Date
May 12, 2025, 11:48 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.689413] ================================================================== [ 16.689903] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 16.690585] Write of size 2 at addr ffff888102b42577 by task kunit_try_catch/189 [ 16.691311] [ 16.691544] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.691649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.691675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.691718] Call Trace: [ 16.691743] <TASK> [ 16.691774] dump_stack_lvl+0x73/0xb0 [ 16.691838] print_report+0xd1/0x650 [ 16.691886] ? __virt_addr_valid+0x1db/0x2d0 [ 16.691934] ? kmalloc_oob_memset_2+0x166/0x330 [ 16.691980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.692029] ? kmalloc_oob_memset_2+0x166/0x330 [ 16.692076] kasan_report+0x141/0x180 [ 16.692124] ? kmalloc_oob_memset_2+0x166/0x330 [ 16.692182] kasan_check_range+0x10c/0x1c0 [ 16.692228] __asan_memset+0x27/0x50 [ 16.692284] kmalloc_oob_memset_2+0x166/0x330 [ 16.692315] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 16.692341] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 16.692367] kunit_try_run_case+0x1a5/0x480 [ 16.692394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.692416] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.692442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.692464] ? __kthread_parkme+0x82/0x180 [ 16.692486] ? preempt_count_sub+0x50/0x80 [ 16.692511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.692535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.692558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.692581] kthread+0x337/0x6f0 [ 16.692601] ? trace_preempt_on+0x20/0xc0 [ 16.692626] ? __pfx_kthread+0x10/0x10 [ 16.692647] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.692677] ? calculate_sigpending+0x7b/0xa0 [ 16.692724] ? __pfx_kthread+0x10/0x10 [ 16.692746] ret_from_fork+0x116/0x1d0 [ 16.692766] ? __pfx_kthread+0x10/0x10 [ 16.692787] ret_from_fork_asm+0x1a/0x30 [ 16.692819] </TASK> [ 16.692833] [ 16.704819] Allocated by task 189: [ 16.705166] kasan_save_stack+0x45/0x70 [ 16.705787] kasan_save_track+0x18/0x40 [ 16.706040] kasan_save_alloc_info+0x3b/0x50 [ 16.706297] __kasan_kmalloc+0xb7/0xc0 [ 16.706504] __kmalloc_cache_noprof+0x189/0x420 [ 16.706902] kmalloc_oob_memset_2+0xac/0x330 [ 16.707234] kunit_try_run_case+0x1a5/0x480 [ 16.707526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.707812] kthread+0x337/0x6f0 [ 16.708124] ret_from_fork+0x116/0x1d0 [ 16.708483] ret_from_fork_asm+0x1a/0x30 [ 16.708874] [ 16.709000] The buggy address belongs to the object at ffff888102b42500 [ 16.709000] which belongs to the cache kmalloc-128 of size 128 [ 16.709752] The buggy address is located 119 bytes inside of [ 16.709752] allocated 120-byte region [ffff888102b42500, ffff888102b42578) [ 16.710647] [ 16.710851] The buggy address belongs to the physical page: [ 16.711171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 16.711708] flags: 0x200000000000000(node=0|zone=2) [ 16.712074] page_type: f5(slab) [ 16.712401] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.712775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.713241] page dumped because: kasan: bad access detected [ 16.713643] [ 16.713791] Memory state around the buggy address: [ 16.714185] ffff888102b42400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.714599] ffff888102b42480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715088] >ffff888102b42500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.715574] ^ [ 16.716070] ffff888102b42580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.716502] ffff888102b42600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.716977] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.653796] ================================================================== [ 16.654562] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 16.655293] Write of size 128 at addr ffff888102b42400 by task kunit_try_catch/187 [ 16.655695] [ 16.656201] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.656323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.656352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.656396] Call Trace: [ 16.656424] <TASK> [ 16.656456] dump_stack_lvl+0x73/0xb0 [ 16.656513] print_report+0xd1/0x650 [ 16.656584] ? __virt_addr_valid+0x1db/0x2d0 [ 16.656628] ? kmalloc_oob_in_memset+0x15f/0x320 [ 16.656697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.656742] ? kmalloc_oob_in_memset+0x15f/0x320 [ 16.656787] kasan_report+0x141/0x180 [ 16.656820] ? kmalloc_oob_in_memset+0x15f/0x320 [ 16.656847] kasan_check_range+0x10c/0x1c0 [ 16.656873] __asan_memset+0x27/0x50 [ 16.656894] kmalloc_oob_in_memset+0x15f/0x320 [ 16.656917] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 16.656941] ? __schedule+0x10cc/0x2b60 [ 16.656964] ? __pfx_read_tsc+0x10/0x10 [ 16.656985] ? ktime_get_ts64+0x86/0x230 [ 16.657012] kunit_try_run_case+0x1a5/0x480 [ 16.657058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.657183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.657209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.657232] ? __kthread_parkme+0x82/0x180 [ 16.657253] ? preempt_count_sub+0x50/0x80 [ 16.657300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.657325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.657349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.657372] kthread+0x337/0x6f0 [ 16.657392] ? trace_preempt_on+0x20/0xc0 [ 16.657417] ? __pfx_kthread+0x10/0x10 [ 16.657438] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.657459] ? calculate_sigpending+0x7b/0xa0 [ 16.657484] ? __pfx_kthread+0x10/0x10 [ 16.657506] ret_from_fork+0x116/0x1d0 [ 16.657526] ? __pfx_kthread+0x10/0x10 [ 16.657547] ret_from_fork_asm+0x1a/0x30 [ 16.657579] </TASK> [ 16.657593] [ 16.668245] Allocated by task 187: [ 16.668591] kasan_save_stack+0x45/0x70 [ 16.669078] kasan_save_track+0x18/0x40 [ 16.669429] kasan_save_alloc_info+0x3b/0x50 [ 16.669941] __kasan_kmalloc+0xb7/0xc0 [ 16.670442] __kmalloc_cache_noprof+0x189/0x420 [ 16.670772] kmalloc_oob_in_memset+0xac/0x320 [ 16.671017] kunit_try_run_case+0x1a5/0x480 [ 16.671440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.671673] kthread+0x337/0x6f0 [ 16.671853] ret_from_fork+0x116/0x1d0 [ 16.672357] ret_from_fork_asm+0x1a/0x30 [ 16.672715] [ 16.672918] The buggy address belongs to the object at ffff888102b42400 [ 16.672918] which belongs to the cache kmalloc-128 of size 128 [ 16.673552] The buggy address is located 0 bytes inside of [ 16.673552] allocated 120-byte region [ffff888102b42400, ffff888102b42478) [ 16.673972] [ 16.674324] The buggy address belongs to the physical page: [ 16.674535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 16.675112] flags: 0x200000000000000(node=0|zone=2) [ 16.675554] page_type: f5(slab) [ 16.676167] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.676749] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.677250] page dumped because: kasan: bad access detected [ 16.677612] [ 16.677826] Memory state around the buggy address: [ 16.678118] ffff888102b42300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.678468] ffff888102b42380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678878] >ffff888102b42400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.679148] ^ [ 16.679743] ffff888102b42480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.680302] ffff888102b42500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.680921] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.610446] ================================================================== [ 16.610966] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 16.612152] Read of size 16 at addr ffff8881026fb940 by task kunit_try_catch/185 [ 16.612540] [ 16.612997] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.613101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.613123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.613161] Call Trace: [ 16.613188] <TASK> [ 16.613222] dump_stack_lvl+0x73/0xb0 [ 16.613308] print_report+0xd1/0x650 [ 16.613362] ? __virt_addr_valid+0x1db/0x2d0 [ 16.613415] ? kmalloc_uaf_16+0x47b/0x4c0 [ 16.613448] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.613474] ? kmalloc_uaf_16+0x47b/0x4c0 [ 16.613497] kasan_report+0x141/0x180 [ 16.613521] ? kmalloc_uaf_16+0x47b/0x4c0 [ 16.613549] __asan_report_load16_noabort+0x18/0x20 [ 16.613571] kmalloc_uaf_16+0x47b/0x4c0 [ 16.613594] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 16.613619] ? __schedule+0x10cc/0x2b60 [ 16.613642] ? __pfx_read_tsc+0x10/0x10 [ 16.613664] ? ktime_get_ts64+0x86/0x230 [ 16.613692] kunit_try_run_case+0x1a5/0x480 [ 16.613720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.613744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.613777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.613830] ? __kthread_parkme+0x82/0x180 [ 16.613855] ? preempt_count_sub+0x50/0x80 [ 16.613882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.613907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.613931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.613956] kthread+0x337/0x6f0 [ 16.613977] ? trace_preempt_on+0x20/0xc0 [ 16.614004] ? __pfx_kthread+0x10/0x10 [ 16.614026] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.614060] ? calculate_sigpending+0x7b/0xa0 [ 16.614110] ? __pfx_kthread+0x10/0x10 [ 16.614144] ret_from_fork+0x116/0x1d0 [ 16.614174] ? __pfx_kthread+0x10/0x10 [ 16.614196] ret_from_fork_asm+0x1a/0x30 [ 16.614230] </TASK> [ 16.614245] [ 16.627100] Allocated by task 185: [ 16.627875] kasan_save_stack+0x45/0x70 [ 16.628553] kasan_save_track+0x18/0x40 [ 16.628815] kasan_save_alloc_info+0x3b/0x50 [ 16.629476] __kasan_kmalloc+0xb7/0xc0 [ 16.629822] __kmalloc_cache_noprof+0x189/0x420 [ 16.630164] kmalloc_uaf_16+0x15b/0x4c0 [ 16.630501] kunit_try_run_case+0x1a5/0x480 [ 16.630838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.631212] kthread+0x337/0x6f0 [ 16.631719] ret_from_fork+0x116/0x1d0 [ 16.632238] ret_from_fork_asm+0x1a/0x30 [ 16.632489] [ 16.632679] Freed by task 185: [ 16.632966] kasan_save_stack+0x45/0x70 [ 16.633207] kasan_save_track+0x18/0x40 [ 16.633944] kasan_save_free_info+0x3f/0x60 [ 16.634435] __kasan_slab_free+0x56/0x70 [ 16.634981] kfree+0x222/0x3f0 [ 16.635532] kmalloc_uaf_16+0x1d6/0x4c0 [ 16.636008] kunit_try_run_case+0x1a5/0x480 [ 16.636559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.637238] kthread+0x337/0x6f0 [ 16.637431] ret_from_fork+0x116/0x1d0 [ 16.637556] ret_from_fork_asm+0x1a/0x30 [ 16.637659] [ 16.637720] The buggy address belongs to the object at ffff8881026fb940 [ 16.637720] which belongs to the cache kmalloc-16 of size 16 [ 16.637945] The buggy address is located 0 bytes inside of [ 16.637945] freed 16-byte region [ffff8881026fb940, ffff8881026fb950) [ 16.638592] [ 16.638861] The buggy address belongs to the physical page: [ 16.639534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 16.640382] flags: 0x200000000000000(node=0|zone=2) [ 16.640900] page_type: f5(slab) [ 16.641444] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.642385] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.643347] page dumped because: kasan: bad access detected [ 16.643843] [ 16.644025] Memory state around the buggy address: [ 16.644631] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 16.645002] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.645651] >ffff8881026fb900: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 16.645981] ^ [ 16.646547] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647047] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647689] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.570976] ================================================================== [ 16.571651] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 16.571944] Write of size 16 at addr ffff88810229d660 by task kunit_try_catch/183 [ 16.572635] [ 16.573357] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.573619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.573646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.573686] Call Trace: [ 16.573715] <TASK> [ 16.573812] dump_stack_lvl+0x73/0xb0 [ 16.573915] print_report+0xd1/0x650 [ 16.573980] ? __virt_addr_valid+0x1db/0x2d0 [ 16.574026] ? kmalloc_oob_16+0x452/0x4a0 [ 16.574099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.574138] ? kmalloc_oob_16+0x452/0x4a0 [ 16.574173] kasan_report+0x141/0x180 [ 16.574208] ? kmalloc_oob_16+0x452/0x4a0 [ 16.574251] __asan_report_store16_noabort+0x1b/0x30 [ 16.574304] kmalloc_oob_16+0x452/0x4a0 [ 16.574327] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 16.574350] ? __schedule+0x10cc/0x2b60 [ 16.574375] ? __pfx_read_tsc+0x10/0x10 [ 16.574398] ? ktime_get_ts64+0x86/0x230 [ 16.574426] kunit_try_run_case+0x1a5/0x480 [ 16.574453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.574477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.574503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.574526] ? __kthread_parkme+0x82/0x180 [ 16.574549] ? preempt_count_sub+0x50/0x80 [ 16.574575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.574599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.574623] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.574647] kthread+0x337/0x6f0 [ 16.574689] ? trace_preempt_on+0x20/0xc0 [ 16.574721] ? __pfx_kthread+0x10/0x10 [ 16.574743] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.574764] ? calculate_sigpending+0x7b/0xa0 [ 16.574790] ? __pfx_kthread+0x10/0x10 [ 16.574813] ret_from_fork+0x116/0x1d0 [ 16.574833] ? __pfx_kthread+0x10/0x10 [ 16.574854] ret_from_fork_asm+0x1a/0x30 [ 16.574886] </TASK> [ 16.574900] [ 16.587979] Allocated by task 183: [ 16.588546] kasan_save_stack+0x45/0x70 [ 16.588985] kasan_save_track+0x18/0x40 [ 16.589388] kasan_save_alloc_info+0x3b/0x50 [ 16.589877] __kasan_kmalloc+0xb7/0xc0 [ 16.590068] __kmalloc_cache_noprof+0x189/0x420 [ 16.590469] kmalloc_oob_16+0xa8/0x4a0 [ 16.590797] kunit_try_run_case+0x1a5/0x480 [ 16.591031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.591547] kthread+0x337/0x6f0 [ 16.591731] ret_from_fork+0x116/0x1d0 [ 16.592488] ret_from_fork_asm+0x1a/0x30 [ 16.592941] [ 16.593336] The buggy address belongs to the object at ffff88810229d660 [ 16.593336] which belongs to the cache kmalloc-16 of size 16 [ 16.594162] The buggy address is located 0 bytes inside of [ 16.594162] allocated 13-byte region [ffff88810229d660, ffff88810229d66d) [ 16.594826] [ 16.595517] The buggy address belongs to the physical page: [ 16.595831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10229d [ 16.596462] flags: 0x200000000000000(node=0|zone=2) [ 16.596793] page_type: f5(slab) [ 16.597015] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.597641] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.598288] page dumped because: kasan: bad access detected [ 16.598816] [ 16.599004] Memory state around the buggy address: [ 16.599600] ffff88810229d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.600252] ffff88810229d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.600830] >ffff88810229d600: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 16.601364] ^ [ 16.601916] ffff88810229d680: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.602565] ffff88810229d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.602951] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.521481] ================================================================== [ 16.521919] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 16.522461] Read of size 1 at addr ffff888100a36000 by task kunit_try_catch/181 [ 16.522933] [ 16.523252] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.523389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.523417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.523464] Call Trace: [ 16.523498] <TASK> [ 16.523536] dump_stack_lvl+0x73/0xb0 [ 16.523602] print_report+0xd1/0x650 [ 16.523649] ? __virt_addr_valid+0x1db/0x2d0 [ 16.523887] ? krealloc_uaf+0x53c/0x5e0 [ 16.523943] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.524002] ? krealloc_uaf+0x53c/0x5e0 [ 16.524052] kasan_report+0x141/0x180 [ 16.524102] ? krealloc_uaf+0x53c/0x5e0 [ 16.524160] __asan_report_load1_noabort+0x18/0x20 [ 16.524183] krealloc_uaf+0x53c/0x5e0 [ 16.524207] ? __pfx_krealloc_uaf+0x10/0x10 [ 16.524230] ? finish_task_switch.isra.0+0x153/0x700 [ 16.524280] ? __switch_to+0x47/0xf50 [ 16.524330] ? __schedule+0x10cc/0x2b60 [ 16.524356] ? __pfx_read_tsc+0x10/0x10 [ 16.524379] ? ktime_get_ts64+0x86/0x230 [ 16.524405] kunit_try_run_case+0x1a5/0x480 [ 16.524434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.524458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.524484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.524507] ? __kthread_parkme+0x82/0x180 [ 16.524530] ? preempt_count_sub+0x50/0x80 [ 16.524553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.524578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.524602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.524626] kthread+0x337/0x6f0 [ 16.524647] ? trace_preempt_on+0x20/0xc0 [ 16.524684] ? __pfx_kthread+0x10/0x10 [ 16.524749] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.524808] ? calculate_sigpending+0x7b/0xa0 [ 16.524844] ? __pfx_kthread+0x10/0x10 [ 16.524868] ret_from_fork+0x116/0x1d0 [ 16.524890] ? __pfx_kthread+0x10/0x10 [ 16.524912] ret_from_fork_asm+0x1a/0x30 [ 16.524944] </TASK> [ 16.524958] [ 16.540650] Allocated by task 181: [ 16.541337] kasan_save_stack+0x45/0x70 [ 16.541670] kasan_save_track+0x18/0x40 [ 16.542443] kasan_save_alloc_info+0x3b/0x50 [ 16.542759] __kasan_kmalloc+0xb7/0xc0 [ 16.543168] __kmalloc_cache_noprof+0x189/0x420 [ 16.543433] krealloc_uaf+0xbb/0x5e0 [ 16.543791] kunit_try_run_case+0x1a5/0x480 [ 16.544171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.544590] kthread+0x337/0x6f0 [ 16.545032] ret_from_fork+0x116/0x1d0 [ 16.545370] ret_from_fork_asm+0x1a/0x30 [ 16.545528] [ 16.545619] Freed by task 181: [ 16.545832] kasan_save_stack+0x45/0x70 [ 16.546865] kasan_save_track+0x18/0x40 [ 16.547491] kasan_save_free_info+0x3f/0x60 [ 16.547978] __kasan_slab_free+0x56/0x70 [ 16.548511] kfree+0x222/0x3f0 [ 16.548965] krealloc_uaf+0x13d/0x5e0 [ 16.549242] kunit_try_run_case+0x1a5/0x480 [ 16.549793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.550538] kthread+0x337/0x6f0 [ 16.550876] ret_from_fork+0x116/0x1d0 [ 16.551208] ret_from_fork_asm+0x1a/0x30 [ 16.551592] [ 16.551941] The buggy address belongs to the object at ffff888100a36000 [ 16.551941] which belongs to the cache kmalloc-256 of size 256 [ 16.553093] The buggy address is located 0 bytes inside of [ 16.553093] freed 256-byte region [ffff888100a36000, ffff888100a36100) [ 16.553967] [ 16.554595] The buggy address belongs to the physical page: [ 16.554861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 16.555507] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.556215] flags: 0x200000000000040(head|node=0|zone=2) [ 16.556623] page_type: f5(slab) [ 16.556979] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.557533] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.558024] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.558623] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.559541] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 16.559949] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.560604] page dumped because: kasan: bad access detected [ 16.561157] [ 16.561313] Memory state around the buggy address: [ 16.561647] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.562300] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.562922] >ffff888100a36000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.563392] ^ [ 16.563686] ffff888100a36080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.564070] ffff888100a36100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.564960] ================================================================== [ 16.477449] ================================================================== [ 16.478160] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 16.478893] Read of size 1 at addr ffff888100a36000 by task kunit_try_catch/181 [ 16.479879] [ 16.480269] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.480383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.480408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.480449] Call Trace: [ 16.480475] <TASK> [ 16.480508] dump_stack_lvl+0x73/0xb0 [ 16.480575] print_report+0xd1/0x650 [ 16.480616] ? __virt_addr_valid+0x1db/0x2d0 [ 16.480658] ? krealloc_uaf+0x1b8/0x5e0 [ 16.480696] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.480741] ? krealloc_uaf+0x1b8/0x5e0 [ 16.480785] kasan_report+0x141/0x180 [ 16.480860] ? krealloc_uaf+0x1b8/0x5e0 [ 16.480890] ? krealloc_uaf+0x1b8/0x5e0 [ 16.480914] __kasan_check_byte+0x3d/0x50 [ 16.480938] krealloc_noprof+0x3f/0x340 [ 16.480964] krealloc_uaf+0x1b8/0x5e0 [ 16.481000] ? __pfx_krealloc_uaf+0x10/0x10 [ 16.481035] ? finish_task_switch.isra.0+0x153/0x700 [ 16.481182] ? __switch_to+0x47/0xf50 [ 16.481213] ? __schedule+0x10cc/0x2b60 [ 16.481237] ? __pfx_read_tsc+0x10/0x10 [ 16.481279] ? ktime_get_ts64+0x86/0x230 [ 16.481310] kunit_try_run_case+0x1a5/0x480 [ 16.481339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.481363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.481387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.481411] ? __kthread_parkme+0x82/0x180 [ 16.481433] ? preempt_count_sub+0x50/0x80 [ 16.481456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.481481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.481504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.481529] kthread+0x337/0x6f0 [ 16.481549] ? trace_preempt_on+0x20/0xc0 [ 16.481575] ? __pfx_kthread+0x10/0x10 [ 16.481597] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.481618] ? calculate_sigpending+0x7b/0xa0 [ 16.481644] ? __pfx_kthread+0x10/0x10 [ 16.481676] ret_from_fork+0x116/0x1d0 [ 16.481715] ? __pfx_kthread+0x10/0x10 [ 16.481738] ret_from_fork_asm+0x1a/0x30 [ 16.481770] </TASK> [ 16.481785] [ 16.495088] Allocated by task 181: [ 16.495604] kasan_save_stack+0x45/0x70 [ 16.495977] kasan_save_track+0x18/0x40 [ 16.496915] kasan_save_alloc_info+0x3b/0x50 [ 16.497426] __kasan_kmalloc+0xb7/0xc0 [ 16.497805] __kmalloc_cache_noprof+0x189/0x420 [ 16.498314] krealloc_uaf+0xbb/0x5e0 [ 16.498657] kunit_try_run_case+0x1a5/0x480 [ 16.499015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.499334] kthread+0x337/0x6f0 [ 16.499520] ret_from_fork+0x116/0x1d0 [ 16.499825] ret_from_fork_asm+0x1a/0x30 [ 16.500182] [ 16.500589] Freed by task 181: [ 16.500966] kasan_save_stack+0x45/0x70 [ 16.501384] kasan_save_track+0x18/0x40 [ 16.501758] kasan_save_free_info+0x3f/0x60 [ 16.502662] __kasan_slab_free+0x56/0x70 [ 16.502888] kfree+0x222/0x3f0 [ 16.503314] krealloc_uaf+0x13d/0x5e0 [ 16.503658] kunit_try_run_case+0x1a5/0x480 [ 16.503995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.504386] kthread+0x337/0x6f0 [ 16.504704] ret_from_fork+0x116/0x1d0 [ 16.505162] ret_from_fork_asm+0x1a/0x30 [ 16.505583] [ 16.505799] The buggy address belongs to the object at ffff888100a36000 [ 16.505799] which belongs to the cache kmalloc-256 of size 256 [ 16.506556] The buggy address is located 0 bytes inside of [ 16.506556] freed 256-byte region [ffff888100a36000, ffff888100a36100) [ 16.507675] [ 16.507823] The buggy address belongs to the physical page: [ 16.508739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 16.509552] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.510225] flags: 0x200000000000040(head|node=0|zone=2) [ 16.510630] page_type: f5(slab) [ 16.510921] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.511352] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.511897] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.512424] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.513107] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 16.513449] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.514110] page dumped because: kasan: bad access detected [ 16.515285] [ 16.515589] Memory state around the buggy address: [ 16.516093] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.516835] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517491] >ffff888100a36000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.517919] ^ [ 16.518169] ffff888100a36080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.518668] ffff888100a36100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.519151] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.090709] ================================================================== [ 16.091567] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 16.092663] Write of size 1 at addr ffff888100a35ec9 by task kunit_try_catch/175 [ 16.093207] [ 16.093488] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.093622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.093652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.093731] Call Trace: [ 16.093764] <TASK> [ 16.093805] dump_stack_lvl+0x73/0xb0 [ 16.093883] print_report+0xd1/0x650 [ 16.093936] ? __virt_addr_valid+0x1db/0x2d0 [ 16.093982] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.094023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.094075] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.094113] kasan_report+0x141/0x180 [ 16.094148] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.094192] __asan_report_store1_noabort+0x1b/0x30 [ 16.094218] krealloc_less_oob_helper+0xd70/0x11d0 [ 16.094245] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.094290] ? irqentry_exit+0x2a/0x60 [ 16.094319] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.094348] ? __pfx_krealloc_less_oob+0x10/0x10 [ 16.094375] krealloc_less_oob+0x1c/0x30 [ 16.094399] kunit_try_run_case+0x1a5/0x480 [ 16.094428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.094478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.094501] ? __kthread_parkme+0x82/0x180 [ 16.094524] ? preempt_count_sub+0x50/0x80 [ 16.094550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.094623] kthread+0x337/0x6f0 [ 16.094645] ? trace_preempt_on+0x20/0xc0 [ 16.094683] ? __pfx_kthread+0x10/0x10 [ 16.094709] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.094730] ? calculate_sigpending+0x7b/0xa0 [ 16.094756] ? __pfx_kthread+0x10/0x10 [ 16.094778] ret_from_fork+0x116/0x1d0 [ 16.094799] ? __pfx_kthread+0x10/0x10 [ 16.094820] ret_from_fork_asm+0x1a/0x30 [ 16.094852] </TASK> [ 16.094867] [ 16.108284] Allocated by task 175: [ 16.108672] kasan_save_stack+0x45/0x70 [ 16.109296] kasan_save_track+0x18/0x40 [ 16.109693] kasan_save_alloc_info+0x3b/0x50 [ 16.110118] __kasan_krealloc+0x190/0x1f0 [ 16.110497] krealloc_noprof+0xf3/0x340 [ 16.110923] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.111363] krealloc_less_oob+0x1c/0x30 [ 16.111920] kunit_try_run_case+0x1a5/0x480 [ 16.112453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112910] kthread+0x337/0x6f0 [ 16.113397] ret_from_fork+0x116/0x1d0 [ 16.113763] ret_from_fork_asm+0x1a/0x30 [ 16.114341] [ 16.114570] The buggy address belongs to the object at ffff888100a35e00 [ 16.114570] which belongs to the cache kmalloc-256 of size 256 [ 16.115418] The buggy address is located 0 bytes to the right of [ 16.115418] allocated 201-byte region [ffff888100a35e00, ffff888100a35ec9) [ 16.116507] [ 16.116771] The buggy address belongs to the physical page: [ 16.117357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.117555] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.117779] flags: 0x200000000000040(head|node=0|zone=2) [ 16.118338] page_type: f5(slab) [ 16.118824] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.119838] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.120530] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.121154] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.121718] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.122449] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.123280] page dumped because: kasan: bad access detected [ 16.123554] [ 16.123666] Memory state around the buggy address: [ 16.124033] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.124788] ffff888100a35e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.125055] >ffff888100a35e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.125605] ^ [ 16.125849] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127052] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127705] ================================================================== [ 16.394812] ================================================================== [ 16.395243] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 16.395992] Write of size 1 at addr ffff8881029960da by task kunit_try_catch/179 [ 16.396631] [ 16.396951] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.397060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.397086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.397130] Call Trace: [ 16.397161] <TASK> [ 16.397198] dump_stack_lvl+0x73/0xb0 [ 16.397277] print_report+0xd1/0x650 [ 16.397332] ? __virt_addr_valid+0x1db/0x2d0 [ 16.397384] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.397434] ? kasan_addr_to_slab+0x11/0xa0 [ 16.397471] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.397515] kasan_report+0x141/0x180 [ 16.397558] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.397646] __asan_report_store1_noabort+0x1b/0x30 [ 16.397756] krealloc_less_oob_helper+0xec6/0x11d0 [ 16.397803] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.397856] ? irqentry_exit+0x2a/0x60 [ 16.397913] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.397956] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 16.397995] krealloc_large_less_oob+0x1c/0x30 [ 16.398028] kunit_try_run_case+0x1a5/0x480 [ 16.398092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.398133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.398178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.398218] ? __kthread_parkme+0x82/0x180 [ 16.398254] ? preempt_count_sub+0x50/0x80 [ 16.398312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.398357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.398488] kthread+0x337/0x6f0 [ 16.398548] ? trace_preempt_on+0x20/0xc0 [ 16.398601] ? __pfx_kthread+0x10/0x10 [ 16.398647] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.398729] ? calculate_sigpending+0x7b/0xa0 [ 16.398767] ? __pfx_kthread+0x10/0x10 [ 16.398800] ret_from_fork+0x116/0x1d0 [ 16.398828] ? __pfx_kthread+0x10/0x10 [ 16.398860] ret_from_fork_asm+0x1a/0x30 [ 16.398908] </TASK> [ 16.398945] [ 16.409415] The buggy address belongs to the physical page: [ 16.409920] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.410505] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.411017] flags: 0x200000000000040(head|node=0|zone=2) [ 16.411461] page_type: f8(unknown) [ 16.411833] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.412299] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.412610] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.412937] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.413558] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.414177] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.414798] page dumped because: kasan: bad access detected [ 16.415142] [ 16.415353] Memory state around the buggy address: [ 16.415619] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.415929] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.416504] >ffff888102996080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.417075] ^ [ 16.417455] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.417926] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.418355] ================================================================== [ 16.241088] ================================================================== [ 16.241740] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 16.242439] Write of size 1 at addr ffff888100a35eeb by task kunit_try_catch/175 [ 16.243249] [ 16.243501] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.243609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.243633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.243702] Call Trace: [ 16.243743] <TASK> [ 16.243781] dump_stack_lvl+0x73/0xb0 [ 16.243852] print_report+0xd1/0x650 [ 16.243898] ? __virt_addr_valid+0x1db/0x2d0 [ 16.243942] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.243989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.244031] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.244114] kasan_report+0x141/0x180 [ 16.244159] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.244213] __asan_report_store1_noabort+0x1b/0x30 [ 16.244252] krealloc_less_oob_helper+0xd47/0x11d0 [ 16.244313] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.244358] ? irqentry_exit+0x2a/0x60 [ 16.244401] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.244461] ? __pfx_krealloc_less_oob+0x10/0x10 [ 16.244515] krealloc_less_oob+0x1c/0x30 [ 16.244551] kunit_try_run_case+0x1a5/0x480 [ 16.244592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.244627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.244682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.244732] ? __kthread_parkme+0x82/0x180 [ 16.244756] ? preempt_count_sub+0x50/0x80 [ 16.244781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.244806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.244832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.244856] kthread+0x337/0x6f0 [ 16.244877] ? trace_preempt_on+0x20/0xc0 [ 16.244905] ? __pfx_kthread+0x10/0x10 [ 16.244928] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.244949] ? calculate_sigpending+0x7b/0xa0 [ 16.244975] ? __pfx_kthread+0x10/0x10 [ 16.244998] ret_from_fork+0x116/0x1d0 [ 16.245019] ? __pfx_kthread+0x10/0x10 [ 16.245048] ret_from_fork_asm+0x1a/0x30 [ 16.245113] </TASK> [ 16.245134] [ 16.256825] Allocated by task 175: [ 16.257046] kasan_save_stack+0x45/0x70 [ 16.257283] kasan_save_track+0x18/0x40 [ 16.257620] kasan_save_alloc_info+0x3b/0x50 [ 16.258797] __kasan_krealloc+0x190/0x1f0 [ 16.259381] krealloc_noprof+0xf3/0x340 [ 16.259720] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.260290] krealloc_less_oob+0x1c/0x30 [ 16.260600] kunit_try_run_case+0x1a5/0x480 [ 16.260976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.261659] kthread+0x337/0x6f0 [ 16.261870] ret_from_fork+0x116/0x1d0 [ 16.262307] ret_from_fork_asm+0x1a/0x30 [ 16.262509] [ 16.262643] The buggy address belongs to the object at ffff888100a35e00 [ 16.262643] which belongs to the cache kmalloc-256 of size 256 [ 16.264145] The buggy address is located 34 bytes to the right of [ 16.264145] allocated 201-byte region [ffff888100a35e00, ffff888100a35ec9) [ 16.264892] [ 16.265131] The buggy address belongs to the physical page: [ 16.265391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.265881] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.266381] flags: 0x200000000000040(head|node=0|zone=2) [ 16.266784] page_type: f5(slab) [ 16.267106] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.267512] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.267977] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.268269] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.269454] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.269989] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.270385] page dumped because: kasan: bad access detected [ 16.270615] [ 16.270726] Memory state around the buggy address: [ 16.270932] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.271204] ffff888100a35e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.271759] >ffff888100a35e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.272532] ^ [ 16.273786] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275578] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275861] ================================================================== [ 16.203243] ================================================================== [ 16.204340] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 16.204911] Write of size 1 at addr ffff888100a35eea by task kunit_try_catch/175 [ 16.205598] [ 16.205810] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.205915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.205942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.205987] Call Trace: [ 16.206026] <TASK> [ 16.206235] dump_stack_lvl+0x73/0xb0 [ 16.206332] print_report+0xd1/0x650 [ 16.206380] ? __virt_addr_valid+0x1db/0x2d0 [ 16.206428] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.206470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.206509] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.206553] kasan_report+0x141/0x180 [ 16.206613] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.206713] __asan_report_store1_noabort+0x1b/0x30 [ 16.206757] krealloc_less_oob_helper+0xe90/0x11d0 [ 16.206807] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.206855] ? irqentry_exit+0x2a/0x60 [ 16.206894] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.206948] ? __pfx_krealloc_less_oob+0x10/0x10 [ 16.207009] krealloc_less_oob+0x1c/0x30 [ 16.207071] kunit_try_run_case+0x1a5/0x480 [ 16.207122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.207238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.207290] ? __kthread_parkme+0x82/0x180 [ 16.207326] ? preempt_count_sub+0x50/0x80 [ 16.207364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.207442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.207480] kthread+0x337/0x6f0 [ 16.207514] ? trace_preempt_on+0x20/0xc0 [ 16.207555] ? __pfx_kthread+0x10/0x10 [ 16.207590] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.207618] ? calculate_sigpending+0x7b/0xa0 [ 16.207645] ? __pfx_kthread+0x10/0x10 [ 16.207692] ret_from_fork+0x116/0x1d0 [ 16.207730] ? __pfx_kthread+0x10/0x10 [ 16.207752] ret_from_fork_asm+0x1a/0x30 [ 16.207785] </TASK> [ 16.207799] [ 16.219611] Allocated by task 175: [ 16.220001] kasan_save_stack+0x45/0x70 [ 16.220548] kasan_save_track+0x18/0x40 [ 16.220988] kasan_save_alloc_info+0x3b/0x50 [ 16.221412] __kasan_krealloc+0x190/0x1f0 [ 16.221757] krealloc_noprof+0xf3/0x340 [ 16.222125] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.222639] krealloc_less_oob+0x1c/0x30 [ 16.223076] kunit_try_run_case+0x1a5/0x480 [ 16.223441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.223834] kthread+0x337/0x6f0 [ 16.224191] ret_from_fork+0x116/0x1d0 [ 16.224505] ret_from_fork_asm+0x1a/0x30 [ 16.224771] [ 16.224948] The buggy address belongs to the object at ffff888100a35e00 [ 16.224948] which belongs to the cache kmalloc-256 of size 256 [ 16.226359] The buggy address is located 33 bytes to the right of [ 16.226359] allocated 201-byte region [ffff888100a35e00, ffff888100a35ec9) [ 16.227414] [ 16.227559] The buggy address belongs to the physical page: [ 16.228137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.229039] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.229761] flags: 0x200000000000040(head|node=0|zone=2) [ 16.230297] page_type: f5(slab) [ 16.230680] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.231172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.231897] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.232497] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.233402] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.233934] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.234676] page dumped because: kasan: bad access detected [ 16.235197] [ 16.235416] Memory state around the buggy address: [ 16.235888] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.236713] ffff888100a35e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.237345] >ffff888100a35e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.237886] ^ [ 16.238452] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.239235] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.239814] ================================================================== [ 16.419629] ================================================================== [ 16.420024] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 16.421293] Write of size 1 at addr ffff8881029960ea by task kunit_try_catch/179 [ 16.421964] [ 16.422249] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.422395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.422449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.422493] Call Trace: [ 16.422532] <TASK> [ 16.422583] dump_stack_lvl+0x73/0xb0 [ 16.422695] print_report+0xd1/0x650 [ 16.422750] ? __virt_addr_valid+0x1db/0x2d0 [ 16.422812] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.422874] ? kasan_addr_to_slab+0x11/0xa0 [ 16.422919] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.422972] kasan_report+0x141/0x180 [ 16.423027] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.423080] __asan_report_store1_noabort+0x1b/0x30 [ 16.423120] krealloc_less_oob_helper+0xe90/0x11d0 [ 16.423183] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.423246] ? irqentry_exit+0x2a/0x60 [ 16.423304] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.423365] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 16.423424] krealloc_large_less_oob+0x1c/0x30 [ 16.423475] kunit_try_run_case+0x1a5/0x480 [ 16.423530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.423578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.423629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.423709] ? __kthread_parkme+0x82/0x180 [ 16.423841] ? preempt_count_sub+0x50/0x80 [ 16.423881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.424331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.424391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.424432] kthread+0x337/0x6f0 [ 16.424464] ? trace_preempt_on+0x20/0xc0 [ 16.424492] ? __pfx_kthread+0x10/0x10 [ 16.424514] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.424538] ? calculate_sigpending+0x7b/0xa0 [ 16.424564] ? __pfx_kthread+0x10/0x10 [ 16.424586] ret_from_fork+0x116/0x1d0 [ 16.424607] ? __pfx_kthread+0x10/0x10 [ 16.424628] ret_from_fork_asm+0x1a/0x30 [ 16.424682] </TASK> [ 16.424721] [ 16.437084] The buggy address belongs to the physical page: [ 16.437517] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.438023] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.438415] flags: 0x200000000000040(head|node=0|zone=2) [ 16.438776] page_type: f8(unknown) [ 16.439115] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.439608] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.440002] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.440604] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.440963] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.441508] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.442074] page dumped because: kasan: bad access detected [ 16.442379] [ 16.442498] Memory state around the buggy address: [ 16.442868] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.443294] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.443722] >ffff888102996080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.444190] ^ [ 16.444552] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.445088] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.445375] ================================================================== [ 16.128806] ================================================================== [ 16.129458] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 16.130504] Write of size 1 at addr ffff888100a35ed0 by task kunit_try_catch/175 [ 16.131535] [ 16.131717] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.131810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.131835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.131877] Call Trace: [ 16.131900] <TASK> [ 16.132117] dump_stack_lvl+0x73/0xb0 [ 16.132197] print_report+0xd1/0x650 [ 16.132239] ? __virt_addr_valid+0x1db/0x2d0 [ 16.132293] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.132331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.132365] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.132403] kasan_report+0x141/0x180 [ 16.132439] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.132481] __asan_report_store1_noabort+0x1b/0x30 [ 16.132514] krealloc_less_oob_helper+0xe23/0x11d0 [ 16.132555] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.132589] ? irqentry_exit+0x2a/0x60 [ 16.132623] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.132669] ? __pfx_krealloc_less_oob+0x10/0x10 [ 16.132903] krealloc_less_oob+0x1c/0x30 [ 16.133001] kunit_try_run_case+0x1a5/0x480 [ 16.133036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.133135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.133168] ? __kthread_parkme+0x82/0x180 [ 16.133200] ? preempt_count_sub+0x50/0x80 [ 16.133236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.133324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.133358] kthread+0x337/0x6f0 [ 16.133389] ? trace_preempt_on+0x20/0xc0 [ 16.133430] ? __pfx_kthread+0x10/0x10 [ 16.133461] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.133493] ? calculate_sigpending+0x7b/0xa0 [ 16.133526] ? __pfx_kthread+0x10/0x10 [ 16.133549] ret_from_fork+0x116/0x1d0 [ 16.133569] ? __pfx_kthread+0x10/0x10 [ 16.133591] ret_from_fork_asm+0x1a/0x30 [ 16.133622] </TASK> [ 16.133635] [ 16.147523] Allocated by task 175: [ 16.148153] kasan_save_stack+0x45/0x70 [ 16.148446] kasan_save_track+0x18/0x40 [ 16.148651] kasan_save_alloc_info+0x3b/0x50 [ 16.149393] __kasan_krealloc+0x190/0x1f0 [ 16.150010] krealloc_noprof+0xf3/0x340 [ 16.150577] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.150925] krealloc_less_oob+0x1c/0x30 [ 16.151446] kunit_try_run_case+0x1a5/0x480 [ 16.151924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.152255] kthread+0x337/0x6f0 [ 16.152782] ret_from_fork+0x116/0x1d0 [ 16.153145] ret_from_fork_asm+0x1a/0x30 [ 16.153547] [ 16.153805] The buggy address belongs to the object at ffff888100a35e00 [ 16.153805] which belongs to the cache kmalloc-256 of size 256 [ 16.154552] The buggy address is located 7 bytes to the right of [ 16.154552] allocated 201-byte region [ffff888100a35e00, ffff888100a35ec9) [ 16.155348] [ 16.155662] The buggy address belongs to the physical page: [ 16.156089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.157710] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.158249] flags: 0x200000000000040(head|node=0|zone=2) [ 16.158655] page_type: f5(slab) [ 16.159171] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.160006] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.160642] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.161106] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.161967] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.162842] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.163341] page dumped because: kasan: bad access detected [ 16.163561] [ 16.163760] Memory state around the buggy address: [ 16.164212] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.164618] ffff888100a35e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.165223] >ffff888100a35e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.165620] ^ [ 16.166141] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.166677] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.166907] ================================================================== [ 16.168371] ================================================================== [ 16.168970] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 16.169506] Write of size 1 at addr ffff888100a35eda by task kunit_try_catch/175 [ 16.170000] [ 16.170321] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.170448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.170476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.170518] Call Trace: [ 16.170548] <TASK> [ 16.170603] dump_stack_lvl+0x73/0xb0 [ 16.170713] print_report+0xd1/0x650 [ 16.170764] ? __virt_addr_valid+0x1db/0x2d0 [ 16.170807] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.170854] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.170901] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.170953] kasan_report+0x141/0x180 [ 16.171011] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.171106] __asan_report_store1_noabort+0x1b/0x30 [ 16.171154] krealloc_less_oob_helper+0xec6/0x11d0 [ 16.171209] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.171269] ? irqentry_exit+0x2a/0x60 [ 16.171320] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.171372] ? __pfx_krealloc_less_oob+0x10/0x10 [ 16.171435] krealloc_less_oob+0x1c/0x30 [ 16.171470] kunit_try_run_case+0x1a5/0x480 [ 16.171511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.171547] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.171589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.171632] ? __kthread_parkme+0x82/0x180 [ 16.171726] ? preempt_count_sub+0x50/0x80 [ 16.171779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.171837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.171882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.171920] kthread+0x337/0x6f0 [ 16.171956] ? trace_preempt_on+0x20/0xc0 [ 16.172001] ? __pfx_kthread+0x10/0x10 [ 16.172074] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.172112] ? calculate_sigpending+0x7b/0xa0 [ 16.172151] ? __pfx_kthread+0x10/0x10 [ 16.172191] ret_from_fork+0x116/0x1d0 [ 16.172233] ? __pfx_kthread+0x10/0x10 [ 16.172285] ret_from_fork_asm+0x1a/0x30 [ 16.172350] </TASK> [ 16.172379] [ 16.183894] Allocated by task 175: [ 16.184181] kasan_save_stack+0x45/0x70 [ 16.184561] kasan_save_track+0x18/0x40 [ 16.184823] kasan_save_alloc_info+0x3b/0x50 [ 16.185019] __kasan_krealloc+0x190/0x1f0 [ 16.185207] krealloc_noprof+0xf3/0x340 [ 16.185555] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.185953] krealloc_less_oob+0x1c/0x30 [ 16.186189] kunit_try_run_case+0x1a5/0x480 [ 16.186925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.187399] kthread+0x337/0x6f0 [ 16.187630] ret_from_fork+0x116/0x1d0 [ 16.187885] ret_from_fork_asm+0x1a/0x30 [ 16.188242] [ 16.188429] The buggy address belongs to the object at ffff888100a35e00 [ 16.188429] which belongs to the cache kmalloc-256 of size 256 [ 16.189287] The buggy address is located 17 bytes to the right of [ 16.189287] allocated 201-byte region [ffff888100a35e00, ffff888100a35ec9) [ 16.190200] [ 16.190536] The buggy address belongs to the physical page: [ 16.191561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.192252] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.192981] flags: 0x200000000000040(head|node=0|zone=2) [ 16.193426] page_type: f5(slab) [ 16.193782] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.194373] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.195158] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.195644] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.196442] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.197460] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.197851] page dumped because: kasan: bad access detected [ 16.198050] [ 16.198427] Memory state around the buggy address: [ 16.198869] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.199432] ffff888100a35e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.199955] >ffff888100a35e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.200551] ^ [ 16.200990] ffff888100a35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.201607] ffff888100a35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.202395] ================================================================== [ 16.341340] ================================================================== [ 16.341855] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 16.342618] Write of size 1 at addr ffff8881029960c9 by task kunit_try_catch/179 [ 16.343188] [ 16.343458] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.343572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.343639] Call Trace: [ 16.343666] <TASK> [ 16.343712] dump_stack_lvl+0x73/0xb0 [ 16.343779] print_report+0xd1/0x650 [ 16.343858] ? __virt_addr_valid+0x1db/0x2d0 [ 16.343903] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.343951] ? kasan_addr_to_slab+0x11/0xa0 [ 16.343995] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.344042] kasan_report+0x141/0x180 [ 16.344107] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.344166] __asan_report_store1_noabort+0x1b/0x30 [ 16.344207] krealloc_less_oob_helper+0xd70/0x11d0 [ 16.344279] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.344312] ? irqentry_exit+0x2a/0x60 [ 16.344345] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.344390] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 16.344440] krealloc_large_less_oob+0x1c/0x30 [ 16.344485] kunit_try_run_case+0x1a5/0x480 [ 16.344559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.344653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.344693] ? __kthread_parkme+0x82/0x180 [ 16.344734] ? preempt_count_sub+0x50/0x80 [ 16.344782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.344868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.344960] kthread+0x337/0x6f0 [ 16.344999] ? trace_preempt_on+0x20/0xc0 [ 16.345050] ? __pfx_kthread+0x10/0x10 [ 16.345093] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.345132] ? calculate_sigpending+0x7b/0xa0 [ 16.345160] ? __pfx_kthread+0x10/0x10 [ 16.345182] ret_from_fork+0x116/0x1d0 [ 16.345204] ? __pfx_kthread+0x10/0x10 [ 16.345226] ret_from_fork_asm+0x1a/0x30 [ 16.345272] </TASK> [ 16.345290] [ 16.356652] The buggy address belongs to the physical page: [ 16.357130] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.357461] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.358026] flags: 0x200000000000040(head|node=0|zone=2) [ 16.358495] page_type: f8(unknown) [ 16.358826] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.359480] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.360046] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.360407] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.361077] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.361741] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.362268] page dumped because: kasan: bad access detected [ 16.362565] [ 16.362711] Memory state around the buggy address: [ 16.363123] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.363512] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.364104] >ffff888102996080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.364522] ^ [ 16.364929] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.365201] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.365599] ================================================================== [ 16.368303] ================================================================== [ 16.368855] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 16.369324] Write of size 1 at addr ffff8881029960d0 by task kunit_try_catch/179 [ 16.370095] [ 16.370621] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.370742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.370772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.370817] Call Trace: [ 16.370845] <TASK> [ 16.370894] dump_stack_lvl+0x73/0xb0 [ 16.370981] print_report+0xd1/0x650 [ 16.371042] ? __virt_addr_valid+0x1db/0x2d0 [ 16.371091] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.371134] ? kasan_addr_to_slab+0x11/0xa0 [ 16.371164] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.371190] kasan_report+0x141/0x180 [ 16.371214] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.371244] __asan_report_store1_noabort+0x1b/0x30 [ 16.371291] krealloc_less_oob_helper+0xe23/0x11d0 [ 16.371322] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.371347] ? irqentry_exit+0x2a/0x60 [ 16.371369] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.371399] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 16.371426] krealloc_large_less_oob+0x1c/0x30 [ 16.371450] kunit_try_run_case+0x1a5/0x480 [ 16.371476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.371524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.371546] ? __kthread_parkme+0x82/0x180 [ 16.371568] ? preempt_count_sub+0x50/0x80 [ 16.371592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.371640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.371687] kthread+0x337/0x6f0 [ 16.371717] ? trace_preempt_on+0x20/0xc0 [ 16.371744] ? __pfx_kthread+0x10/0x10 [ 16.371766] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.371788] ? calculate_sigpending+0x7b/0xa0 [ 16.371814] ? __pfx_kthread+0x10/0x10 [ 16.371836] ret_from_fork+0x116/0x1d0 [ 16.371856] ? __pfx_kthread+0x10/0x10 [ 16.371878] ret_from_fork_asm+0x1a/0x30 [ 16.371913] </TASK> [ 16.371926] [ 16.383211] The buggy address belongs to the physical page: [ 16.383820] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.384503] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.385482] flags: 0x200000000000040(head|node=0|zone=2) [ 16.385754] page_type: f8(unknown) [ 16.386005] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.386342] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.387190] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.387876] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.388219] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.388452] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.389508] page dumped because: kasan: bad access detected [ 16.390040] [ 16.390158] Memory state around the buggy address: [ 16.390538] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.390983] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.391579] >ffff888102996080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.392217] ^ [ 16.392480] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.393012] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.393335] ================================================================== [ 16.446520] ================================================================== [ 16.447977] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 16.448401] Write of size 1 at addr ffff8881029960eb by task kunit_try_catch/179 [ 16.448897] [ 16.449133] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.449230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.449256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.449311] Call Trace: [ 16.449348] <TASK> [ 16.449385] dump_stack_lvl+0x73/0xb0 [ 16.449449] print_report+0xd1/0x650 [ 16.449494] ? __virt_addr_valid+0x1db/0x2d0 [ 16.449538] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.449580] ? kasan_addr_to_slab+0x11/0xa0 [ 16.449619] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.449665] kasan_report+0x141/0x180 [ 16.449728] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.449775] __asan_report_store1_noabort+0x1b/0x30 [ 16.449812] krealloc_less_oob_helper+0xd47/0x11d0 [ 16.449862] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.449904] ? irqentry_exit+0x2a/0x60 [ 16.449940] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.449993] ? __pfx_krealloc_large_less_oob+0x10/0x10 [ 16.450050] krealloc_large_less_oob+0x1c/0x30 [ 16.450093] kunit_try_run_case+0x1a5/0x480 [ 16.450141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.450185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.450231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.450287] ? __kthread_parkme+0x82/0x180 [ 16.450332] ? preempt_count_sub+0x50/0x80 [ 16.450384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.450429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.450464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.450489] kthread+0x337/0x6f0 [ 16.450511] ? trace_preempt_on+0x20/0xc0 [ 16.450537] ? __pfx_kthread+0x10/0x10 [ 16.450559] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.450580] ? calculate_sigpending+0x7b/0xa0 [ 16.450606] ? __pfx_kthread+0x10/0x10 [ 16.450628] ret_from_fork+0x116/0x1d0 [ 16.450649] ? __pfx_kthread+0x10/0x10 [ 16.450681] ret_from_fork_asm+0x1a/0x30 [ 16.450738] </TASK> [ 16.450752] [ 16.460168] The buggy address belongs to the physical page: [ 16.460513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.461292] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.461583] flags: 0x200000000000040(head|node=0|zone=2) [ 16.462131] page_type: f8(unknown) [ 16.462474] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.462903] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.463212] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.463775] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.464289] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.464808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.465118] page dumped because: kasan: bad access detected [ 16.465467] [ 16.465685] Memory state around the buggy address: [ 16.466091] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.466531] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.467005] >ffff888102996080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.467757] ^ [ 16.468024] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.468310] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.468568] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.045398] ================================================================== [ 16.045999] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 16.047228] Write of size 1 at addr ffff888100a35cf0 by task kunit_try_catch/173 [ 16.048313] [ 16.048612] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.048721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.048737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.048764] Call Trace: [ 16.048780] <TASK> [ 16.048810] dump_stack_lvl+0x73/0xb0 [ 16.048893] print_report+0xd1/0x650 [ 16.048938] ? __virt_addr_valid+0x1db/0x2d0 [ 16.048982] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.049028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.049073] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.049124] kasan_report+0x141/0x180 [ 16.049172] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.049325] __asan_report_store1_noabort+0x1b/0x30 [ 16.049361] krealloc_more_oob_helper+0x7eb/0x930 [ 16.049387] ? __schedule+0x10cc/0x2b60 [ 16.049410] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.049436] ? finish_task_switch.isra.0+0x153/0x700 [ 16.049460] ? __switch_to+0x47/0xf50 [ 16.049487] ? __schedule+0x10cc/0x2b60 [ 16.049508] ? __pfx_read_tsc+0x10/0x10 [ 16.049533] krealloc_more_oob+0x1c/0x30 [ 16.049558] kunit_try_run_case+0x1a5/0x480 [ 16.049584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049608] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.049632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.049669] ? __kthread_parkme+0x82/0x180 [ 16.049716] ? preempt_count_sub+0x50/0x80 [ 16.049741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.049767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.049791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.049815] kthread+0x337/0x6f0 [ 16.049836] ? trace_preempt_on+0x20/0xc0 [ 16.049863] ? __pfx_kthread+0x10/0x10 [ 16.049885] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.049906] ? calculate_sigpending+0x7b/0xa0 [ 16.049932] ? __pfx_kthread+0x10/0x10 [ 16.049954] ret_from_fork+0x116/0x1d0 [ 16.049974] ? __pfx_kthread+0x10/0x10 [ 16.049995] ret_from_fork_asm+0x1a/0x30 [ 16.050027] </TASK> [ 16.050045] [ 16.065202] Allocated by task 173: [ 16.065580] kasan_save_stack+0x45/0x70 [ 16.066075] kasan_save_track+0x18/0x40 [ 16.066665] kasan_save_alloc_info+0x3b/0x50 [ 16.067518] __kasan_krealloc+0x190/0x1f0 [ 16.067898] krealloc_noprof+0xf3/0x340 [ 16.068109] krealloc_more_oob_helper+0x1a9/0x930 [ 16.068598] krealloc_more_oob+0x1c/0x30 [ 16.069116] kunit_try_run_case+0x1a5/0x480 [ 16.069324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.069531] kthread+0x337/0x6f0 [ 16.069715] ret_from_fork+0x116/0x1d0 [ 16.070613] ret_from_fork_asm+0x1a/0x30 [ 16.070944] [ 16.071145] The buggy address belongs to the object at ffff888100a35c00 [ 16.071145] which belongs to the cache kmalloc-256 of size 256 [ 16.072365] The buggy address is located 5 bytes to the right of [ 16.072365] allocated 235-byte region [ffff888100a35c00, ffff888100a35ceb) [ 16.072885] [ 16.073098] The buggy address belongs to the physical page: [ 16.073829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.074567] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.074934] flags: 0x200000000000040(head|node=0|zone=2) [ 16.075795] page_type: f5(slab) [ 16.075991] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.076913] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.077653] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.078207] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.079203] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.079496] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.079824] page dumped because: kasan: bad access detected [ 16.080070] [ 16.080298] Memory state around the buggy address: [ 16.080828] ffff888100a35b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.081560] ffff888100a35c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.082347] >ffff888100a35c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.082898] ^ [ 16.083198] ffff888100a35d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.083537] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.084044] ================================================================== [ 16.283674] ================================================================== [ 16.284227] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 16.285410] Write of size 1 at addr ffff8881029960eb by task kunit_try_catch/177 [ 16.286040] [ 16.286273] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.286376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.286403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.286447] Call Trace: [ 16.286493] <TASK> [ 16.286541] dump_stack_lvl+0x73/0xb0 [ 16.286627] print_report+0xd1/0x650 [ 16.286687] ? __virt_addr_valid+0x1db/0x2d0 [ 16.286733] ? krealloc_more_oob_helper+0x821/0x930 [ 16.286770] ? kasan_addr_to_slab+0x11/0xa0 [ 16.286793] ? krealloc_more_oob_helper+0x821/0x930 [ 16.286818] kasan_report+0x141/0x180 [ 16.286842] ? krealloc_more_oob_helper+0x821/0x930 [ 16.286871] __asan_report_store1_noabort+0x1b/0x30 [ 16.286893] krealloc_more_oob_helper+0x821/0x930 [ 16.286919] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.286944] ? irqentry_exit+0x2a/0x60 [ 16.286967] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.287006] ? __pfx_krealloc_large_more_oob+0x10/0x10 [ 16.287040] krealloc_large_more_oob+0x1c/0x30 [ 16.287065] kunit_try_run_case+0x1a5/0x480 [ 16.287094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.287119] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.287144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.287168] ? __kthread_parkme+0x82/0x180 [ 16.287191] ? preempt_count_sub+0x50/0x80 [ 16.287218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.287242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.287289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.287316] kthread+0x337/0x6f0 [ 16.287337] ? trace_preempt_on+0x20/0xc0 [ 16.287364] ? __pfx_kthread+0x10/0x10 [ 16.287386] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.287408] ? calculate_sigpending+0x7b/0xa0 [ 16.287435] ? __pfx_kthread+0x10/0x10 [ 16.287458] ret_from_fork+0x116/0x1d0 [ 16.287479] ? __pfx_kthread+0x10/0x10 [ 16.287500] ret_from_fork_asm+0x1a/0x30 [ 16.287533] </TASK> [ 16.287548] [ 16.299287] The buggy address belongs to the physical page: [ 16.299865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.300426] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.300868] flags: 0x200000000000040(head|node=0|zone=2) [ 16.301295] page_type: f8(unknown) [ 16.301643] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.301971] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.302581] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.303228] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.303726] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.304096] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.304776] page dumped because: kasan: bad access detected [ 16.305218] [ 16.305424] Memory state around the buggy address: [ 16.305808] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.306210] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.306870] >ffff888102996080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.307321] ^ [ 16.307615] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.308147] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.308543] ================================================================== [ 16.007018] ================================================================== [ 16.007981] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 16.008758] Write of size 1 at addr ffff888100a35ceb by task kunit_try_catch/173 [ 16.009099] [ 16.009273] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.009380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.009403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.009444] Call Trace: [ 16.009475] <TASK> [ 16.009514] dump_stack_lvl+0x73/0xb0 [ 16.009586] print_report+0xd1/0x650 [ 16.009630] ? __virt_addr_valid+0x1db/0x2d0 [ 16.009675] ? krealloc_more_oob_helper+0x821/0x930 [ 16.009720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.009759] ? krealloc_more_oob_helper+0x821/0x930 [ 16.009800] kasan_report+0x141/0x180 [ 16.009842] ? krealloc_more_oob_helper+0x821/0x930 [ 16.009894] __asan_report_store1_noabort+0x1b/0x30 [ 16.009933] krealloc_more_oob_helper+0x821/0x930 [ 16.009973] ? __schedule+0x10cc/0x2b60 [ 16.010017] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.010060] ? finish_task_switch.isra.0+0x153/0x700 [ 16.010101] ? __switch_to+0x47/0xf50 [ 16.010149] ? __schedule+0x10cc/0x2b60 [ 16.010188] ? __pfx_read_tsc+0x10/0x10 [ 16.010233] krealloc_more_oob+0x1c/0x30 [ 16.010366] kunit_try_run_case+0x1a5/0x480 [ 16.010413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.010439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.010465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.010488] ? __kthread_parkme+0x82/0x180 [ 16.010510] ? preempt_count_sub+0x50/0x80 [ 16.010534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.010559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.010583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.010607] kthread+0x337/0x6f0 [ 16.010628] ? trace_preempt_on+0x20/0xc0 [ 16.010654] ? __pfx_kthread+0x10/0x10 [ 16.010680] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.010728] ? calculate_sigpending+0x7b/0xa0 [ 16.010756] ? __pfx_kthread+0x10/0x10 [ 16.010779] ret_from_fork+0x116/0x1d0 [ 16.010799] ? __pfx_kthread+0x10/0x10 [ 16.010820] ret_from_fork_asm+0x1a/0x30 [ 16.010852] </TASK> [ 16.010867] [ 16.025167] Allocated by task 173: [ 16.025638] kasan_save_stack+0x45/0x70 [ 16.026046] kasan_save_track+0x18/0x40 [ 16.026398] kasan_save_alloc_info+0x3b/0x50 [ 16.026710] __kasan_krealloc+0x190/0x1f0 [ 16.027330] krealloc_noprof+0xf3/0x340 [ 16.027552] krealloc_more_oob_helper+0x1a9/0x930 [ 16.027801] krealloc_more_oob+0x1c/0x30 [ 16.028647] kunit_try_run_case+0x1a5/0x480 [ 16.029130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.029502] kthread+0x337/0x6f0 [ 16.029792] ret_from_fork+0x116/0x1d0 [ 16.030398] ret_from_fork_asm+0x1a/0x30 [ 16.030738] [ 16.030979] The buggy address belongs to the object at ffff888100a35c00 [ 16.030979] which belongs to the cache kmalloc-256 of size 256 [ 16.032249] The buggy address is located 0 bytes to the right of [ 16.032249] allocated 235-byte region [ffff888100a35c00, ffff888100a35ceb) [ 16.033480] [ 16.033898] The buggy address belongs to the physical page: [ 16.034741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a34 [ 16.035183] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.035458] flags: 0x200000000000040(head|node=0|zone=2) [ 16.035829] page_type: f5(slab) [ 16.036016] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.036589] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.036981] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.037521] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.038016] head: 0200000000000001 ffffea0004028d01 00000000ffffffff 00000000ffffffff [ 16.038615] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.039185] page dumped because: kasan: bad access detected [ 16.039562] [ 16.039758] Memory state around the buggy address: [ 16.040206] ffff888100a35b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.040631] ffff888100a35c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.041744] >ffff888100a35c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.042579] ^ [ 16.043123] ffff888100a35d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.043877] ffff888100a35d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.044147] ================================================================== [ 16.309800] ================================================================== [ 16.310319] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 16.311067] Write of size 1 at addr ffff8881029960f0 by task kunit_try_catch/177 [ 16.311448] [ 16.311865] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.312121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.312152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.312197] Call Trace: [ 16.312236] <TASK> [ 16.312284] dump_stack_lvl+0x73/0xb0 [ 16.312346] print_report+0xd1/0x650 [ 16.312386] ? __virt_addr_valid+0x1db/0x2d0 [ 16.312423] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.312457] ? kasan_addr_to_slab+0x11/0xa0 [ 16.312485] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.312519] kasan_report+0x141/0x180 [ 16.312552] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.312593] __asan_report_store1_noabort+0x1b/0x30 [ 16.312625] krealloc_more_oob_helper+0x7eb/0x930 [ 16.312674] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.312712] ? irqentry_exit+0x2a/0x60 [ 16.312744] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.312783] ? __pfx_krealloc_large_more_oob+0x10/0x10 [ 16.312822] krealloc_large_more_oob+0x1c/0x30 [ 16.312857] kunit_try_run_case+0x1a5/0x480 [ 16.312892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.312940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.312963] ? __kthread_parkme+0x82/0x180 [ 16.312985] ? preempt_count_sub+0x50/0x80 [ 16.313011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.313037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.313061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.313085] kthread+0x337/0x6f0 [ 16.313105] ? trace_preempt_on+0x20/0xc0 [ 16.313131] ? __pfx_kthread+0x10/0x10 [ 16.313153] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.313174] ? calculate_sigpending+0x7b/0xa0 [ 16.313200] ? __pfx_kthread+0x10/0x10 [ 16.313222] ret_from_fork+0x116/0x1d0 [ 16.313242] ? __pfx_kthread+0x10/0x10 [ 16.313287] ret_from_fork_asm+0x1a/0x30 [ 16.313323] </TASK> [ 16.313336] [ 16.326474] The buggy address belongs to the physical page: [ 16.326854] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102994 [ 16.327366] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.327809] flags: 0x200000000000040(head|node=0|zone=2) [ 16.328211] page_type: f8(unknown) [ 16.328585] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.329104] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.329430] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.329922] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.330307] head: 0200000000000002 ffffea00040a6501 00000000ffffffff 00000000ffffffff [ 16.330829] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.331186] page dumped because: kasan: bad access detected [ 16.331604] [ 16.331811] Memory state around the buggy address: [ 16.332141] ffff888102995f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.332517] ffff888102996000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.332908] >ffff888102996080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.333308] ^ [ 16.333763] ffff888102996100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.334202] ffff888102996180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.334690] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 124.461635] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 54.610832] ================================================================== [ 54.611371] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 54.611371] [ 54.612041] Use-after-free read at 0x(____ptrval____) (in kfence-#167): [ 54.612731] test_krealloc+0x6fc/0xbe0 [ 54.613134] kunit_try_run_case+0x1a5/0x480 [ 54.613554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.614093] kthread+0x337/0x6f0 [ 54.614458] ret_from_fork+0x116/0x1d0 [ 54.614812] ret_from_fork_asm+0x1a/0x30 [ 54.615087] [ 54.615346] kfence-#167: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 54.615346] [ 54.616048] allocated by task 354 on cpu 1 at 54.609800s (0.006242s ago): [ 54.616469] test_alloc+0x364/0x10f0 [ 54.616970] test_krealloc+0xad/0xbe0 [ 54.617268] kunit_try_run_case+0x1a5/0x480 [ 54.617609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.618037] kthread+0x337/0x6f0 [ 54.618221] ret_from_fork+0x116/0x1d0 [ 54.618711] ret_from_fork_asm+0x1a/0x30 [ 54.619085] [ 54.619738] freed by task 354 on cpu 1 at 54.610347s (0.009384s ago): [ 54.620340] krealloc_noprof+0x108/0x340 [ 54.620751] test_krealloc+0x226/0xbe0 [ 54.621019] kunit_try_run_case+0x1a5/0x480 [ 54.621348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.621869] kthread+0x337/0x6f0 [ 54.622160] ret_from_fork+0x116/0x1d0 [ 54.622385] ret_from_fork_asm+0x1a/0x30 [ 54.622705] [ 54.623032] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 54.623744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.623994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.624394] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 54.510290] ================================================================== [ 54.510794] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 54.510794] [ 54.511179] Use-after-free read at 0x(____ptrval____) (in kfence-#166): [ 54.512307] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 54.512600] kunit_try_run_case+0x1a5/0x480 [ 54.513224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.513718] kthread+0x337/0x6f0 [ 54.514083] ret_from_fork+0x116/0x1d0 [ 54.514434] ret_from_fork_asm+0x1a/0x30 [ 54.514914] [ 54.515071] kfence-#166: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 54.515071] [ 54.515779] allocated by task 352 on cpu 1 at 54.505969s (0.009805s ago): [ 54.516085] test_alloc+0x2a6/0x10f0 [ 54.516403] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 54.516714] kunit_try_run_case+0x1a5/0x480 [ 54.517467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.517933] kthread+0x337/0x6f0 [ 54.518277] ret_from_fork+0x116/0x1d0 [ 54.518540] ret_from_fork_asm+0x1a/0x30 [ 54.518759] [ 54.518884] freed by task 352 on cpu 1 at 54.506414s (0.012465s ago): [ 54.519491] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 54.519913] kunit_try_run_case+0x1a5/0x480 [ 54.520131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.520571] kthread+0x337/0x6f0 [ 54.520934] ret_from_fork+0x116/0x1d0 [ 54.521273] ret_from_fork_asm+0x1a/0x30 [ 54.521481] [ 54.521745] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 54.522628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.522948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.523610] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 30.399251] ================================================================== [ 30.400104] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 30.400104] [ 30.400993] Invalid read at 0x(____ptrval____): [ 30.401608] test_invalid_access+0xf0/0x210 [ 30.402582] kunit_try_run_case+0x1a5/0x480 [ 30.403560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.404050] kthread+0x337/0x6f0 [ 30.404662] ret_from_fork+0x116/0x1d0 [ 30.404871] ret_from_fork_asm+0x1a/0x30 [ 30.405663] [ 30.405867] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 30.406820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.407274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.408101] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 30.170121] ================================================================== [ 30.170574] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 30.170574] [ 30.170959] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#161): [ 30.172115] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 30.172468] kunit_try_run_case+0x1a5/0x480 [ 30.172673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.173194] kthread+0x337/0x6f0 [ 30.173488] ret_from_fork+0x116/0x1d0 [ 30.173701] ret_from_fork_asm+0x1a/0x30 [ 30.174006] [ 30.174171] kfence-#161: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 30.174171] [ 30.174614] allocated by task 342 on cpu 0 at 30.169702s (0.004907s ago): [ 30.175180] test_alloc+0x364/0x10f0 [ 30.175473] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 30.175860] kunit_try_run_case+0x1a5/0x480 [ 30.176211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.176505] kthread+0x337/0x6f0 [ 30.176745] ret_from_fork+0x116/0x1d0 [ 30.177056] ret_from_fork_asm+0x1a/0x30 [ 30.177374] [ 30.177496] freed by task 342 on cpu 0 at 30.169936s (0.007555s ago): [ 30.177775] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 30.178004] kunit_try_run_case+0x1a5/0x480 [ 30.178446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.178887] kthread+0x337/0x6f0 [ 30.179328] ret_from_fork+0x116/0x1d0 [ 30.179668] ret_from_fork_asm+0x1a/0x30 [ 30.180019] [ 30.180265] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 30.181043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.181271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.181598] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 30.066375] ================================================================== [ 30.066918] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 30.066918] [ 30.067346] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#160): [ 30.067802] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 30.068183] kunit_try_run_case+0x1a5/0x480 [ 30.068424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.068639] kthread+0x337/0x6f0 [ 30.068832] ret_from_fork+0x116/0x1d0 [ 30.069001] ret_from_fork_asm+0x1a/0x30 [ 30.069178] [ 30.069294] kfence-#160: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 30.069294] [ 30.069641] allocated by task 340 on cpu 0 at 30.065743s (0.003893s ago): [ 30.070230] test_alloc+0x364/0x10f0 [ 30.070574] test_kmalloc_aligned_oob_read+0x105/0x560 [ 30.070830] kunit_try_run_case+0x1a5/0x480 [ 30.071032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.071248] kthread+0x337/0x6f0 [ 30.071418] ret_from_fork+0x116/0x1d0 [ 30.071583] ret_from_fork_asm+0x1a/0x30 [ 30.071923] [ 30.072164] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 30.073070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.073430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.074008] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 25.489912] ================================================================== [ 25.490373] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 25.490373] [ 25.490675] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#116): [ 25.491342] test_corruption+0x216/0x3e0 [ 25.491692] kunit_try_run_case+0x1a5/0x480 [ 25.492090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.492428] kthread+0x337/0x6f0 [ 25.492747] ret_from_fork+0x116/0x1d0 [ 25.493027] ret_from_fork_asm+0x1a/0x30 [ 25.493239] [ 25.493392] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.493392] [ 25.494118] allocated by task 330 on cpu 0 at 25.489687s (0.004425s ago): [ 25.494658] test_alloc+0x2a6/0x10f0 [ 25.494902] test_corruption+0x1cb/0x3e0 [ 25.495142] kunit_try_run_case+0x1a5/0x480 [ 25.495600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.496059] kthread+0x337/0x6f0 [ 25.496376] ret_from_fork+0x116/0x1d0 [ 25.496619] ret_from_fork_asm+0x1a/0x30 [ 25.497009] [ 25.497192] freed by task 330 on cpu 0 at 25.489777s (0.007409s ago): [ 25.497499] test_corruption+0x216/0x3e0 [ 25.497795] kunit_try_run_case+0x1a5/0x480 [ 25.498357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.499788] kthread+0x337/0x6f0 [ 25.500138] ret_from_fork+0x116/0x1d0 [ 25.500369] ret_from_fork_asm+0x1a/0x30 [ 25.500493] [ 25.500592] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 25.501481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.501829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.502295] ================================================================== [ 24.866032] ================================================================== [ 24.866544] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 24.866544] [ 24.866858] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#110): [ 24.868303] test_corruption+0x2d2/0x3e0 [ 24.868555] kunit_try_run_case+0x1a5/0x480 [ 24.869058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.869346] kthread+0x337/0x6f0 [ 24.869602] ret_from_fork+0x116/0x1d0 [ 24.870038] ret_from_fork_asm+0x1a/0x30 [ 24.870367] [ 24.870488] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.870488] [ 24.871160] allocated by task 328 on cpu 1 at 24.865644s (0.005510s ago): [ 24.871477] test_alloc+0x364/0x10f0 [ 24.871769] test_corruption+0xe6/0x3e0 [ 24.872116] kunit_try_run_case+0x1a5/0x480 [ 24.872499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.873011] kthread+0x337/0x6f0 [ 24.873298] ret_from_fork+0x116/0x1d0 [ 24.873512] ret_from_fork_asm+0x1a/0x30 [ 24.873710] [ 24.873829] freed by task 328 on cpu 1 at 24.865783s (0.008041s ago): [ 24.874357] test_corruption+0x2d2/0x3e0 [ 24.874856] kunit_try_run_case+0x1a5/0x480 [ 24.875234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.875477] kthread+0x337/0x6f0 [ 24.875777] ret_from_fork+0x116/0x1d0 [ 24.876117] ret_from_fork_asm+0x1a/0x30 [ 24.876398] [ 24.876571] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 24.877598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.877858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.878307] ================================================================== [ 24.970083] ================================================================== [ 24.970523] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 24.970523] [ 24.970807] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#111): [ 24.971358] test_corruption+0x2df/0x3e0 [ 24.971717] kunit_try_run_case+0x1a5/0x480 [ 24.972025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.972254] kthread+0x337/0x6f0 [ 24.972548] ret_from_fork+0x116/0x1d0 [ 24.972962] ret_from_fork_asm+0x1a/0x30 [ 24.973168] [ 24.973306] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.973306] [ 24.973878] allocated by task 328 on cpu 1 at 24.969698s (0.004174s ago): [ 24.974444] test_alloc+0x364/0x10f0 [ 24.974646] test_corruption+0x1cb/0x3e0 [ 24.974844] kunit_try_run_case+0x1a5/0x480 [ 24.975384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.975774] kthread+0x337/0x6f0 [ 24.976120] ret_from_fork+0x116/0x1d0 [ 24.976458] ret_from_fork_asm+0x1a/0x30 [ 24.976837] [ 24.976970] freed by task 328 on cpu 1 at 24.969832s (0.007133s ago): [ 24.977312] test_corruption+0x2df/0x3e0 [ 24.977580] kunit_try_run_case+0x1a5/0x480 [ 24.978057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.978451] kthread+0x337/0x6f0 [ 24.978689] ret_from_fork+0x116/0x1d0 [ 24.978935] ret_from_fork_asm+0x1a/0x30 [ 24.979150] [ 24.979336] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 24.979850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.980211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.980982] ================================================================== [ 25.177840] ================================================================== [ 25.178420] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 25.178420] [ 25.178710] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#113): [ 25.179568] test_corruption+0x131/0x3e0 [ 25.179942] kunit_try_run_case+0x1a5/0x480 [ 25.180386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.180673] kthread+0x337/0x6f0 [ 25.181238] ret_from_fork+0x116/0x1d0 [ 25.181627] ret_from_fork_asm+0x1a/0x30 [ 25.181991] [ 25.182111] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.182111] [ 25.182691] allocated by task 330 on cpu 0 at 25.177641s (0.005043s ago): [ 25.183250] test_alloc+0x2a6/0x10f0 [ 25.183614] test_corruption+0xe6/0x3e0 [ 25.184617] kunit_try_run_case+0x1a5/0x480 [ 25.185002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.185212] kthread+0x337/0x6f0 [ 25.185538] ret_from_fork+0x116/0x1d0 [ 25.186076] ret_from_fork_asm+0x1a/0x30 [ 25.186411] [ 25.186591] freed by task 330 on cpu 0 at 25.177723s (0.008863s ago): [ 25.187049] test_corruption+0x131/0x3e0 [ 