Date
May 26, 2025, 9:10 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
Automatically assigned
[ 11.288821] ================================================================== [ 11.289313] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.289925] Read of size 1 at addr ffff8881028229a8 by task kunit_try_catch/206 [ 11.290344] [ 11.290474] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.290520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.290532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.290553] Call Trace: [ 11.290565] <TASK> [ 11.290580] dump_stack_lvl+0x73/0xb0 [ 11.290605] print_report+0xd1/0x650 [ 11.290627] ? __virt_addr_valid+0x1db/0x2d0 [ 11.290649] ? kmalloc_uaf2+0x4a8/0x520 [ 11.290669] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.290692] ? kmalloc_uaf2+0x4a8/0x520 [ 11.290712] kasan_report+0x141/0x180 [ 11.290734] ? kmalloc_uaf2+0x4a8/0x520 [ 11.290759] __asan_report_load1_noabort+0x18/0x20 [ 11.290779] kmalloc_uaf2+0x4a8/0x520 [ 11.290800] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.290819] ? finish_task_switch.isra.0+0x153/0x700 [ 11.290841] ? __switch_to+0x47/0xf50 [ 11.290866] ? __schedule+0x10cc/0x2b60 [ 11.290890] ? __pfx_read_tsc+0x10/0x10 [ 11.290909] ? ktime_get_ts64+0x86/0x230 [ 11.290933] kunit_try_run_case+0x1a5/0x480 [ 11.290953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.290972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.290996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.291020] ? __kthread_parkme+0x82/0x180 [ 11.291040] ? preempt_count_sub+0x50/0x80 [ 11.291062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.291082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.291105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.291129] kthread+0x337/0x6f0 [ 11.291148] ? trace_preempt_on+0x20/0xc0 [ 11.291182] ? __pfx_kthread+0x10/0x10 [ 11.291202] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.291224] ? calculate_sigpending+0x7b/0xa0 [ 11.291247] ? __pfx_kthread+0x10/0x10 [ 11.291267] ret_from_fork+0x116/0x1d0 [ 11.291285] ? __pfx_kthread+0x10/0x10 [ 11.291305] ret_from_fork_asm+0x1a/0x30 [ 11.291334] </TASK> [ 11.291344] [ 11.299140] Allocated by task 206: [ 11.299273] kasan_save_stack+0x45/0x70 [ 11.299429] kasan_save_track+0x18/0x40 [ 11.299624] kasan_save_alloc_info+0x3b/0x50 [ 11.299831] __kasan_kmalloc+0xb7/0xc0 [ 11.300171] __kmalloc_cache_noprof+0x189/0x420 [ 11.300343] kmalloc_uaf2+0xc6/0x520 [ 11.300487] kunit_try_run_case+0x1a5/0x480 [ 11.300634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.301203] kthread+0x337/0x6f0 [ 11.301410] ret_from_fork+0x116/0x1d0 [ 11.301606] ret_from_fork_asm+0x1a/0x30 [ 11.301932] [ 11.302101] Freed by task 206: [ 11.302268] kasan_save_stack+0x45/0x70 [ 11.302484] kasan_save_track+0x18/0x40 [ 11.302628] kasan_save_free_info+0x3f/0x60 [ 11.302774] __kasan_slab_free+0x56/0x70 [ 11.303046] kfree+0x222/0x3f0 [ 11.303198] kmalloc_uaf2+0x14c/0x520 [ 11.303348] kunit_try_run_case+0x1a5/0x480 [ 11.303563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.303763] kthread+0x337/0x6f0 [ 11.303885] ret_from_fork+0x116/0x1d0 [ 11.304018] ret_from_fork_asm+0x1a/0x30 [ 11.304157] [ 11.304249] The buggy address belongs to the object at ffff888102822980 [ 11.304249] which belongs to the cache kmalloc-64 of size 64 [ 11.304916] The buggy address is located 40 bytes inside of [ 11.304916] freed 64-byte region [ffff888102822980, ffff8881028229c0) [ 11.305807] [ 11.305910] The buggy address belongs to the physical page: [ 11.306217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102822 [ 11.306484] flags: 0x200000000000000(node=0|zone=2) [ 11.306651] page_type: f5(slab) [ 11.306822] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.307173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.307526] page dumped because: kasan: bad access detected [ 11.307755] [ 11.307871] Memory state around the buggy address: [ 11.308084] ffff888102822880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.308426] ffff888102822900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.308748] >ffff888102822980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.309157] ^ [ 11.309406] ffff888102822a00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.309678] ffff888102822a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.310002] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
Automatically assigned
[ 11.263367] ================================================================== [ 11.263827] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.264433] Write of size 33 at addr ffff888102822880 by task kunit_try_catch/204 [ 11.264740] [ 11.264840] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.264885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.264897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.264918] Call Trace: [ 11.264929] <TASK> [ 11.264945] dump_stack_lvl+0x73/0xb0 [ 11.264973] print_report+0xd1/0x650 [ 11.264995] ? __virt_addr_valid+0x1db/0x2d0 [ 11.265078] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.265100] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.265122] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.265144] kasan_report+0x141/0x180 [ 11.265166] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.265192] kasan_check_range+0x10c/0x1c0 [ 11.265216] __asan_memset+0x27/0x50 [ 11.265235] kmalloc_uaf_memset+0x1a3/0x360 [ 11.265256] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.265278] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.265304] ? trace_hardirqs_on+0x37/0xe0 [ 11.265329] ? __pfx_read_tsc+0x10/0x10 [ 11.265349] ? ktime_get_ts64+0x86/0x230 [ 11.265374] kunit_try_run_case+0x1a5/0x480 [ 11.265409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.265430] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.265455] ? __kthread_parkme+0x82/0x180 [ 11.265476] ? preempt_count_sub+0x50/0x80 [ 11.265498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.265519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.265543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.265567] kthread+0x337/0x6f0 [ 11.265586] ? trace_preempt_on+0x20/0xc0 [ 11.265607] ? __pfx_kthread+0x10/0x10 [ 11.265628] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.265651] ? calculate_sigpending+0x7b/0xa0 [ 11.265675] ? __pfx_kthread+0x10/0x10 [ 11.265696] ret_from_fork+0x116/0x1d0 [ 11.265713] ? __pfx_kthread+0x10/0x10 [ 11.265733] ret_from_fork_asm+0x1a/0x30 [ 11.265764] </TASK> [ 11.265774] [ 11.273651] Allocated by task 204: [ 11.273824] kasan_save_stack+0x45/0x70 [ 11.273973] kasan_save_track+0x18/0x40 [ 11.274115] kasan_save_alloc_info+0x3b/0x50 [ 11.274367] __kasan_kmalloc+0xb7/0xc0 [ 11.274580] __kmalloc_cache_noprof+0x189/0x420 [ 11.274802] kmalloc_uaf_memset+0xa9/0x360 [ 11.275005] kunit_try_run_case+0x1a5/0x480 [ 11.275212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.275401] kthread+0x337/0x6f0 [ 11.275523] ret_from_fork+0x116/0x1d0 [ 11.275984] ret_from_fork_asm+0x1a/0x30 [ 11.276263] [ 11.276357] Freed by task 204: [ 11.276502] kasan_save_stack+0x45/0x70 [ 11.276699] kasan_save_track+0x18/0x40 [ 11.276876] kasan_save_free_info+0x3f/0x60 [ 11.277153] __kasan_slab_free+0x56/0x70 [ 11.277327] kfree+0x222/0x3f0 [ 11.277485] kmalloc_uaf_memset+0x12b/0x360 [ 11.277699] kunit_try_run_case+0x1a5/0x480 [ 11.277887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.278191] kthread+0x337/0x6f0 [ 11.278353] ret_from_fork+0x116/0x1d0 [ 11.278497] ret_from_fork_asm+0x1a/0x30 [ 11.278637] [ 11.278707] The buggy address belongs to the object at ffff888102822880 [ 11.278707] which belongs to the cache kmalloc-64 of size 64 [ 11.279580] The buggy address is located 0 bytes inside of [ 11.279580] freed 64-byte region [ffff888102822880, ffff8881028228c0) [ 11.280284] [ 11.280363] The buggy address belongs to the physical page: [ 11.280642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102822 [ 11.281133] flags: 0x200000000000000(node=0|zone=2) [ 11.281351] page_type: f5(slab) [ 11.281504] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.281927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.282217] page dumped because: kasan: bad access detected [ 11.282443] [ 11.282542] Memory state around the buggy address: [ 11.282830] ffff888102822780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.283406] ffff888102822800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.283658] >ffff888102822880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.283911] ^ [ 11.284078] ffff888102822900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.284592] ffff888102822980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.284869] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
Automatically assigned
[ 11.239748] ================================================================== [ 11.240581] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.240890] Read of size 1 at addr ffff888101e622e8 by task kunit_try_catch/202 [ 11.241199] [ 11.241291] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.241336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.241348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.241368] Call Trace: [ 11.241392] <TASK> [ 11.241407] dump_stack_lvl+0x73/0xb0 [ 11.241433] print_report+0xd1/0x650 [ 11.241456] ? __virt_addr_valid+0x1db/0x2d0 [ 11.241477] ? kmalloc_uaf+0x320/0x380 [ 11.241497] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.241519] ? kmalloc_uaf+0x320/0x380 [ 11.241539] kasan_report+0x141/0x180 [ 11.241561] ? kmalloc_uaf+0x320/0x380 [ 11.241586] __asan_report_load1_noabort+0x18/0x20 [ 11.241606] kmalloc_uaf+0x320/0x380 [ 11.241626] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.241647] ? __schedule+0x10cc/0x2b60 [ 11.241671] ? __pfx_read_tsc+0x10/0x10 [ 11.241691] ? ktime_get_ts64+0x86/0x230 [ 11.241725] kunit_try_run_case+0x1a5/0x480 [ 11.241745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.241764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.241788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.241812] ? __kthread_parkme+0x82/0x180 [ 11.241832] ? preempt_count_sub+0x50/0x80 [ 11.241854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.241875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.241898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.241922] kthread+0x337/0x6f0 [ 11.241940] ? trace_preempt_on+0x20/0xc0 [ 11.241963] ? __pfx_kthread+0x10/0x10 [ 11.241983] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.242005] ? calculate_sigpending+0x7b/0xa0 [ 11.242035] ? __pfx_kthread+0x10/0x10 [ 11.242055] ret_from_fork+0x116/0x1d0 [ 11.242073] ? __pfx_kthread+0x10/0x10 [ 11.242093] ret_from_fork_asm+0x1a/0x30 [ 11.242123] </TASK> [ 11.242133] [ 11.248804] Allocated by task 202: [ 11.248937] kasan_save_stack+0x45/0x70 [ 11.249141] kasan_save_track+0x18/0x40 [ 11.249347] kasan_save_alloc_info+0x3b/0x50 [ 11.249563] __kasan_kmalloc+0xb7/0xc0 [ 11.249790] __kmalloc_cache_noprof+0x189/0x420 [ 11.249965] kmalloc_uaf+0xaa/0x380 [ 11.250097] kunit_try_run_case+0x1a5/0x480 [ 11.250240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.250424] kthread+0x337/0x6f0 [ 11.250599] ret_from_fork+0x116/0x1d0 [ 11.250890] ret_from_fork_asm+0x1a/0x30 [ 11.251095] [ 11.251196] Freed by task 202: [ 11.251357] kasan_save_stack+0x45/0x70 [ 11.251558] kasan_save_track+0x18/0x40 [ 11.251797] kasan_save_free_info+0x3f/0x60 [ 11.252005] __kasan_slab_free+0x56/0x70 [ 11.252203] kfree+0x222/0x3f0 [ 11.252341] kmalloc_uaf+0x12c/0x380 [ 11.252481] kunit_try_run_case+0x1a5/0x480 [ 11.252627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.252809] kthread+0x337/0x6f0 [ 11.252938] ret_from_fork+0x116/0x1d0 [ 11.253127] ret_from_fork_asm+0x1a/0x30 [ 11.253501] [ 11.253600] The buggy address belongs to the object at ffff888101e622e0 [ 11.253600] which belongs to the cache kmalloc-16 of size 16 [ 11.254138] The buggy address is located 8 bytes inside of [ 11.254138] freed 16-byte region [ffff888101e622e0, ffff888101e622f0) [ 11.254686] [ 11.254759] The buggy address belongs to the physical page: [ 11.254929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e62 [ 11.255193] flags: 0x200000000000000(node=0|zone=2) [ 11.255434] page_type: f5(slab) [ 11.255604] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.256124] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.256392] page dumped because: kasan: bad access detected [ 11.256650] [ 11.256761] Memory state around the buggy address: [ 11.256952] ffff888101e62180: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.257247] ffff888101e62200: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.257551] >ffff888101e62280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.257918] ^ [ 11.258173] ffff888101e62300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.258427] ffff888101e62380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.258681] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
Automatically assigned
