+0x5d9/0xf70 [ 23.899398] ? __pfx_mempool_kmalloc+0x10/0x10 [ 23.899429] ? __pfx_mempool_kfree+0x10/0x10 [ 23.899462] ? __pfx_read_tsc+0x10/0x10 [ 23.899492] ? ktime_get_ts64+0x86/0x240 [ 23.899529] kunit_try_run_case+0x1b2/0x490 [ 23.899567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.899624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.899657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.899689] ? __kthread_parkme+0x82/0x160 [ 23.899754] ? preempt_count_sub+0x50/0x80 [ 23.899794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.899829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.899864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.899898] kthread+0x323/0x710 [ 23.899940] ? trace_preempt_on+0x20/0xc0 [ 23.899975] ? __pfx_kthread+0x10/0x10 [ 23.900006] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.900036] ? calculate_sigpending+0x7b/0xa0 [ 23.900068] ? __pfx_kthread+0x10/0x10 [ 23.900100] ret_from_fork+0x41/0x80 [ 23.900153] ? __pfx_kthread+0x10/0x10 [ 23.900184] ret_from_fork_asm+0x1a/0x30 [ 23.900234] </TASK> [ 23.900251] [ 23.921857] Allocated by task 242: [ 23.922134] kasan_save_stack+0x3d/0x60 [ 23.922575] kasan_save_track+0x18/0x40 [ 23.926159] kasan_save_alloc_info+0x3b/0x50 [ 23.926464] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 23.927068] remove_element+0x11e/0x190 [ 23.927421] mempool_alloc_preallocated+0x4d/0x90 [ 23.927884] mempool_oob_right_helper+0x8a/0x380 [ 23.928996] mempool_kmalloc_oob_right+0xb5/0x100 [ 23.929420] kunit_try_run_case+0x1b2/0x490 [ 23.929886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.930337] kthread+0x323/0x710 [ 23.930668] ret_from_fork+0x41/0x80 [ 23.932205] ret_from_fork_asm+0x1a/0x30 [ 23.932586] [ 23.932751] The buggy address belongs to the object at ffff888103210600 [ 23.932751] which belongs to the cache kmalloc-128 of size 128 [ 23.933715] The buggy address is located 0 bytes to the right of [ 23.933715] allocated 115-byte region [ffff888103210600, ffff888103210673) [ 23.935205] [ 23.935441] The buggy address belongs to the physical page: [ 23.936237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103210 [ 23.937289] flags: 0x200000000000000(node=0|zone=2) [ 23.938091] page_type: f5(slab) [ 23.938357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.939553] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.940515] page dumped because: kasan: bad access detected [ 23.941069] [ 23.941268] Memory state around the buggy address: [ 23.941675] ffff888103210500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.943004] ffff888103210580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.943673] >ffff888103210600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.944523] ^ [ 23.945579] ffff888103210680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.946464] ffff888103210700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 23.947130] ================================================================== [ 24.004249] ================================================================== [ 24.005565] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 24.006486] Read of size 1 at addr ffff88810322d2bb by task kunit_try_catch/246 [ 24.007685] [ 24.007972] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 24.008103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.008165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.008229] Call Trace: [ 24.008263] <TASK> [ 24.008288] dump_stack_lvl+0x73/0xb0 [ 24.008336] print_report+0xd1/0x660 [ 24.008371] ? __virt_addr_valid+0x1db/0x2d0 [ 24.008465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.008504] kasan_report+0x104/0x140 [ 24.008535] ? mempool_oob_right_helper+0x318/0x380 [ 24.008574] ? mempool_oob_right_helper+0x318/0x380 [ 24.008616] __asan_report_load1_noabort+0x18/0x20 [ 24.008647] mempool_oob_right_helper+0x318/0x380 [ 24.008873] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 24.009036] ? finish_task_switch.isra.0+0x153/0x730 [ 24.009171] mempool_slab_oob_right+0xb0/0x100 [ 24.009252] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 24.009319] ? __switch_to+0x5d9/0xf70 [ 24.009376] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 24.009410] ? __pfx_mempool_free_slab+0x10/0x10 [ 24.009445] ? __pfx_read_tsc+0x10/0x10 [ 24.009476] ? ktime_get_ts64+0x86/0x240 [ 24.009514] kunit_try_run_case+0x1b2/0x490 [ 24.009553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.009585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.009617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.009649] ? __kthread_parkme+0x82/0x160 [ 24.009725] ? preempt_count_sub+0x50/0x80 [ 24.009796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.009858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.009918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.009977] kthread+0x323/0x710 [ 24.010028] ? trace_preempt_on+0x20/0xc0 [ 24.010089] ? __pfx_kthread+0x10/0x10 [ 24.010170] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.010201] ? calculate_sigpending+0x7b/0xa0 [ 24.010235] ? __pfx_kthread+0x10/0x10 [ 24.010268] ret_from_fork+0x41/0x80 [ 24.010301] ? __pfx_kthread+0x10/0x10 [ 24.010332] ret_from_fork_asm+0x1a/0x30 [ 24.010380] </TASK> [ 24.010395] [ 24.028626] Allocated by task 246: [ 24.029056] kasan_save_stack+0x3d/0x60 [ 24.029363] kasan_save_track+0x18/0x40 [ 24.030019] kasan_save_alloc_info+0x3b/0x50 [ 24.030580] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 24.031382] remove_element+0x11e/0x190 [ 24.032062] mempool_alloc_preallocated+0x4d/0x90 [ 24.032574] mempool_oob_right_helper+0x8a/0x380 [ 24.033585] mempool_slab_oob_right+0xb0/0x100 [ 24.034134] kunit_try_run_case+0x1b2/0x490 [ 24.034983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.035423] kthread+0x323/0x710 [ 24.036023] ret_from_fork+0x41/0x80 [ 24.036478] ret_from_fork_asm+0x1a/0x30 [ 24.036942] [ 24.037130] The buggy address belongs to the object at ffff88810322d240 [ 24.037130] which belongs to the cache test_cache of size 123 [ 24.038502] The buggy address is located 0 bytes to the right of [ 24.038502] allocated 123-byte region [ffff88810322d240, ffff88810322d2bb) [ 24.040018] [ 24.040258] The buggy address belongs to the physical page: [ 24.040918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10322d [ 24.042415] flags: 0x200000000000000(node=0|zone=2) [ 24.042954] page_type: f5(slab) [ 24.043385] raw: 0200000000000000 ffff8881020e8dc0 dead000000000122 0000000000000000 [ 24.044614] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 24.045560] page dumped because: kasan: bad access detected [ 24.046079] [ 24.046284] Memory state around the buggy address: [ 24.047408] ffff88810322d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.048389] ffff88810322d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 24.048840] >ffff88810322d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 24.050093] ^ [ 24.051045] ffff88810322d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.051689] ffff88810322d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.053015] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 23.275227] ================================================================== [ 23.276255] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bc/0x380 [ 23.278351] Read of size 1 at addr ffff8881009f8c80 by task kunit_try_catch/236 [ 23.279246] [ 23.279471] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 23.279545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.279563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.279605] Call Trace: [ 23.279641] <TASK> [ 23.279664] dump_stack_lvl+0x73/0xb0 [ 23.280191] print_report+0xd1/0x660 [ 23.280236] ? __virt_addr_valid+0x1db/0x2d0 [ 23.280305] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.280343] kasan_report+0x104/0x140 [ 23.280372] ? kmem_cache_double_destroy+0x1bc/0x380 [ 23.280411] ? kmem_cache_double_destroy+0x1bc/0x380 [ 23.280452] ? kmem_cache_double_destroy+0x1bc/0x380 [ 23.280487] __kasan_check_byte+0x3d/0x50 [ 23.280521] kmem_cache_destroy+0x25/0x200 [ 23.280554] kmem_cache_double_destroy+0x1bc/0x380 [ 23.280589] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 23.280624] ? finish_task_switch.isra.0+0x153/0x730 [ 23.280657] ? __switch_to+0x5d9/0xf70 [ 23.280865] ? __pfx_empty_cache_ctor+0x10/0x10 [ 23.280931] ? __pfx_read_tsc+0x10/0x10 [ 23.280967] ? ktime_get_ts64+0x86/0x240 [ 23.281007] kunit_try_run_case+0x1b2/0x490 [ 23.281046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.281078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.281130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.281163] ? __kthread_parkme+0x82/0x160 [ 23.281196] ? preempt_count_sub+0x50/0x80 [ 23.281232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.281266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.281300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.281334] kthread+0x323/0x710 [ 23.281363] ? trace_preempt_on+0x20/0xc0 [ 23.281398] ? __pfx_kthread+0x10/0x10 [ 23.281430] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.281458] ? calculate_sigpending+0x7b/0xa0 [ 23.281490] ? __pfx_kthread+0x10/0x10 [ 23.281522] ret_from_fork+0x41/0x80 [ 23.281552] ? __pfx_kthread+0x10/0x10 [ 23.281583] ret_from_fork_asm+0x1a/0x30 [ 23.281631] </TASK> [ 23.281646] [ 23.302382] Allocated by task 236: [ 23.302690] kasan_save_stack+0x3d/0x60 [ 23.303627] kasan_save_track+0x18/0x40 [ 23.304318] kasan_save_alloc_info+0x3b/0x50 [ 23.304904] __kasan_slab_alloc+0x91/0xa0 [ 23.305501] kmem_cache_alloc_noprof+0x11d/0x3f0 [ 23.305977] __kmem_cache_create_args+0x169/0x240 [ 23.306896] kmem_cache_double_destroy+0xd2/0x380 [ 23.307741] kunit_try_run_case+0x1b2/0x490 [ 23.308187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.309160] kthread+0x323/0x710 [ 23.309610] ret_from_fork+0x41/0x80 [ 23.310214] ret_from_fork_asm+0x1a/0x30 [ 23.310588] [ 23.311605] Freed by task 236: [ 23.311960] kasan_save_stack+0x3d/0x60 [ 23.312340] kasan_save_track+0x18/0x40 [ 23.312891] kasan_save_free_info+0x3f/0x60 [ 23.314023] __kasan_slab_free+0x56/0x70 [ 23.314416] kmem_cache_free+0x249/0x420 [ 23.314862] slab_kmem_cache_release+0x2e/0x40 [ 23.315221] kmem_cache_release+0x16/0x20 [ 23.315667] kobject_put+0x181/0x470 [ 23.317106] sysfs_slab_release+0x16/0x20 [ 23.317669] kmem_cache_destroy+0xf0/0x200 [ 23.318321] kmem_cache_double_destroy+0x14b/0x380 [ 23.318666] kunit_try_run_case+0x1b2/0x490 [ 23.319091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.319634] kthread+0x323/0x710 [ 23.320808] ret_from_fork+0x41/0x80 [ 23.321306] ret_from_fork_asm+0x1a/0x30 [ 23.321579] [ 23.322038] The buggy address belongs to the object at ffff8881009f8c80 [ 23.322038] which belongs to the cache kmem_cache of size 208 [ 23.323272] The buggy address is located 0 bytes inside of [ 23.323272] freed 208-byte region [ffff8881009f8c80, ffff8881009f8d50) [ 23.324354] [ 23.324653] The buggy address belongs to the physical page: [ 23.325586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1009f8 [ 23.326734] flags: 0x200000000000000(node=0|zone=2) [ 23.326955] page_type: f5(slab) [ 23.327092] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 23.327787] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 23.328667] page dumped because: kasan: bad access detected [ 23.329942] [ 23.330282] Memory state around the buggy address: [ 23.331025] ffff8881009f8b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.331669] ffff8881009f8c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.332606] >ffff8881009f8c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.333264] ^ [ 23.333620] ffff8881009f8d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 23.334253] ffff8881009f8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.335100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 23.176292] ================================================================== [ 23.177009] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 23.177663] Read of size 1 at addr ffff888103228000 by task kunit_try_catch/234 [ 23.178264] [ 23.178558] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 23.178689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.178771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.178829] Call Trace: [ 23.178864] <TASK> [ 23.178903] dump_stack_lvl+0x73/0xb0 [ 23.178989] print_report+0xd1/0x660 [ 23.179054] ? __virt_addr_valid+0x1db/0x2d0 [ 23.179199] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.179274] kasan_report+0x104/0x140 [ 23.179330] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 23.179399] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 23.179475] __asan_report_load1_noabort+0x18/0x20 [ 23.179533] kmem_cache_rcu_uaf+0x3e3/0x510 [ 23.179625] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 23.179691] ? finish_task_switch.isra.0+0x153/0x730 [ 23.179815] ? __switch_to+0x5d9/0xf70 [ 23.179903] ? __pfx_read_tsc+0x10/0x10 [ 23.179974] ? ktime_get_ts64+0x86/0x240 [ 23.180044] kunit_try_run_case+0x1b2/0x490 [ 