25.187286] kunit_try_run_case+0x1a5/0x480 [ 25.187653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.187937] kthread+0x337/0x6f0 [ 25.188296] ret_from_fork+0x116/0x1d0 [ 25.188537] ret_from_fork_asm+0x1a/0x30 [ 25.188809] [ 25.189505] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 25.190289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.190563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.191321] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 24.450584] ================================================================== [ 24.451030] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 24.451030] [ 24.451336] Invalid free of 0x(____ptrval____) (in kfence-#106): [ 24.451835] test_invalid_addr_free+0x1e1/0x260 [ 24.452234] kunit_try_run_case+0x1a5/0x480 [ 24.452548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.452752] kthread+0x337/0x6f0 [ 24.452938] ret_from_fork+0x116/0x1d0 [ 24.453132] ret_from_fork_asm+0x1a/0x30 [ 24.453387] [ 24.453498] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.453498] [ 24.454208] allocated by task 324 on cpu 0 at 24.450333s (0.003868s ago): [ 24.454518] test_alloc+0x364/0x10f0 [ 24.454724] test_invalid_addr_free+0xdb/0x260 [ 24.455086] kunit_try_run_case+0x1a5/0x480 [ 24.455460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.455976] kthread+0x337/0x6f0 [ 24.456279] ret_from_fork+0x116/0x1d0 [ 24.456475] ret_from_fork_asm+0x1a/0x30 [ 24.456669] [ 24.456830] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 24.457513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.457848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.458586] ================================================================== [ 24.553879] ================================================================== [ 24.554360] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 24.554360] [ 24.554710] Invalid free of 0x(____ptrval____) (in kfence-#107): [ 24.555293] test_invalid_addr_free+0xfb/0x260 [ 24.555523] kunit_try_run_case+0x1a5/0x480 [ 24.555705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.556118] kthread+0x337/0x6f0 [ 24.556491] ret_from_fork+0x116/0x1d0 [ 24.556852] ret_from_fork_asm+0x1a/0x30 [ 24.557058] [ 24.557180] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.557180] [ 24.557665] allocated by task 326 on cpu 1 at 24.553689s (0.003969s ago): [ 24.558303] test_alloc+0x2a6/0x10f0 [ 24.558568] test_invalid_addr_free+0xdb/0x260 [ 24.559006] kunit_try_run_case+0x1a5/0x480 [ 24.559215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.559463] kthread+0x337/0x6f0 [ 24.559640] ret_from_fork+0x116/0x1d0 [ 24.559971] ret_from_fork_asm+0x1a/0x30 [ 24.560375] [ 24.560655] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 24.561454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.561808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.562253] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 24.242107] ================================================================== [ 24.242619] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 24.242619] [ 24.243304] Invalid free of 0x(____ptrval____) (in kfence-#104): [ 24.244309] test_double_free+0x1d3/0x260 [ 24.244551] kunit_try_run_case+0x1a5/0x480 [ 24.245181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.245406] kthread+0x337/0x6f0 [ 24.245976] ret_from_fork+0x116/0x1d0 [ 24.246148] ret_from_fork_asm+0x1a/0x30 [ 24.246797] [ 24.246924] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.246924] [ 24.247451] allocated by task 320 on cpu 0 at 24.241703s (0.005741s ago): [ 24.248139] test_alloc+0x364/0x10f0 [ 24.248384] test_double_free+0xdb/0x260 [ 24.248534] kunit_try_run_case+0x1a5/0x480 [ 24.248645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.249140] kthread+0x337/0x6f0 [ 24.249655] ret_from_fork+0x116/0x1d0 [ 24.250057] ret_from_fork_asm+0x1a/0x30 [ 24.250475] [ 24.250700] freed by task 320 on cpu 0 at 24.241798s (0.008897s ago): [ 24.251121] test_double_free+0x1e0/0x260 [ 24.251502] kunit_try_run_case+0x1a5/0x480 [ 24.251692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.252143] kthread+0x337/0x6f0 [ 24.252582] ret_from_fork+0x116/0x1d0 [ 24.252969] ret_from_fork_asm+0x1a/0x30 [ 24.253465] [ 24.253674] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 24.254407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.254679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.255237] ================================================================== [ 24.345932] ================================================================== [ 24.346382] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 24.346382] [ 24.346651] Invalid free of 0x(____ptrval____) (in kfence-#105): [ 24.346957] test_double_free+0x112/0x260 [ 24.347315] kunit_try_run_case+0x1a5/0x480 [ 24.347637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.347837] kthread+0x337/0x6f0 [ 24.348193] ret_from_fork+0x116/0x1d0 [ 24.348516] ret_from_fork_asm+0x1a/0x30 [ 24.348926] [ 24.349080] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.349080] [ 24.349550] allocated by task 322 on cpu 1 at 24.345656s (0.003887s ago): [ 24.349845] test_alloc+0x2a6/0x10f0 [ 24.350164] test_double_free+0xdb/0x260 [ 24.350611] kunit_try_run_case+0x1a5/0x480 [ 24.350997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.351350] kthread+0x337/0x6f0 [ 24.351632] ret_from_fork+0x116/0x1d0 [ 24.351919] ret_from_fork_asm+0x1a/0x30 [ 24.352125] [ 24.352246] freed by task 322 on cpu 1 at 24.345753s (0.006488s ago): [ 24.352783] test_double_free+0xfa/0x260 [ 24.353125] kunit_try_run_case+0x1a5/0x480 [ 24.353488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.353805] kthread+0x337/0x6f0 [ 24.353983] ret_from_fork+0x116/0x1d0 [ 24.354170] ret_from_fork_asm+0x1a/0x30 [ 24.354378] [ 24.354565] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 24.355702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.356132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.356706] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.825979] ================================================================== [ 23.826500] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 23.826500] [ 23.826977] Use-after-free read at 0x(____ptrval____) (in kfence-#100): [ 23.827543] test_use_after_free_read+0x129/0x270 [ 23.827900] kunit_try_run_case+0x1a5/0x480 [ 23.828155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.828543] kthread+0x337/0x6f0 [ 23.828799] ret_from_fork+0x116/0x1d0 [ 23.829027] ret_from_fork_asm+0x1a/0x30 [ 23.829399] [ 23.829586] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 23.829586] [ 23.830171] allocated by task 312 on cpu 1 at 23.825656s (0.004510s ago): [ 23.830492] test_alloc+0x364/0x10f0 [ 23.831102] test_use_after_free_read+0xdc/0x270 [ 23.831569] kunit_try_run_case+0x1a5/0x480 [ 23.832049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.832532] kthread+0x337/0x6f0 [ 23.832927] ret_from_fork+0x116/0x1d0 [ 23.833161] ret_from_fork_asm+0x1a/0x30 [ 23.833510] [ 23.833990] freed by task 312 on cpu 1 at 23.825749s (0.008065s ago): [ 23.834583] test_use_after_free_read+0x1e7/0x270 [ 23.835063] kunit_try_run_case+0x1a5/0x480 [ 23.835460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.835921] kthread+0x337/0x6f0 [ 23.836109] ret_from_fork+0x116/0x1d0 [ 23.836310] ret_from_fork_asm+0x1a/0x30 [ 23.836716] [ 23.836978] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 23.837914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.838118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.838714] ================================================================== [ 23.929929] ================================================================== [ 23.930366] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 23.930366] [ 23.930732] Use-after-free read at 0x(____ptrval____) (in kfence-#101): [ 23.931281] test_use_after_free_read+0x129/0x270 [ 23.931495] kunit_try_run_case+0x1a5/0x480 [ 23.931688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.932102] kthread+0x337/0x6f0 [ 23.932427] ret_from_fork+0x116/0x1d0 [ 23.932765] ret_from_fork_asm+0x1a/0x30 [ 23.932975] [ 23.933100] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.933100] [ 23.933537] allocated by task 314 on cpu 0 at 23.929689s (0.003841s ago): [ 23.934077] test_alloc+0x2a6/0x10f0 [ 23.934505] test_use_after_free_read+0xdc/0x270 [ 23.934971] kunit_try_run_case+0x1a5/0x480 [ 23.935212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.935518] kthread+0x337/0x6f0 [ 23.935702] ret_from_fork+0x116/0x1d0 [ 23.936000] ret_from_fork_asm+0x1a/0x30 [ 23.936351] [ 23.936541] freed by task 314 on cpu 0 at 23.929784s (0.006751s ago): [ 23.937127] test_use_after_free_read+0xfb/0x270 [ 23.937450] kunit_try_run_case+0x1a5/0x480 [ 23.937901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.938204] kthread+0x337/0x6f0 [ 23.938397] ret_from_fork+0x116/0x1d0 [ 23.938591] ret_from_fork_asm+0x1a/0x30 [ 23.939056] [ 23.939292] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 23.940321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.940530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.941052] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.305850] ================================================================== [ 23.306361] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 23.306361] [ 23.306769] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#95): [ 23.307394] test_out_of_bounds_write+0x10d/0x260 [ 23.307660] kunit_try_run_case+0x1a5/0x480 [ 23.307973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.308470] kthread+0x337/0x6f0 [ 23.308665] ret_from_fork+0x116/0x1d0 [ 23.309125] ret_from_fork_asm+0x1a/0x30 [ 23.309566] [ 23.309790] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 23.309790] [ 23.310242] allocated by task 308 on cpu 0 at 23.305656s (0.004580s ago): [ 23.310965] test_alloc+0x364/0x10f0 [ 23.311180] test_out_of_bounds_write+0xd4/0x260 [ 23.311582] kunit_try_run_case+0x1a5/0x480 [ 23.311935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.312324] kthread+0x337/0x6f0 [ 23.312696] ret_from_fork+0x116/0x1d0 [ 23.312912] ret_from_fork_asm+0x1a/0x30 [ 23.313117] [ 23.313300] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 23.314482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.314905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.315231] ================================================================== [ 23.721742] ================================================================== [ 23.722369] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 23.722369] [ 23.723065] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#99): [ 23.723473] test_out_of_bounds_write+0x10d/0x260 [ 23.723756] kunit_try_run_case+0x1a5/0x480 [ 23.723963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.724537] kthread+0x337/0x6f0 [ 23.725076] ret_from_fork+0x116/0x1d0 [ 23.725286] ret_from_fork_asm+0x1a/0x30 [ 23.725651] [ 23.726322] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.726322] [ 23.727045] allocated by task 310 on cpu 1 at 23.721634s (0.005404s ago): [ 23.727403] test_alloc+0x2a6/0x10f0 [ 23.727807] test_out_of_bounds_write+0xd4/0x260 [ 23.728172] kunit_try_run_case+0x1a5/0x480 [ 23.728670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.729153] kthread+0x337/0x6f0 [ 23.729411] ret_from_fork+0x116/0x1d0 [ 23.729691] ret_from_fork_asm+0x1a/0x30 [ 23.730067] [ 23.730360] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 23.731185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.731506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.732133] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.681928] ================================================================== [ 22.682369] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 22.682369] [ 22.682765] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#89): [ 22.683417] test_out_of_bounds_read+0x216/0x4e0 [ 22.683852] kunit_try_run_case+0x1a5/0x480 [ 22.684119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.684341] kthread+0x337/0x6f0 [ 22.684676] ret_from_fork+0x116/0x1d0 [ 22.685061] ret_from_fork_asm+0x1a/0x30 [ 22.685349] [ 22.685469] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.685469] [ 22.685801] allocated by task 304 on cpu 0 at 22.681645s (0.004151s ago): [ 22.686369] test_alloc+0x364/0x10f0 [ 22.686764] test_out_of_bounds_read+0x1e2/0x4e0 [ 22.687142] kunit_try_run_case+0x1a5/0x480 [ 22.687528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.687859] kthread+0x337/0x6f0 [ 22.688071] ret_from_fork+0x116/0x1d0 [ 22.688326] ret_from_fork_asm+0x1a/0x30 [ 22.688530] [ 22.688697] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.689692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.689872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.690197] ================================================================== [ 22.475080] ================================================================== [ 22.475630] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 22.475630] [ 22.475988] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#87): [ 22.476334] test_out_of_bounds_read+0x126/0x4e0 [ 22.476466] kunit_try_run_case+0x1a5/0x480 [ 22.476578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.477176] kthread+0x337/0x6f0 [ 22.477506] ret_from_fork+0x116/0x1d0 [ 22.477846] ret_from_fork_asm+0x1a/0x30 [ 22.478222] [ 22.478745] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.478745] [ 22.479901] allocated by task 304 on cpu 0 at 22.473665s (0.006099s ago): [ 22.480985] test_alloc+0x364/0x10f0 [ 22.481372] test_out_of_bounds_read+0xed/0x4e0 [ 22.481836] kunit_try_run_case+0x1a5/0x480 [ 22.482144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.482392] kthread+0x337/0x6f0 [ 22.482576] ret_from_fork+0x116/0x1d0 [ 22.482976] ret_from_fork_asm+0x1a/0x30 [ 22.483631] [ 22.484066] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.485044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.485288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.485907] ================================================================== [ 22.993762] ================================================================== [ 22.994270] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 22.994270] [ 22.994624] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#92): [ 22.995189] test_out_of_bounds_read+0x216/0x4e0 [ 22.995557] kunit_try_run_case+0x1a5/0x480 [ 22.996087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.996407] kthread+0x337/0x6f0 [ 22.996613] ret_from_fork+0x116/0x1d0 [ 22.996948] ret_from_fork_asm+0x1a/0x30 [ 22.997278] [ 22.997456] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.997456] [ 22.998048] allocated by task 306 on cpu 1 at 22.993655s (0.004388s ago): [ 22.998556] test_alloc+0x2a6/0x10f0 [ 22.998866] test_out_of_bounds_read+0x1e2/0x4e0 [ 22.999295] kunit_try_run_case+0x1a5/0x480 [ 22.999541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.000066] kthread+0x337/0x6f0 [ 23.000367] ret_from_fork+0x116/0x1d0 [ 23.000633] ret_from_fork_asm+0x1a/0x30 [ 23.000882] [ 23.001051] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 23.002024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.002384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.002896] ================================================================== [ 22.785810] ================================================================== [ 22.786411] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 22.786411] [ 22.787182] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#90): [ 22.787559] test_out_of_bounds_read+0x126/0x4e0 [ 22.787776] kunit_try_run_case+0x1a5/0x480 [ 22.788114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.788588] kthread+0x337/0x6f0 [ 22.788977] ret_from_fork+0x116/0x1d0 [ 22.789199] ret_from_fork_asm+0x1a/0x30 [ 22.789499] [ 22.789679] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 22.789679] [ 22.790348] allocated by task 306 on cpu 1 at 22.785706s (0.004635s ago): [ 22.790839] test_alloc+0x2a6/0x10f0 [ 22.791202] test_out_of_bounds_read+0xed/0x4e0 [ 22.791435] kunit_try_run_case+0x1a5/0x480 [ 22.791647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.792080] kthread+0x337/0x6f0 [ 22.792405] ret_from_fork+0x116/0x1d0 [ 22.792616] ret_from_fork_asm+0x1a/0x30 [ 22.792971] [ 22.793230] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.793731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.793927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.794933] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 22.125181] ================================================================== [ 22.125835] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 22.127600] Write of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 22.128227] [ 22.128774] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.129181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.129223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.129282] Call Trace: [ 22.129320] <TASK> [ 22.129355] dump_stack_lvl+0x73/0xb0 [ 22.129414] print_report+0xd1/0x650 [ 22.129453] ? __virt_addr_valid+0x1db/0x2d0 [ 22.129491] ? strncpy_from_user+0x2e/0x1d0 [ 22.129532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.129572] ? strncpy_from_user+0x2e/0x1d0 [ 22.129617] kasan_report+0x141/0x180 [ 22.129731] ? strncpy_from_user+0x2e/0x1d0 [ 22.129817] kasan_check_range+0x10c/0x1c0 [ 22.129879] __kasan_check_write+0x18/0x20 [ 22.129920] strncpy_from_user+0x2e/0x1d0 [ 22.129957] ? __kasan_check_read+0x15/0x20 [ 22.129981] copy_user_test_oob+0x760/0x10f0 [ 22.130010] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.130037] ? finish_task_switch.isra.0+0x153/0x700 [ 22.130063] ? __switch_to+0x47/0xf50 [ 22.130093] ? __schedule+0x10cc/0x2b60 [ 22.130118] ? __pfx_read_tsc+0x10/0x10 [ 22.130144] ? ktime_get_ts64+0x86/0x230 [ 22.130171] kunit_try_run_case+0x1a5/0x480 [ 22.130200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.130226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.130252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.130304] ? __kthread_parkme+0x82/0x180 [ 22.130328] ? preempt_count_sub+0x50/0x80 [ 22.130352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.130379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.130405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.130430] kthread+0x337/0x6f0 [ 22.130453] ? trace_preempt_on+0x20/0xc0 [ 22.130479] ? __pfx_kthread+0x10/0x10 [ 22.130502] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.130525] ? calculate_sigpending+0x7b/0xa0 [ 22.130553] ? __pfx_kthread+0x10/0x10 [ 22.130577] ret_from_fork+0x116/0x1d0 [ 22.130598] ? __pfx_kthread+0x10/0x10 [ 22.130622] ret_from_fork_asm+0x1a/0x30 [ 22.130660] </TASK> [ 22.130685] [ 22.143566] Allocated by task 302: [ 22.144014] kasan_save_stack+0x45/0x70 [ 22.144445] kasan_save_track+0x18/0x40 [ 22.144850] kasan_save_alloc_info+0x3b/0x50 [ 22.145281] __kasan_kmalloc+0xb7/0xc0 [ 22.145682] __kmalloc_noprof+0x1c9/0x500 [ 22.146084] kunit_kmalloc_array+0x25/0x60 [ 22.146304] copy_user_test_oob+0xab/0x10f0 [ 22.146599] kunit_try_run_case+0x1a5/0x480 [ 22.146890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.147224] kthread+0x337/0x6f0 [ 22.147433] ret_from_fork+0x116/0x1d0 [ 22.147706] ret_from_fork_asm+0x1a/0x30 [ 22.148004] [ 22.148158] The buggy address belongs to the object at ffff88810232e100 [ 22.148158] which belongs to the cache kmalloc-128 of size 128 [ 22.148792] The buggy address is located 0 bytes inside of [ 22.148792] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 22.149395] [ 22.149582] The buggy address belongs to the physical page: [ 22.150041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 22.150610] flags: 0x200000000000000(node=0|zone=2) [ 22.150899] page_type: f5(slab) [ 22.151108] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.151407] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.151977] page dumped because: kasan: bad access detected [ 22.152384] [ 22.152557] Memory state around the buggy address: [ 22.152952] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.153488] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.153908] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.154176] ^ [ 22.154721] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.155255] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.155621] ================================================================== [ 22.156940] ================================================================== [ 22.158363] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 22.158975] Write of size 1 at addr ffff88810232e178 by task kunit_try_catch/302 [ 22.159542] [ 22.159759] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.159863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.159892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.159940] Call Trace: [ 22.159985] <TASK> [ 22.160028] dump_stack_lvl+0x73/0xb0 [ 22.160092] print_report+0xd1/0x650 [ 22.160143] ? __virt_addr_valid+0x1db/0x2d0 [ 22.160192] ? strncpy_from_user+0x1a5/0x1d0 [ 22.160235] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.160295] ? strncpy_from_user+0x1a5/0x1d0 [ 22.160346] kasan_report+0x141/0x180 [ 22.160395] ? strncpy_from_user+0x1a5/0x1d0 [ 22.160435] __asan_report_store1_noabort+0x1b/0x30 [ 22.160473] strncpy_from_user+0x1a5/0x1d0 [ 22.160517] copy_user_test_oob+0x760/0x10f0 [ 22.160572] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.160620] ? finish_task_switch.isra.0+0x153/0x700 [ 22.160706] ? __switch_to+0x47/0xf50 [ 22.160758] ? __schedule+0x10cc/0x2b60 [ 22.160801] ? __pfx_read_tsc+0x10/0x10 [ 22.160840] ? ktime_get_ts64+0x86/0x230 [ 22.160890] kunit_try_run_case+0x1a5/0x480 [ 22.160947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.161000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.161048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.161077] ? __kthread_parkme+0x82/0x180 [ 22.161102] ? preempt_count_sub+0x50/0x80 [ 22.161128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.161155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.161182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.161207] kthread+0x337/0x6f0 [ 22.161229] ? trace_preempt_on+0x20/0xc0 [ 22.161275] ? __pfx_kthread+0x10/0x10 [ 22.161305] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.161328] ? calculate_sigpending+0x7b/0xa0 [ 22.161356] ? __pfx_kthread+0x10/0x10 [ 22.161380] ret_from_fork+0x116/0x1d0 [ 22.161401] ? __pfx_kthread+0x10/0x10 [ 22.161425] ret_from_fork_asm+0x1a/0x30 [ 22.161459] </TASK> [ 22.161474] [ 22.170950] Allocated by task 302: [ 22.171169] kasan_save_stack+0x45/0x70 [ 22.171398] kasan_save_track+0x18/0x40 [ 22.171752] kasan_save_alloc_info+0x3b/0x50 [ 22.172095] __kasan_kmalloc+0xb7/0xc0 [ 22.172435] __kmalloc_noprof+0x1c9/0x500 [ 22.173502] kunit_kmalloc_array+0x25/0x60 [ 22.173800] copy_user_test_oob+0xab/0x10f0 [ 22.174011] kunit_try_run_case+0x1a5/0x480 [ 22.174338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.174578] kthread+0x337/0x6f0 [ 22.174757] ret_from_fork+0x116/0x1d0 [ 22.174949] ret_from_fork_asm+0x1a/0x30 [ 22.175153] [ 22.176489] The buggy address belongs to the object at ffff88810232e100 [ 22.176489] which belongs to the cache kmalloc-128 of size 128 [ 22.177554] The buggy address is located 0 bytes to the right of [ 22.177554] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 22.178497] [ 22.178833] The buggy address belongs to the physical page: [ 22.179290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 22.179869] flags: 0x200000000000000(node=0|zone=2) [ 22.180218] page_type: f5(slab) [ 22.180523] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.180937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.181315] page dumped because: kasan: bad access detected [ 22.181784] [ 22.182103] Memory state around the buggy address: [ 22.182584] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.182956] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.183533] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.184237] ^ [ 22.184646] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.185188] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.185560] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 22.008713] ================================================================== [ 22.009161] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 22.009519] Write of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 22.010036] [ 22.010275] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.010383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.010413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.010462] Call Trace: [ 22.010495] <TASK> [ 22.010536] dump_stack_lvl+0x73/0xb0 [ 22.010600] print_report+0xd1/0x650 [ 22.010650] ? __virt_addr_valid+0x1db/0x2d0 [ 22.010699] ? copy_user_test_oob+0x3fd/0x10f0 [ 22.010754] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.010807] ? copy_user_test_oob+0x3fd/0x10f0 [ 22.010878] kasan_report+0x141/0x180 [ 22.010925] ? copy_user_test_oob+0x3fd/0x10f0 [ 22.010983] kasan_check_range+0x10c/0x1c0 [ 22.011047] __kasan_check_write+0x18/0x20 [ 22.011092] copy_user_test_oob+0x3fd/0x10f0 [ 22.011144] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.011187] ? finish_task_switch.isra.0+0x153/0x700 [ 22.011232] ? __switch_to+0x47/0xf50 [ 22.011297] ? __schedule+0x10cc/0x2b60 [ 22.011349] ? __pfx_read_tsc+0x10/0x10 [ 22.011396] ? ktime_get_ts64+0x86/0x230 [ 22.011449] kunit_try_run_case+0x1a5/0x480 [ 22.011489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.011517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.011545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.011569] ? __kthread_parkme+0x82/0x180 [ 22.011593] ? preempt_count_sub+0x50/0x80 [ 22.011619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.011646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.011683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.011736] kthread+0x337/0x6f0 [ 22.011760] ? trace_preempt_on+0x20/0xc0 [ 22.011789] ? __pfx_kthread+0x10/0x10 [ 22.011812] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.011835] ? calculate_sigpending+0x7b/0xa0 [ 22.011864] ? __pfx_kthread+0x10/0x10 [ 22.011887] ret_from_fork+0x116/0x1d0 [ 22.011909] ? __pfx_kthread+0x10/0x10 [ 22.011932] ret_from_fork_asm+0x1a/0x30 [ 22.011966] </TASK> [ 22.011980] [ 22.021766] Allocated by task 302: [ 22.021979] kasan_save_stack+0x45/0x70 [ 22.022199] kasan_save_track+0x18/0x40 [ 22.022404] kasan_save_alloc_info+0x3b/0x50 [ 22.022731] __kasan_kmalloc+0xb7/0xc0 [ 22.023047] __kmalloc_noprof+0x1c9/0x500 [ 22.023432] kunit_kmalloc_array+0x25/0x60 [ 22.023946] copy_user_test_oob+0xab/0x10f0 [ 22.024333] kunit_try_run_case+0x1a5/0x480 [ 22.024576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.025146] kthread+0x337/0x6f0 [ 22.025373] ret_from_fork+0x116/0x1d0 [ 22.025570] ret_from_fork_asm+0x1a/0x30 [ 22.025980] [ 22.026153] The buggy address belongs to the object at ffff88810232e100 [ 22.026153] which belongs to the cache kmalloc-128 of size 128 [ 22.027078] The buggy address is located 0 bytes inside of [ 22.027078] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 22.027536] [ 22.027668] The buggy address belongs to the physical page: [ 22.028099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 22.028821] flags: 0x200000000000000(node=0|zone=2) [ 22.029074] page_type: f5(slab) [ 22.029283] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.029636] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.030295] page dumped because: kasan: bad access detected [ 22.030709] [ 22.030886] Memory state around the buggy address: [ 22.031197] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.031483] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.032001] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.032507] ^ [ 22.032890] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.033286] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.033799] ================================================================== [ 22.068552] ================================================================== [ 22.068992] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 22.069755] Write of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 22.070611] [ 22.070924] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.071048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.071080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.071160] Call Trace: [ 22.071204] <TASK> [ 22.071273] dump_stack_lvl+0x73/0xb0 [ 22.071342] print_report+0xd1/0x650 [ 22.071375] ? __virt_addr_valid+0x1db/0x2d0 [ 22.071403] ? copy_user_test_oob+0x557/0x10f0 [ 22.071430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.071456] ? copy_user_test_oob+0x557/0x10f0 [ 22.071483] kasan_report+0x141/0x180 [ 22.071508] ? copy_user_test_oob+0x557/0x10f0 [ 22.071539] kasan_check_range+0x10c/0x1c0 [ 22.071566] __kasan_check_write+0x18/0x20 [ 22.071588] copy_user_test_oob+0x557/0x10f0 [ 22.071617] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.071644] ? finish_task_switch.isra.0+0x153/0x700 [ 22.071728] ? __switch_to+0x47/0xf50 [ 22.071760] ? __schedule+0x10cc/0x2b60 [ 22.071785] ? __pfx_read_tsc+0x10/0x10 [ 22.071809] ? ktime_get_ts64+0x86/0x230 [ 22.071836] kunit_try_run_case+0x1a5/0x480 [ 22.071866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.071891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.071917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.071942] ? __kthread_parkme+0x82/0x180 [ 22.071966] ? preempt_count_sub+0x50/0x80 [ 22.071991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.072020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.072045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.072072] kthread+0x337/0x6f0 [ 22.072095] ? trace_preempt_on+0x20/0xc0 [ 22.072123] ? __pfx_kthread+0x10/0x10 [ 22.072146] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.072169] ? calculate_sigpending+0x7b/0xa0 [ 22.072196] ? __pfx_kthread+0x10/0x10 [ 22.072220] ret_from_fork+0x116/0x1d0 [ 22.072241] ? __pfx_kthread+0x10/0x10 [ 22.072282] ret_from_fork_asm+0x1a/0x30 [ 22.072319] </TASK> [ 22.072333] [ 22.083990] Allocated by task 302: [ 22.084360] kasan_save_stack+0x45/0x70 [ 22.084778] kasan_save_track+0x18/0x40 [ 22.085106] kasan_save_alloc_info+0x3b/0x50 [ 22.085345] __kasan_kmalloc+0xb7/0xc0 [ 22.085643] __kmalloc_noprof+0x1c9/0x500 [ 22.085913] kunit_kmalloc_array+0x25/0x60 [ 22.086167] copy_user_test_oob+0xab/0x10f0 [ 22.086491] kunit_try_run_case+0x1a5/0x480 [ 22.086903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.087156] kthread+0x337/0x6f0 [ 22.087450] ret_from_fork+0x116/0x1d0 [ 22.087741] ret_from_fork_asm+0x1a/0x30 [ 22.087993] [ 22.088173] The buggy address belongs to the object at ffff88810232e100 [ 22.088173] which belongs to the cache kmalloc-128 of size 128 [ 22.088634] The buggy address is located 0 bytes inside of [ 22.088634] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 22.089093] [ 22.089222] The buggy address belongs to the physical page: [ 22.089619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 22.090194] flags: 0x200000000000000(node=0|zone=2) [ 22.090618] page_type: f5(slab) [ 22.090957] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.091542] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.092101] page dumped because: kasan: bad access detected [ 22.092406] [ 22.092572] Memory state around the buggy address: [ 22.092901] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.093189] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.093478] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.093996] ^ [ 22.094514] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.095079] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.095476] ================================================================== [ 22.096466] ================================================================== [ 22.097100] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 22.098027] Read of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 22.098474] [ 22.098709] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.098827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.098860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.098910] Call Trace: [ 22.098951] <TASK> [ 22.099004] dump_stack_lvl+0x73/0xb0 [ 22.099077] print_report+0xd1/0x650 [ 22.099134] ? __virt_addr_valid+0x1db/0x2d0 [ 22.099182] ? copy_user_test_oob+0x604/0x10f0 [ 22.099230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.099289] ? copy_user_test_oob+0x604/0x10f0 [ 22.099338] kasan_report+0x141/0x180 [ 22.099380] ? copy_user_test_oob+0x604/0x10f0 [ 22.099437] kasan_check_range+0x10c/0x1c0 [ 22.099488] __kasan_check_read+0x15/0x20 [ 22.099534] copy_user_test_oob+0x604/0x10f0 [ 22.099590] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.099638] ? finish_task_switch.isra.0+0x153/0x700 [ 22.099724] ? __switch_to+0x47/0xf50 [ 22.099785] ? __schedule+0x10cc/0x2b60 [ 22.099833] ? __pfx_read_tsc+0x10/0x10 [ 22.099872] ? ktime_get_ts64+0x86/0x230 [ 22.099925] kunit_try_run_case+0x1a5/0x480 [ 22.099973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.100017] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.100058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.100107] ? __kthread_parkme+0x82/0x180 [ 22.100152] ? preempt_count_sub+0x50/0x80 [ 22.100197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.100243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.100306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.100358] kthread+0x337/0x6f0 [ 22.100401] ? trace_preempt_on+0x20/0xc0 [ 22.100455] ? __pfx_kthread+0x10/0x10 [ 22.100502] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.100551] ? calculate_sigpending+0x7b/0xa0 [ 22.100606] ? __pfx_kthread+0x10/0x10 [ 22.100688] ret_from_fork+0x116/0x1d0 [ 22.100740] ? __pfx_kthread+0x10/0x10 [ 22.100789] ret_from_fork_asm+0x1a/0x30 [ 22.100861] </TASK> [ 22.100890] [ 22.110249] Allocated by task 302: [ 22.110594] kasan_save_stack+0x45/0x70 [ 22.111011] kasan_save_track+0x18/0x40 [ 22.111385] kasan_save_alloc_info+0x3b/0x50 [ 22.111795] __kasan_kmalloc+0xb7/0xc0 [ 22.112160] __kmalloc_noprof+0x1c9/0x500 [ 22.112542] kunit_kmalloc_array+0x25/0x60 [ 22.112925] copy_user_test_oob+0xab/0x10f0 [ 22.113310] kunit_try_run_case+0x1a5/0x480 [ 22.113722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.114165] kthread+0x337/0x6f0 [ 22.114484] ret_from_fork+0x116/0x1d0 [ 22.114777] ret_from_fork_asm+0x1a/0x30 [ 22.114984] [ 22.115127] The buggy address belongs to the object at ffff88810232e100 [ 22.115127] which belongs to the cache kmalloc-128 of size 128 [ 22.115999] The buggy address is located 0 bytes inside of [ 22.115999] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 22.116832] [ 22.117018] The buggy address belongs to the physical page: [ 22.117245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 22.117566] flags: 0x200000000000000(node=0|zone=2) [ 22.117832] page_type: f5(slab) [ 22.118024] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.118623] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.119245] page dumped because: kasan: bad access detected [ 22.119736] [ 22.119926] Memory state around the buggy address: [ 22.120326] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.120720] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.121000] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.122343] ^ [ 22.122970] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.123541] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.124038] ================================================================== [ 22.036823] ================================================================== [ 22.037845] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 22.039557] Read of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 22.039859] [ 22.040023] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 22.040122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.040148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.040195] Call Trace: [ 22.040236] <TASK> [ 22.040293] dump_stack_lvl+0x73/0xb0 [ 22.040372] print_report+0xd1/0x650 [ 22.040428] ? __virt_addr_valid+0x1db/0x2d0 [ 22.040474] ? copy_user_test_oob+0x4aa/0x10f0 [ 22.040520] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.040568] ? copy_user_test_oob+0x4aa/0x10f0 [ 22.040612] kasan_report+0x141/0x180 [ 22.040655] ? copy_user_test_oob+0x4aa/0x10f0 [ 22.040714] kasan_check_range+0x10c/0x1c0 [ 22.040768] __kasan_check_read+0x15/0x20 [ 22.040851] copy_user_test_oob+0x4aa/0x10f0 [ 22.040908] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.041011] ? finish_task_switch.isra.0+0x153/0x700 [ 22.041060] ? __switch_to+0x47/0xf50 [ 22.041128] ? __schedule+0x10cc/0x2b60 [ 22.041172] ? __pfx_read_tsc+0x10/0x10 [ 22.041200] ? ktime_get_ts64+0x86/0x230 [ 22.041227] kunit_try_run_case+0x1a5/0x480 [ 22.041277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.041309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.041336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.041362] ? __kthread_parkme+0x82/0x180 [ 22.041386] ? preempt_count_sub+0x50/0x80 [ 22.041411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.041437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.041464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.041490] kthread+0x337/0x6f0 [ 22.041513] ? trace_preempt_on+0x20/0xc0 [ 22.041540] ? __pfx_kthread+0x10/0x10 [ 22.041565] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.041588] ? calculate_sigpending+0x7b/0xa0 [ 22.041615] ? __pfx_kthread+0x10/0x10 [ 22.041638] ret_from_fork+0x116/0x1d0 [ 22.041665] ? __pfx_kthread+0x10/0x10 [ 22.041727] ret_from_fork_asm+0x1a/0x30 [ 22.041764] </TASK> [ 22.041779] [ 22.053197] Allocated by task 302: [ 22.053710] kasan_save_stack+0x45/0x70 [ 22.054124] kasan_save_track+0x18/0x40 [ 22.054483] kasan_save_alloc_info+0x3b/0x50 [ 22.054849] __kasan_kmalloc+0xb7/0xc0 [ 22.055707] __kmalloc_noprof+0x1c9/0x500 [ 22.056116] kunit_kmalloc_array+0x25/0x60 [ 22.056483] copy_user_test_oob+0xab/0x10f0 [ 22.057132] kunit_try_run_case+0x1a5/0x480 [ 22.057409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.057666] kthread+0x337/0x6f0 [ 22.057938] ret_from_fork+0x116/0x1d0 [ 22.058186] ret_from_fork_asm+0x1a/0x30 [ 22.058433] [ 22.058583] The buggy address belongs to the object at ffff88810232e100 [ 22.058583] which belongs to the cache kmalloc-128 of size 128 [ 22.059495] The buggy address is located 0 bytes inside of [ 22.059495] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 22.060519] [ 22.060721] The buggy address belongs to the physical page: [ 22.060956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 22.061482] flags: 0x200000000000000(node=0|zone=2) [ 22.061877] page_type: f5(slab) [ 22.062229] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.062723] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.063365] page dumped because: kasan: bad access detected [ 22.063833] [ 22.063945] Memory state around the buggy address: [ 22.064153] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.064719] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.065212] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.065595] ^ [ 22.066043] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.066570] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.067153] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 21.971126] ================================================================== [ 21.971538] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 21.972117] Read of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 21.972573] [ 21.972808] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.972960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.972991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.973062] Call Trace: [ 21.973104] <TASK> [ 21.973183] dump_stack_lvl+0x73/0xb0 [ 21.973271] print_report+0xd1/0x650 [ 21.973325] ? __virt_addr_valid+0x1db/0x2d0 [ 21.973372] ? _copy_to_user+0x3c/0x70 [ 21.973413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.973500] ? _copy_to_user+0x3c/0x70 [ 21.973549] kasan_report+0x141/0x180 [ 21.973600] ? _copy_to_user+0x3c/0x70 [ 21.973649] kasan_check_range+0x10c/0x1c0 [ 21.973719] __kasan_check_read+0x15/0x20 [ 21.973799] _copy_to_user+0x3c/0x70 [ 21.973838] copy_user_test_oob+0x364/0x10f0 [ 21.973893] ? __pfx_copy_user_test_oob+0x10/0x10 [ 21.973943] ? finish_task_switch.isra.0+0x153/0x700 [ 21.973987] ? __switch_to+0x47/0xf50 [ 21.974018] ? __schedule+0x10cc/0x2b60 [ 21.974043] ? __pfx_read_tsc+0x10/0x10 [ 21.974070] ? ktime_get_ts64+0x86/0x230 [ 21.974098] kunit_try_run_case+0x1a5/0x480 [ 21.974125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.974151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.974178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.974203] ? __kthread_parkme+0x82/0x180 [ 21.974226] ? preempt_count_sub+0x50/0x80 [ 21.974252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.974306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.974333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.974359] kthread+0x337/0x6f0 [ 21.974382] ? trace_preempt_on+0x20/0xc0 [ 21.974410] ? __pfx_kthread+0x10/0x10 [ 21.974434] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.974458] ? calculate_sigpending+0x7b/0xa0 [ 21.974485] ? __pfx_kthread+0x10/0x10 [ 21.974510] ret_from_fork+0x116/0x1d0 [ 21.974531] ? __pfx_kthread+0x10/0x10 [ 21.974556] ret_from_fork_asm+0x1a/0x30 [ 21.974589] </TASK> [ 21.974605] [ 21.986387] Allocated by task 302: [ 21.986621] kasan_save_stack+0x45/0x70 [ 21.986796] kasan_save_track+0x18/0x40 [ 21.986974] kasan_save_alloc_info+0x3b/0x50 [ 21.987187] __kasan_kmalloc+0xb7/0xc0 [ 21.989173] __kmalloc_noprof+0x1c9/0x500 [ 21.989523] kunit_kmalloc_array+0x25/0x60 [ 21.989876] copy_user_test_oob+0xab/0x10f0 [ 21.990312] kunit_try_run_case+0x1a5/0x480 [ 21.990758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.991082] kthread+0x337/0x6f0 [ 21.991235] ret_from_fork+0x116/0x1d0 [ 21.991472] ret_from_fork_asm+0x1a/0x30 [ 21.992117] [ 21.992334] The buggy address belongs to the object at ffff88810232e100 [ 21.992334] which belongs to the cache kmalloc-128 of size 128 [ 21.993284] The buggy address is located 0 bytes inside of [ 21.993284] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 21.993719] [ 21.993893] The buggy address belongs to the physical page: [ 21.994405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 21.994964] flags: 0x200000000000000(node=0|zone=2) [ 21.995438] page_type: f5(slab) [ 21.995805] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.996423] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.996933] page dumped because: kasan: bad access detected [ 21.997315] [ 21.997418] Memory state around the buggy address: [ 21.997606] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.998485] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.999187] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.999750] ^ [ 22.000387] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.000991] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.001633] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 21.937291] ================================================================== [ 21.938167] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 21.938610] Write of size 121 at addr ffff88810232e100 by task kunit_try_catch/302 [ 21.938951] [ 21.939142] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.939250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.939297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.939347] Call Trace: [ 21.939376] <TASK> [ 21.939420] dump_stack_lvl+0x73/0xb0 [ 21.939491] print_report+0xd1/0x650 [ 21.939544] ? __virt_addr_valid+0x1db/0x2d0 [ 21.939596] ? _copy_from_user+0x32/0x90 [ 21.939641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.939683] ? _copy_from_user+0x32/0x90 [ 21.939773] kasan_report+0x141/0x180 [ 21.939822] ? _copy_from_user+0x32/0x90 [ 21.939869] kasan_check_range+0x10c/0x1c0 [ 21.939922] __kasan_check_write+0x18/0x20 [ 21.939969] _copy_from_user+0x32/0x90 [ 21.940016] copy_user_test_oob+0x2be/0x10f0 [ 21.940075] ? __pfx_copy_user_test_oob+0x10/0x10 [ 21.940128] ? finish_task_switch.isra.0+0x153/0x700 [ 21.940181] ? __switch_to+0x47/0xf50 [ 21.940235] ? __schedule+0x10cc/0x2b60 [ 21.940284] ? __pfx_read_tsc+0x10/0x10 [ 21.940313] ? ktime_get_ts64+0x86/0x230 [ 21.940342] kunit_try_run_case+0x1a5/0x480 [ 21.940369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.940394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.940421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.940445] ? __kthread_parkme+0x82/0x180 [ 21.940469] ? preempt_count_sub+0x50/0x80 [ 21.940494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.940519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.940545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.940570] kthread+0x337/0x6f0 [ 21.940592] ? trace_preempt_on+0x20/0xc0 [ 21.940620] ? __pfx_kthread+0x10/0x10 [ 21.940642] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.940672] ? calculate_sigpending+0x7b/0xa0 [ 21.940731] ? __pfx_kthread+0x10/0x10 [ 21.940755] ret_from_fork+0x116/0x1d0 [ 21.940776] ? __pfx_kthread+0x10/0x10 [ 21.940799] ret_from_fork_asm+0x1a/0x30 [ 21.940832] </TASK> [ 21.940848] [ 21.952300] Allocated by task 302: [ 21.952693] kasan_save_stack+0x45/0x70 [ 21.953061] kasan_save_track+0x18/0x40 [ 21.953449] kasan_save_alloc_info+0x3b/0x50 [ 21.953899] __kasan_kmalloc+0xb7/0xc0 [ 21.954179] __kmalloc_noprof+0x1c9/0x500 [ 21.954644] kunit_kmalloc_array+0x25/0x60 [ 21.955132] copy_user_test_oob+0xab/0x10f0 [ 21.955534] kunit_try_run_case+0x1a5/0x480 [ 21.955811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.956364] kthread+0x337/0x6f0 [ 21.956806] ret_from_fork+0x116/0x1d0 [ 21.957188] ret_from_fork_asm+0x1a/0x30 [ 21.957417] [ 21.957551] The buggy address belongs to the object at ffff88810232e100 [ 21.957551] which belongs to the cache kmalloc-128 of size 128 [ 21.957984] The buggy address is located 0 bytes inside of [ 21.957984] allocated 120-byte region [ffff88810232e100, ffff88810232e178) [ 21.958632] [ 21.958836] The buggy address belongs to the physical page: [ 21.959247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 21.959602] flags: 0x200000000000000(node=0|zone=2) [ 21.959838] page_type: f5(slab) [ 21.960239] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.960921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.961528] page dumped because: kasan: bad access detected [ 21.962102] [ 21.962292] Memory state around the buggy address: [ 21.962688] ffff88810232e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.963033] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.963486] >ffff88810232e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.964190] ^ [ 21.964629] ffff88810232e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.965069] ffff88810232e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.965352] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.882136] ================================================================== [ 21.882929] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 21.883831] Write of size 8 at addr ffff88810232e078 by task kunit_try_catch/298 [ 21.884824] [ 21.885188] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.885331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.885378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.885430] Call Trace: [ 21.885461] <TASK> [ 21.885490] dump_stack_lvl+0x73/0xb0 [ 21.885535] print_report+0xd1/0x650 [ 21.885564] ? __virt_addr_valid+0x1db/0x2d0 [ 21.885598] ? copy_to_kernel_nofault+0x99/0x260 [ 21.885644] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.885725] ? copy_to_kernel_nofault+0x99/0x260 [ 21.885756] kasan_report+0x141/0x180 [ 21.885782] ? copy_to_kernel_nofault+0x99/0x260 [ 21.885814] kasan_check_range+0x10c/0x1c0 [ 21.885841] __kasan_check_write+0x18/0x20 [ 21.885864] copy_to_kernel_nofault+0x99/0x260 [ 21.885892] copy_to_kernel_nofault_oob+0x288/0x560 [ 21.885919] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 21.885946] ? finish_task_switch.isra.0+0x153/0x700 [ 21.885973] ? __schedule+0x10cc/0x2b60 [ 21.885997] ? trace_hardirqs_on+0x37/0xe0 [ 21.886031] ? __pfx_read_tsc+0x10/0x10 [ 21.886161] ? ktime_get_ts64+0x86/0x230 [ 21.886192] kunit_try_run_case+0x1a5/0x480 [ 21.886221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.886246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.886294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.886320] ? __kthread_parkme+0x82/0x180 [ 21.886344] ? preempt_count_sub+0x50/0x80 [ 21.886370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.886397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.886423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.886450] kthread+0x337/0x6f0 [ 21.886473] ? trace_preempt_on+0x20/0xc0 [ 21.886497] ? __pfx_kthread+0x10/0x10 [ 21.886521] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.886544] ? calculate_sigpending+0x7b/0xa0 [ 21.886572] ? __pfx_kthread+0x10/0x10 [ 21.886597] ret_from_fork+0x116/0x1d0 [ 21.886618] ? __pfx_kthread+0x10/0x10 [ 21.886641] ret_from_fork_asm+0x1a/0x30 [ 21.886690] </TASK> [ 21.886707] [ 21.899907] Allocated by task 298: [ 21.900531] kasan_save_stack+0x45/0x70 [ 21.901526] kasan_save_track+0x18/0x40 [ 21.901886] kasan_save_alloc_info+0x3b/0x50 [ 21.902105] __kasan_kmalloc+0xb7/0xc0 [ 21.902312] __kmalloc_cache_noprof+0x189/0x420 [ 21.902526] copy_to_kernel_nofault_oob+0x12f/0x560 [ 21.902755] kunit_try_run_case+0x1a5/0x480 [ 21.903407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.903887] kthread+0x337/0x6f0 [ 21.904250] ret_from_fork+0x116/0x1d0 [ 21.904639] ret_from_fork_asm+0x1a/0x30 [ 21.905753] [ 21.905956] The buggy address belongs to the object at ffff88810232e000 [ 21.905956] which belongs to the cache kmalloc-128 of size 128 [ 21.906933] The buggy address is located 0 bytes to the right of [ 21.906933] allocated 120-byte region [ffff88810232e000, ffff88810232e078) [ 21.908391] [ 21.908514] The buggy address belongs to the physical page: [ 21.909169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 21.909819] flags: 0x200000000000000(node=0|zone=2) [ 21.910221] page_type: f5(slab) [ 21.910544] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.911285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.911594] page dumped because: kasan: bad access detected [ 21.911806] [ 21.911961] Memory state around the buggy address: [ 21.912559] ffff88810232df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.913241] ffff88810232df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.913800] >ffff88810232e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.914185] ^ [ 21.914969] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.916555] ffff88810232e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.917049] ================================================================== [ 21.845886] ================================================================== [ 21.846629] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 21.847349] Read of size 8 at addr ffff88810232e078 by task kunit_try_catch/298 [ 21.847758] [ 21.848001] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.848115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.848142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.848219] Call Trace: [ 21.848250] <TASK> [ 21.848300] dump_stack_lvl+0x73/0xb0 [ 21.848378] print_report+0xd1/0x650 [ 21.848439] ? __virt_addr_valid+0x1db/0x2d0 [ 21.848491] ? copy_to_kernel_nofault+0x225/0x260 [ 21.848549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.848603] ? copy_to_kernel_nofault+0x225/0x260 [ 21.848658] kasan_report+0x141/0x180 [ 21.848700] ? copy_to_kernel_nofault+0x225/0x260 [ 21.848758] __asan_report_load8_noabort+0x18/0x20 [ 21.848799] copy_to_kernel_nofault+0x225/0x260 [ 21.848845] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 21.848898] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 21.848943] ? finish_task_switch.isra.0+0x153/0x700 [ 21.848992] ? __schedule+0x10cc/0x2b60 [ 21.849039] ? trace_hardirqs_on+0x37/0xe0 [ 21.849100] ? __pfx_read_tsc+0x10/0x10 [ 21.849139] ? ktime_get_ts64+0x86/0x230 [ 21.849183] kunit_try_run_case+0x1a5/0x480 [ 21.849235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.849296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.849343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.849394] ? __kthread_parkme+0x82/0x180 [ 21.849439] ? preempt_count_sub+0x50/0x80 [ 21.849484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.849589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.849633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.849673] kthread+0x337/0x6f0 [ 21.849708] ? trace_preempt_on+0x20/0xc0 [ 21.849747] ? __pfx_kthread+0x10/0x10 [ 21.849785] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.849821] ? calculate_sigpending+0x7b/0xa0 [ 21.849865] ? __pfx_kthread+0x10/0x10 [ 21.849917] ret_from_fork+0x116/0x1d0 [ 21.849954] ? __pfx_kthread+0x10/0x10 [ 21.849998] ret_from_fork_asm+0x1a/0x30 [ 21.850062] </TASK> [ 21.850088] [ 21.864799] Allocated by task 298: [ 21.864994] kasan_save_stack+0x45/0x70 [ 21.865683] kasan_save_track+0x18/0x40 [ 21.866406] kasan_save_alloc_info+0x3b/0x50 [ 21.867174] __kasan_kmalloc+0xb7/0xc0 [ 21.867411] __kmalloc_cache_noprof+0x189/0x420 [ 21.867612] copy_to_kernel_nofault_oob+0x12f/0x560 [ 21.868101] kunit_try_run_case+0x1a5/0x480 [ 21.868515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.868867] kthread+0x337/0x6f0 [ 21.869048] ret_from_fork+0x116/0x1d0 [ 21.869786] ret_from_fork_asm+0x1a/0x30 [ 21.870606] [ 21.871010] The buggy address belongs to the object at ffff88810232e000 [ 21.871010] which belongs to the cache kmalloc-128 of size 128 [ 21.871534] The buggy address is located 0 bytes to the right of [ 21.871534] allocated 120-byte region [ffff88810232e000, ffff88810232e078) [ 21.872763] [ 21.872992] The buggy address belongs to the physical page: [ 21.873534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10232e [ 21.873930] flags: 0x200000000000000(node=0|zone=2) [ 21.874527] page_type: f5(slab) [ 21.874729] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.875508] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.875847] page dumped because: kasan: bad access detected [ 21.875980] [ 21.876075] Memory state around the buggy address: [ 21.876616] ffff88810232df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.877342] ffff88810232df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.877796] >ffff88810232e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.878390] ^ [ 21.878637] ffff88810232e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.879616] ffff88810232e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.880447] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.988528] ================================================================== [ 19.989093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 19.989648] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.989971] [ 19.990129] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.990237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.990276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.990326] Call Trace: [ 19.990370] <TASK> [ 19.990412] dump_stack_lvl+0x73/0xb0 [ 19.990475] print_report+0xd1/0x650 [ 19.990529] ? __virt_addr_valid+0x1db/0x2d0 [ 19.990584] ? kasan_atomics_helper+0x4b3a/0x5450 [ 19.990635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.990711] ? kasan_atomics_helper+0x4b3a/0x5450 [ 19.990765] kasan_report+0x141/0x180 [ 19.990819] ? kasan_atomics_helper+0x4b3a/0x5450 [ 19.990878] __asan_report_store4_noabort+0x1b/0x30 [ 19.990920] kasan_atomics_helper+0x4b3a/0x5450 [ 19.990974] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.991036] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.991086] ? kasan_atomics+0x152/0x310 [ 19.991148] kasan_atomics+0x1dc/0x310 [ 19.991193] ? __pfx_kasan_atomics+0x10/0x10 [ 19.991235] ? __pfx_read_tsc+0x10/0x10 [ 19.991292] ? ktime_get_ts64+0x86/0x230 [ 19.991335] kunit_try_run_case+0x1a5/0x480 [ 19.991377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.991413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.991454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.991492] ? __kthread_parkme+0x82/0x180 [ 19.991527] ? preempt_count_sub+0x50/0x80 [ 19.991568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.991607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.991651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.991860] kthread+0x337/0x6f0 [ 19.991960] ? trace_preempt_on+0x20/0xc0 [ 19.992030] ? __pfx_kthread+0x10/0x10 [ 19.992193] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.992292] ? calculate_sigpending+0x7b/0xa0 [ 19.992370] ? __pfx_kthread+0x10/0x10 [ 19.992425] ret_from_fork+0x116/0x1d0 [ 19.992461] ? __pfx_kthread+0x10/0x10 [ 19.992500] ret_from_fork_asm+0x1a/0x30 [ 19.992563] </TASK> [ 19.992591] [ 20.007373] Allocated by task 282: [ 20.007791] kasan_save_stack+0x45/0x70 [ 20.008361] kasan_save_track+0x18/0x40 [ 20.008700] kasan_save_alloc_info+0x3b/0x50 [ 20.009303] __kasan_kmalloc+0xb7/0xc0 [ 20.009953] __kmalloc_cache_noprof+0x189/0x420 [ 20.010419] kasan_atomics+0x95/0x310 [ 20.010709] kunit_try_run_case+0x1a5/0x480 [ 20.010936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.011378] kthread+0x337/0x6f0 [ 20.011689] ret_from_fork+0x116/0x1d0 [ 20.011936] ret_from_fork_asm+0x1a/0x30 [ 20.012508] [ 20.012793] The buggy address belongs to the object at ffff888102b66500 [ 20.012793] which belongs to the cache kmalloc-64 of size 64 [ 20.013954] The buggy address is located 0 bytes to the right of [ 20.013954] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.014902] [ 20.015303] The buggy address belongs to the physical page: [ 20.015670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.016378] flags: 0x200000000000000(node=0|zone=2) [ 20.016810] page_type: f5(slab) [ 20.017393] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.017905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.018519] page dumped because: kasan: bad access detected [ 20.018952] [ 20.019316] Memory state around the buggy address: [ 20.019715] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.020505] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.020986] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.021856] ^ [ 20.022341] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.022861] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.023615] ================================================================== [ 20.834864] ================================================================== [ 20.835530] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 20.836122] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.836651] [ 20.836852] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.836962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.836991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.837037] Call Trace: [ 20.837080] <TASK> [ 20.837121] dump_stack_lvl+0x73/0xb0 [ 20.837185] print_report+0xd1/0x650 [ 20.837238] ? __virt_addr_valid+0x1db/0x2d0 [ 20.837302] ? kasan_atomics_helper+0x12e6/0x5450 [ 20.837355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.837408] ? kasan_atomics_helper+0x12e6/0x5450 [ 20.837458] kasan_report+0x141/0x180 [ 20.837510] ? kasan_atomics_helper+0x12e6/0x5450 [ 20.837569] kasan_check_range+0x10c/0x1c0 [ 20.837624] __kasan_check_write+0x18/0x20 [ 20.837702] kasan_atomics_helper+0x12e6/0x5450 [ 20.837759] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.837814] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.837863] ? kasan_atomics+0x152/0x310 [ 20.837923] kasan_atomics+0x1dc/0x310 [ 20.837977] ? __pfx_kasan_atomics+0x10/0x10 [ 20.838034] ? __pfx_read_tsc+0x10/0x10 [ 20.838079] ? ktime_get_ts64+0x86/0x230 [ 20.838133] kunit_try_run_case+0x1a5/0x480 [ 20.838189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.838236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.838292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.838338] ? __kthread_parkme+0x82/0x180 [ 20.838382] ? preempt_count_sub+0x50/0x80 [ 20.838430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.838483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.838536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.838588] kthread+0x337/0x6f0 [ 20.838632] ? trace_preempt_on+0x20/0xc0 [ 20.838724] ? __pfx_kthread+0x10/0x10 [ 20.838770] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.838810] ? calculate_sigpending+0x7b/0xa0 [ 20.838856] ? __pfx_kthread+0x10/0x10 [ 20.838898] ret_from_fork+0x116/0x1d0 [ 20.838937] ? __pfx_kthread+0x10/0x10 [ 20.838974] ret_from_fork_asm+0x1a/0x30 [ 20.839043] </TASK> [ 20.839069] [ 20.849364] Allocated by task 282: [ 20.849623] kasan_save_stack+0x45/0x70 [ 20.849886] kasan_save_track+0x18/0x40 [ 20.850081] kasan_save_alloc_info+0x3b/0x50 [ 20.850293] __kasan_kmalloc+0xb7/0xc0 [ 20.850624] __kmalloc_cache_noprof+0x189/0x420 [ 20.851060] kasan_atomics+0x95/0x310 [ 20.851408] kunit_try_run_case+0x1a5/0x480 [ 20.851779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.852227] kthread+0x337/0x6f0 [ 20.852542] ret_from_fork+0x116/0x1d0 [ 20.852830] ret_from_fork_asm+0x1a/0x30 [ 20.853026] [ 20.853210] The buggy address belongs to the object at ffff888102b66500 [ 20.853210] which belongs to the cache kmalloc-64 of size 64 [ 20.854003] The buggy address is located 0 bytes to the right of [ 20.854003] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.854509] [ 20.854737] The buggy address belongs to the physical page: [ 20.855151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.855647] flags: 0x200000000000000(node=0|zone=2) [ 20.855998] page_type: f5(slab) [ 20.856235] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.856540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.856859] page dumped because: kasan: bad access detected [ 20.857082] [ 20.857198] Memory state around the buggy address: [ 20.857586] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.858164] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.858761] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.859301] ^ [ 20.859718] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.859997] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.860496] ================================================================== [ 20.862070] ================================================================== [ 20.862583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 20.863060] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.863412] [ 20.863639] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.863777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.863809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.863857] Call Trace: [ 20.863898] <TASK> [ 20.863938] dump_stack_lvl+0x73/0xb0 [ 20.863999] print_report+0xd1/0x650 [ 20.864049] ? __virt_addr_valid+0x1db/0x2d0 [ 20.864099] ? kasan_atomics_helper+0x49ce/0x5450 [ 20.864148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.864204] ? kasan_atomics_helper+0x49ce/0x5450 [ 20.864254] kasan_report+0x141/0x180 [ 20.864319] ? kasan_atomics_helper+0x49ce/0x5450 [ 20.864377] __asan_report_load4_noabort+0x18/0x20 [ 20.864423] kasan_atomics_helper+0x49ce/0x5450 [ 20.864472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.864517] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.864563] ? kasan_atomics+0x152/0x310 [ 20.864624] kasan_atomics+0x1dc/0x310 [ 20.864713] ? __pfx_kasan_atomics+0x10/0x10 [ 20.864773] ? __pfx_read_tsc+0x10/0x10 [ 20.864822] ? ktime_get_ts64+0x86/0x230 [ 20.864880] kunit_try_run_case+0x1a5/0x480 [ 20.864935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.864985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.865032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.865073] ? __kthread_parkme+0x82/0x180 [ 20.865111] ? preempt_count_sub+0x50/0x80 [ 20.865160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.865209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.865255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.865320] kthread+0x337/0x6f0 [ 20.865361] ? trace_preempt_on+0x20/0xc0 [ 20.865412] ? __pfx_kthread+0x10/0x10 [ 20.865459] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.865504] ? calculate_sigpending+0x7b/0xa0 [ 20.865552] ? __pfx_kthread+0x10/0x10 [ 20.865600] ret_from_fork+0x116/0x1d0 [ 20.865642] ? __pfx_kthread+0x10/0x10 [ 20.865724] ret_from_fork_asm+0x1a/0x30 [ 20.865790] </TASK> [ 20.865815] [ 20.875784] Allocated by task 282: [ 20.876115] kasan_save_stack+0x45/0x70 [ 20.876404] kasan_save_track+0x18/0x40 [ 20.876773] kasan_save_alloc_info+0x3b/0x50 [ 20.877031] __kasan_kmalloc+0xb7/0xc0 [ 20.877270] __kmalloc_cache_noprof+0x189/0x420 [ 20.877624] kasan_atomics+0x95/0x310 [ 20.877841] kunit_try_run_case+0x1a5/0x480 [ 20.878025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.878441] kthread+0x337/0x6f0 [ 20.878781] ret_from_fork+0x116/0x1d0 [ 20.879007] ret_from_fork_asm+0x1a/0x30 [ 20.879196] [ 20.879327] The buggy address belongs to the object at ffff888102b66500 [ 20.879327] which belongs to the cache kmalloc-64 of size 64 [ 20.879771] The buggy address is located 0 bytes to the right of [ 20.879771] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.880208] [ 20.880375] The buggy address belongs to the physical page: [ 20.880843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.881449] flags: 0x200000000000000(node=0|zone=2) [ 20.881862] page_type: f5(slab) [ 20.882182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.882814] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.883391] page dumped because: kasan: bad access detected [ 20.883853] [ 20.884037] Memory state around the buggy address: [ 20.884321] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.884779] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.885177] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.885624] ^ [ 20.885925] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.888011] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.888359] ================================================================== [ 21.071275] ================================================================== [ 21.071822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 21.072404] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.072938] [ 21.073109] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.073216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.073245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.073339] Call Trace: [ 21.073420] <TASK> [ 21.073476] dump_stack_lvl+0x73/0xb0 [ 21.073574] print_report+0xd1/0x650 [ 21.073651] ? __virt_addr_valid+0x1db/0x2d0 [ 21.073773] ? kasan_atomics_helper+0x164f/0x5450 [ 21.073837] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.073893] ? kasan_atomics_helper+0x164f/0x5450 [ 21.073945] kasan_report+0x141/0x180 [ 21.073998] ? kasan_atomics_helper+0x164f/0x5450 [ 21.074058] kasan_check_range+0x10c/0x1c0 [ 21.074114] __kasan_check_write+0x18/0x20 [ 21.074161] kasan_atomics_helper+0x164f/0x5450 [ 21.074214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.074273] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.074322] ? kasan_atomics+0x152/0x310 [ 21.074416] kasan_atomics+0x1dc/0x310 [ 21.074483] ? __pfx_kasan_atomics+0x10/0x10 [ 21.074540] ? __pfx_read_tsc+0x10/0x10 [ 21.074580] ? ktime_get_ts64+0x86/0x230 [ 21.074626] kunit_try_run_case+0x1a5/0x480 [ 21.074743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.074810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.074892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.074961] ? __kthread_parkme+0x82/0x180 [ 21.075021] ? preempt_count_sub+0x50/0x80 [ 21.075074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.075120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.075156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.075183] kthread+0x337/0x6f0 [ 21.075207] ? trace_preempt_on+0x20/0xc0 [ 21.075234] ? __pfx_kthread+0x10/0x10 [ 21.075277] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.075310] ? calculate_sigpending+0x7b/0xa0 [ 21.075338] ? __pfx_kthread+0x10/0x10 [ 21.075363] ret_from_fork+0x116/0x1d0 [ 21.075386] ? __pfx_kthread+0x10/0x10 [ 21.075410] ret_from_fork_asm+0x1a/0x30 [ 21.075444] </TASK> [ 21.075459] [ 21.088076] Allocated by task 282: [ 21.088526] kasan_save_stack+0x45/0x70 [ 21.088943] kasan_save_track+0x18/0x40 [ 21.089305] kasan_save_alloc_info+0x3b/0x50 [ 21.089608] __kasan_kmalloc+0xb7/0xc0 [ 21.090050] __kmalloc_cache_noprof+0x189/0x420 [ 21.090336] kasan_atomics+0x95/0x310 [ 21.090801] kunit_try_run_case+0x1a5/0x480 [ 21.091085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.091538] kthread+0x337/0x6f0 [ 21.091888] ret_from_fork+0x116/0x1d0 [ 21.092197] ret_from_fork_asm+0x1a/0x30 [ 21.092645] [ 21.092789] The buggy address belongs to the object at ffff888102b66500 [ 21.092789] which belongs to the cache kmalloc-64 of size 64 [ 21.093690] The buggy address is located 0 bytes to the right of [ 21.093690] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.094374] [ 21.094538] The buggy address belongs to the physical page: [ 21.094942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.095607] flags: 0x200000000000000(node=0|zone=2) [ 21.096049] page_type: f5(slab) [ 21.096412] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.096951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.097436] page dumped because: kasan: bad access detected [ 21.097895] [ 21.098112] Memory state around the buggy address: [ 21.098459] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.098936] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.099514] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.100039] ^ [ 21.100450] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.101035] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.101575] ================================================================== [ 21.778908] ================================================================== [ 21.779738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 21.780313] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.780964] [ 21.781146] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.781270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.781302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.781353] Call Trace: [ 21.781398] <TASK> [ 21.781443] dump_stack_lvl+0x73/0xb0 [ 21.781513] print_report+0xd1/0x650 [ 21.781568] ? __virt_addr_valid+0x1db/0x2d0 [ 21.781624] ? kasan_atomics_helper+0x5115/0x5450 [ 21.781673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.781724] ? kasan_atomics_helper+0x5115/0x5450 [ 21.781775] kasan_report+0x141/0x180 [ 21.781826] ? kasan_atomics_helper+0x5115/0x5450 [ 21.781890] __asan_report_load8_noabort+0x18/0x20 [ 21.781940] kasan_atomics_helper+0x5115/0x5450 [ 21.781994] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.782065] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.782109] ? kasan_atomics+0x152/0x310 [ 21.782159] kasan_atomics+0x1dc/0x310 [ 21.782205] ? __pfx_kasan_atomics+0x10/0x10 [ 21.782306] ? __pfx_read_tsc+0x10/0x10 [ 21.782370] ? ktime_get_ts64+0x86/0x230 [ 21.782459] kunit_try_run_case+0x1a5/0x480 [ 21.782931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.782973] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.783033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.783071] ? __kthread_parkme+0x82/0x180 [ 21.783116] ? preempt_count_sub+0x50/0x80 [ 21.783168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.783222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.783286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.783341] kthread+0x337/0x6f0 [ 21.783390] ? trace_preempt_on+0x20/0xc0 [ 21.783444] ? __pfx_kthread+0x10/0x10 [ 21.783492] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.783543] ? calculate_sigpending+0x7b/0xa0 [ 21.783602] ? __pfx_kthread+0x10/0x10 [ 21.783653] ret_from_fork+0x116/0x1d0 [ 21.783695] ? __pfx_kthread+0x10/0x10 [ 21.783742] ret_from_fork_asm+0x1a/0x30 [ 21.783811] </TASK> [ 21.783840] [ 21.795544] Allocated by task 282: [ 21.795907] kasan_save_stack+0x45/0x70 [ 21.796316] kasan_save_track+0x18/0x40 [ 21.796799] kasan_save_alloc_info+0x3b/0x50 [ 21.797362] __kasan_kmalloc+0xb7/0xc0 [ 21.797812] __kmalloc_cache_noprof+0x189/0x420 [ 21.798314] kasan_atomics+0x95/0x310 [ 21.798907] kunit_try_run_case+0x1a5/0x480 [ 21.799053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.799181] kthread+0x337/0x6f0 [ 21.799385] ret_from_fork+0x116/0x1d0 [ 21.799869] ret_from_fork_asm+0x1a/0x30 [ 21.800285] [ 21.800419] The buggy address belongs to the object at ffff888102b66500 [ 21.800419] which belongs to the cache kmalloc-64 of size 64 [ 21.801492] The buggy address is located 0 bytes to the right of [ 21.801492] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.802079] [ 21.802193] The buggy address belongs to the physical page: [ 21.802473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.803321] flags: 0x200000000000000(node=0|zone=2) [ 21.803777] page_type: f5(slab) [ 21.804089] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.804681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.805343] page dumped because: kasan: bad access detected [ 21.805891] [ 21.806080] Memory state around the buggy address: [ 21.806609] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.807273] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.807619] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.808062] ^ [ 21.808502] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.808794] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.809361] ================================================================== [ 21.251854] ================================================================== [ 21.252247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 21.252530] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.252739] [ 21.252865] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.252949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.253034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.253075] Call Trace: [ 21.253217] <TASK> [ 21.253274] dump_stack_lvl+0x73/0xb0 [ 21.253351] print_report+0xd1/0x650 [ 21.253416] ? __virt_addr_valid+0x1db/0x2d0 [ 21.253469] ? kasan_atomics_helper+0x19e3/0x5450 [ 21.253516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.253569] ? kasan_atomics_helper+0x19e3/0x5450 [ 21.253614] kasan_report+0x141/0x180 [ 21.253658] ? kasan_atomics_helper+0x19e3/0x5450 [ 21.253714] kasan_check_range+0x10c/0x1c0 [ 21.253766] __kasan_check_write+0x18/0x20 [ 21.253813] kasan_atomics_helper+0x19e3/0x5450 [ 21.253866] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.253918] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.253965] ? kasan_atomics+0x152/0x310 [ 21.254015] kasan_atomics+0x1dc/0x310 [ 21.254061] ? __pfx_kasan_atomics+0x10/0x10 [ 21.254114] ? __pfx_read_tsc+0x10/0x10 [ 21.254152] ? ktime_get_ts64+0x86/0x230 [ 21.254239] kunit_try_run_case+0x1a5/0x480 [ 21.254324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.254376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.254430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.254481] ? __kthread_parkme+0x82/0x180 [ 21.254530] ? preempt_count_sub+0x50/0x80 [ 21.254586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.254640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.254705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.254751] kthread+0x337/0x6f0 [ 21.254794] ? trace_preempt_on+0x20/0xc0 [ 21.254842] ? __pfx_kthread+0x10/0x10 [ 21.254900] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.254962] ? calculate_sigpending+0x7b/0xa0 [ 21.255028] ? __pfx_kthread+0x10/0x10 [ 21.255081] ret_from_fork+0x116/0x1d0 [ 21.255124] ? __pfx_kthread+0x10/0x10 [ 21.255171] ret_from_fork_asm+0x1a/0x30 [ 21.255235] </TASK> [ 21.255279] [ 21.266747] Allocated by task 282: [ 21.267127] kasan_save_stack+0x45/0x70 [ 21.267442] kasan_save_track+0x18/0x40 [ 21.267649] kasan_save_alloc_info+0x3b/0x50 [ 21.268129] __kasan_kmalloc+0xb7/0xc0 [ 21.268499] __kmalloc_cache_noprof+0x189/0x420 [ 21.269624] kasan_atomics+0x95/0x310 [ 21.269900] kunit_try_run_case+0x1a5/0x480 [ 21.270115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.270361] kthread+0x337/0x6f0 [ 21.270542] ret_from_fork+0x116/0x1d0 [ 21.271589] ret_from_fork_asm+0x1a/0x30 [ 21.272174] [ 21.272705] The buggy address belongs to the object at ffff888102b66500 [ 21.272705] which belongs to the cache kmalloc-64 of size 64 [ 21.273482] The buggy address is located 0 bytes to the right of [ 21.273482] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.274523] [ 21.274649] The buggy address belongs to the physical page: [ 21.275164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.275599] flags: 0x200000000000000(node=0|zone=2) [ 21.276366] page_type: f5(slab) [ 21.276667] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.277317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.278145] page dumped because: kasan: bad access detected [ 21.278479] [ 21.278667] Memory state around the buggy address: [ 21.279347] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.279729] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.280127] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.280581] ^ [ 21.280864] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.281307] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.281635] ================================================================== [ 21.721797] ================================================================== [ 21.722284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 21.722669] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.722952] [ 21.723116] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.723221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.723253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.723315] Call Trace: [ 21.723356] <TASK> [ 21.723395] dump_stack_lvl+0x73/0xb0 [ 21.723459] print_report+0xd1/0x650 [ 21.723509] ? __virt_addr_valid+0x1db/0x2d0 [ 21.723559] ? kasan_atomics_helper+0x4fa5/0x5450 [ 21.723610] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.723658] ? kasan_atomics_helper+0x4fa5/0x5450 [ 21.724507] kasan_report+0x141/0x180 [ 21.724570] ? kasan_atomics_helper+0x4fa5/0x5450 [ 21.724635] __asan_report_load8_noabort+0x18/0x20 [ 21.724679] kasan_atomics_helper+0x4fa5/0x5450 [ 21.724974] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.725003] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.725028] ? kasan_atomics+0x152/0x310 [ 21.725058] kasan_atomics+0x1dc/0x310 [ 21.725084] ? __pfx_kasan_atomics+0x10/0x10 [ 21.725112] ? __pfx_read_tsc+0x10/0x10 [ 21.725137] ? ktime_get_ts64+0x86/0x230 [ 21.725165] kunit_try_run_case+0x1a5/0x480 [ 21.725193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.725218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.725245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.725295] ? __kthread_parkme+0x82/0x180 [ 21.725323] ? preempt_count_sub+0x50/0x80 [ 21.725349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.725376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.725402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.725428] kthread+0x337/0x6f0 [ 21.725451] ? trace_preempt_on+0x20/0xc0 [ 21.725478] ? __pfx_kthread+0x10/0x10 [ 21.725501] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.725524] ? calculate_sigpending+0x7b/0xa0 [ 21.725552] ? __pfx_kthread+0x10/0x10 [ 21.725576] ret_from_fork+0x116/0x1d0 [ 21.725597] ? __pfx_kthread+0x10/0x10 [ 21.725621] ret_from_fork_asm+0x1a/0x30 [ 21.725655] </TASK> [ 21.725677] [ 21.738203] Allocated by task 282: [ 21.738557] kasan_save_stack+0x45/0x70 [ 21.738875] kasan_save_track+0x18/0x40 [ 21.739212] kasan_save_alloc_info+0x3b/0x50 [ 21.739583] __kasan_kmalloc+0xb7/0xc0 [ 21.740043] __kmalloc_cache_noprof+0x189/0x420 [ 21.740275] kasan_atomics+0x95/0x310 [ 21.740467] kunit_try_run_case+0x1a5/0x480 [ 21.740882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.741328] kthread+0x337/0x6f0 [ 21.741641] ret_from_fork+0x116/0x1d0 [ 21.741899] ret_from_fork_asm+0x1a/0x30 [ 21.742215] [ 21.742411] The buggy address belongs to the object at ffff888102b66500 [ 21.742411] which belongs to the cache kmalloc-64 of size 64 [ 21.743232] The buggy address is located 0 bytes to the right of [ 21.743232] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.743701] [ 21.743915] The buggy address belongs to the physical page: [ 21.744355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.744799] flags: 0x200000000000000(node=0|zone=2) [ 21.745230] page_type: f5(slab) [ 21.745657] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.746043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.746660] page dumped because: kasan: bad access detected [ 21.747239] [ 21.747433] Memory state around the buggy address: [ 21.747754] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.748028] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.748710] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.749059] ^ [ 21.749282] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.749558] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.749821] ================================================================== [ 20.168692] ================================================================== [ 20.169888] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 20.170564] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.170942] [ 20.171254] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.171377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.171407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.171458] Call Trace: [ 20.171726] <TASK> [ 20.171805] dump_stack_lvl+0x73/0xb0 [ 20.171897] print_report+0xd1/0x650 [ 20.171974] ? __virt_addr_valid+0x1db/0x2d0 [ 20.172067] ? kasan_atomics_helper+0x7c7/0x5450 [ 20.172347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.172396] ? kasan_atomics_helper+0x7c7/0x5450 [ 20.172422] kasan_report+0x141/0x180 [ 20.172451] ? kasan_atomics_helper+0x7c7/0x5450 [ 20.172480] kasan_check_range+0x10c/0x1c0 [ 20.172507] __kasan_check_write+0x18/0x20 [ 20.172530] kasan_atomics_helper+0x7c7/0x5450 [ 20.172556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.172581] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.172606] ? kasan_atomics+0x152/0x310 [ 20.172635] kasan_atomics+0x1dc/0x310 [ 20.172683] ? __pfx_kasan_atomics+0x10/0x10 [ 20.172737] ? __pfx_read_tsc+0x10/0x10 [ 20.172762] ? ktime_get_ts64+0x86/0x230 [ 20.172789] kunit_try_run_case+0x1a5/0x480 [ 20.172818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.172843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.172870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.172894] ? __kthread_parkme+0x82/0x180 [ 20.172918] ? preempt_count_sub+0x50/0x80 [ 20.172944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.172971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.172996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.173022] kthread+0x337/0x6f0 [ 20.173052] ? trace_preempt_on+0x20/0xc0 [ 20.173111] ? __pfx_kthread+0x10/0x10 [ 20.173149] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.173184] ? calculate_sigpending+0x7b/0xa0 [ 20.173228] ? __pfx_kthread+0x10/0x10 [ 20.173269] ret_from_fork+0x116/0x1d0 [ 20.173298] ? __pfx_kthread+0x10/0x10 [ 20.173323] ret_from_fork_asm+0x1a/0x30 [ 20.173356] </TASK> [ 20.173371] [ 20.189819] Allocated by task 282: [ 20.190385] kasan_save_stack+0x45/0x70 [ 20.191190] kasan_save_track+0x18/0x40 [ 20.191699] kasan_save_alloc_info+0x3b/0x50 [ 20.192028] __kasan_kmalloc+0xb7/0xc0 [ 20.192374] __kmalloc_cache_noprof+0x189/0x420 [ 20.192672] kasan_atomics+0x95/0x310 [ 20.193017] kunit_try_run_case+0x1a5/0x480 [ 20.193880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.194473] kthread+0x337/0x6f0 [ 20.194649] ret_from_fork+0x116/0x1d0 [ 20.195373] ret_from_fork_asm+0x1a/0x30 [ 20.196043] [ 20.196572] The buggy address belongs to the object at ffff888102b66500 [ 20.196572] which belongs to the cache kmalloc-64 of size 64 [ 20.197271] The buggy address is located 0 bytes to the right of [ 20.197271] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.198386] [ 20.199223] The buggy address belongs to the physical page: [ 20.199691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.200659] flags: 0x200000000000000(node=0|zone=2) [ 20.200986] page_type: f5(slab) [ 20.201294] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.202659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.203058] page dumped because: kasan: bad access detected [ 20.203497] [ 20.204247] Memory state around the buggy address: [ 20.204804] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.205335] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.205853] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.206562] ^ [ 20.207046] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.207379] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.208765] ================================================================== [ 19.775823] ================================================================== [ 19.777795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 19.778236] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.779310] [ 19.779464] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.779531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.779545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.779572] Call Trace: [ 19.779589] <TASK> [ 19.779611] dump_stack_lvl+0x73/0xb0 [ 19.779649] print_report+0xd1/0x650 [ 19.779686] ? __virt_addr_valid+0x1db/0x2d0 [ 19.779719] ? kasan_atomics_helper+0x4ba2/0x5450 [ 19.779742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.779766] ? kasan_atomics_helper+0x4ba2/0x5450 [ 19.779789] kasan_report+0x141/0x180 [ 19.779813] ? kasan_atomics_helper+0x4ba2/0x5450 [ 19.779840] __asan_report_store4_noabort+0x1b/0x30 [ 19.779862] kasan_atomics_helper+0x4ba2/0x5450 [ 19.779886] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.779910] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.779933] ? kasan_atomics+0x152/0x310 [ 19.779961] kasan_atomics+0x1dc/0x310 [ 19.779986] ? __pfx_kasan_atomics+0x10/0x10 [ 19.780011] ? __pfx_read_tsc+0x10/0x10 [ 19.780038] ? ktime_get_ts64+0x86/0x230 [ 19.780326] kunit_try_run_case+0x1a5/0x480 [ 19.780390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.780438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.780483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.780539] ? __kthread_parkme+0x82/0x180 [ 19.780582] ? preempt_count_sub+0x50/0x80 [ 19.780633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.780680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.780726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.780766] kthread+0x337/0x6f0 [ 19.780798] ? trace_preempt_on+0x20/0xc0 [ 19.780825] ? __pfx_kthread+0x10/0x10 [ 19.780847] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.780869] ? calculate_sigpending+0x7b/0xa0 [ 19.780894] ? __pfx_kthread+0x10/0x10 [ 19.780917] ret_from_fork+0x116/0x1d0 [ 19.780937] ? __pfx_kthread+0x10/0x10 [ 19.780958] ret_from_fork_asm+0x1a/0x30 [ 19.780989] </TASK> [ 19.781002] [ 19.794225] Allocated by task 282: [ 19.794879] kasan_save_stack+0x45/0x70 [ 19.795588] kasan_save_track+0x18/0x40 [ 19.795971] kasan_save_alloc_info+0x3b/0x50 [ 19.796425] __kasan_kmalloc+0xb7/0xc0 [ 19.796799] __kmalloc_cache_noprof+0x189/0x420 [ 19.797348] kasan_atomics+0x95/0x310 [ 19.797730] kunit_try_run_case+0x1a5/0x480 [ 19.798370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.798883] kthread+0x337/0x6f0 [ 19.799687] ret_from_fork+0x116/0x1d0 [ 19.800120] ret_from_fork_asm+0x1a/0x30 [ 19.800511] [ 19.800721] The buggy address belongs to the object at ffff888102b66500 [ 19.800721] which belongs to the cache kmalloc-64 of size 64 [ 19.801577] The buggy address is located 0 bytes to the right of [ 19.801577] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.802617] [ 19.802824] The buggy address belongs to the physical page: [ 19.803177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.803955] flags: 0x200000000000000(node=0|zone=2) [ 19.804828] page_type: f5(slab) [ 19.805393] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.805858] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.806550] page dumped because: kasan: bad access detected [ 19.807029] [ 19.807210] Memory state around the buggy address: [ 19.807490] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.808032] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.808941] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.809361] ^ [ 19.810114] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.810922] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.811896] ================================================================== [ 