[ 11.210599] ================================================================== [ 11.211159] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.211493] Read of size 64 at addr ffff888102a83c84 by task kunit_try_catch/200 [ 11.212065] [ 11.212185] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.212232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.212244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.212265] Call Trace: [ 11.212277] <TASK> [ 11.212293] dump_stack_lvl+0x73/0xb0 [ 11.212319] print_report+0xd1/0x650 [ 11.212341] ? __virt_addr_valid+0x1db/0x2d0 [ 11.212363] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.212397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.212419] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.212443] kasan_report+0x141/0x180 [ 11.212465] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.212494] kasan_check_range+0x10c/0x1c0 [ 11.212517] __asan_memmove+0x27/0x70 [ 11.212537] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.212561] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.212586] ? __schedule+0x10cc/0x2b60 [ 11.212609] ? __pfx_read_tsc+0x10/0x10 [ 11.212629] ? ktime_get_ts64+0x86/0x230 [ 11.212653] kunit_try_run_case+0x1a5/0x480 [ 11.212673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.212692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.212988] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.213082] ? __kthread_parkme+0x82/0x180 [ 11.213104] ? preempt_count_sub+0x50/0x80 [ 11.213163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.213186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.213210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.213233] kthread+0x337/0x6f0 [ 11.213252] ? trace_preempt_on+0x20/0xc0 [ 11.213275] ? __pfx_kthread+0x10/0x10 [ 11.213295] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.213318] ? calculate_sigpending+0x7b/0xa0 [ 11.213340] ? __pfx_kthread+0x10/0x10 [ 11.213361] ret_from_fork+0x116/0x1d0 [ 11.213390] ? __pfx_kthread+0x10/0x10 [ 11.213410] ret_from_fork_asm+0x1a/0x30 [ 11.213440] </TASK> [ 11.213450] [ 11.225353] Allocated by task 200: [ 11.225537] kasan_save_stack+0x45/0x70 [ 11.226252] kasan_save_track+0x18/0x40 [ 11.226454] kasan_save_alloc_info+0x3b/0x50 [ 11.226651] __kasan_kmalloc+0xb7/0xc0 [ 11.227237] __kmalloc_cache_noprof+0x189/0x420 [ 11.227653] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.227971] kunit_try_run_case+0x1a5/0x480 [ 11.228347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.228593] kthread+0x337/0x6f0 [ 11.228988] ret_from_fork+0x116/0x1d0 [ 11.229257] ret_from_fork_asm+0x1a/0x30 [ 11.229632] [ 11.229887] The buggy address belongs to the object at ffff888102a83c80 [ 11.229887] which belongs to the cache kmalloc-64 of size 64 [ 11.230575] The buggy address is located 4 bytes inside of [ 11.230575] allocated 64-byte region [ffff888102a83c80, ffff888102a83cc0) [ 11.231370] [ 11.231492] The buggy address belongs to the physical page: [ 11.231684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a83 [ 11.232054] flags: 0x200000000000000(node=0|zone=2) [ 11.232364] page_type: f5(slab) [ 11.232555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.232853] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.233300] page dumped because: kasan: bad access detected [ 11.233505] [ 11.233594] Memory state around the buggy address: [ 11.233877] ffff888102a83b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.234199] ffff888102a83c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.234523] >ffff888102a83c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.234811] ^ [ 11.235074] ffff888102a83d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.235609] ffff888102a83d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.235896] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
Automatically assigned
[ 11.183096] ================================================================== [ 11.183663] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.184253] Read of size 18446744073709551614 at addr ffff888102a83c04 by task kunit_try_catch/198 [ 11.184983] [ 11.185131] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.185178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.185191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.185295] Call Trace: [ 11.185310] <TASK> [ 11.185327] dump_stack_lvl+0x73/0xb0 [ 11.185361] print_report+0xd1/0x650 [ 11.185396] ? __virt_addr_valid+0x1db/0x2d0 [ 11.185420] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.185444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.185466] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.185513] kasan_report+0x141/0x180 [ 11.185537] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.185566] kasan_check_range+0x10c/0x1c0 [ 11.185590] __asan_memmove+0x27/0x70 [ 11.185610] kmalloc_memmove_negative_size+0x171/0x330 [ 11.185634] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.185660] ? __schedule+0x10cc/0x2b60 [ 11.185685] ? __pfx_read_tsc+0x10/0x10 [ 11.185706] ? ktime_get_ts64+0x86/0x230 [ 11.185731] kunit_try_run_case+0x1a5/0x480 [ 11.185753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.185772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.185798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.185823] ? __kthread_parkme+0x82/0x180 [ 11.185843] ? preempt_count_sub+0x50/0x80 [ 11.185865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.185886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.185909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.185932] kthread+0x337/0x6f0 [ 11.185951] ? trace_preempt_on+0x20/0xc0 [ 11.185975] ? __pfx_kthread+0x10/0x10 [ 11.185995] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.186017] ? calculate_sigpending+0x7b/0xa0 [ 11.186148] ? __pfx_kthread+0x10/0x10 [ 11.186172] ret_from_fork+0x116/0x1d0 [ 11.186191] ? __pfx_kthread+0x10/0x10 [ 11.186210] ret_from_fork_asm+0x1a/0x30 [ 11.186241] </TASK> [ 11.186251] [ 11.199079] Allocated by task 198: [ 11.199326] kasan_save_stack+0x45/0x70 [ 11.199537] kasan_save_track+0x18/0x40 [ 11.199738] kasan_save_alloc_info+0x3b/0x50 [ 11.199967] __kasan_kmalloc+0xb7/0xc0 [ 11.200133] __kmalloc_cache_noprof+0x189/0x420 [ 11.200416] kmalloc_memmove_negative_size+0xac/0x330 [ 11.200585] kunit_try_run_case+0x1a5/0x480 [ 11.200758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.201010] kthread+0x337/0x6f0 [ 11.201234] ret_from_fork+0x116/0x1d0 [ 11.201399] ret_from_fork_asm+0x1a/0x30 [ 11.201535] [ 11.201604] The buggy address belongs to the object at ffff888102a83c00 [ 11.201604] which belongs to the cache kmalloc-64 of size 64 [ 11.202422] The buggy address is located 4 bytes inside of [ 11.202422] 64-byte region [ffff888102a83c00, ffff888102a83c40) [ 11.202854] [ 11.202926] The buggy address belongs to the physical page: [ 11.203102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a83 [ 11.203483] flags: 0x200000000000000(node=0|zone=2) [ 11.203644] page_type: f5(slab) [ 11.203854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.204180] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.204475] page dumped because: kasan: bad access detected [ 11.204764] [ 11.204866] Memory state around the buggy address: [ 11.205018] ffff888102a83b00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 11.205332] ffff888102a83b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.205839] >ffff888102a83c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.206109] ^ [ 11.206299] ffff888102a83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.206516] ffff888102a83d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.206843] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
Automatically assigned
[ 11.155589] ================================================================== [ 11.155988] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.156230] Write of size 16 at addr ffff888102826169 by task kunit_try_catch/196 [ 11.157160] [ 11.157415] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.157464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.157476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.157498] Call Trace: [ 11.157512] <TASK> [ 11.157528] dump_stack_lvl+0x73/0xb0 [ 11.157558] print_report+0xd1/0x650 [ 11.157581] ? __virt_addr_valid+0x1db/0x2d0 [ 11.157604] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.157625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.157730] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.157759] kasan_report+0x141/0x180 [ 11.157782] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.157808] kasan_check_range+0x10c/0x1c0 [ 11.157831] __asan_memset+0x27/0x50 [ 11.157851] kmalloc_oob_memset_16+0x166/0x330 [ 11.157873] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.157895] ? __schedule+0x10cc/0x2b60 [ 11.157920] ? __pfx_read_tsc+0x10/0x10 [ 11.157941] ? ktime_get_ts64+0x86/0x230 [ 11.157965] kunit_try_run_case+0x1a5/0x480 [ 11.158114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.158143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.158170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.158195] ? __kthread_parkme+0x82/0x180 [ 11.158215] ? preempt_count_sub+0x50/0x80 [ 11.158239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.158259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.158283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.158307] kthread+0x337/0x6f0 [ 11.158326] ? trace_preempt_on+0x20/0xc0 [ 11.158348] ? __pfx_kthread+0x10/0x10 [ 11.158368] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.158404] ? calculate_sigpending+0x7b/0xa0 [ 11.158428] ? __pfx_kthread+0x10/0x10 [ 11.158448] ret_from_fork+0x116/0x1d0 [ 11.158466] ? __pfx_kthread+0x10/0x10 [ 11.158486] ret_from_fork_asm+0x1a/0x30 [ 11.158516] </TASK> [ 11.158527] [ 11.168908] Allocated by task 196: [ 11.169102] kasan_save_stack+0x45/0x70 [ 11.169332] kasan_save_track+0x18/0x40 [ 11.169546] kasan_save_alloc_info+0x3b/0x50 [ 11.169785] __kasan_kmalloc+0xb7/0xc0 [ 11.170016] __kmalloc_cache_noprof+0x189/0x420 [ 11.170220] kmalloc_oob_memset_16+0xac/0x330 [ 11.170451] kunit_try_run_case+0x1a5/0x480 [ 11.170660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.170898] kthread+0x337/0x6f0 [ 11.171041] ret_from_fork+0x116/0x1d0 [ 11.171237] ret_from_fork_asm+0x1a/0x30 [ 11.171486] [ 11.171628] The buggy address belongs to the object at ffff888102826100 [ 11.171628] which belongs to the cache kmalloc-128 of size 128 [ 11.172197] The buggy address is located 105 bytes inside of [ 11.172197] allocated 120-byte region [ffff888102826100, ffff888102826178) [ 11.172573] [ 11.172672] The buggy address belongs to the physical page: [ 11.172981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102826 [ 11.173639] flags: 0x200000000000000(node=0|zone=2) [ 11.173873] page_type: f5(slab) [ 11.174048] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.174353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.174780] page dumped because: kasan: bad access detected [ 11.174955] [ 11.175024] Memory state around the buggy address: [ 11.175343] ffff888102826000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.175751] ffff888102826080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.176119] >ffff888102826100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.176875] ^ [ 11.177764] ffff888102826180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.178457] ffff888102826200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.179319] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
Automatically assigned
[ 11.123255] ================================================================== [ 11.124458] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.124919] Write of size 8 at addr ffff888102a7ac71 by task kunit_try_catch/194 [ 11.125785] [ 11.125986] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.126240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.126258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.126280] Call Trace: [ 11.126294] <TASK> [ 11.126310] dump_stack_lvl+0x73/0xb0 [ 11.126338] print_report+0xd1/0x650 [ 11.126361] ? __virt_addr_valid+0x1db/0x2d0 [ 11.126396] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.126417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.126439] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.126461] kasan_report+0x141/0x180 [ 11.126483] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.126509] kasan_check_range+0x10c/0x1c0 [ 11.126532] __asan_memset+0x27/0x50 [ 11.126551] kmalloc_oob_memset_8+0x166/0x330 [ 11.126574] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.126596] ? __schedule+0x10cc/0x2b60 [ 11.126619] ? __pfx_read_tsc+0x10/0x10 [ 11.126639] ? ktime_get_ts64+0x86/0x230 [ 11.126663] kunit_try_run_case+0x1a5/0x480 [ 11.126683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.126701] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.126737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.126761] ? __kthread_parkme+0x82/0x180 [ 11.126781] ? preempt_count_sub+0x50/0x80 [ 11.126803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.126824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.126847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.126870] kthread+0x337/0x6f0 [ 11.126889] ? trace_preempt_on+0x20/0xc0 [ 11.126911] ? __pfx_kthread+0x10/0x10 [ 11.126931] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.126954] ? calculate_sigpending+0x7b/0xa0 [ 11.126977] ? __pfx_kthread+0x10/0x10 [ 11.126998] ret_from_fork+0x116/0x1d0 [ 11.127018] ? __pfx_kthread+0x10/0x10 [ 11.127040] ret_from_fork_asm+0x1a/0x30 [ 11.127070] </TASK> [ 11.127080] [ 11.139552] Allocated by task 194: [ 11.140075] kasan_save_stack+0x45/0x70 [ 11.140387] kasan_save_track+0x18/0x40 [ 11.140675] kasan_save_alloc_info+0x3b/0x50 [ 11.140925] __kasan_kmalloc+0xb7/0xc0 [ 11.141307] __kmalloc_cache_noprof+0x189/0x420 [ 11.141541] kmalloc_oob_memset_8+0xac/0x330 [ 11.141856] kunit_try_run_case+0x1a5/0x480 [ 11.142371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.142653] kthread+0x337/0x6f0 [ 11.143091] ret_from_fork+0x116/0x1d0 [ 11.143304] ret_from_fork_asm+0x1a/0x30 [ 11.143703] [ 11.143868] The buggy address belongs to the object at ffff888102a7ac00 [ 11.143868] which belongs to the cache kmalloc-128 of size 128 [ 11.144627] The buggy address is located 113 bytes inside of [ 11.144627] allocated 120-byte region [ffff888102a7ac00, ffff888102a7ac78) [ 11.145644] [ 11.145755] The buggy address belongs to the physical page: [ 11.145985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.146280] flags: 0x200000000000000(node=0|zone=2) [ 11.146739] page_type: f5(slab) [ 11.146969] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.147421] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.147876] page dumped because: kasan: bad access detected [ 11.148131] [ 11.148208] Memory state around the buggy address: [ 11.148428] ffff888102a7ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.148906] ffff888102a7ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.149333] >ffff888102a7ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.150012] ^ [ 11.150727] ffff888102a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.151577] ffff888102a7ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.152300] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