23.180137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.180197] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.180256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.180313] ? __kthread_parkme+0x82/0x160 [ 23.180373] ? preempt_count_sub+0x50/0x80 [ 23.180441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.180508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.180548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.180583] kthread+0x323/0x710 [ 23.180613] ? trace_preempt_on+0x20/0xc0 [ 23.180649] ? __pfx_kthread+0x10/0x10 [ 23.180680] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.180781] ? calculate_sigpending+0x7b/0xa0 [ 23.180825] ? __pfx_kthread+0x10/0x10 [ 23.180857] ret_from_fork+0x41/0x80 [ 23.180890] ? __pfx_kthread+0x10/0x10 [ 23.180922] ret_from_fork_asm+0x1a/0x30 [ 23.180969] </TASK> [ 23.180985] [ 23.199730] Allocated by task 234: [ 23.200598] kasan_save_stack+0x3d/0x60 [ 23.201386] kasan_save_track+0x18/0x40 [ 23.202088] kasan_save_alloc_info+0x3b/0x50 [ 23.202640] __kasan_slab_alloc+0x91/0xa0 [ 23.203168] kmem_cache_alloc_noprof+0x11d/0x3f0 [ 23.203575] kmem_cache_rcu_uaf+0x155/0x510 [ 23.204136] kunit_try_run_case+0x1b2/0x490 [ 23.204766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.205316] kthread+0x323/0x710 [ 23.205604] ret_from_fork+0x41/0x80 [ 23.206080] ret_from_fork_asm+0x1a/0x30 [ 23.206886] [ 23.207358] Freed by task 0: [ 23.208216] kasan_save_stack+0x3d/0x60 [ 23.208631] kasan_save_track+0x18/0x40 [ 23.209524] kasan_save_free_info+0x3f/0x60 [ 23.209977] __kasan_slab_free+0x56/0x70 [ 23.211194] slab_free_after_rcu_debug+0xe4/0x340 [ 23.211664] rcu_core+0x66c/0x1cd0 [ 23.212395] rcu_core_si+0x12/0x20 [ 23.212756] handle_softirqs+0x209/0x730 [ 23.213225] __irq_exit_rcu+0xc9/0x110 [ 23.214051] irq_exit_rcu+0x12/0x20 [ 23.214510] sysvec_apic_timer_interrupt+0x81/0x90 [ 23.215154] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 23.215535] [ 23.216226] Last potentially related work creation: [ 23.216701] kasan_save_stack+0x3d/0x60 [ 23.217063] kasan_record_aux_stack+0xb2/0xc0 [ 23.217341] kmem_cache_free+0x131/0x420 [ 23.217743] kmem_cache_rcu_uaf+0x194/0x510 [ 23.218551] kunit_try_run_case+0x1b2/0x490 [ 23.219048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.219431] kthread+0x323/0x710 [ 23.220598] ret_from_fork+0x41/0x80 [ 23.221088] ret_from_fork_asm+0x1a/0x30 [ 23.221379] [ 23.222029] The buggy address belongs to the object at ffff888103228000 [ 23.222029] which belongs to the cache test_cache of size 200 [ 23.223172] The buggy address is located 0 bytes inside of [ 23.223172] freed 200-byte region [ffff888103228000, ffff8881032280c8) [ 23.224793] [ 23.224985] The buggy address belongs to the physical page: [ 23.225470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103228 [ 23.226815] flags: 0x200000000000000(node=0|zone=2) [ 23.227762] page_type: f5(slab) [ 23.228094] raw: 0200000000000000 ffff8881020e8b40 dead000000000122 0000000000000000 [ 23.229479] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.230320] page dumped because: kasan: bad access detected [ 23.230755] [ 23.231407] Memory state around the buggy address: [ 23.232216] ffff888103227f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.233513] ffff888103227f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.233961] >ffff888103228000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.234641] ^ [ 23.235374] ffff888103228080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 23.236253] ffff888103228100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.236723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 23.061293] ================================================================== [ 23.062467] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 23.063374] Free of addr ffff888103067001 by task kunit_try_catch/232 [ 23.064237] [ 23.064528] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 23.064922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.064974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.065089] Call Trace: [ 23.065153] <TASK> [ 23.065194] dump_stack_lvl+0x73/0xb0 [ 23.065280] print_report+0xd1/0x660 [ 23.065347] ? __virt_addr_valid+0x1db/0x2d0 [ 23.065470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.065538] ? kmem_cache_invalid_free+0x1d8/0x460 [ 23.065594] kasan_report_invalid_free+0xce/0x100 [ 23.065651] ? kmem_cache_invalid_free+0x1d8/0x460 [ 23.065818] ? kmem_cache_invalid_free+0x1d8/0x460 [ 23.065870] check_slab_allocation+0x11f/0x130 [ 23.065905] __kasan_slab_pre_free+0x28/0x40 [ 23.065937] kmem_cache_free+0xed/0x420 [ 23.065971] ? kmem_cache_alloc_noprof+0x11d/0x3f0 [ 23.066002] ? kmem_cache_invalid_free+0x1d8/0x460 [ 23.066038] kmem_cache_invalid_free+0x1d8/0x460 [ 23.066069] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 23.066098] ? finish_task_switch.isra.0+0x153/0x730 [ 23.066155] ? __switch_to+0x5d9/0xf70 [ 23.066201] ? __pfx_read_tsc+0x10/0x10 [ 23.066230] ? ktime_get_ts64+0x86/0x240 [ 23.066268] kunit_try_run_case+0x1b2/0x490 [ 23.066304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.066335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.066366] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.066396] ? __kthread_parkme+0x82/0x160 [ 23.066427] ? preempt_count_sub+0x50/0x80 [ 23.066461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.066494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.066526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.066558] kthread+0x323/0x710 [ 23.066587] ? trace_preempt_on+0x20/0xc0 [ 23.066621] ? __pfx_kthread+0x10/0x10 [ 23.066651] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.066687] ? calculate_sigpending+0x7b/0xa0 [ 23.066831] ? __pfx_kthread+0x10/0x10 [ 23.066882] ret_from_fork+0x41/0x80 [ 23.066917] ? __pfx_kthread+0x10/0x10 [ 23.066948] ret_from_fork_asm+0x1a/0x30 [ 23.066996] </TASK> [ 23.067012] [ 23.086937] Allocated by task 232: [ 23.087226] kasan_save_stack+0x3d/0x60 [ 23.087680] kasan_save_track+0x18/0x40 [ 23.089451] kasan_save_alloc_info+0x3b/0x50 [ 23.090083] __kasan_slab_alloc+0x91/0xa0 [ 23.090541] kmem_cache_alloc_noprof+0x11d/0x3f0 [ 23.093014] kmem_cache_invalid_free+0x157/0x460 [ 23.093340] kunit_try_run_case+0x1b2/0x490 [ 23.094372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.094829] kthread+0x323/0x710 [ 23.095475] ret_from_fork+0x41/0x80 [ 23.096514] ret_from_fork_asm+0x1a/0x30 [ 23.096789] [ 23.096937] The buggy address belongs to the object at ffff888103067000 [ 23.096937] which belongs to the cache test_cache of size 200 [ 23.099461] The buggy address is located 1 bytes inside of [ 23.099461] 200-byte region [ffff888103067000, ffff8881030670c8) [ 23.100383] [ 23.101268] The buggy address belongs to the physical page: [ 23.101594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103067 [ 23.102759] flags: 0x200000000000000(node=0|zone=2) [ 23.103582] page_type: f5(slab) [ 23.104199] raw: 0200000000000000 ffff8881009f8b40 dead000000000122 0000000000000000 [ 23.105500] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.105907] page dumped because: kasan: bad access detected [ 23.106578] [ 23.107531] Memory state around the buggy address: [ 23.107934] ffff888103066f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.108943] ffff888103066f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.109632] >ffff888103067000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.110237] ^ [ 23.110712] ffff888103067080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 23.111722] ffff888103067100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.112832] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 22.997409] ================================================================== [ 22.998070] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 22.998733] Free of addr ffff888103226000 by task kunit_try_catch/230 [ 22.999098] [ 22.999429] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.999555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.999597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.999673] Call Trace: [ 22.999708] <TASK> [ 22.999749] dump_stack_lvl+0x73/0xb0 [ 22.999834] print_report+0xd1/0x660 [ 22.999896] ? __virt_addr_valid+0x1db/0x2d0 [ 23.000028] ? kasan_complete_mode_report_info+0x64/0x200 [ 23.000152] ? kmem_cache_double_free+0x1e5/0x480 [ 23.000217] kasan_report_invalid_free+0xce/0x100 [ 23.000288] ? kmem_cache_double_free+0x1e5/0x480 [ 23.000351] ? kmem_cache_double_free+0x1e5/0x480 [ 23.000410] check_slab_allocation+0x101/0x130 [ 23.000472] __kasan_slab_pre_free+0x28/0x40 [ 23.000525] kmem_cache_free+0xed/0x420 [ 23.000582] ? kmem_cache_alloc_noprof+0x11d/0x3f0 [ 23.000639] ? kmem_cache_double_free+0x1e5/0x480 [ 23.000704] kmem_cache_double_free+0x1e5/0x480 [ 23.000770] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 23.000828] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 23.000930] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 23.001010] kunit_try_run_case+0x1b2/0x490 [ 23.001088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.001172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.001236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.001298] ? __kthread_parkme+0x82/0x160 [ 23.001359] ? preempt_count_sub+0x50/0x80 [ 23.001431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.001499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.001567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.001606] kthread+0x323/0x710 [ 23.001637] ? trace_preempt_on+0x20/0xc0 [ 23.001675] ? __pfx_kthread+0x10/0x10 [ 23.001712] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.001779] ? calculate_sigpending+0x7b/0xa0 [ 23.001813] ? __pfx_kthread+0x10/0x10 [ 23.001845] ret_from_fork+0x41/0x80 [ 23.001878] ? __pfx_kthread+0x10/0x10 [ 23.001910] ret_from_fork_asm+0x1a/0x30 [ 23.001958] </TASK> [ 23.001974] [ 23.014781] Allocated by task 230: [ 23.015170] kasan_save_stack+0x3d/0x60 [ 23.015528] kasan_save_track+0x18/0x40 [ 23.016013] kasan_save_alloc_info+0x3b/0x50 [ 23.016477] __kasan_slab_alloc+0x91/0xa0 [ 23.016890] kmem_cache_alloc_noprof+0x11d/0x3f0 [ 23.017297] kmem_cache_double_free+0x14f/0x480 [ 23.017592] kunit_try_run_case+0x1b2/0x490 [ 23.017870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.018509] kthread+0x323/0x710 [ 23.018876] ret_from_fork+0x41/0x80 [ 23.019463] ret_from_fork_asm+0x1a/0x30 [ 23.019984] [ 23.020226] Freed by task 230: [ 23.020512] kasan_save_stack+0x3d/0x60 [ 23.020810] kasan_save_track+0x18/0x40 [ 23.021238] kasan_save_free_info+0x3f/0x60 [ 23.021669] __kasan_slab_free+0x56/0x70 [ 23.022019] kmem_cache_free+0x249/0x420 [ 23.022319] kmem_cache_double_free+0x16a/0x480 [ 23.022604] kunit_try_run_case+0x1b2/0x490 [ 23.023084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.023875] kthread+0x323/0x710 [ 23.024281] ret_from_fork+0x41/0x80 [ 23.024582] ret_from_fork_asm+0x1a/0x30 [ 23.025060] [ 23.025248] The buggy address belongs to the object at ffff888103226000 [ 23.025248] which belongs to the cache test_cache of size 200 [ 23.026008] The buggy address is located 0 bytes inside of [ 23.026008] 200-byte region [ffff888103226000, ffff8881032260c8) [ 23.027011] [ 23.027267] The buggy address belongs to the physical page: [ 23.027799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103226 [ 23.028283] flags: 0x200000000000000(node=0|zone=2) [ 23.028610] page_type: f5(slab) [ 23.028937] raw: 0200000000000000 ffff8881020e8a00 dead000000000122 0000000000000000 [ 23.029889] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 23.030572] page dumped because: kasan: bad access detected [ 23.030993] [ 23.031177] Memory state around the buggy address: [ 23.031599] ffff888103225f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.032014] ffff888103225f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.034593] >ffff888103226000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.036785] ^ [ 23.037096] ffff888103226080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 23.037551] ffff888103226100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.040628] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 22.928861] ================================================================== [ 22.929910] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 22.930498] Read of size 1 at addr ffff8881032250c8 by task kunit_try_catch/228 [ 22.931071] [ 22.931747] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.931876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.931912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.931979] Call Trace: [ 22.932010] <TASK> [ 22.932067] dump_stack_lvl+0x73/0xb0 [ 22.932178] print_report+0xd1/0x660 [ 22.932242] ? __virt_addr_valid+0x1db/0x2d0 [ 22.932364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.933043] kasan_report+0x104/0x140 [ 22.933159] ? kmem_cache_oob+0x402/0x530 [ 22.933229] ? kmem_cache_oob+0x402/0x530 [ 22.933303] __asan_report_load1_noabort+0x18/0x20 [ 22.933349] kmem_cache_oob+0x402/0x530 [ 22.933378] ? trace_hardirqs_on+0x37/0xe0 [ 