20.086429] ================================================================== [ 20.087094] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 20.087628] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.088150] [ 20.088388] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.088486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.088511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.088550] Call Trace: [ 20.088588] <TASK> [ 20.088625] dump_stack_lvl+0x73/0xb0 [ 20.088781] print_report+0xd1/0x650 [ 20.088833] ? __virt_addr_valid+0x1db/0x2d0 [ 20.088886] ? kasan_atomics_helper+0x697/0x5450 [ 20.088931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.089017] ? kasan_atomics_helper+0x697/0x5450 [ 20.089093] kasan_report+0x141/0x180 [ 20.089146] ? kasan_atomics_helper+0x697/0x5450 [ 20.089235] kasan_check_range+0x10c/0x1c0 [ 20.089304] __kasan_check_write+0x18/0x20 [ 20.089345] kasan_atomics_helper+0x697/0x5450 [ 20.089386] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.089424] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.089462] ? kasan_atomics+0x152/0x310 [ 20.089508] kasan_atomics+0x1dc/0x310 [ 20.089546] ? __pfx_kasan_atomics+0x10/0x10 [ 20.089586] ? __pfx_read_tsc+0x10/0x10 [ 20.089624] ? ktime_get_ts64+0x86/0x230 [ 20.089702] kunit_try_run_case+0x1a5/0x480 [ 20.089753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.089796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.089888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.089935] ? __kthread_parkme+0x82/0x180 [ 20.089978] ? preempt_count_sub+0x50/0x80 [ 20.090055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.090145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.090221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.090306] kthread+0x337/0x6f0 [ 20.090375] ? trace_preempt_on+0x20/0xc0 [ 20.090450] ? __pfx_kthread+0x10/0x10 [ 20.090520] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.090570] ? calculate_sigpending+0x7b/0xa0 [ 20.090643] ? __pfx_kthread+0x10/0x10 [ 20.090764] ret_from_fork+0x116/0x1d0 [ 20.090824] ? __pfx_kthread+0x10/0x10 [ 20.090879] ret_from_fork_asm+0x1a/0x30 [ 20.090948] </TASK> [ 20.090977] [ 20.108987] Allocated by task 282: [ 20.109800] kasan_save_stack+0x45/0x70 [ 20.110407] kasan_save_track+0x18/0x40 [ 20.110734] kasan_save_alloc_info+0x3b/0x50 [ 20.110927] __kasan_kmalloc+0xb7/0xc0 [ 20.111554] __kmalloc_cache_noprof+0x189/0x420 [ 20.112088] kasan_atomics+0x95/0x310 [ 20.112518] kunit_try_run_case+0x1a5/0x480 [ 20.113193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.113556] kthread+0x337/0x6f0 [ 20.113815] ret_from_fork+0x116/0x1d0 [ 20.114453] ret_from_fork_asm+0x1a/0x30 [ 20.115153] [ 20.115370] The buggy address belongs to the object at ffff888102b66500 [ 20.115370] which belongs to the cache kmalloc-64 of size 64 [ 20.116286] The buggy address is located 0 bytes to the right of [ 20.116286] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.116907] [ 20.117042] The buggy address belongs to the physical page: [ 20.117250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.118516] flags: 0x200000000000000(node=0|zone=2) [ 20.119463] page_type: f5(slab) [ 20.120031] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.120572] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.121242] page dumped because: kasan: bad access detected [ 20.121992] [ 20.122788] Memory state around the buggy address: [ 20.123071] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.123919] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.124376] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.125054] ^ [ 20.125311] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.125564] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.126184] ================================================================== [ 20.690008] ================================================================== [ 20.691416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 20.692110] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.693074] [ 20.693234] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.693327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.693354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.693397] Call Trace: [ 20.693438] <TASK> [ 20.693503] dump_stack_lvl+0x73/0xb0 [ 20.693550] print_report+0xd1/0x650 [ 20.693591] ? __virt_addr_valid+0x1db/0x2d0 [ 20.693629] ? kasan_atomics_helper+0x4a1c/0x5450 [ 20.693659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.693816] ? kasan_atomics_helper+0x4a1c/0x5450 [ 20.693844] kasan_report+0x141/0x180 [ 20.693870] ? kasan_atomics_helper+0x4a1c/0x5450 [ 20.693903] __asan_report_load4_noabort+0x18/0x20 [ 20.693926] kasan_atomics_helper+0x4a1c/0x5450 [ 20.693952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.693979] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.694004] ? kasan_atomics+0x152/0x310 [ 20.694033] kasan_atomics+0x1dc/0x310 [ 20.694059] ? __pfx_kasan_atomics+0x10/0x10 [ 20.694087] ? __pfx_read_tsc+0x10/0x10 [ 20.694111] ? ktime_get_ts64+0x86/0x230 [ 20.694138] kunit_try_run_case+0x1a5/0x480 [ 20.694166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.694191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.694217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.694243] ? __kthread_parkme+0x82/0x180 [ 20.694281] ? preempt_count_sub+0x50/0x80 [ 20.694310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.694337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.694362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.694388] kthread+0x337/0x6f0 [ 20.694410] ? trace_preempt_on+0x20/0xc0 [ 20.694437] ? __pfx_kthread+0x10/0x10 [ 20.694460] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.694484] ? calculate_sigpending+0x7b/0xa0 [ 20.694511] ? __pfx_kthread+0x10/0x10 [ 20.694535] ret_from_fork+0x116/0x1d0 [ 20.694556] ? __pfx_kthread+0x10/0x10 [ 20.694579] ret_from_fork_asm+0x1a/0x30 [ 20.694613] </TASK> [ 20.694627] [ 20.705565] Allocated by task 282: [ 20.706001] kasan_save_stack+0x45/0x70 [ 20.706337] kasan_save_track+0x18/0x40 [ 20.706746] kasan_save_alloc_info+0x3b/0x50 [ 20.707072] __kasan_kmalloc+0xb7/0xc0 [ 20.707415] __kmalloc_cache_noprof+0x189/0x420 [ 20.707840] kasan_atomics+0x95/0x310 [ 20.708215] kunit_try_run_case+0x1a5/0x480 [ 20.708558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.708977] kthread+0x337/0x6f0 [ 20.709316] ret_from_fork+0x116/0x1d0 [ 20.709510] ret_from_fork_asm+0x1a/0x30 [ 20.709734] [ 20.709856] The buggy address belongs to the object at ffff888102b66500 [ 20.709856] which belongs to the cache kmalloc-64 of size 64 [ 20.710792] The buggy address is located 0 bytes to the right of [ 20.710792] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.711622] [ 20.711775] The buggy address belongs to the physical page: [ 20.712007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.712450] flags: 0x200000000000000(node=0|zone=2) [ 20.712933] page_type: f5(slab) [ 20.713266] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.713976] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.714600] page dumped because: kasan: bad access detected [ 20.714981] [ 20.715178] Memory state around the buggy address: [ 20.715464] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.715787] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.716252] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.716877] ^ [ 20.717274] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.717705] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.717975] ================================================================== [ 20.659230] ================================================================== [ 20.659736] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 20.660378] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.660752] [ 20.661028] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.661173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.661203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.661251] Call Trace: [ 20.661305] <TASK> [ 20.661347] dump_stack_lvl+0x73/0xb0 [ 20.661414] print_report+0xd1/0x650 [ 20.661467] ? __virt_addr_valid+0x1db/0x2d0 [ 20.661548] ? kasan_atomics_helper+0x1079/0x5450 [ 20.661586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.662104] ? kasan_atomics_helper+0x1079/0x5450 [ 20.662166] kasan_report+0x141/0x180 [ 20.662273] ? kasan_atomics_helper+0x1079/0x5450 [ 20.662361] kasan_check_range+0x10c/0x1c0 [ 20.662410] __kasan_check_write+0x18/0x20 [ 20.662454] kasan_atomics_helper+0x1079/0x5450 [ 20.662505] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.662560] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.662611] ? kasan_atomics+0x152/0x310 [ 20.662709] kasan_atomics+0x1dc/0x310 [ 20.662760] ? __pfx_kasan_atomics+0x10/0x10 [ 20.662790] ? __pfx_read_tsc+0x10/0x10 [ 20.662815] ? ktime_get_ts64+0x86/0x230 [ 20.662843] kunit_try_run_case+0x1a5/0x480 [ 20.662871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.662896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.662922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.662947] ? __kthread_parkme+0x82/0x180 [ 20.662971] ? preempt_count_sub+0x50/0x80 [ 20.663009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.663039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.663065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.663091] kthread+0x337/0x6f0 [ 20.663113] ? trace_preempt_on+0x20/0xc0 [ 20.663141] ? __pfx_kthread+0x10/0x10 [ 20.663164] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.663187] ? calculate_sigpending+0x7b/0xa0 [ 20.663216] ? __pfx_kthread+0x10/0x10 [ 20.663240] ret_from_fork+0x116/0x1d0 [ 20.663282] ? __pfx_kthread+0x10/0x10 [ 20.663311] ret_from_fork_asm+0x1a/0x30 [ 20.663345] </TASK> [ 20.663360] [ 20.675178] Allocated by task 282: [ 20.675412] kasan_save_stack+0x45/0x70 [ 20.675741] kasan_save_track+0x18/0x40 [ 20.676211] kasan_save_alloc_info+0x3b/0x50 [ 20.676595] __kasan_kmalloc+0xb7/0xc0 [ 20.677095] __kmalloc_cache_noprof+0x189/0x420 [ 20.677495] kasan_atomics+0x95/0x310 [ 20.677947] kunit_try_run_case+0x1a5/0x480 [ 20.678379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.678937] kthread+0x337/0x6f0 [ 20.679169] ret_from_fork+0x116/0x1d0 [ 20.679535] ret_from_fork_asm+0x1a/0x30 [ 20.679976] [ 20.680176] The buggy address belongs to the object at ffff888102b66500 [ 20.680176] which belongs to the cache kmalloc-64 of size 64 [ 20.680610] The buggy address is located 0 bytes to the right of [ 20.680610] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.681296] [ 20.681507] The buggy address belongs to the physical page: [ 20.682110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.682770] flags: 0x200000000000000(node=0|zone=2) [ 20.683310] page_type: f5(slab) [ 20.683713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.684310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.684924] page dumped because: kasan: bad access detected [ 20.685158] [ 20.685346] Memory state around the buggy address: [ 20.685885] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.686492] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.686918] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.687277] ^ [ 20.687656] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.688755] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.689273] ================================================================== [ 20.248627] ================================================================== [ 20.249079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 20.250725] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.251156] [ 20.251338] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.251406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.251425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.251452] Call Trace: [ 20.251476] <TASK> [ 20.251511] dump_stack_lvl+0x73/0xb0 [ 20.251572] print_report+0xd1/0x650 [ 20.251621] ? __virt_addr_valid+0x1db/0x2d0 [ 20.251666] ? kasan_atomics_helper+0x8f9/0x5450 [ 20.251729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.251772] ? kasan_atomics_helper+0x8f9/0x5450 [ 20.251814] kasan_report+0x141/0x180 [ 20.251861] ? kasan_atomics_helper+0x8f9/0x5450 [ 20.251916] kasan_check_range+0x10c/0x1c0 [ 20.251963] __kasan_check_write+0x18/0x20 [ 20.252003] kasan_atomics_helper+0x8f9/0x5450 [ 20.252048] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.252087] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.252127] ? kasan_atomics+0x152/0x310 [ 20.252182] kasan_atomics+0x1dc/0x310 [ 20.252232] ? __pfx_kasan_atomics+0x10/0x10 [ 20.252302] ? __pfx_read_tsc+0x10/0x10 [ 20.252339] ? ktime_get_ts64+0x86/0x230 [ 20.252368] kunit_try_run_case+0x1a5/0x480 [ 20.252398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.252423] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.252449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.252474] ? __kthread_parkme+0x82/0x180 [ 20.252499] ? preempt_count_sub+0x50/0x80 [ 20.252525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.252551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.252576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.252602] kthread+0x337/0x6f0 [ 20.252624] ? trace_preempt_on+0x20/0xc0 [ 20.252651] ? __pfx_kthread+0x10/0x10 [ 20.252686] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.252719] ? calculate_sigpending+0x7b/0xa0 [ 20.252746] ? __pfx_kthread+0x10/0x10 [ 20.252770] ret_from_fork+0x116/0x1d0 [ 20.252791] ? __pfx_kthread+0x10/0x10 [ 20.252815] ret_from_fork_asm+0x1a/0x30 [ 20.252848] </TASK> [ 20.252861] [ 20.263249] Allocated by task 282: [ 20.263493] kasan_save_stack+0x45/0x70 [ 20.263898] kasan_save_track+0x18/0x40 [ 20.264099] kasan_save_alloc_info+0x3b/0x50 [ 20.264311] __kasan_kmalloc+0xb7/0xc0 [ 20.264497] __kmalloc_cache_noprof+0x189/0x420 [ 20.264698] kasan_atomics+0x95/0x310 [ 20.265006] kunit_try_run_case+0x1a5/0x480 [ 20.265396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.265841] kthread+0x337/0x6f0 [ 20.267796] ret_from_fork+0x116/0x1d0 [ 20.268187] ret_from_fork_asm+0x1a/0x30 [ 20.268561] [ 20.268772] The buggy address belongs to the object at ffff888102b66500 [ 20.268772] which belongs to the cache kmalloc-64 of size 64 [ 20.269198] The buggy address is located 0 bytes to the right of [ 20.269198] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.269651] [ 20.270696] The buggy address belongs to the physical page: [ 20.271503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.271991] flags: 0x200000000000000(node=0|zone=2) [ 20.272384] page_type: f5(slab) [ 20.272569] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.273071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.273573] page dumped because: kasan: bad access detected [ 20.273809] [ 20.273995] Memory state around the buggy address: [ 20.274349] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.274807] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.275386] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.275686] ^ [ 20.276083] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.276814] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.277127] ================================================================== [ 21.459483] ================================================================== [ 21.460126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 21.460555] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.461055] [ 21.461295] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.461405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.461435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.461482] Call Trace: [ 21.461525] <TASK> [ 21.461571] dump_stack_lvl+0x73/0xb0 [ 21.461641] print_report+0xd1/0x650 [ 21.461734] ? __virt_addr_valid+0x1db/0x2d0 [ 21.461788] ? kasan_atomics_helper+0x1e12/0x5450 [ 21.461838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.461890] ? kasan_atomics_helper+0x1e12/0x5450 [ 21.461937] kasan_report+0x141/0x180 [ 21.461984] ? kasan_atomics_helper+0x1e12/0x5450 [ 21.462041] kasan_check_range+0x10c/0x1c0 [ 21.462088] __kasan_check_write+0x18/0x20 [ 21.462129] kasan_atomics_helper+0x1e12/0x5450 [ 21.462176] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.462220] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.462274] ? kasan_atomics+0x152/0x310 [ 21.462337] kasan_atomics+0x1dc/0x310 [ 21.462390] ? __pfx_kasan_atomics+0x10/0x10 [ 21.462446] ? __pfx_read_tsc+0x10/0x10 [ 21.462496] ? ktime_get_ts64+0x86/0x230 [ 21.462553] kunit_try_run_case+0x1a5/0x480 [ 21.462610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.462686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.462744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.462797] ? __kthread_parkme+0x82/0x180 [ 21.462846] ? preempt_count_sub+0x50/0x80 [ 21.462902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.462956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.463022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.463076] kthread+0x337/0x6f0 [ 21.463118] ? trace_preempt_on+0x20/0xc0 [ 21.463167] ? __pfx_kthread+0x10/0x10 [ 21.463203] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.463241] ? calculate_sigpending+0x7b/0xa0 [ 21.463300] ? __pfx_kthread+0x10/0x10 [ 21.463344] ret_from_fork+0x116/0x1d0 [ 21.463382] ? __pfx_kthread+0x10/0x10 [ 21.463421] ret_from_fork_asm+0x1a/0x30 [ 21.463487] </TASK> [ 21.463515] [ 21.473694] Allocated by task 282: [ 21.473999] kasan_save_stack+0x45/0x70 [ 21.474374] kasan_save_track+0x18/0x40 [ 21.474724] kasan_save_alloc_info+0x3b/0x50 [ 21.475070] __kasan_kmalloc+0xb7/0xc0 [ 21.475410] __kmalloc_cache_noprof+0x189/0x420 [ 21.475705] kasan_atomics+0x95/0x310 [ 21.476043] kunit_try_run_case+0x1a5/0x480 [ 21.476375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.476749] kthread+0x337/0x6f0 [ 21.477046] ret_from_fork+0x116/0x1d0 [ 21.477308] ret_from_fork_asm+0x1a/0x30 [ 21.477545] [ 21.477738] The buggy address belongs to the object at ffff888102b66500 [ 21.477738] which belongs to the cache kmalloc-64 of size 64 [ 21.478341] The buggy address is located 0 bytes to the right of [ 21.478341] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.479019] [ 21.479147] The buggy address belongs to the physical page: [ 21.479567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.479997] flags: 0x200000000000000(node=0|zone=2) [ 21.480235] page_type: f5(slab) [ 21.480448] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.480776] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.481059] page dumped because: kasan: bad access detected [ 21.481291] [ 21.481471] Memory state around the buggy address: [ 21.481894] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.482456] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.483021] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.483575] ^ [ 21.484006] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.484560] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.485101] ================================================================== [ 20.279014] ================================================================== [ 20.279664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 20.280479] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.280890] [ 20.281580] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.281708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.281738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.281782] Call Trace: [ 20.281822] <TASK> [ 20.281864] dump_stack_lvl+0x73/0xb0 [ 20.281925] print_report+0xd1/0x650 [ 20.281954] ? __virt_addr_valid+0x1db/0x2d0 [ 20.281981] ? kasan_atomics_helper+0x992/0x5450 [ 20.282006] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.282032] ? kasan_atomics_helper+0x992/0x5450 [ 20.282056] kasan_report+0x141/0x180 [ 20.282081] ? kasan_atomics_helper+0x992/0x5450 [ 20.282110] kasan_check_range+0x10c/0x1c0 [ 20.282137] __kasan_check_write+0x18/0x20 [ 20.282159] kasan_atomics_helper+0x992/0x5450 [ 20.282184] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.282211] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.282236] ? kasan_atomics+0x152/0x310 [ 20.282288] kasan_atomics+0x1dc/0x310 [ 20.282318] ? __pfx_kasan_atomics+0x10/0x10 [ 20.282345] ? __pfx_read_tsc+0x10/0x10 [ 20.282370] ? ktime_get_ts64+0x86/0x230 [ 20.282397] kunit_try_run_case+0x1a5/0x480 [ 20.282425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.282450] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.282476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.282501] ? __kthread_parkme+0x82/0x180 [ 20.282525] ? preempt_count_sub+0x50/0x80 [ 20.282551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.282577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.282603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.282629] kthread+0x337/0x6f0 [ 20.282651] ? trace_preempt_on+0x20/0xc0 [ 20.282678] ? __pfx_kthread+0x10/0x10 [ 20.282701] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.282725] ? calculate_sigpending+0x7b/0xa0 [ 20.282753] ? __pfx_kthread+0x10/0x10 [ 20.282777] ret_from_fork+0x116/0x1d0 [ 20.282798] ? __pfx_kthread+0x10/0x10 [ 20.282821] ret_from_fork_asm+0x1a/0x30 [ 20.282854] </TASK> [ 20.282869] [ 20.293598] Allocated by task 282: [ 20.293941] kasan_save_stack+0x45/0x70 [ 20.294323] kasan_save_track+0x18/0x40 [ 20.294672] kasan_save_alloc_info+0x3b/0x50 [ 20.295038] __kasan_kmalloc+0xb7/0xc0 [ 20.295379] __kmalloc_cache_noprof+0x189/0x420 [ 20.295710] kasan_atomics+0x95/0x310 [ 20.295971] kunit_try_run_case+0x1a5/0x480 [ 20.296333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.296573] kthread+0x337/0x6f0 [ 20.296829] ret_from_fork+0x116/0x1d0 [ 20.297186] ret_from_fork_asm+0x1a/0x30 [ 20.297541] [ 20.297759] The buggy address belongs to the object at ffff888102b66500 [ 20.297759] which belongs to the cache kmalloc-64 of size 64 [ 20.298504] The buggy address is located 0 bytes to the right of [ 20.298504] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.299311] [ 20.299505] The buggy address belongs to the physical page: [ 20.299860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.300382] flags: 0x200000000000000(node=0|zone=2) [ 20.300832] page_type: f5(slab) [ 20.301205] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.301639] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.302173] page dumped because: kasan: bad access detected [ 20.302529] [ 20.302750] Memory state around the buggy address: [ 20.303306] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.303737] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.304230] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.304704] ^ [ 20.305033] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.305483] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.306180] ================================================================== [ 20.402822] ================================================================== [ 20.404155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 20.404681] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.405218] [ 20.405455] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.405552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.405576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.405613] Call Trace: [ 20.405649] <TASK> [ 20.405686] dump_stack_lvl+0x73/0xb0 [ 20.405738] print_report+0xd1/0x650 [ 20.405780] ? __virt_addr_valid+0x1db/0x2d0 [ 20.405818] ? kasan_atomics_helper+0xc70/0x5450 [ 20.405855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.405891] ? kasan_atomics_helper+0xc70/0x5450 [ 20.405932] kasan_report+0x141/0x180 [ 20.405970] ? kasan_atomics_helper+0xc70/0x5450 [ 20.406016] kasan_check_range+0x10c/0x1c0 [ 20.406054] __kasan_check_write+0x18/0x20 [ 20.406086] kasan_atomics_helper+0xc70/0x5450 [ 20.406120] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.406156] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.406192] ? kasan_atomics+0x152/0x310 [ 20.406239] kasan_atomics+0x1dc/0x310 [ 20.406302] ? __pfx_kasan_atomics+0x10/0x10 [ 20.406353] ? __pfx_read_tsc+0x10/0x10 [ 20.406901] ? ktime_get_ts64+0x86/0x230 [ 20.406941] kunit_try_run_case+0x1a5/0x480 [ 20.406972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.407010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.407041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.407069] ? __kthread_parkme+0x82/0x180 [ 20.407093] ? preempt_count_sub+0x50/0x80 [ 20.407120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.407147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.407172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.407198] kthread+0x337/0x6f0 [ 20.407220] ? trace_preempt_on+0x20/0xc0 [ 20.407248] ? __pfx_kthread+0x10/0x10 [ 20.407295] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.407320] ? calculate_sigpending+0x7b/0xa0 [ 20.407348] ? __pfx_kthread+0x10/0x10 [ 20.407372] ret_from_fork+0x116/0x1d0 [ 20.407394] ? __pfx_kthread+0x10/0x10 [ 20.407419] ret_from_fork_asm+0x1a/0x30 [ 20.407452] </TASK> [ 20.407467] [ 20.421102] Allocated by task 282: [ 20.421528] kasan_save_stack+0x45/0x70 [ 20.421971] kasan_save_track+0x18/0x40 [ 20.422166] kasan_save_alloc_info+0x3b/0x50 [ 20.422377] __kasan_kmalloc+0xb7/0xc0 [ 20.422583] __kmalloc_cache_noprof+0x189/0x420 [ 20.423724] kasan_atomics+0x95/0x310 [ 20.423947] kunit_try_run_case+0x1a5/0x480 [ 20.424119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.424459] kthread+0x337/0x6f0 [ 20.424754] ret_from_fork+0x116/0x1d0 [ 20.425572] ret_from_fork_asm+0x1a/0x30 [ 20.426028] [ 20.426134] The buggy address belongs to the object at ffff888102b66500 [ 20.426134] which belongs to the cache kmalloc-64 of size 64 [ 20.427221] The buggy address is located 0 bytes to the right of [ 20.427221] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.428242] [ 20.428466] The buggy address belongs to the physical page: [ 20.428857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.429230] flags: 0x200000000000000(node=0|zone=2) [ 20.429580] page_type: f5(slab) [ 20.429848] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.430763] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.431355] page dumped because: kasan: bad access detected [ 20.431811] [ 20.431999] Memory state around the buggy address: [ 20.432541] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.433137] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.433746] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.434285] ^ [ 20.434668] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.435329] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.435881] ================================================================== [ 21.626602] ================================================================== [ 21.627596] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 21.628238] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.628820] [ 21.628986] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.629095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.629126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.629171] Call Trace: [ 21.629212] <TASK> [ 21.629254] dump_stack_lvl+0x73/0xb0 [ 21.629334] print_report+0xd1/0x650 [ 21.629388] ? __virt_addr_valid+0x1db/0x2d0 [ 21.629441] ? kasan_atomics_helper+0x20c8/0x5450 [ 21.629491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.629539] ? kasan_atomics_helper+0x20c8/0x5450 [ 21.629582] kasan_report+0x141/0x180 [ 21.629624] ? kasan_atomics_helper+0x20c8/0x5450 [ 21.629709] kasan_check_range+0x10c/0x1c0 [ 21.629765] __kasan_check_write+0x18/0x20 [ 21.629811] kasan_atomics_helper+0x20c8/0x5450 [ 21.629861] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.629904] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.629943] ? kasan_atomics+0x152/0x310 [ 21.629995] kasan_atomics+0x1dc/0x310 [ 21.630041] ? __pfx_kasan_atomics+0x10/0x10 [ 21.630082] ? __pfx_read_tsc+0x10/0x10 [ 21.630128] ? ktime_get_ts64+0x86/0x230 [ 21.630184] kunit_try_run_case+0x1a5/0x480 [ 21.630240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.630304] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.630358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.630410] ? __kthread_parkme+0x82/0x180 [ 21.630461] ? preempt_count_sub+0x50/0x80 [ 21.630517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.630572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.630627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.630714] kthread+0x337/0x6f0 [ 21.630762] ? trace_preempt_on+0x20/0xc0 [ 21.630817] ? __pfx_kthread+0x10/0x10 [ 21.630865] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.630913] ? calculate_sigpending+0x7b/0xa0 [ 21.630963] ? __pfx_kthread+0x10/0x10 [ 21.631023] ret_from_fork+0x116/0x1d0 [ 21.631068] ? __pfx_kthread+0x10/0x10 [ 21.631118] ret_from_fork_asm+0x1a/0x30 [ 21.631189] </TASK> [ 21.631217] [ 21.640950] Allocated by task 282: [ 21.641164] kasan_save_stack+0x45/0x70 [ 21.641543] kasan_save_track+0x18/0x40 [ 21.641925] kasan_save_alloc_info+0x3b/0x50 [ 21.642295] __kasan_kmalloc+0xb7/0xc0 [ 21.642618] __kmalloc_cache_noprof+0x189/0x420 [ 21.643040] kasan_atomics+0x95/0x310 [ 21.643368] kunit_try_run_case+0x1a5/0x480 [ 21.643740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.644020] kthread+0x337/0x6f0 [ 21.644314] ret_from_fork+0x116/0x1d0 [ 21.644570] ret_from_fork_asm+0x1a/0x30 [ 21.644812] [ 21.644938] The buggy address belongs to the object at ffff888102b66500 [ 21.644938] which belongs to the cache kmalloc-64 of size 64 [ 21.645502] The buggy address is located 0 bytes to the right of [ 21.645502] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.646402] [ 21.646593] The buggy address belongs to the physical page: [ 21.648674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.649719] flags: 0x200000000000000(node=0|zone=2) [ 21.650137] page_type: f5(slab) [ 21.650456] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.651349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.652569] page dumped because: kasan: bad access detected [ 21.653059] [ 21.653240] Memory state around the buggy address: [ 21.653581] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.654309] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.654913] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.655520] ^ [ 21.655895] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.656337] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.656927] ================================================================== [ 20.209623] ================================================================== [ 20.209955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 20.210572] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.211711] [ 20.211921] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.212029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.212055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.212599] Call Trace: [ 20.212651] <TASK> [ 20.212708] dump_stack_lvl+0x73/0xb0 [ 20.212815] print_report+0xd1/0x650 [ 20.212868] ? __virt_addr_valid+0x1db/0x2d0 [ 20.212959] ? kasan_atomics_helper+0x860/0x5450 [ 20.213033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.213098] ? kasan_atomics_helper+0x860/0x5450 [ 20.213146] kasan_report+0x141/0x180 [ 20.213188] ? kasan_atomics_helper+0x860/0x5450 [ 20.213233] kasan_check_range+0x10c/0x1c0 [ 20.213291] __kasan_check_write+0x18/0x20 [ 20.213329] kasan_atomics_helper+0x860/0x5450 [ 20.213371] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.213396] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.213421] ? kasan_atomics+0x152/0x310 [ 20.213451] kasan_atomics+0x1dc/0x310 [ 20.213477] ? __pfx_kasan_atomics+0x10/0x10 [ 20.213504] ? __pfx_read_tsc+0x10/0x10 [ 20.213529] ? ktime_get_ts64+0x86/0x230 [ 20.213556] kunit_try_run_case+0x1a5/0x480 [ 20.213584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.213610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.213636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.213678] ? __kthread_parkme+0x82/0x180 [ 20.213729] ? preempt_count_sub+0x50/0x80 [ 20.213756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.213783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.213808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.213834] kthread+0x337/0x6f0 [ 20.213857] ? trace_preempt_on+0x20/0xc0 [ 20.213883] ? __pfx_kthread+0x10/0x10 [ 20.213910] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.213933] ? calculate_sigpending+0x7b/0xa0 [ 20.213960] ? __pfx_kthread+0x10/0x10 [ 20.213984] ret_from_fork+0x116/0x1d0 [ 20.214005] ? __pfx_kthread+0x10/0x10 [ 20.214028] ret_from_fork_asm+0x1a/0x30 [ 20.214095] </TASK> [ 20.214119] [ 20.229806] Allocated by task 282: [ 20.230248] kasan_save_stack+0x45/0x70 [ 20.231146] kasan_save_track+0x18/0x40 [ 20.231603] kasan_save_alloc_info+0x3b/0x50 [ 20.231994] __kasan_kmalloc+0xb7/0xc0 [ 20.232529] __kmalloc_cache_noprof+0x189/0x420 [ 20.233080] kasan_atomics+0x95/0x310 [ 20.233625] kunit_try_run_case+0x1a5/0x480 [ 20.234169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.234658] kthread+0x337/0x6f0 [ 20.235156] ret_from_fork+0x116/0x1d0 [ 20.235406] ret_from_fork_asm+0x1a/0x30 [ 20.236112] [ 20.236492] The buggy address belongs to the object at ffff888102b66500 [ 20.236492] which belongs to the cache kmalloc-64 of size 64 [ 20.237429] The buggy address is located 0 bytes to the right of [ 20.237429] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.237974] [ 20.238560] The buggy address belongs to the physical page: [ 20.239487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.240016] flags: 0x200000000000000(node=0|zone=2) [ 20.240343] page_type: f5(slab) [ 20.240962] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.241433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.241686] page dumped because: kasan: bad access detected [ 20.242235] [ 20.242441] Memory state around the buggy address: [ 20.243506] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.243902] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.244557] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.245135] ^ [ 20.245519] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.246762] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.247239] ================================================================== [ 20.719044] ================================================================== [ 20.720279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 20.720978] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.721593] [ 20.721888] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.722052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.722085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.722132] Call Trace: [ 20.722173] <TASK> [ 20.722217] dump_stack_lvl+0x73/0xb0 [ 20.722295] print_report+0xd1/0x650 [ 20.722352] ? __virt_addr_valid+0x1db/0x2d0 [ 20.722399] ? kasan_atomics_helper+0x1148/0x5450 [ 20.722445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.722525] ? kasan_atomics_helper+0x1148/0x5450 [ 20.722594] kasan_report+0x141/0x180 [ 20.722646] ? kasan_atomics_helper+0x1148/0x5450 [ 20.722712] kasan_check_range+0x10c/0x1c0 [ 20.722756] __kasan_check_write+0x18/0x20 [ 20.722798] kasan_atomics_helper+0x1148/0x5450 [ 20.722846] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.722932] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.723032] ? kasan_atomics+0x152/0x310 [ 20.723107] kasan_atomics+0x1dc/0x310 [ 20.723161] ? __pfx_kasan_atomics+0x10/0x10 [ 20.723217] ? __pfx_read_tsc+0x10/0x10 [ 20.723269] ? ktime_get_ts64+0x86/0x230 [ 20.723319] kunit_try_run_case+0x1a5/0x480 [ 20.723358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.723385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.723412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.723438] ? __kthread_parkme+0x82/0x180 [ 20.723462] ? preempt_count_sub+0x50/0x80 [ 20.723489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.723515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.723544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.723571] kthread+0x337/0x6f0 [ 20.723592] ? trace_preempt_on+0x20/0xc0 [ 20.723619] ? __pfx_kthread+0x10/0x10 [ 20.723643] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.723674] ? calculate_sigpending+0x7b/0xa0 [ 20.723731] ? __pfx_kthread+0x10/0x10 [ 20.723756] ret_from_fork+0x116/0x1d0 [ 20.723778] ? __pfx_kthread+0x10/0x10 [ 20.723801] ret_from_fork_asm+0x1a/0x30 [ 20.723835] </TASK> [ 20.723849] [ 20.734594] Allocated by task 282: [ 20.734805] kasan_save_stack+0x45/0x70 [ 20.735166] kasan_save_track+0x18/0x40 [ 20.735531] kasan_save_alloc_info+0x3b/0x50 [ 20.735884] __kasan_kmalloc+0xb7/0xc0 [ 20.736344] __kmalloc_cache_noprof+0x189/0x420 [ 20.736741] kasan_atomics+0x95/0x310 [ 20.737080] kunit_try_run_case+0x1a5/0x480 [ 20.737475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.737710] kthread+0x337/0x6f0 [ 20.737859] ret_from_fork+0x116/0x1d0 [ 20.738012] ret_from_fork_asm+0x1a/0x30 [ 20.738179] [ 20.738296] The buggy address belongs to the object at ffff888102b66500 [ 20.738296] which belongs to the cache kmalloc-64 of size 64 [ 20.738682] The buggy address is located 0 bytes to the right of [ 20.738682] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.739076] [ 20.739182] The buggy address belongs to the physical page: [ 20.739417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.739724] flags: 0x200000000000000(node=0|zone=2) [ 20.739949] page_type: f5(slab) [ 20.740138] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.740606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.741418] page dumped because: kasan: bad access detected [ 20.741635] [ 20.741743] Memory state around the buggy address: [ 20.741957] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.742222] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.742781] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.743475] ^ [ 20.743862] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.744109] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.744369] ================================================================== [ 21.282923] ================================================================== [ 21.283394] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 21.283962] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.284515] [ 21.284732] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.284862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.284894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.284942] Call Trace: [ 21.284987] <TASK> [ 21.285026] dump_stack_lvl+0x73/0xb0 [ 21.285090] print_report+0xd1/0x650 [ 21.285136] ? __virt_addr_valid+0x1db/0x2d0 [ 21.285187] ? kasan_atomics_helper+0x1a7f/0x5450 [ 21.285236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.285303] ? kasan_atomics_helper+0x1a7f/0x5450 [ 21.285357] kasan_report+0x141/0x180 [ 21.285409] ? kasan_atomics_helper+0x1a7f/0x5450 [ 21.285471] kasan_check_range+0x10c/0x1c0 [ 21.285521] __kasan_check_write+0x18/0x20 [ 21.285560] kasan_atomics_helper+0x1a7f/0x5450 [ 21.285604] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.285643] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.285708] ? kasan_atomics+0x152/0x310 [ 21.285764] kasan_atomics+0x1dc/0x310 [ 21.285808] ? __pfx_kasan_atomics+0x10/0x10 [ 21.285856] ? __pfx_read_tsc+0x10/0x10 [ 21.285899] ? ktime_get_ts64+0x86/0x230 [ 21.285948] kunit_try_run_case+0x1a5/0x480 [ 21.286004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.286053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.286106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.286151] ? __kthread_parkme+0x82/0x180 [ 21.286198] ? preempt_count_sub+0x50/0x80 [ 21.286251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.286320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.286368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.286414] kthread+0x337/0x6f0 [ 21.286448] ? trace_preempt_on+0x20/0xc0 [ 21.286495] ? __pfx_kthread+0x10/0x10 [ 21.286537] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.286583] ? calculate_sigpending+0x7b/0xa0 [ 21.286636] ? __pfx_kthread+0x10/0x10 [ 21.286680] ret_from_fork+0x116/0x1d0 [ 21.286721] ? __pfx_kthread+0x10/0x10 [ 21.286770] ret_from_fork_asm+0x1a/0x30 [ 21.286842] </TASK> [ 21.286871] [ 21.296760] Allocated by task 282: [ 21.297003] kasan_save_stack+0x45/0x70 [ 21.297242] kasan_save_track+0x18/0x40 [ 21.297578] kasan_save_alloc_info+0x3b/0x50 [ 21.297956] __kasan_kmalloc+0xb7/0xc0 [ 21.298300] __kmalloc_cache_noprof+0x189/0x420 [ 21.298851] kasan_atomics+0x95/0x310 [ 21.299210] kunit_try_run_case+0x1a5/0x480 [ 21.299601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.300049] kthread+0x337/0x6f0 [ 21.300379] ret_from_fork+0x116/0x1d0 [ 21.302212] ret_from_fork_asm+0x1a/0x30 [ 21.302633] [ 21.302850] The buggy address belongs to the object at ffff888102b66500 [ 21.302850] which belongs to the cache kmalloc-64 of size 64 [ 21.303409] The buggy address is located 0 bytes to the right of [ 21.303409] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.304881] [ 21.305135] The buggy address belongs to the physical page: [ 21.305543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.306422] flags: 0x200000000000000(node=0|zone=2) [ 21.306975] page_type: f5(slab) [ 21.307611] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.308067] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.308361] page dumped because: kasan: bad access detected [ 21.308651] [ 21.309340] Memory state around the buggy address: [ 21.309755] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.310134] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.310546] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.310825] ^ [ 21.311240] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.311623] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.312098] ================================================================== [ 21.569846] ================================================================== [ 21.570363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 21.570832] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.571254] [ 21.571444] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.571560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.571592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.571641] Call Trace: [ 21.571727] <TASK> [ 21.571776] dump_stack_lvl+0x73/0xb0 [ 21.571844] print_report+0xd1/0x650 [ 21.571899] ? __virt_addr_valid+0x1db/0x2d0 [ 21.571952] ? kasan_atomics_helper+0x2006/0x5450 [ 21.572003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.572054] ? kasan_atomics_helper+0x2006/0x5450 [ 21.572104] kasan_report+0x141/0x180 [ 21.572147] ? kasan_atomics_helper+0x2006/0x5450 [ 21.572197] kasan_check_range+0x10c/0x1c0 [ 21.572245] __kasan_check_write+0x18/0x20 [ 21.572301] kasan_atomics_helper+0x2006/0x5450 [ 21.572352] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.572405] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.572455] ? kasan_atomics+0x152/0x310 [ 21.572516] kasan_atomics+0x1dc/0x310 [ 21.572569] ? __pfx_kasan_atomics+0x10/0x10 [ 21.572624] ? __pfx_read_tsc+0x10/0x10 [ 21.572702] ? ktime_get_ts64+0x86/0x230 [ 21.572754] kunit_try_run_case+0x1a5/0x480 [ 21.572811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.572863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.572915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.572966] ? __kthread_parkme+0x82/0x180 [ 21.573017] ? preempt_count_sub+0x50/0x80 [ 21.573071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.573125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.573179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.573232] kthread+0x337/0x6f0 [ 21.573290] ? trace_preempt_on+0x20/0xc0 [ 21.573342] ? __pfx_kthread+0x10/0x10 [ 21.573383] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.573421] ? calculate_sigpending+0x7b/0xa0 [ 21.573461] ? __pfx_kthread+0x10/0x10 [ 21.573501] ret_from_fork+0x116/0x1d0 [ 21.573540] ? __pfx_kthread+0x10/0x10 [ 21.573585] ret_from_fork_asm+0x1a/0x30 [ 21.573642] </TASK> [ 21.573698] [ 21.583633] Allocated by task 282: [ 21.584000] kasan_save_stack+0x45/0x70 [ 21.584383] kasan_save_track+0x18/0x40 [ 21.584749] kasan_save_alloc_info+0x3b/0x50 [ 21.585115] __kasan_kmalloc+0xb7/0xc0 [ 21.585428] __kmalloc_cache_noprof+0x189/0x420 [ 21.585819] kasan_atomics+0x95/0x310 [ 21.586142] kunit_try_run_case+0x1a5/0x480 [ 21.586436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.586821] kthread+0x337/0x6f0 [ 21.587022] ret_from_fork+0x116/0x1d0 [ 21.587216] ret_from_fork_asm+0x1a/0x30 [ 21.587430] [ 21.587553] The buggy address belongs to the object at ffff888102b66500 [ 21.587553] which belongs to the cache kmalloc-64 of size 64 [ 21.588399] The buggy address is located 0 bytes to the right of [ 21.588399] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.589306] [ 21.589485] The buggy address belongs to the physical page: [ 21.589922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.590401] flags: 0x200000000000000(node=0|zone=2) [ 21.590636] page_type: f5(slab) [ 21.590860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.591162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.591719] page dumped because: kasan: bad access detected [ 21.592136] [ 21.592315] Memory state around the buggy address: [ 21.592751] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.593300] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.593861] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.594344] ^ [ 21.594555] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.594867] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.595150] ================================================================== [ 21.486389] ================================================================== [ 21.487007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 21.487602] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.487918] [ 21.488138] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.488237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.488274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.488324] Call Trace: [ 21.488368] <TASK> [ 21.488412] dump_stack_lvl+0x73/0xb0 [ 21.488476] print_report+0xd1/0x650 [ 21.488526] ? __virt_addr_valid+0x1db/0x2d0 [ 21.488573] ? kasan_atomics_helper+0x1eaa/0x5450 [ 21.488613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.488648] ? kasan_atomics_helper+0x1eaa/0x5450 [ 21.488726] kasan_report+0x141/0x180 [ 21.488762] ? kasan_atomics_helper+0x1eaa/0x5450 [ 21.488802] kasan_check_range+0x10c/0x1c0 [ 21.488839] __kasan_check_write+0x18/0x20 [ 21.488893] kasan_atomics_helper+0x1eaa/0x5450 [ 21.488934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.488968] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.489005] ? kasan_atomics+0x152/0x310 [ 21.489070] kasan_atomics+0x1dc/0x310 [ 21.489116] ? __pfx_kasan_atomics+0x10/0x10 [ 21.489167] ? __pfx_read_tsc+0x10/0x10 [ 21.489210] ? ktime_get_ts64+0x86/0x230 [ 21.489253] kunit_try_run_case+0x1a5/0x480 [ 21.489332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.489375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.489417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.489459] ? __kthread_parkme+0x82/0x180 [ 21.489501] ? preempt_count_sub+0x50/0x80 [ 21.489550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.489596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.489648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.490145] kthread+0x337/0x6f0 [ 21.490197] ? trace_preempt_on+0x20/0xc0 [ 21.490247] ? __pfx_kthread+0x10/0x10 [ 21.490305] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.490353] ? calculate_sigpending+0x7b/0xa0 [ 21.490403] ? __pfx_kthread+0x10/0x10 [ 21.490448] ret_from_fork+0x116/0x1d0 [ 21.490490] ? __pfx_kthread+0x10/0x10 [ 21.490530] ret_from_fork_asm+0x1a/0x30 [ 21.490592] </TASK> [ 21.490618] [ 21.501390] Allocated by task 282: [ 21.501786] kasan_save_stack+0x45/0x70 [ 21.502184] kasan_save_track+0x18/0x40 [ 21.502536] kasan_save_alloc_info+0x3b/0x50 [ 21.502933] __kasan_kmalloc+0xb7/0xc0 [ 21.503284] __kmalloc_cache_noprof+0x189/0x420 [ 21.503639] kasan_atomics+0x95/0x310 [ 21.504007] kunit_try_run_case+0x1a5/0x480 [ 21.504363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.504678] kthread+0x337/0x6f0 [ 21.504868] ret_from_fork+0x116/0x1d0 [ 21.505167] ret_from_fork_asm+0x1a/0x30 [ 21.505499] [ 21.505697] The buggy address belongs to the object at ffff888102b66500 [ 21.505697] which belongs to the cache kmalloc-64 of size 64 [ 21.506151] The buggy address is located 0 bytes to the right of [ 21.506151] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.507097] [ 21.507296] The buggy address belongs to the physical page: [ 21.507531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.507871] flags: 0x200000000000000(node=0|zone=2) [ 21.508106] page_type: f5(slab) [ 21.508303] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.508600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.509062] page dumped because: kasan: bad access detected [ 21.509456] [ 21.509618] Memory state around the buggy address: [ 21.510029] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.510585] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.511143] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.511695] ^ [ 21.512090] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.512540] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.512868] ================================================================== [ 20.807536] ================================================================== [ 20.807994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 20.808347] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.808957] [ 20.809236] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.809329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.809351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.809386] Call Trace: [ 20.809422] <TASK> [ 20.809455] dump_stack_lvl+0x73/0xb0 [ 20.809505] print_report+0xd1/0x650 [ 20.809539] ? __virt_addr_valid+0x1db/0x2d0 [ 20.809577] ? kasan_atomics_helper+0x49e8/0x5450 [ 20.809622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.809702] ? kasan_atomics_helper+0x49e8/0x5450 [ 20.809758] kasan_report+0x141/0x180 [ 20.809809] ? kasan_atomics_helper+0x49e8/0x5450 [ 20.809868] __asan_report_load4_noabort+0x18/0x20 [ 20.809916] kasan_atomics_helper+0x49e8/0x5450 [ 20.809967] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.810017] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.810069] ? kasan_atomics+0x152/0x310 [ 20.810119] kasan_atomics+0x1dc/0x310 [ 20.810159] ? __pfx_kasan_atomics+0x10/0x10 [ 20.810205] ? __pfx_read_tsc+0x10/0x10 [ 20.810247] ? ktime_get_ts64+0x86/0x230 [ 20.810310] kunit_try_run_case+0x1a5/0x480 [ 20.810350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.810388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.810432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.810478] ? __kthread_parkme+0x82/0x180 [ 20.810522] ? preempt_count_sub+0x50/0x80 [ 20.810581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.810636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.810722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.810767] kthread+0x337/0x6f0 [ 20.810808] ? trace_preempt_on+0x20/0xc0 [ 20.810855] ? __pfx_kthread+0x10/0x10 [ 20.810903] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.810952] ? calculate_sigpending+0x7b/0xa0 [ 20.811017] ? __pfx_kthread+0x10/0x10 [ 20.811072] ret_from_fork+0x116/0x1d0 [ 20.811116] ? __pfx_kthread+0x10/0x10 [ 20.811166] ret_from_fork_asm+0x1a/0x30 [ 20.811230] </TASK> [ 20.811255] [ 20.821499] Allocated by task 282: [ 20.821785] kasan_save_stack+0x45/0x70 [ 20.822480] kasan_save_track+0x18/0x40 [ 20.822811] kasan_save_alloc_info+0x3b/0x50 [ 20.823037] __kasan_kmalloc+0xb7/0xc0 [ 20.823230] __kmalloc_cache_noprof+0x189/0x420 [ 20.823453] kasan_atomics+0x95/0x310 [ 20.824023] kunit_try_run_case+0x1a5/0x480 [ 20.824436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.824911] kthread+0x337/0x6f0 [ 20.825211] ret_from_fork+0x116/0x1d0 [ 20.825549] ret_from_fork_asm+0x1a/0x30 [ 20.825922] [ 20.826103] The buggy address belongs to the object at ffff888102b66500 [ 20.826103] which belongs to the cache kmalloc-64 of size 64 [ 20.826798] The buggy address is located 0 bytes to the right of [ 20.826798] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.827694] [ 20.827860] The buggy address belongs to the physical page: [ 20.828144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.828696] flags: 0x200000000000000(node=0|zone=2) [ 20.829022] page_type: f5(slab) [ 20.829306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.829641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.829958] page dumped because: kasan: bad access detected [ 20.830179] [ 20.830310] Memory state around the buggy address: [ 20.830719] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.831279] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.831841] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.832367] ^ [ 20.832632] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.832947] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.833217] ================================================================== [ 20.945558] ================================================================== [ 20.947544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 20.948035] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.948351] [ 20.948515] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.948627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.948658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.948706] Call Trace: [ 20.948748] <TASK> [ 20.948793] dump_stack_lvl+0x73/0xb0 [ 20.948857] print_report+0xd1/0x650 [ 20.950626] ? __virt_addr_valid+0x1db/0x2d0 [ 20.950668] ? kasan_atomics_helper+0x1467/0x5450 [ 20.950707] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.950743] ? kasan_atomics_helper+0x1467/0x5450 [ 20.950778] kasan_report+0x141/0x180 [ 20.950818] ? kasan_atomics_helper+0x1467/0x5450 [ 20.950926] kasan_check_range+0x10c/0x1c0 [ 20.951022] __kasan_check_write+0x18/0x20 [ 20.951069] kasan_atomics_helper+0x1467/0x5450 [ 20.951113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.951151] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.951186] ? kasan_atomics+0x152/0x310 [ 20.951230] kasan_atomics+0x1dc/0x310 [ 20.951299] ? __pfx_kasan_atomics+0x10/0x10 [ 20.951341] ? __pfx_read_tsc+0x10/0x10 [ 20.951375] ? ktime_get_ts64+0x86/0x230 [ 20.951416] kunit_try_run_case+0x1a5/0x480 [ 20.951458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.951499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.951540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.951579] ? __kthread_parkme+0x82/0x180 [ 20.951615] ? preempt_count_sub+0x50/0x80 [ 20.951669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.951715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.951755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.951796] kthread+0x337/0x6f0 [ 20.951832] ? trace_preempt_on+0x20/0xc0 [ 20.951874] ? __pfx_kthread+0x10/0x10 [ 20.951915] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.951952] ? calculate_sigpending+0x7b/0xa0 [ 20.952001] ? __pfx_kthread+0x10/0x10 [ 20.952042] ret_from_fork+0x116/0x1d0 [ 20.952074] ? __pfx_kthread+0x10/0x10 [ 20.952111] ret_from_fork_asm+0x1a/0x30 [ 20.952170] </TASK> [ 20.952192] [ 20.966478] Allocated by task 282: [ 20.966867] kasan_save_stack+0x45/0x70 [ 20.967126] kasan_save_track+0x18/0x40 [ 20.967329] kasan_save_alloc_info+0x3b/0x50 [ 20.967767] __kasan_kmalloc+0xb7/0xc0 [ 20.968237] __kmalloc_cache_noprof+0x189/0x420 [ 20.968741] kasan_atomics+0x95/0x310 [ 20.969077] kunit_try_run_case+0x1a5/0x480 [ 20.969350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.969922] kthread+0x337/0x6f0 [ 20.970117] ret_from_fork+0x116/0x1d0 [ 20.970355] ret_from_fork_asm+0x1a/0x30 [ 20.970831] [ 20.971058] The buggy address belongs to the object at ffff888102b66500 [ 20.971058] which belongs to the cache kmalloc-64 of size 64 [ 20.971932] The buggy address is located 0 bytes to the right of [ 20.971932] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.972966] [ 20.973209] The buggy address belongs to the physical page: [ 20.973475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.974160] flags: 0x200000000000000(node=0|zone=2) [ 20.974613] page_type: f5(slab) [ 20.975038] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.975496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.975966] page dumped because: kasan: bad access detected [ 20.976518] [ 20.976738] Memory state around the buggy address: [ 20.977168] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.977652] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.978083] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.978633] ^ [ 20.979084] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.979528] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.980101] ================================================================== [ 20.467362] ================================================================== [ 20.468600] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 20.468989] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.469819] [ 20.470124] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.470250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.470296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.470347] Call Trace: [ 20.470393] <TASK> [ 20.470437] dump_stack_lvl+0x73/0xb0 [ 20.470508] print_report+0xd1/0x650 [ 20.470562] ? __virt_addr_valid+0x1db/0x2d0 [ 20.470615] ? kasan_atomics_helper+0xd47/0x5450 [ 20.470671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.470723] ? kasan_atomics_helper+0xd47/0x5450 [ 20.470775] kasan_report+0x141/0x180 [ 20.470828] ? kasan_atomics_helper+0xd47/0x5450 [ 20.470889] kasan_check_range+0x10c/0x1c0 [ 20.470945] __kasan_check_write+0x18/0x20 [ 20.470998] kasan_atomics_helper+0xd47/0x5450 [ 20.471054] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.471107] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.471154] ? kasan_atomics+0x152/0x310 [ 20.471201] kasan_atomics+0x1dc/0x310 [ 20.471232] ? __pfx_kasan_atomics+0x10/0x10 [ 20.471282] ? __pfx_read_tsc+0x10/0x10 [ 20.471312] ? ktime_get_ts64+0x86/0x230 [ 20.471345] kunit_try_run_case+0x1a5/0x480 [ 20.471388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.471431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.471475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.471516] ? __kthread_parkme+0x82/0x180 [ 20.471609] ? preempt_count_sub+0x50/0x80 [ 20.471675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.471745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.471794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.471859] kthread+0x337/0x6f0 [ 20.471912] ? trace_preempt_on+0x20/0xc0 [ 20.471968] ? __pfx_kthread+0x10/0x10 [ 20.472003] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.472028] ? calculate_sigpending+0x7b/0xa0 [ 20.472056] ? __pfx_kthread+0x10/0x10 [ 20.472081] ret_from_fork+0x116/0x1d0 [ 20.472103] ? __pfx_kthread+0x10/0x10 [ 20.472127] ret_from_fork_asm+0x1a/0x30 [ 20.472161] </TASK> [ 20.472175] [ 20.484800] Allocated by task 282: [ 20.485167] kasan_save_stack+0x45/0x70 [ 20.485548] kasan_save_track+0x18/0x40 [ 20.485930] kasan_save_alloc_info+0x3b/0x50 [ 20.486360] __kasan_kmalloc+0xb7/0xc0 [ 20.486773] __kmalloc_cache_noprof+0x189/0x420 [ 20.487250] kasan_atomics+0x95/0x310 [ 20.487649] kunit_try_run_case+0x1a5/0x480 [ 20.488079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.488469] kthread+0x337/0x6f0 [ 20.488580] ret_from_fork+0x116/0x1d0 [ 20.488726] ret_from_fork_asm+0x1a/0x30 [ 20.489029] [ 20.489272] The buggy address belongs to the object at ffff888102b66500 [ 20.489272] which belongs to the cache kmalloc-64 of size 64 [ 20.489763] The buggy address is located 0 bytes to the right of [ 20.489763] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.490422] [ 20.490637] The buggy address belongs to the physical page: [ 20.491191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.491663] flags: 0x200000000000000(node=0|zone=2) [ 20.491998] page_type: f5(slab) [ 20.492301] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.492783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.493113] page dumped because: kasan: bad access detected [ 20.493432] [ 20.493597] Memory state around the buggy address: [ 20.494104] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.494416] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.494949] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.495335] ^ [ 20.495732] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.496454] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.496807] ================================================================== [ 20.057415] ================================================================== [ 20.057889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 20.058444] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.058900] [ 20.059079] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.059187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.059216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.059307] Call Trace: [ 20.059348] <TASK> [ 20.059384] dump_stack_lvl+0x73/0xb0 [ 20.059441] print_report+0xd1/0x650 [ 20.059480] ? __virt_addr_valid+0x1db/0x2d0 [ 20.059519] ? kasan_atomics_helper+0x5fe/0x5450 [ 20.059556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.059599] ? kasan_atomics_helper+0x5fe/0x5450 [ 20.059645] kasan_report+0x141/0x180 [ 20.059772] ? kasan_atomics_helper+0x5fe/0x5450 [ 20.059826] kasan_check_range+0x10c/0x1c0 [ 20.059877] __kasan_check_write+0x18/0x20 [ 20.059925] kasan_atomics_helper+0x5fe/0x5450 [ 20.059976] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.060024] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.060138] ? kasan_atomics+0x152/0x310 [ 20.060195] kasan_atomics+0x1dc/0x310 [ 20.060246] ? __pfx_kasan_atomics+0x10/0x10 [ 20.060314] ? __pfx_read_tsc+0x10/0x10 [ 20.060359] ? ktime_get_ts64+0x86/0x230 [ 20.060453] kunit_try_run_case+0x1a5/0x480 [ 20.060507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.060558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.060634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.060698] ? __kthread_parkme+0x82/0x180 [ 20.060749] ? preempt_count_sub+0x50/0x80 [ 20.060828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.060906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.060952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.060994] kthread+0x337/0x6f0 [ 20.061045] ? trace_preempt_on+0x20/0xc0 [ 20.061148] ? __pfx_kthread+0x10/0x10 [ 20.061193] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.061242] ? calculate_sigpending+0x7b/0xa0 [ 20.061304] ? __pfx_kthread+0x10/0x10 [ 20.061342] ret_from_fork+0x116/0x1d0 [ 20.061377] ? __pfx_kthread+0x10/0x10 [ 20.061414] ret_from_fork_asm+0x1a/0x30 [ 20.061466] </TASK> [ 20.061489] [ 20.073188] Allocated by task 282: [ 20.073481] kasan_save_stack+0x45/0x70 [ 20.073783] kasan_save_track+0x18/0x40 [ 20.074195] kasan_save_alloc_info+0x3b/0x50 [ 20.074576] __kasan_kmalloc+0xb7/0xc0 [ 20.074907] __kmalloc_cache_noprof+0x189/0x420 [ 20.075268] kasan_atomics+0x95/0x310 [ 20.075674] kunit_try_run_case+0x1a5/0x480 [ 20.076179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.076390] kthread+0x337/0x6f0 [ 20.076537] ret_from_fork+0x116/0x1d0 [ 20.076752] ret_from_fork_asm+0x1a/0x30 [ 20.077138] [ 20.077334] The buggy address belongs to the object at ffff888102b66500 [ 20.077334] which belongs to the cache kmalloc-64 of size 64 [ 20.078217] The buggy address is located 0 bytes to the right of [ 20.078217] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.078881] [ 20.079023] The buggy address belongs to the physical page: [ 20.079446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.080212] flags: 0x200000000000000(node=0|zone=2) [ 20.080522] page_type: f5(slab) [ 20.080740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.081377] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.081971] page dumped because: kasan: bad access detected [ 20.082391] [ 20.082498] Memory state around the buggy address: [ 20.082945] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.083458] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.083689] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.084287] ^ [ 20.084675] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.085131] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.085477] ================================================================== [ 20.526783] ================================================================== [ 20.527376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 20.528020] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.528329] [ 20.528494] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.528605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.528636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.528686] Call Trace: [ 20.528731] <TASK> [ 20.528773] dump_stack_lvl+0x73/0xb0 [ 20.528838] print_report+0xd1/0x650 [ 20.528892] ? __virt_addr_valid+0x1db/0x2d0 [ 20.528933] ? kasan_atomics_helper+0xe78/0x5450 [ 20.528967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.529001] ? kasan_atomics_helper+0xe78/0x5450 [ 20.529035] kasan_report+0x141/0x180 [ 20.529070] ? kasan_atomics_helper+0xe78/0x5450 [ 20.529110] kasan_check_range+0x10c/0x1c0 [ 20.529147] __kasan_check_write+0x18/0x20 [ 20.529177] kasan_atomics_helper+0xe78/0x5450 [ 20.529211] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.529246] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.529298] ? kasan_atomics+0x152/0x310 [ 20.529338] kasan_atomics+0x1dc/0x310 [ 20.529374] ? __pfx_kasan_atomics+0x10/0x10 [ 20.529411] ? __pfx_read_tsc+0x10/0x10 [ 20.529445] ? ktime_get_ts64+0x86/0x230 [ 20.529483] kunit_try_run_case+0x1a5/0x480 [ 20.529522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.529556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.529591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.529624] ? __kthread_parkme+0x82/0x180 [ 20.529662] ? preempt_count_sub+0x50/0x80 [ 20.529701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.529859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.529907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.529955] kthread+0x337/0x6f0 [ 20.530030] ? trace_preempt_on+0x20/0xc0 [ 20.530086] ? __pfx_kthread+0x10/0x10 [ 20.530131] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.530193] ? calculate_sigpending+0x7b/0xa0 [ 20.530270] ? __pfx_kthread+0x10/0x10 [ 20.530337] ret_from_fork+0x116/0x1d0 [ 20.530384] ? __pfx_kthread+0x10/0x10 [ 20.530443] ret_from_fork_asm+0x1a/0x30 [ 20.530524] </TASK> [ 20.530565] [ 20.542115] Allocated by task 282: [ 20.542587] kasan_save_stack+0x45/0x70 [ 20.543028] kasan_save_track+0x18/0x40 [ 20.543355] kasan_save_alloc_info+0x3b/0x50 [ 20.543757] __kasan_kmalloc+0xb7/0xc0 [ 20.544097] __kmalloc_cache_noprof+0x189/0x420 [ 20.544502] kasan_atomics+0x95/0x310 [ 20.544878] kunit_try_run_case+0x1a5/0x480 [ 20.545114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.545499] kthread+0x337/0x6f0 [ 20.545684] ret_from_fork+0x116/0x1d0 [ 20.545877] ret_from_fork_asm+0x1a/0x30 [ 20.546079] [ 20.546295] The buggy address belongs to the object at ffff888102b66500 [ 20.546295] which belongs to the cache kmalloc-64 of size 64 [ 20.547183] The buggy address is located 0 bytes to the right of [ 20.547183] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.547917] [ 20.548068] The buggy address belongs to the physical page: [ 20.548335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.548690] flags: 0x200000000000000(node=0|zone=2) [ 20.548959] page_type: f5(slab) [ 20.549179] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.549885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.550496] page dumped because: kasan: bad access detected [ 20.550942] [ 20.551137] Memory state around the buggy address: [ 20.551553] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.552108] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.553755] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.554345] ^ [ 20.555610] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.556573] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557497] ================================================================== [ 19.955275] ================================================================== [ 19.955793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 19.956939] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.957739] [ 19.958079] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.958182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.958204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.958248] Call Trace: [ 19.958285] <TASK> [ 19.958323] dump_stack_lvl+0x73/0xb0 [ 19.958392] print_report+0xd1/0x650 [ 19.958446] ? __virt_addr_valid+0x1db/0x2d0 [ 19.958494] ? kasan_atomics_helper+0x4a0/0x5450 [ 19.958545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.958594] ? kasan_atomics_helper+0x4a0/0x5450 [ 19.958631] kasan_report+0x141/0x180 [ 19.958703] ? kasan_atomics_helper+0x4a0/0x5450 [ 19.958748] kasan_check_range+0x10c/0x1c0 [ 19.958790] __kasan_check_write+0x18/0x20 [ 19.958826] kasan_atomics_helper+0x4a0/0x5450 [ 19.958868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.958907] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.958948] ? kasan_atomics+0x152/0x310 [ 19.959007] kasan_atomics+0x1dc/0x310 [ 19.959096] ? __pfx_kasan_atomics+0x10/0x10 [ 19.959148] ? __pfx_read_tsc+0x10/0x10 [ 19.959191] ? ktime_get_ts64+0x86/0x230 [ 19.959246] kunit_try_run_case+0x1a5/0x480 [ 19.959314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.959365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.959408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.959447] ? __kthread_parkme+0x82/0x180 [ 19.959483] ? preempt_count_sub+0x50/0x80 [ 19.959526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.959571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.959610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.959650] kthread+0x337/0x6f0 [ 19.959773] ? trace_preempt_on+0x20/0xc0 [ 19.959836] ? __pfx_kthread+0x10/0x10 [ 19.959879] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.959927] ? calculate_sigpending+0x7b/0xa0 [ 19.959980] ? __pfx_kthread+0x10/0x10 [ 19.960030] ret_from_fork+0x116/0x1d0 [ 19.960109] ? __pfx_kthread+0x10/0x10 [ 19.960147] ret_from_fork_asm+0x1a/0x30 [ 19.960199] </TASK> [ 19.960222] [ 19.974097] Allocated by task 282: [ 19.974366] kasan_save_stack+0x45/0x70 [ 19.975068] kasan_save_track+0x18/0x40 [ 19.975420] kasan_save_alloc_info+0x3b/0x50 [ 19.975583] __kasan_kmalloc+0xb7/0xc0 [ 19.975773] __kmalloc_cache_noprof+0x189/0x420 [ 19.976177] kasan_atomics+0x95/0x310 [ 19.976528] kunit_try_run_case+0x1a5/0x480 [ 19.977044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.977427] kthread+0x337/0x6f0 [ 19.977618] ret_from_fork+0x116/0x1d0 [ 19.977836] ret_from_fork_asm+0x1a/0x30 [ 19.978025] [ 19.978145] The buggy address belongs to the object at ffff888102b66500 [ 19.978145] which belongs to the cache kmalloc-64 of size 64 [ 19.978961] The buggy address is located 0 bytes to the right of [ 19.978961] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.980254] [ 19.980537] The buggy address belongs to the physical page: [ 19.981019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.981864] flags: 0x200000000000000(node=0|zone=2) [ 19.982317] page_type: f5(slab) [ 19.982747] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.983185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.983484] page dumped because: kasan: bad access detected [ 19.983745] [ 19.983867] Memory state around the buggy address: [ 19.984110] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.984643] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.985157] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.985766] ^ [ 19.986157] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.987022] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.987560] ================================================================== [ 20.981316] ================================================================== [ 20.982006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 20.982793] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.983146] [ 20.983881] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.984014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.984046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.984095] Call Trace: [ 20.984128] <TASK> [ 20.984155] dump_stack_lvl+0x73/0xb0 [ 20.984196] print_report+0xd1/0x650 [ 20.984223] ? __virt_addr_valid+0x1db/0x2d0 [ 20.984251] ? kasan_atomics_helper+0x50d4/0x5450 [ 20.984302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.984328] ? kasan_atomics_helper+0x50d4/0x5450 [ 20.984354] kasan_report+0x141/0x180 [ 20.984380] ? kasan_atomics_helper+0x50d4/0x5450 [ 20.984409] __asan_report_store8_noabort+0x1b/0x30 [ 20.984433] kasan_atomics_helper+0x50d4/0x5450 [ 20.984459] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.984484] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.984509] ? kasan_atomics+0x152/0x310 [ 20.984539] kasan_atomics+0x1dc/0x310 [ 20.984566] ? __pfx_kasan_atomics+0x10/0x10 [ 20.984593] ? __pfx_read_tsc+0x10/0x10 [ 20.984618] ? ktime_get_ts64+0x86/0x230 [ 20.984650] kunit_try_run_case+0x1a5/0x480 [ 20.984707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.984735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.984761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.984786] ? __kthread_parkme+0x82/0x180 [ 20.984810] ? preempt_count_sub+0x50/0x80 [ 20.984835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.984862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.984888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.984914] kthread+0x337/0x6f0 [ 20.984936] ? trace_preempt_on+0x20/0xc0 [ 20.984964] ? __pfx_kthread+0x10/0x10 [ 20.984987] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.985010] ? calculate_sigpending+0x7b/0xa0 [ 20.985038] ? __pfx_kthread+0x10/0x10 [ 20.985062] ret_from_fork+0x116/0x1d0 [ 20.985083] ? __pfx_kthread+0x10/0x10 [ 20.985106] ret_from_fork_asm+0x1a/0x30 [ 20.985140] </TASK> [ 20.985155] [ 20.998781] Allocated by task 282: [ 20.999017] kasan_save_stack+0x45/0x70 [ 20.999209] kasan_save_track+0x18/0x40 [ 20.999444] kasan_save_alloc_info+0x3b/0x50 [ 21.000333] __kasan_kmalloc+0xb7/0xc0 [ 21.000581] __kmalloc_cache_noprof+0x189/0x420 [ 21.000794] kasan_atomics+0x95/0x310 [ 21.000988] kunit_try_run_case+0x1a5/0x480 [ 21.001899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.002369] kthread+0x337/0x6f0 [ 21.002632] ret_from_fork+0x116/0x1d0 [ 21.002863] ret_from_fork_asm+0x1a/0x30 [ 21.003224] [ 21.003369] The buggy address belongs to the object at ffff888102b66500 [ 21.003369] which belongs to the cache kmalloc-64 of size 64 [ 21.004028] The buggy address is located 0 bytes to the right of [ 21.004028] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.004641] [ 21.004810] The buggy address belongs to the physical page: [ 21.005041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.005682] flags: 0x200000000000000(node=0|zone=2) [ 21.006103] page_type: f5(slab) [ 21.006453] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.007095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.007447] page dumped because: kasan: bad access detected [ 21.007946] [ 21.008084] Memory state around the buggy address: [ 21.008374] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.008880] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.009319] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.009734] ^ [ 21.010081] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.010577] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.011038] ================================================================== [ 19.878475] ================================================================== [ 19.878893] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 19.879250] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.880140] [ 19.880387] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.880523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.880549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.880595] Call Trace: [ 19.880637] <TASK> [ 19.880720] dump_stack_lvl+0x73/0xb0 [ 19.880827] print_report+0xd1/0x650 [ 19.880886] ? __virt_addr_valid+0x1db/0x2d0 [ 19.880943] ? kasan_atomics_helper+0x3df/0x5450 [ 19.880994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.881072] ? kasan_atomics_helper+0x3df/0x5450 [ 19.881127] kasan_report+0x141/0x180 [ 19.881180] ? kasan_atomics_helper+0x3df/0x5450 [ 19.881241] kasan_check_range+0x10c/0x1c0 [ 19.881308] __kasan_check_read+0x15/0x20 [ 19.881357] kasan_atomics_helper+0x3df/0x5450 [ 19.881411] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.881465] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.881518] ? kasan_atomics+0x152/0x310 [ 19.881577] kasan_atomics+0x1dc/0x310 [ 19.881628] ? __pfx_kasan_atomics+0x10/0x10 [ 19.881706] ? __pfx_read_tsc+0x10/0x10 [ 19.881750] ? ktime_get_ts64+0x86/0x230 [ 19.881857] kunit_try_run_case+0x1a5/0x480 [ 19.881918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.881970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.882023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.882075] ? __kthread_parkme+0x82/0x180 [ 19.882123] ? preempt_count_sub+0x50/0x80 [ 19.882179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.882233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.882296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.882356] kthread+0x337/0x6f0 [ 19.882402] ? trace_preempt_on+0x20/0xc0 [ 19.882458] ? __pfx_kthread+0x10/0x10 [ 19.882505] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.882549] ? calculate_sigpending+0x7b/0xa0 [ 19.882602] ? __pfx_kthread+0x10/0x10 [ 19.882680] ret_from_fork+0x116/0x1d0 [ 19.882730] ? __pfx_kthread+0x10/0x10 [ 19.882781] ret_from_fork_asm+0x1a/0x30 [ 19.882853] </TASK> [ 19.882882] [ 19.896211] Allocated by task 282: [ 19.899936] kasan_save_stack+0x45/0x70 [ 19.900521] kasan_save_track+0x18/0x40 [ 19.900844] kasan_save_alloc_info+0x3b/0x50 [ 19.901430] __kasan_kmalloc+0xb7/0xc0 [ 19.902016] __kmalloc_cache_noprof+0x189/0x420 [ 19.902729] kasan_atomics+0x95/0x310 [ 19.903066] kunit_try_run_case+0x1a5/0x480 [ 19.903925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.904582] kthread+0x337/0x6f0 [ 19.905043] ret_from_fork+0x116/0x1d0 [ 19.905739] ret_from_fork_asm+0x1a/0x30 [ 19.905956] [ 19.906151] The buggy address belongs to the object at ffff888102b66500 [ 19.906151] which belongs to the cache kmalloc-64 of size 64 [ 19.907011] The buggy address is located 0 bytes to the right of [ 19.907011] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.909098] [ 19.909235] The buggy address belongs to the physical page: [ 19.909561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.910333] flags: 0x200000000000000(node=0|zone=2) [ 19.910582] page_type: f5(slab) [ 19.910913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.911828] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.912713] page dumped because: kasan: bad access detected [ 19.912948] [ 19.913345] Memory state around the buggy address: [ 19.914179] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.914665] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.915082] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.915789] ^ [ 19.916379] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.916647] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.917065] ================================================================== [ 21.041913] ================================================================== [ 21.042563] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 21.043189] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.043686] [ 21.043947] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.044043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.044065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.044102] Call Trace: [ 21.044139] <TASK> [ 21.044178] dump_stack_lvl+0x73/0xb0 [ 21.044244] print_report+0xd1/0x650 [ 21.044308] ? __virt_addr_valid+0x1db/0x2d0 [ 21.044338] ? kasan_atomics_helper+0x15b6/0x5450 [ 21.044363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.044388] ? kasan_atomics_helper+0x15b6/0x5450 [ 21.044414] kasan_report+0x141/0x180 [ 21.044439] ? kasan_atomics_helper+0x15b6/0x5450 [ 21.044468] kasan_check_range+0x10c/0x1c0 [ 21.044495] __kasan_check_write+0x18/0x20 [ 21.044517] kasan_atomics_helper+0x15b6/0x5450 [ 21.044544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.044569] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.044594] ? kasan_atomics+0x152/0x310 [ 21.044623] kasan_atomics+0x1dc/0x310 [ 21.044649] ? __pfx_kasan_atomics+0x10/0x10 [ 21.044688] ? __pfx_read_tsc+0x10/0x10 [ 21.044713] ? ktime_get_ts64+0x86/0x230 [ 21.044739] kunit_try_run_case+0x1a5/0x480 [ 21.044768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.044793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.044819] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.044844] ? __kthread_parkme+0x82/0x180 [ 21.044867] ? preempt_count_sub+0x50/0x80 [ 21.044893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.044919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.044945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.044971] kthread+0x337/0x6f0 [ 21.044992] ? trace_preempt_on+0x20/0xc0 [ 21.045020] ? __pfx_kthread+0x10/0x10 [ 21.045043] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.045066] ? calculate_sigpending+0x7b/0xa0 [ 21.045093] ? __pfx_kthread+0x10/0x10 [ 21.045116] ret_from_fork+0x116/0x1d0 [ 21.045137] ? __pfx_kthread+0x10/0x10 [ 21.045160] ret_from_fork_asm+0x1a/0x30 [ 21.045193] </TASK> [ 21.045207] [ 21.057183] Allocated by task 282: [ 21.057584] kasan_save_stack+0x45/0x70 [ 21.057897] kasan_save_track+0x18/0x40 [ 21.058098] kasan_save_alloc_info+0x3b/0x50 [ 21.058306] __kasan_kmalloc+0xb7/0xc0 [ 21.058716] __kmalloc_cache_noprof+0x189/0x420 [ 21.059114] kasan_atomics+0x95/0x310 [ 21.059555] kunit_try_run_case+0x1a5/0x480 [ 21.059998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.060474] kthread+0x337/0x6f0 [ 21.060780] ret_from_fork+0x116/0x1d0 [ 21.061125] ret_from_fork_asm+0x1a/0x30 [ 21.061478] [ 21.061608] The buggy address belongs to the object at ffff888102b66500 [ 21.061608] which belongs to the cache kmalloc-64 of size 64 [ 21.062060] The buggy address is located 0 bytes to the right of [ 21.062060] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.063072] [ 21.063277] The buggy address belongs to the physical page: [ 21.063784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.064380] flags: 0x200000000000000(node=0|zone=2) [ 21.064622] page_type: f5(slab) [ 21.064853] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.065364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.065991] page dumped because: kasan: bad access detected [ 21.066508] [ 21.066805] Memory state around the buggy address: [ 21.067204] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.067516] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.067801] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.068071] ^ [ 21.068550] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.069207] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.069810] ================================================================== [ 20.337676] ================================================================== [ 20.338199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 20.338582] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.339189] [ 20.339448] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.339553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.339584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.339632] Call Trace: [ 20.339704] <TASK> [ 20.339751] dump_stack_lvl+0x73/0xb0 [ 20.339822] print_report+0xd1/0x650 [ 20.339873] ? __virt_addr_valid+0x1db/0x2d0 [ 20.339921] ? kasan_atomics_helper+0xac7/0x5450 [ 20.339992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.340037] ? kasan_atomics_helper+0xac7/0x5450 [ 20.340083] kasan_report+0x141/0x180 [ 20.340150] ? kasan_atomics_helper+0xac7/0x5450 [ 20.340201] kasan_check_range+0x10c/0x1c0 [ 20.340248] __kasan_check_write+0x18/0x20 [ 20.340306] kasan_atomics_helper+0xac7/0x5450 [ 20.340373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.340435] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.340495] ? kasan_atomics+0x152/0x310 [ 20.340547] kasan_atomics+0x1dc/0x310 [ 20.340594] ? __pfx_kasan_atomics+0x10/0x10 [ 20.340649] ? __pfx_read_tsc+0x10/0x10 [ 20.340729] ? ktime_get_ts64+0x86/0x230 [ 20.340782] kunit_try_run_case+0x1a5/0x480 [ 20.340832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.340882] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.340935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.340988] ? __kthread_parkme+0x82/0x180 [ 20.341038] ? preempt_count_sub+0x50/0x80 [ 20.341088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.341133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.341183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.341266] kthread+0x337/0x6f0 [ 20.341312] ? trace_preempt_on+0x20/0xc0 [ 20.341362] ? __pfx_kthread+0x10/0x10 [ 20.341409] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.341452] ? calculate_sigpending+0x7b/0xa0 [ 20.341522] ? __pfx_kthread+0x10/0x10 [ 20.341572] ret_from_fork+0x116/0x1d0 [ 20.341610] ? __pfx_kthread+0x10/0x10 [ 20.341683] ret_from_fork_asm+0x1a/0x30 [ 20.341751] </TASK> [ 20.341769] [ 20.352179] Allocated by task 282: [ 20.352518] kasan_save_stack+0x45/0x70 [ 20.352927] kasan_save_track+0x18/0x40 [ 20.353282] kasan_save_alloc_info+0x3b/0x50 [ 20.353645] __kasan_kmalloc+0xb7/0xc0 [ 20.354005] __kmalloc_cache_noprof+0x189/0x420 [ 20.354380] kasan_atomics+0x95/0x310 [ 20.354765] kunit_try_run_case+0x1a5/0x480 [ 20.355089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.355440] kthread+0x337/0x6f0 [ 20.355625] ret_from_fork+0x116/0x1d0 [ 20.356013] ret_from_fork_asm+0x1a/0x30 [ 20.356379] [ 20.356563] The buggy address belongs to the object at ffff888102b66500 [ 20.356563] which belongs to the cache kmalloc-64 of size 64 [ 20.357210] The buggy address is located 0 bytes to the right of [ 20.357210] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.357728] [ 20.357878] The buggy address belongs to the physical page: [ 20.358147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.358792] flags: 0x200000000000000(node=0|zone=2) [ 20.359219] page_type: f5(slab) [ 20.359557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.360157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.361175] page dumped because: kasan: bad access detected [ 20.361622] [ 20.362667] Memory state around the buggy address: [ 20.363448] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.365808] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.366179] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.366852] ^ [ 20.367278] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.367806] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.368413] ================================================================== [ 21.373026] ================================================================== [ 21.373642] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 21.373992] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.374201] [ 21.375347] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.375473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.375505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.375554] Call Trace: [ 21.375600] <TASK> [ 21.375640] dump_stack_lvl+0x73/0xb0 [ 21.375744] print_report+0xd1/0x650 [ 21.375816] ? __virt_addr_valid+0x1db/0x2d0 [ 21.375871] ? kasan_atomics_helper+0x4f30/0x5450 [ 21.375933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.375982] ? kasan_atomics_helper+0x4f30/0x5450 [ 21.376025] kasan_report+0x141/0x180 [ 21.376055] ? kasan_atomics_helper+0x4f30/0x5450 [ 21.376085] __asan_report_load8_noabort+0x18/0x20 [ 21.376109] kasan_atomics_helper+0x4f30/0x5450 [ 21.376135] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.376160] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.376185] ? kasan_atomics+0x152/0x310 [ 21.376215] kasan_atomics+0x1dc/0x310 [ 21.376240] ? __pfx_kasan_atomics+0x10/0x10 [ 21.376299] ? __pfx_read_tsc+0x10/0x10 [ 21.376326] ? ktime_get_ts64+0x86/0x230 [ 21.376353] kunit_try_run_case+0x1a5/0x480 [ 21.376382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.376406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.376433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.376457] ? __kthread_parkme+0x82/0x180 [ 21.376481] ? preempt_count_sub+0x50/0x80 [ 21.376508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.376534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.376559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.376586] kthread+0x337/0x6f0 [ 21.376608] ? trace_preempt_on+0x20/0xc0 [ 21.376634] ? __pfx_kthread+0x10/0x10 [ 21.376664] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.376716] ? calculate_sigpending+0x7b/0xa0 [ 21.376746] ? __pfx_kthread+0x10/0x10 [ 21.376771] ret_from_fork+0x116/0x1d0 [ 21.376793] ? __pfx_kthread+0x10/0x10 [ 21.376816] ret_from_fork_asm+0x1a/0x30 [ 21.376850] </TASK> [ 21.376864] [ 21.390336] Allocated by task 282: [ 21.390862] kasan_save_stack+0x45/0x70 [ 21.391131] kasan_save_track+0x18/0x40 [ 21.391432] kasan_save_alloc_info+0x3b/0x50 [ 21.392056] __kasan_kmalloc+0xb7/0xc0 [ 21.392294] __kmalloc_cache_noprof+0x189/0x420 [ 21.392469] kasan_atomics+0x95/0x310 [ 21.393076] kunit_try_run_case+0x1a5/0x480 [ 21.393485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.394098] kthread+0x337/0x6f0 [ 21.394567] ret_from_fork+0x116/0x1d0 [ 21.394916] ret_from_fork_asm+0x1a/0x30 [ 21.395198] [ 21.395331] The buggy address belongs to the object at ffff888102b66500 [ 21.395331] which belongs to the cache kmalloc-64 of size 64 [ 21.396340] The buggy address is located 0 bytes to the right of [ 21.396340] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.397214] [ 21.397473] The buggy address belongs to the physical page: [ 21.397942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.398332] flags: 0x200000000000000(node=0|zone=2) [ 21.398762] page_type: f5(slab) [ 21.398982] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.399464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.399883] page dumped because: kasan: bad access detected [ 21.400312] [ 21.400506] Memory state around the buggy address: [ 21.400845] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.401398] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.401948] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.402451] ^ [ 21.402726] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.403201] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.403714] ================================================================== [ 20.593493] ================================================================== [ 20.593801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 20.594054] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.594239] [ 20.594355] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.594417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.594432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.594460] Call Trace: [ 20.594484] <TASK> [ 20.594509] dump_stack_lvl+0x73/0xb0 [ 20.594543] print_report+0xd1/0x650 [ 20.594568] ? __virt_addr_valid+0x1db/0x2d0 [ 20.594595] ? kasan_atomics_helper+0xfa9/0x5450 [ 20.594618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.594643] ? kasan_atomics_helper+0xfa9/0x5450 [ 20.594667] kasan_report+0x141/0x180 [ 20.594692] ? kasan_atomics_helper+0xfa9/0x5450 [ 20.594721] kasan_check_range+0x10c/0x1c0 [ 20.594747] __kasan_check_write+0x18/0x20 [ 20.594769] kasan_atomics_helper+0xfa9/0x5450 [ 20.594794] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.594818] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.594843] ? kasan_atomics+0x152/0x310 [ 20.594873] kasan_atomics+0x1dc/0x310 [ 20.594899] ? __pfx_kasan_atomics+0x10/0x10 [ 20.594925] ? __pfx_read_tsc+0x10/0x10 [ 20.594949] ? ktime_get_ts64+0x86/0x230 [ 20.594977] kunit_try_run_case+0x1a5/0x480 [ 20.595022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.595048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.595073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.595098] ? __kthread_parkme+0x82/0x180 [ 20.595121] ? preempt_count_sub+0x50/0x80 [ 20.595147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.595173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.595199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.595225] kthread+0x337/0x6f0 [ 20.595247] ? trace_preempt_on+0x20/0xc0 [ 20.595520] ? __pfx_kthread+0x10/0x10 [ 20.595565] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.595609] ? calculate_sigpending+0x7b/0xa0 [ 20.595660] ? __pfx_kthread+0x10/0x10 [ 20.595706] ret_from_fork+0x116/0x1d0 [ 20.595748] ? __pfx_kthread+0x10/0x10 [ 20.595794] ret_from_fork_asm+0x1a/0x30 [ 20.595857] </TASK> [ 20.595880] [ 20.612226] Allocated by task 282: [ 20.612609] kasan_save_stack+0x45/0x70 [ 20.613220] kasan_save_track+0x18/0x40 [ 20.613412] kasan_save_alloc_info+0x3b/0x50 [ 20.613942] __kasan_kmalloc+0xb7/0xc0 [ 20.614179] __kmalloc_cache_noprof+0x189/0x420 [ 20.614558] kasan_atomics+0x95/0x310 [ 20.615250] kunit_try_run_case+0x1a5/0x480 [ 20.615610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.616329] kthread+0x337/0x6f0 [ 20.616550] ret_from_fork+0x116/0x1d0 [ 20.617003] ret_from_fork_asm+0x1a/0x30 [ 20.617499] [ 20.617608] The buggy address belongs to the object at ffff888102b66500 [ 20.617608] which belongs to the cache kmalloc-64 of size 64 [ 20.617927] The buggy address is located 0 bytes to the right of [ 20.617927] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.619454] [ 20.619628] The buggy address belongs to the physical page: [ 20.620013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.620930] flags: 0x200000000000000(node=0|zone=2) [ 20.621363] page_type: f5(slab) [ 20.621718] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.622305] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.622976] page dumped because: kasan: bad access detected [ 20.623315] [ 20.623522] Memory state around the buggy address: [ 20.623898] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.624682] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.625097] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.625631] ^ [ 20.626071] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.626502] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.627033] ================================================================== [ 21.132622] ================================================================== [ 21.133102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 21.133759] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.134151] [ 21.134333] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.134441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.134495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.134532] Call Trace: [ 21.134570] <TASK> [ 21.134605] dump_stack_lvl+0x73/0xb0 [ 21.134661] print_report+0xd1/0x650 [ 21.134726] ? __virt_addr_valid+0x1db/0x2d0 [ 21.134774] ? kasan_atomics_helper+0x177f/0x5450 [ 21.134840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.134884] ? kasan_atomics_helper+0x177f/0x5450 [ 21.134920] kasan_report+0x141/0x180 [ 21.134959] ? kasan_atomics_helper+0x177f/0x5450 [ 21.135021] kasan_check_range+0x10c/0x1c0 [ 21.135074] __kasan_check_write+0x18/0x20 [ 21.135121] kasan_atomics_helper+0x177f/0x5450 [ 21.135174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.135216] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.135252] ? kasan_atomics+0x152/0x310 [ 21.135332] kasan_atomics+0x1dc/0x310 [ 21.135372] ? __pfx_kasan_atomics+0x10/0x10 [ 21.135410] ? __pfx_read_tsc+0x10/0x10 [ 21.135444] ? ktime_get_ts64+0x86/0x230 [ 21.135483] kunit_try_run_case+0x1a5/0x480 [ 21.135520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.135554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.135590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.135626] ? __kthread_parkme+0x82/0x180 [ 21.135661] ? preempt_count_sub+0x50/0x80 [ 21.135699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.135735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.135770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.135806] kthread+0x337/0x6f0 [ 21.135838] ? trace_preempt_on+0x20/0xc0 [ 21.135876] ? __pfx_kthread+0x10/0x10 [ 21.135910] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.135956] ? calculate_sigpending+0x7b/0xa0 [ 21.136003] ? __pfx_kthread+0x10/0x10 [ 21.136046] ret_from_fork+0x116/0x1d0 [ 21.136117] ? __pfx_kthread+0x10/0x10 [ 21.136155] ret_from_fork_asm+0x1a/0x30 [ 21.136213] </TASK> [ 21.136241] [ 21.148098] Allocated by task 282: [ 21.148562] kasan_save_stack+0x45/0x70 [ 21.149078] kasan_save_track+0x18/0x40 [ 21.149578] kasan_save_alloc_info+0x3b/0x50 [ 21.150154] __kasan_kmalloc+0xb7/0xc0 [ 21.150544] __kmalloc_cache_noprof+0x189/0x420 [ 21.151001] kasan_atomics+0x95/0x310 [ 21.151411] kunit_try_run_case+0x1a5/0x480 [ 21.151994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.152626] kthread+0x337/0x6f0 [ 21.153048] ret_from_fork+0x116/0x1d0 [ 21.153283] ret_from_fork_asm+0x1a/0x30 [ 21.153799] [ 21.153938] The buggy address belongs to the object at ffff888102b66500 [ 21.153938] which belongs to the cache kmalloc-64 of size 64 [ 21.154696] The buggy address is located 0 bytes to the right of [ 21.154696] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.155496] [ 21.155738] The buggy address belongs to the physical page: [ 21.156296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.156487] flags: 0x200000000000000(node=0|zone=2) [ 21.156610] page_type: f5(slab) [ 21.156811] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.157890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.158320] page dumped because: kasan: bad access detected [ 21.158690] [ 21.158818] Memory state around the buggy address: [ 21.159202] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.159603] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.160067] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.160621] ^ [ 21.160958] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.161411] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.161914] ================================================================== [ 20.436970] ================================================================== [ 20.437922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 20.438557] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.439070] [ 20.439241] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.439575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.439604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.439810] Call Trace: [ 20.439845] <TASK> [ 20.439875] dump_stack_lvl+0x73/0xb0 [ 20.439923] print_report+0xd1/0x650 [ 20.439950] ? __virt_addr_valid+0x1db/0x2d0 [ 20.439987] ? kasan_atomics_helper+0x4a84/0x5450 [ 20.440025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.440050] ? kasan_atomics_helper+0x4a84/0x5450 [ 20.440075] kasan_report+0x141/0x180 [ 20.440100] ? kasan_atomics_helper+0x4a84/0x5450 [ 20.440129] __asan_report_load4_noabort+0x18/0x20 [ 20.440152] kasan_atomics_helper+0x4a84/0x5450 [ 20.440178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.440202] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.440227] ? kasan_atomics+0x152/0x310 [ 20.440366] kasan_atomics+0x1dc/0x310 [ 20.440402] ? __pfx_kasan_atomics+0x10/0x10 [ 20.440431] ? __pfx_read_tsc+0x10/0x10 [ 20.440456] ? ktime_get_ts64+0x86/0x230 [ 20.440484] kunit_try_run_case+0x1a5/0x480 [ 20.440513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.440537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.440565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.440590] ? __kthread_parkme+0x82/0x180 [ 20.440615] ? preempt_count_sub+0x50/0x80 [ 20.440641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.440676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.440734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.440761] kthread+0x337/0x6f0 [ 20.440784] ? trace_preempt_on+0x20/0xc0 [ 20.440811] ? __pfx_kthread+0x10/0x10 [ 20.440834] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.440857] ? calculate_sigpending+0x7b/0xa0 [ 20.440886] ? __pfx_kthread+0x10/0x10 [ 20.440910] ret_from_fork+0x116/0x1d0 [ 20.440930] ? __pfx_kthread+0x10/0x10 [ 20.440954] ret_from_fork_asm+0x1a/0x30 [ 20.440987] </TASK> [ 20.441002] [ 20.453643] Allocated by task 282: [ 20.453859] kasan_save_stack+0x45/0x70 [ 20.454293] kasan_save_track+0x18/0x40 [ 20.454816] kasan_save_alloc_info+0x3b/0x50 [ 20.455211] __kasan_kmalloc+0xb7/0xc0 [ 20.455428] __kmalloc_cache_noprof+0x189/0x420 [ 20.455643] kasan_atomics+0x95/0x310 [ 20.455918] kunit_try_run_case+0x1a5/0x480 [ 20.456340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.456773] kthread+0x337/0x6f0 [ 20.457084] ret_from_fork+0x116/0x1d0 [ 20.457513] ret_from_fork_asm+0x1a/0x30 [ 20.457974] [ 20.458104] The buggy address belongs to the object at ffff888102b66500 [ 20.458104] which belongs to the cache kmalloc-64 of size 64 [ 20.458537] The buggy address is located 0 bytes to the right of [ 20.458537] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.458965] [ 20.459154] The buggy address belongs to the physical page: [ 20.459838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.460466] flags: 0x200000000000000(node=0|zone=2) [ 20.460886] page_type: f5(slab) [ 20.461333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.462000] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.462598] page dumped because: kasan: bad access detected [ 20.463217] [ 20.463357] Memory state around the buggy address: [ 20.463568] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.463844] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.464121] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.464541] ^ [ 20.464933] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.465487] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.466065] ================================================================== [ 21.751761] ================================================================== [ 21.753456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 21.753943] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.754339] [ 21.754570] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.754680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.754709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.754758] Call Trace: [ 21.754802] <TASK> [ 21.754845] dump_stack_lvl+0x73/0xb0 [ 21.754911] print_report+0xd1/0x650 [ 21.754957] ? __virt_addr_valid+0x1db/0x2d0 [ 21.755012] ? kasan_atomics_helper+0x224c/0x5450 [ 21.755056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.755103] ? kasan_atomics_helper+0x224c/0x5450 [ 21.755150] kasan_report+0x141/0x180 [ 21.755202] ? kasan_atomics_helper+0x224c/0x5450 [ 21.755274] kasan_check_range+0x10c/0x1c0 [ 21.755333] __kasan_check_write+0x18/0x20 [ 21.755382] kasan_atomics_helper+0x224c/0x5450 [ 21.755436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.755488] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.755540] ? kasan_atomics+0x152/0x310 [ 21.755589] kasan_atomics+0x1dc/0x310 [ 21.755617] ? __pfx_kasan_atomics+0x10/0x10 [ 21.755646] ? __pfx_read_tsc+0x10/0x10 [ 21.755686] ? ktime_get_ts64+0x86/0x230 [ 21.755742] kunit_try_run_case+0x1a5/0x480 [ 21.755772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.755798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.755825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.755851] ? __kthread_parkme+0x82/0x180 [ 21.755876] ? preempt_count_sub+0x50/0x80 [ 21.755904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.755932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.755958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.755986] kthread+0x337/0x6f0 [ 21.756009] ? trace_preempt_on+0x20/0xc0 [ 21.756036] ? __pfx_kthread+0x10/0x10 [ 21.756060] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.756084] ? calculate_sigpending+0x7b/0xa0 [ 21.756112] ? __pfx_kthread+0x10/0x10 [ 21.756137] ret_from_fork+0x116/0x1d0 [ 21.756159] ? __pfx_kthread+0x10/0x10 [ 21.756182] ret_from_fork_asm+0x1a/0x30 [ 21.756216] </TASK> [ 21.756231] [ 21.766629] Allocated by task 282: [ 21.766985] kasan_save_stack+0x45/0x70 [ 21.767216] kasan_save_track+0x18/0x40 [ 21.767430] kasan_save_alloc_info+0x3b/0x50 [ 21.767638] __kasan_kmalloc+0xb7/0xc0 [ 21.767964] __kmalloc_cache_noprof+0x189/0x420 [ 21.768466] kasan_atomics+0x95/0x310 [ 21.768813] kunit_try_run_case+0x1a5/0x480 [ 21.769176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.769557] kthread+0x337/0x6f0 [ 21.769864] ret_from_fork+0x116/0x1d0 [ 21.770080] ret_from_fork_asm+0x1a/0x30 [ 21.770352] [ 21.770465] The buggy address belongs to the object at ffff888102b66500 [ 21.770465] which belongs to the cache kmalloc-64 of size 64 [ 21.771268] The buggy address is located 0 bytes to the right of [ 21.771268] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.772287] [ 21.772423] The buggy address belongs to the physical page: [ 21.772647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.772956] flags: 0x200000000000000(node=0|zone=2) [ 21.773224] page_type: f5(slab) [ 21.773541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.774311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.774738] page dumped because: kasan: bad access detected [ 21.775074] [ 21.775241] Memory state around the buggy address: [ 21.775492] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.776179] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.776535] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.777002] ^ [ 21.777226] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.777507] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.777775] ================================================================== [ 21.013761] ================================================================== [ 21.014204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 21.014681] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.015020] [ 21.015248] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.015398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.015429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.015477] Call Trace: [ 21.015520] <TASK> [ 21.015579] dump_stack_lvl+0x73/0xb0 [ 21.015648] print_report+0xd1/0x650 [ 21.015698] ? __virt_addr_valid+0x1db/0x2d0 [ 21.015764] ? kasan_atomics_helper+0x151d/0x5450 [ 21.015824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.015898] ? kasan_atomics_helper+0x151d/0x5450 [ 21.015941] kasan_report+0x141/0x180 [ 21.015990] ? kasan_atomics_helper+0x151d/0x5450 [ 21.016051] kasan_check_range+0x10c/0x1c0 [ 21.016106] __kasan_check_write+0x18/0x20 [ 21.016154] kasan_atomics_helper+0x151d/0x5450 [ 21.016210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.016274] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.016327] ? kasan_atomics+0x152/0x310 [ 21.016387] kasan_atomics+0x1dc/0x310 [ 21.016431] ? __pfx_kasan_atomics+0x10/0x10 [ 21.016465] ? __pfx_read_tsc+0x10/0x10 [ 21.016491] ? ktime_get_ts64+0x86/0x230 [ 21.016518] kunit_try_run_case+0x1a5/0x480 [ 21.016547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.016573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.016599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.016624] ? __kthread_parkme+0x82/0x180 [ 21.016648] ? preempt_count_sub+0x50/0x80 [ 21.016688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.016723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.016749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.016775] kthread+0x337/0x6f0 [ 21.016797] ? trace_preempt_on+0x20/0xc0 [ 21.016823] ? __pfx_kthread+0x10/0x10 [ 21.016846] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.016869] ? calculate_sigpending+0x7b/0xa0 [ 21.016899] ? __pfx_kthread+0x10/0x10 [ 21.016923] ret_from_fork+0x116/0x1d0 [ 21.016944] ? __pfx_kthread+0x10/0x10 [ 21.016966] ret_from_fork_asm+0x1a/0x30 [ 21.016998] </TASK> [ 21.017013] [ 21.027850] Allocated by task 282: [ 21.028071] kasan_save_stack+0x45/0x70 [ 21.028312] kasan_save_track+0x18/0x40 [ 21.028508] kasan_save_alloc_info+0x3b/0x50 [ 21.028712] __kasan_kmalloc+0xb7/0xc0 [ 21.029088] __kmalloc_cache_noprof+0x189/0x420 [ 21.029487] kasan_atomics+0x95/0x310 [ 21.029862] kunit_try_run_case+0x1a5/0x480 [ 21.030223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.030511] kthread+0x337/0x6f0 [ 21.030906] ret_from_fork+0x116/0x1d0 [ 21.031147] ret_from_fork_asm+0x1a/0x30 [ 21.031496] [ 21.031749] The buggy address belongs to the object at ffff888102b66500 [ 21.031749] which belongs to the cache kmalloc-64 of size 64 [ 21.032270] The buggy address is located 0 bytes to the right of [ 21.032270] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.032982] [ 21.033183] The buggy address belongs to the physical page: [ 21.033703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.034370] flags: 0x200000000000000(node=0|zone=2) [ 21.034868] page_type: f5(slab) [ 21.035160] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.035471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.035836] page dumped because: kasan: bad access detected [ 21.036297] [ 21.036500] Memory state around the buggy address: [ 21.036936] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.037555] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.038114] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.038604] ^ [ 21.038858] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.039142] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.039735] ================================================================== [ 20.497902] ================================================================== [ 20.498319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 20.498902] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.499280] [ 20.499447] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.499549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.499580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.499630] Call Trace: [ 20.499674] <TASK> [ 20.499714] dump_stack_lvl+0x73/0xb0 [ 20.499777] print_report+0xd1/0x650 [ 20.499875] ? __virt_addr_valid+0x1db/0x2d0 [ 20.499920] ? kasan_atomics_helper+0xde0/0x5450 [ 20.499953] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.499986] ? kasan_atomics_helper+0xde0/0x5450 [ 20.500020] kasan_report+0x141/0x180 [ 20.500054] ? kasan_atomics_helper+0xde0/0x5450 [ 20.500091] kasan_check_range+0x10c/0x1c0 [ 20.500128] __kasan_check_write+0x18/0x20 [ 20.500158] kasan_atomics_helper+0xde0/0x5450 [ 20.500193] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.500227] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.500278] ? kasan_atomics+0x152/0x310 [ 20.500334] kasan_atomics+0x1dc/0x310 [ 20.500385] ? __pfx_kasan_atomics+0x10/0x10 [ 20.500439] ? __pfx_read_tsc+0x10/0x10 [ 20.500481] ? ktime_get_ts64+0x86/0x230 [ 20.500535] kunit_try_run_case+0x1a5/0x480 [ 20.500611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.500660] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.500735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.500805] ? __kthread_parkme+0x82/0x180 [ 20.500855] ? preempt_count_sub+0x50/0x80 [ 20.500904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.500954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.501011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.501064] kthread+0x337/0x6f0 [ 20.501110] ? trace_preempt_on+0x20/0xc0 [ 20.501181] ? __pfx_kthread+0x10/0x10 [ 20.501228] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.501286] ? calculate_sigpending+0x7b/0xa0 [ 20.501336] ? __pfx_kthread+0x10/0x10 [ 20.501375] ret_from_fork+0x116/0x1d0 [ 20.501414] ? __pfx_kthread+0x10/0x10 [ 20.501460] ret_from_fork_asm+0x1a/0x30 [ 20.501546] </TASK> [ 20.501575] [ 20.512825] Allocated by task 282: [ 20.513181] kasan_save_stack+0x45/0x70 [ 20.513572] kasan_save_track+0x18/0x40 [ 20.514027] kasan_save_alloc_info+0x3b/0x50 [ 20.514330] __kasan_kmalloc+0xb7/0xc0 [ 20.514616] __kmalloc_cache_noprof+0x189/0x420 [ 20.514999] kasan_atomics+0x95/0x310 [ 20.515286] kunit_try_run_case+0x1a5/0x480 [ 20.515548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.516141] kthread+0x337/0x6f0 [ 20.516395] ret_from_fork+0x116/0x1d0 [ 20.516709] ret_from_fork_asm+0x1a/0x30 [ 20.517077] [ 20.517253] The buggy address belongs to the object at ffff888102b66500 [ 20.517253] which belongs to the cache kmalloc-64 of size 64 [ 20.517706] The buggy address is located 0 bytes to the right of [ 20.517706] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.518208] [ 20.518437] The buggy address belongs to the physical page: [ 20.518935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.519588] flags: 0x200000000000000(node=0|zone=2) [ 20.520031] page_type: f5(slab) [ 20.520361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.520984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.521350] page dumped because: kasan: bad access detected [ 20.521718] [ 20.521894] Memory state around the buggy address: [ 20.522241] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.522634] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.523184] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.523599] ^ [ 20.524170] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.524485] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.525173] ================================================================== [ 20.745433] ================================================================== [ 20.745743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 20.746007] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.746255] [ 20.746920] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.747046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.747076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.747127] Call Trace: [ 20.747170] <TASK> [ 20.747213] dump_stack_lvl+0x73/0xb0 [ 20.747295] print_report+0xd1/0x650 [ 20.747351] ? __virt_addr_valid+0x1db/0x2d0 [ 20.747404] ? kasan_atomics_helper+0x4a02/0x5450 [ 20.747455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.747508] ? kasan_atomics_helper+0x4a02/0x5450 [ 20.747561] kasan_report+0x141/0x180 [ 20.747612] ? kasan_atomics_helper+0x4a02/0x5450 [ 20.747669] __asan_report_load4_noabort+0x18/0x20 [ 20.747717] kasan_atomics_helper+0x4a02/0x5450 [ 20.747770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.747823] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.747874] ? kasan_atomics+0x152/0x310 [ 20.747936] kasan_atomics+0x1dc/0x310 [ 20.747989] ? __pfx_kasan_atomics+0x10/0x10 [ 20.748045] ? __pfx_read_tsc+0x10/0x10 [ 20.748092] ? ktime_get_ts64+0x86/0x230 [ 20.748146] kunit_try_run_case+0x1a5/0x480 [ 20.748202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.748251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.748305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.748347] ? __kthread_parkme+0x82/0x180 [ 20.748384] ? preempt_count_sub+0x50/0x80 [ 20.748423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.748469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.748514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.748559] kthread+0x337/0x6f0 [ 20.748597] ? trace_preempt_on+0x20/0xc0 [ 20.748643] ? __pfx_kthread+0x10/0x10 [ 20.748684] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.748724] ? calculate_sigpending+0x7b/0xa0 [ 20.748770] ? __pfx_kthread+0x10/0x10 [ 20.748814] ret_from_fork+0x116/0x1d0 [ 20.748855] ? __pfx_kthread+0x10/0x10 [ 20.748900] ret_from_fork_asm+0x1a/0x30 [ 20.748958] </TASK> [ 20.748986] [ 20.763843] Allocated by task 282: [ 20.764267] kasan_save_stack+0x45/0x70 [ 20.764630] kasan_save_track+0x18/0x40 [ 20.764832] kasan_save_alloc_info+0x3b/0x50 [ 20.765194] __kasan_kmalloc+0xb7/0xc0 [ 20.765528] __kmalloc_cache_noprof+0x189/0x420 [ 20.765924] kasan_atomics+0x95/0x310 [ 20.766549] kunit_try_run_case+0x1a5/0x480 [ 20.766826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.767269] kthread+0x337/0x6f0 [ 20.767588] ret_from_fork+0x116/0x1d0 [ 20.767918] ret_from_fork_asm+0x1a/0x30 [ 20.768114] [ 20.768343] The buggy address belongs to the object at ffff888102b66500 [ 20.768343] which belongs to the cache kmalloc-64 of size 64 [ 20.769120] The buggy address is located 0 bytes to the right of [ 20.769120] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.769798] [ 20.769987] The buggy address belongs to the physical page: [ 20.770368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.770880] flags: 0x200000000000000(node=0|zone=2) [ 20.771159] page_type: f5(slab) [ 20.771419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.771754] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.772033] page dumped because: kasan: bad access detected [ 20.772384] [ 20.772498] Memory state around the buggy address: [ 20.772930] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.773452] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.773923] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.774289] ^ [ 20.774586] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.775011] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.775415] ================================================================== [ 19.738949] ================================================================== [ 19.739949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 19.740752] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.741571] [ 19.741840] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.741968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.741998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.742041] Call Trace: [ 19.742069] <TASK> [ 19.742115] dump_stack_lvl+0x73/0xb0 [ 19.742186] print_report+0xd1/0x650 [ 19.742239] ? __virt_addr_valid+0x1db/0x2d0 [ 19.742342] ? kasan_atomics_helper+0x4bbc/0x5450 [ 19.742381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.742417] ? kasan_atomics_helper+0x4bbc/0x5450 [ 19.742453] kasan_report+0x141/0x180 [ 19.742490] ? kasan_atomics_helper+0x4bbc/0x5450 [ 19.742533] __asan_report_load4_noabort+0x18/0x20 [ 19.742566] kasan_atomics_helper+0x4bbc/0x5450 [ 19.742603] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.742639] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.742674] ? kasan_atomics+0x152/0x310 [ 19.742759] kasan_atomics+0x1dc/0x310 [ 19.742787] ? __pfx_kasan_atomics+0x10/0x10 [ 19.742815] ? __pfx_read_tsc+0x10/0x10 [ 19.742838] ? ktime_get_ts64+0x86/0x230 [ 19.742865] kunit_try_run_case+0x1a5/0x480 [ 19.742893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.742916] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.742942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.742966] ? __kthread_parkme+0x82/0x180 [ 19.742997] ? preempt_count_sub+0x50/0x80 [ 19.743029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.743209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.743238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.743284] kthread+0x337/0x6f0 [ 19.743309] ? trace_preempt_on+0x20/0xc0 [ 19.743337] ? __pfx_kthread+0x10/0x10 [ 19.743360] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.743383] ? calculate_sigpending+0x7b/0xa0 [ 19.743410] ? __pfx_kthread+0x10/0x10 [ 19.743433] ret_from_fork+0x116/0x1d0 [ 19.743453] ? __pfx_kthread+0x10/0x10 [ 19.743476] ret_from_fork_asm+0x1a/0x30 [ 19.743508] </TASK> [ 19.743522] [ 19.756238] Allocated by task 282: [ 19.756730] kasan_save_stack+0x45/0x70 [ 19.757217] kasan_save_track+0x18/0x40 [ 19.757756] kasan_save_alloc_info+0x3b/0x50 [ 19.758422] __kasan_kmalloc+0xb7/0xc0 [ 19.758800] __kmalloc_cache_noprof+0x189/0x420 [ 19.759775] kasan_atomics+0x95/0x310 [ 19.760022] kunit_try_run_case+0x1a5/0x480 [ 19.760541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.761437] kthread+0x337/0x6f0 [ 19.762213] ret_from_fork+0x116/0x1d0 [ 19.762426] ret_from_fork_asm+0x1a/0x30 [ 19.763081] [ 19.763518] The buggy address belongs to the object at ffff888102b66500 [ 19.763518] which belongs to the cache kmalloc-64 of size 64 [ 19.764747] The buggy address is located 0 bytes to the right of [ 19.764747] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.765668] [ 19.766132] The buggy address belongs to the physical page: [ 19.766855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.767404] flags: 0x200000000000000(node=0|zone=2) [ 19.768085] page_type: f5(slab) [ 19.768401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.768998] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.769853] page dumped because: kasan: bad access detected [ 19.770490] [ 19.770808] Memory state around the buggy address: [ 19.771094] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.771822] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.772253] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.772654] ^ [ 19.772893] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.773588] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.774610] ================================================================== [ 20.627963] ================================================================== [ 20.629059] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 20.629497] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.630087] [ 20.630287] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.630447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.630480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.630539] Call Trace: [ 20.630585] <TASK> [ 20.630631] dump_stack_lvl+0x73/0xb0 [ 20.630843] print_report+0xd1/0x650 [ 20.630920] ? __virt_addr_valid+0x1db/0x2d0 [ 20.630975] ? kasan_atomics_helper+0x4a36/0x5450 [ 20.631013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.631040] ? kasan_atomics_helper+0x4a36/0x5450 [ 20.631066] kasan_report+0x141/0x180 [ 20.631092] ? kasan_atomics_helper+0x4a36/0x5450 [ 20.631121] __asan_report_load4_noabort+0x18/0x20 [ 20.631145] kasan_atomics_helper+0x4a36/0x5450 [ 20.631170] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.631196] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.631221] ? kasan_atomics+0x152/0x310 [ 20.631250] kasan_atomics+0x1dc/0x310 [ 20.631313] ? __pfx_kasan_atomics+0x10/0x10 [ 20.631360] ? __pfx_read_tsc+0x10/0x10 [ 20.631404] ? ktime_get_ts64+0x86/0x230 [ 20.631451] kunit_try_run_case+0x1a5/0x480 [ 20.631515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.631622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.631672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.631718] ? __kthread_parkme+0x82/0x180 [ 20.631762] ? preempt_count_sub+0x50/0x80 [ 20.631819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.631871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.631937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.631986] kthread+0x337/0x6f0 [ 20.632023] ? trace_preempt_on+0x20/0xc0 [ 20.632055] ? __pfx_kthread+0x10/0x10 [ 20.632079] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.632103] ? calculate_sigpending+0x7b/0xa0 [ 20.632131] ? __pfx_kthread+0x10/0x10 [ 20.632155] ret_from_fork+0x116/0x1d0 [ 20.632177] ? __pfx_kthread+0x10/0x10 [ 20.632200] ret_from_fork_asm+0x1a/0x30 [ 20.632234] </TASK> [ 20.632249] [ 20.644857] Allocated by task 282: [ 20.645190] kasan_save_stack+0x45/0x70 [ 20.645565] kasan_save_track+0x18/0x40 [ 20.645910] kasan_save_alloc_info+0x3b/0x50 [ 20.646277] __kasan_kmalloc+0xb7/0xc0 [ 20.646480] __kmalloc_cache_noprof+0x189/0x420 [ 20.646734] kasan_atomics+0x95/0x310 [ 20.646921] kunit_try_run_case+0x1a5/0x480 [ 20.647138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.647616] kthread+0x337/0x6f0 [ 20.648048] ret_from_fork+0x116/0x1d0 [ 20.648434] ret_from_fork_asm+0x1a/0x30 [ 20.648864] [ 20.649056] The buggy address belongs to the object at ffff888102b66500 [ 20.649056] which belongs to the cache kmalloc-64 of size 64 [ 20.649850] The buggy address is located 0 bytes to the right of [ 20.649850] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.650579] [ 20.650824] The buggy address belongs to the physical page: [ 20.651285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.651894] flags: 0x200000000000000(node=0|zone=2) [ 20.652138] page_type: f5(slab) [ 20.652501] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.653141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.653779] page dumped because: kasan: bad access detected [ 20.654189] [ 20.654391] Memory state around the buggy address: [ 20.654751] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.655302] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.655834] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.656285] ^ [ 20.656685] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.657141] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.657598] ================================================================== [ 21.313225] ================================================================== [ 21.313606] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 21.314190] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.314513] [ 21.314719] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.314827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.314857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.314906] Call Trace: [ 21.314947] <TASK> [ 21.314983] dump_stack_lvl+0x73/0xb0 [ 21.315055] print_report+0xd1/0x650 [ 21.315103] ? __virt_addr_valid+0x1db/0x2d0 [ 21.315150] ? kasan_atomics_helper+0x1b22/0x5450 [ 21.315191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.315234] ? kasan_atomics_helper+0x1b22/0x5450 [ 21.315293] kasan_report+0x141/0x180 [ 21.315343] ? kasan_atomics_helper+0x1b22/0x5450 [ 21.315391] kasan_check_range+0x10c/0x1c0 [ 21.315437] __kasan_check_write+0x18/0x20 [ 21.315476] kasan_atomics_helper+0x1b22/0x5450 [ 21.315519] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.315568] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.315616] ? kasan_atomics+0x152/0x310 [ 21.315673] kasan_atomics+0x1dc/0x310 [ 21.315724] ? __pfx_kasan_atomics+0x10/0x10 [ 21.315780] ? __pfx_read_tsc+0x10/0x10 [ 21.315828] ? ktime_get_ts64+0x86/0x230 [ 21.315880] kunit_try_run_case+0x1a5/0x480 [ 21.315930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.315979] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.316032] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.316101] ? __kthread_parkme+0x82/0x180 [ 21.316145] ? preempt_count_sub+0x50/0x80 [ 21.316198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.316241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.316305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.316359] kthread+0x337/0x6f0 [ 21.316404] ? trace_preempt_on+0x20/0xc0 [ 21.316459] ? __pfx_kthread+0x10/0x10 [ 21.316507] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.316557] ? calculate_sigpending+0x7b/0xa0 [ 21.316613] ? __pfx_kthread+0x10/0x10 [ 21.316655] ret_from_fork+0x116/0x1d0 [ 21.316714] ? __pfx_kthread+0x10/0x10 [ 21.316758] ret_from_fork_asm+0x1a/0x30 [ 21.316820] </TASK> [ 21.316847] [ 21.327233] Allocated by task 282: [ 21.327634] kasan_save_stack+0x45/0x70 [ 21.328049] kasan_save_track+0x18/0x40 [ 21.328408] kasan_save_alloc_info+0x3b/0x50 [ 21.328643] __kasan_kmalloc+0xb7/0xc0 [ 21.328897] __kmalloc_cache_noprof+0x189/0x420 [ 21.329115] kasan_atomics+0x95/0x310 [ 21.329321] kunit_try_run_case+0x1a5/0x480 [ 21.329682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.330143] kthread+0x337/0x6f0 [ 21.330450] ret_from_fork+0x116/0x1d0 [ 21.330794] ret_from_fork_asm+0x1a/0x30 [ 21.331148] [ 21.331329] The buggy address belongs to the object at ffff888102b66500 [ 21.331329] which belongs to the cache kmalloc-64 of size 64 [ 21.332312] The buggy address is located 0 bytes to the right of [ 21.332312] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.335343] [ 21.335557] The buggy address belongs to the physical page: [ 21.336152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.336478] flags: 0x200000000000000(node=0|zone=2) [ 21.337299] page_type: f5(slab) [ 21.337660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.338434] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.339151] page dumped because: kasan: bad access detected [ 21.339570] [ 21.339759] Memory state around the buggy address: [ 21.340076] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.340433] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.340848] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.341276] ^ [ 21.341687] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.342046] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.342570] ================================================================== [ 20.919600] ================================================================== [ 20.920362] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 20.920799] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.921155] [ 20.921373] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.921482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.921512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.921559] Call Trace: [ 20.921602] <TASK> [ 20.921641] dump_stack_lvl+0x73/0xb0 [ 20.921741] print_report+0xd1/0x650 [ 20.921788] ? __virt_addr_valid+0x1db/0x2d0 [ 20.921836] ? kasan_atomics_helper+0x4eae/0x5450 [ 20.921879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.921930] ? kasan_atomics_helper+0x4eae/0x5450 [ 20.921976] kasan_report+0x141/0x180 [ 20.922018] ? kasan_atomics_helper+0x4eae/0x5450 [ 20.922064] __asan_report_load8_noabort+0x18/0x20 [ 20.922103] kasan_atomics_helper+0x4eae/0x5450 [ 20.922148] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.922197] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.922245] ? kasan_atomics+0x152/0x310 [ 20.922316] kasan_atomics+0x1dc/0x310 [ 20.922370] ? __pfx_kasan_atomics+0x10/0x10 [ 20.922424] ? __pfx_read_tsc+0x10/0x10 [ 20.922469] ? ktime_get_ts64+0x86/0x230 [ 20.922506] kunit_try_run_case+0x1a5/0x480 [ 20.922534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.922561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.922587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.922612] ? __kthread_parkme+0x82/0x180 [ 20.922636] ? preempt_count_sub+0x50/0x80 [ 20.922686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.922737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.922764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.922791] kthread+0x337/0x6f0 [ 20.922813] ? trace_preempt_on+0x20/0xc0 [ 20.922843] ? __pfx_kthread+0x10/0x10 [ 20.922865] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.922889] ? calculate_sigpending+0x7b/0xa0 [ 20.922917] ? __pfx_kthread+0x10/0x10 [ 20.922941] ret_from_fork+0x116/0x1d0 [ 20.922961] ? __pfx_kthread+0x10/0x10 [ 20.922985] ret_from_fork_asm+0x1a/0x30 [ 20.923031] </TASK> [ 20.923045] [ 20.932700] Allocated by task 282: [ 20.933015] kasan_save_stack+0x45/0x70 [ 20.933533] kasan_save_track+0x18/0x40 [ 20.933947] kasan_save_alloc_info+0x3b/0x50 [ 20.934196] __kasan_kmalloc+0xb7/0xc0 [ 20.934392] __kmalloc_cache_noprof+0x189/0x420 [ 20.934770] kasan_atomics+0x95/0x310 [ 20.935097] kunit_try_run_case+0x1a5/0x480 [ 20.935310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.935661] kthread+0x337/0x6f0 [ 20.935941] ret_from_fork+0x116/0x1d0 [ 20.936141] ret_from_fork_asm+0x1a/0x30 [ 20.936442] [ 20.936567] The buggy address belongs to the object at ffff888102b66500 [ 20.936567] which belongs to the cache kmalloc-64 of size 64 [ 20.937021] The buggy address is located 0 bytes to the right of [ 20.937021] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.938057] [ 20.938251] The buggy address belongs to the physical page: [ 20.938525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.939280] flags: 0x200000000000000(node=0|zone=2) [ 20.939517] page_type: f5(slab) [ 20.939707] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.940493] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.941005] page dumped because: kasan: bad access detected [ 20.941230] [ 20.941363] Memory state around the buggy address: [ 20.941580] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.941851] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.942120] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.942534] ^ [ 20.942925] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.943719] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.944252] ================================================================== [ 21.688805] ================================================================== [ 21.689889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 21.690498] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.690925] [ 21.691102] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.691215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.691246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.691302] Call Trace: [ 21.691344] <TASK> [ 21.691384] dump_stack_lvl+0x73/0xb0 [ 21.691475] print_report+0xd1/0x650 [ 21.691536] ? __virt_addr_valid+0x1db/0x2d0 [ 21.691585] ? kasan_atomics_helper+0x218a/0x5450 [ 21.691635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.691732] ? kasan_atomics_helper+0x218a/0x5450 [ 21.691777] kasan_report+0x141/0x180 [ 21.691822] ? kasan_atomics_helper+0x218a/0x5450 [ 21.691875] kasan_check_range+0x10c/0x1c0 [ 21.691925] __kasan_check_write+0x18/0x20 [ 21.691972] kasan_atomics_helper+0x218a/0x5450 [ 21.692026] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.692077] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.692116] ? kasan_atomics+0x152/0x310 [ 21.692172] kasan_atomics+0x1dc/0x310 [ 21.692214] ? __pfx_kasan_atomics+0x10/0x10 [ 21.692254] ? __pfx_read_tsc+0x10/0x10 [ 21.692306] ? ktime_get_ts64+0x86/0x230 [ 21.692335] kunit_try_run_case+0x1a5/0x480 [ 21.692365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.692391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.692418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.692444] ? __kthread_parkme+0x82/0x180 [ 21.692468] ? preempt_count_sub+0x50/0x80 [ 21.692495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.692522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.692548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.692574] kthread+0x337/0x6f0 [ 21.692597] ? trace_preempt_on+0x20/0xc0 [ 21.692623] ? __pfx_kthread+0x10/0x10 [ 21.692647] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.692724] ? calculate_sigpending+0x7b/0xa0 [ 21.692773] ? __pfx_kthread+0x10/0x10 [ 21.692818] ret_from_fork+0x116/0x1d0 [ 21.692860] ? __pfx_kthread+0x10/0x10 [ 21.692907] ret_from_fork_asm+0x1a/0x30 [ 21.692945] </TASK> [ 21.692960] [ 21.706431] Allocated by task 282: [ 21.707172] kasan_save_stack+0x45/0x70 [ 21.707673] kasan_save_track+0x18/0x40 [ 21.708128] kasan_save_alloc_info+0x3b/0x50 [ 21.708535] __kasan_kmalloc+0xb7/0xc0 [ 21.709073] __kmalloc_cache_noprof+0x189/0x420 [ 21.709324] kasan_atomics+0x95/0x310 [ 21.709556] kunit_try_run_case+0x1a5/0x480 [ 21.710184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.710660] kthread+0x337/0x6f0 [ 21.711124] ret_from_fork+0x116/0x1d0 [ 21.711322] ret_from_fork_asm+0x1a/0x30 [ 21.711555] [ 21.712092] The buggy address belongs to the object at ffff888102b66500 [ 21.712092] which belongs to the cache kmalloc-64 of size 64 [ 21.712788] The buggy address is located 0 bytes to the right of [ 21.712788] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.713432] [ 21.713634] The buggy address belongs to the physical page: [ 21.714124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.714982] flags: 0x200000000000000(node=0|zone=2) [ 21.715351] page_type: f5(slab) [ 21.715566] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.716379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.716961] page dumped because: kasan: bad access detected [ 21.717174] [ 21.717354] Memory state around the buggy address: [ 21.717727] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.718181] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.718611] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.719358] ^ [ 21.719646] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.720274] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.720541] ================================================================== [ 19.846511] ================================================================== [ 19.847323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 19.847930] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.848476] [ 19.848955] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.849125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.849199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.849242] Call Trace: [ 19.849291] <TASK> [ 19.849328] dump_stack_lvl+0x73/0xb0 [ 19.849395] print_report+0xd1/0x650 [ 19.849442] ? __virt_addr_valid+0x1db/0x2d0 [ 19.849529] ? kasan_atomics_helper+0x4b6e/0x5450 [ 19.849618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.849707] ? kasan_atomics_helper+0x4b6e/0x5450 [ 19.849761] kasan_report+0x141/0x180 [ 19.849806] ? kasan_atomics_helper+0x4b6e/0x5450 [ 19.849866] __asan_report_store4_noabort+0x1b/0x30 [ 19.849915] kasan_atomics_helper+0x4b6e/0x5450 [ 19.849968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.850021] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.850101] ? kasan_atomics+0x152/0x310 [ 19.850165] kasan_atomics+0x1dc/0x310 [ 19.850220] ? __pfx_kasan_atomics+0x10/0x10 [ 19.850288] ? __pfx_read_tsc+0x10/0x10 [ 19.850340] ? ktime_get_ts64+0x86/0x230 [ 19.850397] kunit_try_run_case+0x1a5/0x480 [ 19.850454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.850505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.850558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.850612] ? __kthread_parkme+0x82/0x180 [ 19.850687] ? preempt_count_sub+0x50/0x80 [ 19.850747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.850802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.850857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.850904] kthread+0x337/0x6f0 [ 19.850946] ? trace_preempt_on+0x20/0xc0 [ 19.851005] ? __pfx_kthread+0x10/0x10 [ 19.851093] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.851159] ? calculate_sigpending+0x7b/0xa0 [ 19.851216] ? __pfx_kthread+0x10/0x10 [ 19.851276] ret_from_fork+0x116/0x1d0 [ 19.851323] ? __pfx_kthread+0x10/0x10 [ 19.851372] ret_from_fork_asm+0x1a/0x30 [ 19.851459] </TASK> [ 19.851483] [ 19.864073] Allocated by task 282: [ 19.864379] kasan_save_stack+0x45/0x70 [ 19.864774] kasan_save_track+0x18/0x40 [ 19.864977] kasan_save_alloc_info+0x3b/0x50 [ 19.865500] __kasan_kmalloc+0xb7/0xc0 [ 19.865900] __kmalloc_cache_noprof+0x189/0x420 [ 19.866240] kasan_atomics+0x95/0x310 [ 19.866545] kunit_try_run_case+0x1a5/0x480 [ 19.866921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.867206] kthread+0x337/0x6f0 [ 19.867509] ret_from_fork+0x116/0x1d0 [ 19.867896] ret_from_fork_asm+0x1a/0x30 [ 19.868333] [ 19.868508] The buggy address belongs to the object at ffff888102b66500 [ 19.868508] which belongs to the cache kmalloc-64 of size 64 [ 19.869098] The buggy address is located 0 bytes to the right of [ 19.869098] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.869968] [ 19.870219] The buggy address belongs to the physical page: [ 19.870916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.871559] flags: 0x200000000000000(node=0|zone=2) [ 19.871906] page_type: f5(slab) [ 19.872096] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.872618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.873255] page dumped because: kasan: bad access detected [ 19.873678] [ 19.873873] Memory state around the buggy address: [ 19.874324] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.874915] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.875507] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.875887] ^ [ 19.876394] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.877244] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.877546] ================================================================== [ 21.658317] ================================================================== [ 21.658891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 21.659529] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.660043] [ 21.660303] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.660426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.660459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.660516] Call Trace: [ 21.660559] <TASK> [ 21.660605] dump_stack_lvl+0x73/0xb0 [ 21.660674] print_report+0xd1/0x650 [ 21.660729] ? __virt_addr_valid+0x1db/0x2d0 [ 21.660777] ? kasan_atomics_helper+0x4fb2/0x5450 [ 21.660818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.660860] ? kasan_atomics_helper+0x4fb2/0x5450 [ 21.660907] kasan_report+0x141/0x180 [ 21.660951] ? kasan_atomics_helper+0x4fb2/0x5450 [ 21.661007] __asan_report_load8_noabort+0x18/0x20 [ 21.661053] kasan_atomics_helper+0x4fb2/0x5450 [ 21.661099] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.661139] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.661179] ? kasan_atomics+0x152/0x310 [ 21.661232] kasan_atomics+0x1dc/0x310 [ 21.661296] ? __pfx_kasan_atomics+0x10/0x10 [ 21.661353] ? __pfx_read_tsc+0x10/0x10 [ 21.661401] ? ktime_get_ts64+0x86/0x230 [ 21.661436] kunit_try_run_case+0x1a5/0x480 [ 21.661466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.661495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.661522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.661548] ? __kthread_parkme+0x82/0x180 [ 21.661571] ? preempt_count_sub+0x50/0x80 [ 21.661598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.661624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.661650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.661689] kthread+0x337/0x6f0 [ 21.661720] ? trace_preempt_on+0x20/0xc0 [ 21.661748] ? __pfx_kthread+0x10/0x10 [ 21.661771] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.661794] ? calculate_sigpending+0x7b/0xa0 [ 21.661822] ? __pfx_kthread+0x10/0x10 [ 21.661846] ret_from_fork+0x116/0x1d0 [ 21.661867] ? __pfx_kthread+0x10/0x10 [ 21.661891] ret_from_fork_asm+0x1a/0x30 [ 21.661924] </TASK> [ 21.661939] [ 21.674893] Allocated by task 282: [ 21.675267] kasan_save_stack+0x45/0x70 [ 21.675650] kasan_save_track+0x18/0x40 [ 21.675864] kasan_save_alloc_info+0x3b/0x50 [ 21.676116] __kasan_kmalloc+0xb7/0xc0 [ 21.677089] __kmalloc_cache_noprof+0x189/0x420 [ 21.677642] kasan_atomics+0x95/0x310 [ 21.677969] kunit_try_run_case+0x1a5/0x480 [ 21.678266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.678600] kthread+0x337/0x6f0 [ 21.678934] ret_from_fork+0x116/0x1d0 [ 21.679322] ret_from_fork_asm+0x1a/0x30 [ 21.679591] [ 21.679759] The buggy address belongs to the object at ffff888102b66500 [ 21.679759] which belongs to the cache kmalloc-64 of size 64 [ 21.680437] The buggy address is located 0 bytes to the right of [ 21.680437] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.681252] [ 21.681454] The buggy address belongs to the physical page: [ 21.681780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.682432] flags: 0x200000000000000(node=0|zone=2) [ 21.682859] page_type: f5(slab) [ 21.683111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.683479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.684077] page dumped because: kasan: bad access detected [ 21.684407] [ 21.684531] Memory state around the buggy address: [ 21.684941] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.685496] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.685849] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.686383] ^ [ 21.686847] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.687174] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.687736] ================================================================== [ 20.776804] ================================================================== [ 20.777404] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 20.777866] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.778290] [ 20.778453] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.778565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.778595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.778641] Call Trace: [ 20.778712] <TASK> [ 20.778749] dump_stack_lvl+0x73/0xb0 [ 20.778828] print_report+0xd1/0x650 [ 20.778867] ? __virt_addr_valid+0x1db/0x2d0 [ 20.778905] ? kasan_atomics_helper+0x1217/0x5450 [ 20.778939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.778973] ? kasan_atomics_helper+0x1217/0x5450 [ 20.779020] kasan_report+0x141/0x180 [ 20.779084] ? kasan_atomics_helper+0x1217/0x5450 [ 20.779131] kasan_check_range+0x10c/0x1c0 [ 20.779176] __kasan_check_write+0x18/0x20 [ 20.779216] kasan_atomics_helper+0x1217/0x5450 [ 20.779271] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.779326] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.779377] ? kasan_atomics+0x152/0x310 [ 20.779438] kasan_atomics+0x1dc/0x310 [ 20.779493] ? __pfx_kasan_atomics+0x10/0x10 [ 20.779550] ? __pfx_read_tsc+0x10/0x10 [ 20.779599] ? ktime_get_ts64+0x86/0x230 [ 20.779654] kunit_try_run_case+0x1a5/0x480 [ 20.779741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.779795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.779850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.779889] ? __kthread_parkme+0x82/0x180 [ 20.779922] ? preempt_count_sub+0x50/0x80 [ 20.779960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.779996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.780033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.780072] kthread+0x337/0x6f0 [ 20.780105] ? trace_preempt_on+0x20/0xc0 [ 20.780142] ? __pfx_kthread+0x10/0x10 [ 20.780175] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.780210] ? calculate_sigpending+0x7b/0xa0 [ 20.780247] ? __pfx_kthread+0x10/0x10 [ 20.780299] ret_from_fork+0x116/0x1d0 [ 20.780328] ? __pfx_kthread+0x10/0x10 [ 20.780352] ret_from_fork_asm+0x1a/0x30 [ 20.780386] </TASK> [ 20.780401] [ 20.793883] Allocated by task 282: [ 20.794245] kasan_save_stack+0x45/0x70 [ 20.794649] kasan_save_track+0x18/0x40 [ 20.795019] kasan_save_alloc_info+0x3b/0x50 [ 20.795422] __kasan_kmalloc+0xb7/0xc0 [ 20.795617] __kmalloc_cache_noprof+0x189/0x420 [ 20.795961] kasan_atomics+0x95/0x310 [ 20.796207] kunit_try_run_case+0x1a5/0x480 [ 20.797770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.798057] kthread+0x337/0x6f0 [ 20.798240] ret_from_fork+0x116/0x1d0 [ 20.798563] ret_from_fork_asm+0x1a/0x30 [ 20.798935] [ 20.799122] The buggy address belongs to the object at ffff888102b66500 [ 20.799122] which belongs to the cache kmalloc-64 of size 64 [ 20.799955] The buggy address is located 0 bytes to the right of [ 20.799955] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.800445] [ 20.800579] The buggy address belongs to the physical page: [ 20.801006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.801551] flags: 0x200000000000000(node=0|zone=2) [ 20.801936] page_type: f5(slab) [ 20.802189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.802488] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.802807] page dumped because: kasan: bad access detected [ 20.803253] [ 20.803451] Memory state around the buggy address: [ 20.803853] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.804414] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.804761] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.805034] ^ [ 20.805395] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.805953] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.806492] ================================================================== [ 20.024604] ================================================================== [ 20.025498] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 20.026447] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.027024] [ 20.027426] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.027551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.027583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.027631] Call Trace: [ 20.027703] <TASK> [ 20.027747] dump_stack_lvl+0x73/0xb0 [ 20.027812] print_report+0xd1/0x650 [ 20.027861] ? __virt_addr_valid+0x1db/0x2d0 [ 20.027908] ? kasan_atomics_helper+0x565/0x5450 [ 20.027960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.028025] ? kasan_atomics_helper+0x565/0x5450 [ 20.028202] kasan_report+0x141/0x180 [ 20.028250] ? kasan_atomics_helper+0x565/0x5450 [ 20.028312] kasan_check_range+0x10c/0x1c0 [ 20.028340] __kasan_check_write+0x18/0x20 [ 20.028363] kasan_atomics_helper+0x565/0x5450 [ 20.028388] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.028414] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.028439] ? kasan_atomics+0x152/0x310 [ 20.028468] kasan_atomics+0x1dc/0x310 [ 20.028494] ? __pfx_kasan_atomics+0x10/0x10 [ 20.028521] ? __pfx_read_tsc+0x10/0x10 [ 20.028546] ? ktime_get_ts64+0x86/0x230 [ 20.028573] kunit_try_run_case+0x1a5/0x480 [ 20.028600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.028625] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.028651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.028690] ? __kthread_parkme+0x82/0x180 [ 20.028716] ? preempt_count_sub+0x50/0x80 [ 20.028743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.028769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.028795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.028821] kthread+0x337/0x6f0 [ 20.028844] ? trace_preempt_on+0x20/0xc0 [ 20.028870] ? __pfx_kthread+0x10/0x10 [ 20.028893] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.028917] ? calculate_sigpending+0x7b/0xa0 [ 20.028944] ? __pfx_kthread+0x10/0x10 [ 20.028968] ret_from_fork+0x116/0x1d0 [ 20.028988] ? __pfx_kthread+0x10/0x10 [ 20.029012] ret_from_fork_asm+0x1a/0x30 [ 20.029060] </TASK> [ 20.029081] [ 20.042194] Allocated by task 282: [ 20.042880] kasan_save_stack+0x45/0x70 [ 20.043294] kasan_save_track+0x18/0x40 [ 20.043641] kasan_save_alloc_info+0x3b/0x50 [ 20.044049] __kasan_kmalloc+0xb7/0xc0 [ 20.044501] __kmalloc_cache_noprof+0x189/0x420 [ 20.044841] kasan_atomics+0x95/0x310 [ 20.045450] kunit_try_run_case+0x1a5/0x480 [ 20.046321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.046797] kthread+0x337/0x6f0 [ 20.047070] ret_from_fork+0x116/0x1d0 [ 20.047415] ret_from_fork_asm+0x1a/0x30 [ 20.047677] [ 20.047791] The buggy address belongs to the object at ffff888102b66500 [ 20.047791] which belongs to the cache kmalloc-64 of size 64 [ 20.048583] The buggy address is located 0 bytes to the right of [ 20.048583] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.049120] [ 20.049267] The buggy address belongs to the physical page: [ 20.049492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.050162] flags: 0x200000000000000(node=0|zone=2) [ 20.050699] page_type: f5(slab) [ 20.051052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.051780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.052021] page dumped because: kasan: bad access detected [ 20.052510] [ 20.052738] Memory state around the buggy address: [ 20.053142] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.053632] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.053941] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.054198] ^ [ 20.054779] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.055608] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.056251] ================================================================== [ 20.307547] ================================================================== [ 20.308600] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 20.308963] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.309252] [ 20.309500] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.309604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.309679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.309749] Call Trace: [ 20.309793] <TASK> [ 20.309860] dump_stack_lvl+0x73/0xb0 [ 20.309927] print_report+0xd1/0x650 [ 20.309976] ? __virt_addr_valid+0x1db/0x2d0 [ 20.310028] ? kasan_atomics_helper+0xa2b/0x5450 [ 20.310078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.310130] ? kasan_atomics_helper+0xa2b/0x5450 [ 20.310179] kasan_report+0x141/0x180 [ 20.310235] ? kasan_atomics_helper+0xa2b/0x5450 [ 20.310311] kasan_check_range+0x10c/0x1c0 [ 20.310369] __kasan_check_write+0x18/0x20 [ 20.310417] kasan_atomics_helper+0xa2b/0x5450 [ 20.310467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.310516] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.310564] ? kasan_atomics+0x152/0x310 [ 20.310624] kasan_atomics+0x1dc/0x310 [ 20.310672] ? __pfx_kasan_atomics+0x10/0x10 [ 20.310721] ? __pfx_read_tsc+0x10/0x10 [ 20.310768] ? ktime_get_ts64+0x86/0x230 [ 20.310822] kunit_try_run_case+0x1a5/0x480 [ 20.310876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.310927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.310975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.311057] ? __kthread_parkme+0x82/0x180 [ 20.311110] ? preempt_count_sub+0x50/0x80 [ 20.311138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.311166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.311196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.311222] kthread+0x337/0x6f0 [ 20.311245] ? trace_preempt_on+0x20/0xc0 [ 20.311298] ? __pfx_kthread+0x10/0x10 [ 20.311341] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.311385] ? calculate_sigpending+0x7b/0xa0 [ 20.311438] ? __pfx_kthread+0x10/0x10 [ 20.311488] ret_from_fork+0x116/0x1d0 [ 20.311533] ? __pfx_kthread+0x10/0x10 [ 20.311583] ret_from_fork_asm+0x1a/0x30 [ 20.311664] </TASK> [ 20.311696] [ 20.323036] Allocated by task 282: [ 20.323351] kasan_save_stack+0x45/0x70 [ 20.323729] kasan_save_track+0x18/0x40 [ 20.323952] kasan_save_alloc_info+0x3b/0x50 [ 20.324224] __kasan_kmalloc+0xb7/0xc0 [ 20.324427] __kmalloc_cache_noprof+0x189/0x420 [ 20.324638] kasan_atomics+0x95/0x310 [ 20.324867] kunit_try_run_case+0x1a5/0x480 [ 20.325078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.325328] kthread+0x337/0x6f0 [ 20.325625] ret_from_fork+0x116/0x1d0 [ 20.325989] ret_from_fork_asm+0x1a/0x30 [ 20.326341] [ 20.326515] The buggy address belongs to the object at ffff888102b66500 [ 20.326515] which belongs to the cache kmalloc-64 of size 64 [ 20.327447] The buggy address is located 0 bytes to the right of [ 20.327447] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.328514] [ 20.329837] The buggy address belongs to the physical page: [ 20.330397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.330895] flags: 0x200000000000000(node=0|zone=2) [ 20.331552] page_type: f5(slab) [ 20.331893] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.332401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.332930] page dumped because: kasan: bad access detected [ 20.333382] [ 20.333555] Memory state around the buggy address: [ 20.333865] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.334306] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.334789] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.335287] ^ [ 20.335687] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.336154] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.336578] ================================================================== [ 20.890868] ================================================================== [ 20.891512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 20.892120] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.893230] [ 20.893484] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.893596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.893624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.893699] Call Trace: [ 20.893742] <TASK> [ 20.893781] dump_stack_lvl+0x73/0xb0 [ 20.893849] print_report+0xd1/0x650 [ 20.893901] ? __virt_addr_valid+0x1db/0x2d0 [ 20.893953] ? kasan_atomics_helper+0x13b5/0x5450 [ 20.894001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.894051] ? kasan_atomics_helper+0x13b5/0x5450 [ 20.894101] kasan_report+0x141/0x180 [ 20.894152] ? kasan_atomics_helper+0x13b5/0x5450 [ 20.894213] kasan_check_range+0x10c/0x1c0 [ 20.894280] __kasan_check_read+0x15/0x20 [ 20.894329] kasan_atomics_helper+0x13b5/0x5450 [ 20.894384] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.894437] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.894488] ? kasan_atomics+0x152/0x310 [ 20.894551] kasan_atomics+0x1dc/0x310 [ 20.894605] ? __pfx_kasan_atomics+0x10/0x10 [ 20.894688] ? __pfx_read_tsc+0x10/0x10 [ 20.894740] ? ktime_get_ts64+0x86/0x230 [ 20.894798] kunit_try_run_case+0x1a5/0x480 [ 20.894855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.894902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.894936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.894962] ? __kthread_parkme+0x82/0x180 [ 20.894986] ? preempt_count_sub+0x50/0x80 [ 20.895031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.895058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.895084] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.895111] kthread+0x337/0x6f0 [ 20.895133] ? trace_preempt_on+0x20/0xc0 [ 20.895160] ? __pfx_kthread+0x10/0x10 [ 20.895183] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.895206] ? calculate_sigpending+0x7b/0xa0 [ 20.895233] ? __pfx_kthread+0x10/0x10 [ 20.895273] ret_from_fork+0x116/0x1d0 [ 20.895303] ? __pfx_kthread+0x10/0x10 [ 20.895326] ret_from_fork_asm+0x1a/0x30 [ 20.895359] </TASK> [ 20.895374] [ 20.904544] Allocated by task 282: [ 20.904921] kasan_save_stack+0x45/0x70 [ 20.905300] kasan_save_track+0x18/0x40 [ 20.905622] kasan_save_alloc_info+0x3b/0x50 [ 20.906014] __kasan_kmalloc+0xb7/0xc0 [ 20.906352] __kmalloc_cache_noprof+0x189/0x420 [ 20.906771] kasan_atomics+0x95/0x310 [ 20.907110] kunit_try_run_case+0x1a5/0x480 [ 20.907484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.907942] kthread+0x337/0x6f0 [ 20.908242] ret_from_fork+0x116/0x1d0 [ 20.908482] ret_from_fork_asm+0x1a/0x30 [ 20.908800] [ 20.908985] The buggy address belongs to the object at ffff888102b66500 [ 20.908985] which belongs to the cache kmalloc-64 of size 64 [ 20.909577] The buggy address is located 0 bytes to the right of [ 20.909577] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.910102] [ 20.910308] The buggy address belongs to the physical page: [ 20.910643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.911034] flags: 0x200000000000000(node=0|zone=2) [ 20.911277] page_type: f5(slab) [ 20.911468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.911789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.912071] page dumped because: kasan: bad access detected [ 20.912295] [ 20.912452] Memory state around the buggy address: [ 20.912888] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.913457] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.914031] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.914534] ^ [ 20.914975] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.915551] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.917162] ================================================================== [ 21.343836] ================================================================== [ 21.344386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 21.344708] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.345241] [ 21.345544] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.345656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.345685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.345735] Call Trace: [ 21.345779] <TASK> [ 21.345824] dump_stack_lvl+0x73/0xb0 [ 21.345893] print_report+0xd1/0x650 [ 21.345938] ? __virt_addr_valid+0x1db/0x2d0 [ 21.345986] ? kasan_atomics_helper+0x1c18/0x5450 [ 21.346031] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.346073] ? kasan_atomics_helper+0x1c18/0x5450 [ 21.346113] kasan_report+0x141/0x180 [ 21.346161] ? kasan_atomics_helper+0x1c18/0x5450 [ 21.346213] kasan_check_range+0x10c/0x1c0 [ 21.346278] __kasan_check_write+0x18/0x20 [ 21.346325] kasan_atomics_helper+0x1c18/0x5450 [ 21.346373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.346417] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.346465] ? kasan_atomics+0x152/0x310 [ 21.346520] kasan_atomics+0x1dc/0x310 [ 21.346569] ? __pfx_kasan_atomics+0x10/0x10 [ 21.346619] ? __pfx_read_tsc+0x10/0x10 [ 21.346664] ? ktime_get_ts64+0x86/0x230 [ 21.346732] kunit_try_run_case+0x1a5/0x480 [ 21.346785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.346829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.346879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.346924] ? __kthread_parkme+0x82/0x180 [ 21.346965] ? preempt_count_sub+0x50/0x80 [ 21.347029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.347085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.347139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.347188] kthread+0x337/0x6f0 [ 21.347228] ? trace_preempt_on+0x20/0xc0 [ 21.347294] ? __pfx_kthread+0x10/0x10 [ 21.347339] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.347382] ? calculate_sigpending+0x7b/0xa0 [ 21.347431] ? __pfx_kthread+0x10/0x10 [ 21.347480] ret_from_fork+0x116/0x1d0 [ 21.347520] ? __pfx_kthread+0x10/0x10 [ 21.347564] ret_from_fork_asm+0x1a/0x30 [ 21.347628] </TASK> [ 21.347657] [ 21.357972] Allocated by task 282: [ 21.358369] kasan_save_stack+0x45/0x70 [ 21.358781] kasan_save_track+0x18/0x40 [ 21.359141] kasan_save_alloc_info+0x3b/0x50 [ 21.359384] __kasan_kmalloc+0xb7/0xc0 [ 21.359712] __kmalloc_cache_noprof+0x189/0x420 [ 21.359982] kasan_atomics+0x95/0x310 [ 21.360305] kunit_try_run_case+0x1a5/0x480 [ 21.360657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.360914] kthread+0x337/0x6f0 [ 21.361107] ret_from_fork+0x116/0x1d0 [ 21.361450] ret_from_fork_asm+0x1a/0x30 [ 21.361834] [ 21.362004] The buggy address belongs to the object at ffff888102b66500 [ 21.362004] which belongs to the cache kmalloc-64 of size 64 [ 21.362619] The buggy address is located 0 bytes to the right of [ 21.362619] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.364702] [ 21.364855] The buggy address belongs to the physical page: [ 21.365088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.365436] flags: 0x200000000000000(node=0|zone=2) [ 21.366445] page_type: f5(slab) [ 21.366691] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.367307] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.368167] page dumped because: kasan: bad access detected [ 21.368726] [ 21.368855] Memory state around the buggy address: [ 21.369055] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.369628] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.370477] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.370819] ^ [ 21.371331] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.371844] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.372006] ================================================================== [ 20.370226] ================================================================== [ 20.370637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 20.371091] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.371800] [ 20.372066] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.372176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.372238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.372296] Call Trace: [ 20.372340] <TASK> [ 20.372381] dump_stack_lvl+0x73/0xb0 [ 20.372452] print_report+0xd1/0x650 [ 20.372506] ? __virt_addr_valid+0x1db/0x2d0 [ 20.372551] ? kasan_atomics_helper+0xb6a/0x5450 [ 20.372594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.372643] ? kasan_atomics_helper+0xb6a/0x5450 [ 20.372730] kasan_report+0x141/0x180 [ 20.372778] ? kasan_atomics_helper+0xb6a/0x5450 [ 20.372839] kasan_check_range+0x10c/0x1c0 [ 20.372894] __kasan_check_write+0x18/0x20 [ 20.372938] kasan_atomics_helper+0xb6a/0x5450 [ 20.373028] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.373081] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.373127] ? kasan_atomics+0x152/0x310 [ 20.373176] kasan_atomics+0x1dc/0x310 [ 20.373204] ? __pfx_kasan_atomics+0x10/0x10 [ 20.373232] ? __pfx_read_tsc+0x10/0x10 [ 20.373273] ? ktime_get_ts64+0x86/0x230 [ 20.373307] kunit_try_run_case+0x1a5/0x480 [ 20.373337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.373363] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.373391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.373416] ? __kthread_parkme+0x82/0x180 [ 20.373440] ? preempt_count_sub+0x50/0x80 [ 20.373466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.373492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.373518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.373544] kthread+0x337/0x6f0 [ 20.373566] ? trace_preempt_on+0x20/0xc0 [ 20.373594] ? __pfx_kthread+0x10/0x10 [ 20.373618] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.373640] ? calculate_sigpending+0x7b/0xa0 [ 20.373677] ? __pfx_kthread+0x10/0x10 [ 20.373734] ret_from_fork+0x116/0x1d0 [ 20.373756] ? __pfx_kthread+0x10/0x10 [ 20.373780] ret_from_fork_asm+0x1a/0x30 [ 20.373814] </TASK> [ 20.373830] [ 20.387176] Allocated by task 282: [ 20.387408] kasan_save_stack+0x45/0x70 [ 20.387642] kasan_save_track+0x18/0x40 [ 20.388736] kasan_save_alloc_info+0x3b/0x50 [ 20.389108] __kasan_kmalloc+0xb7/0xc0 [ 20.389331] __kmalloc_cache_noprof+0x189/0x420 [ 20.389655] kasan_atomics+0x95/0x310 [ 20.390195] kunit_try_run_case+0x1a5/0x480 [ 20.390634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.391517] kthread+0x337/0x6f0 [ 20.391815] ret_from_fork+0x116/0x1d0 [ 20.391995] ret_from_fork_asm+0x1a/0x30 [ 20.392557] [ 20.392734] The buggy address belongs to the object at ffff888102b66500 [ 20.392734] which belongs to the cache kmalloc-64 of size 64 [ 20.393532] The buggy address is located 0 bytes to the right of [ 20.393532] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.394316] [ 20.394887] The buggy address belongs to the physical page: [ 20.395127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.395656] flags: 0x200000000000000(node=0|zone=2) [ 20.395986] page_type: f5(slab) [ 20.396233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.396571] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.397118] page dumped because: kasan: bad access detected [ 20.397349] [ 20.397467] Memory state around the buggy address: [ 20.397679] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.397935] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.398458] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.399010] ^ [ 20.399487] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.400859] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.401189] ================================================================== [ 21.405011] ================================================================== [ 21.405627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 21.406173] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.406713] [ 21.406944] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.407087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.407117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.407162] Call Trace: [ 21.407204] <TASK> [ 21.407252] dump_stack_lvl+0x73/0xb0 [ 21.407339] print_report+0xd1/0x650 [ 21.407387] ? __virt_addr_valid+0x1db/0x2d0 [ 21.407433] ? kasan_atomics_helper+0x1ce1/0x5450 [ 21.407476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.407523] ? kasan_atomics_helper+0x1ce1/0x5450 [ 21.407567] kasan_report+0x141/0x180 [ 21.407626] ? kasan_atomics_helper+0x1ce1/0x5450 [ 21.407728] kasan_check_range+0x10c/0x1c0 [ 21.407783] __kasan_check_write+0x18/0x20 [ 21.407826] kasan_atomics_helper+0x1ce1/0x5450 [ 21.407887] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.407950] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.407999] ? kasan_atomics+0x152/0x310 [ 21.408053] kasan_atomics+0x1dc/0x310 [ 21.408101] ? __pfx_kasan_atomics+0x10/0x10 [ 21.408163] ? __pfx_read_tsc+0x10/0x10 [ 21.408229] ? ktime_get_ts64+0x86/0x230 [ 21.408290] kunit_try_run_case+0x1a5/0x480 [ 21.408346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.408399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.408464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.408515] ? __kthread_parkme+0x82/0x180 [ 21.408555] ? preempt_count_sub+0x50/0x80 [ 21.408606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.408690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.408749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.408813] kthread+0x337/0x6f0 [ 21.408858] ? trace_preempt_on+0x20/0xc0 [ 21.408907] ? __pfx_kthread+0x10/0x10 [ 21.408951] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.409005] ? calculate_sigpending+0x7b/0xa0 [ 21.409074] ? __pfx_kthread+0x10/0x10 [ 21.409116] ret_from_fork+0x116/0x1d0 [ 21.409144] ? __pfx_kthread+0x10/0x10 [ 21.409168] ret_from_fork_asm+0x1a/0x30 [ 21.409203] </TASK> [ 21.409218] [ 21.419855] Allocated by task 282: [ 21.420187] kasan_save_stack+0x45/0x70 [ 21.420524] kasan_save_track+0x18/0x40 [ 21.420895] kasan_save_alloc_info+0x3b/0x50 [ 21.421213] __kasan_kmalloc+0xb7/0xc0 [ 21.421415] __kmalloc_cache_noprof+0x189/0x420 [ 21.421632] kasan_atomics+0x95/0x310 [ 21.421992] kunit_try_run_case+0x1a5/0x480 [ 21.422383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.422862] kthread+0x337/0x6f0 [ 21.423173] ret_from_fork+0x116/0x1d0 [ 21.423487] ret_from_fork_asm+0x1a/0x30 [ 21.423816] [ 21.423996] The buggy address belongs to the object at ffff888102b66500 [ 21.423996] which belongs to the cache kmalloc-64 of size 64 [ 21.424699] The buggy address is located 0 bytes to the right of [ 21.424699] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.425420] [ 21.425597] The buggy address belongs to the physical page: [ 21.426046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.426481] flags: 0x200000000000000(node=0|zone=2) [ 21.426910] page_type: f5(slab) [ 21.427117] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.427632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.428227] page dumped because: kasan: bad access detected [ 21.428678] [ 21.428790] Memory state around the buggy address: [ 21.428978] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.429216] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.431229] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.431540] ^ [ 21.431760] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.432000] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.432243] ================================================================== [ 20.127919] ================================================================== [ 20.129120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 20.129817] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.130376] [ 20.130576] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.130709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.130735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.130775] Call Trace: [ 20.130814] <TASK> [ 20.130851] dump_stack_lvl+0x73/0xb0 [ 20.130916] print_report+0xd1/0x650 [ 20.131013] ? __virt_addr_valid+0x1db/0x2d0 [ 20.131099] ? kasan_atomics_helper+0x72f/0x5450 [ 20.131146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.131185] ? kasan_atomics_helper+0x72f/0x5450 [ 20.131222] kasan_report+0x141/0x180 [ 20.131321] ? kasan_atomics_helper+0x72f/0x5450 [ 20.131377] kasan_check_range+0x10c/0x1c0 [ 20.131427] __kasan_check_write+0x18/0x20 [ 20.131501] kasan_atomics_helper+0x72f/0x5450 [ 20.131551] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.131623] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.131718] ? kasan_atomics+0x152/0x310 [ 20.131804] kasan_atomics+0x1dc/0x310 [ 20.131865] ? __pfx_kasan_atomics+0x10/0x10 [ 20.131917] ? __pfx_read_tsc+0x10/0x10 [ 20.131962] ? ktime_get_ts64+0x86/0x230 [ 20.132012] kunit_try_run_case+0x1a5/0x480 [ 20.132124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.132190] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.132242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.132295] ? __kthread_parkme+0x82/0x180 [ 20.132334] ? preempt_count_sub+0x50/0x80 [ 20.132375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.132417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.132461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.132492] kthread+0x337/0x6f0 [ 20.132516] ? trace_preempt_on+0x20/0xc0 [ 20.132544] ? __pfx_kthread+0x10/0x10 [ 20.132568] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.132592] ? calculate_sigpending+0x7b/0xa0 [ 20.132619] ? __pfx_kthread+0x10/0x10 [ 20.132643] ret_from_fork+0x116/0x1d0 [ 20.132689] ? __pfx_kthread+0x10/0x10 [ 20.132722] ret_from_fork_asm+0x1a/0x30 [ 20.132756] </TASK> [ 20.132771] [ 20.148235] Allocated by task 282: [ 20.148982] kasan_save_stack+0x45/0x70 [ 20.149483] kasan_save_track+0x18/0x40 [ 20.150031] kasan_save_alloc_info+0x3b/0x50 [ 20.150491] __kasan_kmalloc+0xb7/0xc0 [ 20.150946] __kmalloc_cache_noprof+0x189/0x420 [ 20.151188] kasan_atomics+0x95/0x310 [ 20.151554] kunit_try_run_case+0x1a5/0x480 [ 20.152657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.153291] kthread+0x337/0x6f0 [ 20.153899] ret_from_fork+0x116/0x1d0 [ 20.154284] ret_from_fork_asm+0x1a/0x30 [ 20.154954] [ 20.155106] The buggy address belongs to the object at ffff888102b66500 [ 20.155106] which belongs to the cache kmalloc-64 of size 64 [ 20.155981] The buggy address is located 0 bytes to the right of [ 20.155981] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.157160] [ 20.157588] The buggy address belongs to the physical page: [ 20.158046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.159048] flags: 0x200000000000000(node=0|zone=2) [ 20.159444] page_type: f5(slab) [ 20.159996] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.161058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.161392] page dumped because: kasan: bad access detected [ 20.162550] [ 20.162722] Memory state around the buggy address: [ 20.162938] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.163482] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.164453] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.165525] ^ [ 20.165834] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.166316] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.167053] ================================================================== [ 21.433078] ================================================================== [ 21.433787] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 21.434183] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.434724] [ 21.434852] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.434938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.434959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.435009] Call Trace: [ 21.435050] <TASK> [ 21.435088] dump_stack_lvl+0x73/0xb0 [ 21.435157] print_report+0xd1/0x650 [ 21.435211] ? __virt_addr_valid+0x1db/0x2d0 [ 21.435275] ? kasan_atomics_helper+0x1d7a/0x5450 [ 21.435316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.435353] ? kasan_atomics_helper+0x1d7a/0x5450 [ 21.435393] kasan_report+0x141/0x180 [ 21.435436] ? kasan_atomics_helper+0x1d7a/0x5450 [ 21.435488] kasan_check_range+0x10c/0x1c0 [ 21.435536] __kasan_check_write+0x18/0x20 [ 21.435581] kasan_atomics_helper+0x1d7a/0x5450 [ 21.435631] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.435715] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.435765] ? kasan_atomics+0x152/0x310 [ 21.435825] kasan_atomics+0x1dc/0x310 [ 21.435876] ? __pfx_kasan_atomics+0x10/0x10 [ 21.435932] ? __pfx_read_tsc+0x10/0x10 [ 21.435979] ? ktime_get_ts64+0x86/0x230 [ 21.436033] kunit_try_run_case+0x1a5/0x480 [ 21.436076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.436116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.436158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.436197] ? __kthread_parkme+0x82/0x180 [ 21.436238] ? preempt_count_sub+0x50/0x80 [ 21.436302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.436354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.436405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.436449] kthread+0x337/0x6f0 [ 21.436486] ? trace_preempt_on+0x20/0xc0 [ 21.436534] ? __pfx_kthread+0x10/0x10 [ 21.436574] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.436622] ? calculate_sigpending+0x7b/0xa0 [ 21.436709] ? __pfx_kthread+0x10/0x10 [ 21.436763] ret_from_fork+0x116/0x1d0 [ 21.436809] ? __pfx_kthread+0x10/0x10 [ 21.436859] ret_from_fork_asm+0x1a/0x30 [ 21.436928] </TASK> [ 21.436957] [ 21.446994] Allocated by task 282: [ 21.447253] kasan_save_stack+0x45/0x70 [ 21.447630] kasan_save_track+0x18/0x40 [ 21.447934] kasan_save_alloc_info+0x3b/0x50 [ 21.448253] __kasan_kmalloc+0xb7/0xc0 [ 21.448574] __kmalloc_cache_noprof+0x189/0x420 [ 21.448843] kasan_atomics+0x95/0x310 [ 21.449165] kunit_try_run_case+0x1a5/0x480 [ 21.449390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.449632] kthread+0x337/0x6f0 [ 21.449842] ret_from_fork+0x116/0x1d0 [ 21.450163] ret_from_fork_asm+0x1a/0x30 [ 21.450512] [ 21.450710] The buggy address belongs to the object at ffff888102b66500 [ 21.450710] which belongs to the cache kmalloc-64 of size 64 [ 21.451554] The buggy address is located 0 bytes to the right of [ 21.451554] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.452151] [ 21.452295] The buggy address belongs to the physical page: [ 