Automatically assigned
[ 11.091481] ================================================================== [ 11.092473] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.093212] Write of size 4 at addr ffff888102a7ab75 by task kunit_try_catch/192 [ 11.093931] [ 11.094150] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.094195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.094208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.094228] Call Trace: [ 11.094241] <TASK> [ 11.094256] dump_stack_lvl+0x73/0xb0 [ 11.094284] print_report+0xd1/0x650 [ 11.094317] ? __virt_addr_valid+0x1db/0x2d0 [ 11.094339] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.094360] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.094399] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.094421] kasan_report+0x141/0x180 [ 11.094443] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.094470] kasan_check_range+0x10c/0x1c0 [ 11.094493] __asan_memset+0x27/0x50 [ 11.094512] kmalloc_oob_memset_4+0x166/0x330 [ 11.094535] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.094557] ? __schedule+0x10cc/0x2b60 [ 11.094581] ? __pfx_read_tsc+0x10/0x10 [ 11.094601] ? ktime_get_ts64+0x86/0x230 [ 11.094627] kunit_try_run_case+0x1a5/0x480 [ 11.094648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.094691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.094734] ? __kthread_parkme+0x82/0x180 [ 11.094754] ? preempt_count_sub+0x50/0x80 [ 11.094777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.094821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.094845] kthread+0x337/0x6f0 [ 11.094863] ? trace_preempt_on+0x20/0xc0 [ 11.094886] ? __pfx_kthread+0x10/0x10 [ 11.094906] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.094929] ? calculate_sigpending+0x7b/0xa0 [ 11.094952] ? __pfx_kthread+0x10/0x10 [ 11.094972] ret_from_fork+0x116/0x1d0 [ 11.095006] ? __pfx_kthread+0x10/0x10 [ 11.095028] ret_from_fork_asm+0x1a/0x30 [ 11.095057] </TASK> [ 11.095067] [ 11.105295] Allocated by task 192: [ 11.105587] kasan_save_stack+0x45/0x70 [ 11.105746] kasan_save_track+0x18/0x40 [ 11.106352] kasan_save_alloc_info+0x3b/0x50 [ 11.106537] __kasan_kmalloc+0xb7/0xc0 [ 11.106793] __kmalloc_cache_noprof+0x189/0x420 [ 11.107296] kmalloc_oob_memset_4+0xac/0x330 [ 11.107711] kunit_try_run_case+0x1a5/0x480 [ 11.108164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.108679] kthread+0x337/0x6f0 [ 11.108843] ret_from_fork+0x116/0x1d0 [ 11.109328] ret_from_fork_asm+0x1a/0x30 [ 11.109738] [ 11.109918] The buggy address belongs to the object at ffff888102a7ab00 [ 11.109918] which belongs to the cache kmalloc-128 of size 128 [ 11.110873] The buggy address is located 117 bytes inside of [ 11.110873] allocated 120-byte region [ffff888102a7ab00, ffff888102a7ab78) [ 11.111854] [ 11.112231] The buggy address belongs to the physical page: [ 11.112747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.113569] flags: 0x200000000000000(node=0|zone=2) [ 11.113924] page_type: f5(slab) [ 11.114079] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.114852] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.115480] page dumped because: kasan: bad access detected [ 11.115920] [ 11.115992] Memory state around the buggy address: [ 11.116502] ffff888102a7aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.117126] ffff888102a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.117347] >ffff888102a7ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.117610] ^ [ 11.118532] ffff888102a7ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.119206] ffff888102a7ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.119993] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
Automatically assigned
[ 11.066374] ================================================================== [ 11.066892] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.067325] Write of size 2 at addr ffff888102826077 by task kunit_try_catch/190 [ 11.067652] [ 11.067907] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.068015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.068030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.068052] Call Trace: [ 11.068064] <TASK> [ 11.068079] dump_stack_lvl+0x73/0xb0 [ 11.068169] print_report+0xd1/0x650 [ 11.068194] ? __virt_addr_valid+0x1db/0x2d0 [ 11.068217] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.068238] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.068260] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.068282] kasan_report+0x141/0x180 [ 11.068304] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.068330] kasan_check_range+0x10c/0x1c0 [ 11.068353] __asan_memset+0x27/0x50 [ 11.068373] kmalloc_oob_memset_2+0x166/0x330 [ 11.068407] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.068429] ? __schedule+0x10cc/0x2b60 [ 11.068452] ? __pfx_read_tsc+0x10/0x10 [ 11.068472] ? ktime_get_ts64+0x86/0x230 [ 11.068496] kunit_try_run_case+0x1a5/0x480 [ 11.068516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.068535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.068559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.068583] ? __kthread_parkme+0x82/0x180 [ 11.068603] ? preempt_count_sub+0x50/0x80 [ 11.068626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.068647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.068670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.068694] kthread+0x337/0x6f0 [ 11.068729] ? trace_preempt_on+0x20/0xc0 [ 11.068751] ? __pfx_kthread+0x10/0x10 [ 11.068771] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.068794] ? calculate_sigpending+0x7b/0xa0 [ 11.068817] ? __pfx_kthread+0x10/0x10 [ 11.068838] ret_from_fork+0x116/0x1d0 [ 11.068855] ? __pfx_kthread+0x10/0x10 [ 11.068875] ret_from_fork_asm+0x1a/0x30 [ 11.068905] </TASK> [ 11.068915] [ 11.078014] Allocated by task 190: [ 11.078535] kasan_save_stack+0x45/0x70 [ 11.078909] kasan_save_track+0x18/0x40 [ 11.079304] kasan_save_alloc_info+0x3b/0x50 [ 11.079532] __kasan_kmalloc+0xb7/0xc0 [ 11.079849] __kmalloc_cache_noprof+0x189/0x420 [ 11.080049] kmalloc_oob_memset_2+0xac/0x330 [ 11.080292] kunit_try_run_case+0x1a5/0x480 [ 11.080608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.080859] kthread+0x337/0x6f0 [ 11.081241] ret_from_fork+0x116/0x1d0 [ 11.081436] ret_from_fork_asm+0x1a/0x30 [ 11.081621] [ 11.081712] The buggy address belongs to the object at ffff888102826000 [ 11.081712] which belongs to the cache kmalloc-128 of size 128 [ 11.082452] The buggy address is located 119 bytes inside of [ 11.082452] allocated 120-byte region [ffff888102826000, ffff888102826078) [ 11.083228] [ 11.083324] The buggy address belongs to the physical page: [ 11.083590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102826 [ 11.083893] flags: 0x200000000000000(node=0|zone=2) [ 11.084304] page_type: f5(slab) [ 11.084473] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.084964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.085466] page dumped because: kasan: bad access detected [ 11.085759] [ 11.085975] Memory state around the buggy address: [ 11.086390] ffff888102825f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.086668] ffff888102825f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.087091] >ffff888102826000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.087434] ^ [ 11.087711] ffff888102826080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.088267] ffff888102826100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.088526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
Automatically assigned
[ 11.029629] ================================================================== [ 11.030643] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.031867] Write of size 128 at addr ffff888102a7aa00 by task kunit_try_catch/188 [ 11.032846] [ 11.033209] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.033261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.033274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.033296] Call Trace: [ 11.033311] <TASK> [ 11.033328] dump_stack_lvl+0x73/0xb0 [ 11.033358] print_report+0xd1/0x650 [ 11.033393] ? __virt_addr_valid+0x1db/0x2d0 [ 11.033417] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.033438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.033460] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.033481] kasan_report+0x141/0x180 [ 11.033503] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.033530] kasan_check_range+0x10c/0x1c0 [ 11.033553] __asan_memset+0x27/0x50 [ 11.033573] kmalloc_oob_in_memset+0x15f/0x320 [ 11.033595] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.033617] ? __schedule+0x10cc/0x2b60 [ 11.033640] ? __pfx_read_tsc+0x10/0x10 [ 11.033660] ? ktime_get_ts64+0x86/0x230 [ 11.033685] kunit_try_run_case+0x1a5/0x480 [ 11.033713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.033732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.033756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.033780] ? __kthread_parkme+0x82/0x180 [ 11.033800] ? preempt_count_sub+0x50/0x80 [ 11.033823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.033843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.033866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.033890] kthread+0x337/0x6f0 [ 11.033908] ? trace_preempt_on+0x20/0xc0 [ 11.033931] ? __pfx_kthread+0x10/0x10 [ 11.033950] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.033973] ? calculate_sigpending+0x7b/0xa0 [ 11.033996] ? __pfx_kthread+0x10/0x10 [ 11.034017] ret_from_fork+0x116/0x1d0 [ 11.034039] ? __pfx_kthread+0x10/0x10 [ 11.034058] ret_from_fork_asm+0x1a/0x30 [ 11.034088] </TASK> [ 11.034098] [ 11.049024] Allocated by task 188: [ 11.049414] kasan_save_stack+0x45/0x70 [ 11.049910] kasan_save_track+0x18/0x40 [ 11.050359] kasan_save_alloc_info+0x3b/0x50 [ 11.050545] __kasan_kmalloc+0xb7/0xc0 [ 11.050947] __kmalloc_cache_noprof+0x189/0x420 [ 11.051433] kmalloc_oob_in_memset+0xac/0x320 [ 11.051846] kunit_try_run_case+0x1a5/0x480 [ 11.051994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.052573] kthread+0x337/0x6f0 [ 11.052914] ret_from_fork+0x116/0x1d0 [ 11.053487] ret_from_fork_asm+0x1a/0x30 [ 11.053885] [ 11.053958] The buggy address belongs to the object at ffff888102a7aa00 [ 11.053958] which belongs to the cache kmalloc-128 of size 128 [ 11.054941] The buggy address is located 0 bytes inside of [ 11.054941] allocated 120-byte region [ffff888102a7aa00, ffff888102a7aa78) [ 11.055946] [ 11.056029] The buggy address belongs to the physical page: [ 11.056222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.056468] flags: 0x200000000000000(node=0|zone=2) [ 11.056629] page_type: f5(slab) [ 11.056800] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.057544] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.058356] page dumped because: kasan: bad access detected [ 11.058930] [ 11.059153] Memory state around the buggy address: [ 11.059614] ffff888102a7a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.060308] ffff888102a7a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.061068] >ffff888102a7aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.061803] ^ [ 11.062510] ffff888102a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.063263] ffff888102a7ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.063882] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
Automatically assigned