22.933415] ? __pfx_kmem_cache_oob+0x10/0x10 [ 22.933443] ? finish_task_switch.isra.0+0x153/0x730 [ 22.933477] ? __switch_to+0x5d9/0xf70 [ 22.933521] ? __pfx_read_tsc+0x10/0x10 [ 22.933550] ? ktime_get_ts64+0x86/0x240 [ 22.933588] kunit_try_run_case+0x1b2/0x490 [ 22.933624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.933655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.933686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.933753] ? __kthread_parkme+0x82/0x160 [ 22.933785] ? preempt_count_sub+0x50/0x80 [ 22.933820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.933853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.933887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.933919] kthread+0x323/0x710 [ 22.933948] ? trace_preempt_on+0x20/0xc0 [ 22.933981] ? __pfx_kthread+0x10/0x10 [ 22.934012] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.934041] ? calculate_sigpending+0x7b/0xa0 [ 22.934071] ? __pfx_kthread+0x10/0x10 [ 22.934103] ret_from_fork+0x41/0x80 [ 22.934157] ? __pfx_kthread+0x10/0x10 [ 22.934188] ret_from_fork_asm+0x1a/0x30 [ 22.934235] </TASK> [ 22.934251] [ 22.951083] Allocated by task 228: [ 22.951556] kasan_save_stack+0x3d/0x60 [ 22.952158] kasan_save_track+0x18/0x40 [ 22.952675] kasan_save_alloc_info+0x3b/0x50 [ 22.953312] __kasan_slab_alloc+0x91/0xa0 [ 22.953851] kmem_cache_alloc_noprof+0x11d/0x3f0 [ 22.954275] kmem_cache_oob+0x157/0x530 [ 22.954642] kunit_try_run_case+0x1b2/0x490 [ 22.955026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.955485] kthread+0x323/0x710 [ 22.955768] ret_from_fork+0x41/0x80 [ 22.956255] ret_from_fork_asm+0x1a/0x30 [ 22.956685] [ 22.956948] The buggy address belongs to the object at ffff888103225000 [ 22.956948] which belongs to the cache test_cache of size 200 [ 22.957891] The buggy address is located 0 bytes to the right of [ 22.957891] allocated 200-byte region [ffff888103225000, ffff8881032250c8) [ 22.959342] [ 22.959559] The buggy address belongs to the physical page: [ 22.960918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103225 [ 22.961668] flags: 0x200000000000000(node=0|zone=2) [ 22.962083] page_type: f5(slab) [ 22.962394] raw: 0200000000000000 ffff8881020e88c0 dead000000000122 0000000000000000 [ 22.962971] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 22.963920] page dumped because: kasan: bad access detected [ 22.964646] [ 22.965256] Memory state around the buggy address: [ 22.966260] ffff888103224f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.966851] ffff888103225000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.967484] >ffff888103225080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 22.968348] ^ [ 22.969028] ffff888103225100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.969794] ffff888103225180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.970539] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 22.843828] ================================================================== [ 22.844674] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 22.845303] Read of size 8 at addr ffff88810321af00 by task kunit_try_catch/221 [ 22.846012] [ 22.847014] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.847173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.847209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.847264] Call Trace: [ 22.847297] <TASK> [ 22.847336] dump_stack_lvl+0x73/0xb0 [ 22.847419] print_report+0xd1/0x660 [ 22.847481] ? __virt_addr_valid+0x1db/0x2d0 [ 22.847632] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.847959] kasan_report+0x104/0x140 [ 22.848035] ? workqueue_uaf+0x4d6/0x560 [ 22.848075] ? workqueue_uaf+0x4d6/0x560 [ 22.848138] __asan_report_load8_noabort+0x18/0x20 [ 22.848172] workqueue_uaf+0x4d6/0x560 [ 22.848206] ? __pfx_workqueue_uaf+0x10/0x10 [ 22.848239] ? __schedule+0xd46/0x29c0 [ 22.848272] ? __pfx_read_tsc+0x10/0x10 [ 22.848303] ? ktime_get_ts64+0x86/0x240 [ 22.848342] kunit_try_run_case+0x1b2/0x490 [ 22.848379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.848411] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.848441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.848472] ? __kthread_parkme+0x82/0x160 [ 22.848503] ? preempt_count_sub+0x50/0x80 [ 22.848539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.848572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.848604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.848637] kthread+0x323/0x710 [ 22.848665] ? calculate_sigpending+0x7b/0xa0 [ 22.848881] ? trace_preempt_on+0x20/0xc0 [ 22.848923] ? __pfx_kthread+0x10/0x10 [ 22.848955] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.848985] ? calculate_sigpending+0x7b/0xa0 [ 22.849015] ? __pfx_kthread+0x10/0x10 [ 22.849047] ret_from_fork+0x41/0x80 [ 22.849080] ? __pfx_kthread+0x10/0x10 [ 22.849128] ret_from_fork_asm+0x1a/0x30 [ 22.849177] </TASK> [ 22.849193] [ 22.875537] Allocated by task 221: [ 22.876337] kasan_save_stack+0x3d/0x60 [ 22.876622] kasan_save_track+0x18/0x40 [ 22.877225] kasan_save_alloc_info+0x3b/0x50 [ 22.877861] __kasan_kmalloc+0xb7/0xc0 [ 22.878365] __kmalloc_cache_noprof+0x183/0x410 [ 22.879086] workqueue_uaf+0x152/0x560 [ 22.879554] kunit_try_run_case+0x1b2/0x490 [ 22.880430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.881230] kthread+0x323/0x710 [ 22.881582] ret_from_fork+0x41/0x80 [ 22.882165] ret_from_fork_asm+0x1a/0x30 [ 22.882585] [ 22.883089] Freed by task 24: [ 22.883436] kasan_save_stack+0x3d/0x60 [ 22.884255] kasan_save_track+0x18/0x40 [ 22.884728] kasan_save_free_info+0x3f/0x60 [ 22.885201] __kasan_slab_free+0x56/0x70 [ 22.885570] kfree+0x222/0x3f0 [ 22.885943] workqueue_uaf_work+0x12/0x20 [ 22.886599] process_one_work+0x5fe/0xf80 [ 22.887174] worker_thread+0x703/0x12a0 [ 22.887624] kthread+0x323/0x710 [ 22.888482] ret_from_fork+0x41/0x80 [ 22.889140] ret_from_fork_asm+0x1a/0x30 [ 22.889566] [ 22.889932] Last potentially related work creation: [ 22.890444] kasan_save_stack+0x3d/0x60 [ 22.891155] kasan_record_aux_stack+0xb2/0xc0 [ 22.891582] __queue_work+0x626/0xf50 [ 22.892426] queue_work_on+0xb6/0xc0 [ 22.893049] workqueue_uaf+0x26d/0x560 [ 22.893485] kunit_try_run_case+0x1b2/0x490 [ 22.894106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.894627] kthread+0x323/0x710 [ 22.895255] ret_from_fork+0x41/0x80 [ 22.895691] ret_from_fork_asm+0x1a/0x30 [ 22.896601] [ 22.897022] The buggy address belongs to the object at ffff88810321af00 [ 22.897022] which belongs to the cache kmalloc-32 of size 32 [ 22.897910] The buggy address is located 0 bytes inside of [ 22.897910] freed 32-byte region [ffff88810321af00, ffff88810321af20) [ 22.899073] [ 22.899374] The buggy address belongs to the physical page: [ 22.900254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10321a [ 22.901130] flags: 0x200000000000000(node=0|zone=2) [ 22.901649] page_type: f5(slab) [ 22.902268] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.903039] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.904087] page dumped because: kasan: bad access detected [ 22.904517] [ 22.904947] Memory state around the buggy address: [ 22.905400] ffff88810321ae00: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 22.906218] ffff88810321ae80: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 22.906967] >ffff88810321af00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 22.907630] ^ [ 22.908452] ffff88810321af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.909233] ffff88810321b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.910012] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 22.762945] ================================================================== [ 22.763646] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 22.764708] Read of size 4 at addr ffff88810305fd00 by task swapper/0/0 [ 22.765381] [ 22.765586] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 22.765653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.765671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.766104] Call Trace: [ 22.766532] <IRQ> [ 22.766593] dump_stack_lvl+0x73/0xb0 [ 22.766679] print_report+0xd1/0x660 [ 22.766991] ? __virt_addr_valid+0x1db/0x2d0 [ 22.767184] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.767254] kasan_report+0x104/0x140 [ 22.767287] ? rcu_uaf_reclaim+0x50/0x60 [ 22.767320] ? rcu_uaf_reclaim+0x50/0x60 [ 22.767360] __asan_report_load4_noabort+0x18/0x20 [ 22.767390] rcu_uaf_reclaim+0x50/0x60 [ 22.767421] rcu_core+0x66c/0x1cd0 [ 22.767468] ? __pfx_rcu_core+0x10/0x10 [ 22.767512] rcu_core_si+0x12/0x20 [ 22.767541] handle_softirqs+0x209/0x730 [ 22.767575] ? hrtimer_interrupt+0x2fe/0x780 [ 22.767693] ? __pfx_handle_softirqs+0x10/0x10 [ 22.767790] __irq_exit_rcu+0xc9/0x110 [ 22.767894] irq_exit_rcu+0x12/0x20 [ 22.767942] sysvec_apic_timer_interrupt+0x81/0x90 [ 22.767979] </IRQ> [ 22.767994] <TASK> [ 22.768010] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 22.768181] RIP: 0010:default_idle+0xf/0x20 [ 22.768498] Code: 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d f3 e6 16 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 [ 22.768617] RSP: 0000:ffffffffb5007de8 EFLAGS: 00010206 [ 22.768903] RAX: ffff8881a4b85000 RBX: ffffffffb501cbc0 RCX: ffffffffb3ef7555 [ 22.768988] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 000000000001ac94 [ 22.769054] RBP: ffffffffb5007df0 R08: 0000000000000001 R09: ffffed102b606102 [ 22.769140] R10: ffff88815b030813 R11: 00000000000b0000 R12: 0000000000000000 [ 22.769208] R13: fffffbfff6a03978 R14: ffffffffb5c7d610 R15: 0000000000000000 [ 22.769301] ? ct_kernel_exit.constprop.0+0xa5/0xe0 [ 22.769389] ? arch_cpu_idle+0xd/0x20 [ 22.769422] default_idle_call+0x48/0x80 [ 22.769454] do_idle+0x38b/0x500 [ 22.769490] ? __pfx_do_idle+0x10/0x10 [ 22.769522] ? rest_init+0x10b/0x140 [ 22.769558] cpu_startup_entry+0x5c/0x70 [ 22.769589] rest_init+0x11a/0x140 [ 22.769619] ? acpi_subsystem_init+0x5d/0x150 [ 22.769657] start_kernel+0x325/0x450 [ 22.769709] x86_64_start_reservations+0x1c/0x30 [ 22.769743] x86_64_start_kernel+0xcf/0xe0 [ 22.769776] common_startup_64+0x12c/0x138 [ 22.769826] </TASK> [ 22.769842] [ 22.794352] Allocated by task 219: [ 22.795041] kasan_save_stack+0x3d/0x60 [ 22.795543] kasan_save_track+0x18/0x40 [ 22.796416] kasan_save_alloc_info+0x3b/0x50 [ 22.797084] __kasan_kmalloc+0xb7/0xc0 [ 22.797604] __kmalloc_cache_noprof+0x183/0x410 [ 22.798328] rcu_uaf+0xb0/0x330 [ 22.799276] kunit_try_run_case+0x1b2/0x490 [ 22.799951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.800570] kthread+0x323/0x710 [ 22.801236] ret_from_fork+0x41/0x80 [ 22.801652] ret_from_fork_asm+0x1a/0x30 [ 22.802393] [ 22.802649] Freed by task 0: [ 22.803446] kasan_save_stack+0x3d/0x60 [ 22.804175] kasan_save_track+0x18/0x40 [ 22.804856] kasan_save_free_info+0x3f/0x60 [ 22.805344] __kasan_slab_free+0x56/0x70 [ 22.806134] kfree+0x222/0x3f0 [ 22.806509] rcu_uaf_reclaim+0x1f/0x60 [ 22.806899] rcu_core+0x66c/0x1cd0 [ 22.807817] rcu_core_si+0x12/0x20 [ 22.808467] handle_softirqs+0x209/0x730 [ 22.808990] __irq_exit_rcu+0xc9/0x110 [ 22.809429] irq_exit_rcu+0x12/0x20 [ 22.809695] sysvec_apic_timer_interrupt+0x81/0x90 [ 22.810540] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 22.811503] [ 22.812130] Last potentially related work creation: [ 22.812502] kasan_save_stack+0x3d/0x60 [ 22.813133] kasan_record_aux_stack+0xb2/0xc0 [ 22.813604] __call_rcu_common.constprop.0+0x72/0xa00 [ 22.814468] call_rcu+0x12/0x20 [ 22.815417] rcu_uaf+0x168/0x330 [ 22.816068] kunit_try_run_case+0x1b2/0x490 [ 22.816510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.817291] kthread+0x323/0x710 [ 22.817950] ret_from_fork+0x41/0x80 [ 22.818387] ret_from_fork_asm+0x1a/0x30 [ 22.819054] [ 22.819280] The buggy address belongs to the object at ffff88810305fd00 [ 22.819280] which belongs to the cache kmalloc-32 of size 32 [ 22.820601] The buggy address is located 0 bytes inside of [ 22.820601] freed 32-byte region [ffff88810305fd00, ffff88810305fd20) [ 22.821515] [ 22.821710] The buggy address belongs to the physical page: [ 22.822964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305f [ 22.824223] flags: 0x200000000000000(node=0|zone=2) [ 22.824698] page_type: f5(slab) [ 22.825674] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.826578] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.827866] page dumped because: kasan: bad access detected [ 22.828570] [ 22.828703] Memory state around the buggy address: [ 22.828867] ffff88810305fc00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.829080] ffff88810305fc80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.829438] >ffff88810305fd00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 22.829904] ^ [ 22.831010] ffff88810305fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.831897] ffff88810305fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.832612] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 20.818456] ================================================================== [ 20.819720] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 20.820488] Read of size 1 