21.452524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.452858] flags: 0x200000000000000(node=0|zone=2) [ 21.453090] page_type: f5(slab) [ 21.453289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.453899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.454491] page dumped because: kasan: bad access detected [ 21.454951] [ 21.455146] Memory state around the buggy address: [ 21.455555] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.456137] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.456698] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.457124] ^ [ 21.457424] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.457955] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.458232] ================================================================== [ 19.812576] ================================================================== [ 19.813729] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 19.814208] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.815468] [ 19.815642] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.816018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.816544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.816636] Call Trace: [ 19.816682] <TASK> [ 19.816718] dump_stack_lvl+0x73/0xb0 [ 19.816787] print_report+0xd1/0x650 [ 19.816841] ? __virt_addr_valid+0x1db/0x2d0 [ 19.816888] ? kasan_atomics_helper+0x4b88/0x5450 [ 19.816951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.816995] ? kasan_atomics_helper+0x4b88/0x5450 [ 19.817036] kasan_report+0x141/0x180 [ 19.817107] ? kasan_atomics_helper+0x4b88/0x5450 [ 19.817156] __asan_report_load4_noabort+0x18/0x20 [ 19.817193] kasan_atomics_helper+0x4b88/0x5450 [ 19.817224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.817250] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.817300] ? kasan_atomics+0x152/0x310 [ 19.817329] kasan_atomics+0x1dc/0x310 [ 19.817353] ? __pfx_kasan_atomics+0x10/0x10 [ 19.817379] ? __pfx_read_tsc+0x10/0x10 [ 19.817402] ? ktime_get_ts64+0x86/0x230 [ 19.817428] kunit_try_run_case+0x1a5/0x480 [ 19.817455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.817479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.817504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.817529] ? __kthread_parkme+0x82/0x180 [ 19.817552] ? preempt_count_sub+0x50/0x80 [ 19.817577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.817603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.817628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.817666] kthread+0x337/0x6f0 [ 19.817714] ? trace_preempt_on+0x20/0xc0 [ 19.817741] ? __pfx_kthread+0x10/0x10 [ 19.817763] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.817786] ? calculate_sigpending+0x7b/0xa0 [ 19.817813] ? __pfx_kthread+0x10/0x10 [ 19.817837] ret_from_fork+0x116/0x1d0 [ 19.817857] ? __pfx_kthread+0x10/0x10 [ 19.817879] ret_from_fork_asm+0x1a/0x30 [ 19.817912] </TASK> [ 19.817925] [ 19.833403] Allocated by task 282: [ 19.833766] kasan_save_stack+0x45/0x70 [ 19.834140] kasan_save_track+0x18/0x40 [ 19.834460] kasan_save_alloc_info+0x3b/0x50 [ 19.834762] __kasan_kmalloc+0xb7/0xc0 [ 19.834912] __kmalloc_cache_noprof+0x189/0x420 [ 19.835361] kasan_atomics+0x95/0x310 [ 19.835788] kunit_try_run_case+0x1a5/0x480 [ 19.836144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.836393] kthread+0x337/0x6f0 [ 19.836562] ret_from_fork+0x116/0x1d0 [ 19.836779] ret_from_fork_asm+0x1a/0x30 [ 19.837156] [ 19.837396] The buggy address belongs to the object at ffff888102b66500 [ 19.837396] which belongs to the cache kmalloc-64 of size 64 [ 19.838344] The buggy address is located 0 bytes to the right of [ 19.838344] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.838842] [ 19.838967] The buggy address belongs to the physical page: [ 19.839197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.839958] flags: 0x200000000000000(node=0|zone=2) [ 19.840491] page_type: f5(slab) [ 19.840805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.841458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.842087] page dumped because: kasan: bad access detected [ 19.842517] [ 19.842763] Memory state around the buggy address: [ 19.843070] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.843359] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.843634] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.843900] ^ [ 19.844106] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.844641] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.845247] ================================================================== [ 21.514396] ================================================================== [ 21.515101] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 21.515736] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.516316] [ 21.516527] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.516634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.516695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.516743] Call Trace: [ 21.516786] <TASK> [ 21.516829] dump_stack_lvl+0x73/0xb0 [ 21.516894] print_report+0xd1/0x650 [ 21.516945] ? __virt_addr_valid+0x1db/0x2d0 [ 21.516991] ? kasan_atomics_helper+0x1f43/0x5450 [ 21.517037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.517083] ? kasan_atomics_helper+0x1f43/0x5450 [ 21.517133] kasan_report+0x141/0x180 [ 21.517179] ? kasan_atomics_helper+0x1f43/0x5450 [ 21.517236] kasan_check_range+0x10c/0x1c0 [ 21.517298] __kasan_check_write+0x18/0x20 [ 21.517342] kasan_atomics_helper+0x1f43/0x5450 [ 21.517393] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.517438] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.517484] ? kasan_atomics+0x152/0x310 [ 21.517537] kasan_atomics+0x1dc/0x310 [ 21.517583] ? __pfx_kasan_atomics+0x10/0x10 [ 21.517635] ? __pfx_read_tsc+0x10/0x10 [ 21.517715] ? ktime_get_ts64+0x86/0x230 [ 21.517769] kunit_try_run_case+0x1a5/0x480 [ 21.517816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.517863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.517911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.517958] ? __kthread_parkme+0x82/0x180 [ 21.518002] ? preempt_count_sub+0x50/0x80 [ 21.518051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.518097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.518145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.518192] kthread+0x337/0x6f0 [ 21.518235] ? trace_preempt_on+0x20/0xc0 [ 21.518299] ? __pfx_kthread+0x10/0x10 [ 21.518346] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.518393] ? calculate_sigpending+0x7b/0xa0 [ 21.518448] ? __pfx_kthread+0x10/0x10 [ 21.518499] ret_from_fork+0x116/0x1d0 [ 21.518542] ? __pfx_kthread+0x10/0x10 [ 21.518591] ret_from_fork_asm+0x1a/0x30 [ 21.518688] </TASK> [ 21.518721] [ 21.529950] Allocated by task 282: [ 21.530175] kasan_save_stack+0x45/0x70 [ 21.530563] kasan_save_track+0x18/0x40 [ 21.530912] kasan_save_alloc_info+0x3b/0x50 [ 21.531272] __kasan_kmalloc+0xb7/0xc0 [ 21.531608] __kmalloc_cache_noprof+0x189/0x420 [ 21.531999] kasan_atomics+0x95/0x310 [ 21.532345] kunit_try_run_case+0x1a5/0x480 [ 21.533079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.533532] kthread+0x337/0x6f0 [ 21.533851] ret_from_fork+0x116/0x1d0 [ 21.534129] ret_from_fork_asm+0x1a/0x30 [ 21.534405] [ 21.534544] The buggy address belongs to the object at ffff888102b66500 [ 21.534544] which belongs to the cache kmalloc-64 of size 64 [ 21.535133] The buggy address is located 0 bytes to the right of [ 21.535133] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.535876] [ 21.536009] The buggy address belongs to the physical page: [ 21.536368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.536856] flags: 0x200000000000000(node=0|zone=2) [ 21.537241] page_type: f5(slab) [ 21.537441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.537990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.538299] page dumped because: kasan: bad access detected [ 21.538524] [ 21.538641] Memory state around the buggy address: [ 21.538885] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.539168] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.539448] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.539741] ^ [ 21.539954] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.540218] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.540790] ================================================================== [ 20.559816] ================================================================== [ 20.560247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 20.560704] Write of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 20.561653] [ 20.561815] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 20.561882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.561898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.561925] Call Trace: [ 20.561949] <TASK> [ 20.561979] dump_stack_lvl+0x73/0xb0 [ 20.562019] print_report+0xd1/0x650 [ 20.562047] ? __virt_addr_valid+0x1db/0x2d0 [ 20.562074] ? kasan_atomics_helper+0xf10/0x5450 [ 20.562099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.562125] ? kasan_atomics_helper+0xf10/0x5450 [ 20.562150] kasan_report+0x141/0x180 [ 20.562175] ? kasan_atomics_helper+0xf10/0x5450 [ 20.562203] kasan_check_range+0x10c/0x1c0 [ 20.562230] __kasan_check_write+0x18/0x20 [ 20.562252] kasan_atomics_helper+0xf10/0x5450 [ 20.562310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.562352] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.562396] ? kasan_atomics+0x152/0x310 [ 20.562447] kasan_atomics+0x1dc/0x310 [ 20.562497] ? __pfx_kasan_atomics+0x10/0x10 [ 20.562549] ? __pfx_read_tsc+0x10/0x10 [ 20.562602] ? ktime_get_ts64+0x86/0x230 [ 20.562666] kunit_try_run_case+0x1a5/0x480 [ 20.562720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.562775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.562829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.562872] ? __kthread_parkme+0x82/0x180 [ 20.562913] ? preempt_count_sub+0x50/0x80 [ 20.562950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.562977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.563018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.563046] kthread+0x337/0x6f0 [ 20.563069] ? trace_preempt_on+0x20/0xc0 [ 20.563097] ? __pfx_kthread+0x10/0x10 [ 20.563120] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.563144] ? calculate_sigpending+0x7b/0xa0 [ 20.563171] ? __pfx_kthread+0x10/0x10 [ 20.563195] ret_from_fork+0x116/0x1d0 [ 20.563216] ? __pfx_kthread+0x10/0x10 [ 20.563239] ret_from_fork_asm+0x1a/0x30 [ 20.563285] </TASK> [ 20.563301] [ 20.576967] Allocated by task 282: [ 20.577298] kasan_save_stack+0x45/0x70 [ 20.577543] kasan_save_track+0x18/0x40 [ 20.578151] kasan_save_alloc_info+0x3b/0x50 [ 20.578494] __kasan_kmalloc+0xb7/0xc0 [ 20.578925] __kmalloc_cache_noprof+0x189/0x420 [ 20.579597] kasan_atomics+0x95/0x310 [ 20.580017] kunit_try_run_case+0x1a5/0x480 [ 20.580221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.580427] kthread+0x337/0x6f0 [ 20.580614] ret_from_fork+0x116/0x1d0 [ 20.581212] ret_from_fork_asm+0x1a/0x30 [ 20.581902] [ 20.582022] The buggy address belongs to the object at ffff888102b66500 [ 20.582022] which belongs to the cache kmalloc-64 of size 64 [ 20.583388] The buggy address is located 0 bytes to the right of [ 20.583388] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 20.584313] [ 20.584524] The buggy address belongs to the physical page: [ 20.585016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 20.585884] flags: 0x200000000000000(node=0|zone=2) [ 20.586128] page_type: f5(slab) [ 20.586299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.587439] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.587938] page dumped because: kasan: bad access detected [ 20.588466] [ 20.588646] Memory state around the buggy address: [ 20.589070] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.589352] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.590423] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.590794] ^ [ 20.591150] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.591544] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.592079] ================================================================== [ 19.918499] ================================================================== [ 19.919459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 19.919848] Read of size 4 at addr ffff888102b66530 by task kunit_try_catch/282 [ 19.920312] [ 19.920502] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.920603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.920620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.920650] Call Trace: [ 19.920689] <TASK> [ 19.920725] dump_stack_lvl+0x73/0xb0 [ 19.920788] print_report+0xd1/0x650 [ 19.920836] ? __virt_addr_valid+0x1db/0x2d0 [ 19.920887] ? kasan_atomics_helper+0x4b54/0x5450 [ 19.920932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.920974] ? kasan_atomics_helper+0x4b54/0x5450 [ 19.921010] kasan_report+0x141/0x180 [ 19.921041] ? kasan_atomics_helper+0x4b54/0x5450 [ 19.921078] __asan_report_load4_noabort+0x18/0x20 [ 19.921104] kasan_atomics_helper+0x4b54/0x5450 [ 19.921129] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.921156] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.921180] ? kasan_atomics+0x152/0x310 [ 19.921208] kasan_atomics+0x1dc/0x310 [ 19.921233] ? __pfx_kasan_atomics+0x10/0x10 [ 19.921279] ? __pfx_read_tsc+0x10/0x10 [ 19.921307] ? ktime_get_ts64+0x86/0x230 [ 19.921335] kunit_try_run_case+0x1a5/0x480 [ 19.921362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.921387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.921413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.921438] ? __kthread_parkme+0x82/0x180 [ 19.921462] ? preempt_count_sub+0x50/0x80 [ 19.921489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.921515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.921541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.921566] kthread+0x337/0x6f0 [ 19.921588] ? trace_preempt_on+0x20/0xc0 [ 19.921614] ? __pfx_kthread+0x10/0x10 [ 19.921638] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.921667] ? calculate_sigpending+0x7b/0xa0 [ 19.922339] ? __pfx_kthread+0x10/0x10 [ 19.922369] ret_from_fork+0x116/0x1d0 [ 19.922394] ? __pfx_kthread+0x10/0x10 [ 19.922418] ret_from_fork_asm+0x1a/0x30 [ 19.922451] </TASK> [ 19.922465] [ 19.936612] Allocated by task 282: [ 19.937075] kasan_save_stack+0x45/0x70 [ 19.937793] kasan_save_track+0x18/0x40 [ 19.938023] kasan_save_alloc_info+0x3b/0x50 [ 19.938472] __kasan_kmalloc+0xb7/0xc0 [ 19.938985] __kmalloc_cache_noprof+0x189/0x420 [ 19.939616] kasan_atomics+0x95/0x310 [ 19.939881] kunit_try_run_case+0x1a5/0x480 [ 19.940768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.941128] kthread+0x337/0x6f0 [ 19.941242] ret_from_fork+0x116/0x1d0 [ 19.941417] ret_from_fork_asm+0x1a/0x30 [ 19.941532] [ 19.941594] The buggy address belongs to the object at ffff888102b66500 [ 19.941594] which belongs to the cache kmalloc-64 of size 64 [ 19.942103] The buggy address is located 0 bytes to the right of [ 19.942103] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 19.943674] [ 19.943959] The buggy address belongs to the physical page: [ 19.944444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 19.945417] flags: 0x200000000000000(node=0|zone=2) [ 19.945822] page_type: f5(slab) [ 19.946420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.946913] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.947552] page dumped because: kasan: bad access detected [ 19.948462] [ 19.948850] Memory state around the buggy address: [ 19.949542] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.950326] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.950781] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.951323] ^ [ 19.952087] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.953326] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.953765] ================================================================== [ 21.542398] ================================================================== [ 21.543033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 21.543681] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.544217] [ 21.544453] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.544560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.544588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.544632] Call Trace: [ 21.544700] <TASK> [ 21.544746] dump_stack_lvl+0x73/0xb0 [ 21.544813] print_report+0xd1/0x650 [ 21.544867] ? __virt_addr_valid+0x1db/0x2d0 [ 21.544923] ? kasan_atomics_helper+0x4f71/0x5450 [ 21.544975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.545028] ? kasan_atomics_helper+0x4f71/0x5450 [ 21.545079] kasan_report+0x141/0x180 [ 21.545132] ? kasan_atomics_helper+0x4f71/0x5450 [ 21.545198] __asan_report_load8_noabort+0x18/0x20 [ 21.545247] kasan_atomics_helper+0x4f71/0x5450 [ 21.545315] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.545368] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.545420] ? kasan_atomics+0x152/0x310 [ 21.545478] kasan_atomics+0x1dc/0x310 [ 21.545532] ? __pfx_kasan_atomics+0x10/0x10 [ 21.545588] ? __pfx_read_tsc+0x10/0x10 [ 21.545635] ? ktime_get_ts64+0x86/0x230 [ 21.545724] kunit_try_run_case+0x1a5/0x480 [ 21.545771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.545815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.545864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.545912] ? __kthread_parkme+0x82/0x180 [ 21.545948] ? preempt_count_sub+0x50/0x80 [ 21.545993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.546040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.546080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.546121] kthread+0x337/0x6f0 [ 21.546161] ? trace_preempt_on+0x20/0xc0 [ 21.546210] ? __pfx_kthread+0x10/0x10 [ 21.546249] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.546302] ? calculate_sigpending+0x7b/0xa0 [ 21.546352] ? __pfx_kthread+0x10/0x10 [ 21.546398] ret_from_fork+0x116/0x1d0 [ 21.546437] ? __pfx_kthread+0x10/0x10 [ 21.546480] ret_from_fork_asm+0x1a/0x30 [ 21.546544] </TASK> [ 21.546570] [ 21.556985] Allocated by task 282: [ 21.557200] kasan_save_stack+0x45/0x70 [ 21.557479] kasan_save_track+0x18/0x40 [ 21.557853] kasan_save_alloc_info+0x3b/0x50 [ 21.558231] __kasan_kmalloc+0xb7/0xc0 [ 21.558581] __kmalloc_cache_noprof+0x189/0x420 [ 21.558996] kasan_atomics+0x95/0x310 [ 21.559312] kunit_try_run_case+0x1a5/0x480 [ 21.559691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.559963] kthread+0x337/0x6f0 [ 21.560270] ret_from_fork+0x116/0x1d0 [ 21.560482] ret_from_fork_asm+0x1a/0x30 [ 21.560810] [ 21.560978] The buggy address belongs to the object at ffff888102b66500 [ 21.560978] which belongs to the cache kmalloc-64 of size 64 [ 21.561531] The buggy address is located 0 bytes to the right of [ 21.561531] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.562213] [ 21.562424] The buggy address belongs to the physical page: [ 21.562763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.563182] flags: 0x200000000000000(node=0|zone=2) [ 21.563431] page_type: f5(slab) [ 21.563624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.563950] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.564233] page dumped because: kasan: bad access detected [ 21.564647] [ 21.564842] Memory state around the buggy address: [ 21.565190] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.565706] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.566255] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.566820] ^ [ 21.567203] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.567775] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.568319] ================================================================== [ 21.219432] ================================================================== [ 21.220138] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 21.220599] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.221353] [ 21.221511] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.221597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.221618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.221678] Call Trace: [ 21.221719] <TASK> [ 21.221757] dump_stack_lvl+0x73/0xb0 [ 21.221820] print_report+0xd1/0x650 [ 21.221894] ? __virt_addr_valid+0x1db/0x2d0 [ 21.221939] ? kasan_atomics_helper+0x194a/0x5450 [ 21.221983] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.222030] ? kasan_atomics_helper+0x194a/0x5450 [ 21.222097] kasan_report+0x141/0x180 [ 21.222147] ? kasan_atomics_helper+0x194a/0x5450 [ 21.222207] kasan_check_range+0x10c/0x1c0 [ 21.222277] __kasan_check_write+0x18/0x20 [ 21.222321] kasan_atomics_helper+0x194a/0x5450 [ 21.222367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.222416] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.222483] ? kasan_atomics+0x152/0x310 [ 21.222538] kasan_atomics+0x1dc/0x310 [ 21.222589] ? __pfx_kasan_atomics+0x10/0x10 [ 21.222642] ? __pfx_read_tsc+0x10/0x10 [ 21.222716] ? ktime_get_ts64+0x86/0x230 [ 21.222762] kunit_try_run_case+0x1a5/0x480 [ 21.222811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.222858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.222928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.222998] ? __kthread_parkme+0x82/0x180 [ 21.223061] ? preempt_count_sub+0x50/0x80 [ 21.223125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.223180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.223244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.223320] kthread+0x337/0x6f0 [ 21.223380] ? trace_preempt_on+0x20/0xc0 [ 21.223433] ? __pfx_kthread+0x10/0x10 [ 21.223492] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.223549] ? calculate_sigpending+0x7b/0xa0 [ 21.223612] ? __pfx_kthread+0x10/0x10 [ 21.223699] ret_from_fork+0x116/0x1d0 [ 21.223758] ? __pfx_kthread+0x10/0x10 [ 21.223807] ret_from_fork_asm+0x1a/0x30 [ 21.223898] </TASK> [ 21.223928] [ 21.234350] Allocated by task 282: [ 21.234618] kasan_save_stack+0x45/0x70 [ 21.234998] kasan_save_track+0x18/0x40 [ 21.235233] kasan_save_alloc_info+0x3b/0x50 [ 21.235484] __kasan_kmalloc+0xb7/0xc0 [ 21.235753] __kmalloc_cache_noprof+0x189/0x420 [ 21.235999] kasan_atomics+0x95/0x310 [ 21.236223] kunit_try_run_case+0x1a5/0x480 [ 21.236605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.237088] kthread+0x337/0x6f0 [ 21.237429] ret_from_fork+0x116/0x1d0 [ 21.237784] ret_from_fork_asm+0x1a/0x30 [ 21.238145] [ 21.238390] The buggy address belongs to the object at ffff888102b66500 [ 21.238390] which belongs to the cache kmalloc-64 of size 64 [ 21.239735] The buggy address is located 0 bytes to the right of [ 21.239735] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.240506] [ 21.240636] The buggy address belongs to the physical page: [ 21.241836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.242161] flags: 0x200000000000000(node=0|zone=2) [ 21.242410] page_type: f5(slab) [ 21.242595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.245609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.246142] page dumped because: kasan: bad access detected [ 21.246518] [ 21.246648] Memory state around the buggy address: [ 21.247619] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.247934] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.248468] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.249009] ^ [ 21.249418] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.249922] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.250411] ================================================================== [ 21.190799] ================================================================== [ 21.191332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 21.191698] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.191990] [ 21.192138] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.192275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.192298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.192334] Call Trace: [ 21.192371] <TASK> [ 21.192406] dump_stack_lvl+0x73/0xb0 [ 21.192455] print_report+0xd1/0x650 [ 21.192492] ? __virt_addr_valid+0x1db/0x2d0 [ 21.192528] ? kasan_atomics_helper+0x18b1/0x5450 [ 21.192565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.192608] ? kasan_atomics_helper+0x18b1/0x5450 [ 21.192707] kasan_report+0x141/0x180 [ 21.192758] ? kasan_atomics_helper+0x18b1/0x5450 [ 21.192812] kasan_check_range+0x10c/0x1c0 [ 21.192877] __kasan_check_write+0x18/0x20 [ 21.192918] kasan_atomics_helper+0x18b1/0x5450 [ 21.192962] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.193005] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.193050] ? kasan_atomics+0x152/0x310 [ 21.193097] kasan_atomics+0x1dc/0x310 [ 21.193138] ? __pfx_kasan_atomics+0x10/0x10 [ 21.193188] ? __pfx_read_tsc+0x10/0x10 [ 21.193268] ? ktime_get_ts64+0x86/0x230 [ 21.193323] kunit_try_run_case+0x1a5/0x480 [ 21.193373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.193424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.193476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.193525] ? __kthread_parkme+0x82/0x180 [ 21.193574] ? preempt_count_sub+0x50/0x80 [ 21.193629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.193732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.193785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.193835] kthread+0x337/0x6f0 [ 21.193879] ? trace_preempt_on+0x20/0xc0 [ 21.193930] ? __pfx_kthread+0x10/0x10 [ 21.193996] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.194044] ? calculate_sigpending+0x7b/0xa0 [ 21.194095] ? __pfx_kthread+0x10/0x10 [ 21.194143] ret_from_fork+0x116/0x1d0 [ 21.194186] ? __pfx_kthread+0x10/0x10 [ 21.194253] ret_from_fork_asm+0x1a/0x30 [ 21.194333] </TASK> [ 21.194359] [ 21.206166] Allocated by task 282: [ 21.206498] kasan_save_stack+0x45/0x70 [ 21.206848] kasan_save_track+0x18/0x40 [ 21.207118] kasan_save_alloc_info+0x3b/0x50 [ 21.207373] __kasan_kmalloc+0xb7/0xc0 [ 21.207567] __kmalloc_cache_noprof+0x189/0x420 [ 21.207834] kasan_atomics+0x95/0x310 [ 21.208062] kunit_try_run_case+0x1a5/0x480 [ 21.208317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.208792] kthread+0x337/0x6f0 [ 21.209105] ret_from_fork+0x116/0x1d0 [ 21.209458] ret_from_fork_asm+0x1a/0x30 [ 21.209845] [ 21.210029] The buggy address belongs to the object at ffff888102b66500 [ 21.210029] which belongs to the cache kmalloc-64 of size 64 [ 21.210942] The buggy address is located 0 bytes to the right of [ 21.210942] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.211913] [ 21.212126] The buggy address belongs to the physical page: [ 21.212434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.212926] flags: 0x200000000000000(node=0|zone=2) [ 21.213317] page_type: f5(slab) [ 21.213616] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.214168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.214568] page dumped because: kasan: bad access detected [ 21.214983] [ 21.215137] Memory state around the buggy address: [ 21.215452] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.215858] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.216407] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.216897] ^ [ 21.217199] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.217621] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.218156] ================================================================== [ 21.163168] ================================================================== [ 21.163783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 21.164349] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.164700] [ 21.164927] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.165010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.165031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.165068] Call Trace: [ 21.165104] <TASK> [ 21.165138] dump_stack_lvl+0x73/0xb0 [ 21.165189] print_report+0xd1/0x650 [ 21.165230] ? __virt_addr_valid+0x1db/0x2d0 [ 21.165288] ? kasan_atomics_helper+0x1818/0x5450 [ 21.165333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.165383] ? kasan_atomics_helper+0x1818/0x5450 [ 21.165433] kasan_report+0x141/0x180 [ 21.165485] ? kasan_atomics_helper+0x1818/0x5450 [ 21.165542] kasan_check_range+0x10c/0x1c0 [ 21.165594] __kasan_check_write+0x18/0x20 [ 21.165632] kasan_atomics_helper+0x1818/0x5450 [ 21.165717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.165790] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.165839] ? kasan_atomics+0x152/0x310 [ 21.165901] kasan_atomics+0x1dc/0x310 [ 21.165947] ? __pfx_kasan_atomics+0x10/0x10 [ 21.165996] ? __pfx_read_tsc+0x10/0x10 [ 21.166039] ? ktime_get_ts64+0x86/0x230 [ 21.166093] kunit_try_run_case+0x1a5/0x480 [ 21.166150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.166194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.166240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.166302] ? __kthread_parkme+0x82/0x180 [ 21.166372] ? preempt_count_sub+0x50/0x80 [ 21.166421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.166475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.166522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.166591] kthread+0x337/0x6f0 [ 21.166637] ? trace_preempt_on+0x20/0xc0 [ 21.166724] ? __pfx_kthread+0x10/0x10 [ 21.166766] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.166806] ? calculate_sigpending+0x7b/0xa0 [ 21.166842] ? __pfx_kthread+0x10/0x10 [ 21.166868] ret_from_fork+0x116/0x1d0 [ 21.166890] ? __pfx_kthread+0x10/0x10 [ 21.166914] ret_from_fork_asm+0x1a/0x30 [ 21.166949] </TASK> [ 21.166964] [ 21.177555] Allocated by task 282: [ 21.177960] kasan_save_stack+0x45/0x70 [ 21.178291] kasan_save_track+0x18/0x40 [ 21.178534] kasan_save_alloc_info+0x3b/0x50 [ 21.178803] __kasan_kmalloc+0xb7/0xc0 [ 21.179033] __kmalloc_cache_noprof+0x189/0x420 [ 21.179285] kasan_atomics+0x95/0x310 [ 21.179617] kunit_try_run_case+0x1a5/0x480 [ 21.180029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.180490] kthread+0x337/0x6f0 [ 21.180828] ret_from_fork+0x116/0x1d0 [ 21.181166] ret_from_fork_asm+0x1a/0x30 [ 21.181525] [ 21.181746] The buggy address belongs to the object at ffff888102b66500 [ 21.181746] which belongs to the cache kmalloc-64 of size 64 [ 21.182470] The buggy address is located 0 bytes to the right of [ 21.182470] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.183067] [ 21.183283] The buggy address belongs to the physical page: [ 21.183752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.184189] flags: 0x200000000000000(node=0|zone=2) [ 21.184544] page_type: f5(slab) [ 21.184882] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.185214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.185824] page dumped because: kasan: bad access detected [ 21.186199] [ 21.186411] Memory state around the buggy address: [ 21.186722] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.187064] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.187425] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.187993] ^ [ 21.188409] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.188801] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.189329] ================================================================== [ 21.103193] ================================================================== [ 21.104787] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 21.105154] Write of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.105597] [ 21.105760] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.105892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.105923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.105979] Call Trace: [ 21.106020] <TASK> [ 21.106060] dump_stack_lvl+0x73/0xb0 [ 21.106122] print_report+0xd1/0x650 [ 21.106172] ? __virt_addr_valid+0x1db/0x2d0 [ 21.106243] ? kasan_atomics_helper+0x16e7/0x5450 [ 21.106302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.106355] ? kasan_atomics_helper+0x16e7/0x5450 [ 21.106408] kasan_report+0x141/0x180 [ 21.106461] ? kasan_atomics_helper+0x16e7/0x5450 [ 21.106522] kasan_check_range+0x10c/0x1c0 [ 21.106573] __kasan_check_write+0x18/0x20 [ 21.106617] kasan_atomics_helper+0x16e7/0x5450 [ 21.106682] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.106726] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.106790] ? kasan_atomics+0x152/0x310 [ 21.106846] kasan_atomics+0x1dc/0x310 [ 21.106899] ? __pfx_kasan_atomics+0x10/0x10 [ 21.106936] ? __pfx_read_tsc+0x10/0x10 [ 21.106962] ? ktime_get_ts64+0x86/0x230 [ 21.106997] kunit_try_run_case+0x1a5/0x480 [ 21.107036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.107062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.107088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.107113] ? __kthread_parkme+0x82/0x180 [ 21.107137] ? preempt_count_sub+0x50/0x80 [ 21.107164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.107191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.107218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.107243] kthread+0x337/0x6f0 [ 21.107295] ? trace_preempt_on+0x20/0xc0 [ 21.107324] ? __pfx_kthread+0x10/0x10 [ 21.107347] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.107370] ? calculate_sigpending+0x7b/0xa0 [ 21.107447] ? __pfx_kthread+0x10/0x10 [ 21.107492] ret_from_fork+0x116/0x1d0 [ 21.107533] ? __pfx_kthread+0x10/0x10 [ 21.107566] ret_from_fork_asm+0x1a/0x30 [ 21.107611] </TASK> [ 21.107626] [ 21.118039] Allocated by task 282: [ 21.118456] kasan_save_stack+0x45/0x70 [ 21.118889] kasan_save_track+0x18/0x40 [ 21.119338] kasan_save_alloc_info+0x3b/0x50 [ 21.119824] __kasan_kmalloc+0xb7/0xc0 [ 21.120248] __kmalloc_cache_noprof+0x189/0x420 [ 21.120720] kasan_atomics+0x95/0x310 [ 21.121151] kunit_try_run_case+0x1a5/0x480 [ 21.121604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.122144] kthread+0x337/0x6f0 [ 21.122458] ret_from_fork+0x116/0x1d0 [ 21.122872] ret_from_fork_asm+0x1a/0x30 [ 21.123282] [ 21.123440] The buggy address belongs to the object at ffff888102b66500 [ 21.123440] which belongs to the cache kmalloc-64 of size 64 [ 21.124034] The buggy address is located 0 bytes to the right of [ 21.124034] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.124843] [ 21.125013] The buggy address belongs to the physical page: [ 21.125255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.125911] flags: 0x200000000000000(node=0|zone=2) [ 21.126197] page_type: f5(slab) [ 21.126474] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.127012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.127326] page dumped because: kasan: bad access detected [ 21.127773] [ 21.127964] Memory state around the buggy address: [ 21.128446] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.128919] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.129216] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.129801] ^ [ 21.130110] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.130398] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.131035] ================================================================== [ 21.596241] ================================================================== [ 21.596878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 21.597460] Read of size 8 at addr ffff888102b66530 by task kunit_try_catch/282 [ 21.597984] [ 21.598205] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 21.599566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.599609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.599688] Call Trace: [ 21.599734] <TASK> [ 21.599774] dump_stack_lvl+0x73/0xb0 [ 21.599849] print_report+0xd1/0x650 [ 21.599897] ? __virt_addr_valid+0x1db/0x2d0 [ 21.599946] ? kasan_atomics_helper+0x4f98/0x5450 [ 21.599992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.600038] ? kasan_atomics_helper+0x4f98/0x5450 [ 21.600085] kasan_report+0x141/0x180 [ 21.600132] ? kasan_atomics_helper+0x4f98/0x5450 [ 21.600190] __asan_report_load8_noabort+0x18/0x20 [ 21.600239] kasan_atomics_helper+0x4f98/0x5450 [ 21.600306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.600358] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.600410] ? kasan_atomics+0x152/0x310 [ 21.600471] kasan_atomics+0x1dc/0x310 [ 21.600525] ? __pfx_kasan_atomics+0x10/0x10 [ 21.600580] ? __pfx_read_tsc+0x10/0x10 [ 21.600628] ? ktime_get_ts64+0x86/0x230 [ 21.600720] kunit_try_run_case+0x1a5/0x480 [ 21.600778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.600830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.600883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.600935] ? __kthread_parkme+0x82/0x180 [ 21.600983] ? preempt_count_sub+0x50/0x80 [ 21.601040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.601092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.601144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.601195] kthread+0x337/0x6f0 [ 21.601240] ? trace_preempt_on+0x20/0xc0 [ 21.601301] ? __pfx_kthread+0x10/0x10 [ 21.601347] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.601387] ? calculate_sigpending+0x7b/0xa0 [ 21.601435] ? __pfx_kthread+0x10/0x10 [ 21.601479] ret_from_fork+0x116/0x1d0 [ 21.601522] ? __pfx_kthread+0x10/0x10 [ 21.601571] ret_from_fork_asm+0x1a/0x30 [ 21.601641] </TASK> [ 21.601701] [ 21.611387] Allocated by task 282: [ 21.611730] kasan_save_stack+0x45/0x70 [ 21.612103] kasan_save_track+0x18/0x40 [ 21.612434] kasan_save_alloc_info+0x3b/0x50 [ 21.612806] __kasan_kmalloc+0xb7/0xc0 [ 21.613009] __kmalloc_cache_noprof+0x189/0x420 [ 21.613223] kasan_atomics+0x95/0x310 [ 21.613561] kunit_try_run_case+0x1a5/0x480 [ 21.613969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.614393] kthread+0x337/0x6f0 [ 21.615748] ret_from_fork+0x116/0x1d0 [ 21.616096] ret_from_fork_asm+0x1a/0x30 [ 21.616316] [ 21.616440] The buggy address belongs to the object at ffff888102b66500 [ 21.616440] which belongs to the cache kmalloc-64 of size 64 [ 21.616897] The buggy address is located 0 bytes to the right of [ 21.616897] allocated 48-byte region [ffff888102b66500, ffff888102b66530) [ 21.619217] [ 21.619430] The buggy address belongs to the physical page: [ 21.619865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b66 [ 21.620476] flags: 0x200000000000000(node=0|zone=2) [ 21.620922] page_type: f5(slab) [ 21.621126] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.621606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.622114] page dumped because: kasan: bad access detected [ 21.622374] [ 21.622491] Memory state around the buggy address: [ 21.622739] ffff888102b66400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.623023] ffff888102b66480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.623515] >ffff888102b66500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.624086] ^ [ 21.624480] ffff888102b66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.625052] ffff888102b66600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.625429] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.435016] ================================================================== [ 19.435973] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.436840] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.437486] [ 19.437762] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.437877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.437903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.437947] Call Trace: [ 19.437987] <TASK> [ 19.438023] dump_stack_lvl+0x73/0xb0 [ 19.438236] print_report+0xd1/0x650 [ 19.438292] ? __virt_addr_valid+0x1db/0x2d0 [ 19.438332] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.438363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.438388] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.438418] kasan_report+0x141/0x180 [ 19.438442] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.438476] kasan_check_range+0x10c/0x1c0 [ 19.438502] __kasan_check_write+0x18/0x20 [ 19.438524] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.438554] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.438584] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.438607] ? trace_hardirqs_on+0x37/0xe0 [ 19.438633] ? kasan_bitops_generic+0x92/0x1c0 [ 19.438684] kasan_bitops_generic+0x121/0x1c0 [ 19.438720] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.438748] ? __pfx_read_tsc+0x10/0x10 [ 19.438771] ? ktime_get_ts64+0x86/0x230 [ 19.438797] kunit_try_run_case+0x1a5/0x480 [ 19.438823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.438847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.438871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.438895] ? __kthread_parkme+0x82/0x180 [ 19.438917] ? preempt_count_sub+0x50/0x80 [ 19.438942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.438967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.439001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.439029] kthread+0x337/0x6f0 [ 19.439100] ? trace_preempt_on+0x20/0xc0 [ 19.439147] ? __pfx_kthread+0x10/0x10 [ 19.439182] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.439215] ? calculate_sigpending+0x7b/0xa0 [ 19.439255] ? __pfx_kthread+0x10/0x10 [ 19.439307] ret_from_fork+0x116/0x1d0 [ 19.439339] ? __pfx_kthread+0x10/0x10 [ 19.439374] ret_from_fork_asm+0x1a/0x30 [ 19.439426] </TASK> [ 19.439448] [ 19.456151] Allocated by task 278: [ 19.456459] kasan_save_stack+0x45/0x70 [ 19.457030] kasan_save_track+0x18/0x40 [ 19.457859] kasan_save_alloc_info+0x3b/0x50 [ 19.458474] __kasan_kmalloc+0xb7/0xc0 [ 19.458827] __kmalloc_cache_noprof+0x189/0x420 [ 19.459064] kasan_bitops_generic+0x92/0x1c0 [ 19.459293] kunit_try_run_case+0x1a5/0x480 [ 19.459614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.460039] kthread+0x337/0x6f0 [ 19.460942] ret_from_fork+0x116/0x1d0 [ 19.461399] ret_from_fork_asm+0x1a/0x30 [ 19.461806] [ 19.461967] The buggy address belongs to the object at ffff8881026fb960 [ 19.461967] which belongs to the cache kmalloc-16 of size 16 [ 19.462871] The buggy address is located 8 bytes inside of [ 19.462871] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.463831] [ 19.464540] The buggy address belongs to the physical page: [ 19.464915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.465400] flags: 0x200000000000000(node=0|zone=2) [ 19.465989] page_type: f5(slab) [ 19.466539] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.467003] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.467521] page dumped because: kasan: bad access detected [ 19.467903] [ 19.468092] Memory state around the buggy address: [ 19.468456] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.469327] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.470012] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.470431] ^ [ 19.470692] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.471206] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.471976] ================================================================== [ 19.548329] ================================================================== [ 19.548731] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.549950] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.550982] [ 19.551214] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.551377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.551406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.551467] Call Trace: [ 19.551509] <TASK> [ 19.551548] dump_stack_lvl+0x73/0xb0 [ 19.551615] print_report+0xd1/0x650 [ 19.551666] ? __virt_addr_valid+0x1db/0x2d0 [ 19.551731] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.551786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.552007] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.552086] kasan_report+0x141/0x180 [ 19.552117] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.552151] kasan_check_range+0x10c/0x1c0 [ 19.552176] __kasan_check_write+0x18/0x20 [ 19.552197] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.552226] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.552272] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.552310] ? trace_hardirqs_on+0x37/0xe0 [ 19.552345] ? kasan_bitops_generic+0x92/0x1c0 [ 19.552387] kasan_bitops_generic+0x121/0x1c0 [ 19.552425] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.552464] ? __pfx_read_tsc+0x10/0x10 [ 19.552488] ? ktime_get_ts64+0x86/0x230 [ 19.552512] kunit_try_run_case+0x1a5/0x480 [ 19.552539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.552562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.552587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.552610] ? __kthread_parkme+0x82/0x180 [ 19.552631] ? preempt_count_sub+0x50/0x80 [ 19.552658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.552708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.552735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.552759] kthread+0x337/0x6f0 [ 19.552780] ? trace_preempt_on+0x20/0xc0 [ 19.552803] ? __pfx_kthread+0x10/0x10 [ 19.552824] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.552845] ? calculate_sigpending+0x7b/0xa0 [ 19.552870] ? __pfx_kthread+0x10/0x10 [ 19.552892] ret_from_fork+0x116/0x1d0 [ 19.552911] ? __pfx_kthread+0x10/0x10 [ 19.552932] ret_from_fork_asm+0x1a/0x30 [ 19.552963] </TASK> [ 19.552977] [ 19.568275] Allocated by task 278: [ 19.568594] kasan_save_stack+0x45/0x70 [ 19.568936] kasan_save_track+0x18/0x40 [ 19.569136] kasan_save_alloc_info+0x3b/0x50 [ 19.569513] __kasan_kmalloc+0xb7/0xc0 [ 19.570703] __kmalloc_cache_noprof+0x189/0x420 [ 19.571095] kasan_bitops_generic+0x92/0x1c0 [ 19.571889] kunit_try_run_case+0x1a5/0x480 [ 19.572490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.572834] kthread+0x337/0x6f0 [ 19.573364] ret_from_fork+0x116/0x1d0 [ 19.573728] ret_from_fork_asm+0x1a/0x30 [ 19.574240] [ 19.575030] The buggy address belongs to the object at ffff8881026fb960 [ 19.575030] which belongs to the cache kmalloc-16 of size 16 [ 19.575814] The buggy address is located 8 bytes inside of [ 19.575814] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.576767] [ 19.576961] The buggy address belongs to the physical page: [ 19.577939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.578658] flags: 0x200000000000000(node=0|zone=2) [ 19.579382] page_type: f5(slab) [ 19.579658] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.580377] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.580899] page dumped because: kasan: bad access detected [ 19.581311] [ 19.581796] Memory state around the buggy address: [ 19.582283] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.582781] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.583383] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.584334] ^ [ 19.585093] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.585833] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.586294] ================================================================== [ 19.509415] ================================================================== [ 19.509845] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.510487] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.511022] [ 19.511175] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.511805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.511842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.511882] Call Trace: [ 19.511919] <TASK> [ 19.511958] dump_stack_lvl+0x73/0xb0 [ 19.512026] print_report+0xd1/0x650 [ 19.512074] ? __virt_addr_valid+0x1db/0x2d0 [ 19.512119] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.512174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.512222] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.512290] kasan_report+0x141/0x180 [ 19.512334] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.512400] kasan_check_range+0x10c/0x1c0 [ 19.512452] __kasan_check_write+0x18/0x20 [ 19.512495] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.512670] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.512745] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.512786] ? trace_hardirqs_on+0x37/0xe0 [ 19.512831] ? kasan_bitops_generic+0x92/0x1c0 [ 19.512891] kasan_bitops_generic+0x121/0x1c0 [ 19.512942] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.512988] ? __pfx_read_tsc+0x10/0x10 [ 19.513047] ? ktime_get_ts64+0x86/0x230 [ 19.513311] kunit_try_run_case+0x1a5/0x480 [ 19.513370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.513421] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.513472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.513522] ? __kthread_parkme+0x82/0x180 [ 19.513563] ? preempt_count_sub+0x50/0x80 [ 19.513592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.513617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.513642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.513674] kthread+0x337/0x6f0 [ 19.513720] ? trace_preempt_on+0x20/0xc0 [ 19.513746] ? __pfx_kthread+0x10/0x10 [ 19.513769] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.513790] ? calculate_sigpending+0x7b/0xa0 [ 19.513817] ? __pfx_kthread+0x10/0x10 [ 19.513840] ret_from_fork+0x116/0x1d0 [ 19.513860] ? __pfx_kthread+0x10/0x10 [ 19.513883] ret_from_fork_asm+0x1a/0x30 [ 19.513915] </TASK> [ 19.513929] [ 19.529584] Allocated by task 278: [ 19.530601] kasan_save_stack+0x45/0x70 [ 19.531031] kasan_save_track+0x18/0x40 [ 19.531384] kasan_save_alloc_info+0x3b/0x50 [ 19.532150] __kasan_kmalloc+0xb7/0xc0 [ 19.532412] __kmalloc_cache_noprof+0x189/0x420 [ 19.532918] kasan_bitops_generic+0x92/0x1c0 [ 19.533789] kunit_try_run_case+0x1a5/0x480 [ 19.534446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.534896] kthread+0x337/0x6f0 [ 19.535427] ret_from_fork+0x116/0x1d0 [ 19.535652] ret_from_fork_asm+0x1a/0x30 [ 19.535977] [ 19.536291] The buggy address belongs to the object at ffff8881026fb960 [ 19.536291] which belongs to the cache kmalloc-16 of size 16 [ 19.537068] The buggy address is located 8 bytes inside of [ 19.537068] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.537769] [ 19.538753] The buggy address belongs to the physical page: [ 19.539127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.539725] flags: 0x200000000000000(node=0|zone=2) [ 19.540455] page_type: f5(slab) [ 19.540929] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.541526] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.542087] page dumped because: kasan: bad access detected [ 19.542603] [ 19.542879] Memory state around the buggy address: [ 19.543628] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.544155] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.545033] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.545663] ^ [ 19.546417] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.546847] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.547484] ================================================================== [ 19.587599] ================================================================== [ 19.588510] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.590002] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.590593] [ 19.591135] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.591316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.591351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.591391] Call Trace: [ 19.591430] <TASK> [ 19.591469] dump_stack_lvl+0x73/0xb0 [ 19.591528] print_report+0xd1/0x650 [ 19.591556] ? __virt_addr_valid+0x1db/0x2d0 [ 19.591581] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.591611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.591635] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.591686] kasan_report+0x141/0x180 [ 19.591719] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.591753] kasan_check_range+0x10c/0x1c0 [ 19.591779] __kasan_check_write+0x18/0x20 [ 19.591799] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.591829] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.591860] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.591883] ? trace_hardirqs_on+0x37/0xe0 [ 19.591908] ? kasan_bitops_generic+0x92/0x1c0 [ 19.591938] kasan_bitops_generic+0x121/0x1c0 [ 19.591963] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.591990] ? __pfx_read_tsc+0x10/0x10 [ 19.592013] ? ktime_get_ts64+0x86/0x230 [ 19.592043] kunit_try_run_case+0x1a5/0x480 [ 19.592104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.592141] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.592177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.592213] ? __kthread_parkme+0x82/0x180 [ 19.592248] ? preempt_count_sub+0x50/0x80 [ 19.592300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.592340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.592378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.592415] kthread+0x337/0x6f0 [ 19.592446] ? trace_preempt_on+0x20/0xc0 [ 19.592485] ? __pfx_kthread+0x10/0x10 [ 19.592533] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.592567] ? calculate_sigpending+0x7b/0xa0 [ 19.592594] ? __pfx_kthread+0x10/0x10 [ 19.592626] ret_from_fork+0x116/0x1d0 [ 19.592647] ? __pfx_kthread+0x10/0x10 [ 19.592680] ret_from_fork_asm+0x1a/0x30 [ 19.592719] </TASK> [ 19.592732] [ 19.605717] Allocated by task 278: [ 19.605839] kasan_save_stack+0x45/0x70 [ 19.605960] kasan_save_track+0x18/0x40 [ 19.606055] kasan_save_alloc_info+0x3b/0x50 [ 19.606153] __kasan_kmalloc+0xb7/0xc0 [ 19.606245] __kmalloc_cache_noprof+0x189/0x420 [ 19.606701] kasan_bitops_generic+0x92/0x1c0 [ 19.607196] kunit_try_run_case+0x1a5/0x480 [ 19.607723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.608598] kthread+0x337/0x6f0 [ 19.609136] ret_from_fork+0x116/0x1d0 [ 19.609578] ret_from_fork_asm+0x1a/0x30 [ 19.609983] [ 19.610176] The buggy address belongs to the object at ffff8881026fb960 [ 19.610176] which belongs to the cache kmalloc-16 of size 16 [ 19.611164] The buggy address is located 8 bytes inside of [ 19.611164] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.612457] [ 19.612657] The buggy address belongs to the physical page: [ 19.613239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.613941] flags: 0x200000000000000(node=0|zone=2) [ 19.614511] page_type: f5(slab) [ 19.614812] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.616139] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.616607] page dumped because: kasan: bad access detected [ 19.617081] [ 19.617205] Memory state around the buggy address: [ 19.617648] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.618355] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.619013] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.619802] ^ [ 19.620530] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.621369] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.621779] ================================================================== [ 19.622608] ================================================================== [ 19.622947] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.624382] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.625272] [ 19.625425] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.625854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.625888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.625925] Call Trace: [ 19.625960] <TASK> [ 19.625992] dump_stack_lvl+0x73/0xb0 [ 19.626050] print_report+0xd1/0x650 [ 19.626081] ? __virt_addr_valid+0x1db/0x2d0 [ 19.626113] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.626151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.626186] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.626224] kasan_report+0x141/0x180 [ 19.626329] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.626392] kasan_check_range+0x10c/0x1c0 [ 19.626437] __kasan_check_write+0x18/0x20 [ 19.626460] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.626489] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.626520] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.626541] ? trace_hardirqs_on+0x37/0xe0 [ 19.626567] ? kasan_bitops_generic+0x92/0x1c0 [ 19.626595] kasan_bitops_generic+0x121/0x1c0 [ 19.626619] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.626645] ? __pfx_read_tsc+0x10/0x10 [ 19.626706] ? ktime_get_ts64+0x86/0x230 [ 19.626735] kunit_try_run_case+0x1a5/0x480 [ 19.626762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.626785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.626809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.626834] ? __kthread_parkme+0x82/0x180 [ 19.626856] ? preempt_count_sub+0x50/0x80 [ 19.626881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.626905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.626929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.626953] kthread+0x337/0x6f0 [ 19.626973] ? trace_preempt_on+0x20/0xc0 [ 19.627011] ? __pfx_kthread+0x10/0x10 [ 19.627036] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.627087] ? calculate_sigpending+0x7b/0xa0 [ 19.627128] ? __pfx_kthread+0x10/0x10 [ 19.627163] ret_from_fork+0x116/0x1d0 [ 19.627195] ? __pfx_kthread+0x10/0x10 [ 19.627228] ret_from_fork_asm+0x1a/0x30 [ 19.627291] </TASK> [ 19.627312] [ 19.645094] Allocated by task 278: [ 19.645815] kasan_save_stack+0x45/0x70 [ 19.646321] kasan_save_track+0x18/0x40 [ 19.647145] kasan_save_alloc_info+0x3b/0x50 [ 19.647378] __kasan_kmalloc+0xb7/0xc0 [ 19.647637] __kmalloc_cache_noprof+0x189/0x420 [ 19.648493] kasan_bitops_generic+0x92/0x1c0 [ 19.649018] kunit_try_run_case+0x1a5/0x480 [ 19.649249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.649637] kthread+0x337/0x6f0 [ 19.649924] ret_from_fork+0x116/0x1d0 [ 19.650733] ret_from_fork_asm+0x1a/0x30 [ 19.650977] [ 19.651458] The buggy address belongs to the object at ffff8881026fb960 [ 19.651458] which belongs to the cache kmalloc-16 of size 16 [ 19.652730] The buggy address is located 8 bytes inside of [ 19.652730] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.653332] [ 19.653519] The buggy address belongs to the physical page: [ 19.653737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.654428] flags: 0x200000000000000(node=0|zone=2) [ 19.654732] page_type: f5(slab) [ 19.654966] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.655331] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.655867] page dumped because: kasan: bad access detected [ 19.656320] [ 19.656490] Memory state around the buggy address: [ 19.656747] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.657185] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.658208] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.658514] ^ [ 19.659598] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660360] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660737] ================================================================== [ 19.396581] ================================================================== [ 19.397310] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.398732] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.399815] [ 19.399938] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.400004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.400019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.400062] Call Trace: [ 19.400113] <TASK> [ 19.400148] dump_stack_lvl+0x73/0xb0 [ 19.400221] print_report+0xd1/0x650 [ 19.400278] ? __virt_addr_valid+0x1db/0x2d0 [ 19.400325] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.400429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.400478] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.400531] kasan_report+0x141/0x180 [ 19.400578] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.400640] kasan_check_range+0x10c/0x1c0 [ 19.400683] __kasan_check_write+0x18/0x20 [ 19.400718] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.400766] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.400819] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.400864] ? trace_hardirqs_on+0x37/0xe0 [ 19.400908] ? kasan_bitops_generic+0x92/0x1c0 [ 19.400955] kasan_bitops_generic+0x121/0x1c0 [ 19.400992] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.401019] ? __pfx_read_tsc+0x10/0x10 [ 19.401050] ? ktime_get_ts64+0x86/0x230 [ 19.401108] kunit_try_run_case+0x1a5/0x480 [ 19.401146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.401180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.401218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.401272] ? __kthread_parkme+0x82/0x180 [ 19.401302] ? preempt_count_sub+0x50/0x80 [ 19.401328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.401354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.401379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.401404] kthread+0x337/0x6f0 [ 19.401425] ? trace_preempt_on+0x20/0xc0 [ 19.401449] ? __pfx_kthread+0x10/0x10 [ 19.401472] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.401493] ? calculate_sigpending+0x7b/0xa0 [ 19.401519] ? __pfx_kthread+0x10/0x10 [ 19.401542] ret_from_fork+0x116/0x1d0 [ 19.401562] ? __pfx_kthread+0x10/0x10 [ 19.401584] ret_from_fork_asm+0x1a/0x30 [ 19.401618] </TASK> [ 19.401632] [ 19.417960] Allocated by task 278: [ 19.418315] kasan_save_stack+0x45/0x70 [ 19.418547] kasan_save_track+0x18/0x40 [ 19.419595] kasan_save_alloc_info+0x3b/0x50 [ 19.420028] __kasan_kmalloc+0xb7/0xc0 [ 19.420606] __kmalloc_cache_noprof+0x189/0x420 [ 19.420947] kasan_bitops_generic+0x92/0x1c0 [ 19.421199] kunit_try_run_case+0x1a5/0x480 [ 19.421559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.422000] kthread+0x337/0x6f0 [ 19.422224] ret_from_fork+0x116/0x1d0 [ 19.422841] ret_from_fork_asm+0x1a/0x30 [ 19.423769] [ 19.423972] The buggy address belongs to the object at ffff8881026fb960 [ 19.423972] which belongs to the cache kmalloc-16 of size 16 [ 19.424827] The buggy address is located 8 bytes inside of [ 19.424827] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.425600] [ 19.425823] The buggy address belongs to the physical page: [ 19.426441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.426923] flags: 0x200000000000000(node=0|zone=2) [ 19.427708] page_type: f5(slab) [ 19.428033] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.428508] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.428891] page dumped because: kasan: bad access detected [ 19.429544] [ 19.429759] Memory state around the buggy address: [ 19.430282] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.430853] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.431850] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.432444] ^ [ 19.432871] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.433526] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.433997] ================================================================== [ 19.698605] ================================================================== [ 19.699695] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.700432] Read of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.700914] [ 19.701549] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.701757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.701777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.701802] Call Trace: [ 19.701824] <TASK> [ 19.701848] dump_stack_lvl+0x73/0xb0 [ 19.701885] print_report+0xd1/0x650 [ 19.701910] ? __virt_addr_valid+0x1db/0x2d0 [ 19.701935] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.701963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.701986] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.702015] kasan_report+0x141/0x180 [ 19.702038] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.702070] __asan_report_load8_noabort+0x18/0x20 [ 19.702095] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.702124] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.702153] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.702175] ? trace_hardirqs_on+0x37/0xe0 [ 19.702198] ? kasan_bitops_generic+0x92/0x1c0 [ 19.702226] kasan_bitops_generic+0x121/0x1c0 [ 19.702251] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.702302] ? __pfx_read_tsc+0x10/0x10 [ 19.702326] ? ktime_get_ts64+0x86/0x230 [ 19.702351] kunit_try_run_case+0x1a5/0x480 [ 19.702379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.702402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.702426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.702449] ? __kthread_parkme+0x82/0x180 [ 19.702472] ? preempt_count_sub+0x50/0x80 [ 19.702496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.702520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.702543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.702567] kthread+0x337/0x6f0 [ 19.702588] ? trace_preempt_on+0x20/0xc0 [ 19.702610] ? __pfx_kthread+0x10/0x10 [ 19.702631] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.702653] ? calculate_sigpending+0x7b/0xa0 [ 19.702706] ? __pfx_kthread+0x10/0x10 [ 19.702731] ret_from_fork+0x116/0x1d0 [ 19.702751] ? __pfx_kthread+0x10/0x10 [ 19.702774] ret_from_fork_asm+0x1a/0x30 [ 19.702806] </TASK> [ 19.702819] [ 19.714059] Allocated by task 278: [ 19.714277] kasan_save_stack+0x45/0x70 [ 19.714629] kasan_save_track+0x18/0x40 [ 19.714943] kasan_save_alloc_info+0x3b/0x50 [ 19.715321] __kasan_kmalloc+0xb7/0xc0 [ 19.715645] __kmalloc_cache_noprof+0x189/0x420 [ 19.716015] kasan_bitops_generic+0x92/0x1c0 [ 19.716238] kunit_try_run_case+0x1a5/0x480 [ 19.716563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.717029] kthread+0x337/0x6f0 [ 19.717331] ret_from_fork+0x116/0x1d0 [ 19.717522] ret_from_fork_asm+0x1a/0x30 [ 19.717773] [ 19.717970] The buggy address belongs to the object at ffff8881026fb960 [ 19.717970] which belongs to the cache kmalloc-16 of size 16 [ 19.718751] The buggy address is located 8 bytes inside of [ 19.718751] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.719386] [ 19.719603] The buggy address belongs to the physical page: [ 19.720080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.720442] flags: 0x200000000000000(node=0|zone=2) [ 19.720972] page_type: f5(slab) [ 19.721246] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.721700] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.722197] page dumped because: kasan: bad access detected [ 19.722426] [ 19.722547] Memory state around the buggy address: [ 19.722759] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.723035] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.723344] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.723958] ^ [ 19.724679] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.725272] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.725840] ================================================================== [ 19.473002] ================================================================== [ 19.473910] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.474691] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.475490] [ 19.475782] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.475892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.475918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.475970] Call Trace: [ 19.476009] <TASK> [ 19.476195] dump_stack_lvl+0x73/0xb0 [ 19.476296] print_report+0xd1/0x650 [ 19.476345] ? __virt_addr_valid+0x1db/0x2d0 [ 19.476391] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.476444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.476487] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.476547] kasan_report+0x141/0x180 [ 19.476609] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.476694] kasan_check_range+0x10c/0x1c0 [ 19.476727] __kasan_check_write+0x18/0x20 [ 19.476748] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.476778] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.476807] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.476828] ? trace_hardirqs_on+0x37/0xe0 [ 19.476852] ? kasan_bitops_generic+0x92/0x1c0 [ 19.476879] kasan_bitops_generic+0x121/0x1c0 [ 19.476904] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.476930] ? __pfx_read_tsc+0x10/0x10 [ 19.476953] ? ktime_get_ts64+0x86/0x230 [ 19.476977] kunit_try_run_case+0x1a5/0x480 [ 19.477003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.477026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.477107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.477151] ? __kthread_parkme+0x82/0x180 [ 19.477187] ? preempt_count_sub+0x50/0x80 [ 19.477223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.477275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.477317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.477352] kthread+0x337/0x6f0 [ 19.477384] ? trace_preempt_on+0x20/0xc0 [ 19.477423] ? __pfx_kthread+0x10/0x10 [ 19.477454] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.477490] ? calculate_sigpending+0x7b/0xa0 [ 19.477528] ? __pfx_kthread+0x10/0x10 [ 19.477591] ret_from_fork+0x116/0x1d0 [ 19.477628] ? __pfx_kthread+0x10/0x10 [ 19.477651] ret_from_fork_asm+0x1a/0x30 [ 19.477719] </TASK> [ 19.477733] [ 19.492198] Allocated by task 278: [ 19.492847] kasan_save_stack+0x45/0x70 [ 19.493186] kasan_save_track+0x18/0x40 [ 19.493633] kasan_save_alloc_info+0x3b/0x50 [ 19.493962] __kasan_kmalloc+0xb7/0xc0 [ 19.494895] __kmalloc_cache_noprof+0x189/0x420 [ 19.495418] kasan_bitops_generic+0x92/0x1c0 [ 19.495700] kunit_try_run_case+0x1a5/0x480 [ 19.495911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.496146] kthread+0x337/0x6f0 [ 19.496617] ret_from_fork+0x116/0x1d0 [ 19.497157] ret_from_fork_asm+0x1a/0x30 [ 19.498012] [ 19.498489] The buggy address belongs to the object at ffff8881026fb960 [ 19.498489] which belongs to the cache kmalloc-16 of size 16 [ 19.500304] The buggy address is located 8 bytes inside of [ 19.500304] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.500874] [ 19.501088] The buggy address belongs to the physical page: [ 19.501479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.501979] flags: 0x200000000000000(node=0|zone=2) [ 19.502335] page_type: f5(slab) [ 19.502548] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.503051] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.504232] page dumped because: kasan: bad access detected [ 19.504664] [ 19.504877] Memory state around the buggy address: [ 19.505482] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.505847] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.506354] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.506987] ^ [ 19.507523] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.507990] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.508436] ================================================================== [ 19.662367] ================================================================== [ 19.663447] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.664362] Read of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.665432] [ 19.665986] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.666060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.666074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.666099] Call Trace: [ 19.666116] <TASK> [ 19.666140] dump_stack_lvl+0x73/0xb0 [ 19.666177] print_report+0xd1/0x650 [ 19.666203] ? __virt_addr_valid+0x1db/0x2d0 [ 19.666228] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.666272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.666306] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.666336] kasan_report+0x141/0x180 [ 19.666359] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.666391] kasan_check_range+0x10c/0x1c0 [ 19.666416] __kasan_check_read+0x15/0x20 [ 19.666436] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.666465] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.666495] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.666517] ? trace_hardirqs_on+0x37/0xe0 [ 19.666542] ? kasan_bitops_generic+0x92/0x1c0 [ 19.666570] kasan_bitops_generic+0x121/0x1c0 [ 19.666595] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.666621] ? __pfx_read_tsc+0x10/0x10 [ 19.666644] ? ktime_get_ts64+0x86/0x230 [ 19.666681] kunit_try_run_case+0x1a5/0x480 [ 19.666712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.666735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.666759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.666783] ? __kthread_parkme+0x82/0x180 [ 19.666805] ? preempt_count_sub+0x50/0x80 [ 19.666831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.666855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.666879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.666904] kthread+0x337/0x6f0 [ 19.666925] ? trace_preempt_on+0x20/0xc0 [ 19.666948] ? __pfx_kthread+0x10/0x10 [ 19.666970] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.667002] ? calculate_sigpending+0x7b/0xa0 [ 19.667033] ? __pfx_kthread+0x10/0x10 [ 19.667056] ret_from_fork+0x116/0x1d0 [ 19.667076] ? __pfx_kthread+0x10/0x10 [ 19.667098] ret_from_fork_asm+0x1a/0x30 [ 19.667131] </TASK> [ 19.667143] [ 19.682832] Allocated by task 278: [ 19.683166] kasan_save_stack+0x45/0x70 [ 19.683432] kasan_save_track+0x18/0x40 [ 19.684141] kasan_save_alloc_info+0x3b/0x50 [ 19.684418] __kasan_kmalloc+0xb7/0xc0 [ 19.684584] __kmalloc_cache_noprof+0x189/0x420 [ 19.685204] kasan_bitops_generic+0x92/0x1c0 [ 19.685816] kunit_try_run_case+0x1a5/0x480 [ 19.686007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.686582] kthread+0x337/0x6f0 [ 19.686880] ret_from_fork+0x116/0x1d0 [ 19.687484] ret_from_fork_asm+0x1a/0x30 [ 19.687925] [ 19.688056] The buggy address belongs to the object at ffff8881026fb960 [ 19.688056] which belongs to the cache kmalloc-16 of size 16 [ 19.688536] The buggy address is located 8 bytes inside of [ 19.688536] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.690108] [ 19.690231] The buggy address belongs to the physical page: [ 19.690485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.691178] flags: 0x200000000000000(node=0|zone=2) [ 19.691471] page_type: f5(slab) [ 19.692088] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.692488] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.693176] page dumped because: kasan: bad access detected [ 19.693454] [ 19.693556] Memory state around the buggy address: [ 19.694466] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.694717] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.695247] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.696052] ^ [ 19.696384] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.696878] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.697325] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.320612] ================================================================== [ 19.321021] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.321384] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.321639] [ 19.321803] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.321892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.321914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.321959] Call Trace: [ 19.321980] <TASK> [ 19.322014] dump_stack_lvl+0x73/0xb0 [ 19.322069] print_report+0xd1/0x650 [ 19.322114] ? __virt_addr_valid+0x1db/0x2d0 [ 19.322160] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.322255] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322324] kasan_report+0x141/0x180 [ 19.322369] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322465] kasan_check_range+0x10c/0x1c0 [ 19.322521] __kasan_check_write+0x18/0x20 [ 19.322554] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322594] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.322637] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.322672] ? trace_hardirqs_on+0x37/0xe0 [ 19.322709] ? kasan_bitops_generic+0x92/0x1c0 [ 19.322752] kasan_bitops_generic+0x116/0x1c0 [ 19.322792] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.322834] ? __pfx_read_tsc+0x10/0x10 [ 19.322868] ? ktime_get_ts64+0x86/0x230 [ 19.322915] kunit_try_run_case+0x1a5/0x480 [ 19.322961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.323040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.323102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.323151] ? __kthread_parkme+0x82/0x180 [ 19.323198] ? preempt_count_sub+0x50/0x80 [ 19.323252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.323316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.323367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.323419] kthread+0x337/0x6f0 [ 19.323464] ? trace_preempt_on+0x20/0xc0 [ 19.323513] ? __pfx_kthread+0x10/0x10 [ 19.323556] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.323839] ? calculate_sigpending+0x7b/0xa0 [ 19.323899] ? __pfx_kthread+0x10/0x10 [ 19.323941] ret_from_fork+0x116/0x1d0 [ 19.323981] ? __pfx_kthread+0x10/0x10 [ 19.324009] ret_from_fork_asm+0x1a/0x30 [ 19.324050] </TASK> [ 19.324168] [ 19.340817] Allocated by task 278: [ 19.341080] kasan_save_stack+0x45/0x70 [ 19.341539] kasan_save_track+0x18/0x40 [ 19.342205] kasan_save_alloc_info+0x3b/0x50 [ 19.342579] __kasan_kmalloc+0xb7/0xc0 [ 19.342934] __kmalloc_cache_noprof+0x189/0x420 [ 19.343412] kasan_bitops_generic+0x92/0x1c0 [ 19.343939] kunit_try_run_case+0x1a5/0x480 [ 19.344223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.345015] kthread+0x337/0x6f0 [ 19.345411] ret_from_fork+0x116/0x1d0 [ 19.345683] ret_from_fork_asm+0x1a/0x30 [ 19.346275] [ 19.346508] The buggy address belongs to the object at ffff8881026fb960 [ 19.346508] which belongs to the cache kmalloc-16 of size 16 [ 19.347152] The buggy address is located 8 bytes inside of [ 19.347152] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.348101] [ 19.348736] The buggy address belongs to the physical page: [ 19.349172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.349586] flags: 0x200000000000000(node=0|zone=2) [ 19.349899] page_type: f5(slab) [ 19.350086] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.350678] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.351665] page dumped because: kasan: bad access detected [ 19.351916] [ 19.352314] Memory state around the buggy address: [ 19.353038] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.353648] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.354621] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.355290] ^ [ 19.355906] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356419] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357316] ================================================================== [ 19.134936] ================================================================== [ 19.135680] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.136611] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.137657] [ 19.137999] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.138096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.138118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.138155] Call Trace: [ 19.138180] <TASK> [ 19.138214] dump_stack_lvl+0x73/0xb0 [ 19.138290] print_report+0xd1/0x650 [ 19.138332] ? __virt_addr_valid+0x1db/0x2d0 [ 19.138372] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.138454] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138482] kasan_report+0x141/0x180 [ 19.138506] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138537] kasan_check_range+0x10c/0x1c0 [ 19.138562] __kasan_check_write+0x18/0x20 [ 19.138583] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138610] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.138639] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.138667] ? trace_hardirqs_on+0x37/0xe0 [ 19.139000] ? kasan_bitops_generic+0x92/0x1c0 [ 19.139085] kasan_bitops_generic+0x116/0x1c0 [ 19.139175] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.139222] ? __pfx_read_tsc+0x10/0x10 [ 19.139272] ? ktime_get_ts64+0x86/0x230 [ 19.139317] kunit_try_run_case+0x1a5/0x480 [ 19.139360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.139387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.139412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.139437] ? __kthread_parkme+0x82/0x180 [ 19.139460] ? preempt_count_sub+0x50/0x80 [ 19.139485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.139510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.139535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.139560] kthread+0x337/0x6f0 [ 19.139581] ? trace_preempt_on+0x20/0xc0 [ 19.139606] ? __pfx_kthread+0x10/0x10 [ 19.139628] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.139649] ? calculate_sigpending+0x7b/0xa0 [ 19.139687] ? __pfx_kthread+0x10/0x10 [ 19.139733] ret_from_fork+0x116/0x1d0 [ 19.139754] ? __pfx_kthread+0x10/0x10 [ 19.139776] ret_from_fork_asm+0x1a/0x30 [ 19.139808] </TASK> [ 19.139821] [ 19.157015] Allocated by task 278: [ 19.157845] kasan_save_stack+0x45/0x70 [ 19.158150] kasan_save_track+0x18/0x40 [ 19.158539] kasan_save_alloc_info+0x3b/0x50 [ 19.159070] __kasan_kmalloc+0xb7/0xc0 [ 19.159483] __kmalloc_cache_noprof+0x189/0x420 [ 19.159877] kasan_bitops_generic+0x92/0x1c0 [ 19.160176] kunit_try_run_case+0x1a5/0x480 [ 19.160800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.161375] kthread+0x337/0x6f0 [ 19.161591] ret_from_fork+0x116/0x1d0 [ 19.161954] ret_from_fork_asm+0x1a/0x30 [ 19.163045] [ 19.163322] The buggy address belongs to the object at ffff8881026fb960 [ 19.163322] which belongs to the cache kmalloc-16 of size 16 [ 19.163952] The buggy address is located 8 bytes inside of [ 19.163952] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.165452] [ 19.165611] The buggy address belongs to the physical page: [ 19.166067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.167194] flags: 0x200000000000000(node=0|zone=2) [ 19.167618] page_type: f5(slab) [ 19.167965] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.168734] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.169328] page dumped because: kasan: bad access detected [ 19.169602] [ 19.169813] Memory state around the buggy address: [ 19.170324] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.170725] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.171807] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.172410] ^ [ 19.172889] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.173451] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.173862] ================================================================== [ 19.244216] ================================================================== [ 19.244897] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.246272] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.246982] [ 19.247371] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.247485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.247513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.247589] Call Trace: [ 19.247644] <TASK> [ 19.247686] dump_stack_lvl+0x73/0xb0 [ 19.247771] print_report+0xd1/0x650 [ 19.247819] ? __virt_addr_valid+0x1db/0x2d0 [ 19.247874] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.247939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.247990] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.248049] kasan_report+0x141/0x180 [ 19.248113] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.248178] kasan_check_range+0x10c/0x1c0 [ 19.248230] __kasan_check_write+0x18/0x20 [ 19.248414] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.248491] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.248559] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.248602] ? trace_hardirqs_on+0x37/0xe0 [ 19.248654] ? kasan_bitops_generic+0x92/0x1c0 [ 19.248734] kasan_bitops_generic+0x116/0x1c0 [ 19.248787] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.248840] ? __pfx_read_tsc+0x10/0x10 [ 19.248887] ? ktime_get_ts64+0x86/0x230 [ 19.248926] kunit_try_run_case+0x1a5/0x480 [ 19.248954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.248978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.249003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.249026] ? __kthread_parkme+0x82/0x180 [ 19.249057] ? preempt_count_sub+0x50/0x80 [ 19.249367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.249413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.249442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.249467] kthread+0x337/0x6f0 [ 19.249490] ? trace_preempt_on+0x20/0xc0 [ 19.249515] ? __pfx_kthread+0x10/0x10 [ 19.249537] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.249559] ? calculate_sigpending+0x7b/0xa0 [ 19.249584] ? __pfx_kthread+0x10/0x10 [ 19.249606] ret_from_fork+0x116/0x1d0 [ 19.249626] ? __pfx_kthread+0x10/0x10 [ 19.249646] ret_from_fork_asm+0x1a/0x30 [ 19.249723] </TASK> [ 19.249738] [ 19.263827] Allocated by task 278: [ 19.264391] kasan_save_stack+0x45/0x70 [ 19.264661] kasan_save_track+0x18/0x40 [ 19.265688] kasan_save_alloc_info+0x3b/0x50 [ 19.265935] __kasan_kmalloc+0xb7/0xc0 [ 19.266401] __kmalloc_cache_noprof+0x189/0x420 [ 19.266868] kasan_bitops_generic+0x92/0x1c0 [ 19.267145] kunit_try_run_case+0x1a5/0x480 [ 19.267395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.267712] kthread+0x337/0x6f0 [ 19.268160] ret_from_fork+0x116/0x1d0 [ 19.268529] ret_from_fork_asm+0x1a/0x30 [ 19.268963] [ 19.269569] The buggy address belongs to the object at ffff8881026fb960 [ 19.269569] which belongs to the cache kmalloc-16 of size 16 [ 19.270983] The buggy address is located 8 bytes inside of [ 19.270983] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.271688] [ 19.271818] The buggy address belongs to the physical page: [ 19.272038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.272807] flags: 0x200000000000000(node=0|zone=2) [ 19.273556] page_type: f5(slab) [ 19.274303] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.275002] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.275577] page dumped because: kasan: bad access detected [ 19.275999] [ 19.276328] Memory state around the buggy address: [ 19.276758] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.277525] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.277970] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.278245] ^ [ 19.279415] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.279978] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.281064] ================================================================== [ 19.175029] ================================================================== [ 19.175944] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.176614] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.176912] [ 19.177145] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.177501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.177533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.177578] Call Trace: [ 19.177619] <TASK> [ 19.177658] dump_stack_lvl+0x73/0xb0 [ 19.177721] print_report+0xd1/0x650 [ 19.177765] ? __virt_addr_valid+0x1db/0x2d0 [ 19.177833] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.177882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.177929] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.177976] kasan_report+0x141/0x180 [ 19.178018] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.178184] kasan_check_range+0x10c/0x1c0 [ 19.178239] __kasan_check_write+0x18/0x20 [ 19.178292] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.178342] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.178391] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.178430] ? trace_hardirqs_on+0x37/0xe0 [ 19.178470] ? kasan_bitops_generic+0x92/0x1c0 [ 19.178520] kasan_bitops_generic+0x116/0x1c0 [ 19.178557] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.178597] ? __pfx_read_tsc+0x10/0x10 [ 19.178637] ? ktime_get_ts64+0x86/0x230 [ 19.178679] kunit_try_run_case+0x1a5/0x480 [ 19.178751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.178799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.178835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.178860] ? __kthread_parkme+0x82/0x180 [ 19.178884] ? preempt_count_sub+0x50/0x80 [ 19.178909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.178935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.178960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.178985] kthread+0x337/0x6f0 [ 19.179020] ? trace_preempt_on+0x20/0xc0 [ 19.179053] ? __pfx_kthread+0x10/0x10 [ 19.179359] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.179393] ? calculate_sigpending+0x7b/0xa0 [ 19.179421] ? __pfx_kthread+0x10/0x10 [ 19.179444] ret_from_fork+0x116/0x1d0 [ 19.179468] ? __pfx_kthread+0x10/0x10 [ 19.179490] ret_from_fork_asm+0x1a/0x30 [ 19.179522] </TASK> [ 19.179536] [ 19.194950] Allocated by task 278: [ 19.195813] kasan_save_stack+0x45/0x70 [ 19.196342] kasan_save_track+0x18/0x40 [ 19.196731] kasan_save_alloc_info+0x3b/0x50 [ 19.197029] __kasan_kmalloc+0xb7/0xc0 [ 19.197624] __kmalloc_cache_noprof+0x189/0x420 [ 19.198029] kasan_bitops_generic+0x92/0x1c0 [ 19.198611] kunit_try_run_case+0x1a5/0x480 [ 19.199021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.199880] kthread+0x337/0x6f0 [ 19.200131] ret_from_fork+0x116/0x1d0 [ 19.200480] ret_from_fork_asm+0x1a/0x30 [ 19.200873] [ 19.201269] The buggy address belongs to the object at ffff8881026fb960 [ 19.201269] which belongs to the cache kmalloc-16 of size 16 [ 19.201997] The buggy address is located 8 bytes inside of [ 19.201997] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.202939] [ 19.203515] The buggy