[ 11.002932] ================================================================== [ 11.004064] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.004302] Read of size 16 at addr ffff888101892d20 by task kunit_try_catch/186 [ 11.004540] [ 11.004628] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.004673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.004685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.004706] Call Trace: [ 11.004718] <TASK> [ 11.004734] dump_stack_lvl+0x73/0xb0 [ 11.004761] print_report+0xd1/0x650 [ 11.004785] ? __virt_addr_valid+0x1db/0x2d0 [ 11.004808] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.004828] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.004851] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.004871] kasan_report+0x141/0x180 [ 11.004893] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.004919] __asan_report_load16_noabort+0x18/0x20 [ 11.004939] kmalloc_uaf_16+0x47b/0x4c0 [ 11.004961] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.004983] ? __schedule+0x10cc/0x2b60 [ 11.005008] ? __pfx_read_tsc+0x10/0x10 [ 11.005040] ? ktime_get_ts64+0x86/0x230 [ 11.005066] kunit_try_run_case+0x1a5/0x480 [ 11.005088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.005107] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.005133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.005158] ? __kthread_parkme+0x82/0x180 [ 11.005179] ? preempt_count_sub+0x50/0x80 [ 11.005202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.005223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.005246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.005270] kthread+0x337/0x6f0 [ 11.005289] ? trace_preempt_on+0x20/0xc0 [ 11.005314] ? __pfx_kthread+0x10/0x10 [ 11.005334] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.005356] ? calculate_sigpending+0x7b/0xa0 [ 11.005390] ? __pfx_kthread+0x10/0x10 [ 11.005411] ret_from_fork+0x116/0x1d0 [ 11.005430] ? __pfx_kthread+0x10/0x10 [ 11.005450] ret_from_fork_asm+0x1a/0x30 [ 11.005480] </TASK> [ 11.005491] [ 11.012470] Allocated by task 186: [ 11.012649] kasan_save_stack+0x45/0x70 [ 11.013028] kasan_save_track+0x18/0x40 [ 11.013247] kasan_save_alloc_info+0x3b/0x50 [ 11.013519] __kasan_kmalloc+0xb7/0xc0 [ 11.013684] __kmalloc_cache_noprof+0x189/0x420 [ 11.013891] kmalloc_uaf_16+0x15b/0x4c0 [ 11.014032] kunit_try_run_case+0x1a5/0x480 [ 11.014177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.014609] kthread+0x337/0x6f0 [ 11.014921] ret_from_fork+0x116/0x1d0 [ 11.015158] ret_from_fork_asm+0x1a/0x30 [ 11.015320] [ 11.015422] Freed by task 186: [ 11.015585] kasan_save_stack+0x45/0x70 [ 11.015774] kasan_save_track+0x18/0x40 [ 11.015909] kasan_save_free_info+0x3f/0x60 [ 11.016052] __kasan_slab_free+0x56/0x70 [ 11.016188] kfree+0x222/0x3f0 [ 11.017751] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.018265] kunit_try_run_case+0x1a5/0x480 [ 11.018498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.018840] kthread+0x337/0x6f0 [ 11.018992] ret_from_fork+0x116/0x1d0 [ 11.019405] ret_from_fork_asm+0x1a/0x30 [ 11.019576] [ 11.019673] The buggy address belongs to the object at ffff888101892d20 [ 11.019673] which belongs to the cache kmalloc-16 of size 16 [ 11.020476] The buggy address is located 0 bytes inside of [ 11.020476] freed 16-byte region [ffff888101892d20, ffff888101892d30) [ 11.021164] [ 11.021280] The buggy address belongs to the physical page: [ 11.021525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 11.021981] flags: 0x200000000000000(node=0|zone=2) [ 11.022457] page_type: f5(slab) [ 11.022639] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.022964] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.023415] page dumped because: kasan: bad access detected [ 11.023667] [ 11.023915] Memory state around the buggy address: [ 11.024190] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.024732] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 11.025070] >ffff888101892d00: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.025556] ^ [ 11.025893] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.026328] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.026745] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
Automatically assigned
[ 10.968870] ================================================================== [ 10.969875] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 10.970601] Write of size 16 at addr ffff888101e622a0 by task kunit_try_catch/184 [ 10.970989] [ 10.971130] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.971176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.971188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.971209] Call Trace: [ 10.971222] <TASK> [ 10.971237] dump_stack_lvl+0x73/0xb0 [ 10.971264] print_report+0xd1/0x650 [ 10.971287] ? __virt_addr_valid+0x1db/0x2d0 [ 10.971309] ? kmalloc_oob_16+0x452/0x4a0 [ 10.971329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.971351] ? kmalloc_oob_16+0x452/0x4a0 [ 10.971372] kasan_report+0x141/0x180 [ 10.971409] ? kmalloc_oob_16+0x452/0x4a0 [ 10.971435] __asan_report_store16_noabort+0x1b/0x30 [ 10.971457] kmalloc_oob_16+0x452/0x4a0 [ 10.971479] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 10.971500] ? __schedule+0x10cc/0x2b60 [ 10.971524] ? __pfx_read_tsc+0x10/0x10 [ 10.971544] ? ktime_get_ts64+0x86/0x230 [ 10.971568] kunit_try_run_case+0x1a5/0x480 [ 10.971588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.971607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.971631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.971655] ? __kthread_parkme+0x82/0x180 [ 10.971675] ? preempt_count_sub+0x50/0x80 [ 10.971698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.971728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.971752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.971776] kthread+0x337/0x6f0 [ 10.971794] ? trace_preempt_on+0x20/0xc0 [ 10.971817] ? __pfx_kthread+0x10/0x10 [ 10.971838] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.971860] ? calculate_sigpending+0x7b/0xa0 [ 10.971883] ? __pfx_kthread+0x10/0x10 [ 10.971904] ret_from_fork+0x116/0x1d0 [ 10.971922] ? __pfx_kthread+0x10/0x10 [ 10.971942] ret_from_fork_asm+0x1a/0x30 [ 10.971972] </TASK> [ 10.971983] [ 10.985546] Allocated by task 184: [ 10.985900] kasan_save_stack+0x45/0x70 [ 10.986327] kasan_save_track+0x18/0x40 [ 10.986694] kasan_save_alloc_info+0x3b/0x50 [ 10.987109] __kasan_kmalloc+0xb7/0xc0 [ 10.987332] __kmalloc_cache_noprof+0x189/0x420 [ 10.987500] kmalloc_oob_16+0xa8/0x4a0 [ 10.987636] kunit_try_run_case+0x1a5/0x480 [ 10.987857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.988368] kthread+0x337/0x6f0 [ 10.988686] ret_from_fork+0x116/0x1d0 [ 10.989054] ret_from_fork_asm+0x1a/0x30 [ 10.989463] [ 10.989625] The buggy address belongs to the object at ffff888101e622a0 [ 10.989625] which belongs to the cache kmalloc-16 of size 16 [ 10.991055] The buggy address is located 0 bytes inside of [ 10.991055] allocated 13-byte region [ffff888101e622a0, ffff888101e622ad) [ 10.991810] [ 10.991890] The buggy address belongs to the physical page: [ 10.992262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e62 [ 10.993002] flags: 0x200000000000000(node=0|zone=2) [ 10.993520] page_type: f5(slab) [ 10.993829] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.994628] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.995073] page dumped because: kasan: bad access detected [ 10.995819] [ 10.995987] Memory state around the buggy address: [ 10.996260] ffff888101e62180: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 10.996498] ffff888101e62200: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 10.996728] >ffff888101e62280: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 10.997372] ^ [ 10.997813] ffff888101e62300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.998589] ffff888101e62380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.999297] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
Automatically assigned
[ 10.941795] ================================================================== [ 10.942271] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 10.942557] Read of size 1 at addr ffff888100a37400 by task kunit_try_catch/182 [ 10.942900] [ 10.942996] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.943083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.943095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.943115] Call Trace: [ 10.943130] <TASK> [ 10.943144] dump_stack_lvl+0x73/0xb0 [ 10.943169] print_report+0xd1/0x650 [ 10.943191] ? __virt_addr_valid+0x1db/0x2d0 [ 10.943214] ? krealloc_uaf+0x53c/0x5e0 [ 10.943236] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.943261] ? krealloc_uaf+0x53c/0x5e0 [ 10.943284] kasan_report+0x141/0x180 [ 10.943307] ? krealloc_uaf+0x53c/0x5e0 [ 10.943334] __asan_report_load1_noabort+0x18/0x20 [ 10.943354] krealloc_uaf+0x53c/0x5e0 [ 10.943387] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.943410] ? __kasan_check_write+0x18/0x20 [ 10.943430] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.943454] ? irqentry_exit+0x2a/0x60 [ 10.943472] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.943496] ? trace_hardirqs_on+0x37/0xe0 [ 10.943519] ? __pfx_read_tsc+0x10/0x10 [ 10.943539] ? ktime_get_ts64+0x86/0x230 [ 10.943562] kunit_try_run_case+0x1a5/0x480 [ 10.943582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.943603] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.943627] ? __kthread_parkme+0x82/0x180 [ 10.943647] ? preempt_count_sub+0x50/0x80 [ 10.943670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.943690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.943713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.943737] kthread+0x337/0x6f0 [ 10.943755] ? trace_preempt_on+0x20/0xc0 [ 10.943777] ? __pfx_kthread+0x10/0x10 [ 10.943797] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.943820] ? calculate_sigpending+0x7b/0xa0 [ 10.943844] ? __pfx_kthread+0x10/0x10 [ 10.943865] ret_from_fork+0x116/0x1d0 [ 10.943884] ? __pfx_kthread+0x10/0x10 [ 10.943904] ret_from_fork_asm+0x1a/0x30 [ 10.943935] </TASK> [ 10.943945] [ 10.951781] Allocated by task 182: [ 10.951966] kasan_save_stack+0x45/0x70 [ 10.952176] kasan_save_track+0x18/0x40 [ 10.952369] kasan_save_alloc_info+0x3b/0x50 [ 10.952535] __kasan_kmalloc+0xb7/0xc0 [ 10.952669] __kmalloc_cache_noprof+0x189/0x420 [ 10.952926] krealloc_uaf+0xbb/0x5e0 [ 10.953253] kunit_try_run_case+0x1a5/0x480 [ 10.953435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.953611] kthread+0x337/0x6f0 [ 10.953785] ret_from_fork+0x116/0x1d0 [ 10.954204] ret_from_fork_asm+0x1a/0x30 [ 10.954427] [ 10.954508] Freed by task 182: [ 10.954655] kasan_save_stack+0x45/0x70 [ 10.954845] kasan_save_track+0x18/0x40 [ 10.955060] kasan_save_free_info+0x3f/0x60 [ 10.955249] __kasan_slab_free+0x56/0x70 [ 10.955423] kfree+0x222/0x3f0 [ 10.955588] krealloc_uaf+0x13d/0x5e0 [ 10.955778] kunit_try_run_case+0x1a5/0x480 [ 10.955934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.956350] kthread+0x337/0x6f0 [ 10.956514] ret_from_fork+0x116/0x1d0 [ 10.956647] ret_from_fork_asm+0x1a/0x30 [ 10.957036] [ 10.957131] The buggy address belongs to the object at ffff888100a37400 [ 10.957131] which belongs to the cache kmalloc-256 of size 256 [ 10.957545] The buggy address is located 0 bytes inside of [ 10.957545] freed 256-byte region [ffff888100a37400, ffff888100a37500) [ 10.957999] [ 10.958098] The buggy address belongs to the physical page: [ 10.958355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.958719] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.958943] flags: 0x200000000000040(head|node=0|zone=2) [ 10.959474] page_type: f5(slab) [ 10.959662] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.960115] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.960387] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.960747] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.961113] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.961404] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.961744] page dumped because: kasan: bad access detected [ 10.961951] [ 10.962075] Memory state around the buggy address: [ 10.962233] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.962578] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.962905] >ffff888100a37400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.963219] ^ [ 10.963370] ffff888100a37480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.963592] ffff888100a37500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.964232] ================================================================== [ 10.917237] ================================================================== [ 10.917786] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 10.918085] Read of size 1 at addr ffff888100a37400 by task kunit_try_catch/182 [ 10.918730] [ 10.918852] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.918897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.918909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.918929] Call Trace: [ 10.918941] <TASK> [ 10.918957] dump_stack_lvl+0x73/0xb0 [ 10.918985] print_report+0xd1/0x650 [ 10.919008] ? __virt_addr_valid+0x1db/0x2d0 [ 10.919031] ? krealloc_uaf+0x1b8/0x5e0 [ 10.919051] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.919073] ? krealloc_uaf+0x1b8/0x5e0 [ 10.919095] kasan_report+0x141/0x180 [ 