at addr ffff888103910000 by task kunit_try_catch/175 [ 20.821173] [ 20.822558] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.822670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.822868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.822919] Call Trace: [ 20.822939] <TASK> [ 20.822961] dump_stack_lvl+0x73/0xb0 [ 20.823008] print_report+0xd1/0x660 [ 20.823042] ? __virt_addr_valid+0x1db/0x2d0 [ 20.823106] ? kasan_addr_to_slab+0x11/0xa0 [ 20.823168] kasan_report+0x104/0x140 [ 20.823198] ? page_alloc_uaf+0x356/0x3d0 [ 20.823232] ? page_alloc_uaf+0x356/0x3d0 [ 20.823272] __asan_report_load1_noabort+0x18/0x20 [ 20.823302] page_alloc_uaf+0x356/0x3d0 [ 20.823333] ? __pfx_page_alloc_uaf+0x10/0x10 [ 20.823366] ? __schedule+0xd46/0x29c0 [ 20.823397] ? __pfx_read_tsc+0x10/0x10 [ 20.823426] ? ktime_get_ts64+0x86/0x240 [ 20.823463] kunit_try_run_case+0x1b2/0x490 [ 20.823498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.823529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.823560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.823601] ? __kthread_parkme+0x82/0x160 [ 20.823650] ? preempt_count_sub+0x50/0x80 [ 20.823743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.823822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.823877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.823912] kthread+0x323/0x710 [ 20.823954] ? trace_preempt_on+0x20/0xc0 [ 20.823990] ? __pfx_kthread+0x10/0x10 [ 20.824021] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.824050] ? calculate_sigpending+0x7b/0xa0 [ 20.824081] ? __pfx_kthread+0x10/0x10 [ 20.824133] ret_from_fork+0x41/0x80 [ 20.824167] ? __pfx_kthread+0x10/0x10 [ 20.824198] ret_from_fork_asm+0x1a/0x30 [ 20.824246] </TASK> [ 20.824261] [ 20.840461] The buggy address belongs to the physical page: [ 20.841094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 20.841942] flags: 0x200000000000000(node=0|zone=2) [ 20.842440] page_type: f0(buddy) [ 20.843282] raw: 0200000000000000 ffff88817fffb3e0 ffff88817fffb3e0 0000000000000000 [ 20.843802] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 20.844428] page dumped because: kasan: bad access detected [ 20.844827] [ 20.844985] Memory state around the buggy address: [ 20.845889] ffff88810390ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.846560] ffff88810390ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.847554] >ffff888103910000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.848280] ^ [ 20.848915] ffff888103910080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.849431] ffff888103910100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.850294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 20.762954] ================================================================== [ 20.765185] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 20.765868] Free of addr ffff888102690001 by task kunit_try_catch/171 [ 20.766235] [ 20.766474] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.766599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.766635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.766675] Call Trace: [ 20.766696] <TASK> [ 20.766729] dump_stack_lvl+0x73/0xb0 [ 20.766775] print_report+0xd1/0x660 [ 20.766828] ? __virt_addr_valid+0x1db/0x2d0 [ 20.766904] ? kasan_addr_to_slab+0x11/0xa0 [ 20.766936] ? kfree+0x274/0x3f0 [ 20.766962] kasan_report_invalid_free+0xce/0x100 [ 20.766998] ? kfree+0x274/0x3f0 [ 20.767029] ? kfree+0x274/0x3f0 [ 20.767056] __kasan_kfree_large+0x86/0xd0 [ 20.767087] free_large_kmalloc+0x4b/0x130 [ 20.767165] kfree+0x274/0x3f0 [ 20.767225] kmalloc_large_invalid_free+0x120/0x2b0 [ 20.767288] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 20.767352] ? __schedule+0xd46/0x29c0 [ 20.767415] ? __pfx_read_tsc+0x10/0x10 [ 20.767475] ? ktime_get_ts64+0x86/0x240 [ 20.767636] kunit_try_run_case+0x1b2/0x490 [ 20.767697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.768450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.768493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.768527] ? __kthread_parkme+0x82/0x160 [ 20.768560] ? preempt_count_sub+0x50/0x80 [ 20.768597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.768631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.768666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.768765] kthread+0x323/0x710 [ 20.768833] ? trace_preempt_on+0x20/0xc0 [ 20.768896] ? __pfx_kthread+0x10/0x10 [ 20.768930] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.768960] ? calculate_sigpending+0x7b/0xa0 [ 20.768992] ? __pfx_kthread+0x10/0x10 [ 20.769024] ret_from_fork+0x41/0x80 [ 20.769056] ? __pfx_kthread+0x10/0x10 [ 20.769088] ret_from_fork_asm+0x1a/0x30 [ 20.769159] </TASK> [ 20.769176] [ 20.789984] The buggy address belongs to the physical page: [ 20.790803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102690 [ 20.791224] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.791559] flags: 0x200000000000040(head|node=0|zone=2) [ 20.791789] page_type: f8(unknown) [ 20.791942] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.793416] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.794439] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.795286] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.795700] head: 0200000000000002 ffffea000409a401 00000000ffffffff 00000000ffffffff [ 20.797193] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.797840] page dumped because: kasan: bad access detected [ 20.799330] [ 20.799488] Memory state around the buggy address: [ 20.799885] ffff88810268ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.801089] ffff88810268ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.801562] >ffff888102690000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.802574] ^ [ 20.803455] ffff888102690080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.803931] ffff888102690100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.805505] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 20.728730] ================================================================== [ 20.730363] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 20.731078] Read of size 1 at addr ffff888102188000 by task kunit_try_catch/169 [ 20.731697] [ 20.731988] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.732062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.732079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.732107] Call Trace: [ 20.732161] <TASK> [ 20.732195] dump_stack_lvl+0x73/0xb0 [ 20.732266] print_report+0xd1/0x660 [ 20.732328] ? __virt_addr_valid+0x1db/0x2d0 [ 20.732446] ? kasan_addr_to_slab+0x11/0xa0 [ 20.732510] kasan_report+0x104/0x140 [ 20.732564] ? kmalloc_large_uaf+0x2f1/0x340 [ 20.732625] ? kmalloc_large_uaf+0x2f1/0x340 [ 20.732698] __asan_report_load1_noabort+0x18/0x20 [ 20.732785] kmalloc_large_uaf+0x2f1/0x340 [ 20.733224] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 20.733321] ? __schedule+0xd46/0x29c0 [ 20.733403] ? __pfx_read_tsc+0x10/0x10 [ 20.733465] ? ktime_get_ts64+0x86/0x240 [ 20.733514] kunit_try_run_case+0x1b2/0x490 [ 20.733554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.733586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.733618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.733649] ? __kthread_parkme+0x82/0x160 [ 20.733680] ? preempt_count_sub+0x50/0x80 [ 20.733787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.733857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.733894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.733927] kthread+0x323/0x710 [ 20.733958] ? trace_preempt_on+0x20/0xc0 [ 20.733993] ? __pfx_kthread+0x10/0x10 [ 20.734024] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.734056] ? calculate_sigpending+0x7b/0xa0 [ 20.734086] ? __pfx_kthread+0x10/0x10 [ 20.734166] ret_from_fork+0x41/0x80 [ 20.734202] ? __pfx_kthread+0x10/0x10 [ 20.734233] ret_from_fork_asm+0x1a/0x30 [ 20.734280] </TASK> [ 20.734296] [ 20.746741] The buggy address belongs to the physical page: [ 20.747357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102188 [ 20.748232] flags: 0x200000000000000(node=0|zone=2) [ 20.748845] raw: 0200000000000000 ffff88815b039c00 ffff88815b039c00 0000000000000000 [ 20.749669] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.750482] page dumped because: kasan: bad access detected [ 20.751322] [ 20.751585] Memory state around the buggy address: [ 20.752321] ffff888102187f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.753101] ffff888102187f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.753700] >ffff888102188000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.754180] ^ [ 20.754537] ffff888102188080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.755057] ffff888102188100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.755480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 20.672663] ================================================================== [ 20.673642] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 20.674508] Write of size 1 at addr ffff88810218a00a by task kunit_try_catch/167 [ 20.676077] [ 20.676742] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.676880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.676915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.676997] Call Trace: [ 20.677035] <TASK> [ 20.677069] dump_stack_lvl+0x73/0xb0 [ 20.677188] print_report+0xd1/0x660 [ 20.677225] ? __virt_addr_valid+0x1db/0x2d0 [ 20.677290] ? kasan_addr_to_slab+0x11/0xa0 [ 20.677325] kasan_report+0x104/0x140 [ 20.677353] ? kmalloc_large_oob_right+0x2e9/0x330 [ 20.677389] ? kmalloc_large_oob_right+0x2e9/0x330 [ 20.677430] __asan_report_store1_noabort+0x1b/0x30 [ 20.677461] kmalloc_large_oob_right+0x2e9/0x330 [ 20.677494] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 20.677527] ? __schedule+0xd46/0x29c0 [ 20.677558] ? __pfx_read_tsc+0x10/0x10 [ 20.677588] ? ktime_get_ts64+0x86/0x240 [ 20.677625] kunit_try_run_case+0x1b2/0x490 [ 20.677660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.677741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.677804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.677858] ? __kthread_parkme+0x82/0x160 [ 20.677892] ? preempt_count_sub+0x50/0x80 [ 20.677928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.677961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.677996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.678029] kthread+0x323/0x710 [ 20.678057] ? trace_preempt_on+0x20/0xc0 [ 20.678091] ? __pfx_kthread+0x10/0x10 [ 20.678145] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.678175] ? calculate_sigpending+0x7b/0xa0 [ 20.678206] ? __pfx_kthread+0x10/0x10 [ 20.678237] ret_from_fork+0x41/0x80 [ 20.678267] ? __pfx_kthread+0x10/0x10 [ 20.678298] ret_from_fork_asm+0x1a/0x30 [ 20.678345] </TASK> [ 20.678361] [ 20.697905] The buggy address belongs to the physical page: [ 20.698679] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102188 [ 20.700040] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.700537] flags: 0x200000000000040(head|node=0|zone=2) [ 20.701433] page_type: f8(unknown) [ 20.702269] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.703191] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.704015] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.704684] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.705537] head: 0200000000000002 ffffea0004086201 00000000ffffffff 00000000ffffffff [ 20.706685] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.707565] page dumped because: kasan: bad access detected [ 20.708379] [ 20.708557] Memory state around the buggy address: [ 20.709214] ffff888102189f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.710376] ffff888102189f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.711131] >ffff88810218a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.711642] ^ [ 20.711872] ffff88810218a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.712684] ffff88810218a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.713405] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 20.611050] ================================================================== [ 20.611931] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 20.612607] Write of size 1 at addr ffff8881027e5f00 by task kunit_try_catch/165 [ 20.613027] [ 20.613316] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.613445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.613475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.613531] Call Trace: [ 20.613564] <TASK> [ 20.613602] dump_stack_lvl+0x73/0xb0 [ 20.613678] print_report+0xd1/0x660 [ 20.613739] ? __virt_addr_valid+0x1db/0x2d0 [ 20.613857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.613926] kasan_report+0x104/0x140 [ 20.613978] ? kmalloc_big_oob_right+0x316/0x370 [ 20.614052] ? kmalloc_big_oob_right+0x316/0x370 [ 20.614150] __asan_report_store1_noabort+0x1b/0x30 [ 20.614210] kmalloc_big_oob_right+0x316/0x370 [ 20.614273] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 20.614336] ? __schedule+0xd46/0x29c0 [ 20.614422] ? __pfx_read_tsc+0x10/0x10 [ 20.614504] ? ktime_get_ts64+0x86/0x240 [ 20.614577] kunit_try_run_case+0x1b2/0x490 [ 20.614734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.614804] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.614864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.614926] ? __kthread_parkme+0x82/0x160 [ 20.614989] ? preempt_count_sub+0x50/0x80 [ 20.615060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.615154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.615227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.615293] kthread+0x323/0x710 [ 20.615347] ? trace_preempt_on+0x20/0xc0 [ 20.615412] ? __pfx_kthread+0x10/0x10 [ 20.615471] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.615526] ? calculate_sigpending+0x7b/0xa0 [ 20.615583] ? __pfx_kthread+0x10/0x10 [ 20.615666] ret_from_fork+0x41/0x80 [ 20.615723] ? __pfx_kthread+0x10/0x10 [ 20.615780] ret_from_fork_asm+0x1a/0x30 [ 20.615873] </TASK> [ 20.615901] [ 20.635094] Allocated by task 165: [ 20.635665] kasan_save_stack+0x3d/0x60 [ 20.636319] kasan_save_track+0x18/0x40 [ 20.637248] kasan_save_alloc_info+0x3b/0x50 [ 20.637649] __kasan_kmalloc+0xb7/0xc0 [ 20.638574] __kmalloc_cache_noprof+0x183/0x410 [ 20.639217] kmalloc_big_oob_right+0xa9/0x370 [ 20.639652] kunit_try_run_case+0x1b2/0x490 [ 20.641221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.642134] kthread+0x323/0x710 [ 20.642453] ret_from_fork+0x41/0x80 [ 20.642984] ret_from_fork_asm+0x1a/0x30 [ 20.644067] [ 20.644256] The buggy address belongs to the object at ffff8881027e4000 [ 20.644256] which belongs to the cache kmalloc-8k of size 8192 [ 20.645311] The buggy address is located 0 bytes to the right of [ 20.645311] allocated 7936-byte region [ffff8881027e4000, ffff8881027e5f00) [ 20.646558] [ 20.646843] The buggy address belongs to the physical page: [ 20.648199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e0 [ 20.649165] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.650229] flags: 0x200000000000040(head|node=0|zone=2) [ 20.650660] page_type: f5(slab) [ 20.651351] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 20.652669] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 20.653551] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 20.654670] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 20.656239] head: 0200000000000003 ffffea000409f801 00000000ffffffff 00000000ffffffff [ 20.657668] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 20.658607] page dumped because: kasan: bad access detected [ 20.659249] [ 20.660322] Memory state around the buggy address: [ 20.660591] ffff8881027e5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.661400] ffff8881027e5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.662261] >ffff8881027e5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.662646] ^ [ 20.663197] ffff8881027e5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.664438] ffff8881027e6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.665317] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 20.514962] ================================================================== [ 20.516386] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 20.517256] Write of size 1 at addr ffff88810305a178 by task kunit_try_catch/163 [ 20.517895] [ 20.518470] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.518868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.518898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.518931] Call Trace: [ 20.518949] <TASK> [ 20.518969] dump_stack_lvl+0x73/0xb0 [ 20.519012] print_report+0xd1/0x660 [ 20.519047] ? __virt_addr_valid+0x1db/0x2d0 [ 20.519135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.519174] kasan_report+0x104/0x140 [ 20.519203] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 20.519241] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 20.519285] __asan_report_store1_noabort+0x1b/0x30 [ 20.519315] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 20.519351] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 20.519388] ? __schedule+0xd46/0x29c0 [ 20.519419] ? __pfx_read_tsc+0x10/0x10 [ 20.519448] ? ktime_get_ts64+0x86/0x240 [ 20.519484] kunit_try_run_case+0x1b2/0x490 [ 20.519518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.519549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.519579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.519638] ? __kthread_parkme+0x82/0x160 [ 20.519669] ? preempt_count_sub+0x50/0x80 [ 20.519710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.519784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.519819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.519852] kthread+0x323/0x710 [ 20.519882] ? trace_preempt_on+0x20/0xc0 [ 20.519917] ? __pfx_kthread+0x10/0x10 [ 20.519959] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.519989] ? calculate_sigpending+0x7b/0xa0 [ 20.520019] ? __pfx_kthread+0x10/0x10 [ 20.520050] ret_from_fork+0x41/0x80 [ 20.520080] ? __pfx_kthread+0x10/0x10 [ 20.520131] ret_from_fork_asm+0x1a/0x30 [ 20.520179] </TASK> [ 20.520195] [ 20.537885] Allocated by task 163: [ 20.538992] kasan_save_stack+0x3d/0x60 [ 20.539347] kasan_save_track+0x18/0x40 [ 20.539967] kasan_save_alloc_info+0x3b/0x50 [ 20.540615] __kasan_kmalloc+0xb7/0xc0 [ 20.541227] __kmalloc_node_track_caller_noprof+0x1c5/0x500 [ 20.541716] kmalloc_track_caller_oob_right+0x99/0x520 [ 20.542267] kunit_try_run_case+0x1b2/0x490 [ 20.542699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.543720] kthread+0x323/0x710 [ 20.544056] ret_from_fork+0x41/0x80 [ 20.544442] ret_from_fork_asm+0x1a/0x30 [ 20.545057] [ 20.545208] The buggy address belongs to the object at ffff88810305a100 [ 20.545208] which belongs to the cache kmalloc-128 of size 128 [ 20.545735] The buggy address is located 0 bytes to the right of [ 20.545735] allocated 120-byte region [ffff88810305a100, ffff88810305a178) [ 20.547179] [ 20.547844] The buggy address belongs to the physical page: [ 20.548395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.549199] flags: 0x200000000000000(node=0|zone=2) [ 20.549508] page_type: f5(slab) [ 20.549755] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.551550] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.551986] page dumped because: kasan: bad access detected [ 20.552581] [ 20.552750] Memory state around the buggy address: [ 20.553674] ffff88810305a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.554076] ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.555134] >ffff88810305a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.555839] ^ [ 20.556637] ffff88810305a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557327] ffff88810305a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.558227] ================================================================== [ 20.560025] ================================================================== [ 20.560543] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 20.561785] Write of size 1 at addr ffff88810305a278 by task kunit_try_catch/163 [ 20.562390] [ 20.562622] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.562744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.562774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.562827] Call Trace: [ 20.562856] <TASK> [ 20.562886] dump_stack_lvl+0x73/0xb0 [ 20.562951] print_report+0xd1/0x660 [ 20.563009] ? __virt_addr_valid+0x1db/0x2d0 [ 20.563140] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.563209] kasan_report+0x104/0x140 [ 20.563262] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 20.563332] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 20.563415] __asan_report_store1_noabort+0x1b/0x30 [ 20.563471] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 20.563537] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 20.563631] ? __schedule+0xd46/0x29c0 [ 20.563690] ? __pfx_read_tsc+0x10/0x10 [ 20.563745] ? ktime_get_ts64+0x86/0x240 [ 20.564256] kunit_try_run_case+0x1b2/0x490 [ 20.564340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.564781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.564873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.565187] ? __kthread_parkme+0x82/0x160 [ 20.565266] ? preempt_count_sub+0x50/0x80 [ 20.565335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.565399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.565464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.565526] kthread+0x323/0x710 [ 20.565579] ? trace_preempt_on+0x20/0xc0 [ 20.565639] ? __pfx_kthread+0x10/0x10 [ 20.565696] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.565750] ? calculate_sigpending+0x7b/0xa0 [ 20.565802] ? __pfx_kthread+0x10/0x10 [ 20.565857] ret_from_fork+0x41/0x80 [ 20.565912] ? __pfx_kthread+0x10/0x10 [ 20.565993] ret_from_fork_asm+0x1a/0x30 [ 20.566276] </TASK> [ 20.566304] [ 20.583087] Allocated by task 163: [ 20.583516] kasan_save_stack+0x3d/0x60 [ 20.583820] kasan_save_track+0x18/0x40 [ 20.584075] kasan_save_alloc_info+0x3b/0x50 [ 20.584390] __kasan_kmalloc+0xb7/0xc0 [ 20.584622] __kmalloc_node_track_caller_noprof+0x1c5/0x500 [ 20.584820] kmalloc_track_caller_oob_right+0x19a/0x520 [ 20.584999] kunit_try_run_case+0x1b2/0x490 [ 20.586923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.587247] kthread+0x323/0x710 [ 20.587680] ret_from_fork+0x41/0x80 [ 20.588707] ret_from_fork_asm+0x1a/0x30 [ 20.589367] [ 20.589598] The buggy address belongs to the object at ffff88810305a200 [ 20.589598] which belongs to the cache kmalloc-128 of size 128 [ 20.591200] The buggy address is located 0 bytes to the right of [ 20.591200] allocated 120-byte region [ffff88810305a200, ffff88810305a278) [ 20.592531] [ 20.592776] The buggy address belongs to the physical page: [ 20.593097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.594134] flags: 0x200000000000000(node=0|zone=2) [ 20.594429] page_type: f5(slab) [ 20.594638] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.595008] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.595386] page dumped because: kasan: bad access detected [ 20.595691] [ 20.596316] Memory state around the buggy address: [ 20.597649] ffff88810305a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.598401] ffff88810305a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.599364] >ffff88810305a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.599857] ^ [ 20.600819] ffff88810305a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.601609] ffff88810305a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.602632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 20.462026] ================================================================== [ 20.462864] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 20.463724] Read of size 1 at addr ffff888103839000 by task kunit_try_catch/161 [ 20.464417] [ 20.465301] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.465401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.465434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.465488] Call Trace: [ 20.465518] <TASK> [ 20.465591] dump_stack_lvl+0x73/0xb0 [ 20.465677] print_report+0xd1/0x660 [ 20.465872] ? __virt_addr_valid+0x1db/0x2d0 [ 20.465959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.465999] kasan_report+0x104/0x140 [ 20.466031] ? kmalloc_node_oob_right+0x369/0x3c0 [ 20.466067] ? kmalloc_node_oob_right+0x369/0x3c0 [ 20.466134] __asan_report_load1_noabort+0x18/0x20 [ 20.466171] kmalloc_node_oob_right+0x369/0x3c0 [ 20.466207] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 20.466242] ? __schedule+0xd46/0x29c0 [ 20.466274] ? __pfx_read_tsc+0x10/0x10 [ 20.466304] ? ktime_get_ts64+0x86/0x240 [ 20.466341] kunit_try_run_case+0x1b2/0x490 [ 20.466377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.466407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.466438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.466469] ? __kthread_parkme+0x82/0x160 [ 20.466500] ? preempt_count_sub+0x50/0x80 [ 20.466536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.466569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.466601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.466633] kthread+0x323/0x710 [ 20.466662] ? trace_preempt_on+0x20/0xc0 [ 20.466696] ? __pfx_kthread+0x10/0x10 [ 20.466757] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.466788] ? calculate_sigpending+0x7b/0xa0 [ 20.466818] ? __pfx_kthread+0x10/0x10 [ 20.466850] ret_from_fork+0x41/0x80 [ 20.466881] ? __pfx_kthread+0x10/0x10 [ 20.466912] ret_from_fork_asm+0x1a/0x30 [ 20.466958] </TASK> [ 20.466974] [ 20.485867] Allocated by task 161: [ 20.486258] kasan_save_stack+0x3d/0x60 [ 20.486603] kasan_save_track+0x18/0x40 [ 20.487421] kasan_save_alloc_info+0x3b/0x50 [ 20.487746] __kasan_kmalloc+0xb7/0xc0 [ 20.488185] __kmalloc_cache_node_noprof+0x182/0x420 [ 20.488648] kmalloc_node_oob_right+0xab/0x3c0 [ 20.489817] kunit_try_run_case+0x1b2/0x490 [ 20.490211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.490611] kthread+0x323/0x710 [ 20.491561] ret_from_fork+0x41/0x80 [ 