address belongs to the physical page: [ 19.203905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.204353] flags: 0x200000000000000(node=0|zone=2) [ 19.204923] page_type: f5(slab) [ 19.205430] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.206269] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.206833] page dumped because: kasan: bad access detected [ 19.207156] [ 19.207279] Memory state around the buggy address: [ 19.207670] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.208552] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.209341] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.209862] ^ [ 19.210379] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211170] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211663] ================================================================== [ 19.282132] ================================================================== [ 19.282629] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.283351] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.284490] [ 19.284682] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.284792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.284820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.284865] Call Trace: [ 19.284902] <TASK> [ 19.284956] dump_stack_lvl+0x73/0xb0 [ 19.285382] print_report+0xd1/0x650 [ 19.285435] ? __virt_addr_valid+0x1db/0x2d0 [ 19.285478] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.285574] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285652] kasan_report+0x141/0x180 [ 19.285714] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285776] kasan_check_range+0x10c/0x1c0 [ 19.285844] __kasan_check_write+0x18/0x20 [ 19.285885] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285930] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.285982] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.286026] ? trace_hardirqs_on+0x37/0xe0 [ 19.286069] ? kasan_bitops_generic+0x92/0x1c0 [ 19.286124] kasan_bitops_generic+0x116/0x1c0 [ 19.286168] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.286349] ? __pfx_read_tsc+0x10/0x10 [ 19.286375] ? ktime_get_ts64+0x86/0x230 [ 19.286402] kunit_try_run_case+0x1a5/0x480 [ 19.286430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.286454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.286479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.286503] ? __kthread_parkme+0x82/0x180 [ 19.286525] ? preempt_count_sub+0x50/0x80 [ 19.286550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.286575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.286599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.286624] kthread+0x337/0x6f0 [ 19.286644] ? trace_preempt_on+0x20/0xc0 [ 19.286695] ? __pfx_kthread+0x10/0x10 [ 19.286722] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.286745] ? calculate_sigpending+0x7b/0xa0 [ 19.286771] ? __pfx_kthread+0x10/0x10 [ 19.286794] ret_from_fork+0x116/0x1d0 [ 19.286814] ? __pfx_kthread+0x10/0x10 [ 19.286836] ret_from_fork_asm+0x1a/0x30 [ 19.286869] </TASK> [ 19.286882] [ 19.302040] Allocated by task 278: [ 19.302418] kasan_save_stack+0x45/0x70 [ 19.302897] kasan_save_track+0x18/0x40 [ 19.303442] kasan_save_alloc_info+0x3b/0x50 [ 19.303992] __kasan_kmalloc+0xb7/0xc0 [ 19.304402] __kmalloc_cache_noprof+0x189/0x420 [ 19.304988] kasan_bitops_generic+0x92/0x1c0 [ 19.305720] kunit_try_run_case+0x1a5/0x480 [ 19.306323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.306920] kthread+0x337/0x6f0 [ 19.307435] ret_from_fork+0x116/0x1d0 [ 19.307715] ret_from_fork_asm+0x1a/0x30 [ 19.308095] [ 19.308431] The buggy address belongs to the object at ffff8881026fb960 [ 19.308431] which belongs to the cache kmalloc-16 of size 16 [ 19.309213] The buggy address is located 8 bytes inside of [ 19.309213] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.310150] [ 19.310786] The buggy address belongs to the physical page: [ 19.311461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.312093] flags: 0x200000000000000(node=0|zone=2) [ 19.312459] page_type: f5(slab) [ 19.312832] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.313831] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.314105] page dumped because: kasan: bad access detected [ 19.314688] [ 19.314880] Memory state around the buggy address: [ 19.315241] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.315568] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.316001] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.316459] ^ [ 19.317139] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.318019] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.318778] ================================================================== [ 19.358549] ================================================================== [ 19.359079] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.359763] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.360362] [ 19.361203] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.361515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.361545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.361572] Call Trace: [ 19.361595] <TASK> [ 19.361620] dump_stack_lvl+0x73/0xb0 [ 19.361675] print_report+0xd1/0x650 [ 19.361734] ? __virt_addr_valid+0x1db/0x2d0 [ 19.361778] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.361826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.361908] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.361998] kasan_report+0x141/0x180 [ 19.362168] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.362240] kasan_check_range+0x10c/0x1c0 [ 19.362302] __kasan_check_write+0x18/0x20 [ 19.362329] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.362357] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.362386] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.362409] ? trace_hardirqs_on+0x37/0xe0 [ 19.362435] ? kasan_bitops_generic+0x92/0x1c0 [ 19.362464] kasan_bitops_generic+0x116/0x1c0 [ 19.362489] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.362516] ? __pfx_read_tsc+0x10/0x10 [ 19.362539] ? ktime_get_ts64+0x86/0x230 [ 19.362564] kunit_try_run_case+0x1a5/0x480 [ 19.362590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.362614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.362638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.362667] ? __kthread_parkme+0x82/0x180 [ 19.362713] ? preempt_count_sub+0x50/0x80 [ 19.362739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.362764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.362789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.362813] kthread+0x337/0x6f0 [ 19.362835] ? trace_preempt_on+0x20/0xc0 [ 19.362858] ? __pfx_kthread+0x10/0x10 [ 19.362881] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.362903] ? calculate_sigpending+0x7b/0xa0 [ 19.362929] ? __pfx_kthread+0x10/0x10 [ 19.362952] ret_from_fork+0x116/0x1d0 [ 19.362972] ? __pfx_kthread+0x10/0x10 [ 19.363004] ret_from_fork_asm+0x1a/0x30 [ 19.363050] </TASK> [ 19.363071] [ 19.380220] Allocated by task 278: [ 19.380617] kasan_save_stack+0x45/0x70 [ 19.380907] kasan_save_track+0x18/0x40 [ 19.381165] kasan_save_alloc_info+0x3b/0x50 [ 19.381484] __kasan_kmalloc+0xb7/0xc0 [ 19.381730] __kmalloc_cache_noprof+0x189/0x420 [ 19.381979] kasan_bitops_generic+0x92/0x1c0 [ 19.382244] kunit_try_run_case+0x1a5/0x480 [ 19.383238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.383576] kthread+0x337/0x6f0 [ 19.383882] ret_from_fork+0x116/0x1d0 [ 19.384071] ret_from_fork_asm+0x1a/0x30 [ 19.384280] [ 19.384401] The buggy address belongs to the object at ffff8881026fb960 [ 19.384401] which belongs to the cache kmalloc-16 of size 16 [ 19.385247] The buggy address is located 8 bytes inside of [ 19.385247] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.386186] [ 19.386387] The buggy address belongs to the physical page: [ 19.386827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.388313] flags: 0x200000000000000(node=0|zone=2) [ 19.389069] page_type: f5(slab) [ 19.389316] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.389867] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.390600] page dumped because: kasan: bad access detected [ 19.391084] [ 19.391798] Memory state around the buggy address: [ 19.392022] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.392494] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.393415] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.393743] ^ [ 19.394443] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.395350] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.395816] ================================================================== [ 19.098851] ================================================================== [ 19.100099] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.100586] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.101353] [ 19.101971] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.102105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.102134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.102165] Call Trace: [ 19.102184] <TASK> [ 19.102208] dump_stack_lvl+0x73/0xb0 [ 19.102251] print_report+0xd1/0x650 [ 19.102303] ? __virt_addr_valid+0x1db/0x2d0 [ 19.102328] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.102381] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102409] kasan_report+0x141/0x180 [ 19.102433] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102465] kasan_check_range+0x10c/0x1c0 [ 19.102491] __kasan_check_write+0x18/0x20 [ 19.102512] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102540] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.102569] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.102592] ? trace_hardirqs_on+0x37/0xe0 [ 19.102617] ? kasan_bitops_generic+0x92/0x1c0 [ 19.102646] kasan_bitops_generic+0x116/0x1c0 [ 19.102685] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.102727] ? __pfx_read_tsc+0x10/0x10 [ 19.102770] ? ktime_get_ts64+0x86/0x230 [ 19.102814] kunit_try_run_case+0x1a5/0x480 [ 19.102854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.102888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.102924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.102978] ? __kthread_parkme+0x82/0x180 [ 19.103017] ? preempt_count_sub+0x50/0x80 [ 19.103053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.103111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.103151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.103186] kthread+0x337/0x6f0 [ 19.103219] ? trace_preempt_on+0x20/0xc0 [ 19.103267] ? __pfx_kthread+0x10/0x10 [ 19.103304] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.103336] ? calculate_sigpending+0x7b/0xa0 [ 19.103377] ? __pfx_kthread+0x10/0x10 [ 19.103410] ret_from_fork+0x116/0x1d0 [ 19.103431] ? __pfx_kthread+0x10/0x10 [ 19.103453] ret_from_fork_asm+0x1a/0x30 [ 19.103486] </TASK> [ 19.103500] [ 19.116693] Allocated by task 278: [ 19.117408] kasan_save_stack+0x45/0x70 [ 19.117803] kasan_save_track+0x18/0x40 [ 19.118130] kasan_save_alloc_info+0x3b/0x50 [ 19.118342] __kasan_kmalloc+0xb7/0xc0 [ 19.119383] __kmalloc_cache_noprof+0x189/0x420 [ 19.119614] kasan_bitops_generic+0x92/0x1c0 [ 19.120277] kunit_try_run_case+0x1a5/0x480 [ 19.120522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.120915] kthread+0x337/0x6f0 [ 19.121439] ret_from_fork+0x116/0x1d0 [ 19.121875] ret_from_fork_asm+0x1a/0x30 [ 19.122762] [ 19.122879] The buggy address belongs to the object at ffff8881026fb960 [ 19.122879] which belongs to the cache kmalloc-16 of size 16 [ 19.123642] The buggy address is located 8 bytes inside of [ 19.123642] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.124484] [ 19.125208] The buggy address belongs to the physical page: [ 19.126027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.126368] flags: 0x200000000000000(node=0|zone=2) [ 19.127004] page_type: f5(slab) [ 19.127908] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.128329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.129250] page dumped because: kasan: bad access detected [ 19.129585] [ 19.129745] Memory state around the buggy address: [ 19.130132] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.130606] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.131698] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.132182] ^ [ 19.132909] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.133673] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.134031] ================================================================== [ 19.212824] ================================================================== [ 19.213230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.214486] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.215199] [ 19.215467] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.215575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.215604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.215650] Call Trace: [ 19.215724] <TASK> [ 19.215765] dump_stack_lvl+0x73/0xb0 [ 19.215824] print_report+0xd1/0x650 [ 19.215865] ? __virt_addr_valid+0x1db/0x2d0 [ 19.215910] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.215963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.216013] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.216099] kasan_report+0x141/0x180 [ 19.216148] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.216203] kasan_check_range+0x10c/0x1c0 [ 19.216242] __kasan_check_write+0x18/0x20 [ 19.216289] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.216333] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.216375] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.216408] ? trace_hardirqs_on+0x37/0xe0 [ 19.216446] ? kasan_bitops_generic+0x92/0x1c0 [ 19.216491] kasan_bitops_generic+0x116/0x1c0 [ 19.216529] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.216570] ? __pfx_read_tsc+0x10/0x10 [ 19.216598] ? ktime_get_ts64+0x86/0x230 [ 19.216623] kunit_try_run_case+0x1a5/0x480 [ 19.216650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.216720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.216748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.216772] ? __kthread_parkme+0x82/0x180 [ 19.216794] ? preempt_count_sub+0x50/0x80 [ 19.216819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.216843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.216867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.216891] kthread+0x337/0x6f0 [ 19.216912] ? trace_preempt_on+0x20/0xc0 [ 19.216935] ? __pfx_kthread+0x10/0x10 [ 19.216958] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.216979] ? calculate_sigpending+0x7b/0xa0 [ 19.217005] ? __pfx_kthread+0x10/0x10 [ 19.217027] ret_from_fork+0x116/0x1d0 [ 19.217055] ? __pfx_kthread+0x10/0x10 [ 19.217112] ret_from_fork_asm+0x1a/0x30 [ 19.217162] </TASK> [ 19.217180] [ 19.227697] Allocated by task 278: [ 19.227892] kasan_save_stack+0x45/0x70 [ 19.228102] kasan_save_track+0x18/0x40 [ 19.228966] kasan_save_alloc_info+0x3b/0x50 [ 19.229619] __kasan_kmalloc+0xb7/0xc0 [ 19.229975] __kmalloc_cache_noprof+0x189/0x420 [ 19.230581] kasan_bitops_generic+0x92/0x1c0 [ 19.231197] kunit_try_run_case+0x1a5/0x480 [ 19.231584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.232590] kthread+0x337/0x6f0 [ 19.232818] ret_from_fork+0x116/0x1d0 [ 19.233336] ret_from_fork_asm+0x1a/0x30 [ 19.233602] [ 19.233826] The buggy address belongs to the object at ffff8881026fb960 [ 19.233826] which belongs to the cache kmalloc-16 of size 16 [ 19.234644] The buggy address is located 8 bytes inside of [ 19.234644] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.235522] [ 19.235662] The buggy address belongs to the physical page: [ 19.236011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.236361] flags: 0x200000000000000(node=0|zone=2) [ 19.237176] page_type: f5(slab) [ 19.237537] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.238131] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.238628] page dumped because: kasan: bad access detected [ 19.238941] [ 19.239239] Memory state around the buggy address: [ 19.239642] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.239973] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.240246] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.240521] ^ [ 19.240769] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.241289] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.242107] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.058207] ================================================================== [ 19.058851] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 19.059407] Read of size 1 at addr ffff888102327750 by task kunit_try_catch/276 [ 19.060022] [ 19.060280] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.060387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.060414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.060461] Call Trace: [ 19.060511] <TASK> [ 19.060553] dump_stack_lvl+0x73/0xb0 [ 19.060636] print_report+0xd1/0x650 [ 19.060722] ? __virt_addr_valid+0x1db/0x2d0 [ 19.060782] ? strnlen+0x73/0x80 [ 19.060844] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.060893] ? strnlen+0x73/0x80 [ 19.060932] kasan_report+0x141/0x180 [ 19.060977] ? strnlen+0x73/0x80 [ 19.061028] __asan_report_load1_noabort+0x18/0x20 [ 19.061074] strnlen+0x73/0x80 [ 19.061120] kasan_strings+0x615/0xe80 [ 19.061161] ? trace_hardirqs_on+0x37/0xe0 [ 19.061213] ? __pfx_kasan_strings+0x10/0x10 [ 19.061253] ? finish_task_switch.isra.0+0x153/0x700 [ 19.061318] ? __switch_to+0x47/0xf50 [ 19.061377] ? __schedule+0x10cc/0x2b60 [ 19.061428] ? __pfx_read_tsc+0x10/0x10 [ 19.061468] ? ktime_get_ts64+0x86/0x230 [ 19.061497] kunit_try_run_case+0x1a5/0x480 [ 19.061526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.061550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.061577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.061601] ? __kthread_parkme+0x82/0x180 [ 19.061624] ? preempt_count_sub+0x50/0x80 [ 19.061648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.061733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.061762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.061787] kthread+0x337/0x6f0 [ 19.061809] ? trace_preempt_on+0x20/0xc0 [ 19.061833] ? __pfx_kthread+0x10/0x10 [ 19.061856] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.061879] ? calculate_sigpending+0x7b/0xa0 [ 19.061906] ? __pfx_kthread+0x10/0x10 [ 19.061929] ret_from_fork+0x116/0x1d0 [ 19.061949] ? __pfx_kthread+0x10/0x10 [ 19.061971] ret_from_fork_asm+0x1a/0x30 [ 19.062004] </TASK> [ 19.062018] [ 19.074735] Allocated by task 276: [ 19.075085] kasan_save_stack+0x45/0x70 [ 19.075926] kasan_save_track+0x18/0x40 [ 19.076156] kasan_save_alloc_info+0x3b/0x50 [ 19.076503] __kasan_kmalloc+0xb7/0xc0 [ 19.077203] __kmalloc_cache_noprof+0x189/0x420 [ 19.077411] kasan_strings+0xc0/0xe80 [ 19.077750] kunit_try_run_case+0x1a5/0x480 [ 19.078319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.078529] kthread+0x337/0x6f0 [ 19.078865] ret_from_fork+0x116/0x1d0 [ 19.079534] ret_from_fork_asm+0x1a/0x30 [ 19.079979] [ 19.080087] Freed by task 276: [ 19.080295] kasan_save_stack+0x45/0x70 [ 19.080846] kasan_save_track+0x18/0x40 [ 19.081051] kasan_save_free_info+0x3f/0x60 [ 19.081746] __kasan_slab_free+0x56/0x70 [ 19.081952] kfree+0x222/0x3f0 [ 19.082396] kasan_strings+0x2aa/0xe80 [ 19.083020] kunit_try_run_case+0x1a5/0x480 [ 19.083442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.083671] kthread+0x337/0x6f0 [ 19.084174] ret_from_fork+0x116/0x1d0 [ 19.084542] ret_from_fork_asm+0x1a/0x30 [ 19.084950] [ 19.085090] The buggy address belongs to the object at ffff888102327740 [ 19.085090] which belongs to the cache kmalloc-32 of size 32 [ 19.085774] The buggy address is located 16 bytes inside of [ 19.085774] freed 32-byte region [ffff888102327740, ffff888102327760) [ 19.086504] [ 19.086705] The buggy address belongs to the physical page: [ 19.087174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102327 [ 19.087606] flags: 0x200000000000000(node=0|zone=2) [ 19.088006] page_type: f5(slab) [ 19.088225] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.088799] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.089230] page dumped because: kasan: bad access detected [ 19.089643] [ 19.089836] Memory state around the buggy address: [ 19.090102] ffff888102327600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.090531] ffff888102327680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.090972] >ffff888102327700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.091437] ^ [ 19.091757] ffff888102327780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.092206] ffff888102327800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.092553] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.023433] ================================================================== [ 19.024420] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 19.025365] Read of size 1 at addr ffff888102327750 by task kunit_try_catch/276 [ 19.025782] [ 19.026065] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.026214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.026244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.026299] Call Trace: [ 19.026328] <TASK> [ 19.026365] dump_stack_lvl+0x73/0xb0 [ 19.026434] print_report+0xd1/0x650 [ 19.026487] ? __virt_addr_valid+0x1db/0x2d0 [ 19.026569] ? strlen+0x8f/0xb0 [ 19.026630] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.026717] ? strlen+0x8f/0xb0 [ 19.026765] kasan_report+0x141/0x180 [ 19.026802] ? strlen+0x8f/0xb0 [ 19.026830] __asan_report_load1_noabort+0x18/0x20 [ 19.026854] strlen+0x8f/0xb0 [ 19.026878] kasan_strings+0x57b/0xe80 [ 19.026901] ? trace_hardirqs_on+0x37/0xe0 [ 19.026928] ? __pfx_kasan_strings+0x10/0x10 [ 19.026952] ? finish_task_switch.isra.0+0x153/0x700 [ 19.026978] ? __switch_to+0x47/0xf50 [ 19.027022] ? __schedule+0x10cc/0x2b60 [ 19.027048] ? __pfx_read_tsc+0x10/0x10 [ 19.027072] ? ktime_get_ts64+0x86/0x230 [ 19.027099] kunit_try_run_case+0x1a5/0x480 [ 19.027128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.027153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.027179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.027204] ? __kthread_parkme+0x82/0x180 [ 19.027228] ? preempt_count_sub+0x50/0x80 [ 19.027252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.027304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.027331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.027357] kthread+0x337/0x6f0 [ 19.027379] ? trace_preempt_on+0x20/0xc0 [ 19.027403] ? __pfx_kthread+0x10/0x10 [ 19.027425] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.027448] ? calculate_sigpending+0x7b/0xa0 [ 19.027476] ? __pfx_kthread+0x10/0x10 [ 19.027499] ret_from_fork+0x116/0x1d0 [ 19.027519] ? __pfx_kthread+0x10/0x10 [ 19.027541] ret_from_fork_asm+0x1a/0x30 [ 19.027574] </TASK> [ 19.027589] [ 19.038788] Allocated by task 276: [ 19.039015] kasan_save_stack+0x45/0x70 [ 19.039253] kasan_save_track+0x18/0x40 [ 19.039600] kasan_save_alloc_info+0x3b/0x50 [ 19.040039] __kasan_kmalloc+0xb7/0xc0 [ 19.040465] __kmalloc_cache_noprof+0x189/0x420 [ 19.040936] kasan_strings+0xc0/0xe80 [ 19.041329] kunit_try_run_case+0x1a5/0x480 [ 19.041816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.042331] kthread+0x337/0x6f0 [ 19.042727] ret_from_fork+0x116/0x1d0 [ 19.043037] ret_from_fork_asm+0x1a/0x30 [ 19.043413] [ 19.043641] Freed by task 276: [ 19.043893] kasan_save_stack+0x45/0x70 [ 19.044108] kasan_save_track+0x18/0x40 [ 19.044320] kasan_save_free_info+0x3f/0x60 [ 19.044704] __kasan_slab_free+0x56/0x70 [ 19.045128] kfree+0x222/0x3f0 [ 19.045480] kasan_strings+0x2aa/0xe80 [ 19.045890] kunit_try_run_case+0x1a5/0x480 [ 19.046305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.046726] kthread+0x337/0x6f0 [ 19.047044] ret_from_fork+0x116/0x1d0 [ 19.047381] ret_from_fork_asm+0x1a/0x30 [ 19.047590] [ 19.047748] The buggy address belongs to the object at ffff888102327740 [ 19.047748] which belongs to the cache kmalloc-32 of size 32 [ 19.048449] The buggy address is located 16 bytes inside of [ 19.048449] freed 32-byte region [ffff888102327740, ffff888102327760) [ 19.049452] [ 19.049725] The buggy address belongs to the physical page: [ 19.050081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102327 [ 19.050400] flags: 0x200000000000000(node=0|zone=2) [ 19.050630] page_type: f5(slab) [ 19.050849] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.051503] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.052162] page dumped because: kasan: bad access detected [ 19.052596] [ 19.052850] Memory state around the buggy address: [ 19.053329] ffff888102327600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.053936] ffff888102327680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.054292] >ffff888102327700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.054813] ^ [ 19.055066] ffff888102327780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.055352] ffff888102327800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.055711] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.980965] ================================================================== [ 18.981893] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 18.982962] Read of size 1 at addr ffff888102327750 by task kunit_try_catch/276 [ 18.983756] [ 18.983915] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.984083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.984134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.984194] Call Trace: [ 18.984237] <TASK> [ 18.984322] dump_stack_lvl+0x73/0xb0 [ 18.984399] print_report+0xd1/0x650 [ 18.984471] ? __virt_addr_valid+0x1db/0x2d0 [ 18.984512] ? kasan_strings+0xcbc/0xe80 [ 18.984550] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.984585] ? kasan_strings+0xcbc/0xe80 [ 18.984619] kasan_report+0x141/0x180 [ 18.984652] ? kasan_strings+0xcbc/0xe80 [ 18.984725] __asan_report_load1_noabort+0x18/0x20 [ 18.984761] kasan_strings+0xcbc/0xe80 [ 18.984795] ? trace_hardirqs_on+0x37/0xe0 [ 18.984838] ? __pfx_kasan_strings+0x10/0x10 [ 18.984872] ? finish_task_switch.isra.0+0x153/0x700 [ 18.984911] ? __switch_to+0x47/0xf50 [ 18.984941] ? __schedule+0x10cc/0x2b60 [ 18.984966] ? __pfx_read_tsc+0x10/0x10 [ 18.984990] ? ktime_get_ts64+0x86/0x230 [ 18.985016] kunit_try_run_case+0x1a5/0x480 [ 18.985068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.985108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.985147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.985184] ? __kthread_parkme+0x82/0x180 [ 18.985207] ? preempt_count_sub+0x50/0x80 [ 18.985231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.985272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.985305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.985331] kthread+0x337/0x6f0 [ 18.985352] ? trace_preempt_on+0x20/0xc0 [ 18.985377] ? __pfx_kthread+0x10/0x10 [ 18.985399] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.985422] ? calculate_sigpending+0x7b/0xa0 [ 18.985449] ? __pfx_kthread+0x10/0x10 [ 18.985471] ret_from_fork+0x116/0x1d0 [ 18.985491] ? __pfx_kthread+0x10/0x10 [ 18.985513] ret_from_fork_asm+0x1a/0x30 [ 18.985546] </TASK> [ 18.985561] [ 19.000206] Allocated by task 276: [ 19.000476] kasan_save_stack+0x45/0x70 [ 19.001092] kasan_save_track+0x18/0x40 [ 19.001451] kasan_save_alloc_info+0x3b/0x50 [ 19.002104] __kasan_kmalloc+0xb7/0xc0 [ 19.002483] __kmalloc_cache_noprof+0x189/0x420 [ 19.003605] kasan_strings+0xc0/0xe80 [ 19.003988] kunit_try_run_case+0x1a5/0x480 [ 19.004618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.004857] kthread+0x337/0x6f0 [ 19.005394] ret_from_fork+0x116/0x1d0 [ 19.005780] ret_from_fork_asm+0x1a/0x30 [ 19.006143] [ 19.006280] Freed by task 276: [ 19.006468] kasan_save_stack+0x45/0x70 [ 19.006876] kasan_save_track+0x18/0x40 [ 19.007832] kasan_save_free_info+0x3f/0x60 [ 19.008108] __kasan_slab_free+0x56/0x70 [ 19.008299] kfree+0x222/0x3f0 [ 19.008911] kasan_strings+0x2aa/0xe80 [ 19.009460] kunit_try_run_case+0x1a5/0x480 [ 19.009770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.010466] kthread+0x337/0x6f0 [ 19.010884] ret_from_fork+0x116/0x1d0 [ 19.011196] ret_from_fork_asm+0x1a/0x30 [ 19.011667] [ 19.011823] The buggy address belongs to the object at ffff888102327740 [ 19.011823] which belongs to the cache kmalloc-32 of size 32 [ 19.012860] The buggy address is located 16 bytes inside of [ 19.012860] freed 32-byte region [ffff888102327740, ffff888102327760) [ 19.013969] [ 19.014149] The buggy address belongs to the physical page: [ 19.014583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102327 [ 19.015452] flags: 0x200000000000000(node=0|zone=2) [ 19.015662] page_type: f5(slab) [ 19.015962] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.016865] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.017721] page dumped because: kasan: bad access detected [ 19.018026] [ 19.018212] Memory state around the buggy address: [ 19.018543] ffff888102327600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.018880] ffff888102327680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.019594] >ffff888102327700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.020184] ^ [ 19.020726] ffff888102327780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.021630] ffff888102327800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.022326] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.938032] ================================================================== [ 18.939466] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 18.939862] Read of size 1 at addr ffff888102327750 by task kunit_try_catch/276 [ 18.940205] [ 18.940738] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.940865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.940894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.940945] Call Trace: [ 18.940977] <TASK> [ 18.941020] dump_stack_lvl+0x73/0xb0 [ 18.941672] print_report+0xd1/0x650 [ 18.941732] ? __virt_addr_valid+0x1db/0x2d0 [ 18.941762] ? strcmp+0xb0/0xc0 [ 18.941785] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.941810] ? strcmp+0xb0/0xc0 [ 18.941833] kasan_report+0x141/0x180 [ 18.941856] ? strcmp+0xb0/0xc0 [ 18.941883] __asan_report_load1_noabort+0x18/0x20 [ 18.941905] strcmp+0xb0/0xc0 [ 18.941929] kasan_strings+0x431/0xe80 [ 18.941951] ? trace_hardirqs_on+0x37/0xe0 [ 18.941979] ? __pfx_kasan_strings+0x10/0x10 [ 18.942002] ? finish_task_switch.isra.0+0x153/0x700 [ 18.942029] ? __switch_to+0x47/0xf50 [ 18.942102] ? __schedule+0x10cc/0x2b60 [ 18.942147] ? __pfx_read_tsc+0x10/0x10 [ 18.942184] ? ktime_get_ts64+0x86/0x230 [ 18.942227] kunit_try_run_case+0x1a5/0x480 [ 18.942281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.942311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.942338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.942363] ? __kthread_parkme+0x82/0x180 [ 18.942387] ? preempt_count_sub+0x50/0x80 [ 18.942412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.942438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.942464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.942489] kthread+0x337/0x6f0 [ 18.942511] ? trace_preempt_on+0x20/0xc0 [ 18.942535] ? __pfx_kthread+0x10/0x10 [ 18.942558] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.942580] ? calculate_sigpending+0x7b/0xa0 [ 18.942607] ? __pfx_kthread+0x10/0x10 [ 18.942630] ret_from_fork+0x116/0x1d0 [ 18.942650] ? __pfx_kthread+0x10/0x10 [ 18.942713] ret_from_fork_asm+0x1a/0x30 [ 18.942748] </TASK> [ 18.942764] [ 18.958927] Allocated by task 276: [ 18.959722] kasan_save_stack+0x45/0x70 [ 18.960252] kasan_save_track+0x18/0x40 [ 18.960391] kasan_save_alloc_info+0x3b/0x50 [ 18.960493] __kasan_kmalloc+0xb7/0xc0 [ 18.960585] __kmalloc_cache_noprof+0x189/0x420 [ 18.960732] kasan_strings+0xc0/0xe80 [ 18.960901] kunit_try_run_case+0x1a5/0x480 [ 18.961369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.962149] kthread+0x337/0x6f0 [ 18.962510] ret_from_fork+0x116/0x1d0 [ 18.962985] ret_from_fork_asm+0x1a/0x30 [ 18.963714] [ 18.963970] Freed by task 276: [ 18.964206] kasan_save_stack+0x45/0x70 [ 18.964408] kasan_save_track+0x18/0x40 [ 18.964901] kasan_save_free_info+0x3f/0x60 [ 18.965386] __kasan_slab_free+0x56/0x70 [ 18.966125] kfree+0x222/0x3f0 [ 18.966450] kasan_strings+0x2aa/0xe80 [ 18.967011] kunit_try_run_case+0x1a5/0x480 [ 18.967634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.968192] kthread+0x337/0x6f0 [ 18.968825] ret_from_fork+0x116/0x1d0 [ 18.969275] ret_from_fork_asm+0x1a/0x30 [ 18.969723] [ 18.969837] The buggy address belongs to the object at ffff888102327740 [ 18.969837] which belongs to the cache kmalloc-32 of size 32 [ 18.971166] The buggy address is located 16 bytes inside of [ 18.971166] freed 32-byte region [ffff888102327740, ffff888102327760) [ 18.972345] [ 18.972430] The buggy address belongs to the physical page: [ 18.972555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102327 [ 18.972799] flags: 0x200000000000000(node=0|zone=2) [ 18.973274] page_type: f5(slab) [ 18.973594] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.974088] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.974383] page dumped because: kasan: bad access detected [ 18.975171] [ 18.975644] Memory state around the buggy address: [ 18.975861] ffff888102327600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.976540] ffff888102327680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.977176] >ffff888102327700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.978101] ^ [ 18.978534] ffff888102327780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.979181] ffff888102327800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.979444] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.894463] ================================================================== [ 18.894934] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 18.895708] Read of size 1 at addr ffff888102b653d8 by task kunit_try_catch/274 [ 18.897010] [ 18.897202] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.897320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.897386] Call Trace: [ 18.897413] <TASK> [ 18.897484] dump_stack_lvl+0x73/0xb0 [ 18.897553] print_report+0xd1/0x650 [ 18.897594] ? __virt_addr_valid+0x1db/0x2d0 [ 18.897629] ? memcmp+0x1b4/0x1d0 [ 18.897674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.897727] ? memcmp+0x1b4/0x1d0 [ 18.897750] kasan_report+0x141/0x180 [ 18.897772] ? memcmp+0x1b4/0x1d0 [ 18.897798] __asan_report_load1_noabort+0x18/0x20 [ 18.897821] memcmp+0x1b4/0x1d0 [ 18.897845] kasan_memcmp+0x18f/0x390 [ 18.897869] ? __pfx_kasan_memcmp+0x10/0x10 [ 18.897890] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.897919] ? __pfx_kasan_memcmp+0x10/0x10 [ 18.897945] kunit_try_run_case+0x1a5/0x480 [ 18.897971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.897994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.898017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.898045] ? __kthread_parkme+0x82/0x180 [ 18.898096] ? preempt_count_sub+0x50/0x80 [ 18.898138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.898163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.898188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.898212] kthread+0x337/0x6f0 [ 18.898232] ? trace_preempt_on+0x20/0xc0 [ 18.898275] ? __pfx_kthread+0x10/0x10 [ 18.898302] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.898324] ? calculate_sigpending+0x7b/0xa0 [ 18.898350] ? __pfx_kthread+0x10/0x10 [ 18.898373] ret_from_fork+0x116/0x1d0 [ 18.898394] ? __pfx_kthread+0x10/0x10 [ 18.898416] ret_from_fork_asm+0x1a/0x30 [ 18.898448] </TASK> [ 18.898462] [ 18.911604] Allocated by task 274: [ 18.912200] kasan_save_stack+0x45/0x70 [ 18.912628] kasan_save_track+0x18/0x40 [ 18.913013] kasan_save_alloc_info+0x3b/0x50 [ 18.913480] __kasan_kmalloc+0xb7/0xc0 [ 18.913699] __kmalloc_cache_noprof+0x189/0x420 [ 18.914138] kasan_memcmp+0xb7/0x390 [ 18.914468] kunit_try_run_case+0x1a5/0x480 [ 18.914723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.915374] kthread+0x337/0x6f0 [ 18.915949] ret_from_fork+0x116/0x1d0 [ 18.916319] ret_from_fork_asm+0x1a/0x30 [ 18.916559] [ 18.916664] The buggy address belongs to the object at ffff888102b653c0 [ 18.916664] which belongs to the cache kmalloc-32 of size 32 [ 18.917828] The buggy address is located 0 bytes to the right of [ 18.917828] allocated 24-byte region [ffff888102b653c0, ffff888102b653d8) [ 18.918708] [ 18.918910] The buggy address belongs to the physical page: [ 18.919540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b65 [ 18.919930] flags: 0x200000000000000(node=0|zone=2) [ 18.920276] page_type: f5(slab) [ 18.920588] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.921432] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.921950] page dumped because: kasan: bad access detected [ 18.922842] [ 18.922918] Memory state around the buggy address: [ 18.923055] ffff888102b65280: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.923960] ffff888102b65300: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 18.924764] >ffff888102b65380: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.925695] ^ [ 18.926486] ffff888102b65400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.926886] ffff888102b65480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.927867] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.853702] ================================================================== [ 18.854177] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 18.855934] Read of size 1 at addr ffff888103c4fc4a by task kunit_try_catch/270 [ 18.856645] [ 18.857018] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.857297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.857318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.857353] Call Trace: [ 18.857381] <TASK> [ 18.857416] dump_stack_lvl+0x73/0xb0 [ 18.857461] print_report+0xd1/0x650 [ 18.857487] ? __virt_addr_valid+0x1db/0x2d0 [ 18.857511] ? kasan_alloca_oob_right+0x329/0x390 [ 18.857535] ? kasan_addr_to_slab+0x11/0xa0 [ 18.857557] ? kasan_alloca_oob_right+0x329/0x390 [ 18.857581] kasan_report+0x141/0x180 [ 18.857604] ? kasan_alloca_oob_right+0x329/0x390 [ 18.857632] __asan_report_load1_noabort+0x18/0x20 [ 18.857654] kasan_alloca_oob_right+0x329/0x390 [ 18.857732] ? pick_task_fair+0xc9/0x340 [ 18.857784] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 18.857832] ? trace_hardirqs_on+0x37/0xe0 [ 18.857867] ? __schedule+0x207f/0x2b60 [ 18.857891] ? __pfx_read_tsc+0x10/0x10 [ 18.857913] ? ktime_get_ts64+0x86/0x230 [ 18.857939] kunit_try_run_case+0x1a5/0x480 [ 18.857965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.857988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.858012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.858053] ? __kthread_parkme+0x82/0x180 [ 18.858177] ? preempt_count_sub+0x50/0x80 [ 18.858202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.858228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.858253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.858299] kthread+0x337/0x6f0 [ 18.858320] ? trace_preempt_on+0x20/0xc0 [ 18.858343] ? __pfx_kthread+0x10/0x10 [ 18.858364] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.858386] ? calculate_sigpending+0x7b/0xa0 [ 18.858412] ? __pfx_kthread+0x10/0x10 [ 18.858434] ret_from_fork+0x116/0x1d0 [ 18.858453] ? __pfx_kthread+0x10/0x10 [ 18.858475] ret_from_fork_asm+0x1a/0x30 [ 18.858507] </TASK> [ 18.858520] [ 18.871991] The buggy address belongs to stack of task kunit_try_catch/270 [ 18.872791] [ 18.873017] The buggy address belongs to the physical page: [ 18.873614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c4f [ 18.874488] flags: 0x200000000000000(node=0|zone=2) [ 18.875250] raw: 0200000000000000 ffffea00040f13c8 ffffea00040f13c8 0000000000000000 [ 18.876017] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.876464] page dumped because: kasan: bad access detected [ 18.877217] [ 18.877377] Memory state around the buggy address: [ 18.877622] ffff888103c4fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.878394] ffff888103c4fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.878751] >ffff888103c4fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.880100] ^ [ 18.880491] ffff888103c4fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 18.881492] ffff888103c4fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.881938] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.822713] ================================================================== [ 18.823581] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 18.824337] Read of size 1 at addr ffff888103bb7c3f by task kunit_try_catch/268 [ 18.825299] [ 18.825495] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.825633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.825659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.825702] Call Trace: [ 18.825732] <TASK> [ 18.825768] dump_stack_lvl+0x73/0xb0 [ 18.825820] print_report+0xd1/0x650 [ 18.825847] ? __virt_addr_valid+0x1db/0x2d0 [ 18.825872] ? kasan_alloca_oob_left+0x320/0x380 [ 18.825897] ? kasan_addr_to_slab+0x11/0xa0 [ 18.825930] ? kasan_alloca_oob_left+0x320/0x380 [ 18.825970] kasan_report+0x141/0x180 [ 18.826028] ? kasan_alloca_oob_left+0x320/0x380 [ 18.826102] __asan_report_load1_noabort+0x18/0x20 [ 18.826138] kasan_alloca_oob_left+0x320/0x380 [ 18.826167] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.826191] ? finish_task_switch.isra.0+0x153/0x700 [ 18.826216] ? schedule+0x1ee/0x2e0 [ 18.826238] ? trace_hardirqs_on+0x37/0xe0 [ 18.826278] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 18.826307] ? __schedule+0x10cc/0x2b60 [ 18.826330] ? __pfx_read_tsc+0x10/0x10 [ 18.826353] ? ktime_get_ts64+0x86/0x230 [ 18.826379] kunit_try_run_case+0x1a5/0x480 [ 18.826406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.826431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.826454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.826478] ? __kthread_parkme+0x82/0x180 [ 18.826500] ? preempt_count_sub+0x50/0x80 [ 18.826524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.826550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.826575] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.826599] kthread+0x337/0x6f0 [ 18.826621] ? trace_preempt_on+0x20/0xc0 [ 18.826644] ? __pfx_kthread+0x10/0x10 [ 18.826675] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.826707] ? calculate_sigpending+0x7b/0xa0 [ 18.826734] ? __pfx_kthread+0x10/0x10 [ 18.826757] ret_from_fork+0x116/0x1d0 [ 18.826776] ? __pfx_kthread+0x10/0x10 [ 18.826798] ret_from_fork_asm+0x1a/0x30 [ 18.826830] </TASK> [ 18.826844] [ 18.840502] The buggy address belongs to stack of task kunit_try_catch/268 [ 18.841013] [ 18.841114] The buggy address belongs to the physical page: [ 18.841320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bb7 [ 18.842153] flags: 0x200000000000000(node=0|zone=2) [ 18.842572] raw: 0200000000000000 ffffea00040eedc8 ffffea00040eedc8 0000000000000000 [ 18.842952] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.843653] page dumped because: kasan: bad access detected [ 18.843861] [ 18.843948] Memory state around the buggy address: [ 18.844119] ffff888103bb7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.844383] ffff888103bb7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.845514] >ffff888103bb7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.845992] ^ [ 18.846632] ffff888103bb7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 18.847307] ffff888103bb7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.847786] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.786952] ================================================================== [ 18.787880] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 18.788296] Read of size 1 at addr ffff888103bbfd02 by task kunit_try_catch/266 [ 18.788637] [ 18.788795] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.788901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.788929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.788962] Call Trace: [ 18.788979] <TASK> [ 18.789002] dump_stack_lvl+0x73/0xb0 [ 18.789039] print_report+0xd1/0x650 [ 18.789064] ? __virt_addr_valid+0x1db/0x2d0 [ 18.789100] ? kasan_stack_oob+0x2b5/0x300 [ 18.789134] ? kasan_addr_to_slab+0x11/0xa0 [ 18.789157] ? kasan_stack_oob+0x2b5/0x300 [ 18.789179] kasan_report+0x141/0x180 [ 18.789202] ? kasan_stack_oob+0x2b5/0x300 [ 18.789228] __asan_report_load1_noabort+0x18/0x20 [ 18.789250] kasan_stack_oob+0x2b5/0x300 [ 18.789402] ? __pfx_kasan_stack_oob+0x10/0x10 [ 18.789442] ? finish_task_switch.isra.0+0x153/0x700 [ 18.789480] ? __switch_to+0x47/0xf50 [ 18.789530] ? __schedule+0x10cc/0x2b60 [ 18.789572] ? __pfx_read_tsc+0x10/0x10 [ 18.789613] ? ktime_get_ts64+0x86/0x230 [ 18.789662] kunit_try_run_case+0x1a5/0x480 [ 18.789714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.789762] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.789812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.789862] ? __kthread_parkme+0x82/0x180 [ 18.789908] ? preempt_count_sub+0x50/0x80 [ 18.789958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.790010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.790062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.790115] kthread+0x337/0x6f0 [ 18.790158] ? trace_preempt_on+0x20/0xc0 [ 18.790207] ? __pfx_kthread+0x10/0x10 [ 18.790284] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.790322] ? calculate_sigpending+0x7b/0xa0 [ 18.790364] ? __pfx_kthread+0x10/0x10 [ 18.790401] ret_from_fork+0x116/0x1d0 [ 18.790471] ? __pfx_kthread+0x10/0x10 [ 18.790510] ret_from_fork_asm+0x1a/0x30 [ 18.790578] </TASK> [ 18.790600] [ 18.804639] The buggy address belongs to stack of task kunit_try_catch/266 [ 18.805362] and is located at offset 138 in frame: [ 18.805712] kasan_stack_oob+0x0/0x300 [ 18.806418] [ 18.806865] This frame has 4 objects: [ 18.807805] [48, 49) '__assertion' [ 18.807870] [64, 72) 'array' [ 18.808192] [96, 112) '__assertion' [ 18.808446] [128, 138) 'stack_array' [ 18.808692] [ 18.809394] The buggy address belongs to the physical page: [ 18.809709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bbf [ 18.810315] flags: 0x200000000000000(node=0|zone=2) [ 18.811083] raw: 0200000000000000 ffffea00040eefc8 ffffea00040eefc8 0000000000000000 [ 18.811890] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.812573] page dumped because: kasan: bad access detected [ 18.813018] [ 18.813342] Memory state around the buggy address: [ 18.813797] ffff888103bbfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.814360] ffff888103bbfc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 18.815477] >ffff888103bbfd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.815941] ^ [ 18.816143] ffff888103bbfd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 18.816652] ffff888103bbfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.817116] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.748803] ================================================================== [ 18.749445] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 18.750695] Read of size 1 at addr ffffffff9325ef0d by task kunit_try_catch/262 [ 18.751424] [ 18.751634] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.751717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.751732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.751759] Call Trace: [ 18.751776] <TASK> [ 18.751798] dump_stack_lvl+0x73/0xb0 [ 18.751841] print_report+0xd1/0x650 [ 18.751868] ? __virt_addr_valid+0x1db/0x2d0 [ 18.751895] ? kasan_global_oob_right+0x286/0x2d0 [ 18.751919] ? kasan_addr_to_slab+0x11/0xa0 [ 18.751942] ? kasan_global_oob_right+0x286/0x2d0 [ 18.751966] kasan_report+0x141/0x180 [ 18.751990] ? kasan_global_oob_right+0x286/0x2d0 [ 18.752018] __asan_report_load1_noabort+0x18/0x20 [ 18.752048] kasan_global_oob_right+0x286/0x2d0 [ 18.752277] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 18.752353] ? __schedule+0x10cc/0x2b60 [ 18.752430] ? __pfx_read_tsc+0x10/0x10 [ 18.752487] ? ktime_get_ts64+0x86/0x230 [ 18.752542] kunit_try_run_case+0x1a5/0x480 [ 18.752602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.752652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.752733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.752762] ? __kthread_parkme+0x82/0x180 [ 18.752787] ? preempt_count_sub+0x50/0x80 [ 18.752814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.752848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.752892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.752918] kthread+0x337/0x6f0 [ 18.752940] ? trace_preempt_on+0x20/0xc0 [ 18.752967] ? __pfx_kthread+0x10/0x10 [ 18.752990] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.753013] ? calculate_sigpending+0x7b/0xa0 [ 18.753045] ? __pfx_kthread+0x10/0x10 [ 18.753108] ret_from_fork+0x116/0x1d0 [ 18.753142] ? __pfx_kthread+0x10/0x10 [ 18.753176] ret_from_fork_asm+0x1a/0x30 [ 18.753230] </TASK> [ 18.753249] [ 18.767390] The buggy address belongs to the variable: [ 18.767644] global_array+0xd/0x40 [ 18.768212] [ 18.768487] The buggy address belongs to the physical page: [ 18.768998] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13f25e [ 18.769770] flags: 0x200000000002000(reserved|node=0|zone=2) [ 18.770296] raw: 0200000000002000 ffffea0004fc9788 ffffea0004fc9788 0000000000000000 [ 18.770819] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.771507] page dumped because: kasan: bad access detected [ 18.771724] [ 18.771921] Memory state around the buggy address: [ 18.772697] ffffffff9325ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.773439] ffffffff9325ee80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.774255] >ffffffff9325ef00: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 18.774628] ^ [ 18.775328] ffffffff9325ef80: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 18.775976] ffffffff9325f000: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 18.777186] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.673656] ================================================================== [ 18.674616] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.675072] Free of addr ffff888102306c01 by task kunit_try_catch/258 [ 18.675926] [ 18.676124] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.676234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.676273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.676319] Call Trace: [ 18.676349] <TASK> [ 18.676384] dump_stack_lvl+0x73/0xb0 [ 18.676453] print_report+0xd1/0x650 [ 18.676500] ? __virt_addr_valid+0x1db/0x2d0 [ 18.676550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.676593] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.676639] kasan_report_invalid_free+0x10a/0x130 [ 18.676674] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.676740] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.676767] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.676796] check_slab_allocation+0x11f/0x130 [ 18.676821] __kasan_mempool_poison_object+0x91/0x1d0 [ 18.676848] mempool_free+0x2ec/0x380 [ 18.676875] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.676903] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 18.676933] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.676957] ? irqentry_exit+0x2a/0x60 [ 18.676981] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.677008] mempool_kmalloc_invalid_free+0xed/0x140 [ 18.677034] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 18.677062] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.677083] ? __pfx_mempool_kfree+0x10/0x10 [ 18.677106] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 18.677134] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 18.677162] kunit_try_run_case+0x1a5/0x480 [ 18.677191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.677216] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.677241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.677288] ? __kthread_parkme+0x82/0x180 [ 18.677314] ? preempt_count_sub+0x50/0x80 [ 18.677340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.677367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.677392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.677417] kthread+0x337/0x6f0 [ 18.677438] ? trace_preempt_on+0x20/0xc0 [ 18.677465] ? __pfx_kthread+0x10/0x10 [ 18.677486] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.677510] ? calculate_sigpending+0x7b/0xa0 [ 18.677537] ? __pfx_kthread+0x10/0x10 [ 18.677560] ret_from_fork+0x116/0x1d0 [ 18.677581] ? __pfx_kthread+0x10/0x10 [ 18.677604] ret_from_fork_asm+0x1a/0x30 [ 18.677636] </TASK> [ 18.677650] [ 18.689481] Allocated by task 258: [ 18.689724] kasan_save_stack+0x45/0x70 [ 18.690091] kasan_save_track+0x18/0x40 [ 18.690416] kasan_save_alloc_info+0x3b/0x50 [ 18.690738] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.691195] remove_element+0x11e/0x190 [ 18.691473] mempool_alloc_preallocated+0x4d/0x90 [ 18.691867] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 18.692199] mempool_kmalloc_invalid_free+0xed/0x140 [ 18.692556] kunit_try_run_case+0x1a5/0x480 [ 18.693006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.693271] kthread+0x337/0x6f0 [ 18.693565] ret_from_fork+0x116/0x1d0 [ 18.693807] ret_from_fork_asm+0x1a/0x30 [ 18.694122] [ 18.694246] The buggy address belongs to the object at ffff888102306c00 [ 18.694246] which belongs to the cache kmalloc-128 of size 128 [ 18.695130] The buggy address is located 1 bytes inside of [ 18.695130] 128-byte region [ffff888102306c00, ffff888102306c80) [ 18.695954] [ 18.696081] The buggy address belongs to the physical page: [ 18.696499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 18.697045] flags: 0x200000000000000(node=0|zone=2) [ 18.697468] page_type: f5(slab) [ 18.697690] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.698049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.698390] page dumped because: kasan: bad access detected [ 18.698810] [ 18.699003] Memory state around the buggy address: [ 18.699399] ffff888102306b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.699946] ffff888102306b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.700278] >ffff888102306c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.700668] ^ [ 18.700835] ffff888102306c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.701104] ffff888102306d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.701482] ================================================================== [ 18.712784] ================================================================== [ 18.713679] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.714367] Free of addr ffff888103cd0001 by task kunit_try_catch/260 [ 18.715387] [ 18.715745] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.715880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.715901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.715927] Call Trace: [ 18.715945] <TASK> [ 18.715968] dump_stack_lvl+0x73/0xb0 [ 18.716012] print_report+0xd1/0x650 [ 18.716045] ? __virt_addr_valid+0x1db/0x2d0 [ 18.716142] ? kasan_addr_to_slab+0x11/0xa0 [ 18.716179] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.716211] kasan_report_invalid_free+0x10a/0x130 [ 18.716238] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.716289] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.716319] __kasan_mempool_poison_object+0x102/0x1d0 [ 18.716346] mempool_free+0x2ec/0x380 [ 18.716374] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.716403] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 18.716433] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.716458] ? finish_task_switch.isra.0+0x153/0x700 [ 18.716486] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 18.716513] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 18.716543] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.716564] ? __pfx_mempool_kfree+0x10/0x10 [ 18.716588] ? __pfx_read_tsc+0x10/0x10 [ 18.716612] ? ktime_get_ts64+0x86/0x230 [ 18.716639] kunit_try_run_case+0x1a5/0x480 [ 18.716677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.716710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.716736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.716760] ? __kthread_parkme+0x82/0x180 [ 18.716783] ? preempt_count_sub+0x50/0x80 [ 18.716806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.716831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.716856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.716881] kthread+0x337/0x6f0 [ 18.716904] ? __pfx_kthread+0x10/0x10 [ 18.716927] ? recalc_sigpending+0x168/0x1f0 [ 18.716954] ? calculate_sigpending+0x7b/0xa0 [ 18.716980] ? __pfx_kthread+0x10/0x10 [ 18.717004] ret_from_fork+0x116/0x1d0 [ 18.717024] ? __pfx_kthread+0x10/0x10 [ 18.717057] ret_from_fork_asm+0x1a/0x30 [ 18.717110] </TASK> [ 18.717130] [ 18.731821] The buggy address belongs to the physical page: [ 18.732457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cd0 [ 18.732996] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.733686] flags: 0x200000000000040(head|node=0|zone=2) [ 18.734559] page_type: f8(unknown) [ 18.734944] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.735711] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.736314] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.736954] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.737500] head: 0200000000000002 ffffea00040f3401 00000000ffffffff 00000000ffffffff [ 18.737900] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.738293] page dumped because: kasan: bad access detected [ 18.738709] [ 18.738890] Memory state around the buggy address: [ 18.739172] ffff888103ccff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.739786] ffff888103ccff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.740620] >ffff888103cd0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.741308] ^ [ 18.741618] ffff888103cd0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.741969] ffff888103cd0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.742634] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.550512] ================================================================== [ 18.551022] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 18.551687] Free of addr ffff888102b61000 by task kunit_try_catch/252 [ 18.552154] [ 18.552334] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.552441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.552464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.552504] Call Trace: [ 18.552525] <TASK> [ 18.552603] dump_stack_lvl+0x73/0xb0 [ 18.552687] print_report+0xd1/0x650 [ 18.552734] ? __virt_addr_valid+0x1db/0x2d0 [ 18.552787] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.552833] ? mempool_double_free_helper+0x184/0x370 [ 18.552879] kasan_report_invalid_free+0x10a/0x130 [ 18.552948] ? mempool_double_free_helper+0x184/0x370 [ 18.552990] ? mempool_double_free_helper+0x184/0x370 [ 18.553375] ? mempool_double_free_helper+0x184/0x370 [ 18.553422] check_slab_allocation+0x101/0x130 [ 18.553469] __kasan_mempool_poison_object+0x91/0x1d0 [ 18.553518] mempool_free+0x2ec/0x380 [ 18.553570] mempool_double_free_helper+0x184/0x370 [ 18.553617] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 18.553657] ? update_load_avg+0x1be/0x21b0 [ 18.553886] ? update_load_avg+0x1be/0x21b0 [ 18.553935] ? update_curr+0x80/0x810 [ 18.553981] ? finish_task_switch.isra.0+0x153/0x700 [ 18.554016] mempool_kmalloc_double_free+0xed/0x140 [ 18.554052] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 18.554160] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.554181] ? __pfx_mempool_kfree+0x10/0x10 [ 18.554204] ? __pfx_read_tsc+0x10/0x10 [ 18.554229] ? ktime_get_ts64+0x86/0x230 [ 18.554271] kunit_try_run_case+0x1a5/0x480 [ 18.554308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.554332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.554360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.554383] ? __kthread_parkme+0x82/0x180 [ 18.554407] ? preempt_count_sub+0x50/0x80 [ 18.554431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.554456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.554480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.554505] kthread+0x337/0x6f0 [ 18.554526] ? trace_preempt_on+0x20/0xc0 [ 18.554552] ? __pfx_kthread+0x10/0x10 [ 18.554574] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.554596] ? calculate_sigpending+0x7b/0xa0 [ 18.554623] ? __pfx_kthread+0x10/0x10 [ 18.554645] ret_from_fork+0x116/0x1d0 [ 18.554674] ? __pfx_kthread+0x10/0x10 [ 18.554703] ret_from_fork_asm+0x1a/0x30 [ 18.554736] </TASK> [ 18.554750] [ 18.570729] Allocated by task 252: [ 18.570963] kasan_save_stack+0x45/0x70 [ 18.571215] kasan_save_track+0x18/0x40 [ 18.571714] kasan_save_alloc_info+0x3b/0x50 [ 18.572084] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.572581] remove_element+0x11e/0x190 [ 18.573154] mempool_alloc_preallocated+0x4d/0x90 [ 18.573552] mempool_double_free_helper+0x8a/0x370 [ 18.574213] mempool_kmalloc_double_free+0xed/0x140 [ 18.574618] kunit_try_run_case+0x1a5/0x480 [ 18.575101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.575359] kthread+0x337/0x6f0 [ 18.575670] ret_from_fork+0x116/0x1d0 [ 18.576464] ret_from_fork_asm+0x1a/0x30 [ 18.576958] [ 18.577341] Freed by task 252: [ 18.577618] kasan_save_stack+0x45/0x70 [ 18.577941] kasan_save_track+0x18/0x40 [ 18.578570] kasan_save_free_info+0x3f/0x60 [ 18.578821] __kasan_mempool_poison_object+0x131/0x1d0 [ 18.579080] mempool_free+0x2ec/0x380 [ 18.579423] mempool_double_free_helper+0x109/0x370 [ 18.580026] mempool_kmalloc_double_free+0xed/0x140 [ 18.581023] kunit_try_run_case+0x1a5/0x480 [ 18.581431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.582060] kthread+0x337/0x6f0 [ 18.582393] ret_from_fork+0x116/0x1d0 [ 18.582794] ret_from_fork_asm+0x1a/0x30 [ 18.583008] [ 18.583422] The buggy address belongs to the object at ffff888102b61000 [ 18.583422] which belongs to the cache kmalloc-128 of size 128 [ 18.584542] The buggy address is located 0 bytes inside of [ 18.584542] 128-byte region [ffff888102b61000, ffff888102b61080) [ 18.585351] [ 18.585913] The buggy address belongs to the physical page: [ 18.586302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b61 [ 18.586559] flags: 0x200000000000000(node=0|zone=2) [ 18.587023] page_type: f5(slab) [ 18.587841] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.588130] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.588714] page dumped because: kasan: bad access detected [ 18.588994] [ 18.589167] Memory state around the buggy address: [ 18.589909] ffff888102b60f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.590811] ffff888102b60f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.591499] >ffff888102b61000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.592853] ^ [ 18.593110] ffff888102b61080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.593378] ffff888102b61100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.594546] ================================================================== [ 18.601769] ================================================================== [ 18.602883] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 18.603651] Free of addr ffff888103cd0000 by task kunit_try_catch/254 [ 18.604455] [ 18.604855] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.605398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.605423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.605463] Call Trace: [ 18.605488] <TASK> [ 18.605523] dump_stack_lvl+0x73/0xb0 [ 18.605586] print_report+0xd1/0x650 [ 18.605627] ? __virt_addr_valid+0x1db/0x2d0 [ 18.605675] ? kasan_addr_to_slab+0x11/0xa0 [ 18.605734] ? mempool_double_free_helper+0x184/0x370 [ 18.605762] kasan_report_invalid_free+0x10a/0x130 [ 18.605789] ? mempool_double_free_helper+0x184/0x370 [ 18.605818] ? mempool_double_free_helper+0x184/0x370 [ 18.605844] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 18.605870] mempool_free+0x2ec/0x380 [ 18.605897] mempool_double_free_helper+0x184/0x370 [ 18.605923] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 18.605952] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.605978] ? finish_task_switch.isra.0+0x153/0x700 [ 18.606006] mempool_kmalloc_large_double_free+0xed/0x140 [ 18.606033] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 18.606169] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.606193] ? __pfx_mempool_kfree+0x10/0x10 [ 18.606216] ? __pfx_read_tsc+0x10/0x10 [ 18.606241] ? ktime_get_ts64+0x86/0x230 [ 18.606287] kunit_try_run_case+0x1a5/0x480 [ 18.606319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.606344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.606370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.606393] ? __kthread_parkme+0x82/0x180 [ 18.606417] ? preempt_count_sub+0x50/0x80 [ 18.606441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.606467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.606491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.606516] kthread+0x337/0x6f0 [ 18.606538] ? trace_preempt_on+0x20/0xc0 [ 18.606566] ? __pfx_kthread+0x10/0x10 [ 18.606589] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.606610] ? calculate_sigpending+0x7b/0xa0 [ 18.606638] ? __pfx_kthread+0x10/0x10 [ 18.606666] ret_from_fork+0x116/0x1d0 [ 18.606707] ? __pfx_kthread+0x10/0x10 [ 18.606730] ret_from_fork_asm+0x1a/0x30 [ 18.606763] </TASK> [ 18.606778] [ 18.624389] The buggy address belongs to the physical page: [ 18.625215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cd0 [ 18.625705] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.626086] flags: 0x200000000000040(head|node=0|zone=2) [ 18.626558] page_type: f8(unknown) [ 18.626995] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.627342] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.628092] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.629097] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.630252] head: 0200000000000002 ffffea00040f3401 00000000ffffffff 00000000ffffffff [ 18.630619] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.631417] page dumped because: kasan: bad access detected [ 18.631628] [ 18.631756] Memory state around the buggy address: [ 18.632715] ffff888103ccff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.633397] ffff888103ccff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.633664] >ffff888103cd0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.634424] ^ [ 18.634899] ffff888103cd0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.635926] ffff888103cd0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.636606] ================================================================== [ 18.642909] ================================================================== [ 18.644351] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 18.644804] Free of addr ffff888103cd0000 by task kunit_try_catch/256 [ 18.645529] [ 18.645763] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.645875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.645899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.645943] Call Trace: [ 18.645973] <TASK> [ 18.646013] dump_stack_lvl+0x73/0xb0 [ 18.646099] print_report+0xd1/0x650 [ 18.646149] ? __virt_addr_valid+0x1db/0x2d0 [ 18.646191] ? kasan_addr_to_slab+0x11/0xa0 [ 18.646215] ? mempool_double_free_helper+0x184/0x370 [ 18.646243] kasan_report_invalid_free+0x10a/0x130 [ 18.646300] ? mempool_double_free_helper+0x184/0x370 [ 18.646348] ? mempool_double_free_helper+0x184/0x370 [ 18.646389] __kasan_mempool_poison_pages+0x115/0x130 [ 18.646432] mempool_free+0x290/0x380 [ 18.646485] mempool_double_free_helper+0x184/0x370 [ 18.646539] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 18.646597] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.646649] ? finish_task_switch.isra.0+0x153/0x700 [ 18.646708] mempool_page_alloc_double_free+0xe8/0x140 [ 18.646794] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 18.646841] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 18.646873] ? __pfx_mempool_free_pages+0x10/0x10 [ 18.646928] ? __pfx_read_tsc+0x10/0x10 [ 18.646967] ? ktime_get_ts64+0x86/0x230 [ 18.647024] kunit_try_run_case+0x1a5/0x480 [ 18.647139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.647169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.647197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.647221] ? __kthread_parkme+0x82/0x180 [ 18.647245] ? preempt_count_sub+0x50/0x80 [ 18.647292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.647320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.647346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.647371] kthread+0x337/0x6f0 [ 18.647393] ? trace_preempt_on+0x20/0xc0 [ 18.647419] ? __pfx_kthread+0x10/0x10 [ 18.647442] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.647464] ? calculate_sigpending+0x7b/0xa0 [ 18.647492] ? __pfx_kthread+0x10/0x10 [ 18.647515] ret_from_fork+0x116/0x1d0 [ 18.647536] ? __pfx_kthread+0x10/0x10 [ 18.647558] ret_from_fork_asm+0x1a/0x30 [ 18.647591] </TASK> [ 18.647606] [ 18.660316] The buggy address belongs to the physical page: [ 18.660670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103cd0 [ 18.661137] flags: 0x200000000000000(node=0|zone=2) [ 18.661547] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.661857] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.662401] page dumped because: kasan: bad access detected [ 18.662781] [ 18.663030] Memory state around the buggy address: [ 18.663314] ffff888103ccff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.663845] ffff888103ccff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.664118] >ffff888103cd0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.664610] ^ [ 18.664927] ffff888103cd0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.665278] ffff888103cd0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.665667] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.521988] ================================================================== [ 18.522529] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.523524] Read of size 1 at addr ffff888103d0c000 by task kunit_try_catch/250 [ 18.524442] [ 18.524676] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.524788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.524816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.524862] Call Trace: [ 18.524890] <TASK> [ 18.524928] dump_stack_lvl+0x73/0xb0 [ 18.524992] print_report+0xd1/0x650 [ 18.525038] ? __virt_addr_valid+0x1db/0x2d0 [ 18.525080] ? mempool_uaf_helper+0x392/0x400 [ 18.525121] ? kasan_addr_to_slab+0x11/0xa0 [ 18.525161] ? mempool_uaf_helper+0x392/0x400 [ 18.525205] kasan_report+0x141/0x180 [ 18.525232] ? mempool_uaf_helper+0x392/0x400 [ 18.525283] __asan_report_load1_noabort+0x18/0x20 [ 18.525311] mempool_uaf_helper+0x392/0x400 [ 18.525336] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.525361] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.525387] ? finish_task_switch.isra.0+0x153/0x700 [ 18.525414] mempool_page_alloc_uaf+0xed/0x140 [ 18.525439] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 18.525466] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 18.525490] ? __pfx_mempool_free_pages+0x10/0x10 [ 18.525514] ? __pfx_read_tsc+0x10/0x10 [ 18.525537] ? ktime_get_ts64+0x86/0x230 [ 18.525563] kunit_try_run_case+0x1a5/0x480 [ 18.525590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.525614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.525639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.525670] ? __kthread_parkme+0x82/0x180 [ 18.525716] ? preempt_count_sub+0x50/0x80 [ 18.525740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.525765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.525789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.525813] kthread+0x337/0x6f0 [ 18.525834] ? trace_preempt_on+0x20/0xc0 [ 18.525860] ? __pfx_kthread+0x10/0x10 [ 18.525882] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.525904] ? calculate_sigpending+0x7b/0xa0 [ 18.525930] ? __pfx_kthread+0x10/0x10 [ 18.525952] ret_from_fork+0x116/0x1d0 [ 18.525972] ? __pfx_kthread+0x10/0x10 [ 18.525993] ret_from_fork_asm+0x1a/0x30 [ 18.526024] </TASK> [ 18.526038] [ 18.538009] The buggy address belongs to the physical page: [ 18.538514] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d0c [ 18.539054] flags: 0x200000000000000(node=0|zone=2) [ 18.539349] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.540022] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.540498] page dumped because: kasan: bad access detected [ 18.540785] [ 18.541023] Memory state around the buggy address: [ 18.541397] ffff888103d0bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.541813] ffff888103d0bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.542129] >ffff888103d0c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.542704] ^ [ 18.543036] ffff888103d0c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.543375] ffff888103d0c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.543699] ================================================================== [ 18.436339] ================================================================== [ 18.436866] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.437587] Read of size 1 at addr ffff888103d08000 by task kunit_try_catch/246 [ 18.438044] [ 18.438217] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.438393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.438420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.438459] Call Trace: [ 18.438484] <TASK> [ 18.438516] dump_stack_lvl+0x73/0xb0 [ 18.438574] print_report+0xd1/0x650 [ 18.438615] ? __virt_addr_valid+0x1db/0x2d0 [ 18.438676] ? mempool_uaf_helper+0x392/0x400 [ 18.438724] ? kasan_addr_to_slab+0x11/0xa0 [ 18.438766] ? mempool_uaf_helper+0x392/0x400 [ 18.438811] kasan_report+0x141/0x180 [ 18.438859] ? mempool_uaf_helper+0x392/0x400 [ 18.438916] __asan_report_load1_noabort+0x18/0x20 [ 18.438963] mempool_uaf_helper+0x392/0x400 [ 18.439032] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.439079] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.439114] ? finish_task_switch.isra.0+0x153/0x700 [ 18.439153] mempool_kmalloc_large_uaf+0xef/0x140 [ 18.439192] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 18.439226] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.439250] ? __pfx_mempool_kfree+0x10/0x10 [ 18.439297] ? __pfx_read_tsc+0x10/0x10 [ 18.439321] ? ktime_get_ts64+0x86/0x230 [ 18.439347] kunit_try_run_case+0x1a5/0x480 [ 18.439374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.439398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.439423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.439447] ? __kthread_parkme+0x82/0x180 [ 18.439470] ? preempt_count_sub+0x50/0x80 [ 18.439494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.439520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.439545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.439570] kthread+0x337/0x6f0 [ 18.439591] ? trace_preempt_on+0x20/0xc0 [ 18.439617] ? __pfx_kthread+0x10/0x10 [ 18.439639] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.439660] ? calculate_sigpending+0x7b/0xa0 [ 18.439686] ? __pfx_kthread+0x10/0x10 [ 18.439709] ret_from_fork+0x116/0x1d0 [ 18.439729] ? __pfx_kthread+0x10/0x10 [ 18.439751] ret_from_fork_asm+0x1a/0x30 [ 18.439783] </TASK> [ 18.439797] [ 18.451995] The buggy address belongs to the physical page: [ 18.452631] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103d08 [ 18.453294] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.453594] flags: 0x200000000000040(head|node=0|zone=2) [ 18.454292] page_type: f8(unknown) [ 18.454626] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.455366] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.455784] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.456250] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.456846] head: 0200000000000002 ffffea00040f4201 00000000ffffffff 00000000ffffffff [ 18.457529] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.457944] page dumped because: kasan: bad access detected [ 18.458410] [ 18.458544] Memory state around the buggy address: [ 18.458864] ffff888103d07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.459562] ffff888103d07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.460001] >ffff888103d08000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.460417] ^ [ 18.460722] ffff888103d08080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.461423] ffff888103d08100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.461989] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.392848] ================================================================== [ 18.393421] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.393995] Read of size 1 at addr ffff888102306800 by task kunit_try_catch/244 [ 18.394533] [ 18.394719] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.394835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.394863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.394904] Call Trace: [ 18.394932] <TASK> [ 18.394972] dump_stack_lvl+0x73/0xb0 [ 18.395080] print_report+0xd1/0x650 [ 18.395128] ? __virt_addr_valid+0x1db/0x2d0 [ 18.395174] ? mempool_uaf_helper+0x392/0x400 [ 18.395221] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.395316] ? mempool_uaf_helper+0x392/0x400 [ 18.395371] kasan_report+0x141/0x180 [ 18.395424] ? mempool_uaf_helper+0x392/0x400 [ 18.395485] __asan_report_load1_noabort+0x18/0x20 [ 18.395529] mempool_uaf_helper+0x392/0x400 [ 18.395574] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.395619] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.395694] ? finish_task_switch.isra.0+0x153/0x700 [ 18.395751] mempool_kmalloc_uaf+0xef/0x140 [ 18.395801] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 18.395847] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.395890] ? __pfx_mempool_kfree+0x10/0x10 [ 18.395936] ? __pfx_read_tsc+0x10/0x10 [ 18.395978] ? ktime_get_ts64+0x86/0x230 [ 18.396026] kunit_try_run_case+0x1a5/0x480 [ 18.396078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.396122] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.396177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.396225] ? __kthread_parkme+0x82/0x180 [ 18.396277] ? preempt_count_sub+0x50/0x80 [ 18.396324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.396376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.396421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.396468] kthread+0x337/0x6f0 [ 18.396511] ? trace_preempt_on+0x20/0xc0 [ 18.396558] ? __pfx_kthread+0x10/0x10 [ 18.396585] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.396610] ? calculate_sigpending+0x7b/0xa0 [ 18.396639] ? __pfx_kthread+0x10/0x10 [ 18.396688] ret_from_fork+0x116/0x1d0 [ 18.396737] ? __pfx_kthread+0x10/0x10 [ 18.396762] ret_from_fork_asm+0x1a/0x30 [ 18.396796] </TASK> [ 18.396812] [ 18.410487] Allocated by task 244: [ 18.410890] kasan_save_stack+0x45/0x70 [ 18.411404] kasan_save_track+0x18/0x40 [ 18.411732] kasan_save_alloc_info+0x3b/0x50 [ 18.412241] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.412722] remove_element+0x11e/0x190 [ 18.412908] mempool_alloc_preallocated+0x4d/0x90 [ 18.413095] mempool_uaf_helper+0x96/0x400 [ 18.413285] mempool_kmalloc_uaf+0xef/0x140 [ 18.413528] kunit_try_run_case+0x1a5/0x480 [ 18.414548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.415087] kthread+0x337/0x6f0 [ 18.415436] ret_from_fork+0x116/0x1d0 [ 18.415870] ret_from_fork_asm+0x1a/0x30 [ 18.416347] [ 18.416676] Freed by task 244: [ 18.416989] kasan_save_stack+0x45/0x70 [ 18.417195] kasan_save_track+0x18/0x40 [ 18.417518] kasan_save_free_info+0x3f/0x60 [ 18.417789] __kasan_mempool_poison_object+0x131/0x1d0 [ 18.418550] mempool_free+0x2ec/0x380 [ 18.419197] mempool_uaf_helper+0x11a/0x400 [ 18.419519] mempool_kmalloc_uaf+0xef/0x140 [ 18.419869] kunit_try_run_case+0x1a5/0x480 [ 18.420079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.420904] kthread+0x337/0x6f0 [ 18.421194] ret_from_fork+0x116/0x1d0 [ 18.421566] ret_from_fork_asm+0x1a/0x30 [ 18.421991] [ 18.422176] The buggy address belongs to the object at ffff888102306800 [ 18.422176] which belongs to the cache kmalloc-128 of size 128 [ 18.423211] The buggy address is located 0 bytes inside of [ 18.423211] freed 128-byte region [ffff888102306800, ffff888102306880) [ 18.423898] [ 18.424102] The buggy address belongs to the physical page: [ 18.424744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 18.425056] flags: 0x200000000000000(node=0|zone=2) [ 18.425426] page_type: f5(slab) [ 18.425795] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.426247] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.426597] page dumped because: kasan: bad access detected [ 18.427032] [ 18.427159] Memory state around the buggy address: [ 18.427403] ffff888102306700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.427923] ffff888102306780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.428246] >ffff888102306800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.428598] ^ [ 18.428900] ffff888102306880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.429233] ffff888102306900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.429752] ================================================================== [ 18.470857] ================================================================== [ 18.471768] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.472110] Read of size 1 at addr ffff888102b61240 by task kunit_try_catch/248 [ 18.472414] [ 18.472554] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.472616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.472630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.472658] Call Trace: [ 18.472682] <TASK> [ 18.472710] dump_stack_lvl+0x73/0xb0 [ 18.472744] print_report+0xd1/0x650 [ 18.472770] ? __virt_addr_valid+0x1db/0x2d0 [ 18.472795] ? mempool_uaf_helper+0x392/0x400 [ 18.472819] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.472845] ? mempool_uaf_helper+0x392/0x400 [ 18.472868] kasan_report+0x141/0x180 [ 18.472892] ? mempool_uaf_helper+0x392/0x400 [ 18.472920] __asan_report_load1_noabort+0x18/0x20 [ 18.472942] mempool_uaf_helper+0x392/0x400 [ 18.472967] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.472994] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.473018] ? finish_task_switch.isra.0+0x153/0x700 [ 18.473045] mempool_slab_uaf+0xea/0x140 [ 18.473070] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 18.473097] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 18.473120] ? __pfx_mempool_free_slab+0x10/0x10 [ 18.473144] ? __pfx_read_tsc+0x10/0x10 [ 18.473166] ? ktime_get_ts64+0x86/0x230 [ 18.473191] kunit_try_run_case+0x1a5/0x480 [ 18.473217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.473241] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.473735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.473800] ? __kthread_parkme+0x82/0x180 [ 18.474188] ? preempt_count_sub+0x50/0x80 [ 18.474252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.474319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.474376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.474427] kthread+0x337/0x6f0 [ 18.474458] ? trace_preempt_on+0x20/0xc0 [ 18.474487] ? __pfx_kthread+0x10/0x10 [ 18.474509] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.474532] ? calculate_sigpending+0x7b/0xa0 [ 18.474558] ? __pfx_kthread+0x10/0x10 [ 18.474582] ret_from_fork+0x116/0x1d0 [ 18.474603] ? __pfx_kthread+0x10/0x10 [ 18.474625] ret_from_fork_asm+0x1a/0x30 [ 18.474661] </TASK> [ 18.474698] [ 18.489521] Allocated by task 248: [ 18.489790] kasan_save_stack+0x45/0x70 [ 18.490186] kasan_save_track+0x18/0x40 [ 18.490579] kasan_save_alloc_info+0x3b/0x50 [ 18.490823] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 18.491314] remove_element+0x11e/0x190 [ 18.491555] mempool_alloc_preallocated+0x4d/0x90 [ 18.492582] mempool_uaf_helper+0x96/0x400 [ 18.493150] mempool_slab_uaf+0xea/0x140 [ 18.493497] kunit_try_run_case+0x1a5/0x480 [ 18.493714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.494164] kthread+0x337/0x6f0 [ 18.494393] ret_from_fork+0x116/0x1d0 [ 18.494569] ret_from_fork_asm+0x1a/0x30 [ 18.494826] [ 18.495014] Freed by task 248: [ 18.495364] kasan_save_stack+0x45/0x70 [ 18.495591] kasan_save_track+0x18/0x40 [ 18.496557] kasan_save_free_info+0x3f/0x60 [ 18.496756] __kasan_mempool_poison_object+0x131/0x1d0 [ 18.497367] mempool_free+0x2ec/0x380 [ 18.497576] mempool_uaf_helper+0x11a/0x400 [ 18.498305] mempool_slab_uaf+0xea/0x140 [ 18.498572] kunit_try_run_case+0x1a5/0x480 [ 18.498754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.499568] kthread+0x337/0x6f0 [ 18.499862] ret_from_fork+0x116/0x1d0 [ 18.500360] ret_from_fork_asm+0x1a/0x30 [ 18.500495] [ 18.500556] The buggy address belongs to the object at ffff888102b61240 [ 18.500556] which belongs to the cache test_cache of size 123 [ 18.501228] The buggy address is located 0 bytes inside of [ 18.501228] freed 123-byte region [ffff888102b61240, ffff888102b612bb) [ 18.502753] [ 18.502986] The buggy address belongs to the physical page: [ 18.503396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b61 [ 18.504355] flags: 0x200000000000000(node=0|zone=2) [ 18.504589] page_type: f5(slab) [ 18.505272] raw: 0200000000000000 ffff888102b5a280 dead000000000122 0000000000000000 [ 18.505644] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.506367] page dumped because: kasan: bad access detected [ 18.506667] [ 18.507053] Memory state around the buggy address: [ 18.507267] ffff888102b61100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.507835] ffff888102b61180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.508457] >ffff888102b61200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.508788] ^ [ 18.509008] ffff888102b61280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.509317] ffff888102b61300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.509778] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.306218] ================================================================== [ 18.306683] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 18.307407] Read of size 1 at addr ffff888102b42c73 by task kunit_try_catch/238 [ 18.307834] [ 18.307941] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.308004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.308018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.308046] Call Trace: [ 18.308063] <TASK> [ 18.308088] dump_stack_lvl+0x73/0xb0 [ 18.308128] print_report+0xd1/0x650 [ 18.308155] ? __virt_addr_valid+0x1db/0x2d0 [ 18.308181] ? mempool_oob_right_helper+0x318/0x380 [ 18.308206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.308230] ? mempool_oob_right_helper+0x318/0x380 [ 18.308255] kasan_report+0x141/0x180 [ 18.308295] ? mempool_oob_right_helper+0x318/0x380 [ 18.308324] __asan_report_load1_noabort+0x18/0x20 [ 18.308346] mempool_oob_right_helper+0x318/0x380 [ 18.308372] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 18.308396] ? update_load_avg+0x1be/0x21b0 [ 18.308422] ? dequeue_entities+0x27e/0x1740 [ 18.308449] ? finish_task_switch.isra.0+0x153/0x700 [ 18.308475] mempool_kmalloc_oob_right+0xf2/0x150 [ 18.308524] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 18.308553] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.308575] ? __pfx_mempool_kfree+0x10/0x10 [ 18.308597] ? __pfx_read_tsc+0x10/0x10 [ 18.308620] ? ktime_get_ts64+0x86/0x230 [ 18.308646] kunit_try_run_case+0x1a5/0x480 [ 18.308673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.308696] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.308721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.308744] ? __kthread_parkme+0x82/0x180 [ 18.308766] ? preempt_count_sub+0x50/0x80 [ 18.308789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.308813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.308859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.308883] kthread+0x337/0x6f0 [ 18.308904] ? trace_preempt_on+0x20/0xc0 [ 18.308931] ? __pfx_kthread+0x10/0x10 [ 18.308952] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.308972] ? calculate_sigpending+0x7b/0xa0 [ 18.308999] ? __pfx_kthread+0x10/0x10 [ 18.309021] ret_from_fork+0x116/0x1d0 [ 18.309041] ? __pfx_kthread+0x10/0x10 [ 18.309064] ret_from_fork_asm+0x1a/0x30 [ 18.309154] </TASK> [ 18.309169] [ 18.318110] Allocated by task 238: [ 18.318505] kasan_save_stack+0x45/0x70 [ 18.318707] kasan_save_track+0x18/0x40 [ 18.318947] kasan_save_alloc_info+0x3b/0x50 [ 18.319168] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.319370] remove_element+0x11e/0x190 [ 18.319724] mempool_alloc_preallocated+0x4d/0x90 [ 18.319896] mempool_oob_right_helper+0x8a/0x380 [ 18.320023] mempool_kmalloc_oob_right+0xf2/0x150 [ 18.320388] kunit_try_run_case+0x1a5/0x480 [ 18.320747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.321084] kthread+0x337/0x6f0 [ 18.321367] ret_from_fork+0x116/0x1d0 [ 18.321592] ret_from_fork_asm+0x1a/0x30 [ 18.321787] [ 18.321950] The buggy address