10.919116] ? krealloc_uaf+0x1b8/0x5e0 [ 10.919140] ? krealloc_uaf+0x1b8/0x5e0 [ 10.919161] __kasan_check_byte+0x3d/0x50 [ 10.919183] krealloc_noprof+0x3f/0x340 [ 10.919207] krealloc_uaf+0x1b8/0x5e0 [ 10.919228] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.919250] ? __kasan_check_write+0x18/0x20 [ 10.919269] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.919294] ? irqentry_exit+0x2a/0x60 [ 10.919312] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.919602] ? trace_hardirqs_on+0x37/0xe0 [ 10.919630] ? __pfx_read_tsc+0x10/0x10 [ 10.919651] ? ktime_get_ts64+0x86/0x230 [ 10.919676] kunit_try_run_case+0x1a5/0x480 [ 10.919698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.919729] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.919754] ? __kthread_parkme+0x82/0x180 [ 10.919774] ? preempt_count_sub+0x50/0x80 [ 10.919797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.919817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.919841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.919864] kthread+0x337/0x6f0 [ 10.919883] ? trace_preempt_on+0x20/0xc0 [ 10.919904] ? __pfx_kthread+0x10/0x10 [ 10.919924] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.919947] ? calculate_sigpending+0x7b/0xa0 [ 10.919970] ? __pfx_kthread+0x10/0x10 [ 10.919991] ret_from_fork+0x116/0x1d0 [ 10.920053] ? __pfx_kthread+0x10/0x10 [ 10.920074] ret_from_fork_asm+0x1a/0x30 [ 10.920104] </TASK> [ 10.920115] [ 10.928492] Allocated by task 182: [ 10.928676] kasan_save_stack+0x45/0x70 [ 10.928943] kasan_save_track+0x18/0x40 [ 10.929127] kasan_save_alloc_info+0x3b/0x50 [ 10.929558] __kasan_kmalloc+0xb7/0xc0 [ 10.929704] __kmalloc_cache_noprof+0x189/0x420 [ 10.929947] krealloc_uaf+0xbb/0x5e0 [ 10.930144] kunit_try_run_case+0x1a5/0x480 [ 10.930405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.930620] kthread+0x337/0x6f0 [ 10.930742] ret_from_fork+0x116/0x1d0 [ 10.930873] ret_from_fork_asm+0x1a/0x30 [ 10.931065] [ 10.931180] Freed by task 182: [ 10.931363] kasan_save_stack+0x45/0x70 [ 10.931667] kasan_save_track+0x18/0x40 [ 10.932081] kasan_save_free_info+0x3f/0x60 [ 10.932269] __kasan_slab_free+0x56/0x70 [ 10.932444] kfree+0x222/0x3f0 [ 10.932605] krealloc_uaf+0x13d/0x5e0 [ 10.932804] kunit_try_run_case+0x1a5/0x480 [ 10.932948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.933124] kthread+0x337/0x6f0 [ 10.933415] ret_from_fork+0x116/0x1d0 [ 10.933611] ret_from_fork_asm+0x1a/0x30 [ 10.933825] [ 10.933927] The buggy address belongs to the object at ffff888100a37400 [ 10.933927] which belongs to the cache kmalloc-256 of size 256 [ 10.934330] The buggy address is located 0 bytes inside of [ 10.934330] freed 256-byte region [ffff888100a37400, ffff888100a37500) [ 10.935348] [ 10.935460] The buggy address belongs to the physical page: [ 10.935650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.935894] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.936127] flags: 0x200000000000040(head|node=0|zone=2) [ 10.936592] page_type: f5(slab) [ 10.936771] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.937126] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.937456] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.938061] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.938301] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.938546] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.939142] page dumped because: kasan: bad access detected [ 10.939415] [ 10.939514] Memory state around the buggy address: [ 10.939739] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.940030] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.940310] >ffff888100a37400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.940559] ^ [ 10.940710] ffff888100a37480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.941038] ffff888100a37500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.941314] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
Automatically assigned
[ 10.851538] ================================================================== [ 10.851936] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.852449] Write of size 1 at addr ffff88810294e0da by task kunit_try_catch/180 [ 10.852761] [ 10.852856] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.852899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.852911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.852930] Call Trace: [ 10.852945] <TASK> [ 10.852958] dump_stack_lvl+0x73/0xb0 [ 10.852983] print_report+0xd1/0x650 [ 10.853005] ? __virt_addr_valid+0x1db/0x2d0 [ 10.853027] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.853050] ? kasan_addr_to_slab+0x11/0xa0 [ 10.853070] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.853093] kasan_report+0x141/0x180 [ 10.853115] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.853144] __asan_report_store1_noabort+0x1b/0x30 [ 10.853181] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.853206] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.853230] ? finish_task_switch.isra.0+0x153/0x700 [ 10.853251] ? __switch_to+0x47/0xf50 [ 10.853275] ? __schedule+0x10cc/0x2b60 [ 10.853298] ? __pfx_read_tsc+0x10/0x10 [ 10.853321] krealloc_large_less_oob+0x1c/0x30 [ 10.853343] kunit_try_run_case+0x1a5/0x480 [ 10.853364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.853393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.853416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.853440] ? __kthread_parkme+0x82/0x180 [ 10.853459] ? preempt_count_sub+0x50/0x80 [ 10.853482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.853504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.853530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.853555] kthread+0x337/0x6f0 [ 10.853575] ? trace_preempt_on+0x20/0xc0 [ 10.853598] ? __pfx_kthread+0x10/0x10 [ 10.853618] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.853640] ? calculate_sigpending+0x7b/0xa0 [ 10.853663] ? __pfx_kthread+0x10/0x10 [ 10.853684] ret_from_fork+0x116/0x1d0 [ 10.853702] ? __pfx_kthread+0x10/0x10 [ 10.853772] ret_from_fork_asm+0x1a/0x30 [ 10.853805] </TASK> [ 10.853815] [ 10.861881] The buggy address belongs to the physical page: [ 10.862071] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 10.862641] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.863418] flags: 0x200000000000040(head|node=0|zone=2) [ 10.863605] page_type: f8(unknown) [ 10.863739] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.864227] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.864589] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.864944] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.865178] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 10.865532] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.865871] page dumped because: kasan: bad access detected [ 10.866047] [ 10.866117] Memory state around the buggy address: [ 10.866272] ffff88810294df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.866774] ffff88810294e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.867090] >ffff88810294e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.867413] ^ [ 10.867700] ffff88810294e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.868060] ffff88810294e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.868335] ================================================================== [ 10.735701] ================================================================== [ 10.736041] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.736414] Write of size 1 at addr ffff888100a372ea by task kunit_try_catch/176 [ 10.737312] [ 10.737417] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.737461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.737472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.737493] Call Trace: [ 10.737505] <TASK> [ 10.737519] dump_stack_lvl+0x73/0xb0 [ 10.737546] print_report+0xd1/0x650 [ 10.737569] ? __virt_addr_valid+0x1db/0x2d0 [ 10.737590] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.737636] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737660] kasan_report+0x141/0x180 [ 10.737682] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737710] __asan_report_store1_noabort+0x1b/0x30 [ 10.737733] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.737758] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.737782] ? finish_task_switch.isra.0+0x153/0x700 [ 10.737803] ? __switch_to+0x47/0xf50 [ 10.737827] ? __schedule+0x10cc/0x2b60 [ 10.737849] ? __pfx_read_tsc+0x10/0x10 [ 10.737873] krealloc_less_oob+0x1c/0x30 [ 10.737893] kunit_try_run_case+0x1a5/0x480 [ 10.737914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.737932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.737956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.737979] ? __kthread_parkme+0x82/0x180 [ 10.737999] ? preempt_count_sub+0x50/0x80 [ 10.738021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.738048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.738071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.738096] kthread+0x337/0x6f0 [ 10.738114] ? trace_preempt_on+0x20/0xc0 [ 10.738137] ? __pfx_kthread+0x10/0x10 [ 10.738157] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.738179] ? calculate_sigpending+0x7b/0xa0 [ 10.738202] ? __pfx_kthread+0x10/0x10 [ 10.738223] ret_from_fork+0x116/0x1d0 [ 10.738241] ? __pfx_kthread+0x10/0x10 [ 10.738261] ret_from_fork_asm+0x1a/0x30 [ 10.738292] </TASK> [ 10.738303] [ 10.746494] Allocated by task 176: [ 10.746627] kasan_save_stack+0x45/0x70 [ 10.746946] kasan_save_track+0x18/0x40 [ 10.747152] kasan_save_alloc_info+0x3b/0x50 [ 10.747532] __kasan_krealloc+0x190/0x1f0 [ 10.747764] krealloc_noprof+0xf3/0x340 [ 10.747956] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.748272] krealloc_less_oob+0x1c/0x30 [ 10.748452] kunit_try_run_case+0x1a5/0x480 [ 10.748665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.748902] kthread+0x337/0x6f0 [ 10.749101] ret_from_fork+0x116/0x1d0 [ 10.749386] ret_from_fork_asm+0x1a/0x30 [ 10.749593] [ 10.749670] The buggy address belongs to the object at ffff888100a37200 [ 10.749670] which belongs to the cache kmalloc-256 of size 256 [ 10.750435] The buggy address is located 33 bytes to the right of [ 10.750435] allocated 201-byte region [ffff888100a37200, ffff888100a372c9) [ 10.750972] [ 10.751072] The buggy address belongs to the physical page: [ 10.751367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.751736] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.752033] flags: 0x200000000000040(head|node=0|zone=2) [ 10.752243] page_type: f5(slab) [ 10.752362] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.752708] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.753047] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.753358] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.753603] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.754129] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.754396] page dumped because: kasan: bad access detected [ 10.754568] [ 10.754637] Memory state around the buggy address: [ 10.754836] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.755157] ffff888100a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.755521] >ffff888100a37280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.755830] ^ [ 10.756151] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.756370] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.756708] ================================================================== [ 10.690393] ================================================================== [ 10.690669] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.691443] Write of size 1 at addr ffff888100a372d0 by task kunit_try_catch/176 [ 10.691776] [ 10.691891] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.691935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.691947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.691967] Call Trace: [ 10.691982] <TASK> [ 10.691997] dump_stack_lvl+0x73/0xb0 [ 10.692025] print_report+0xd1/0x650 [ 10.692047] ? __virt_addr_valid+0x1db/0x2d0 [ 10.692069] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.692092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.692114] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.692138] kasan_report+0x141/0x180 [ 10.692159] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.692187] __asan_report_store1_noabort+0x1b/0x30 [ 10.692208] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.692233] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.692345] ? finish_task_switch.isra.0+0x153/0x700 [ 10.692367] ? __switch_to+0x47/0xf50 [ 10.692405] ? __schedule+0x10cc/0x2b60 [ 10.692428] ? __pfx_read_tsc+0x10/0x10 [ 10.692452] krealloc_less_oob+0x1c/0x30 [ 10.692473] kunit_try_run_case+0x1a5/0x480 [ 10.692494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.692513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.692536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.692560] ? __kthread_parkme+0x82/0x180 [ 10.692579] ? preempt_count_sub+0x50/0x80 [ 10.692602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.692624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.692648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.692672] kthread+0x337/0x6f0 [ 10.692690] ? trace_preempt_on+0x20/0xc0 [ 10.692713] ? __pfx_kthread+0x10/0x10 [ 10.692745] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.692767] ? calculate_sigpending+0x7b/0xa0 [ 10.692790] ? __pfx_kthread+0x10/0x10 [ 10.692810] ret_from_fork+0x116/0x1d0 [ 10.692828] ? __pfx_kthread+0x10/0x10 [ 10.692848] ret_from_fork_asm+0x1a/0x30 [ 10.692878] </TASK> [ 10.692887] [ 10.703591] Allocated by task 176: [ 10.704048] kasan_save_stack+0x45/0x70 [ 10.704331] kasan_save_track+0x18/0x40 [ 10.704492] kasan_save_alloc_info+0x3b/0x50 [ 10.704872] __kasan_krealloc+0x190/0x1f0 [ 10.705107] krealloc_noprof+0xf3/0x340 [ 10.705292] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.705532] krealloc_less_oob+0x1c/0x30 [ 10.705712] kunit_try_run_case+0x1a5/0x480 [ 10.706174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.706544] kthread+0x337/0x6f0 [ 10.706731] ret_from_fork+0x116/0x1d0 [ 10.707255] ret_from_fork_asm+0x1a/0x30 [ 10.707453] [ 10.707646] The buggy address belongs to the object at ffff888100a37200 [ 10.707646] which belongs to the cache kmalloc-256 of size 256 [ 10.708154] The buggy address is located 7 bytes to the right of [ 10.708154] allocated 201-byte region [ffff888100a37200, ffff888100a372c9) [ 10.708675] [ 10.708850] The buggy address belongs to the physical page: [ 10.709035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.709356] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.709660] flags: 0x200000000000040(head|node=0|zone=2) [ 10.710102] page_type: f5(slab) [ 10.710277] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.710583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.710839] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.711180] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.711550] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.711973] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.712340] page dumped because: kasan: bad access detected [ 10.712529] [ 10.712623] Memory state around the buggy address: [ 10.712854] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.713335] ffff888100a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.713658] >ffff888100a37280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.713940] ^ [ 10.714196] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.714587] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.714868] ================================================================== [ 10.657139] ================================================================== [ 10.658131] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.658407] Write of size 1 at addr ffff888100a372c9 by task kunit_try_catch/176 [ 10.658634] [ 10.658722] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.658765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.658777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.658797] Call Trace: [ 10.658810] <TASK> [ 10.658826] dump_stack_lvl+0x73/0xb0 [ 10.658852] print_report+0xd1/0x650 [ 10.658876] ? __virt_addr_valid+0x1db/0x2d0 [ 10.658897] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.658921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.658943] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.658966] kasan_report+0x141/0x180 [ 10.658988] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.659016] __asan_report_store1_noabort+0x1b/0x30 [ 10.659037] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.659062] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.659086] ? finish_task_switch.isra.0+0x153/0x700 [ 10.659107] ? __switch_to+0x47/0xf50 [ 10.659131] ? __schedule+0x10cc/0x2b60 [ 10.659154] ? __pfx_read_tsc+0x10/0x10 [ 10.659178] krealloc_less_oob+0x1c/0x30 [ 10.659199] kunit_try_run_case+0x1a5/0x480 [ 10.659220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.659239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.659262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.659286] ? __kthread_parkme+0x82/0x180 [ 10.659305] ? preempt_count_sub+0x50/0x80 [ 10.659327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.659347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.659370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.659403] kthread+0x337/0x6f0 [ 10.659422] ? trace_preempt_on+0x20/0xc0 [ 10.659446] ? __pfx_kthread+0x10/0x10 [ 10.659466] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.659880] ? calculate_sigpending+0x7b/0xa0 [ 10.659908] ? __pfx_kthread+0x10/0x10 [ 10.659930] ret_from_fork+0x116/0x1d0 [ 10.660138] ? __pfx_kthread+0x10/0x10 [ 10.660162] ret_from_fork_asm+0x1a/0x30 [ 10.660193] </TASK> [ 10.660204] [ 10.673655] Allocated by task 176: [ 10.673926] kasan_save_stack+0x45/0x70 [ 10.674437] kasan_save_track+0x18/0x40 [ 10.674817] kasan_save_alloc_info+0x3b/0x50 [ 10.674963] __kasan_krealloc+0x190/0x1f0 [ 10.675483] krealloc_noprof+0xf3/0x340 [ 10.675887] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.676232] krealloc_less_oob+0x1c/0x30 [ 10.676394] kunit_try_run_case+0x1a5/0x480 [ 10.676845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.677413] kthread+0x337/0x6f0 [ 10.677683] ret_from_fork+0x116/0x1d0 [ 10.678123] ret_from_fork_asm+0x1a/0x30 [ 10.678405] [ 10.678477] The buggy address belongs to the object at ffff888100a37200 [ 10.678477] which belongs to the cache kmalloc-256 of size 256 [ 10.678972] The buggy address is located 0 bytes to the right of [ 10.678972] allocated 201-byte region [ffff888100a37200, ffff888100a372c9) [ 10.680248] [ 10.680445] The buggy address belongs to the physical page: [ 10.680872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.681118] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.681339] flags: 0x200000000000040(head|node=0|zone=2) [ 10.681970] page_type: f5(slab) [ 10.682426] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.683135] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.684042] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.684586] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.684848] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.685739] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.686552] page dumped because: kasan: bad access detected [ 10.686934] [ 10.687012] Memory state around the buggy address: [ 10.687336] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.688006] ffff888100a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.688410] >ffff888100a37280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.688629] ^ [ 10.688829] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.689129] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.689527] ================================================================== [ 10.868614] ================================================================== [ 10.869087] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.869460] Write of size 1 at addr ffff88810294e0ea by task kunit_try_catch/180 [ 10.869781] [ 10.869890] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.869933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.869944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.869964] Call Trace: [ 10.869978] <TASK> [ 10.869992] dump_stack_lvl+0x73/0xb0 [ 10.870016] print_report+0xd1/0x650 [ 10.870041] ? __virt_addr_valid+0x1db/0x2d0 [ 10.870062] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.870085] ? kasan_addr_to_slab+0x11/0xa0 [ 10.870106] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.870129] kasan_report+0x141/0x180 [ 10.870151] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.870179] __asan_report_store1_noabort+0x1b/0x30 [ 10.870200] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.870226] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.870250] ? finish_task_switch.isra.0+0x153/0x700 [ 10.870271] ? __switch_to+0x47/0xf50 [ 10.870295] ? __schedule+0x10cc/0x2b60 [ 10.870318] ? __pfx_read_tsc+0x10/0x10 [ 10.870341] krealloc_large_less_oob+0x1c/0x30 [ 10.870363] kunit_try_run_case+0x1a5/0x480 [ 10.870393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.870412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.870435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.870459] ? __kthread_parkme+0x82/0x180 [ 10.870478] ? preempt_count_sub+0x50/0x80 [ 10.870500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.870520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.870544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.870567] kthread+0x337/0x6f0 [ 10.870586] ? trace_preempt_on+0x20/0xc0 [ 10.870608] ? __pfx_kthread+0x10/0x10 [ 10.870628] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.870650] ? calculate_sigpending+0x7b/0xa0 [ 10.870673] ? __pfx_kthread+0x10/0x10 [ 10.870694] ret_from_fork+0x116/0x1d0 [ 10.870711] ? __pfx_kthread+0x10/0x10 [ 10.870731] ret_from_fork_asm+0x1a/0x30 [ 10.870761] </TASK> [ 10.870770] [ 10.881820] The buggy address belongs to the physical page: [ 10.882373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 10.883138] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.883814] flags: 0x200000000000040(head|node=0|zone=2) [ 10.884351] page_type: f8(unknown) [ 10.884557] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.884796] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.885026] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.885261] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.886225] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 10.886929] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.887671] page dumped because: kasan: bad access detected [ 10.888264] [ 10.888445] Memory state around the buggy address: [ 10.888902] ffff88810294df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.889625] ffff88810294e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.890500] >ffff88810294e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.891288] ^ [ 10.892010] ffff88810294e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.892412] ffff88810294e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.892629] ================================================================== [ 10.757249] ================================================================== [ 10.757575] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.757901] Write of size 1 at addr ffff888100a372eb by task kunit_try_catch/176 [ 10.758411] [ 10.758499] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.758541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.758552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.758571] Call Trace: [ 10.758586] <TASK> [ 10.758601] dump_stack_lvl+0x73/0xb0 [ 10.758628] print_report+0xd1/0x650 [ 10.758650] ? __virt_addr_valid+0x1db/0x2d0 [ 10.758671] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.758694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.758716] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.758740] kasan_report+0x141/0x180 [ 10.758761] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.758790] __asan_report_store1_noabort+0x1b/0x30 [ 10.758810] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.758835] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.758859] ? finish_task_switch.isra.0+0x153/0x700 [ 10.758880] ? __switch_to+0x47/0xf50 [ 10.758904] ? __schedule+0x10cc/0x2b60 [ 10.758928] ? __pfx_read_tsc+0x10/0x10 [ 10.758951] krealloc_less_oob+0x1c/0x30 [ 10.758972] kunit_try_run_case+0x1a5/0x480 [ 10.758992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.759010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.759034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.759057] ? __kthread_parkme+0x82/0x180 [ 10.759076] ? preempt_count_sub+0x50/0x80 [ 10.759099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.759119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.759142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.759165] kthread+0x337/0x6f0 [ 10.759184] ? trace_preempt_on+0x20/0xc0 [ 10.759207] ? __pfx_kthread+0x10/0x10 [ 10.759227] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.759249] ? calculate_sigpending+0x7b/0xa0 [ 10.759274] ? __pfx_kthread+0x10/0x10 [ 10.759296] ret_from_fork+0x116/0x1d0 [ 10.759313] ? __pfx_kthread+0x10/0x10 [ 10.759333] ret_from_fork_asm+0x1a/0x30 [ 10.759362] </TASK> [ 10.759371] [ 10.767659] Allocated by task 176: [ 10.767997] kasan_save_stack+0x45/0x70 [ 10.768206] kasan_save_track+0x18/0x40 [ 10.768418] kasan_save_alloc_info+0x3b/0x50 [ 10.768626] __kasan_krealloc+0x190/0x1f0 [ 10.768933] krealloc_noprof+0xf3/0x340 [ 10.769102] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.769321] krealloc_less_oob+0x1c/0x30 [ 10.769499] kunit_try_run_case+0x1a5/0x480 [ 10.769683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.769944] kthread+0x337/0x6f0 [ 10.770133] ret_from_fork+0x116/0x1d0 [ 10.770365] ret_from_fork_asm+0x1a/0x30 [ 10.770513] [ 10.770582] The buggy address belongs to the object at ffff888100a37200 [ 10.770582] which belongs to the cache kmalloc-256 of size 256 [ 10.770932] The buggy address is located 34 bytes to the right of [ 10.770932] allocated 201-byte region [ffff888100a37200, ffff888100a372c9) [ 10.771533] [ 10.771630] The buggy address belongs to the physical page: [ 10.771876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.772191] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.772426] flags: 0x200000000000040(head|node=0|zone=2) [ 