20.492038] ret_from_fork_asm+0x1a/0x30 [ 20.492638] [ 20.492974] The buggy address belongs to the object at ffff888103838000 [ 20.492974] which belongs to the cache kmalloc-4k of size 4096 [ 20.493645] The buggy address is located 0 bytes to the right of [ 20.493645] allocated 4096-byte region [ffff888103838000, ffff888103839000) [ 20.494942] [ 20.495191] The buggy address belongs to the physical page: [ 20.495870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103838 [ 20.496982] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.497701] flags: 0x200000000000040(head|node=0|zone=2) [ 20.498444] page_type: f5(slab) [ 20.498868] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 20.499430] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 20.500227] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 20.500944] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 20.501595] head: 0200000000000003 ffffea00040e0e01 00000000ffffffff 00000000ffffffff [ 20.502316] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 20.502855] page dumped because: kasan: bad access detected [ 20.503394] [ 20.503676] Memory state around the buggy address: [ 20.504084] ffff888103838f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.504753] ffff888103838f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.505225] >ffff888103839000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.505857] ^ [ 20.506269] ffff888103839080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.506750] ffff888103839100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.507431] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 20.406017] ================================================================== [ 20.407049] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 20.407686] Read of size 1 at addr ffff888100a7a95f by task kunit_try_catch/159 [ 20.408531] [ 20.408798] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.408920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.408951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.408982] Call Trace: [ 20.409001] <TASK> [ 20.409022] dump_stack_lvl+0x73/0xb0 [ 20.409067] print_report+0xd1/0x660 [ 20.409140] ? __virt_addr_valid+0x1db/0x2d0 [ 20.409260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.409329] kasan_report+0x104/0x140 [ 20.409388] ? kmalloc_oob_left+0x361/0x3c0 [ 20.409453] ? kmalloc_oob_left+0x361/0x3c0 [ 20.409525] __asan_report_load1_noabort+0x18/0x20 [ 20.409561] kmalloc_oob_left+0x361/0x3c0 [ 20.409595] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 20.409629] ? __schedule+0xd46/0x29c0 [ 20.409662] ? __pfx_read_tsc+0x10/0x10 [ 20.409693] ? ktime_get_ts64+0x86/0x240 [ 20.410197] kunit_try_run_case+0x1b2/0x490 [ 20.410293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.410341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.410377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.410410] ? __kthread_parkme+0x82/0x160 [ 20.410444] ? preempt_count_sub+0x50/0x80 [ 20.410480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.410514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.410547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.410580] kthread+0x323/0x710 [ 20.410610] ? trace_preempt_on+0x20/0xc0 [ 20.410645] ? __pfx_kthread+0x10/0x10 [ 20.410676] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.410726] ? calculate_sigpending+0x7b/0xa0 [ 20.410804] ? __pfx_kthread+0x10/0x10 [ 20.410839] ret_from_fork+0x41/0x80 [ 20.410871] ? __pfx_kthread+0x10/0x10 [ 20.410903] ret_from_fork_asm+0x1a/0x30 [ 20.410952] </TASK> [ 20.410967] [ 20.423426] Allocated by task 11: [ 20.423876] kasan_save_stack+0x3d/0x60 [ 20.424339] kasan_save_track+0x18/0x40 [ 20.424848] kasan_save_alloc_info+0x3b/0x50 [ 20.425322] __kasan_kmalloc+0xb7/0xc0 [ 20.425589] __kmalloc_node_track_caller_noprof+0x1c5/0x500 [ 20.426139] kvasprintf+0xc5/0x170 [ 20.427455] __kthread_create_on_node+0x18b/0x3a0 [ 20.428007] kthread_create_on_node+0xa7/0xe0 [ 20.428480] create_worker+0x3c6/0x7a0 [ 20.428820] worker_thread+0x947/0x12a0 [ 20.431096] kthread+0x323/0x710 [ 20.431446] ret_from_fork+0x41/0x80 [ 20.431945] ret_from_fork_asm+0x1a/0x30 [ 20.432350] [ 20.432562] The buggy address belongs to the object at ffff888100a7a940 [ 20.432562] which belongs to the cache kmalloc-16 of size 16 [ 20.434500] The buggy address is located 19 bytes to the right of [ 20.434500] allocated 12-byte region [ffff888100a7a940, ffff888100a7a94c) [ 20.435448] [ 20.436345] The buggy address belongs to the physical page: [ 20.436772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a7a [ 20.437401] flags: 0x200000000000000(node=0|zone=2) [ 20.438241] page_type: f5(slab) [ 20.438808] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.439331] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.440341] page dumped because: kasan: bad access detected [ 20.441082] [ 20.441326] Memory state around the buggy address: [ 20.442133] ffff888100a7a800: 00 05 fc fc 00 02 fc fc 00 03 fc fc fa fb fc fc [ 20.442868] ffff888100a7a880: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 20.443794] >ffff888100a7a900: 00 02 fc fc 00 02 fc fc 00 04 fc fc 00 07 fc fc [ 20.444436] ^ [ 20.445598] ffff888100a7a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.446126] ffff888100a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.446751] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 20.259193] ================================================================== [ 20.260581] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 20.262257] Write of size 1 at addr ffff88810305a073 by task kunit_try_catch/157 [ 20.263227] [ 20.265942] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.266398] Tainted: [N]=TEST [ 20.266449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.266880] Call Trace: [ 20.266997] <TASK> [ 20.267240] dump_stack_lvl+0x73/0xb0 [ 20.267374] print_report+0xd1/0x660 [ 20.267421] ? __virt_addr_valid+0x1db/0x2d0 [ 20.267490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.267527] kasan_report+0x104/0x140 [ 20.267556] ? kmalloc_oob_right+0x6f0/0x7f0 [ 20.267599] ? kmalloc_oob_right+0x6f0/0x7f0 [ 20.267659] __asan_report_store1_noabort+0x1b/0x30 [ 20.267738] kmalloc_oob_right+0x6f0/0x7f0 [ 20.267825] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.267889] ? __schedule+0xd46/0x29c0 [ 20.267959] ? __pfx_read_tsc+0x10/0x10 [ 20.268012] ? ktime_get_ts64+0x86/0x240 [ 20.268077] kunit_try_run_case+0x1b2/0x490 [ 20.268170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.268203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.268237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.268268] ? __kthread_parkme+0x82/0x160 [ 20.268300] ? preempt_count_sub+0x50/0x80 [ 20.268338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.268371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.268404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.268436] kthread+0x323/0x710 [ 20.268465] ? trace_preempt_on+0x20/0xc0 [ 20.268500] ? __pfx_kthread+0x10/0x10 [ 20.268531] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.268560] ? calculate_sigpending+0x7b/0xa0 [ 20.268591] ? __pfx_kthread+0x10/0x10 [ 20.268623] ret_from_fork+0x41/0x80 [ 20.268653] ? __pfx_kthread+0x10/0x10 [ 20.268684] ret_from_fork_asm+0x1a/0x30 [ 20.268891] </TASK> [ 20.269011] [ 20.281844] Allocated by task 157: [ 20.282649] kasan_save_stack+0x3d/0x60 [ 20.283277] kasan_save_track+0x18/0x40 [ 20.283870] kasan_save_alloc_info+0x3b/0x50 [ 20.284426] __kasan_kmalloc+0xb7/0xc0 [ 20.284905] __kmalloc_cache_noprof+0x183/0x410 [ 20.285436] kmalloc_oob_right+0xa9/0x7f0 [ 20.286385] kunit_try_run_case+0x1b2/0x490 [ 20.286799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.287351] kthread+0x323/0x710 [ 20.287957] ret_from_fork+0x41/0x80 [ 20.288443] ret_from_fork_asm+0x1a/0x30 [ 20.289045] [ 20.289423] The buggy address belongs to the object at ffff88810305a000 [ 20.289423] which belongs to the cache kmalloc-128 of size 128 [ 20.291433] The buggy address is located 0 bytes to the right of [ 20.291433] allocated 115-byte region [ffff88810305a000, ffff88810305a073) [ 20.292984] [ 20.293527] The buggy address belongs to the physical page: [ 20.295006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.296884] flags: 0x200000000000000(node=0|zone=2) [ 20.299090] page_type: f5(slab) [ 20.301031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.302038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.302932] page dumped because: kasan: bad access detected [ 20.303509] [ 20.303796] Memory state around the buggy address: [ 20.305560] ffff888103059f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.306644] ffff888103059f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.307417] >ffff88810305a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.308292] ^ [ 20.309389] ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.310279] ffff88810305a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.311053] ================================================================== [ 20.351477] ================================================================== [ 20.352388] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 20.353017] Read of size 1 at addr ffff88810305a080 by task kunit_try_catch/157 [ 20.353557] [ 20.353741] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.353858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.353891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.353944] Call Trace: [ 20.353975] <TASK> [ 20.354006] dump_stack_lvl+0x73/0xb0 [ 20.354080] print_report+0xd1/0x660 [ 20.354169] ? __virt_addr_valid+0x1db/0x2d0 [ 20.354291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.354365] kasan_report+0x104/0x140 [ 20.354424] ? kmalloc_oob_right+0x68a/0x7f0 [ 20.354490] ? kmalloc_oob_right+0x68a/0x7f0 [ 20.354568] __asan_report_load1_noabort+0x18/0x20 [ 20.354632] kmalloc_oob_right+0x68a/0x7f0 [ 20.354699] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.354765] ? __schedule+0xd46/0x29c0 [ 20.354827] ? __pfx_read_tsc+0x10/0x10 [ 20.354884] ? ktime_get_ts64+0x86/0x240 [ 20.354953] kunit_try_run_case+0x1b2/0x490 [ 20.355022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.355083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.355536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.355644] ? __kthread_parkme+0x82/0x160 [ 20.355709] ? preempt_count_sub+0x50/0x80 [ 20.355783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.355853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.355921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.355998] kthread+0x323/0x710 [ 20.356056] ? trace_preempt_on+0x20/0xc0 [ 20.356141] ? __pfx_kthread+0x10/0x10 [ 20.356207] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.356265] ? calculate_sigpending+0x7b/0xa0 [ 20.356325] ? __pfx_kthread+0x10/0x10 [ 20.356388] ret_from_fork+0x41/0x80 [ 20.356448] ? __pfx_kthread+0x10/0x10 [ 20.356510] ret_from_fork_asm+0x1a/0x30 [ 20.356600] </TASK> [ 20.356630] [ 20.378333] Allocated by task 157: [ 20.378573] kasan_save_stack+0x3d/0x60 [ 20.379058] kasan_save_track+0x18/0x40 [ 20.379580] kasan_save_alloc_info+0x3b/0x50 [ 20.381062] __kasan_kmalloc+0xb7/0xc0 [ 20.381495] __kmalloc_cache_noprof+0x183/0x410 [ 20.382209] kmalloc_oob_right+0xa9/0x7f0 [ 20.382646] kunit_try_run_case+0x1b2/0x490 [ 20.383324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.384314] kthread+0x323/0x710 [ 20.384880] ret_from_fork+0x41/0x80 [ 20.385329] ret_from_fork_asm+0x1a/0x30 [ 20.386031] [ 20.386277] The buggy address belongs to the object at ffff88810305a000 [ 20.386277] which belongs to the cache kmalloc-128 of size 128 [ 20.387275] The buggy address is located 13 bytes to the right of [ 20.387275] allocated 115-byte region [ffff88810305a000, ffff88810305a073) [ 20.388972] [ 20.389224] The buggy address belongs to the physical page: [ 20.389747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.390357] flags: 0x200000000000000(node=0|zone=2) [ 20.390813] page_type: f5(slab) [ 20.391094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.392550] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.393291] page dumped because: kasan: bad access detected [ 20.393594] [ 20.393940] Memory state around the buggy address: [ 20.394415] ffff888103059f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.395342] ffff88810305a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.396504] >ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397265] ^ [ 20.397658] ffff88810305a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.398391] ffff88810305a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.399234] ================================================================== [ 20.314936] ================================================================== [ 20.315481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 20.316369] Write of size 1 at addr ffff88810305a078 by task kunit_try_catch/157 [ 20.316864] [ 20.317051] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 