belongs to the object at ffff888102b42c00 [ 18.321950] which belongs to the cache kmalloc-128 of size 128 [ 18.322723] The buggy address is located 0 bytes to the right of [ 18.322723] allocated 115-byte region [ffff888102b42c00, ffff888102b42c73) [ 18.323294] [ 18.323380] The buggy address belongs to the physical page: [ 18.323723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 18.324193] flags: 0x200000000000000(node=0|zone=2) [ 18.324471] page_type: f5(slab) [ 18.324670] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.325026] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.325536] page dumped because: kasan: bad access detected [ 18.325680] [ 18.325832] Memory state around the buggy address: [ 18.326226] ffff888102b42b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.326468] ffff888102b42b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326837] >ffff888102b42c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.327494] ^ [ 18.327828] ffff888102b42c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.328073] ffff888102b42d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.328535] ================================================================== [ 18.334876] ================================================================== [ 18.335410] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 18.335615] Read of size 1 at addr ffff888102cd6001 by task kunit_try_catch/240 [ 18.336493] [ 18.336703] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.336776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.336790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.336819] Call Trace: [ 18.336836] <TASK> [ 18.336860] dump_stack_lvl+0x73/0xb0 [ 18.336912] print_report+0xd1/0x650 [ 18.336943] ? __virt_addr_valid+0x1db/0x2d0 [ 18.337066] ? mempool_oob_right_helper+0x318/0x380 [ 18.337105] ? kasan_addr_to_slab+0x11/0xa0 [ 18.337130] ? mempool_oob_right_helper+0x318/0x380 [ 18.337157] kasan_report+0x141/0x180 [ 18.337185] ? mempool_oob_right_helper+0x318/0x380 [ 18.337268] __asan_report_load1_noabort+0x18/0x20 [ 18.337297] mempool_oob_right_helper+0x318/0x380 [ 18.337325] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 18.337354] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.337381] ? finish_task_switch.isra.0+0x153/0x700 [ 18.337410] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 18.337437] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 18.337468] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.337492] ? __pfx_mempool_kfree+0x10/0x10 [ 18.337515] ? __pfx_read_tsc+0x10/0x10 [ 18.337539] ? ktime_get_ts64+0x86/0x230 [ 18.337566] kunit_try_run_case+0x1a5/0x480 [ 18.337595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.337619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.337650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.337679] ? __kthread_parkme+0x82/0x180 [ 18.337734] ? preempt_count_sub+0x50/0x80 [ 18.337759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.337786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.337815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.337840] kthread+0x337/0x6f0 [ 18.337863] ? trace_preempt_on+0x20/0xc0 [ 18.337890] ? __pfx_kthread+0x10/0x10 [ 18.337914] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.337939] ? calculate_sigpending+0x7b/0xa0 [ 18.337968] ? __pfx_kthread+0x10/0x10 [ 18.337991] ret_from_fork+0x116/0x1d0 [ 18.338013] ? __pfx_kthread+0x10/0x10 [ 18.338036] ret_from_fork_asm+0x1a/0x30 [ 18.338339] </TASK> [ 18.338369] [ 18.348529] The buggy address belongs to the physical page: [ 18.348843] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cd4 [ 18.349305] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.349748] flags: 0x200000000000040(head|node=0|zone=2) [ 18.349976] page_type: f8(unknown) [ 18.350202] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.350902] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.351358] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.351682] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.352153] head: 0200000000000002 ffffea00040b3501 00000000ffffffff 00000000ffffffff [ 18.352342] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.352776] page dumped because: kasan: bad access detected [ 18.352986] [ 18.353175] Memory state around the buggy address: [ 18.353368] ffff888102cd5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.353732] ffff888102cd5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.353948] >ffff888102cd6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.354600] ^ [ 18.354827] ffff888102cd6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.355302] ffff888102cd6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.355509] ================================================================== [ 18.362193] ================================================================== [ 18.362736] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 18.362940] Read of size 1 at addr ffff8881023232bb by task kunit_try_catch/242 [ 18.363509] [ 18.363602] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 18.363666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.363681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.363710] Call Trace: [ 18.363725] <TASK> [ 18.363748] dump_stack_lvl+0x73/0xb0 [ 18.363788] print_report+0xd1/0x650 [ 18.363817] ? __virt_addr_valid+0x1db/0x2d0 [ 18.363846] ? mempool_oob_right_helper+0x318/0x380 [ 18.363871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.363894] ? mempool_oob_right_helper+0x318/0x380 [ 18.363919] kasan_report+0x141/0x180 [ 18.363943] ? mempool_oob_right_helper+0x318/0x380 [ 18.363995] __asan_report_load1_noabort+0x18/0x20 [ 18.364136] mempool_oob_right_helper+0x318/0x380 [ 18.364172] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 18.364203] ? __pfx_sched_clock_cpu+0x10/0x10 [ 18.364231] ? finish_task_switch.isra.0+0x153/0x700 [ 18.364270] mempool_slab_oob_right+0xed/0x140 [ 18.364301] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 18.364331] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 18.364354] ? __pfx_mempool_free_slab+0x10/0x10 [ 18.364378] ? __pfx_read_tsc+0x10/0x10 [ 18.364402] ? ktime_get_ts64+0x86/0x230 [ 18.364430] kunit_try_run_case+0x1a5/0x480 [ 18.364459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.364483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.364513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.364538] ? __kthread_parkme+0x82/0x180 [ 18.364562] ? preempt_count_sub+0x50/0x80 [ 18.364588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.364644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.364681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.364709] kthread+0x337/0x6f0 [ 18.364731] ? trace_preempt_on+0x20/0xc0 [ 18.364760] ? __pfx_kthread+0x10/0x10 [ 18.364783] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.364809] ? calculate_sigpending+0x7b/0xa0 [ 18.364837] ? __pfx_kthread+0x10/0x10 [ 18.364860] ret_from_fork+0x116/0x1d0 [ 18.364882] ? __pfx_kthread+0x10/0x10 [ 18.364996] ret_from_fork_asm+0x1a/0x30 [ 18.365040] </TASK> [ 18.365057] [ 18.371031] Allocated by task 242: [ 18.371327] kasan_save_stack+0x45/0x70 [ 18.371649] kasan_save_track+0x18/0x40 [ 18.371972] kasan_save_alloc_info+0x3b/0x50 [ 18.372305] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 18.372440] remove_element+0x11e/0x190 [ 18.372545] mempool_alloc_preallocated+0x4d/0x90 [ 18.372682] mempool_oob_right_helper+0x8a/0x380 [ 18.372806] mempool_slab_oob_right+0xed/0x140 [ 18.372922] kunit_try_run_case+0x1a5/0x480 [ 18.373197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.373541] kthread+0x337/0x6f0 [ 18.373797] ret_from_fork+0x116/0x1d0 [ 18.374079] ret_from_fork_asm+0x1a/0x30 [ 18.374374] [ 18.374494] The buggy address belongs to the object at ffff888102323240 [ 18.374494] which belongs to the cache test_cache of size 123 [ 18.374950] The buggy address is located 0 bytes to the right of [ 18.374950] allocated 123-byte region [ffff888102323240, ffff8881023232bb) [ 18.375480] [ 18.375625] The buggy address belongs to the physical page: [ 18.375777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102323 [ 18.375948] flags: 0x200000000000000(node=0|zone=2) [ 18.376073] page_type: f5(slab) [ 18.376174] raw: 0200000000000000 ffff888102321000 dead000000000122 0000000000000000 [ 18.376347] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.376499] page dumped because: kasan: bad access detected [ 18.376616] [ 18.376700] Memory state around the buggy address: [ 18.376989] ffff888102323180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.377432] ffff888102323200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.377958] >ffff888102323280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.378285] ^ [ 18.378401] ffff888102323300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378541] ffff888102323380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.378707] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.716570] ================================================================== [ 17.717352] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 17.717924] Read of size 1 at addr ffff888102b5a140 by task kunit_try_catch/232 [ 17.718320] [ 17.718445] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.718509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.718523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.718550] Call Trace: [ 17.718567] <TASK> [ 17.718591] dump_stack_lvl+0x73/0xb0 [ 17.718636] print_report+0xd1/0x650 [ 17.718664] ? __virt_addr_valid+0x1db/0x2d0 [ 17.718692] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.718719] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.718743] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.719092] kasan_report+0x141/0x180 [ 17.719120] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.719170] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.719198] __kasan_check_byte+0x3d/0x50 [ 17.719223] kmem_cache_destroy+0x25/0x1d0 [ 17.719251] kmem_cache_double_destroy+0x1bf/0x380 [ 17.719301] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 17.719328] ? finish_task_switch.isra.0+0x153/0x700 [ 17.719355] ? __switch_to+0x47/0xf50 [ 17.719387] ? __pfx_read_tsc+0x10/0x10 [ 17.719412] ? ktime_get_ts64+0x86/0x230 [ 17.719441] kunit_try_run_case+0x1a5/0x480 [ 17.719472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.719496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.719522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.719546] ? __kthread_parkme+0x82/0x180 [ 17.719569] ? preempt_count_sub+0x50/0x80 [ 17.719593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.719618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.719643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.719667] kthread+0x337/0x6f0 [ 17.719708] ? trace_preempt_on+0x20/0xc0 [ 17.719736] ? __pfx_kthread+0x10/0x10 [ 17.719758] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.719780] ? calculate_sigpending+0x7b/0xa0 [ 17.719807] ? __pfx_kthread+0x10/0x10 [ 17.719830] ret_from_fork+0x116/0x1d0 [ 17.719850] ? __pfx_kthread+0x10/0x10 [ 17.719872] ret_from_fork_asm+0x1a/0x30 [ 17.719906] </TASK> [ 17.719921] [ 17.729239] Allocated by task 232: [ 17.729602] kasan_save_stack+0x45/0x70 [ 17.729923] kasan_save_track+0x18/0x40 [ 17.730103] kasan_save_alloc_info+0x3b/0x50 [ 17.730482] __kasan_slab_alloc+0x91/0xa0 [ 17.730744] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.731031] __kmem_cache_create_args+0x169/0x240 [ 17.731509] kmem_cache_double_destroy+0xd5/0x380 [ 17.731832] kunit_try_run_case+0x1a5/0x480 [ 17.732173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.732495] kthread+0x337/0x6f0 [ 17.732741] ret_from_fork+0x116/0x1d0 [ 17.732972] ret_from_fork_asm+0x1a/0x30 [ 17.733421] [ 17.733563] Freed by task 232: [ 17.733838] kasan_save_stack+0x45/0x70 [ 17.734166] kasan_save_track+0x18/0x40 [ 17.734450] kasan_save_free_info+0x3f/0x60 [ 17.734609] __kasan_slab_free+0x56/0x70 [ 17.734871] kmem_cache_free+0x249/0x420 [ 17.735230] slab_kmem_cache_release+0x2e/0x40 [ 17.735386] kmem_cache_release+0x16/0x20 [ 17.735782] kobject_put+0x181/0x450 [ 17.735927] sysfs_slab_release+0x16/0x20 [ 17.736217] kmem_cache_destroy+0xf0/0x1d0 [ 17.736493] kmem_cache_double_destroy+0x14e/0x380 [ 17.736694] kunit_try_run_case+0x1a5/0x480 [ 17.736813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.737526] kthread+0x337/0x6f0 [ 17.737733] ret_from_fork+0x116/0x1d0 [ 17.737969] ret_from_fork_asm+0x1a/0x30 [ 17.738306] [ 17.738430] The buggy address belongs to the object at ffff888102b5a140 [ 17.738430] which belongs to the cache kmem_cache of size 208 [ 17.738900] The buggy address is located 0 bytes inside of [ 17.738900] freed 208-byte region [ffff888102b5a140, ffff888102b5a210) [ 17.739506] [ 17.739644] The buggy address belongs to the physical page: [ 17.739905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b5a [ 17.740306] flags: 0x200000000000000(node=0|zone=2) [ 17.740638] page_type: f5(slab) [ 17.740789] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 17.741435] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.741755] page dumped because: kasan: bad access detected [ 17.741983] [ 17.742211] Memory state around the buggy address: [ 17.742387] ffff888102b5a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.742731] ffff888102b5a080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.743171] >ffff888102b5a100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.743524] ^ [ 17.743878] ffff888102b5a180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.744118] ffff888102b5a200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.744519] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.653831] ================================================================== [ 17.654907] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.655411] Read of size 1 at addr ffff88810231d000 by task kunit_try_catch/230 [ 17.655597] [ 17.655691] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.655751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.655764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.655791] Call Trace: [ 17.655809] <TASK> [ 17.655833] dump_stack_lvl+0x73/0xb0 [ 17.655868] print_report+0xd1/0x650 [ 17.655892] ? __virt_addr_valid+0x1db/0x2d0 [ 17.655921] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.655946] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.655969] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.655994] kasan_report+0x141/0x180 [ 17.656018] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.656047] __asan_report_load1_noabort+0x18/0x20 [ 17.656069] kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.656093] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 17.656118] ? finish_task_switch.isra.0+0x153/0x700 [ 17.656143] ? __switch_to+0x47/0xf50 [ 17.656173] ? __pfx_read_tsc+0x10/0x10 [ 17.656196] ? ktime_get_ts64+0x86/0x230 [ 17.656222] kunit_try_run_case+0x1a5/0x480 [ 17.656250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.656883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.656920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.656945] ? __kthread_parkme+0x82/0x180 [ 17.656969] ? preempt_count_sub+0x50/0x80 [ 17.656993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.657017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.657062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.657088] kthread+0x337/0x6f0 [ 17.657110] ? trace_preempt_on+0x20/0xc0 [ 17.657136] ? __pfx_kthread+0x10/0x10 [ 17.657158] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.657178] ? calculate_sigpending+0x7b/0xa0 [ 17.657340] ? __pfx_kthread+0x10/0x10 [ 17.657369] ret_from_fork+0x116/0x1d0 [ 17.657392] ? __pfx_kthread+0x10/0x10 [ 17.657414] ret_from_fork_asm+0x1a/0x30 [ 17.657446] </TASK> [ 17.657460] [ 17.666358] Allocated by task 230: [ 17.666916] kasan_save_stack+0x45/0x70 [ 17.667105] kasan_save_track+0x18/0x40 [ 17.667410] kasan_save_alloc_info+0x3b/0x50 [ 17.667674] __kasan_slab_alloc+0x91/0xa0 [ 17.667875] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.668170] kmem_cache_rcu_uaf+0x155/0x510 [ 17.668449] kunit_try_run_case+0x1a5/0x480 [ 17.668685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.668886] kthread+0x337/0x6f0 [ 17.669004] ret_from_fork+0x116/0x1d0 [ 17.669284] ret_from_fork_asm+0x1a/0x30 [ 17.669463] [ 17.669522] Freed by task 0: [ 17.669634] kasan_save_stack+0x45/0x70 [ 17.669957] kasan_save_track+0x18/0x40 [ 17.670131] kasan_save_free_info+0x3f/0x60 [ 17.670284] __kasan_slab_free+0x56/0x70 [ 17.670386] slab_free_after_rcu_debug+0xe4/0x310 [ 17.670756] rcu_core+0x66f/0x1c40 [ 17.670993] rcu_core_si+0x12/0x20 [ 17.671093] handle_softirqs+0x209/0x730 [ 17.671191] __irq_exit_rcu+0xc9/0x110 [ 17.671296] irq_exit_rcu+0x12/0x20 [ 17.671390] sysvec_apic_timer_interrupt+0x81/0x90 [ 17.671829] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 17.672205] [ 17.672358] Last potentially related work creation: [ 17.672593] kasan_save_stack+0x45/0x70 [ 17.672688] kasan_record_aux_stack+0xb2/0xc0 [ 17.672792] kmem_cache_free+0x131/0x420 [ 17.672996] kmem_cache_rcu_uaf+0x194/0x510 [ 17.673466] kunit_try_run_case+0x1a5/0x480 [ 17.673902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.674283] kthread+0x337/0x6f0 [ 17.674513] ret_from_fork+0x116/0x1d0 [ 17.675135] ret_from_fork_asm+0x1a/0x30 [ 17.675641] [ 17.675965] The buggy address belongs to the object at ffff88810231d000 [ 17.675965] which belongs to the cache test_cache of size 200 [ 17.676695] The buggy address is located 0 bytes inside of [ 17.676695] freed 200-byte region [ffff88810231d000, ffff88810231d0c8) [ 17.677618] [ 17.677928] The buggy address belongs to the physical page: [ 17.678379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10231d [ 17.678730] flags: 0x200000000000000(node=0|zone=2) [ 17.678871] page_type: f5(slab) [ 17.679115] raw: 0200000000000000 ffff8881009f8b40 dead000000000122 0000000000000000 [ 17.679586] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.679890] page dumped because: kasan: bad access detected [ 17.680126] [ 17.680216] Memory state around the buggy address: [ 17.680450] ffff88810231cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.681085] ffff88810231cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.681469] >ffff88810231d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.681780] ^ [ 17.681915] ffff88810231d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.682544] ffff88810231d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.682964] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.582020] ================================================================== [ 17.582934] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 17.583327] Free of addr ffff888102b5c001 by task kunit_try_catch/228 [ 17.583966] [ 17.584065] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.584673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.584701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.584727] Call Trace: [ 17.584744] <TASK> [ 17.584768] dump_stack_lvl+0x73/0xb0 [ 17.584809] print_report+0xd1/0x650 [ 17.584834] ? __virt_addr_valid+0x1db/0x2d0 [ 17.584862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.584887] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.584910] kasan_report_invalid_free+0x10a/0x130 [ 17.584936] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.584959] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.584981] check_slab_allocation+0x11f/0x130 [ 17.585005] __kasan_slab_pre_free+0x28/0x40 [ 17.585027] kmem_cache_free+0xed/0x420 [ 17.585050] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.585289] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.585325] kmem_cache_invalid_free+0x1d8/0x460 [ 17.585352] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 17.585373] ? finish_task_switch.isra.0+0x153/0x700 [ 17.585401] ? __switch_to+0x47/0xf50 [ 17.585431] ? __pfx_read_tsc+0x10/0x10 [ 17.585455] ? ktime_get_ts64+0x86/0x230 [ 17.585480] kunit_try_run_case+0x1a5/0x480 [ 17.585509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.585533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.585558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.585599] ? __kthread_parkme+0x82/0x180 [ 17.585626] ? preempt_count_sub+0x50/0x80 [ 17.585653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.585699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.585724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.585802] kthread+0x337/0x6f0 [ 17.585827] ? trace_preempt_on+0x20/0xc0 [ 17.585854] ? __pfx_kthread+0x10/0x10 [ 17.585876] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.585897] ? calculate_sigpending+0x7b/0xa0 [ 17.585923] ? __pfx_kthread+0x10/0x10 [ 17.585946] ret_from_fork+0x116/0x1d0 [ 17.585966] ? __pfx_kthread+0x10/0x10 [ 17.585988] ret_from_fork_asm+0x1a/0x30 [ 17.586020] </TASK> [ 17.586035] [ 17.597812] Allocated by task 228: [ 17.598195] kasan_save_stack+0x45/0x70 [ 17.598399] kasan_save_track+0x18/0x40 [ 17.598506] kasan_save_alloc_info+0x3b/0x50 [ 17.598613] __kasan_slab_alloc+0x91/0xa0 [ 17.598938] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.599387] kmem_cache_invalid_free+0x157/0x460 [ 17.599725] kunit_try_run_case+0x1a5/0x480 [ 17.600007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.600326] kthread+0x337/0x6f0 [ 17.600599] ret_from_fork+0x116/0x1d0 [ 17.600827] ret_from_fork_asm+0x1a/0x30 [ 17.601485] [ 17.601716] The buggy address belongs to the object at ffff888102b5c000 [ 17.601716] which belongs to the cache test_cache of size 200 [ 17.601989] The buggy address is located 1 bytes inside of [ 17.601989] 200-byte region [ffff888102b5c000, ffff888102b5c0c8) [ 17.602847] [ 17.603104] The buggy address belongs to the physical page: [ 17.603647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b5c [ 17.604371] flags: 0x200000000000000(node=0|zone=2) [ 17.604778] page_type: f5(slab) [ 17.605077] raw: 0200000000000000 ffff888102b5a000 dead000000000122 0000000000000000 [ 17.605510] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.606000] page dumped because: kasan: bad access detected [ 17.606198] [ 17.606515] Memory state around the buggy address: [ 17.606762] ffff888102b5bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.607439] ffff888102b5bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.607841] >ffff888102b5c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.608075] ^ [ 17.608221] ffff888102b5c080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.608492] ffff888102b5c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.608903] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.545728] ================================================================== [ 17.546211] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 17.546408] Free of addr ffff888102b58000 by task kunit_try_catch/226 [ 17.546833] [ 17.547023] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.547086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.547100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.547126] Call Trace: [ 17.547141] <TASK> [ 17.547163] dump_stack_lvl+0x73/0xb0 [ 17.547197] print_report+0xd1/0x650 [ 17.547226] ? __virt_addr_valid+0x1db/0x2d0 [ 17.547351] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.547377] ? kmem_cache_double_free+0x1e5/0x480 [ 17.547398] kasan_report_invalid_free+0x10a/0x130 [ 17.547423] ? kmem_cache_double_free+0x1e5/0x480 [ 17.547466] ? kmem_cache_double_free+0x1e5/0x480 [ 17.547487] check_slab_allocation+0x101/0x130 [ 17.547525] __kasan_slab_pre_free+0x28/0x40 [ 17.547550] kmem_cache_free+0xed/0x420 [ 17.547572] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.547593] ? kmem_cache_double_free+0x1e5/0x480 [ 17.547617] kmem_cache_double_free+0x1e5/0x480 [ 17.547638] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 17.547658] ? finish_task_switch.isra.0+0x153/0x700 [ 17.547725] ? __switch_to+0x47/0xf50 [ 17.547754] ? __pfx_read_tsc+0x10/0x10 [ 17.547909] ? ktime_get_ts64+0x86/0x230 [ 17.547973] kunit_try_run_case+0x1a5/0x480 [ 17.548005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.548030] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.548085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.548109] ? __kthread_parkme+0x82/0x180 [ 17.548131] ? preempt_count_sub+0x50/0x80 [ 17.548154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.548178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.548202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.548225] kthread+0x337/0x6f0 [ 17.548246] ? trace_preempt_on+0x20/0xc0 [ 17.548284] ? __pfx_kthread+0x10/0x10 [ 17.548306] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.548327] ? calculate_sigpending+0x7b/0xa0 [ 17.548353] ? __pfx_kthread+0x10/0x10 [ 17.548375] ret_from_fork+0x116/0x1d0 [ 17.548394] ? __pfx_kthread+0x10/0x10 [ 17.548415] ret_from_fork_asm+0x1a/0x30 [ 17.548446] </TASK> [ 17.548459] [ 17.557770] Allocated by task 226: [ 17.557888] kasan_save_stack+0x45/0x70 [ 17.558218] kasan_save_track+0x18/0x40 [ 17.558480] kasan_save_alloc_info+0x3b/0x50 [ 17.558776] __kasan_slab_alloc+0x91/0xa0 [ 17.559058] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.559312] kmem_cache_double_free+0x14f/0x480 [ 17.559508] kunit_try_run_case+0x1a5/0x480 [ 17.559696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.559917] kthread+0x337/0x6f0 [ 17.560116] ret_from_fork+0x116/0x1d0 [ 17.560574] ret_from_fork_asm+0x1a/0x30 [ 17.560845] [ 17.560995] Freed by task 226: [ 17.561194] kasan_save_stack+0x45/0x70 [ 17.561433] kasan_save_track+0x18/0x40 [ 17.561530] kasan_save_free_info+0x3f/0x60 [ 17.561627] __kasan_slab_free+0x56/0x70 [ 17.561741] kmem_cache_free+0x249/0x420 [ 17.561837] kmem_cache_double_free+0x16a/0x480 [ 17.561937] kunit_try_run_case+0x1a5/0x480 [ 17.562295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.562683] kthread+0x337/0x6f0 [ 17.562935] ret_from_fork+0x116/0x1d0 [ 17.563294] ret_from_fork_asm+0x1a/0x30 [ 17.563577] [ 17.563745] The buggy address belongs to the object at ffff888102b58000 [ 17.563745] which belongs to the cache test_cache of size 200 [ 17.564388] The buggy address is located 0 bytes inside of [ 17.564388] 200-byte region [ffff888102b58000, ffff888102b580c8) [ 17.564912] [ 17.565007] The buggy address belongs to the physical page: [ 17.565343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b58 [ 17.565506] flags: 0x200000000000000(node=0|zone=2) [ 17.565624] page_type: f5(slab) [ 17.565736] raw: 0200000000000000 ffff8881017c2dc0 dead000000000122 0000000000000000 [ 17.566285] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.566787] page dumped because: kasan: bad access detected [ 17.567118] [ 17.567267] Memory state around the buggy address: [ 17.567451] ffff888102b57f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.567598] ffff888102b57f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.568003] >ffff888102b58000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.568643] ^ [ 17.568802] ffff888102b58080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.569214] ffff888102b58100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.569475] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.487534] ================================================================== [ 17.488088] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 17.488493] Read of size 1 at addr ffff888102b540c8 by task kunit_try_catch/224 [ 17.488844] [ 17.489109] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.489215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.489237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.489289] Call Trace: [ 17.489319] <TASK> [ 17.489354] dump_stack_lvl+0x73/0xb0 [ 17.489421] print_report+0xd1/0x650 [ 17.489468] ? __virt_addr_valid+0x1db/0x2d0 [ 17.489513] ? kmem_cache_oob+0x402/0x530 [ 17.489552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.489595] ? kmem_cache_oob+0x402/0x530 [ 17.489627] kasan_report+0x141/0x180 [ 17.489661] ? kmem_cache_oob+0x402/0x530 [ 17.489703] __asan_report_load1_noabort+0x18/0x20 [ 17.489742] kmem_cache_oob+0x402/0x530 [ 17.489779] ? trace_hardirqs_on+0x37/0xe0 [ 17.489830] ? __pfx_kmem_cache_oob+0x10/0x10 [ 17.489871] ? finish_task_switch.isra.0+0x153/0x700 [ 17.489918] ? __switch_to+0x47/0xf50 [ 17.489975] ? __pfx_read_tsc+0x10/0x10 [ 17.490066] ? ktime_get_ts64+0x86/0x230 [ 17.490109] kunit_try_run_case+0x1a5/0x480 [ 17.490139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.490163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.490188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.490211] ? __kthread_parkme+0x82/0x180 [ 17.490235] ? preempt_count_sub+0x50/0x80 [ 17.490278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.490308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.490333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.490357] kthread+0x337/0x6f0 [ 17.490378] ? trace_preempt_on+0x20/0xc0 [ 17.490401] ? __pfx_kthread+0x10/0x10 [ 17.490423] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.490444] ? calculate_sigpending+0x7b/0xa0 [ 17.490470] ? __pfx_kthread+0x10/0x10 [ 17.490492] ret_from_fork+0x116/0x1d0 [ 17.490512] ? __pfx_kthread+0x10/0x10 [ 17.490533] ret_from_fork_asm+0x1a/0x30 [ 17.490565] </TASK> [ 17.490580] [ 17.502062] Allocated by task 224: [ 17.502446] kasan_save_stack+0x45/0x70 [ 17.502896] kasan_save_track+0x18/0x40 [ 17.503163] kasan_save_alloc_info+0x3b/0x50 [ 17.503371] __kasan_slab_alloc+0x91/0xa0 [ 17.503627] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.503850] kmem_cache_oob+0x157/0x530 [ 17.504182] kunit_try_run_case+0x1a5/0x480 [ 17.504433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.504817] kthread+0x337/0x6f0 [ 17.505070] ret_from_fork+0x116/0x1d0 [ 17.505303] ret_from_fork_asm+0x1a/0x30 [ 17.505623] [ 17.505824] The buggy address belongs to the object at ffff888102b54000 [ 17.505824] which belongs to the cache test_cache of size 200 [ 17.506307] The buggy address is located 0 bytes to the right of [ 17.506307] allocated 200-byte region [ffff888102b54000, ffff888102b540c8) [ 17.507150] [ 17.507359] The buggy address belongs to the physical page: [ 17.507706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b54 [ 17.508166] flags: 0x200000000000000(node=0|zone=2) [ 17.508571] page_type: f5(slab) [ 17.508797] raw: 0200000000000000 ffff8881017c2c80 dead000000000122 0000000000000000 [ 17.509238] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.509625] page dumped because: kasan: bad access detected [ 17.509931] [ 17.510040] Memory state around the buggy address: [ 17.510245] ffff888102b53f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.510785] ffff888102b54000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.511197] >ffff888102b54080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.511472] ^ [ 17.511926] ffff888102b54100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.512450] ffff888102b54180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.512856] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.429289] ================================================================== [ 17.429899] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 17.430622] Read of size 8 at addr ffff888102319300 by task kunit_try_catch/217 [ 17.431354] [ 17.431545] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.431685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.431728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.431773] Call Trace: [ 17.431804] <TASK> [ 17.431842] dump_stack_lvl+0x73/0xb0 [ 17.431932] print_report+0xd1/0x650 [ 17.431994] ? __virt_addr_valid+0x1db/0x2d0 [ 17.432060] ? workqueue_uaf+0x4d6/0x560 [ 17.432099] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.432145] ? workqueue_uaf+0x4d6/0x560 [ 17.432205] kasan_report+0x141/0x180 [ 17.432250] ? workqueue_uaf+0x4d6/0x560 [ 17.432325] __asan_report_load8_noabort+0x18/0x20 [ 17.432365] workqueue_uaf+0x4d6/0x560 [ 17.432420] ? __pfx_workqueue_uaf+0x10/0x10 [ 17.432482] ? __schedule+0x10cc/0x2b60 [ 17.432526] ? __pfx_read_tsc+0x10/0x10 [ 17.432564] ? ktime_get_ts64+0x86/0x230 [ 17.432617] kunit_try_run_case+0x1a5/0x480 [ 17.432672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.432715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.432775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.432810] ? __kthread_parkme+0x82/0x180 [ 17.432891] ? preempt_count_sub+0x50/0x80 [ 17.432920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.432945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.432969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.432993] kthread+0x337/0x6f0 [ 17.433014] ? trace_preempt_on+0x20/0xc0 [ 17.433047] ? __pfx_kthread+0x10/0x10 [ 17.433097] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.433130] ? calculate_sigpending+0x7b/0xa0 [ 17.433157] ? __pfx_kthread+0x10/0x10 [ 17.433179] ret_from_fork+0x116/0x1d0 [ 17.433199] ? __pfx_kthread+0x10/0x10 [ 17.433220] ret_from_fork_asm+0x1a/0x30 [ 17.433253] </TASK> [ 17.433286] [ 17.447362] Allocated by task 217: [ 17.447715] kasan_save_stack+0x45/0x70 [ 17.448077] kasan_save_track+0x18/0x40 [ 17.448332] kasan_save_alloc_info+0x3b/0x50 [ 17.448686] __kasan_kmalloc+0xb7/0xc0 [ 17.449001] __kmalloc_cache_noprof+0x189/0x420 [ 17.449317] workqueue_uaf+0x152/0x560 [ 17.449635] kunit_try_run_case+0x1a5/0x480 [ 17.449889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.450142] kthread+0x337/0x6f0 [ 17.450436] ret_from_fork+0x116/0x1d0 [ 17.450967] ret_from_fork_asm+0x1a/0x30 [ 17.451585] [ 17.451854] Freed by task 9: [ 17.452266] kasan_save_stack+0x45/0x70 [ 17.452624] kasan_save_track+0x18/0x40 [ 17.453630] kasan_save_free_info+0x3f/0x60 [ 17.453896] __kasan_slab_free+0x56/0x70 [ 17.454238] kfree+0x222/0x3f0 [ 17.454612] workqueue_uaf_work+0x12/0x20 [ 17.455001] process_one_work+0x5ee/0xf60 [ 17.455525] worker_thread+0x725/0x1320 [ 17.455832] kthread+0x337/0x6f0 [ 17.456323] ret_from_fork+0x116/0x1d0 [ 17.456645] ret_from_fork_asm+0x1a/0x30 [ 17.456993] [ 17.457365] Last potentially related work creation: [ 17.457742] kasan_save_stack+0x45/0x70 [ 17.458694] kasan_record_aux_stack+0xb2/0xc0 [ 17.459001] __queue_work+0x626/0xeb0 [ 17.459612] queue_work_on+0xb6/0xc0 [ 17.460167] workqueue_uaf+0x26d/0x560 [ 17.460631] kunit_try_run_case+0x1a5/0x480 [ 17.460852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.461308] kthread+0x337/0x6f0 [ 17.461586] ret_from_fork+0x116/0x1d0 [ 17.462102] ret_from_fork_asm+0x1a/0x30 [ 17.462802] [ 17.463064] The buggy address belongs to the object at ffff888102319300 [ 17.463064] which belongs to the cache kmalloc-32 of size 32 [ 17.464180] The buggy address is located 0 bytes inside of [ 17.464180] freed 32-byte region [ffff888102319300, ffff888102319320) [ 17.464996] [ 17.465291] The buggy address belongs to the physical page: [ 17.465595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102319 [ 17.466208] flags: 0x200000000000000(node=0|zone=2) [ 17.466620] page_type: f5(slab) [ 17.466881] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 17.467272] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.467769] page dumped because: kasan: bad access detected [ 17.468157] [ 17.468495] Memory state around the buggy address: [ 17.468770] ffff888102319200: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.469429] ffff888102319280: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.469790] >ffff888102319300: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 17.470805] ^ [ 17.471234] ffff888102319380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.471727] ffff888102319400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.472171] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.367245] ================================================================== [ 17.368148] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 17.368846] Read of size 4 at addr ffff8881023191c0 by task swapper/0/0 [ 17.369249] [ 17.369655] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.369785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.369812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.369852] Call Trace: [ 17.369912] <IRQ> [ 17.369950] dump_stack_lvl+0x73/0xb0 [ 17.370030] print_report+0xd1/0x650 [ 17.370097] ? __virt_addr_valid+0x1db/0x2d0 [ 17.370148] ? rcu_uaf_reclaim+0x50/0x60 [ 17.370185] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.370227] ? rcu_uaf_reclaim+0x50/0x60 [ 17.370278] kasan_report+0x141/0x180 [ 17.370465] ? rcu_uaf_reclaim+0x50/0x60 [ 17.370510] __asan_report_load4_noabort+0x18/0x20 [ 17.370546] rcu_uaf_reclaim+0x50/0x60 [ 17.370584] rcu_core+0x66f/0x1c40 [ 17.370641] ? __pfx_rcu_core+0x10/0x10 [ 17.370689] ? ktime_get+0x6b/0x150 [ 17.370856] rcu_core_si+0x12/0x20 [ 17.370911] handle_softirqs+0x209/0x730 [ 17.371188] ? hrtimer_interrupt+0x2fe/0x780 [ 17.371237] ? __pfx_handle_softirqs+0x10/0x10 [ 17.371288] __irq_exit_rcu+0xc9/0x110 [ 17.371314] irq_exit_rcu+0x12/0x20 [ 17.371335] sysvec_apic_timer_interrupt+0x81/0x90 [ 17.371364] </IRQ> [ 17.371410] <TASK> [ 17.371422] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 17.371543] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 17.371842] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d c3 71 23 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 17.371941] RSP: 0000:ffffffff91e07dd8 EFLAGS: 00010206 [ 17.372314] RAX: ffff8881c7e77000 RBX: ffffffff91e1cac0 RCX: ffffffff90c543e5 [ 17.372421] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000007d34 [ 17.372476] RBP: ffffffff91e07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 17.372527] R10: ffff88815b030c53 R11: 000000000003e400 R12: 0000000000000000 [ 17.372575] R13: fffffbfff23c3958 R14: ffffffff929b0290 R15: 0000000000000000 [ 17.372646] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 17.372762] ? default_idle+0xd/0x20 [ 17.372789] arch_cpu_idle+0xd/0x20 [ 17.372811] default_idle_call+0x48/0x80 [ 17.372834] do_idle+0x379/0x4f0 [ 17.372858] ? __pfx_do_idle+0x10/0x10 [ 17.372877] ? trace_preempt_on+0x20/0xc0 [ 17.372901] ? schedule+0x86/0x2e0 [ 17.372921] ? preempt_count_sub+0x50/0x80 [ 17.372944] cpu_startup_entry+0x5c/0x70 [ 17.372964] rest_init+0x11a/0x140 [ 17.372986] ? acpi_subsystem_init+0x5d/0x150 [ 17.373012] start_kernel+0x330/0x410 [ 17.373041] x86_64_start_reservations+0x1c/0x30 [ 17.373158] x86_64_start_kernel+0xcf/0xe0 [ 17.373183] common_startup_64+0x13e/0x148 [ 17.373216] </TASK> [ 17.373230] [ 17.392545] Allocated by task 215: [ 17.392979] kasan_save_stack+0x45/0x70 [ 17.393723] kasan_save_track+0x18/0x40 [ 17.394285] kasan_save_alloc_info+0x3b/0x50 [ 17.394501] __kasan_kmalloc+0xb7/0xc0 [ 17.394876] __kmalloc_cache_noprof+0x189/0x420 [ 17.395117] rcu_uaf+0xb0/0x330 [ 17.395992] kunit_try_run_case+0x1a5/0x480 [ 17.396309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.397200] kthread+0x337/0x6f0 [ 17.397460] ret_from_fork+0x116/0x1d0 [ 17.397645] ret_from_fork_asm+0x1a/0x30 [ 17.398056] [ 17.398690] Freed by task 0: [ 17.398881] kasan_save_stack+0x45/0x70 [ 17.399298] kasan_save_track+0x18/0x40 [ 17.399498] kasan_save_free_info+0x3f/0x60 [ 17.399859] __kasan_slab_free+0x56/0x70 [ 17.400124] kfree+0x222/0x3f0 [ 17.400637] rcu_uaf_reclaim+0x1f/0x60 [ 17.401544] rcu_core+0x66f/0x1c40 [ 17.401774] rcu_core_si+0x12/0x20 [ 17.402279] handle_softirqs+0x209/0x730 [ 17.402602] __irq_exit_rcu+0xc9/0x110 [ 17.402828] irq_exit_rcu+0x12/0x20 [ 17.403332] sysvec_apic_timer_interrupt+0x81/0x90 [ 17.403622] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 17.404165] [ 17.404444] Last potentially related work creation: [ 17.404844] kasan_save_stack+0x45/0x70 [ 17.405282] kasan_record_aux_stack+0xb2/0xc0 [ 17.405570] __call_rcu_common.constprop.0+0x72/0x9d0 [ 17.406695] call_rcu+0x12/0x20 [ 17.407043] rcu_uaf+0x168/0x330 [ 17.407540] kunit_try_run_case+0x1a5/0x480 [ 17.407839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.408288] kthread+0x337/0x6f0 [ 17.408628] ret_from_fork+0x116/0x1d0 [ 17.409031] ret_from_fork_asm+0x1a/0x30 [ 17.409281] [ 17.409648] The buggy address belongs to the object at ffff8881023191c0 [ 17.409648] which belongs to the cache kmalloc-32 of size 32 [ 17.410383] The buggy address is located 0 bytes inside of [ 17.410383] freed 32-byte region [ffff8881023191c0, ffff8881023191e0) [ 17.411277] [ 17.411604] The buggy address belongs to the physical page: [ 17.412061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102319 [ 17.412684] flags: 0x200000000000000(node=0|zone=2) [ 17.412953] page_type: f5(slab) [ 17.413809] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 17.414669] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.415068] page dumped because: kasan: bad access detected [ 17.415928] [ 17.416327] Memory state around the buggy address: [ 17.416829] ffff888102319080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.417380] ffff888102319100: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.417830] >ffff888102319180: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.418450] ^ [ 17.419172] ffff888102319200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.419701] ffff888102319280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.420331] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.273666] ================================================================== [ 17.274718] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 17.275631] Read of size 1 at addr ffff888102b42900 by task kunit_try_catch/213 [ 17.276429] [ 17.276540] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.276600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.276612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.276638] Call Trace: [ 17.276668] <TASK> [ 17.276703] dump_stack_lvl+0x73/0xb0 [ 17.276765] print_report+0xd1/0x650 [ 17.276810] ? __virt_addr_valid+0x1db/0x2d0 [ 17.276853] ? ksize_uaf+0x5fe/0x6c0 [ 17.276888] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.276923] ? ksize_uaf+0x5fe/0x6c0 [ 17.276961] kasan_report+0x141/0x180 [ 17.277002] ? ksize_uaf+0x5fe/0x6c0 [ 17.277055] __asan_report_load1_noabort+0x18/0x20 [ 17.277092] ksize_uaf+0x5fe/0x6c0 [ 17.277132] ? __pfx_ksize_uaf+0x10/0x10 [ 17.277176] ? __schedule+0x10cc/0x2b60 [ 17.277215] ? __pfx_read_tsc+0x10/0x10 [ 17.277295] ? ktime_get_ts64+0x86/0x230 [ 17.277358] kunit_try_run_case+0x1a5/0x480 [ 17.277411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.277473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.277511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.277547] ? __kthread_parkme+0x82/0x180 [ 17.277581] ? preempt_count_sub+0x50/0x80 [ 17.277620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.277657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.277695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.277731] kthread+0x337/0x6f0 [ 17.277763] ? trace_preempt_on+0x20/0xc0 [ 17.277802] ? __pfx_kthread+0x10/0x10 [ 17.277836] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.277869] ? calculate_sigpending+0x7b/0xa0 [ 17.277913] ? __pfx_kthread+0x10/0x10 [ 17.277936] ret_from_fork+0x116/0x1d0 [ 17.277956] ? __pfx_kthread+0x10/0x10 [ 17.277977] ret_from_fork_asm+0x1a/0x30 [ 17.278009] </TASK> [ 17.278023] [ 17.292234] Allocated by task 213: [ 17.292743] kasan_save_stack+0x45/0x70 [ 17.293307] kasan_save_track+0x18/0x40 [ 17.293887] kasan_save_alloc_info+0x3b/0x50 [ 17.294087] __kasan_kmalloc+0xb7/0xc0 [ 17.294347] __kmalloc_cache_noprof+0x189/0x420 [ 17.294732] ksize_uaf+0xaa/0x6c0 [ 17.295193] kunit_try_run_case+0x1a5/0x480 [ 17.295545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.296175] kthread+0x337/0x6f0 [ 17.296457] ret_from_fork+0x116/0x1d0 [ 17.296631] ret_from_fork_asm+0x1a/0x30 [ 17.297021] [ 17.297588] Freed by task 213: [ 17.297901] kasan_save_stack+0x45/0x70 [ 17.298387] kasan_save_track+0x18/0x40 [ 17.298774] kasan_save_free_info+0x3f/0x60 [ 17.299018] __kasan_slab_free+0x56/0x70 [ 17.299642] kfree+0x222/0x3f0 [ 17.299962] ksize_uaf+0x12c/0x6c0 [ 17.300414] kunit_try_run_case+0x1a5/0x480 [ 17.300847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.301728] kthread+0x337/0x6f0 [ 17.302218] ret_from_fork+0x116/0x1d0 [ 17.302521] ret_from_fork_asm+0x1a/0x30 [ 17.302893] [ 17.303087] The buggy address belongs to the object at ffff888102b42900 [ 17.303087] which belongs to the cache kmalloc-128 of size 128 [ 17.304070] The buggy address is located 0 bytes inside of [ 17.304070] freed 128-byte region [ffff888102b42900, ffff888102b42980) [ 17.304983] [ 17.305800] The buggy address belongs to the physical page: [ 17.306234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 17.306969] flags: 0x200000000000000(node=0|zone=2) [ 17.307555] page_type: f5(slab) [ 17.307830] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.308552] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.309001] page dumped because: kasan: bad access detected [ 17.309995] [ 17.310158] Memory state around the buggy address: [ 17.310638] ffff888102b42800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.311478] ffff888102b42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.312057] >ffff888102b42900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.312510] ^ [ 17.312728] ffff888102b42980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.313875] ffff888102b42a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.314156] ================================================================== [ 17.315089] ================================================================== [ 17.316417] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 17.316902] Read of size 1 at addr ffff888102b42978 by task kunit_try_catch/213 [ 17.317475] [ 17.317910] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.318291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.318312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.318340] Call Trace: [ 17.318389] <TASK> [ 17.318441] dump_stack_lvl+0x73/0xb0 [ 17.318515] print_report+0xd1/0x650 [ 17.318562] ? __virt_addr_valid+0x1db/0x2d0 [ 17.318612] ? ksize_uaf+0x5e4/0x6c0 [ 17.318699] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.318737] ? ksize_uaf+0x5e4/0x6c0 [ 17.318778] kasan_report+0x141/0x180 [ 17.318810] ? ksize_uaf+0x5e4/0x6c0 [ 17.318838] __asan_report_load1_noabort+0x18/0x20 [ 17.318860] ksize_uaf+0x5e4/0x6c0 [ 17.318882] ? __pfx_ksize_uaf+0x10/0x10 [ 17.318905] ? __schedule+0x10cc/0x2b60 [ 17.318928] ? __pfx_read_tsc+0x10/0x10 [ 17.318950] ? ktime_get_ts64+0x86/0x230 [ 17.318977] kunit_try_run_case+0x1a5/0x480 [ 17.319021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.319090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.319133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.319184] ? __kthread_parkme+0x82/0x180 [ 17.319213] ? preempt_count_sub+0x50/0x80 [ 17.319238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.319283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.319311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.319336] kthread+0x337/0x6f0 [ 17.319357] ? trace_preempt_on+0x20/0xc0 [ 17.319382] ? __pfx_kthread+0x10/0x10 [ 17.319404] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.319425] ? calculate_sigpending+0x7b/0xa0 [ 17.319451] ? __pfx_kthread+0x10/0x10 [ 17.319474] ret_from_fork+0x116/0x1d0 [ 17.319493] ? __pfx_kthread+0x10/0x10 [ 17.319514] ret_from_fork_asm+0x1a/0x30 [ 17.319546] </TASK> [ 17.319560] [ 17.332087] Allocated by task 213: [ 17.332609] kasan_save_stack+0x45/0x70 [ 17.333193] kasan_save_track+0x18/0x40 [ 17.333840] kasan_save_alloc_info+0x3b/0x50 [ 17.334046] __kasan_kmalloc+0xb7/0xc0 [ 17.334253] __kmalloc_cache_noprof+0x189/0x420 [ 17.334727] ksize_uaf+0xaa/0x6c0 [ 17.335508] kunit_try_run_case+0x1a5/0x480 [ 17.335809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.336074] kthread+0x337/0x6f0 [ 17.336413] ret_from_fork+0x116/0x1d0 [ 17.336730] ret_from_fork_asm+0x1a/0x30 [ 17.337052] [ 17.337204] Freed by task 213: [ 17.337982] kasan_save_stack+0x45/0x70 [ 17.338451] kasan_save_track+0x18/0x40 [ 17.338768] kasan_save_free_info+0x3f/0x60 [ 17.339211] __kasan_slab_free+0x56/0x70 [ 17.339519] kfree+0x222/0x3f0 [ 17.339791] ksize_uaf+0x12c/0x6c0 [ 17.340216] kunit_try_run_case+0x1a5/0x480 [ 17.340577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.340983] kthread+0x337/0x6f0 [ 17.341601] ret_from_fork+0x116/0x1d0 [ 17.341851] ret_from_fork_asm+0x1a/0x30 [ 17.342092] [ 17.342480] The buggy address belongs to the object at ffff888102b42900 [ 17.342480] which belongs to the cache kmalloc-128 of size 128 [ 17.343505] The buggy address is located 120 bytes inside of [ 17.343505] freed 128-byte region [ffff888102b42900, ffff888102b42980) [ 17.344434] [ 17.344630] The buggy address belongs to the physical page: [ 17.344925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 17.345524] flags: 0x200000000000000(node=0|zone=2) [ 17.346481] page_type: f5(slab) [ 17.346692] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.347165] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.347871] page dumped because: kasan: bad access detected [ 17.348449] [ 17.348690] Memory state around the buggy address: [ 17.348999] ffff888102b42800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.349982] ffff888102b42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.350700] >ffff888102b42900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.351188] ^ [ 17.351644] ffff888102b42980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.352300] ffff888102b42a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.352753] ================================================================== [ 17.234383] ================================================================== [ 17.235286] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 17.235676] Read of size 1 at addr ffff888102b42900 by task kunit_try_catch/213 [ 17.236839] [ 17.237029] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.237130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.237183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.237221] Call Trace: [ 17.237247] <TASK> [ 17.237293] dump_stack_lvl+0x73/0xb0 [ 17.237355] print_report+0xd1/0x650 [ 17.237394] ? __virt_addr_valid+0x1db/0x2d0 [ 17.237441] ? ksize_uaf+0x19d/0x6c0 [ 17.237481] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.237527] ? ksize_uaf+0x19d/0x6c0 [ 17.237572] kasan_report+0x141/0x180 [ 17.237619] ? ksize_uaf+0x19d/0x6c0 [ 17.237666] ? ksize_uaf+0x19d/0x6c0 [ 17.237746] __kasan_check_byte+0x3d/0x50 [ 17.237797] ksize+0x20/0x60 [ 17.237840] ksize_uaf+0x19d/0x6c0 [ 17.237866] ? __pfx_ksize_uaf+0x10/0x10 [ 17.237890] ? __schedule+0x10cc/0x2b60 [ 17.237913] ? __pfx_read_tsc+0x10/0x10 [ 17.237937] ? ktime_get_ts64+0x86/0x230 [ 17.237963] kunit_try_run_case+0x1a5/0x480 [ 17.237991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.238015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.238059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.238202] ? __kthread_parkme+0x82/0x180 [ 17.238227] ? preempt_count_sub+0x50/0x80 [ 17.238254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.238302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.238327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.238351] kthread+0x337/0x6f0 [ 17.238372] ? trace_preempt_on+0x20/0xc0 [ 17.238398] ? __pfx_kthread+0x10/0x10 [ 17.238418] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.238439] ? calculate_sigpending+0x7b/0xa0 [ 17.238465] ? __pfx_kthread+0x10/0x10 [ 17.238486] ret_from_fork+0x116/0x1d0 [ 17.238505] ? __pfx_kthread+0x10/0x10 [ 17.238526] ret_from_fork_asm+0x1a/0x30 [ 17.238557] </TASK> [ 17.238571] [ 17.251790] Allocated by task 213: [ 17.252333] kasan_save_stack+0x45/0x70 [ 17.252639] kasan_save_track+0x18/0x40 [ 17.252992] kasan_save_alloc_info+0x3b/0x50 [ 17.253210] __kasan_kmalloc+0xb7/0xc0 [ 17.253411] __kmalloc_cache_noprof+0x189/0x420 [ 17.253802] ksize_uaf+0xaa/0x6c0 [ 17.254103] kunit_try_run_case+0x1a5/0x480 [ 17.254837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.255529] kthread+0x337/0x6f0 [ 17.255950] ret_from_fork+0x116/0x1d0 [ 17.256594] ret_from_fork_asm+0x1a/0x30 [ 17.256905] [ 17.257241] Freed by task 213: [ 17.257567] kasan_save_stack+0x45/0x70 [ 17.257846] kasan_save_track+0x18/0x40 [ 17.258181] kasan_save_free_info+0x3f/0x60 [ 17.258600] __kasan_slab_free+0x56/0x70 [ 17.258980] kfree+0x222/0x3f0 [ 17.259526] ksize_uaf+0x12c/0x6c0 [ 17.259775] kunit_try_run_case+0x1a5/0x480 [ 17.260537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.260735] kthread+0x337/0x6f0 [ 17.261010] ret_from_fork+0x116/0x1d0 [ 17.261519] ret_from_fork_asm+0x1a/0x30 [ 17.261904] [ 17.262097] The buggy address belongs to the object at ffff888102b42900 [ 17.262097] which belongs to the cache kmalloc-128 of size 128 [ 17.262917] The buggy address is located 0 bytes inside of [ 17.262917] freed 128-byte region [ffff888102b42900, ffff888102b42980) [ 17.263946] [ 17.264603] The buggy address belongs to the physical page: [ 17.265271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 17.265773] flags: 0x200000000000000(node=0|zone=2) [ 17.266423] page_type: f5(slab) [ 17.266733] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.267476] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.267952] page dumped because: kasan: bad access detected [ 17.268617] [ 17.268810] Memory state around the buggy address: [ 17.269191] ffff888102b42800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.269765] ffff888102b42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.270346] >ffff888102b42900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.270749] ^ [ 17.271180] ffff888102b42980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.271725] ffff888102b42a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272168] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.196041] ================================================================== [ 17.196820] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.197372] Read of size 1 at addr ffff88810230657f by task kunit_try_catch/211 [ 17.197862] [ 17.198192] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.198312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.198337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.198379] Call Trace: [ 17.198415] <TASK> [ 17.198452] dump_stack_lvl+0x73/0xb0 [ 17.198516] print_report+0xd1/0x650 [ 17.198561] ? __virt_addr_valid+0x1db/0x2d0 [ 17.198603] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.198643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.198726] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.198769] kasan_report+0x141/0x180 [ 17.198814] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.198865] __asan_report_load1_noabort+0x18/0x20 [ 17.198907] ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.198952] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.199003] ? finish_task_switch.isra.0+0x153/0x700 [ 17.199182] ? __switch_to+0x47/0xf50 [ 17.199238] ? __schedule+0x10cc/0x2b60 [ 17.199295] ? __pfx_read_tsc+0x10/0x10 [ 17.199339] ? ktime_get_ts64+0x86/0x230 [ 17.199388] kunit_try_run_case+0x1a5/0x480 [ 17.199438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.199478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.199519] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.199563] ? __kthread_parkme+0x82/0x180 [ 17.199599] ? preempt_count_sub+0x50/0x80 [ 17.199645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.199727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.199771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.199814] kthread+0x337/0x6f0 [ 17.199851] ? trace_preempt_on+0x20/0xc0 [ 17.199898] ? __pfx_kthread+0x10/0x10 [ 17.199937] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.199977] ? calculate_sigpending+0x7b/0xa0 [ 17.200012] ? __pfx_kthread+0x10/0x10 [ 17.200054] ret_from_fork+0x116/0x1d0 [ 17.200127] ? __pfx_kthread+0x10/0x10 [ 17.200167] ret_from_fork_asm+0x1a/0x30 [ 17.200212] </TASK> [ 17.200227] [ 17.211082] Allocated by task 211: [ 17.211284] kasan_save_stack+0x45/0x70 [ 17.211502] kasan_save_track+0x18/0x40 [ 17.211833] kasan_save_alloc_info+0x3b/0x50 [ 17.212196] __kasan_kmalloc+0xb7/0xc0 [ 17.212766] __kmalloc_cache_noprof+0x189/0x420 [ 17.213254] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.213812] kunit_try_run_case+0x1a5/0x480 [ 17.214878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.215562] kthread+0x337/0x6f0 [ 17.215962] ret_from_fork+0x116/0x1d0 [ 17.216497] ret_from_fork_asm+0x1a/0x30 [ 17.216877] [ 17.217004] The buggy address belongs to the object at ffff888102306500 [ 17.217004] which belongs to the cache kmalloc-128 of size 128 [ 17.217948] The buggy address is located 12 bytes to the right of [ 17.217948] allocated 115-byte region [ffff888102306500, ffff888102306573) [ 17.218987] [ 17.219722] The buggy address belongs to the physical page: [ 17.220364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 17.220966] flags: 0x200000000000000(node=0|zone=2) [ 17.221550] page_type: f5(slab) [ 17.221902] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.222620] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.223339] page dumped because: kasan: bad access detected [ 17.223839] [ 17.223970] Memory state around the buggy address: [ 17.225029] ffff888102306400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.225726] ffff888102306480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.226223] >ffff888102306500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.226732] ^ [ 17.227216] ffff888102306580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.227554] ffff888102306600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.228400] ================================================================== [ 17.126602] ================================================================== [ 17.127144] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 17.128036] Read of size 1 at addr ffff888102306573 by task kunit_try_catch/211 [ 17.128513] [ 17.128733] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.129211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.129240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.129300] Call Trace: [ 17.129333] <TASK> [ 17.129373] dump_stack_lvl+0x73/0xb0 [ 17.129454] print_report+0xd1/0x650 [ 17.129493] ? __virt_addr_valid+0x1db/0x2d0 [ 17.129533] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.129570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.129600] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.129624] kasan_report+0x141/0x180 [ 17.129647] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.129687] __asan_report_load1_noabort+0x18/0x20 [ 17.129720] ksize_unpoisons_memory+0x81c/0x9b0 [ 17.129745] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.129769] ? finish_task_switch.isra.0+0x153/0x700 [ 17.129794] ? __switch_to+0x47/0xf50 [ 17.129822] ? __schedule+0x10cc/0x2b60 [ 17.129845] ? __pfx_read_tsc+0x10/0x10 [ 17.129868] ? ktime_get_ts64+0x86/0x230 [ 17.129894] kunit_try_run_case+0x1a5/0x480 [ 17.129922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.129944] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.129968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.129991] ? __kthread_parkme+0x82/0x180 [ 17.130012] ? preempt_count_sub+0x50/0x80 [ 17.130037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.130093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.130131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.130157] kthread+0x337/0x6f0 [ 17.130178] ? trace_preempt_on+0x20/0xc0 [ 17.130205] ? __pfx_kthread+0x10/0x10 [ 17.130226] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.130247] ? calculate_sigpending+0x7b/0xa0 [ 17.130295] ? __pfx_kthread+0x10/0x10 [ 17.130317] ret_from_fork+0x116/0x1d0 [ 17.130337] ? __pfx_kthread+0x10/0x10 [ 17.130358] ret_from_fork_asm+0x1a/0x30 [ 17.130390] </TASK> [ 17.130404] [ 17.144511] Allocated by task 211: [ 17.145107] kasan_save_stack+0x45/0x70 [ 17.145354] kasan_save_track+0x18/0x40 [ 17.145776] kasan_save_alloc_info+0x3b/0x50 [ 17.146104] __kasan_kmalloc+0xb7/0xc0 [ 17.146779] __kmalloc_cache_noprof+0x189/0x420 [ 17.147341] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.147530] kunit_try_run_case+0x1a5/0x480 [ 17.147836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.148578] kthread+0x337/0x6f0 [ 17.148924] ret_from_fork+0x116/0x1d0 [ 17.149359] ret_from_fork_asm+0x1a/0x30 [ 17.149988] [ 17.150418] The buggy address belongs to the object at ffff888102306500 [ 17.150418] which belongs to the cache kmalloc-128 of size 128 [ 17.151129] The buggy address is located 0 bytes to the right of [ 17.151129] allocated 115-byte region [ffff888102306500, ffff888102306573) [ 17.152042] [ 17.152173] The buggy address belongs to the physical page: [ 17.152900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 17.153461] flags: 0x200000000000000(node=0|zone=2) [ 17.153944] page_type: f5(slab) [ 17.154354] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.155302] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.155697] page dumped because: kasan: bad access detected [ 17.156088] [ 17.156241] Memory state around the buggy address: [ 17.156544] ffff888102306400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.156856] ffff888102306480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.157556] >ffff888102306500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.157879] ^ [ 17.158521] ffff888102306580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.158936] ffff888102306600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.159503] ================================================================== [ 17.162672] ================================================================== [ 17.163002] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.163251] Read of size 1 at addr ffff888102306578 by task kunit_try_catch/211 [ 17.163469] [ 17.163855] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.163956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.163979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.164013] Call Trace: [ 17.164032] <TASK> [ 17.164064] dump_stack_lvl+0x73/0xb0 [ 17.164125] print_report+0xd1/0x650 [ 17.164173] ? __virt_addr_valid+0x1db/0x2d0 [ 17.164612] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.164664] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.164729] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.164773] kasan_report+0x141/0x180 [ 17.164820] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.165275] __asan_report_load1_noabort+0x18/0x20 [ 17.165331] ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.165369] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.165402] ? finish_task_switch.isra.0+0x153/0x700 [ 17.165437] ? __switch_to+0x47/0xf50 [ 17.165476] ? __schedule+0x10cc/0x2b60 [ 17.165509] ? __pfx_read_tsc+0x10/0x10 [ 17.165541] ? ktime_get_ts64+0x86/0x230 [ 17.165577] kunit_try_run_case+0x1a5/0x480 [ 17.165615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.165649] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.165739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.165781] ? __kthread_parkme+0x82/0x180 [ 17.165824] ? preempt_count_sub+0x50/0x80 [ 17.165860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.165886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.165910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.165935] kthread+0x337/0x6f0 [ 17.165956] ? trace_preempt_on+0x20/0xc0 [ 17.165982] ? __pfx_kthread+0x10/0x10 [ 17.166003] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.166024] ? calculate_sigpending+0x7b/0xa0 [ 17.166059] ? __pfx_kthread+0x10/0x10 [ 17.166115] ret_from_fork+0x116/0x1d0 [ 17.166149] ? __pfx_kthread+0x10/0x10 [ 17.166185] ret_from_fork_asm+0x1a/0x30 [ 17.166223] </TASK> [ 17.166237] [ 17.180334] Allocated by task 211: [ 17.180630] kasan_save_stack+0x45/0x70 [ 17.181440] kasan_save_track+0x18/0x40 [ 17.181814] kasan_save_alloc_info+0x3b/0x50 [ 17.182274] __kasan_kmalloc+0xb7/0xc0 [ 17.182572] __kmalloc_cache_noprof+0x189/0x420 [ 17.182850] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.183281] kunit_try_run_case+0x1a5/0x480 [ 17.183652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.183983] kthread+0x337/0x6f0 [ 17.184789] ret_from_fork+0x116/0x1d0 [ 17.185049] ret_from_fork_asm+0x1a/0x30 [ 17.185525] [ 17.185647] The buggy address belongs to the object at ffff888102306500 [ 17.185647] which belongs to the cache kmalloc-128 of size 128 [ 17.186505] The buggy address is located 5 bytes to the right of [ 17.186505] allocated 115-byte region [ffff888102306500, ffff888102306573) [ 17.187469] [ 17.187605] The buggy address belongs to the physical page: [ 17.187966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 17.188582] flags: 0x200000000000000(node=0|zone=2) [ 17.188853] page_type: f5(slab) [ 17.189684] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.190237] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.190605] page dumped because: kasan: bad access detected [ 17.191293] [ 17.191465] Memory state around the buggy address: [ 17.191840] ffff888102306400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.192440] ffff888102306480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.192758] >ffff888102306500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.193401] ^ [ 17.193833] ffff888102306580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.194815] ffff888102306600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.195251] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.083458] ================================================================== [ 17.084624] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 17.085113] Free of addr ffff88810229d6c0 by task kunit_try_catch/209 [ 17.085519] [ 17.085784] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.085890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.085917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.085962] Call Trace: [ 17.086002] <TASK> [ 17.086204] dump_stack_lvl+0x73/0xb0 [ 17.086304] print_report+0xd1/0x650 [ 17.086360] ? __virt_addr_valid+0x1db/0x2d0 [ 17.086411] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.086459] ? kfree_sensitive+0x2e/0x90 [ 17.086503] kasan_report_invalid_free+0x10a/0x130 [ 17.086545] ? kfree_sensitive+0x2e/0x90 [ 17.086579] ? kfree_sensitive+0x2e/0x90 [ 17.086601] check_slab_allocation+0x101/0x130 [ 17.086625] __kasan_slab_pre_free+0x28/0x40 [ 17.086647] kfree+0xf0/0x3f0 [ 17.086695] ? kfree_sensitive+0x2e/0x90 [ 17.086725] kfree_sensitive+0x2e/0x90 [ 17.086746] kmalloc_double_kzfree+0x19c/0x350 [ 17.086772] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 17.086798] ? __schedule+0x10cc/0x2b60 [ 17.086821] ? __pfx_read_tsc+0x10/0x10 [ 17.086844] ? ktime_get_ts64+0x86/0x230 [ 17.086870] kunit_try_run_case+0x1a5/0x480 [ 17.086897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.086920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.086944] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.086967] ? __kthread_parkme+0x82/0x180 [ 17.086996] ? preempt_count_sub+0x50/0x80 [ 17.087033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.087097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.087142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.087180] kthread+0x337/0x6f0 [ 17.087211] ? trace_preempt_on+0x20/0xc0 [ 17.087250] ? __pfx_kthread+0x10/0x10 [ 17.087299] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.087331] ? calculate_sigpending+0x7b/0xa0 [ 17.087369] ? __pfx_kthread+0x10/0x10 [ 17.087404] ret_from_fork+0x116/0x1d0 [ 17.087435] ? __pfx_kthread+0x10/0x10 [ 17.087468] ret_from_fork_asm+0x1a/0x30 [ 17.087502] </TASK> [ 17.087516] [ 17.099614] Allocated by task 209: [ 17.099915] kasan_save_stack+0x45/0x70 [ 17.100206] kasan_save_track+0x18/0x40 [ 17.100441] kasan_save_alloc_info+0x3b/0x50 [ 17.100679] __kasan_kmalloc+0xb7/0xc0 [ 17.100870] __kmalloc_cache_noprof+0x189/0x420 [ 17.101078] kmalloc_double_kzfree+0xa9/0x350 [ 17.101404] kunit_try_run_case+0x1a5/0x480 [ 17.101782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.102209] kthread+0x337/0x6f0 [ 17.102515] ret_from_fork+0x116/0x1d0 [ 17.102864] ret_from_fork_asm+0x1a/0x30 [ 17.103252] [ 17.103448] Freed by task 209: [ 17.103783] kasan_save_stack+0x45/0x70 [ 17.104178] kasan_save_track+0x18/0x40 [ 17.104557] kasan_save_free_info+0x3f/0x60 [ 17.104906] __kasan_slab_free+0x56/0x70 [ 17.105230] kfree+0x222/0x3f0 [ 17.105623] kfree_sensitive+0x67/0x90 [ 17.105798] kmalloc_double_kzfree+0x12b/0x350 [ 17.106181] kunit_try_run_case+0x1a5/0x480 [ 17.106395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.106632] kthread+0x337/0x6f0 [ 17.106843] ret_from_fork+0x116/0x1d0 [ 17.107192] ret_from_fork_asm+0x1a/0x30 [ 17.107529] [ 17.107760] The buggy address belongs to the object at ffff88810229d6c0 [ 17.107760] which belongs to the cache kmalloc-16 of size 16 [ 17.109454] The buggy address is located 0 bytes inside of [ 17.109454] 16-byte region [ffff88810229d6c0, ffff88810229d6d0) [ 17.109976] [ 17.111314] The buggy address belongs to the physical page: [ 17.111819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10229d [ 17.112742] flags: 0x200000000000000(node=0|zone=2) [ 17.112954] page_type: f5(slab) [ 17.113113] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.114710] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.115020] page dumped because: kasan: bad access detected [ 17.115522] [ 17.115705] Memory state around the buggy address: [ 17.116756] ffff88810229d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.117680] ffff88810229d600: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.118019] >ffff88810229d680: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.118493] ^ [ 17.118879] ffff88810229d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.119355] ffff88810229d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.119825] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.041375] ================================================================== [ 17.042175] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 17.043211] Read of size 1 at addr ffff88810229d6c0 by task kunit_try_catch/209 [ 17.043526] [ 17.043912] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 17.044166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.044204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.044255] Call Trace: [ 17.044298] <TASK> [ 17.044337] dump_stack_lvl+0x73/0xb0 [ 17.044399] print_report+0xd1/0x650 [ 17.044440] ? __virt_addr_valid+0x1db/0x2d0 [ 17.044468] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.044493] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.044516] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.044540] kasan_report+0x141/0x180 [ 17.044563] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.044590] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.044614] __kasan_check_byte+0x3d/0x50 [ 17.044636] kfree_sensitive+0x22/0x90 [ 17.044682] kmalloc_double_kzfree+0x19c/0x350 [ 17.044740] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 17.044766] ? __schedule+0x10cc/0x2b60 [ 17.044789] ? __pfx_read_tsc+0x10/0x10 [ 17.044812] ? ktime_get_ts64+0x86/0x230 [ 17.044838] kunit_try_run_case+0x1a5/0x480 [ 17.044865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.044888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.044912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.044934] ? __kthread_parkme+0x82/0x180 [ 17.044956] ? preempt_count_sub+0x50/0x80 [ 17.044980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.045004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.045027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.045059] kthread+0x337/0x6f0 [ 17.045097] ? trace_preempt_on+0x20/0xc0 [ 17.045135] ? __pfx_kthread+0x10/0x10 [ 17.045166] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.045197] ? calculate_sigpending+0x7b/0xa0 [ 17.045235] ? __pfx_kthread+0x10/0x10 [ 17.045273] ret_from_fork+0x116/0x1d0 [ 17.045298] ? __pfx_kthread+0x10/0x10 [ 17.045319] ret_from_fork_asm+0x1a/0x30 [ 17.045350] </TASK> [ 17.045365] [ 17.057687] Allocated by task 209: [ 17.057857] kasan_save_stack+0x45/0x70 [ 17.059080] kasan_save_track+0x18/0x40 [ 17.059466] kasan_save_alloc_info+0x3b/0x50 [ 17.059633] __kasan_kmalloc+0xb7/0xc0 [ 17.060596] __kmalloc_cache_noprof+0x189/0x420 [ 17.061095] kmalloc_double_kzfree+0xa9/0x350 [ 17.062060] kunit_try_run_case+0x1a5/0x480 [ 17.062387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.062615] kthread+0x337/0x6f0 [ 17.062934] ret_from_fork+0x116/0x1d0 [ 17.063861] ret_from_fork_asm+0x1a/0x30 [ 17.064469] [ 17.064895] Freed by task 209: [ 17.065404] kasan_save_stack+0x45/0x70 [ 17.065968] kasan_save_track+0x18/0x40 [ 17.066419] kasan_save_free_info+0x3f/0x60 [ 17.066623] __kasan_slab_free+0x56/0x70 [ 17.067021] kfree+0x222/0x3f0 [ 17.067319] kfree_sensitive+0x67/0x90 [ 17.067912] kmalloc_double_kzfree+0x12b/0x350 [ 17.068635] kunit_try_run_case+0x1a5/0x480 [ 17.069101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.069731] kthread+0x337/0x6f0 [ 17.070068] ret_from_fork+0x116/0x1d0 [ 17.070531] ret_from_fork_asm+0x1a/0x30 [ 17.070748] [ 17.070902] The buggy address belongs to the object at ffff88810229d6c0 [ 17.070902] which belongs to the cache kmalloc-16 of size 16 [ 17.072183] The buggy address is located 0 bytes inside of [ 17.072183] freed 16-byte region [ffff88810229d6c0, ffff88810229d6d0) [ 17.073375] [ 17.073661] The buggy address belongs to the physical page: [ 17.074054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10229d [ 17.074899] flags: 0x200000000000000(node=0|zone=2) [ 17.075615] page_type: f5(slab) [ 17.075906] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.076781] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.077489] page dumped because: kasan: bad access detected [ 17.077773] [ 17.078288] Memory state around the buggy address: [ 17.078524] ffff88810229d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.079282] ffff88810229d600: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.079642] >ffff88810229d680: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.079885] ^ [ 17.080989] ffff88810229d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.081674] ffff88810229d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082421] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.995502] ================================================================== [ 16.996013] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 16.996683] Read of size 1 at addr ffff888102316428 by task kunit_try_catch/205 [ 16.997223] [ 16.997678] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.998157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.998194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.998240] Call Trace: [ 16.998281] <TASK> [ 16.998318] dump_stack_lvl+0x73/0xb0 [ 16.998380] print_report+0xd1/0x650 [ 16.998419] ? __virt_addr_valid+0x1db/0x2d0 [ 16.998448] ? kmalloc_uaf2+0x4a8/0x520 [ 16.998470] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.998493] ? kmalloc_uaf2+0x4a8/0x520 [ 16.998515] kasan_report+0x141/0x180 [ 16.998538] ? kmalloc_uaf2+0x4a8/0x520 [ 16.998564] __asan_report_load1_noabort+0x18/0x20 [ 16.998585] kmalloc_uaf2+0x4a8/0x520 [ 16.998607] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 16.998628] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.998664] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 16.998717] kunit_try_run_case+0x1a5/0x480 [ 16.998749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.998772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.998798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.998821] ? __kthread_parkme+0x82/0x180 [ 16.998844] ? preempt_count_sub+0x50/0x80 [ 16.998870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.998894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.998918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.998942] kthread+0x337/0x6f0 [ 16.998963] ? trace_preempt_on+0x20/0xc0 [ 16.998997] ? __pfx_kthread+0x10/0x10 [ 16.999024] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.999055] ? calculate_sigpending+0x7b/0xa0 [ 16.999095] ? __pfx_kthread+0x10/0x10 [ 16.999128] ret_from_fork+0x116/0x1d0 [ 16.999159] ? __pfx_kthread+0x10/0x10 [ 16.999192] ret_from_fork_asm+0x1a/0x30 [ 16.999227] </TASK> [ 16.999242] [ 17.012330] Allocated by task 205: [ 17.012728] kasan_save_stack+0x45/0x70 [ 17.013300] kasan_save_track+0x18/0x40 [ 17.013713] kasan_save_alloc_info+0x3b/0x50 [ 17.014218] __kasan_kmalloc+0xb7/0xc0 [ 17.014663] __kmalloc_cache_noprof+0x189/0x420 [ 17.015245] kmalloc_uaf2+0xc6/0x520 [ 17.015464] kunit_try_run_case+0x1a5/0x480 [ 17.016066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.016409] kthread+0x337/0x6f0 [ 17.016618] ret_from_fork+0x116/0x1d0 [ 17.016901] ret_from_fork_asm+0x1a/0x30 [ 17.017182] [ 17.017355] Freed by task 205: [ 17.017610] kasan_save_stack+0x45/0x70 [ 17.017803] kasan_save_track+0x18/0x40 [ 17.018113] kasan_save_free_info+0x3f/0x60 [ 17.018603] __kasan_slab_free+0x56/0x70 [ 17.018901] kfree+0x222/0x3f0 [ 17.019358] kmalloc_uaf2+0x14c/0x520 [ 17.019613] kunit_try_run_case+0x1a5/0x480 [ 17.019943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020412] kthread+0x337/0x6f0 [ 17.020607] ret_from_fork+0x116/0x1d0 [ 17.020942] ret_from_fork_asm+0x1a/0x30 [ 17.021449] [ 17.021641] The buggy address belongs to the object at ffff888102316400 [ 17.021641] which belongs to the cache kmalloc-64 of size 64 [ 17.022483] The buggy address is located 40 bytes inside of [ 17.022483] freed 64-byte region [ffff888102316400, ffff888102316440) [ 17.023341] [ 17.023527] The buggy address belongs to the physical page: [ 17.023990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102316 [ 17.024548] flags: 0x200000000000000(node=0|zone=2) [ 17.024982] page_type: f5(slab) [ 17.025426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.025838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.026527] page dumped because: kasan: bad access detected [ 17.026971] [ 17.027326] Memory state around the buggy address: [ 17.027573] ffff888102316300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.028185] ffff888102316380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.028728] >ffff888102316400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.029208] ^ [ 17.029591] ffff888102316480: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.030295] ffff888102316500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.030724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.955767] ================================================================== [ 16.956619] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 16.956982] Write of size 33 at addr ffff888102b4c980 by task kunit_try_catch/203 [ 16.957788] [ 16.958466] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.958535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.958548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.958572] Call Trace: [ 16.958587] <TASK> [ 16.958609] dump_stack_lvl+0x73/0xb0 [ 16.958646] print_report+0xd1/0x650 [ 16.958693] ? __virt_addr_valid+0x1db/0x2d0 [ 16.958729] ? kmalloc_uaf_memset+0x1a3/0x360 [ 16.958764] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.958804] ? kmalloc_uaf_memset+0x1a3/0x360 [ 16.958843] kasan_report+0x141/0x180 [ 16.958879] ? kmalloc_uaf_memset+0x1a3/0x360 [ 16.958974] kasan_check_range+0x10c/0x1c0 [ 16.959047] __asan_memset+0x27/0x50 [ 16.959092] kmalloc_uaf_memset+0x1a3/0x360 [ 16.959133] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 16.959178] ? __schedule+0x10cc/0x2b60 [ 16.959214] ? __pfx_read_tsc+0x10/0x10 [ 16.959247] ? ktime_get_ts64+0x86/0x230 [ 16.959299] kunit_try_run_case+0x1a5/0x480 [ 16.959328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.959351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.959375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.959397] ? __kthread_parkme+0x82/0x180 [ 16.959419] ? preempt_count_sub+0x50/0x80 [ 16.959443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.959466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.959489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.959512] kthread+0x337/0x6f0 [ 16.959532] ? trace_preempt_on+0x20/0xc0 [ 16.959557] ? __pfx_kthread+0x10/0x10 [ 16.959578] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.959598] ? calculate_sigpending+0x7b/0xa0 [ 16.959623] ? __pfx_kthread+0x10/0x10 [ 16.959644] ret_from_fork+0x116/0x1d0 [ 16.959668] ? __pfx_kthread+0x10/0x10 [ 16.959712] ret_from_fork_asm+0x1a/0x30 [ 16.959745] </TASK> [ 16.959759] [ 16.972087] Allocated by task 203: [ 16.972468] kasan_save_stack+0x45/0x70 [ 16.972901] kasan_save_track+0x18/0x40 [ 16.973472] kasan_save_alloc_info+0x3b/0x50 [ 16.973930] __kasan_kmalloc+0xb7/0xc0 [ 16.974290] __kmalloc_cache_noprof+0x189/0x420 [ 16.974714] kmalloc_uaf_memset+0xa9/0x360 [ 16.975065] kunit_try_run_case+0x1a5/0x480 [ 16.975450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.976009] kthread+0x337/0x6f0 [ 16.976403] ret_from_fork+0x116/0x1d0 [ 16.976578] ret_from_fork_asm+0x1a/0x30 [ 16.976802] [ 16.976991] Freed by task 203: [ 16.977182] kasan_save_stack+0x45/0x70 [ 16.977486] kasan_save_track+0x18/0x40 [ 16.977855] kasan_save_free_info+0x3f/0x60 [ 16.978113] __kasan_slab_free+0x56/0x70 [ 16.978465] kfree+0x222/0x3f0 [ 16.978743] kmalloc_uaf_memset+0x12b/0x360 [ 16.979130] kunit_try_run_case+0x1a5/0x480 [ 16.979489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.979871] kthread+0x337/0x6f0 [ 16.980165] ret_from_fork+0x116/0x1d0 [ 16.980507] ret_from_fork_asm+0x1a/0x30 [ 16.980655] [ 16.980738] The buggy address belongs to the object at ffff888102b4c980 [ 16.980738] which belongs to the cache kmalloc-64 of size 64 [ 16.981495] The buggy address is located 0 bytes inside of [ 16.981495] freed 64-byte region [ffff888102b4c980, ffff888102b4c9c0) [ 16.982123] [ 16.982365] The buggy address belongs to the physical page: [ 16.982648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 16.982971] flags: 0x200000000000000(node=0|zone=2) [ 16.983204] page_type: f5(slab) [ 16.983543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.984166] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.984998] page dumped because: kasan: bad access detected [ 16.985361] [ 16.985478] Memory state around the buggy address: [ 16.985694] ffff888102b4c880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.985954] ffff888102b4c900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.986697] >ffff888102b4c980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.987091] ^ [ 16.987409] ffff888102b4ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.987803] ffff888102b4ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.988266] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.911494] ================================================================== [ 16.912226] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 16.912879] Read of size 1 at addr ffff88810229d6a8 by task kunit_try_catch/201 [ 16.913220] [ 16.913595] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.913700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.913726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.913771] Call Trace: [ 16.913796] <TASK> [ 16.913828] dump_stack_lvl+0x73/0xb0 [ 16.913889] print_report+0xd1/0x650 [ 16.913930] ? __virt_addr_valid+0x1db/0x2d0 [ 16.913972] ? kmalloc_uaf+0x320/0x380 [ 16.914011] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.914050] ? kmalloc_uaf+0x320/0x380 [ 16.914088] kasan_report+0x141/0x180 [ 16.914132] ? kmalloc_uaf+0x320/0x380 [ 16.914178] __asan_report_load1_noabort+0x18/0x20 [ 16.914215] kmalloc_uaf+0x320/0x380 [ 16.914250] ? __pfx_kmalloc_uaf+0x10/0x10 [ 16.914307] ? __schedule+0x10cc/0x2b60 [ 16.914354] ? __pfx_read_tsc+0x10/0x10 [ 16.914398] ? ktime_get_ts64+0x86/0x230 [ 16.914597] kunit_try_run_case+0x1a5/0x480 [ 16.914653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.914698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.914755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.914779] ? __kthread_parkme+0x82/0x180 [ 16.914801] ? preempt_count_sub+0x50/0x80 [ 16.914826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.914850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.914874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.914898] kthread+0x337/0x6f0 [ 16.914918] ? trace_preempt_on+0x20/0xc0 [ 16.914944] ? __pfx_kthread+0x10/0x10 [ 16.914965] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.914987] ? calculate_sigpending+0x7b/0xa0 [ 16.915025] ? __pfx_kthread+0x10/0x10 [ 16.915065] ret_from_fork+0x116/0x1d0 [ 16.915123] ? __pfx_kthread+0x10/0x10 [ 16.915161] ret_from_fork_asm+0x1a/0x30 [ 16.915211] </TASK> [ 16.915233] [ 16.928991] Allocated by task 201: [ 16.929387] kasan_save_stack+0x45/0x70 [ 16.929943] kasan_save_track+0x18/0x40 [ 16.930297] kasan_save_alloc_info+0x3b/0x50 [ 16.930786] __kasan_kmalloc+0xb7/0xc0 [ 16.931188] __kmalloc_cache_noprof+0x189/0x420 [ 16.931624] kmalloc_uaf+0xaa/0x380 [ 16.932082] kunit_try_run_case+0x1a5/0x480 [ 16.932532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.933025] kthread+0x337/0x6f0 [ 16.933738] ret_from_fork+0x116/0x1d0 [ 16.934000] ret_from_fork_asm+0x1a/0x30 [ 16.934354] [ 16.934539] Freed by task 201: [ 16.934870] kasan_save_stack+0x45/0x70 [ 16.935106] kasan_save_track+0x18/0x40 [ 16.935697] kasan_save_free_info+0x3f/0x60 [ 16.935975] __kasan_slab_free+0x56/0x70 [ 16.936347] kfree+0x222/0x3f0 [ 16.936508] kmalloc_uaf+0x12c/0x380 [ 16.936685] kunit_try_run_case+0x1a5/0x480 [ 16.937425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.937953] kthread+0x337/0x6f0 [ 16.938472] ret_from_fork+0x116/0x1d0 [ 16.938870] ret_from_fork_asm+0x1a/0x30 [ 16.939241] [ 16.939464] The buggy address belongs to the object at ffff88810229d6a0 [ 16.939464] which belongs to the cache kmalloc-16 of size 16 [ 16.940394] The buggy address is located 8 bytes inside of [ 16.940394] freed 16-byte region [ffff88810229d6a0, ffff88810229d6b0) [ 16.940807] [ 16.940945] The buggy address belongs to the physical page: [ 16.941779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10229d [ 16.942426] flags: 0x200000000000000(node=0|zone=2) [ 16.942727] page_type: f5(slab) [ 16.942972] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.943691] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.944019] page dumped because: kasan: bad access detected [ 16.944556] [ 16.944745] Memory state around the buggy address: [ 16.945053] ffff88810229d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.945340] ffff88810229d600: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 16.945811] >ffff88810229d680: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.946102] ^ [ 16.946913] ffff88810229d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947524] ffff88810229d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948199] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.873619] ================================================================== [ 16.874239] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.874695] Read of size 64 at addr ffff888102b4c904 by task kunit_try_catch/199 [ 16.875048] [ 16.875204] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.875516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.875548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.875593] Call Trace: [ 16.875620] <TASK> [ 16.875686] dump_stack_lvl+0x73/0xb0 [ 16.875757] print_report+0xd1/0x650 [ 16.875807] ? __virt_addr_valid+0x1db/0x2d0 [ 16.875857] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.875906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.875952] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.876003] kasan_report+0x141/0x180 [ 16.876171] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.876231] kasan_check_range+0x10c/0x1c0 [ 16.876281] __asan_memmove+0x27/0x70 [ 16.876306] kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.876331] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 16.876360] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 16.876389] kunit_try_run_case+0x1a5/0x480 [ 16.876416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.876439] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.876464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.876487] ? __kthread_parkme+0x82/0x180 [ 16.876508] ? preempt_count_sub+0x50/0x80 [ 16.876533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.876558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.876582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.876606] kthread+0x337/0x6f0 [ 16.876626] ? trace_preempt_on+0x20/0xc0 [ 16.876652] ? __pfx_kthread+0x10/0x10 [ 16.876718] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.876741] ? calculate_sigpending+0x7b/0xa0 [ 16.876766] ? __pfx_kthread+0x10/0x10 [ 16.876788] ret_from_fork+0x116/0x1d0 [ 16.876808] ? __pfx_kthread+0x10/0x10 [ 16.876829] ret_from_fork_asm+0x1a/0x30 [ 16.876860] </TASK> [ 16.876875] [ 16.889108] Allocated by task 199: [ 16.889323] kasan_save_stack+0x45/0x70 [ 16.889584] kasan_save_track+0x18/0x40 [ 