10.772601] page_type: f5(slab) [ 10.772719] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.773517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.774091] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.774438] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.774672] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.774915] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.775428] page dumped because: kasan: bad access detected [ 10.775677] [ 10.775769] Memory state around the buggy address: [ 10.776089] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.776385] ffff888100a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.776623] >ffff888100a37280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.777179] ^ [ 10.777445] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.777737] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.777975] ================================================================== [ 10.817204] ================================================================== [ 10.817711] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.818335] Write of size 1 at addr ffff88810294e0c9 by task kunit_try_catch/180 [ 10.818674] [ 10.818775] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.818819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.818831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.818853] Call Trace: [ 10.818864] <TASK> [ 10.818878] dump_stack_lvl+0x73/0xb0 [ 10.818906] print_report+0xd1/0x650 [ 10.818929] ? __virt_addr_valid+0x1db/0x2d0 [ 10.818952] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.818975] ? kasan_addr_to_slab+0x11/0xa0 [ 10.818995] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.819018] kasan_report+0x141/0x180 [ 10.819040] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.819068] __asan_report_store1_noabort+0x1b/0x30 [ 10.819088] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.819113] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.819137] ? finish_task_switch.isra.0+0x153/0x700 [ 10.819158] ? __switch_to+0x47/0xf50 [ 10.819184] ? __schedule+0x10cc/0x2b60 [ 10.819207] ? __pfx_read_tsc+0x10/0x10 [ 10.819319] krealloc_large_less_oob+0x1c/0x30 [ 10.819344] kunit_try_run_case+0x1a5/0x480 [ 10.819366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.819397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.819421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.819445] ? __kthread_parkme+0x82/0x180 [ 10.819464] ? preempt_count_sub+0x50/0x80 [ 10.819487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.819507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.819530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.819555] kthread+0x337/0x6f0 [ 10.819574] ? trace_preempt_on+0x20/0xc0 [ 10.819598] ? __pfx_kthread+0x10/0x10 [ 10.819618] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.819640] ? calculate_sigpending+0x7b/0xa0 [ 10.819664] ? __pfx_kthread+0x10/0x10 [ 10.819684] ret_from_fork+0x116/0x1d0 [ 10.819702] ? __pfx_kthread+0x10/0x10 [ 10.819731] ret_from_fork_asm+0x1a/0x30 [ 10.819761] </TASK> [ 10.819771] [ 10.827613] The buggy address belongs to the physical page: [ 10.827802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 10.828187] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.828533] flags: 0x200000000000040(head|node=0|zone=2) [ 10.828833] page_type: f8(unknown) [ 10.829045] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.829306] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.829644] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.830045] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.830625] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 10.831003] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.831408] page dumped because: kasan: bad access detected [ 10.831643] [ 10.831740] Memory state around the buggy address: [ 10.832042] ffff88810294df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.832325] ffff88810294e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.832664] >ffff88810294e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.832983] ^ [ 10.833248] ffff88810294e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.833563] ffff88810294e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.833903] ================================================================== [ 10.834567] ================================================================== [ 10.834931] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.835485] Write of size 1 at addr ffff88810294e0d0 by task kunit_try_catch/180 [ 10.835788] [ 10.835899] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.835941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.835953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.835973] Call Trace: [ 10.835985] <TASK> [ 10.836000] dump_stack_lvl+0x73/0xb0 [ 10.836030] print_report+0xd1/0x650 [ 10.836054] ? __virt_addr_valid+0x1db/0x2d0 [ 10.836077] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.836100] ? kasan_addr_to_slab+0x11/0xa0 [ 10.836121] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.836144] kasan_report+0x141/0x180 [ 10.836166] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.836194] __asan_report_store1_noabort+0x1b/0x30 [ 10.836215] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.836241] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.836264] ? finish_task_switch.isra.0+0x153/0x700 [ 10.836286] ? __switch_to+0x47/0xf50 [ 10.836311] ? __schedule+0x10cc/0x2b60 [ 10.836335] ? __pfx_read_tsc+0x10/0x10 [ 10.836360] krealloc_large_less_oob+0x1c/0x30 [ 10.836393] kunit_try_run_case+0x1a5/0x480 [ 10.836415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.836434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.836458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.836482] ? __kthread_parkme+0x82/0x180 [ 10.836501] ? preempt_count_sub+0x50/0x80 [ 10.836523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.836543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.836566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.836590] kthread+0x337/0x6f0 [ 10.836609] ? trace_preempt_on+0x20/0xc0 [ 10.836633] ? __pfx_kthread+0x10/0x10 [ 10.836653] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.836675] ? calculate_sigpending+0x7b/0xa0 [ 10.836699] ? __pfx_kthread+0x10/0x10 [ 10.836720] ret_from_fork+0x116/0x1d0 [ 10.836738] ? __pfx_kthread+0x10/0x10 [ 10.836758] ret_from_fork_asm+0x1a/0x30 [ 10.836788] </TASK> [ 10.836797] [ 10.844442] The buggy address belongs to the physical page: [ 10.844624] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 10.845326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.845646] flags: 0x200000000000040(head|node=0|zone=2) [ 10.845947] page_type: f8(unknown) [ 10.846083] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.846348] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.846710] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.847197] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.847504] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 10.847845] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.848071] page dumped because: kasan: bad access detected [ 10.848240] [ 10.848310] Memory state around the buggy address: [ 10.848544] ffff88810294df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.849215] ffff88810294e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.849541] >ffff88810294e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.849755] ^ [ 10.849933] ffff88810294e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.850439] ffff88810294e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.850873] ================================================================== [ 10.893190] ================================================================== [ 10.893883] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.894633] Write of size 1 at addr ffff88810294e0eb by task kunit_try_catch/180 [ 10.895404] [ 10.895580] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.895626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.895638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.895658] Call Trace: [ 10.895670] <TASK> [ 10.895685] dump_stack_lvl+0x73/0xb0 [ 10.895711] print_report+0xd1/0x650 [ 10.895734] ? __virt_addr_valid+0x1db/0x2d0 [ 10.895755] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.895778] ? kasan_addr_to_slab+0x11/0xa0 [ 10.895798] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.895822] kasan_report+0x141/0x180 [ 10.895852] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.895881] __asan_report_store1_noabort+0x1b/0x30 [ 10.895901] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.895926] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.895950] ? finish_task_switch.isra.0+0x153/0x700 [ 10.895971] ? __switch_to+0x47/0xf50 [ 10.895995] ? __schedule+0x10cc/0x2b60 [ 10.896065] ? __pfx_read_tsc+0x10/0x10 [ 10.896089] krealloc_large_less_oob+0x1c/0x30 [ 10.896112] kunit_try_run_case+0x1a5/0x480 [ 10.896132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.896151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.896174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.896198] ? __kthread_parkme+0x82/0x180 [ 10.896217] ? preempt_count_sub+0x50/0x80 [ 10.896239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.896259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.896283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.896306] kthread+0x337/0x6f0 [ 10.896325] ? trace_preempt_on+0x20/0xc0 [ 10.896347] ? __pfx_kthread+0x10/0x10 [ 10.896367] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.896401] ? calculate_sigpending+0x7b/0xa0 [ 10.896424] ? __pfx_kthread+0x10/0x10 [ 10.896445] ret_from_fork+0x116/0x1d0 [ 10.896462] ? __pfx_kthread+0x10/0x10 [ 10.896483] ret_from_fork_asm+0x1a/0x30 [ 10.896513] </TASK> [ 10.896523] [ 10.904971] The buggy address belongs to the physical page: [ 10.905244] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10294c [ 10.905595] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.906052] flags: 0x200000000000040(head|node=0|zone=2) [ 10.906305] page_type: f8(unknown) [ 10.906478] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.906808] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.907086] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.907469] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.907709] head: 0200000000000002 ffffea00040a5301 00000000ffffffff 00000000ffffffff [ 10.908005] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.908344] page dumped because: kasan: bad access detected [ 10.908612] [ 10.908704] Memory state around the buggy address: [ 10.908886] ffff88810294df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.909154] ffff88810294e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.909370] >ffff88810294e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.910052] ^ [ 10.910390] ffff88810294e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.910685] ffff88810294e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.910998] ================================================================== [ 10.715658] ================================================================== [ 10.715991] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.716339] Write of size 1 at addr ffff888100a372da by task kunit_try_catch/176 [ 10.716612] [ 10.716725] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.716769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.716780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.716801] Call Trace: [ 10.716812] <TASK> [ 10.716826] dump_stack_lvl+0x73/0xb0 [ 10.716850] print_report+0xd1/0x650 [ 10.716873] ? __virt_addr_valid+0x1db/0x2d0 [ 10.716894] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.716917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.716939] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.716962] kasan_report+0x141/0x180 [ 10.716984] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.717012] __asan_report_store1_noabort+0x1b/0x30 [ 10.717032] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.717058] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.717081] ? finish_task_switch.isra.0+0x153/0x700 [ 10.717102] ? __switch_to+0x47/0xf50 [ 10.717126] ? __schedule+0x10cc/0x2b60 [ 10.717149] ? __pfx_read_tsc+0x10/0x10 [ 10.717171] krealloc_less_oob+0x1c/0x30 [ 10.717193] kunit_try_run_case+0x1a5/0x480 [ 10.717212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.717231] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.717255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.717278] ? __kthread_parkme+0x82/0x180 [ 10.717297] ? preempt_count_sub+0x50/0x80 [ 10.717319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.717339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.717363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.717397] kthread+0x337/0x6f0 [ 10.717415] ? trace_preempt_on+0x20/0xc0 [ 10.717438] ? __pfx_kthread+0x10/0x10 [ 10.717457] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.717479] ? calculate_sigpending+0x7b/0xa0 [ 10.717502] ? __pfx_kthread+0x10/0x10 [ 10.717523] ret_from_fork+0x116/0x1d0 [ 10.717540] ? __pfx_kthread+0x10/0x10 [ 10.717560] ret_from_fork_asm+0x1a/0x30 [ 10.717589] </TASK> [ 