20.317192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.317227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.317282] Call Trace: [ 20.317312] <TASK> [ 20.317344] dump_stack_lvl+0x73/0xb0 [ 20.317420] print_report+0xd1/0x660 [ 20.317480] ? __virt_addr_valid+0x1db/0x2d0 [ 20.317603] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.317675] kasan_report+0x104/0x140 [ 20.317732] ? kmalloc_oob_right+0x6bd/0x7f0 [ 20.317796] ? kmalloc_oob_right+0x6bd/0x7f0 [ 20.317873] __asan_report_store1_noabort+0x1b/0x30 [ 20.317935] kmalloc_oob_right+0x6bd/0x7f0 [ 20.318000] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 20.318058] ? __schedule+0xd46/0x29c0 [ 20.318328] ? __pfx_read_tsc+0x10/0x10 [ 20.318414] ? ktime_get_ts64+0x86/0x240 [ 20.318485] kunit_try_run_case+0x1b2/0x490 [ 20.318548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.318593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.318626] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.318658] ? __kthread_parkme+0x82/0x160 [ 20.318690] ? preempt_count_sub+0x50/0x80 [ 20.318795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.318884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.318946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.319004] kthread+0x323/0x710 [ 20.319056] ? trace_preempt_on+0x20/0xc0 [ 20.319142] ? __pfx_kthread+0x10/0x10 [ 20.319176] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.319206] ? calculate_sigpending+0x7b/0xa0 [ 20.319237] ? __pfx_kthread+0x10/0x10 [ 20.319269] ret_from_fork+0x41/0x80 [ 20.319301] ? __pfx_kthread+0x10/0x10 [ 20.319332] ret_from_fork_asm+0x1a/0x30 [ 20.319380] </TASK> [ 20.319395] [ 20.331994] Allocated by task 157: [ 20.332917] kasan_save_stack+0x3d/0x60 [ 20.333375] kasan_save_track+0x18/0x40 [ 20.333956] kasan_save_alloc_info+0x3b/0x50 [ 20.334446] __kasan_kmalloc+0xb7/0xc0 [ 20.334893] __kmalloc_cache_noprof+0x183/0x410 [ 20.335296] kmalloc_oob_right+0xa9/0x7f0 [ 20.335647] kunit_try_run_case+0x1b2/0x490 [ 20.336742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.337603] kthread+0x323/0x710 [ 20.337991] ret_from_fork+0x41/0x80 [ 20.338292] ret_from_fork_asm+0x1a/0x30 [ 20.338563] [ 20.338919] The buggy address belongs to the object at ffff88810305a000 [ 20.338919] which belongs to the cache kmalloc-128 of size 128 [ 20.340011] The buggy address is located 5 bytes to the right of [ 20.340011] allocated 115-byte region [ffff88810305a000, ffff88810305a073) [ 20.341734] [ 20.341897] The buggy address belongs to the physical page: [ 20.342221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10305a [ 20.342640] flags: 0x200000000000000(node=0|zone=2) [ 20.343155] page_type: f5(slab) [ 20.343494] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.344225] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.345264] page dumped because: kasan: bad access detected [ 20.345935] [ 20.346168] Memory state around the buggy address: [ 20.346523] ffff888103059f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.347069] ffff888103059f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.348038] >ffff88810305a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.348435] ^ [ 20.348866] ffff88810305a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.349622] ffff88810305a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.350287] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 208.618139] WARNING: CPU: 0 PID: 2537 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x54/0x310 [ 208.619314] Modules linked in: [ 208.619566] CPU: 0 UID: 0 PID: 2537 Comm: kunit_try_catch Tainted: G B D W N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 208.620579] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.621376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.622503] RIP: 0010:drm_framebuffer_init+0x54/0x310 [ 208.623298] Code: 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 10 02 00 00 4c 39 23 74 1f 90 48 c7 c7 e0 6c 40 b4 e8 10 bc 99 ff 84 c0 75 02 <0f> 0b 90 41 bd ea ff ff ff e9 d6 01 00 00 48 b8 00 00 00 00 00 fc [ 208.625098] RSP: 0000:ffff888106a6fb30 EFLAGS: 00010246 [ 208.625593] RAX: 0000000000000000 RBX: ffff888106a6fc28 RCX: 0000000000000000 [ 208.626128] RDX: 1ffff11020d4df8e RSI: ffff888106a6fc28 RDI: ffffffffb4406ce0 [ 208.627036] RBP: ffff888106a6fb70 R08: ffff88810694b000 R09: ffffffffb440b6c0 [ 208.628275] R10: 0000000000000003 R11: 000000008c9199f1 R12: ffff88810694b000 [ 208.628756] R13: ffff88810031fae8 R14: ffff888106a6fba8 R15: ffff888106a6fdb8 [ 208.630707] FS: 0000000000000000(0000) GS:ffff8881a4b85000(0000) knlGS:0000000000000000 [ 208.631635] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.631997] CR2: 00007ffff7ffe000 CR3: 0000000039ec4000 CR4: 00000000000006f0 [ 208.632341] DR0: ffffffffb653e460 DR1: ffffffffb653e461 DR2: ffffffffb653e462 [ 208.632684] DR3: ffffffffb653e463 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.635554] Call Trace: [ 208.636992] <TASK> [ 208.637963] ? show_regs+0x68/0x80 [ 208.639612] ? __warn+0xd5/0x260 [ 208.641494] ? drm_framebuffer_init+0x54/0x310 [ 208.642604] ? __report_bug+0x29e/0x4f0 [ 208.643258] ? __pfx___report_bug+0x10/0x10 [ 208.644039] ? srso_alias_return_thunk+0xfbef5/0xfbef5 [ 208.644692] ? drm_framebuffer_init+0x54/0x310 [ 208.645609] ? drm_framebuffer_init+0x54/0x310 [ 208.646076] ? report_bug+0x62/0xd0 [ 208.646421] ? drm_framebuffer_init+0x54/0x310 [ 208.647658] ? handle_bug+0x173/0x210 [ 208.648133] ? exc_invalid_op+0x1c/0x50 [ 208.648564] ? asm_exc_invalid_op+0x1f/0x30 [ 208.649401] ? drm_framebuffer_init+0x54/0x310 [ 208.650057] ? add_dr+0xc1/0x1d0 [ 208.650385] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 208.650937] ? add_dr+0x148/0x1d0 [ 208.651490] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 208.652153] ? __drmm_add_action+0x1a4/0x280 [ 208.652649] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.653784] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.654209] ? __drmm_add_action_or_reset+0x22/0x50 [ 208.655333] ? __schedule+0xd46/0x29c0 [ 208.656144] ? __pfx_read_tsc+0x10/0x10 [ 208.656593] ? ktime_get_ts64+0x86/0x240 [ 208.657148] kunit_try_run_case+0x1b2/0x490 [ 208.657758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.658240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.658982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.659600] ? __kthread_parkme+0x82/0x160 [ 208.659897] ? preempt_count_sub+0x50/0x80 [ 208.660562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.661330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.661825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.662877] kthread+0x323/0x710 [ 208.663172] ? trace_preempt_on+0x20/0xc0 [ 208.663863] ? __pfx_kthread+0x10/0x10 [ 208.664414] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.665219] ? calculate_sigpending+0x7b/0xa0 [ 208.665559] ? __pfx_kthread+0x10/0x10 [ 208.666032] ret_from_fork+0x41/0x80 [ 208.666542] ? __pfx_kthread+0x10/0x10 [ 208.667147] ret_from_fork_asm+0x1a/0x30 [ 208.667506] </TASK> [ 208.668028] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 208.543828] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 208.544186] WARNING: CPU: 1 PID: 2533 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x163/0x1e0 [ 208.545885] Modules linked in: [ 208.546382] CPU: 1 UID: 0 PID: 2533 Comm: kunit_try_catch Tainted: G B D W N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 208.547362] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.548031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.548720] RIP: 0010:drm_framebuffer_free+0x163/0x1e0 [ 208.549412] Code: 48 c7 c1 00 60 40 b4 4c 89 fa 48 c7 c7 60 60 40 b4 48 89 c6 e8 9e b2 7f fe 90 48 c7 c7 20 6d 40 b4 e8 f1 bc 99 ff 84 c0 75 02 <0f> 0b 90 90 e9 f8 fe ff ff 45 31 ed eb 98 48 b8 00 00 00 00 00 fc [ 208.550828] RSP: 0000:ffff888104a57b68 EFLAGS: 00010246 [ 208.551650] RAX: 0000000000000000 RBX: ffff888104a57c40 RCX: 1ffffffff6a2697c [ 208.552863] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffb4406d20 [ 208.553353] RBP: ffff888104a57b90 R08: 0000000000000000 R09: fffffbfff6a2697c [ 208.554065] R10: 0000000000000003 R11: 0000000000034350 R12: ffff888104a57c18 [ 208.554727] R13: ffff8881044e5800 R14: ffff888107cde000 R15: ffff888104368c00 [ 208.555389] FS: 0000000000000000(0000) GS:ffff8881a4c85000(0000) knlGS:0000000000000000 [ 208.556295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.557159] CR2: 00007ffff7ffe000 CR3: 0000000039ec4000 CR4: 00000000000006f0 [ 208.557537] DR0: ffffffffb653e460 DR1: ffffffffb653e461 DR2: ffffffffb653e463 [ 208.558267] DR3: ffffffffb653e465 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.559160] Call Trace: [ 208.559433] <TASK> [ 208.559960] ? show_regs+0x68/0x80 [ 208.560275] ? __warn+0xd5/0x260 [ 208.560846] ? drm_framebuffer_free+0x163/0x1e0 [ 208.561379] ? __report_bug+0x29e/0x4f0 [ 208.562004] ? __pfx___report_bug+0x10/0x10 [ 208.562359] ? __kasan_check_write+0x18/0x20 [ 208.563243] ? __wake_up_klogd.part.0+0x50/0x80 [ 208.563852] ? vprintk_emit+0x1a6/0x480 [ 208.564215] ? __pfx_vprintk_emit+0x10/0x10 [ 208.564524] ? drm_framebuffer_free+0x163/0x1e0 [ 208.565182] ? drm_framebuffer_free+0x163/0x1e0 [ 208.565674] ? report_bug+0x62/0xd0 [ 208.566361] ? drm_framebuffer_free+0x163/0x1e0 [ 208.566765] ? handle_bug+0x173/0x210 [ 208.567592] ? exc_invalid_op+0x1c/0x50 [ 208.567986] ? asm_exc_invalid_op+0x1f/0x30 [ 208.568528] ? drm_framebuffer_free+0x163/0x1e0 [ 208.569224] ? drm_framebuffer_free+0x15f/0x1e0 [ 208.569807] drm_test_framebuffer_free+0x1ab/0x610 [ 208.570251] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 208.571087] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.571481] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.572232] ? __drmm_add_action_or_reset+0x22/0x50 [ 208.572673] ? __schedule+0xd46/0x29c0 [ 208.573140] ? __pfx_read_tsc+0x10/0x10 [ 208.573797] ? ktime_get_ts64+0x86/0x240 [ 208.574288] kunit_try_run_case+0x1b2/0x490 [ 208.574987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.575357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.575718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.576428] ? __kthread_parkme+0x82/0x160 [ 208.577110] ? preempt_count_sub+0x50/0x80 [ 208.577519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.578200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.578658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.579527] kthread+0x323/0x710 [ 208.580160] ? trace_preempt_on+0x20/0xc0 [ 208.580494] ? __pfx_kthread+0x10/0x10 [ 208.581048] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.581533] ? calculate_sigpending+0x7b/0xa0 [ 208.582178] ? __pfx_kthread+0x10/0x10 [ 208.582478] ret_from_fork+0x41/0x80 [ 208.582898] ? __pfx_kthread+0x10/0x10 [ 208.583518] ret_from_fork_asm+0x1a/0x30 [ 208.584280] </TASK> [ 208.584611] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 205.816363] WARNING: CPU: 1 PID: 1971 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xcf/0x120 [ 205.817821] Modules linked in: [ 205.818228] CPU: 1 UID: 0 PID: 1971 Comm: kunit_try_catch Tainted: G B D W N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 205.819497] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 205.820444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 205.821254] RIP: 0010:drm_connector_dynamic_register+0xcf/0x120 [ 205.821993] Code: 84 c0 74 02 7e 46 31 c0 41 80 7c 24 58 00 75 2b 5b 41 5c 5d c3 cc cc cc cc 90 48 c7 c7 00 6e 3f b4 e8 d5 de 9c ff 84 c0 75 02 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 38 [ 205.824010] RSP: 0000:ffff888105327c90 EFLAGS: 00010246 [ 205.824524] RAX: 0000000000000000 RBX: ffff888105b68000 RCX: 0000000000000000 [ 205.825344] RDX: 1ffff11020b6d032 RSI: ffffffffb15e6b98 RDI: ffffffffb43f6e00 [ 205.826481] RBP: ffff888105327ca0 R08: 1ffff11020063f69 R09: ffffed1020a64f65 [ 205.827114] R10: 0000000000000003 R11: ffffffffb0b7e4d8 R12: 0000000000000000 [ 205.828121] R13: ffff888105327d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 205.828549] FS: 0000000000000000(0000) GS:ffff8881a4c85000(0000) knlGS:0000000000000000 [ 205.829536] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.829999] CR2: 00007ffff7ffe000 CR3: 0000000039ec4000 CR4: 00000000000006f0 [ 205.831541] DR0: ffffffffb653e460 DR1: ffffffffb653e461 DR2: ffffffffb653e463 [ 205.832308] DR3: ffffffffb653e465 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 205.833177] Call Trace: [ 205.833626] <TASK> [ 205.834165] ? show_regs+0x68/0x80 [ 205.834702] ? __warn+0xd5/0x260 [ 205.835319] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.836153] ? __report_bug+0x29e/0x4f0 [ 205.836757] ? __pfx___report_bug+0x10/0x10 [ 205.837127] ? trace_preempt_off+0x20/0xc0 [ 205.837661] ? kunit_add_action+0x236/0x4a0 [ 205.838265] ? __kasan_check_write+0x18/0x20 [ 205.838679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 205.839184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 205.840002] ? trace_preempt_on+0x20/0xc0 [ 205.840517] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.841072] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.841619] ? report_bug+0x62/0xd0 [ 205.842202] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 205.842756] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.843231] ? handle_bug+0x173/0x210 [ 205.844788] ? exc_invalid_op+0x1c/0x50 [ 205.845206] ? asm_exc_invalid_op+0x1f/0x30 [ 205.846168] ? kasan_save_track+0x18/0x40 [ 205.846521] ? kunit_add_action+0x2d8/0x4a0 [ 205.847957] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.848563] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 205.849622] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 205.850465] ? __schedule+0xd46/0x29c0 [ 205.851239] ? __pfx_read_tsc+0x10/0x10 [ 205.851663] ? ktime_get_ts64+0x86/0x240 [ 205.852589] kunit_try_run_case+0x1b2/0x490 [ 205.853452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.854014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 205.855013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 205.855996] ? __kthread_parkme+0x82/0x160 [ 205.856537] ? preempt_count_sub+0x50/0x80 [ 205.857378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.858637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 205.859170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 205.860302] kthread+0x323/0x710 [ 205.860621] ? trace_preempt_on+0x20/0xc0 [ 205.861199] ? __pfx_kthread+0x10/0x10 [ 205.861487] ? _raw_spin_unlock_irq+0x47/0x80 [ 205.862792] ? calculate_sigpending+0x7b/0xa0 [ 205.863206] ? __pfx_kthread+0x10/0x10 [ 205.863559] ret_from_fork+0x41/0x80 [ 205.864549] ? __pfx_kthread+0x10/0x10 [ 205.865062] ret_from_fork_asm+0x1a/0x30 [ 205.865400] </TASK> [ 205.865696] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 205.644761] WARNING: CPU: 1 PID: 1963 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xcf/0x120 [ 205.646082] Modules linked in: [ 205.646413] CPU: 1 UID: 0 PID: 1963 Comm: kunit_try_catch Tainted: G B D W N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 205.648352] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 205.648870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 205.649838] RIP: 0010:drm_connector_dynamic_register+0xcf/0x120 [ 205.650299] Code: 84 c0 74 02 7e 46 31 c0 41 80 7c 24 58 00 75 2b 5b 41 5c 5d c3 cc cc cc cc 90 48 c7 c7 00 6e 3f b4 e8 d5 de 9c ff 84 c0 75 02 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 38 [ 205.651661] RSP: 0000:ffff888105977c90 EFLAGS: 00010246 [ 205.652351] RAX: 0000000000000000 RBX: ffff888105aa0000 RCX: 0000000000000000 [ 205.652802] RDX: 1ffff11020b54032 RSI: ffffffffb15e6b98 RDI: ffffffffb43f6e00 [ 205.653451] RBP: ffff888105977ca0 R08: 1ffff11020063f69 R09: ffffed1020b2ef65 [ 205.654113] R10: 0000000000000003 R11: ffffffffb0b7e4d8 R12: 0000000000000000 [ 205.655044] R13: ffff888105977d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 205.655441] FS: 0000000000000000(0000) GS:ffff8881a4c85000(0000) knlGS:0000000000000000 [ 205.656433] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 205.657000] CR2: 00007ffff7ffe000 CR3: 0000000039ec4000 CR4: 00000000000006f0 [ 205.657460] DR0: ffffffffb653e460 DR1: ffffffffb653e461 DR2: ffffffffb653e463 [ 205.658360] DR3: ffffffffb653e465 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 205.659189] Call Trace: [ 205.659533] <TASK> [ 205.659856] ? show_regs+0x68/0x80 [ 205.660392] ? __warn+0xd5/0x260 [ 205.660669] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.661357] ? __report_bug+0x29e/0x4f0 [ 205.661926] ? __pfx___report_bug+0x10/0x10 [ 205.662378] ? trace_preempt_off+0x20/0xc0 [ 205.663037] ? kunit_add_action+0x236/0x4a0 [ 205.663523] ? __kasan_check_write+0x18/0x20 [ 205.663863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 205.664206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 205.664837] ? trace_preempt_on+0x20/0xc0 [ 205.665317] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.666129] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.666841] ? report_bug+0x62/0xd0 [ 205.667231] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 205.667928] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.668279] ? handle_bug+0x173/0x210 [ 205.668869] ? exc_invalid_op+0x1c/0x50 [ 205.669347] ? asm_exc_invalid_op+0x1f/0x30 [ 205.670049] ? kasan_save_track+0x18/0x40 [ 205.670420] ? kunit_add_action+0x2d8/0x4a0 [ 205.670727] ? drm_connector_dynamic_register+0xcf/0x120 [ 205.671428] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 205.672447] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 205.673244] ? __schedule+0xd46/0x29c0 [ 205.673548] ? __pfx_read_tsc+0x10/0x10 [ 205.674016] ? ktime_get_ts64+0x86/0x240 [ 205.674785] kunit_try_run_case+0x1b2/0x490 [ 205.675297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.675954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 205.676307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 205.676635] ? __kthread_parkme+0x82/0x160 [ 205.677237] ? preempt_count_sub+0x50/0x80 [ 205.677740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 205.678462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 205.678901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 205.679294] kthread+0x323/0x710 [ 205.679607] ? trace_preempt_on+0x20/0xc0 [ 205.680127] ? __pfx_kthread+0x10/0x10 [ 205.680822] ? _raw_spin_unlock_irq+0x47/0x80 [ 205.681326] ? calculate_sigpending+0x7b/0xa0 [ 205.682030] ? __pfx_kthread+0x10/0x10 [ 205.682467] ret_from_fork+0x41/0x80 [ 205.683036] ? __pfx_kthread+0x10/0x10 [ 205.683346] ret_from_fork_asm+0x1a/0x30 [ 205.683710] </TASK> [ 205.683945] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 159.580636] WARNING: CPU: 0 PID: 687 at lib/math/int_log.c:120 intlog10+0x3a/0x50 [ 159.581278] Modules linked in: [ 159.582515] CPU: 0 UID: 0 PID: 687 Comm: kunit_try_catch Tainted: G B D W N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 159.584149] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 159.584594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.585768] RIP: 0010:intlog10+0x3a/0x50 [ 159.586189] Code: 18 e8 aa fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 48 c7 c7 20 6b 2c b4 e8 2a 8a fe ff 84 c0 75 02 <0f> 0b 90 31 c0 5d c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 90 [ 159.587744] RSP: 0000:ffff8881075efca8 EFLAGS: 00010246 [ 159.588362] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020ebdfb4 [ 159.589049] RDX: 1ffffffff6858f58 RSI: 1ffff11020ebdfb3 RDI: ffffffffb42c6b20 [ 159.589859] RBP: ffff8881075efca8 R08: 0000000000000000 R09: ffffed102035e0e0 [ 159.590511] R10: ffff888101af0707 R11: 0000000000000000 R12: 1ffff11020ebdf97 [ 159.591017] R13: ffffffffb42c7ac0 R14: 0000000000000000 R15: ffff8881075efd38 [ 159.592474] FS: 0000000000000000(0000) GS:ffff8881a4b85000(0000) knlGS:0000000000000000 [ 159.593382] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.594327] CR2: dffffc0000000000 CR3: 0000000039ec4000 CR4: 00000000000006f0 [ 159.595584] DR0: ffffffffb653e460 DR1: ffffffffb653e461 DR2: ffffffffb653e462 [ 159.596258] DR3: ffffffffb653e463 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 159.596654] Call Trace: [ 159.597464] <TASK> [ 159.597773] ? show_regs+0x68/0x80 [ 159.598445] ? __warn+0xd5/0x260 [ 159.598750] ? intlog10+0x3a/0x50 [ 159.599698] ? __report_bug+0x29e/0x4f0 [ 159.600474] ? __pfx___report_bug+0x10/0x10 [ 159.601494] ? timerqueue_del+0x6d/0x140 [ 159.602119] ? intlog10+0x3a/0x50 [ 159.602405] ? intlog10+0x3a/0x50 [ 159.603338] ? report_bug+0x62/0xd0 [ 159.603921] ? hrtimer_try_to_cancel+0x26/0x30 [ 159.604475] ? intlog10+0x3a/0x50 [ 159.605215] ? handle_bug+0x173/0x210 [ 159.605983] ? exc_invalid_op+0x1c/0x50 [ 159.606348] ? asm_exc_invalid_op+0x1f/0x30 [ 159.607345] ? intlog10+0x3a/0x50 [ 159.607934] ? intlog10+0x36/0x50 [ 159.608289] intlog10_test+0xf2/0x220 [ 159.608678] ? __pfx_intlog10_test+0x10/0x10 [ 159.609166] ? __schedule+0xd46/0x29c0 [ 159.609523] ? __pfx_read_tsc+0x10/0x10 [ 159.610219] ? ktime_get_ts64+0x86/0x240 [ 159.610600] kunit_try_run_case+0x1b2/0x490 [ 159.611655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.612433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 159.613273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 159.614075] ? __kthread_parkme+0x82/0x160 [ 159.614515] ? preempt_count_sub+0x50/0x80 [ 159.615603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.616303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 159.617039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 159.617922] kthread+0x323/0x710 [ 159.618295] ? trace_preempt_on+0x20/0xc0 [ 159.619278] ? __pfx_kthread+0x10/0x10 [ 159.619758] ? _raw_spin_unlock_irq+0x47/0x80 [ 159.620464] ? calculate_sigpending+0x7b/0xa0 [ 159.621183] ? __pfx_kthread+0x10/0x10 [ 159.621909] ret_from_fork+0x41/0x80 [ 159.622331] ? __pfx_kthread+0x10/0x10 [ 159.622572] ret_from_fork_asm+0x1a/0x30 [ 159.623654] </TASK> [ 159.624287] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 159.477749] WARNING: CPU: 0 PID: 669 at lib/math/int_log.c:63 intlog2+0xf3/0x130 [ 159.479413] Modules linked in: [ 159.480278] CPU: 0 UID: 0 PID: 669 Comm: kunit_try_catch Tainted: G B D N 6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) [ 159.481777] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 159.482442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.483573] RIP: 0010:intlog2+0xf3/0x130 [ 159.484540] Code: 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 48 c7 c7 60 6b 2c b4 e8 b1 8a fe ff 84 c0 75 02 <0f> 0b 90 48 83 c4 08 31 c0 5b 41 5c 41 5d 5d c3 cc cc cc cc 89 45 [ 159.486834] RSP: 0000:ffff888103b87c88 EFLAGS: 00010246 [ 159.488025] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020770fb4 [ 159.489403] RDX: 1ffffffff6858fac RSI: 1ffff11020770fb3 RDI: ffffffffb42c6b60 [ 159.490512] RBP: ffff888103b87ca8 R08: 0000000000000000 R09: ffffed102051cba0 [ 159.491461] R10: ffff8881028e5d07 R11: 0000000000000000 R12: 1ffff11020770f97 [ 159.492860] R13: ffffffffb42c7d60 R14: 0000000000000000 R15: ffff888103b87d38 [ 159.493406] FS: 0000000000000000(0000) GS:ffff8881a4b85000(0000) knlGS:0000000000000000 [ 159.494385] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.495246] CR2: dffffc0000000000 CR3: 0000000039ec4000 CR4: 00000000000006f0 [ 159.496569] DR0: ffffffffb653e460 DR1: ffffffffb653e461 DR2: ffffffffb653e462 [ 159.497490] DR3: ffffffffb653e463 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 159.498403] Call Trace: [ 159.499255] <TASK> [ 159.499725] ? show_regs+0x68/0x80 [ 159.500161] ? __warn+0xd5/0x260 [ 159.500601] ? intlog2+0xf3/0x130 [ 159.501029] ? __report_bug+0x29e/0x4f0 [ 159.501496] ? __pfx___report_bug+0x10/0x10 [ 159.502432] ? trace_hardirqs_on+0x37/0xe0 [ 159.502911] ? irqentry_exit+0x2a/0x60 [ 159.503371] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 159.504109] ? intlog2+0xf3/0x130 [ 159.504399] ? intlog2+0xf3/0x130 [ 159.504775] ? intlog2+0xf3/0x130 [ 159.505292] ? report_bug+0x62/0xd0 [ 159.505626] ? intlog2+0xf3/0x130 [ 159.506302] ? handle_bug+0x173/0x210 [ 159.506999] ? exc_invalid_op+0x1c/0x50 [ 159.507414] ? asm_exc_invalid_op+0x1f/0x30 [ 159.507944] ? intlog2+0xf3/0x130 [ 159.508463] ? intlog2+0xef/0x130 [ 159.508749] intlog2_test+0xf2/0x220 [ 159.509093] ? __pfx_intlog2_test+0x10/0x10 [ 159.510316] ? __schedule+0xd46/0x29c0 [ 159.511014] ? __pfx_read_tsc+0x10/0x10 [ 159.511375] ? ktime_get_ts64+0x86/0x240 [ 159.511889] kunit_try_run_case+0x1b2/0x490 [ 159.512601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.513373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 159.514016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 159.515229] ? __kthread_parkme+0x82/0x160 [ 159.515569] ? preempt_count_sub+0x50/0x80 [ 159.516274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.516765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 159.518274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 159.520401] kthread+0x323/0x710 [ 159.521052] ? trace_preempt_on+0x20/0xc0 [ 159.521351] ? __pfx_kthread+0x10/0x10 [ 159.521597] ? _raw_spin_unlock_irq+0x47/0x80 [ 159.523586] ? calculate_sigpending+0x7b/0xa0 [ 159.525990] ? __pfx_kthread+0x10/0x10 [ 159.527192] ret_from_fork+0x41/0x80 [ 159.527708] ? __pfx_kthread+0x10/0x10 [ 159.529298] ret_from_fork_asm+0x1a/0x30 [ 159.530539] </TASK> [ 159.530816] ---[ end trace 0000000000000000 ]---
Failure - kunit/wmfw_too_short_for_block_header_cs_dsp_wmfwV2_err_adsp2_16bit
(no logs available)
Failure - kunit/wmfw_block_payload_len_garbage_wmfw_block_payload_len_garbage
(no logs available)
Failure - kunit/wmfw_block_payload_len_garbage_block_type0xff
(no logs available)
Failure - kunit/wmfw_too_short_for_block_header_wmfw_too_short_for_block_header
(no logs available)
Failure - kunit/wmfw_too_short_for_block_header_block_type0xc0
(no logs available)
Failure - kunit/wmfw_too_short_for_block_header_block_type0xf5
(no logs available)
Failure - kunit/wmfw_too_short_for_block_header_block_type0x33
(no logs available)
Failure - kunit/_wmfw_too_short_for_block_payload
_wmfw_too_short_for_block_payload fail
Failure - kunit/_block_type0xff
_block_type0xff fail