16.890267] kasan_save_alloc_info+0x3b/0x50 [ 16.890635] __kasan_kmalloc+0xb7/0xc0 [ 16.891027] __kmalloc_cache_noprof+0x189/0x420 [ 16.891576] kmalloc_memmove_invalid_size+0xac/0x330 [ 16.891991] kunit_try_run_case+0x1a5/0x480 [ 16.892416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.892888] kthread+0x337/0x6f0 [ 16.893364] ret_from_fork+0x116/0x1d0 [ 16.893703] ret_from_fork_asm+0x1a/0x30 [ 16.894166] [ 16.894356] The buggy address belongs to the object at ffff888102b4c900 [ 16.894356] which belongs to the cache kmalloc-64 of size 64 [ 16.895384] The buggy address is located 4 bytes inside of [ 16.895384] allocated 64-byte region [ffff888102b4c900, ffff888102b4c940) [ 16.896367] [ 16.896533] The buggy address belongs to the physical page: [ 16.897013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b4c [ 16.897823] flags: 0x200000000000000(node=0|zone=2) [ 16.898343] page_type: f5(slab) [ 16.898576] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.899030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.899511] page dumped because: kasan: bad access detected [ 16.899831] [ 16.899970] Memory state around the buggy address: [ 16.900228] ffff888102b4c800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.900688] ffff888102b4c880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.901094] >ffff888102b4c900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.901843] ^ [ 16.902310] ffff888102b4c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.902589] ffff888102b4ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.903363] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.837396] ================================================================== [ 16.838236] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 16.838713] Read of size 18446744073709551614 at addr ffff888102316004 by task kunit_try_catch/197 [ 16.839581] [ 16.839890] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.840015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.840064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.840109] Call Trace: [ 16.840140] <TASK> [ 16.840180] dump_stack_lvl+0x73/0xb0 [ 16.840249] print_report+0xd1/0x650 [ 16.840313] ? __virt_addr_valid+0x1db/0x2d0 [ 16.840367] ? kmalloc_memmove_negative_size+0x171/0x330 [ 16.840413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.840680] ? kmalloc_memmove_negative_size+0x171/0x330 [ 16.840785] kasan_report+0x141/0x180 [ 16.840840] ? kmalloc_memmove_negative_size+0x171/0x330 [ 16.840890] kasan_check_range+0x10c/0x1c0 [ 16.840939] __asan_memmove+0x27/0x70 [ 16.840972] kmalloc_memmove_negative_size+0x171/0x330 [ 16.840999] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 16.841026] ? __schedule+0x10cc/0x2b60 [ 16.841064] ? __pfx_read_tsc+0x10/0x10 [ 16.841126] ? ktime_get_ts64+0x86/0x230 [ 16.841170] kunit_try_run_case+0x1a5/0x480 [ 16.841211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.841236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.841281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.841309] ? __kthread_parkme+0x82/0x180 [ 16.841332] ? preempt_count_sub+0x50/0x80 [ 16.841358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.841382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.841406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.841430] kthread+0x337/0x6f0 [ 16.841451] ? trace_preempt_on+0x20/0xc0 [ 16.841478] ? __pfx_kthread+0x10/0x10 [ 16.841499] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.841520] ? calculate_sigpending+0x7b/0xa0 [ 16.841546] ? __pfx_kthread+0x10/0x10 [ 16.841569] ret_from_fork+0x116/0x1d0 [ 16.841588] ? __pfx_kthread+0x10/0x10 [ 16.841610] ret_from_fork_asm+0x1a/0x30 [ 16.841643] </TASK> [ 16.841657] [ 16.854689] Allocated by task 197: [ 16.855023] kasan_save_stack+0x45/0x70 [ 16.855544] kasan_save_track+0x18/0x40 [ 16.855933] kasan_save_alloc_info+0x3b/0x50 [ 16.856707] __kasan_kmalloc+0xb7/0xc0 [ 16.857126] __kmalloc_cache_noprof+0x189/0x420 [ 16.857710] kmalloc_memmove_negative_size+0xac/0x330 [ 16.858007] kunit_try_run_case+0x1a5/0x480 [ 16.858478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.858931] kthread+0x337/0x6f0 [ 16.859441] ret_from_fork+0x116/0x1d0 [ 16.859880] ret_from_fork_asm+0x1a/0x30 [ 16.860125] [ 16.860234] The buggy address belongs to the object at ffff888102316000 [ 16.860234] which belongs to the cache kmalloc-64 of size 64 [ 16.860493] The buggy address is located 4 bytes inside of [ 16.860493] 64-byte region [ffff888102316000, ffff888102316040) [ 16.860695] [ 16.860750] The buggy address belongs to the physical page: [ 16.860863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102316 [ 16.861018] flags: 0x200000000000000(node=0|zone=2) [ 16.861130] page_type: f5(slab) [ 16.861223] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.862523] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.863346] page dumped because: kasan: bad access detected [ 16.863861] [ 16.864216] Memory state around the buggy address: [ 16.864683] ffff888102315f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865427] ffff888102315f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.865696] >ffff888102316000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.866526] ^ [ 16.866752] ffff888102316080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.867287] ffff888102316100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.867630] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.803317] ================================================================== [ 16.803925] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 16.804546] Write of size 16 at addr ffff888102b42869 by task kunit_try_catch/195 [ 16.805192] [ 16.805692] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.805776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.805791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.805816] Call Trace: [ 16.805833] <TASK> [ 16.805856] dump_stack_lvl+0x73/0xb0 [ 16.805912] print_report+0xd1/0x650 [ 16.805953] ? __virt_addr_valid+0x1db/0x2d0 [ 16.805998] ? kmalloc_oob_memset_16+0x166/0x330 [ 16.806037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.806080] ? kmalloc_oob_memset_16+0x166/0x330 [ 16.806123] kasan_report+0x141/0x180 [ 16.806162] ? kmalloc_oob_memset_16+0x166/0x330 [ 16.806216] kasan_check_range+0x10c/0x1c0 [ 16.806252] __asan_memset+0x27/0x50 [ 16.806310] kmalloc_oob_memset_16+0x166/0x330 [ 16.806354] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 16.806402] ? __schedule+0x10cc/0x2b60 [ 16.806450] ? __pfx_read_tsc+0x10/0x10 [ 16.806494] ? ktime_get_ts64+0x86/0x230 [ 16.806545] kunit_try_run_case+0x1a5/0x480 [ 16.806597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.806644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.806683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.806736] ? __kthread_parkme+0x82/0x180 [ 16.806759] ? preempt_count_sub+0x50/0x80 [ 16.806783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.806808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.806832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.806856] kthread+0x337/0x6f0 [ 16.806876] ? trace_preempt_on+0x20/0xc0 [ 16.806902] ? __pfx_kthread+0x10/0x10 [ 16.806924] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.806944] ? calculate_sigpending+0x7b/0xa0 [ 16.806971] ? __pfx_kthread+0x10/0x10 [ 16.807002] ret_from_fork+0x116/0x1d0 [ 16.807026] ? __pfx_kthread+0x10/0x10 [ 16.807047] ret_from_fork_asm+0x1a/0x30 [ 16.807079] </TASK> [ 16.807093] [ 16.817825] Allocated by task 195: [ 16.818107] kasan_save_stack+0x45/0x70 [ 16.818476] kasan_save_track+0x18/0x40 [ 16.818864] kasan_save_alloc_info+0x3b/0x50 [ 16.819175] __kasan_kmalloc+0xb7/0xc0 [ 16.819491] __kmalloc_cache_noprof+0x189/0x420 [ 16.819889] kmalloc_oob_memset_16+0xac/0x330 [ 16.820179] kunit_try_run_case+0x1a5/0x480 [ 16.820605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.821041] kthread+0x337/0x6f0 [ 16.821227] ret_from_fork+0x116/0x1d0 [ 16.821575] ret_from_fork_asm+0x1a/0x30 [ 16.821953] [ 16.822111] The buggy address belongs to the object at ffff888102b42800 [ 16.822111] which belongs to the cache kmalloc-128 of size 128 [ 16.822814] The buggy address is located 105 bytes inside of [ 16.822814] allocated 120-byte region [ffff888102b42800, ffff888102b42878) [ 16.823632] [ 16.823855] The buggy address belongs to the physical page: [ 16.824230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 16.824806] flags: 0x200000000000000(node=0|zone=2) [ 16.825111] page_type: f5(slab) [ 16.825445] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.825884] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.826433] page dumped because: kasan: bad access detected [ 16.826774] [ 16.826978] Memory state around the buggy address: [ 16.827395] ffff888102b42700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.827865] ffff888102b42780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.828409] >ffff888102b42800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.828855] ^ [ 16.829284] ffff888102b42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.829823] ffff888102b42900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.830119] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.764186] ================================================================== [ 16.764925] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 16.765503] Write of size 8 at addr ffff888102b42771 by task kunit_try_catch/193 [ 16.765951] [ 16.766207] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.766338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.766368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.766406] Call Trace: [ 16.766431] <TASK> [ 16.766461] dump_stack_lvl+0x73/0xb0 [ 16.766518] print_report+0xd1/0x650 [ 16.766559] ? __virt_addr_valid+0x1db/0x2d0 [ 16.766603] ? kmalloc_oob_memset_8+0x166/0x330 [ 16.766646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.766732] ? kmalloc_oob_memset_8+0x166/0x330 [ 16.766794] kasan_report+0x141/0x180 [ 16.766841] ? kmalloc_oob_memset_8+0x166/0x330 [ 16.766896] kasan_check_range+0x10c/0x1c0 [ 16.766941] __asan_memset+0x27/0x50 [ 16.766984] kmalloc_oob_memset_8+0x166/0x330 [ 16.767076] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 16.767125] ? __schedule+0x10cc/0x2b60 [ 16.767164] ? __pfx_read_tsc+0x10/0x10 [ 16.767198] ? ktime_get_ts64+0x86/0x230 [ 16.767240] kunit_try_run_case+0x1a5/0x480 [ 16.767299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.767343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.767388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.767437] ? __kthread_parkme+0x82/0x180 [ 16.767492] ? preempt_count_sub+0x50/0x80 [ 16.767544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.767587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.767632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.767714] kthread+0x337/0x6f0 [ 16.767768] ? trace_preempt_on+0x20/0xc0 [ 16.767822] ? __pfx_kthread+0x10/0x10 [ 16.767861] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.767898] ? calculate_sigpending+0x7b/0xa0 [ 16.767934] ? __pfx_kthread+0x10/0x10 [ 16.767957] ret_from_fork+0x116/0x1d0 [ 16.767978] ? __pfx_kthread+0x10/0x10 [ 16.767999] ret_from_fork_asm+0x1a/0x30 [ 16.768046] </TASK> [ 16.768071] [ 16.781821] Allocated by task 193: [ 16.782293] kasan_save_stack+0x45/0x70 [ 16.782720] kasan_save_track+0x18/0x40 [ 16.782964] kasan_save_alloc_info+0x3b/0x50 [ 16.783434] __kasan_kmalloc+0xb7/0xc0 [ 16.783803] __kmalloc_cache_noprof+0x189/0x420 [ 16.784224] kmalloc_oob_memset_8+0xac/0x330 [ 16.784537] kunit_try_run_case+0x1a5/0x480 [ 16.784818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.785246] kthread+0x337/0x6f0 [ 16.785565] ret_from_fork+0x116/0x1d0 [ 16.785884] ret_from_fork_asm+0x1a/0x30 [ 16.786227] [ 16.786590] The buggy address belongs to the object at ffff888102b42700 [ 16.786590] which belongs to the cache kmalloc-128 of size 128 [ 16.787887] The buggy address is located 113 bytes inside of [ 16.787887] allocated 120-byte region [ffff888102b42700, ffff888102b42778) [ 16.788984] [ 16.789313] The buggy address belongs to the physical page: [ 16.789707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 16.790152] flags: 0x200000000000000(node=0|zone=2) [ 16.790548] page_type: f5(slab) [ 16.790916] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.791703] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.792543] page dumped because: kasan: bad access detected [ 16.793164] [ 16.793367] Memory state around the buggy address: [ 16.793775] ffff888102b42600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.794483] ffff888102b42680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.795233] >ffff888102b42700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.795602] ^ [ 16.796214] ffff888102b42780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.796713] ffff888102b42800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.723891] ================================================================== [ 16.725001] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 16.725642] Write of size 4 at addr ffff888102b42675 by task kunit_try_catch/191 [ 16.726505] [ 16.726738] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 16.726849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.726876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.726919] Call Trace: [ 16.726948] <TASK> [ 16.726987] dump_stack_lvl+0x73/0xb0 [ 16.727069] print_report+0xd1/0x650 [ 16.727111] ? __virt_addr_valid+0x1db/0x2d0 [ 16.727377] ? kmalloc_oob_memset_4+0x166/0x330 [ 16.727430] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.727479] ? kmalloc_oob_memset_4+0x166/0x330 [ 16.727507] kasan_report+0x141/0x180 [ 16.727534] ? kmalloc_oob_memset_4+0x166/0x330 [ 16.727562] kasan_check_range+0x10c/0x1c0 [ 16.727587] __asan_memset+0x27/0x50 [ 16.727608] kmalloc_oob_memset_4+0x166/0x330 [ 16.727632] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 16.727671] ? __schedule+0x10cc/0x2b60 [ 16.727734] ? __pfx_read_tsc+0x10/0x10 [ 16.727759] ? ktime_get_ts64+0x86/0x230 [ 16.727787] kunit_try_run_case+0x1a5/0x480 [ 16.727817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.727841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.727866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.727889] ? __kthread_parkme+0x82/0x180 [ 16.727912] ? preempt_count_sub+0x50/0x80 [ 16.727938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.727962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.727986] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.728010] kthread+0x337/0x6f0 [ 16.728031] ? trace_preempt_on+0x20/0xc0 [ 16.728102] ? __pfx_kthread+0x10/0x10 [ 16.728136] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.728167] ? calculate_sigpending+0x7b/0xa0 [ 16.728204] ? __pfx_kthread+0x10/0x10 [ 16.728237] ret_from_fork+0x116/0x1d0 [ 16.728278] ? __pfx_kthread+0x10/0x10 [ 16.728311] ret_from_fork_asm+0x1a/0x30 [ 16.728358] </TASK> [ 16.728378] [ 16.742305] Allocated by task 191: [ 16.743297] kasan_save_stack+0x45/0x70 [ 16.743825] kasan_save_track+0x18/0x40 [ 16.744026] kasan_save_alloc_info+0x3b/0x50 [ 16.744431] __kasan_kmalloc+0xb7/0xc0 [ 16.745255] __kmalloc_cache_noprof+0x189/0x420 [ 16.745590] kmalloc_oob_memset_4+0xac/0x330 [ 16.745771] kunit_try_run_case+0x1a5/0x480 [ 16.746049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.746499] kthread+0x337/0x6f0 [ 16.746809] ret_from_fork+0x116/0x1d0 [ 16.747124] ret_from_fork_asm+0x1a/0x30 [ 16.747767] [ 16.747915] The buggy address belongs to the object at ffff888102b42600 [ 16.747915] which belongs to the cache kmalloc-128 of size 128 [ 16.748387] The buggy address is located 117 bytes inside of [ 16.748387] allocated 120-byte region [ffff888102b42600, ffff888102b42678) [ 16.750158] [ 16.750339] The buggy address belongs to the physical page: [ 16.750568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 16.751173] flags: 0x200000000000000(node=0|zone=2) [ 16.751666] page_type: f5(slab) [ 16.751973] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.752480] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.753227] page dumped because: kasan: bad access detected [ 16.754060] [ 16.754394] Memory state around the buggy address: [ 16.754811] ffff888102b42500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.755492] ffff888102b42580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.755932] >ffff888102b42600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.756363] ^ [ 16.756726] ffff888102b42680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.757636] ffff888102b42700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.758154] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.977583] ================================================================== [ 15.978356] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 15.979268] Read of size 1 at addr ffff888103bf0000 by task kunit_try_catch/171 [ 15.979598] [ 15.979779] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.979882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.979908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.979950] Call Trace: [ 15.979977] <TASK> [ 15.980014] dump_stack_lvl+0x73/0xb0 [ 15.980085] print_report+0xd1/0x650 [ 15.980134] ? __virt_addr_valid+0x1db/0x2d0 [ 15.980177] ? page_alloc_uaf+0x356/0x3d0 [ 15.980215] ? kasan_addr_to_slab+0x11/0xa0 [ 15.980253] ? page_alloc_uaf+0x356/0x3d0 [ 15.980315] kasan_report+0x141/0x180 [ 15.980361] ? page_alloc_uaf+0x356/0x3d0 [ 15.980416] __asan_report_load1_noabort+0x18/0x20 [ 15.980460] page_alloc_uaf+0x356/0x3d0 [ 15.980507] ? __pfx_page_alloc_uaf+0x10/0x10 [ 15.980549] ? irqentry_exit+0x2a/0x60 [ 15.980624] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.980679] ? __pfx_read_tsc+0x10/0x10 [ 15.980720] ? ktime_get_ts64+0x86/0x230 [ 15.980776] kunit_try_run_case+0x1a5/0x480 [ 15.980806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.980829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.980855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.980878] ? __kthread_parkme+0x82/0x180 [ 15.980901] ? preempt_count_sub+0x50/0x80 [ 15.980925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.980950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.980973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.980997] kthread+0x337/0x6f0 [ 15.981017] ? trace_preempt_on+0x20/0xc0 [ 15.981051] ? __pfx_kthread+0x10/0x10 [ 15.981101] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.981135] ? calculate_sigpending+0x7b/0xa0 [ 15.981165] ? __pfx_kthread+0x10/0x10 [ 15.981187] ret_from_fork+0x116/0x1d0 [ 15.981207] ? __pfx_kthread+0x10/0x10 [ 15.981228] ret_from_fork_asm+0x1a/0x30 [ 15.981281] </TASK> [ 15.981298] [ 15.992855] The buggy address belongs to the physical page: [ 15.993431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bf0 [ 15.993885] flags: 0x200000000000000(node=0|zone=2) [ 15.994474] page_type: f0(buddy) [ 15.994714] raw: 0200000000000000 ffff88817fffc460 ffff88817fffc460 0000000000000000 [ 15.995343] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 15.995928] page dumped because: kasan: bad access detected [ 15.996466] [ 15.996632] Memory state around the buggy address: [ 15.996880] ffff888103beff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.997486] ffff888103beff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.997798] >ffff888103bf0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.998321] ^ [ 15.998615] ffff888103bf0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.998979] ffff888103bf0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.999526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 15.936813] ================================================================== [ 15.937817] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 15.938681] Free of addr ffff888102990001 by task kunit_try_catch/167 [ 15.939251] [ 15.939656] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.939806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.939832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.939876] Call Trace: [ 15.939905] <TASK> [ 15.939942] dump_stack_lvl+0x73/0xb0 [ 15.940014] print_report+0xd1/0x650 [ 15.940064] ? __virt_addr_valid+0x1db/0x2d0 [ 15.940115] ? kasan_addr_to_slab+0x11/0xa0 [ 15.940160] ? kfree+0x274/0x3f0 [ 15.940199] kasan_report_invalid_free+0x10a/0x130 [ 15.940241] ? kfree+0x274/0x3f0 [ 15.940324] ? kfree+0x274/0x3f0 [ 15.940355] __kasan_kfree_large+0x86/0xd0 [ 15.940394] free_large_kmalloc+0x4b/0x110 [ 15.940423] kfree+0x274/0x3f0 [ 15.940445] kmalloc_large_invalid_free+0x120/0x2b0 [ 15.940471] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 15.940496] ? __schedule+0x10cc/0x2b60 [ 15.940520] ? __pfx_read_tsc+0x10/0x10 [ 15.940542] ? ktime_get_ts64+0x86/0x230 [ 15.940571] kunit_try_run_case+0x1a5/0x480 [ 15.940597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.940621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.940645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.940692] ? __kthread_parkme+0x82/0x180 [ 15.940722] ? preempt_count_sub+0x50/0x80 [ 15.940748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.940773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.940796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.940821] kthread+0x337/0x6f0 [ 15.940841] ? trace_preempt_on+0x20/0xc0 [ 15.940868] ? __pfx_kthread+0x10/0x10 [ 15.940889] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.940911] ? calculate_sigpending+0x7b/0xa0 [ 15.940936] ? __pfx_kthread+0x10/0x10 [ 15.940958] ret_from_fork+0x116/0x1d0 [ 15.940978] ? __pfx_kthread+0x10/0x10 [ 15.940999] ret_from_fork_asm+0x1a/0x30 [ 15.941033] </TASK> [ 15.941064] [ 15.955936] The buggy address belongs to the physical page: [ 15.956370] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102990 [ 15.957017] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.957458] flags: 0x200000000000040(head|node=0|zone=2) [ 15.957784] page_type: f8(unknown) [ 15.958122] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.958980] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.959360] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.959756] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.960219] head: 0200000000000002 ffffea00040a6401 00000000ffffffff 00000000ffffffff [ 15.960725] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.961146] page dumped because: kasan: bad access detected [ 15.961774] [ 15.961970] Memory state around the buggy address: [ 15.962926] ffff88810298ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.963870] ffff88810298ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.964277] >ffff888102990000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.965205] ^ [ 15.965647] ffff888102990080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.966241] ffff888102990100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.966617] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.908317] ================================================================== [ 15.909124] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 15.909454] Read of size 1 at addr ffff888102990000 by task kunit_try_catch/165 [ 15.911471] [ 15.911692] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.911788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.911808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.911844] Call Trace: [ 15.911867] <TASK> [ 15.911899] dump_stack_lvl+0x73/0xb0 [ 15.911959] print_report+0xd1/0x650 [ 15.911997] ? __virt_addr_valid+0x1db/0x2d0 [ 15.912036] ? kmalloc_large_uaf+0x2f1/0x340 [ 15.912072] ? kasan_addr_to_slab+0x11/0xa0 [ 15.912106] ? kmalloc_large_uaf+0x2f1/0x340 [ 15.912141] kasan_report+0x141/0x180 [ 15.912176] ? kmalloc_large_uaf+0x2f1/0x340 [ 15.912223] __asan_report_load1_noabort+0x18/0x20 [ 15.912381] kmalloc_large_uaf+0x2f1/0x340 [ 15.912433] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 15.912476] ? __schedule+0x10cc/0x2b60 [ 15.912523] ? __pfx_read_tsc+0x10/0x10 [ 15.912567] ? ktime_get_ts64+0x86/0x230 [ 15.912618] kunit_try_run_case+0x1a5/0x480 [ 15.912679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.912881] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.912934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.912976] ? __kthread_parkme+0x82/0x180 [ 15.913013] ? preempt_count_sub+0x50/0x80 [ 15.913051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.913093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.913173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.913220] kthread+0x337/0x6f0 [ 15.913299] ? trace_preempt_on+0x20/0xc0 [ 15.913349] ? __pfx_kthread+0x10/0x10 [ 15.913387] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.913422] ? calculate_sigpending+0x7b/0xa0 [ 15.913465] ? __pfx_kthread+0x10/0x10 [ 15.913506] ret_from_fork+0x116/0x1d0 [ 15.913547] ? __pfx_kthread+0x10/0x10 [ 15.913584] ret_from_fork_asm+0x1a/0x30 [ 15.913628] </TASK> [ 15.913644] [ 15.924782] The buggy address belongs to the physical page: [ 15.925096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102990 [ 15.925527] flags: 0x200000000000000(node=0|zone=2) [ 15.925827] raw: 0200000000000000 ffffea00040a6508 ffff88815b139f80 0000000000000000 [ 15.926232] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.926802] page dumped because: kasan: bad access detected [ 15.927239] [ 15.927414] Memory state around the buggy address: [ 15.927808] ffff88810298ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.928153] ffff88810298ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.928481] >ffff888102990000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.928769] ^ [ 15.929038] ffff888102990080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.929535] ffff888102990100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.930074] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.843021] ================================================================== [ 15.846446] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 15.847220] Write of size 1 at addr ffff88810299200a by task kunit_try_catch/163 [ 15.850627] [ 15.850973] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.851499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.851533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.851629] Call Trace: [ 15.851693] <TASK> [ 15.851734] dump_stack_lvl+0x73/0xb0 [ 15.851814] print_report+0xd1/0x650 [ 15.851857] ? __virt_addr_valid+0x1db/0x2d0 [ 15.851902] ? kmalloc_large_oob_right+0x2e9/0x330 [ 15.851942] ? kasan_addr_to_slab+0x11/0xa0 [ 15.851980] ? kmalloc_large_oob_right+0x2e9/0x330 [ 15.852020] kasan_report+0x141/0x180 [ 15.852306] ? kmalloc_large_oob_right+0x2e9/0x330 [ 15.852363] __asan_report_store1_noabort+0x1b/0x30 [ 15.852404] kmalloc_large_oob_right+0x2e9/0x330 [ 15.852444] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 15.852483] ? __schedule+0x10cc/0x2b60 [ 15.852524] ? __pfx_read_tsc+0x10/0x10 [ 15.852560] ? ktime_get_ts64+0x86/0x230 [ 15.852605] kunit_try_run_case+0x1a5/0x480 [ 15.852650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.852722] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.852763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.852802] ? __kthread_parkme+0x82/0x180 [ 15.852842] ? preempt_count_sub+0x50/0x80 [ 15.852889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.852933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.853015] kthread+0x337/0x6f0 [ 15.853179] ? trace_preempt_on+0x20/0xc0 [ 15.853231] ? __pfx_kthread+0x10/0x10 [ 15.853287] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.853562] ? calculate_sigpending+0x7b/0xa0 [ 15.853615] ? __pfx_kthread+0x10/0x10 [ 15.853690] ret_from_fork+0x116/0x1d0 [ 15.853733] ? __pfx_kthread+0x10/0x10 [ 15.853773] ret_from_fork_asm+0x1a/0x30 [ 15.853834] </TASK> [ 15.853859] [ 15.881291] The buggy address belongs to the physical page: [ 15.881617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102990 [ 15.881972] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.883029] flags: 0x200000000000040(head|node=0|zone=2) [ 15.883915] page_type: f8(unknown) [ 15.885832] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.886929] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.887549] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.887887] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.888311] head: 0200000000000002 ffffea00040a6401 00000000ffffffff 00000000ffffffff [ 15.890170] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.891969] page dumped because: kasan: bad access detected [ 15.892929] [ 15.893133] Memory state around the buggy address: [ 15.893960] ffff888102991f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.894280] ffff888102991f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.895447] >ffff888102992000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.895762] ^ [ 15.896108] ffff888102992080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.896529] ffff888102992100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.896834] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.770510] ================================================================== [ 15.772311] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 15.774469] Write of size 1 at addr ffff888103b79f00 by task kunit_try_catch/161 [ 15.775534] [ 15.775779] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.775880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.775903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.775942] Call Trace: [ 15.775970] <TASK> [ 15.776006] dump_stack_lvl+0x73/0xb0 [ 15.776074] print_report+0xd1/0x650 [ 15.776115] ? __virt_addr_valid+0x1db/0x2d0 [ 15.776177] ? kmalloc_big_oob_right+0x316/0x370 [ 15.776218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.776281] ? kmalloc_big_oob_right+0x316/0x370 [ 15.776322] kasan_report+0x141/0x180 [ 15.776358] ? kmalloc_big_oob_right+0x316/0x370 [ 15.776406] __asan_report_store1_noabort+0x1b/0x30 [ 15.776446] kmalloc_big_oob_right+0x316/0x370 [ 15.776487] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 15.776525] ? __schedule+0x10cc/0x2b60 [ 15.776565] ? __pfx_read_tsc+0x10/0x10 [ 15.776606] ? ktime_get_ts64+0x86/0x230 [ 15.776653] kunit_try_run_case+0x1a5/0x480 [ 15.776702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.776744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.776789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.776831] ? __kthread_parkme+0x82/0x180 [ 15.776867] ? preempt_count_sub+0x50/0x80 [ 15.776910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.776950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.776988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.777026] kthread+0x337/0x6f0 [ 15.777060] ? trace_preempt_on+0x20/0xc0 [ 15.777101] ? __pfx_kthread+0x10/0x10 [ 15.777134] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.777168] ? calculate_sigpending+0x7b/0xa0 [ 15.777212] ? __pfx_kthread+0x10/0x10 [ 15.777249] ret_from_fork+0x116/0x1d0 [ 15.778592] ? __pfx_kthread+0x10/0x10 [ 15.778640] ret_from_fork_asm+0x1a/0x30 [ 15.778736] </TASK> [ 15.778762] [ 15.795840] Allocated by task 161: [ 15.796241] kasan_save_stack+0x45/0x70 [ 15.797356] kasan_save_track+0x18/0x40 [ 15.797962] kasan_save_alloc_info+0x3b/0x50 [ 15.798449] __kasan_kmalloc+0xb7/0xc0 [ 15.798837] __kmalloc_cache_noprof+0x189/0x420 [ 15.799470] kmalloc_big_oob_right+0xa9/0x370 [ 15.799909] kunit_try_run_case+0x1a5/0x480 [ 15.800137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.801123] kthread+0x337/0x6f0 [ 15.801345] ret_from_fork+0x116/0x1d0 [ 15.801512] ret_from_fork_asm+0x1a/0x30 [ 15.803853] [ 15.803987] The buggy address belongs to the object at ffff888103b78000 [ 15.803987] which belongs to the cache kmalloc-8k of size 8192 [ 15.805507] The buggy address is located 0 bytes to the right of [ 15.805507] allocated 7936-byte region [ffff888103b78000, ffff888103b79f00) [ 15.807814] [ 15.807952] The buggy address belongs to the physical page: [ 15.808193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b78 [ 15.808646] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.808966] flags: 0x200000000000040(head|node=0|zone=2) [ 15.809368] page_type: f5(slab) [ 15.810651] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 15.812691] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.814471] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 15.816615] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.818832] head: 0200000000000003 ffffea00040ede01 00000000ffffffff 00000000ffffffff [ 15.820812] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.821546] page dumped because: kasan: bad access detected [ 15.821811] [ 15.821923] Memory state around the buggy address: [ 15.823579] ffff888103b79e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.824155] ffff888103b79e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.825748] >ffff888103b79f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827184] ^ [ 15.827648] ffff888103b79f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.828995] ffff888103b7a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829546] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.643879] ================================================================== [ 15.645204] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.646280] Write of size 1 at addr ffff888102306378 by task kunit_try_catch/159 [ 15.646551] [ 15.647122] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.647244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.647276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.647314] Call Trace: [ 15.647338] <TASK> [ 15.647375] dump_stack_lvl+0x73/0xb0 [ 15.647442] print_report+0xd1/0x650 [ 15.647489] ? __virt_addr_valid+0x1db/0x2d0 [ 15.647539] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.647584] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.647618] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.647930] kasan_report+0x141/0x180 [ 15.648059] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.648114] __asan_report_store1_noabort+0x1b/0x30 [ 15.648151] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.648191] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 15.648230] ? __schedule+0x10cc/0x2b60 [ 15.648281] ? __pfx_read_tsc+0x10/0x10 [ 15.648319] ? ktime_get_ts64+0x86/0x230 [ 15.648360] kunit_try_run_case+0x1a5/0x480 [ 15.648402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.648441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.648478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.648513] ? __kthread_parkme+0x82/0x180 [ 15.648548] ? preempt_count_sub+0x50/0x80 [ 15.648587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.648623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.648691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.648730] kthread+0x337/0x6f0 [ 15.648764] ? trace_preempt_on+0x20/0xc0 [ 15.648802] ? __pfx_kthread+0x10/0x10 [ 15.648835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.648868] ? calculate_sigpending+0x7b/0xa0 [ 15.648906] ? __pfx_kthread+0x10/0x10 [ 15.648941] ret_from_fork+0x116/0x1d0 [ 15.648972] ? __pfx_kthread+0x10/0x10 [ 15.649006] ret_from_fork_asm+0x1a/0x30 [ 15.649055] </TASK> [ 15.649077] [ 15.666293] Allocated by task 159: [ 15.666507] kasan_save_stack+0x45/0x70 [ 15.668826] kasan_save_track+0x18/0x40 [ 15.669569] kasan_save_alloc_info+0x3b/0x50 [ 15.672418] __kasan_kmalloc+0xb7/0xc0 [ 15.672619] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.672877] kmalloc_track_caller_oob_right+0x99/0x520 [ 15.673059] kunit_try_run_case+0x1a5/0x480 [ 15.673216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.673408] kthread+0x337/0x6f0 [ 15.673544] ret_from_fork+0x116/0x1d0 [ 15.675606] ret_from_fork_asm+0x1a/0x30 [ 15.676771] [ 15.677913] The buggy address belongs to the object at ffff888102306300 [ 15.677913] which belongs to the cache kmalloc-128 of size 128 [ 15.681152] The buggy address is located 0 bytes to the right of [ 15.681152] allocated 120-byte region [ffff888102306300, ffff888102306378) [ 15.682622] [ 15.683117] The buggy address belongs to the physical page: [ 15.683849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 15.684903] flags: 0x200000000000000(node=0|zone=2) [ 15.686002] page_type: f5(slab) [ 15.686418] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.687859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.689064] page dumped because: kasan: bad access detected [ 15.689629] [ 15.690162] Memory state around the buggy address: [ 15.691313] ffff888102306200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.692139] ffff888102306280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.693465] >ffff888102306300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.694233] ^ [ 15.695293] ffff888102306380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.696042] ffff888102306400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.696717] ================================================================== [ 15.700851] ================================================================== [ 15.701518] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.702676] Write of size 1 at addr ffff888102306478 by task kunit_try_catch/159 [ 15.703631] [ 15.704090] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.704196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.704216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.704254] Call Trace: [ 15.704290] <TASK> [ 15.704324] dump_stack_lvl+0x73/0xb0 [ 15.704389] print_report+0xd1/0x650 [ 15.704438] ? __virt_addr_valid+0x1db/0x2d0 [ 15.704488] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.704539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.704583] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.704635] kasan_report+0x141/0x180 [ 15.705018] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.705127] __asan_report_store1_noabort+0x1b/0x30 [ 15.705165] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.705204] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 15.705243] ? __schedule+0x10cc/0x2b60 [ 15.705291] ? __pfx_read_tsc+0x10/0x10 [ 15.705325] ? ktime_get_ts64+0x86/0x230 [ 15.705365] kunit_try_run_case+0x1a5/0x480 [ 15.705404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.705438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.705475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.705508] ? __kthread_parkme+0x82/0x180 [ 15.705540] ? preempt_count_sub+0x50/0x80 [ 15.705577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.705612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.705648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.705720] kthread+0x337/0x6f0 [ 15.705751] ? trace_preempt_on+0x20/0xc0 [ 15.705788] ? __pfx_kthread+0x10/0x10 [ 15.705820] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.705852] ? calculate_sigpending+0x7b/0xa0 [ 15.705888] ? __pfx_kthread+0x10/0x10 [ 15.705921] ret_from_fork+0x116/0x1d0 [ 15.705951] ? __pfx_kthread+0x10/0x10 [ 15.705983] ret_from_fork_asm+0x1a/0x30 [ 15.706030] </TASK> [ 15.706050] [ 15.728524] Allocated by task 159: [ 15.729244] kasan_save_stack+0x45/0x70 [ 15.730133] kasan_save_track+0x18/0x40 [ 15.730470] kasan_save_alloc_info+0x3b/0x50 [ 15.730643] __kasan_kmalloc+0xb7/0xc0 [ 15.731805] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.732553] kmalloc_track_caller_oob_right+0x19a/0x520 [ 15.733112] kunit_try_run_case+0x1a5/0x480 [ 15.733336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.733528] kthread+0x337/0x6f0 [ 15.734491] ret_from_fork+0x116/0x1d0 [ 15.735160] ret_from_fork_asm+0x1a/0x30 [ 15.735938] [ 15.736439] The buggy address belongs to the object at ffff888102306400 [ 15.736439] which belongs to the cache kmalloc-128 of size 128 [ 15.737977] The buggy address is located 0 bytes to the right of [ 15.737977] allocated 120-byte region [ffff888102306400, ffff888102306478) [ 15.739715] [ 15.739944] The buggy address belongs to the physical page: [ 15.740775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102306 [ 15.741525] flags: 0x200000000000000(node=0|zone=2) [ 15.742428] page_type: f5(slab) [ 15.743105] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.744367] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.745051] page dumped because: kasan: bad access detected [ 15.745273] [ 15.745377] Memory state around the buggy address: [ 15.745568] ffff888102306300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.745820] ffff888102306380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746056] >ffff888102306400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.747199] ^ [ 15.748005] ffff888102306480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.749006] ffff888102306500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.573994] ================================================================== [ 15.575609] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 15.576910] Read of size 1 at addr ffff888102cdb000 by task kunit_try_catch/157 [ 15.577921] [ 15.578398] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.578518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.578545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.578590] Call Trace: [ 15.578620] <TASK> [ 15.578939] dump_stack_lvl+0x73/0xb0 [ 15.579096] print_report+0xd1/0x650 [ 15.579138] ? __virt_addr_valid+0x1db/0x2d0 [ 15.579177] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.579213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.579247] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.579300] kasan_report+0x141/0x180 [ 15.579336] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.579379] __asan_report_load1_noabort+0x18/0x20 [ 15.579412] kmalloc_node_oob_right+0x369/0x3c0 [ 15.579449] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 15.579487] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.579525] ? trace_hardirqs_on+0x37/0xe0 [ 15.579563] ? __pfx_read_tsc+0x10/0x10 [ 15.579596] ? ktime_get_ts64+0x86/0x230 [ 15.579638] kunit_try_run_case+0x1a5/0x480 [ 15.579711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.579749] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.579789] ? __kthread_parkme+0x82/0x180 [ 15.579825] ? preempt_count_sub+0x50/0x80 [ 15.579873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.579918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.579955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.579990] kthread+0x337/0x6f0 [ 15.580022] ? trace_preempt_on+0x20/0xc0 [ 15.580056] ? __pfx_kthread+0x10/0x10 [ 15.580089] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.580122] ? calculate_sigpending+0x7b/0xa0 [ 15.580159] ? __pfx_kthread+0x10/0x10 [ 15.580195] ret_from_fork+0x116/0x1d0 [ 15.580225] ? __pfx_kthread+0x10/0x10 [ 15.580268] ret_from_fork_asm+0x1a/0x30 [ 15.580324] </TASK> [ 15.580349] [ 15.598015] Allocated by task 157: [ 15.598941] kasan_save_stack+0x45/0x70 [ 15.599548] kasan_save_track+0x18/0x40 [ 15.600319] kasan_save_alloc_info+0x3b/0x50 [ 15.601038] __kasan_kmalloc+0xb7/0xc0 [ 15.602081] __kmalloc_cache_node_noprof+0x188/0x420 [ 15.602569] kmalloc_node_oob_right+0xab/0x3c0 [ 15.603193] kunit_try_run_case+0x1a5/0x480 [ 15.603979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.604764] kthread+0x337/0x6f0 [ 15.605317] ret_from_fork+0x116/0x1d0 [ 15.605519] ret_from_fork_asm+0x1a/0x30 [ 15.606303] [ 15.606567] The buggy address belongs to the object at ffff888102cda000 [ 15.606567] which belongs to the cache kmalloc-4k of size 4096 [ 15.608235] The buggy address is located 0 bytes to the right of [ 15.608235] allocated 4096-byte region [ffff888102cda000, ffff888102cdb000) [ 15.609584] [ 15.609898] The buggy address belongs to the physical page: [ 15.610834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cd8 [ 15.612255] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.612537] flags: 0x200000000000040(head|node=0|zone=2) [ 15.613855] page_type: f5(slab) [ 15.614883] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 15.615930] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.616840] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 15.618692] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.619784] head: 0200000000000003 ffffea00040b3601 00000000ffffffff 00000000ffffffff [ 15.621087] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.621559] page dumped because: kasan: bad access detected [ 15.622416] [ 15.623050] Memory state around the buggy address: [ 15.623690] ffff888102cdaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.624822] ffff888102cdaf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.625356] >ffff888102cdb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.625575] ^ [ 15.626328] ffff888102cdb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.627452] ffff888102cdb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628615] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.512492] ================================================================== [ 15.513889] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 15.514178] Read of size 1 at addr ffff8881026fb8ff by task kunit_try_catch/155 [ 15.515452] [ 15.516015] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.516118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.516138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.516174] Call Trace: [ 15.516199] <TASK> [ 15.516232] dump_stack_lvl+0x73/0xb0 [ 15.516309] print_report+0xd1/0x650 [ 15.516347] ? __virt_addr_valid+0x1db/0x2d0 [ 15.516386] ? kmalloc_oob_left+0x361/0x3c0 [ 15.516424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.516466] ? kmalloc_oob_left+0x361/0x3c0 [ 15.516507] kasan_report+0x141/0x180 [ 15.516552] ? kmalloc_oob_left+0x361/0x3c0 [ 15.516607] __asan_report_load1_noabort+0x18/0x20 [ 15.516651] kmalloc_oob_left+0x361/0x3c0 [ 15.516977] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 15.517081] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 15.517131] kunit_try_run_case+0x1a5/0x480 [ 15.517176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.517210] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.517249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.517299] ? __kthread_parkme+0x82/0x180 [ 15.517334] ? preempt_count_sub+0x50/0x80 [ 15.517374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.517410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.517448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.517484] kthread+0x337/0x6f0 [ 15.517517] ? trace_preempt_on+0x20/0xc0 [ 15.517555] ? __pfx_kthread+0x10/0x10 [ 15.517589] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.517622] ? calculate_sigpending+0x7b/0xa0 [ 15.517692] ? __pfx_kthread+0x10/0x10 [ 15.517730] ret_from_fork+0x116/0x1d0 [ 15.517761] ? __pfx_kthread+0x10/0x10 [ 15.517796] ret_from_fork_asm+0x1a/0x30 [ 15.517844] </TASK> [ 15.517865] [ 15.533115] Allocated by task 1: [ 15.533637] kasan_save_stack+0x45/0x70 [ 15.534021] kasan_save_track+0x18/0x40 [ 15.534691] kasan_save_alloc_info+0x3b/0x50 [ 15.535302] __kasan_kmalloc+0xb7/0xc0 [ 15.535479] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.536066] kstrdup+0x3e/0xa0 [ 15.536457] kstrdup_const+0x2c/0x40 [ 15.536982] __kernfs_new_node+0xa7/0x6d0 [ 15.537519] kernfs_new_node+0x140/0x1e0 [ 15.538132] __kernfs_create_file+0x2d/0x290 [ 15.538889] sysfs_add_bin_file_mode_ns+0x13f/0x4f0 [ 15.539534] sysfs_create_bin_file+0x150/0x200 [ 15.539854] pci_create_attr+0x1e2/0x460 [ 15.540022] pci_create_resource_files+0xb0/0x160 [ 15.540182] pci_sysfs_init+0x32/0x90 [ 15.541048] do_one_initcall+0xd8/0x370 [ 15.541699] kernel_init_freeable+0x420/0x6f0 [ 15.542278] kernel_init+0x23/0x1e0 [ 15.542837] ret_from_fork+0x116/0x1d0 [ 15.543383] ret_from_fork_asm+0x1a/0x30 [ 15.544029] [ 15.544237] The buggy address belongs to the object at ffff8881026fb8e0 [ 15.544237] which belongs to the cache kmalloc-16 of size 16 [ 15.545200] The buggy address is located 21 bytes to the right of [ 15.545200] allocated 10-byte region [ffff8881026fb8e0, ffff8881026fb8ea) [ 15.545580] [ 15.546181] The buggy address belongs to the physical page: [ 15.546871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 15.547764] flags: 0x200000000000000(node=0|zone=2) [ 15.548401] page_type: f5(slab) [ 15.548913] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.549960] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.550637] page dumped because: kasan: bad access detected [ 15.551294] [ 15.551397] Memory state around the buggy address: [ 15.551605] ffff8881026fb780: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 02 fc fc [ 15.552635] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 15.553401] >ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 15.554371] ^ [ 15.555242] ffff8881026fb900: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.555934] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.556165] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.460000] ================================================================== [ 15.461447] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 15.462359] Read of size 1 at addr ffff888102b42380 by task kunit_try_catch/153 [ 15.463541] [ 15.463787] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.463882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.463901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.463938] Call Trace: [ 15.463974] <TASK> [ 15.464010] dump_stack_lvl+0x73/0xb0 [ 15.464067] print_report+0xd1/0x650 [ 15.464106] ? __virt_addr_valid+0x1db/0x2d0 [ 15.464143] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.464178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.464214] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.464249] kasan_report+0x141/0x180 [ 15.464300] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.464342] __asan_report_load1_noabort+0x18/0x20 [ 15.464374] kmalloc_oob_right+0x68a/0x7f0 [ 15.464410] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.464448] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.464488] kunit_try_run_case+0x1a5/0x480 [ 15.464527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.464562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.464600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.464634] ? __kthread_parkme+0x82/0x180 [ 15.465554] ? preempt_count_sub+0x50/0x80 [ 15.465616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.465682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.465763] kthread+0x337/0x6f0 [ 15.465795] ? trace_preempt_on+0x20/0xc0 [ 15.465833] ? __pfx_kthread+0x10/0x10 [ 15.465864] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.465898] ? calculate_sigpending+0x7b/0xa0 [ 15.465935] ? __pfx_kthread+0x10/0x10 [ 15.465969] ret_from_fork+0x116/0x1d0 [ 15.466000] ? __pfx_kthread+0x10/0x10 [ 15.466032] ret_from_fork_asm+0x1a/0x30 [ 15.466082] </TASK> [ 15.466103] [ 15.481945] Allocated by task 153: [ 15.482518] kasan_save_stack+0x45/0x70 [ 15.483355] kasan_save_track+0x18/0x40 [ 15.483945] kasan_save_alloc_info+0x3b/0x50 [ 15.484508] __kasan_kmalloc+0xb7/0xc0 [ 15.484917] __kmalloc_cache_noprof+0x189/0x420 [ 15.485094] kmalloc_oob_right+0xa9/0x7f0 [ 15.485249] kunit_try_run_case+0x1a5/0x480 [ 15.485428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.485606] kthread+0x337/0x6f0 [ 15.485754] ret_from_fork+0x116/0x1d0 [ 15.485899] ret_from_fork_asm+0x1a/0x30 [ 15.486049] [ 15.486140] The buggy address belongs to the object at ffff888102b42300 [ 15.486140] which belongs to the cache kmalloc-128 of size 128 [ 15.487904] The buggy address is located 13 bytes to the right of [ 15.487904] allocated 115-byte region [ffff888102b42300, ffff888102b42373) [ 15.489727] [ 15.490004] The buggy address belongs to the physical page: [ 15.490725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 15.491796] flags: 0x200000000000000(node=0|zone=2) [ 15.492439] page_type: f5(slab) [ 15.493125] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.494084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.495192] page dumped because: kasan: bad access detected [ 15.495884] [ 15.496219] Memory state around the buggy address: [ 15.496903] ffff888102b42280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.497951] ffff888102b42300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.498798] >ffff888102b42380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.499386] ^ [ 15.499541] ffff888102b42400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.500579] ffff888102b42480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.501298] ================================================================== [ 15.353682] ================================================================== [ 15.355887] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 15.357201] Write of size 1 at addr ffff888102b42373 by task kunit_try_catch/153 [ 15.357590] [ 15.360620] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.361123] Tainted: [N]=TEST [ 15.361181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.361985] Call Trace: [ 15.362127] <TASK> [ 15.363559] dump_stack_lvl+0x73/0xb0 [ 15.363798] print_report+0xd1/0x650 [ 15.363851] ? __virt_addr_valid+0x1db/0x2d0 [ 15.363892] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.363927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.363962] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.363996] kasan_report+0x141/0x180 [ 15.364032] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.364073] __asan_report_store1_noabort+0x1b/0x30 [ 15.364106] kmalloc_oob_right+0x6f0/0x7f0 [ 15.364140] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.364178] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.364217] kunit_try_run_case+0x1a5/0x480 [ 15.364269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.364346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.364380] ? __kthread_parkme+0x82/0x180 [ 15.364415] ? preempt_count_sub+0x50/0x80 [ 15.364455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.364491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.364528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.364563] kthread+0x337/0x6f0 [ 15.364595] ? trace_preempt_on+0x20/0xc0 [ 15.364633] ? __pfx_kthread+0x10/0x10 [ 15.364697] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.364733] ? calculate_sigpending+0x7b/0xa0 [ 15.364771] ? __pfx_kthread+0x10/0x10 [ 15.364805] ret_from_fork+0x116/0x1d0 [ 15.364837] ? __pfx_kthread+0x10/0x10 [ 15.364871] ret_from_fork_asm+0x1a/0x30 [ 15.364961] </TASK> [ 15.365073] [ 15.383308] Allocated by task 153: [ 15.384609] kasan_save_stack+0x45/0x70 [ 15.385592] kasan_save_track+0x18/0x40 [ 15.386182] kasan_save_alloc_info+0x3b/0x50 [ 15.386945] __kasan_kmalloc+0xb7/0xc0 [ 15.387137] __kmalloc_cache_noprof+0x189/0x420 [ 15.388450] kmalloc_oob_right+0xa9/0x7f0 [ 15.388928] kunit_try_run_case+0x1a5/0x480 [ 15.389488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.390415] kthread+0x337/0x6f0 [ 15.390970] ret_from_fork+0x116/0x1d0 [ 15.391700] ret_from_fork_asm+0x1a/0x30 [ 15.392591] [ 15.393802] The buggy address belongs to the object at ffff888102b42300 [ 15.393802] which belongs to the cache kmalloc-128 of size 128 [ 15.395024] The buggy address is located 0 bytes to the right of [ 15.395024] allocated 115-byte region [ffff888102b42300, ffff888102b42373) [ 15.396629] [ 15.397185] The buggy address belongs to the physical page: [ 15.398975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 15.400545] flags: 0x200000000000000(node=0|zone=2) [ 15.401877] page_type: f5(slab) [ 15.403421] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.404304] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.405237] page dumped because: kasan: bad access detected [ 15.405469] [ 15.405572] Memory state around the buggy address: [ 15.407069] ffff888102b42200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.407817] ffff888102b42280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.408767] >ffff888102b42300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.409709] ^ [ 15.410583] ffff888102b42380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411438] ffff888102b42400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.411942] ================================================================== [ 15.416210] ================================================================== [ 15.417518] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 15.418576] Write of size 1 at addr ffff888102b42378 by task kunit_try_catch/153 [ 15.419296] [ 15.419903] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 15.420026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.420047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.420082] Call Trace: [ 15.420119] <TASK> [ 15.420153] dump_stack_lvl+0x73/0xb0 [ 15.420211] print_report+0xd1/0x650 [ 15.420249] ? __virt_addr_valid+0x1db/0x2d0 [ 15.420302] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.420337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.420372] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.420407] kasan_report+0x141/0x180 [ 15.420444] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.420486] __asan_report_store1_noabort+0x1b/0x30 [ 15.420519] kmalloc_oob_right+0x6bd/0x7f0 [ 15.420555] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.420593] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.420633] kunit_try_run_case+0x1a5/0x480 [ 15.420686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.420781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.420821] ? __kthread_parkme+0x82/0x180 [ 15.420859] ? preempt_count_sub+0x50/0x80 [ 15.420902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.420938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.421009] kthread+0x337/0x6f0 [ 15.421040] ? trace_preempt_on+0x20/0xc0 [ 15.421078] ? __pfx_kthread+0x10/0x10 [ 15.421111] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.421144] ? calculate_sigpending+0x7b/0xa0 [ 15.421182] ? __pfx_kthread+0x10/0x10 [ 15.421216] ret_from_fork+0x116/0x1d0 [ 15.421248] ? __pfx_kthread+0x10/0x10 [ 15.421755] ret_from_fork_asm+0x1a/0x30 [ 15.421859] </TASK> [ 15.421885] [ 15.437454] Allocated by task 153: [ 15.438280] kasan_save_stack+0x45/0x70 [ 15.438801] kasan_save_track+0x18/0x40 [ 15.439189] kasan_save_alloc_info+0x3b/0x50 [ 15.439954] __kasan_kmalloc+0xb7/0xc0 [ 15.440486] __kmalloc_cache_noprof+0x189/0x420 [ 15.440811] kmalloc_oob_right+0xa9/0x7f0 [ 15.440970] kunit_try_run_case+0x1a5/0x480 [ 15.441131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.441322] kthread+0x337/0x6f0 [ 15.441470] ret_from_fork+0x116/0x1d0 [ 15.441647] ret_from_fork_asm+0x1a/0x30 [ 15.442845] [ 15.443236] The buggy address belongs to the object at ffff888102b42300 [ 15.443236] which belongs to the cache kmalloc-128 of size 128 [ 15.444597] The buggy address is located 5 bytes to the right of [ 15.444597] allocated 115-byte region [ffff888102b42300, ffff888102b42373) [ 15.446106] [ 15.446557] The buggy address belongs to the physical page: [ 15.447246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 15.448331] flags: 0x200000000000000(node=0|zone=2) [ 15.449140] page_type: f5(slab) [ 15.449715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.450496] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.451374] page dumped because: kasan: bad access detected [ 15.451604] [ 15.452187] Memory state around the buggy address: [ 15.452894] ffff888102b42200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.453682] ffff888102b42280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.454424] >ffff888102b42300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.455225] ^ [ 15.455486] ffff888102b42380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.456355] ffff888102b42400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.457098] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 174.932069] WARNING: CPU: 1 PID: 2769 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 174.934382] Modules linked in: [ 174.934632] CPU: 1 UID: 0 PID: 2769 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 174.935454] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.935899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.936801] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 174.937476] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.937961] RSP: 0000:ffff88810a097c78 EFLAGS: 00010286 [ 174.938593] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 174.939477] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff91230e3c [ 174.939938] RBP: ffff88810a097ca0 R08: 0000000000000000 R09: ffffed10202d25c0 [ 174.940174] R10: ffff888101692e07 R11: 0000000000000000 R12: ffffffff91230e28 [ 174.940902] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a097d38 [ 174.941190] FS: 0000000000000000(0000) GS:ffff8881c7f77000(0000) knlGS:0000000000000000 [ 174.942226] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.942542] CR2: 00007ffff7ffe000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 174.943252] DR0: ffffffff9324d4c4 DR1: ffffffff9324d4c9 DR2: ffffffff9324d4ca [ 174.943644] DR3: ffffffff9324d4cb DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.944706] Call Trace: [ 174.944940] <TASK> [ 174.945411] drm_test_rect_calc_vscale+0x108/0x270 [ 174.945961] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 174.946578] ? __schedule+0x10cc/0x2b60 [ 174.947093] ? __pfx_read_tsc+0x10/0x10 [ 174.947600] ? ktime_get_ts64+0x86/0x230 [ 174.948114] kunit_try_run_case+0x1a5/0x480 [ 174.948676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.949538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.950318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.950810] ? __kthread_parkme+0x82/0x180 [ 174.951456] ? preempt_count_sub+0x50/0x80 [ 174.951802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.952341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.952879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.953813] kthread+0x337/0x6f0 [ 174.954347] ? trace_preempt_on+0x20/0xc0 [ 174.954560] ? __pfx_kthread+0x10/0x10 [ 174.954802] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.955344] ? calculate_sigpending+0x7b/0xa0 [ 174.956103] ? __pfx_kthread+0x10/0x10 [ 174.956626] ret_from_fork+0x116/0x1d0 [ 174.956899] ? __pfx_kthread+0x10/0x10 [ 174.957461] ret_from_fork_asm+0x1a/0x30 [ 174.957846] </TASK> [ 174.958295] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 174.964113] WARNING: CPU: 1 PID: 2771 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 174.965954] Modules linked in: [ 174.966462] CPU: 1 UID: 0 PID: 2771 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 174.967461] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.967811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.968916] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 174.969509] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.970739] RSP: 0000:ffff88810a4f7c78 EFLAGS: 00010286 [ 174.971060] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 174.971969] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff91230e74 [ 174.973008] RBP: ffff88810a4f7ca0 R08: 0000000000000000 R09: ffffed102019d800 [ 174.973387] R10: ffff888100cec007 R11: 0000000000000000 R12: ffffffff91230e60 [ 174.973810] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a4f7d38 [ 174.974181] FS: 0000000000000000(0000) GS:ffff8881c7f77000(0000) knlGS:0000000000000000 [ 174.974622] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.974917] CR2: 00007ffff7ffe000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 174.975576] DR0: ffffffff9324d4c4 DR1: ffffffff9324d4c9 DR2: ffffffff9324d4ca [ 174.976802] DR3: ffffffff9324d4cb DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.977426] Call Trace: [ 174.977715] <TASK> [ 174.977940] drm_test_rect_calc_vscale+0x108/0x270 [ 174.978686] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 174.979008] ? __schedule+0x10cc/0x2b60 [ 174.979651] ? __pfx_read_tsc+0x10/0x10 [ 174.980352] ? ktime_get_ts64+0x86/0x230 [ 174.981008] kunit_try_run_case+0x1a5/0x480 [ 174.981538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.982010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.982511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.983400] ? __kthread_parkme+0x82/0x180 [ 174.983762] ? preempt_count_sub+0x50/0x80 [ 174.984024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.984524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.985151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.986052] kthread+0x337/0x6f0 [ 174.986527] ? trace_preempt_on+0x20/0xc0 [ 174.986931] ? __pfx_kthread+0x10/0x10 [ 174.987211] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.987786] ? calculate_sigpending+0x7b/0xa0 [ 174.988117] ? __pfx_kthread+0x10/0x10 [ 174.988766] ret_from_fork+0x116/0x1d0 [ 174.989518] ? __pfx_kthread+0x10/0x10 [ 174.989822] ret_from_fork_asm+0x1a/0x30 [ 174.990524] </TASK> [ 174.991649] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 174.853187] WARNING: CPU: 0 PID: 2757 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 174.854234] Modules linked in: [ 174.854630] CPU: 0 UID: 0 PID: 2757 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 174.855792] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.856728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.857162] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 174.857759] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.859546] RSP: 0000:ffff88810974fc78 EFLAGS: 00010286 [ 174.859898] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 174.860128] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff91230e40 [ 174.860821] RBP: ffff88810974fca0 R08: 0000000000000000 R09: ffffed1021285580 [ 174.861876] R10: ffff88810942ac07 R11: 0000000000000000 R12: ffffffff91230e28 [ 174.862687] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810974fd38 [ 174.863077] FS: 0000000000000000(0000) GS:ffff8881c7e77000(0000) knlGS:0000000000000000 [ 174.863848] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.864222] CR2: ffffffffffffffff CR3: 000000013debc000 CR4: 00000000000006f0 [ 174.864863] DR0: ffffffff9324d4c0 DR1: ffffffff9324d4c1 DR2: ffffffff9324d4c3 [ 174.865389] DR3: ffffffff9324d4c5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.865984] Call Trace: [ 174.866217] <TASK> [ 174.866388] drm_test_rect_calc_hscale+0x108/0x270 [ 174.867721] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 174.868189] ? __schedule+0x10cc/0x2b60 [ 174.868891] ? __pfx_read_tsc+0x10/0x10 [ 174.869476] ? ktime_get_ts64+0x86/0x230 [ 174.870036] kunit_try_run_case+0x1a5/0x480 [ 174.870576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.870797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.871629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.872003] ? __kthread_parkme+0x82/0x180 [ 174.872412] ? preempt_count_sub+0x50/0x80 [ 174.873268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.873875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.874305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.874664] kthread+0x337/0x6f0 [ 174.874908] ? trace_preempt_on+0x20/0xc0 [ 174.875646] ? __pfx_kthread+0x10/0x10 [ 174.876006] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.876463] ? calculate_sigpending+0x7b/0xa0 [ 174.876975] ? __pfx_kthread+0x10/0x10 [ 174.877435] ret_from_fork+0x116/0x1d0 [ 174.877741] ? __pfx_kthread+0x10/0x10 [ 174.878270] ret_from_fork_asm+0x1a/0x30 [ 174.878683] </TASK> [ 174.878860] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 174.885026] WARNING: CPU: 0 PID: 2759 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 174.886879] Modules linked in: [ 174.887458] CPU: 0 UID: 0 PID: 2759 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 174.888039] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.888829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.889512] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 174.890209] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.890574] RSP: 0000:ffff888109697c78 EFLAGS: 00010286 [ 174.890724] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 174.890863] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff91230e78 [ 174.891013] RBP: ffff888109697ca0 R08: 0000000000000000 R09: ffffed10212855c0 [ 174.891152] R10: ffff88810942ae07 R11: 0000000000000000 R12: ffffffff91230e60 [ 174.891376] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109697d38 [ 174.892705] FS: 0000000000000000(0000) GS:ffff8881c7e77000(0000) knlGS:0000000000000000 [ 174.893426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.893956] CR2: ffffffffffffffff CR3: 000000013debc000 CR4: 00000000000006f0 [ 174.894684] DR0: ffffffff9324d4c0 DR1: ffffffff9324d4c1 DR2: ffffffff9324d4c3 [ 174.895342] DR3: ffffffff9324d4c5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.895774] Call Trace: [ 174.895928] <TASK> [ 174.896683] drm_test_rect_calc_hscale+0x108/0x270 [ 174.897497] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 174.897901] ? __schedule+0x10cc/0x2b60 [ 174.898501] ? __pfx_read_tsc+0x10/0x10 [ 174.898913] ? ktime_get_ts64+0x86/0x230 [ 174.899600] kunit_try_run_case+0x1a5/0x480 [ 174.899928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.900356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.901405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.901776] ? __kthread_parkme+0x82/0x180 [ 174.902050] ? preempt_count_sub+0x50/0x80 [ 174.902962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.903391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.903901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.904544] kthread+0x337/0x6f0 [ 174.904787] ? trace_preempt_on+0x20/0xc0 [ 174.905593] ? __pfx_kthread+0x10/0x10 [ 174.906306] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.906802] ? calculate_sigpending+0x7b/0xa0 [ 174.907395] ? __pfx_kthread+0x10/0x10 [ 174.907778] ret_from_fork+0x116/0x1d0 [ 174.908018] ? __pfx_kthread+0x10/0x10 [ 174.908365] ret_from_fork_asm+0x1a/0x30 [ 174.908774] </TASK> [ 174.909179] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 173.799798] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 173.799983] WARNING: CPU: 1 PID: 2574 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 173.801757] Modules linked in: [ 173.802191] CPU: 1 UID: 0 PID: 2574 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 173.802829] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 173.803072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 173.804277] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 173.804658] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 5d 17 80 00 48 c7 c1 20 5d 1e 91 4c 89 f2 48 c7 c7 e0 59 1e 91 48 89 c6 e8 34 a5 78 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 173.806417] RSP: 0000:ffff888109defd18 EFLAGS: 00010286 [ 173.806972] RAX: 0000000000000000 RBX: ffff888107164c00 RCX: 1ffffffff23e4c90 [ 173.807380] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 173.807907] RBP: ffff888109defd48 R08: 0000000000000000 R09: fffffbfff23e4c90 [ 173.809256] R10: 0000000000000003 R11: 0000000000039878 R12: ffff888109a2a800 [ 173.809647] R13: ffff888107164cf8 R14: ffff888100f1f280 R15: ffff88810039fb40 [ 173.809975] FS: 0000000000000000(0000) GS:ffff8881c7f77000(0000) knlGS:0000000000000000 [ 173.810397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.811254] CR2: 00007ffff7ffe000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 173.811696] DR0: ffffffff9324d4c4 DR1: ffffffff9324d4c9 DR2: ffffffff9324d4ca [ 173.812284] DR3: ffffffff9324d4cb DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 173.812779] Call Trace: [ 173.812982] <TASK> [ 173.813452] ? trace_preempt_on+0x20/0xc0 [ 173.814008] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 173.814387] drm_gem_shmem_free_wrapper+0x12/0x20 [ 173.814682] __kunit_action_free+0x57/0x70 [ 173.815016] kunit_remove_resource+0x133/0x200 [ 173.815252] ? preempt_count_sub+0x50/0x80 [ 173.815577] kunit_cleanup+0x7a/0x120 [ 173.815834] kunit_try_run_case_cleanup+0xbd/0xf0 [ 173.816122] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 173.816658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 173.816943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 173.817373] kthread+0x337/0x6f0 [ 173.817670] ? trace_preempt_on+0x20/0xc0 [ 173.818037] ? __pfx_kthread+0x10/0x10 [ 173.818621] ? _raw_spin_unlock_irq+0x47/0x80 [ 173.819030] ? calculate_sigpending+0x7b/0xa0 [ 173.819550] ? __pfx_kthread+0x10/0x10 [ 173.819839] ret_from_fork+0x116/0x1d0 [ 173.820002] ? __pfx_kthread+0x10/0x10 [ 173.820510] ret_from_fork_asm+0x1a/0x30 [ 173.820915] </TASK> [ 173.821282] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 173.582730] WARNING: CPU: 1 PID: 2555 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 173.583833] Modules linked in: [ 173.584475] CPU: 1 UID: 0 PID: 2555 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 173.585854] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 173.586130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 173.586927] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 173.587520] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 173.588514] RSP: 0000:ffff888109a2fb30 EFLAGS: 00010246 [ 173.588871] RAX: dffffc0000000000 RBX: ffff888109a2fc28 RCX: 0000000000000000 [ 173.589419] RDX: 1ffff11021345f8e RSI: ffff888109a2fc28 RDI: ffff888109a2fc70 [ 173.589958] RBP: ffff888109a2fb70 R08: ffff88810987f000 R09: ffffffff911d6040 [ 173.591221] R10: 0000000000000003 R11: 000000007f6618e1 R12: ffff88810987f000 [ 173.591683] R13: ffff88810039fae8 R14: ffff888109a2fba8 R15: 0000000000000000 [ 173.591936] FS: 0000000000000000(0000) GS:ffff8881c7f77000(0000) knlGS:0000000000000000 [ 173.592181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.592391] CR2: 00007ffff7ffe000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 173.592615] DR0: ffffffff9324d4c4 DR1: ffffffff9324d4c9 DR2: ffffffff9324d4ca [ 173.592838] DR3: ffffffff9324d4cb DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 173.593057] Call Trace: [ 173.593191] <TASK> [ 173.593855] ? add_dr+0xc1/0x1d0 [ 173.594855] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 173.595425] ? add_dr+0x148/0x1d0 [ 173.596009] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 173.596866] ? __drmm_add_action+0x1a4/0x280 [ 173.597484] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.597961] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.598716] ? __drmm_add_action_or_reset+0x22/0x50 [ 173.599330] ? __schedule+0x10cc/0x2b60 [ 173.599780] ? __pfx_read_tsc+0x10/0x10 [ 173.600261] ? ktime_get_ts64+0x86/0x230 [ 173.600627] kunit_try_run_case+0x1a5/0x480 [ 173.601053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.601909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 173.602764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 173.603511] ? __kthread_parkme+0x82/0x180 [ 173.603867] ? preempt_count_sub+0x50/0x80 [ 173.604695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.604976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 173.605217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 173.606392] kthread+0x337/0x6f0 [ 173.606825] ? trace_preempt_on+0x20/0xc0 [ 173.607497] ? __pfx_kthread+0x10/0x10 [ 173.607911] ? _raw_spin_unlock_irq+0x47/0x80 [ 173.608156] ? calculate_sigpending+0x7b/0xa0 [ 173.608935] ? __pfx_kthread+0x10/0x10 [ 173.609713] ret_from_fork+0x116/0x1d0 [ 173.609979] ? __pfx_kthread+0x10/0x10 [ 173.610858] ret_from_fork_asm+0x1a/0x30 [ 173.611493] </TASK> [ 173.611712] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 173.529088] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 173.529490] WARNING: CPU: 0 PID: 2551 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 173.531961] Modules linked in: [ 173.532482] CPU: 0 UID: 0 PID: 2551 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 173.533294] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 173.533750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 173.534223] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 173.534896] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 30 87 00 48 c7 c1 00 10 1d 91 4c 89 fa 48 c7 c7 60 10 1d 91 48 89 c6 e8 42 be 7f fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 173.536180] RSP: 0000:ffff888109a2fb68 EFLAGS: 00010282 [ 173.536556] RAX: 0000000000000000 RBX: ffff888109a2fc40 RCX: 1ffffffff23e4c90 [ 173.536958] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 173.537718] RBP: ffff888109a2fb90 R08: 0000000000000000 R09: fffffbfff23e4c90 [ 173.538226] R10: 0000000000000003 R11: 0000000000037ef0 R12: ffff888109a2fc18 [ 173.538711] R13: ffff888109b32000 R14: ffff888109891000 R15: ffff888101566a80 [ 173.538971] FS: 0000000000000000(0000) GS:ffff8881c7e77000(0000) knlGS:0000000000000000 [ 173.539792] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.540286] CR2: ffffffffffffffff CR3: 000000013debc000 CR4: 00000000000006f0 [ 173.540873] DR0: ffffffff9324d4c0 DR1: ffffffff9324d4c1 DR2: ffffffff9324d4c3 [ 173.541423] DR3: ffffffff9324d4c5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 173.541958] Call Trace: [ 173.542345] <TASK> [ 173.542663] drm_test_framebuffer_free+0x1ab/0x610 [ 173.543443] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 173.543839] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.544404] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.544861] ? __drmm_add_action_or_reset+0x22/0x50 [ 173.545555] ? __schedule+0x10cc/0x2b60 [ 173.545978] ? __pfx_read_tsc+0x10/0x10 [ 173.546229] ? ktime_get_ts64+0x86/0x230 [ 173.546605] kunit_try_run_case+0x1a5/0x480 [ 173.546984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.547814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 173.548362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 173.548809] ? __kthread_parkme+0x82/0x180 [ 173.549263] ? preempt_count_sub+0x50/0x80 [ 173.549715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.549998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 173.550498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 173.550966] kthread+0x337/0x6f0 [ 173.551469] ? trace_preempt_on+0x20/0xc0 [ 173.551848] ? __pfx_kthread+0x10/0x10 [ 173.552388] ? _raw_spin_unlock_irq+0x47/0x80 [ 173.552700] ? calculate_sigpending+0x7b/0xa0 [ 173.553285] ? __pfx_kthread+0x10/0x10 [ 173.553623] ret_from_fork+0x116/0x1d0 [ 173.553955] ? __pfx_kthread+0x10/0x10 [ 173.554472] ret_from_fork_asm+0x1a/0x30 [ 173.554917] </TASK> [ 173.555304] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 171.418797] WARNING: CPU: 0 PID: 1989 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 171.420012] Modules linked in: [ 171.420709] CPU: 0 UID: 0 PID: 1989 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 171.421949] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 171.422613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 171.423288] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 171.423681] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 171.424426] RSP: 0000:ffff888103c0fc90 EFLAGS: 00010246 [ 171.424884] RAX: dffffc0000000000 RBX: ffff888101824000 RCX: 0000000000000000 [ 171.425517] RDX: 1ffff11020304832 RSI: ffffffff8e3f80b8 RDI: ffff888101824190 [ 171.426284] RBP: ffff888103c0fca0 R08: 1ffff11020073f69 R09: ffffed1020781f65 [ 171.426582] R10: 0000000000000003 R11: ffffffff8d982b18 R12: 0000000000000000 [ 171.427231] R13: ffff888103c0fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 171.427687] FS: 0000000000000000(0000) GS:ffff8881c7e77000(0000) knlGS:0000000000000000 [ 171.428313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.428753] CR2: ffffffffffffffff CR3: 000000013debc000 CR4: 00000000000006f0 [ 171.429022] DR0: ffffffff9324d4c0 DR1: ffffffff9324d4c1 DR2: ffffffff9324d4c3 [ 171.429830] DR3: ffffffff9324d4c5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 171.430967] Call Trace: [ 171.431426] <TASK> [ 171.431785] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 171.432499] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 171.432927] ? __schedule+0x10cc/0x2b60 [ 171.433451] ? __pfx_read_tsc+0x10/0x10 [ 171.433801] ? ktime_get_ts64+0x86/0x230 [ 171.434015] kunit_try_run_case+0x1a5/0x480 [ 171.434414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 171.434780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 171.435010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 171.435738] ? __kthread_parkme+0x82/0x180 [ 171.436008] ? preempt_count_sub+0x50/0x80 [ 171.436516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 171.436831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 171.437356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 171.437790] kthread+0x337/0x6f0 [ 171.438293] ? trace_preempt_on+0x20/0xc0 [ 171.438709] ? __pfx_kthread+0x10/0x10 [ 171.438961] ? _raw_spin_unlock_irq+0x47/0x80 [ 171.439497] ? calculate_sigpending+0x7b/0xa0 [ 171.439803] ? __pfx_kthread+0x10/0x10 [ 171.440352] ret_from_fork+0x116/0x1d0 [ 171.440751] ? __pfx_kthread+0x10/0x10 [ 171.441021] ret_from_fork_asm+0x1a/0x30 [ 171.441453] </TASK> [ 171.441707] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 171.290734] WARNING: CPU: 1 PID: 1981 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 171.291942] Modules linked in: [ 171.292189] CPU: 1 UID: 0 PID: 1981 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 171.292786] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 171.293698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 171.294444] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 171.295119] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 171.296682] RSP: 0000:ffff888102f6fc90 EFLAGS: 00010246 [ 171.297183] RAX: dffffc0000000000 RBX: ffff888103c74000 RCX: 0000000000000000 [ 171.297685] RDX: 1ffff1102078e832 RSI: ffffffff8e3f80b8 RDI: ffff888103c74190 [ 171.298148] RBP: ffff888102f6fca0 R08: 1ffff11020073f69 R09: ffffed10205edf65 [ 171.299693] R10: 0000000000000003 R11: ffffffff8d982b18 R12: 0000000000000000 [ 171.299946] R13: ffff888102f6fd38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 171.300764] FS: 0000000000000000(0000) GS:ffff8881c7f77000(0000) knlGS:0000000000000000 [ 171.301160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 171.301472] CR2: 00007ffff7ffe000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 171.301907] DR0: ffffffff9324d4c4 DR1: ffffffff9324d4c9 DR2: ffffffff9324d4ca [ 171.303026] DR3: ffffffff9324d4cb DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 171.303734] Call Trace: [ 171.303908] <TASK> [ 171.304732] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 171.305386] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 171.305865] ? __schedule+0x10cc/0x2b60 [ 171.306865] ? __pfx_read_tsc+0x10/0x10 [ 171.307242] ? ktime_get_ts64+0x86/0x230 [ 171.307689] kunit_try_run_case+0x1a5/0x480 [ 171.308216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 171.308638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 171.309116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 171.309719] ? __kthread_parkme+0x82/0x180 [ 171.310052] ? preempt_count_sub+0x50/0x80 [ 171.310677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 171.310939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 171.311744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 171.312316] kthread+0x337/0x6f0 [ 171.312585] ? trace_preempt_on+0x20/0xc0 [ 171.312788] ? __pfx_kthread+0x10/0x10 [ 171.313589] ? _raw_spin_unlock_irq+0x47/0x80 [ 171.314618] ? calculate_sigpending+0x7b/0xa0 [ 171.315215] ? __pfx_kthread+0x10/0x10 [ 171.315431] ret_from_fork+0x116/0x1d0 [ 171.315787] ? __pfx_kthread+0x10/0x10 [ 171.316502] ret_from_fork_asm+0x1a/0x30 [ 171.316821] </TASK> [ 171.316977] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 125.244651] WARNING: CPU: 0 PID: 673 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 125.245591] Modules linked in: [ 125.246020] CPU: 0 UID: 0 PID: 673 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 125.246712] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 125.247697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 125.248656] RIP: 0010:intlog10+0x2a/0x40 [ 125.249055] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 125.250397] RSP: 0000:ffff8881025cfcb0 EFLAGS: 00010246 [ 125.250566] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110204b9fb4 [ 125.250804] RDX: 1ffffffff22129f4 RSI: 1ffff110204b9fb3 RDI: 0000000000000000 [ 125.251365] RBP: ffff8881025cfd60 R08: 0000000000000000 R09: ffffed102056c9e0 [ 125.251636] R10: ffff888102b64f07 R11: 0000000000000000 R12: 1ffff110204b9f97 [ 125.251929] R13: ffffffff91094fa0 R14: 0000000000000000 R15: ffff8881025cfd38 [ 125.252601] FS: 0000000000000000(0000) GS:ffff8881c7e77000(0000) knlGS:0000000000000000 [ 125.253361] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.253890] CR2: ffff88815a94e000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 125.254662] DR0: ffffffff9324d4c0 DR1: ffffffff9324d4c1 DR2: ffffffff9324d4c3 [ 125.255242] DR3: ffffffff9324d4c5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 125.255838] Call Trace: [ 125.256175] <TASK> [ 125.256426] ? intlog10_test+0xf2/0x220 [ 125.257062] ? __pfx_intlog10_test+0x10/0x10 [ 125.257586] ? __schedule+0x10cc/0x2b60 [ 125.258181] ? __pfx_read_tsc+0x10/0x10 [ 125.258514] ? ktime_get_ts64+0x86/0x230 [ 125.259019] kunit_try_run_case+0x1a5/0x480 [ 125.259685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 125.259981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 125.260836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 125.261339] ? __kthread_parkme+0x82/0x180 [ 125.261958] ? preempt_count_sub+0x50/0x80 [ 125.262232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 125.262771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 125.263572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 125.264028] kthread+0x337/0x6f0 [ 125.264721] ? trace_preempt_on+0x20/0xc0 [ 125.264930] ? __pfx_kthread+0x10/0x10 [ 125.265289] ? _raw_spin_unlock_irq+0x47/0x80 [ 125.265705] ? calculate_sigpending+0x7b/0xa0 [ 125.266324] ? __pfx_kthread+0x10/0x10 [ 125.266620] ret_from_fork+0x116/0x1d0 [ 125.266842] ? __pfx_kthread+0x10/0x10 [ 125.267502] ret_from_fork_asm+0x1a/0x30 [ 125.268316] </TASK> [ 125.268509] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 125.185145] WARNING: CPU: 0 PID: 655 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 125.186634] Modules linked in: [ 125.186912] CPU: 0 UID: 0 PID: 655 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 125.187903] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 125.188561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 125.189725] RIP: 0010:intlog2+0xdf/0x110 [ 125.190044] Code: 09 91 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 0f 91 56 ff 8b 45 e4 eb [ 125.191406] RSP: 0000:ffff88810ad17cb0 EFLAGS: 00010246 [ 125.191693] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110215a2fb4 [ 125.191951] RDX: 1ffffffff2212a48 RSI: 1ffff110215a2fb3 RDI: 0000000000000000 [ 125.192946] RBP: ffff88810ad17d60 R08: 0000000000000000 R09: ffffed10207f1500 [ 125.193410] R10: ffff888103f8a807 R11: 0000000000000000 R12: 1ffff110215a2f97 [ 125.193861] R13: ffffffff91095240 R14: 0000000000000000 R15: ffff88810ad17d38 [ 125.194526] FS: 0000000000000000(0000) GS:ffff8881c7e77000(0000) knlGS:0000000000000000 [ 125.195034] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.195374] CR2: ffff88815a94e000 CR3: 000000013debc000 CR4: 00000000000006f0 [ 125.195823] DR0: ffffffff9324d4c0 DR1: ffffffff9324d4c1 DR2: ffffffff9324d4c3 [ 125.196265] DR3: ffffffff9324d4c5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 125.196602] Call Trace: [ 125.196999] <TASK> [ 125.197346] ? intlog2_test+0xf2/0x220 [ 125.197690] ? __pfx_intlog2_test+0x10/0x10 [ 125.197909] ? __schedule+0x10cc/0x2b60 [ 125.198699] ? __pfx_read_tsc+0x10/0x10 [ 125.199410] ? ktime_get_ts64+0x86/0x230 [ 125.199731] kunit_try_run_case+0x1a5/0x480 [ 125.199942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 125.200717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 125.201028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 125.201759] ? __kthread_parkme+0x82/0x180 [ 125.202026] ? preempt_count_sub+0x50/0x80 [ 125.202562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 125.203005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 125.203728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 125.204046] kthread+0x337/0x6f0 [ 125.204546] ? trace_preempt_on+0x20/0xc0 [ 125.204965] ? __pfx_kthread+0x10/0x10 [ 125.205489] ? _raw_spin_unlock_irq+0x47/0x80 [ 125.205790] ? calculate_sigpending+0x7b/0xa0 [ 125.206268] ? __pfx_kthread+0x10/0x10 [ 125.206577] ret_from_fork+0x116/0x1d0 [ 125.206991] ? __pfx_kthread+0x10/0x10 [ 125.207522] ret_from_fork_asm+0x1a/0x30 [ 125.207855] </TASK> [ 125.208191] ---[ end trace 0000000000000000 ]---
Failure - kunit - lib_ratelimit_lib_ratelimit
<8>[ 389.933554] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_lib_ratelimit RESULT=fail>
Failure - kunit - lib_ratelimit_test_ratelimit_smoke
<8>[ 389.620867] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_test_ratelimit_smoke RESULT=fail>