10.717600] [ 10.725057] Allocated by task 176: [ 10.725293] kasan_save_stack+0x45/0x70 [ 10.725492] kasan_save_track+0x18/0x40 [ 10.725692] kasan_save_alloc_info+0x3b/0x50 [ 10.725839] __kasan_krealloc+0x190/0x1f0 [ 10.725979] krealloc_noprof+0xf3/0x340 [ 10.726141] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.726422] krealloc_less_oob+0x1c/0x30 [ 10.726621] kunit_try_run_case+0x1a5/0x480 [ 10.726822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.727065] kthread+0x337/0x6f0 [ 10.727187] ret_from_fork+0x116/0x1d0 [ 10.727542] ret_from_fork_asm+0x1a/0x30 [ 10.727817] [ 10.727915] The buggy address belongs to the object at ffff888100a37200 [ 10.727915] which belongs to the cache kmalloc-256 of size 256 [ 10.728428] The buggy address is located 17 bytes to the right of [ 10.728428] allocated 201-byte region [ffff888100a37200, ffff888100a372c9) [ 10.729104] [ 10.729222] The buggy address belongs to the physical page: [ 10.729485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.729803] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.730036] flags: 0x200000000000040(head|node=0|zone=2) [ 10.730212] page_type: f5(slab) [ 10.730330] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.731065] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.731428] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.731843] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.732226] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.732543] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.732891] page dumped because: kasan: bad access detected [ 10.733158] [ 10.733229] Memory state around the buggy address: [ 10.733462] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.733805] ffff888100a37200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.734027] >ffff888100a37280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.734306] ^ [ 10.734740] ffff888100a37300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.735014] ffff888100a37380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.735324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
Automatically assigned
[ 10.797987] ================================================================== [ 10.798686] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.799126] Write of size 1 at addr ffff888102a060f0 by task kunit_try_catch/178 [ 10.799426] [ 10.799527] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.799570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.799581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.799601] Call Trace: [ 10.799613] <TASK> [ 10.799626] dump_stack_lvl+0x73/0xb0 [ 10.799651] print_report+0xd1/0x650 [ 10.799673] ? __virt_addr_valid+0x1db/0x2d0 [ 10.799695] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.799718] ? kasan_addr_to_slab+0x11/0xa0 [ 10.799738] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.799762] kasan_report+0x141/0x180 [ 10.799783] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.799811] __asan_report_store1_noabort+0x1b/0x30 [ 10.799832] krealloc_more_oob_helper+0x7eb/0x930 [ 10.799854] ? __schedule+0x10cc/0x2b60 [ 10.799877] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.799901] ? finish_task_switch.isra.0+0x153/0x700 [ 10.799922] ? __switch_to+0x47/0xf50 [ 10.799946] ? __schedule+0x10cc/0x2b60 [ 10.799968] ? __pfx_read_tsc+0x10/0x10 [ 10.799990] krealloc_large_more_oob+0x1c/0x30 [ 10.800176] kunit_try_run_case+0x1a5/0x480 [ 10.800198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.800217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.800242] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.800266] ? __kthread_parkme+0x82/0x180 [ 10.800287] ? preempt_count_sub+0x50/0x80 [ 10.800309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.800329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.800352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.800391] kthread+0x337/0x6f0 [ 10.800410] ? trace_preempt_on+0x20/0xc0 [ 10.800432] ? __pfx_kthread+0x10/0x10 [ 10.800452] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.800475] ? calculate_sigpending+0x7b/0xa0 [ 10.800498] ? __pfx_kthread+0x10/0x10 [ 10.800518] ret_from_fork+0x116/0x1d0 [ 10.800536] ? __pfx_kthread+0x10/0x10 [ 10.800556] ret_from_fork_asm+0x1a/0x30 [ 10.800586] </TASK> [ 10.800596] [ 10.808714] The buggy address belongs to the physical page: [ 10.808941] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 10.809223] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.809498] flags: 0x200000000000040(head|node=0|zone=2) [ 10.809749] page_type: f8(unknown) [ 10.809985] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.810479] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.810813] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.811230] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.811613] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff [ 10.811911] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.812464] page dumped because: kasan: bad access detected [ 10.812694] [ 10.812792] Memory state around the buggy address: [ 10.813019] ffff888102a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.813260] ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.813488] >ffff888102a06080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.813714] ^ [ 10.814117] ffff888102a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.814442] ffff888102a06180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.814686] ================================================================== [ 10.593721] ================================================================== [ 10.594359] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.594620] Write of size 1 at addr ffff888100a370eb by task kunit_try_catch/174 [ 10.594854] [ 10.594940] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.594983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.594995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.595015] Call Trace: [ 10.595025] <TASK> [ 10.595040] dump_stack_lvl+0x73/0xb0 [ 10.595066] print_report+0xd1/0x650 [ 10.595090] ? __virt_addr_valid+0x1db/0x2d0 [ 10.595113] ? krealloc_more_oob_helper+0x821/0x930 [ 10.595136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.595158] ? krealloc_more_oob_helper+0x821/0x930 [ 10.595182] kasan_report+0x141/0x180 [ 10.595204] ? krealloc_more_oob_helper+0x821/0x930 [ 10.595233] __asan_report_store1_noabort+0x1b/0x30 [ 10.595253] krealloc_more_oob_helper+0x821/0x930 [ 10.595275] ? __schedule+0x10cc/0x2b60 [ 10.595299] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.595323] ? finish_task_switch.isra.0+0x153/0x700 [ 10.595344] ? __switch_to+0x47/0xf50 [ 10.595371] ? __schedule+0x10cc/0x2b60 [ 10.595743] ? __pfx_read_tsc+0x10/0x10 [ 10.595770] krealloc_more_oob+0x1c/0x30 [ 10.595796] kunit_try_run_case+0x1a5/0x480 [ 10.596043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.596066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.596090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.596118] ? __kthread_parkme+0x82/0x180 [ 10.596138] ? preempt_count_sub+0x50/0x80 [ 10.596160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.596181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.596204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.596228] kthread+0x337/0x6f0 [ 10.596247] ? trace_preempt_on+0x20/0xc0 [ 10.596270] ? __pfx_kthread+0x10/0x10 [ 10.596290] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.596312] ? calculate_sigpending+0x7b/0xa0 [ 10.596335] ? __pfx_kthread+0x10/0x10 [ 10.596356] ret_from_fork+0x116/0x1d0 [ 10.596373] ? __pfx_kthread+0x10/0x10 [ 10.596404] ret_from_fork_asm+0x1a/0x30 [ 10.596436] </TASK> [ 10.596446] [ 10.614651] Allocated by task 174: [ 10.615229] kasan_save_stack+0x45/0x70 [ 10.615774] kasan_save_track+0x18/0x40 [ 10.616414] kasan_save_alloc_info+0x3b/0x50 [ 10.617041] __kasan_krealloc+0x190/0x1f0 [ 10.617615] krealloc_noprof+0xf3/0x340 [ 10.618204] krealloc_more_oob_helper+0x1a9/0x930 [ 10.618726] krealloc_more_oob+0x1c/0x30 [ 10.619175] kunit_try_run_case+0x1a5/0x480 [ 10.619330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.619520] kthread+0x337/0x6f0 [ 10.619642] ret_from_fork+0x116/0x1d0 [ 10.619777] ret_from_fork_asm+0x1a/0x30 [ 10.620161] [ 10.620362] The buggy address belongs to the object at ffff888100a37000 [ 10.620362] which belongs to the cache kmalloc-256 of size 256 [ 10.621564] The buggy address is located 0 bytes to the right of [ 10.621564] allocated 235-byte region [ffff888100a37000, ffff888100a370eb) [ 10.622863] [ 10.622943] The buggy address belongs to the physical page: [ 10.623454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.623961] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.624630] flags: 0x200000000000040(head|node=0|zone=2) [ 10.625076] page_type: f5(slab) [ 10.625477] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.626092] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.626530] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.626873] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.627275] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.627631] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.628002] page dumped because: kasan: bad access detected [ 10.628297] [ 10.628428] Memory state around the buggy address: [ 10.628615] ffff888100a36f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.628937] ffff888100a37000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.629443] >ffff888100a37080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.629725] ^ [ 10.630004] ffff888100a37100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.630361] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.630713] ================================================================== [ 10.631631] ================================================================== [ 10.632035] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.632507] Write of size 1 at addr ffff888100a370f0 by task kunit_try_catch/174 [ 10.632850] [ 10.632952] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.632997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.633009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.633031] Call Trace: [ 10.633042] <TASK> [ 10.633057] dump_stack_lvl+0x73/0xb0 [ 10.633082] print_report+0xd1/0x650 [ 10.633106] ? __virt_addr_valid+0x1db/0x2d0 [ 10.633127] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.633483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.633507] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.633531] kasan_report+0x141/0x180 [ 10.633565] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.633595] __asan_report_store1_noabort+0x1b/0x30 [ 10.633616] krealloc_more_oob_helper+0x7eb/0x930 [ 10.633647] ? __schedule+0x10cc/0x2b60 [ 10.633671] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.633706] ? finish_task_switch.isra.0+0x153/0x700 [ 10.633727] ? __switch_to+0x47/0xf50 [ 10.633752] ? __schedule+0x10cc/0x2b60 [ 10.633787] ? __pfx_read_tsc+0x10/0x10 [ 10.633810] krealloc_more_oob+0x1c/0x30 [ 10.633832] kunit_try_run_case+0x1a5/0x480 [ 10.633852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.633871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.633895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.633919] ? __kthread_parkme+0x82/0x180 [ 10.633938] ? preempt_count_sub+0x50/0x80 [ 10.633961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.633981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.634152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.634184] kthread+0x337/0x6f0 [ 10.634204] ? trace_preempt_on+0x20/0xc0 [ 10.634227] ? __pfx_kthread+0x10/0x10 [ 10.634248] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.634272] ? calculate_sigpending+0x7b/0xa0 [ 10.634295] ? __pfx_kthread+0x10/0x10 [ 10.634316] ret_from_fork+0x116/0x1d0 [ 10.634334] ? __pfx_kthread+0x10/0x10 [ 10.634354] ret_from_fork_asm+0x1a/0x30 [ 10.634400] </TASK> [ 10.634413] [ 10.642535] Allocated by task 174: [ 10.642701] kasan_save_stack+0x45/0x70 [ 10.642943] kasan_save_track+0x18/0x40 [ 10.643198] kasan_save_alloc_info+0x3b/0x50 [ 10.643496] __kasan_krealloc+0x190/0x1f0 [ 10.643706] krealloc_noprof+0xf3/0x340 [ 10.644168] krealloc_more_oob_helper+0x1a9/0x930 [ 10.644437] krealloc_more_oob+0x1c/0x30 [ 10.644621] kunit_try_run_case+0x1a5/0x480 [ 10.644887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.645224] kthread+0x337/0x6f0 [ 10.645351] ret_from_fork+0x116/0x1d0 [ 10.645496] ret_from_fork_asm+0x1a/0x30 [ 10.645635] [ 10.645724] The buggy address belongs to the object at ffff888100a37000 [ 10.645724] which belongs to the cache kmalloc-256 of size 256 [ 10.646284] The buggy address is located 5 bytes to the right of [ 10.646284] allocated 235-byte region [ffff888100a37000, ffff888100a370eb) [ 10.646990] [ 10.647103] The buggy address belongs to the physical page: [ 10.647301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a36 [ 10.647713] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.648029] flags: 0x200000000000040(head|node=0|zone=2) [ 10.648477] page_type: f5(slab) [ 10.648662] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.649054] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.649473] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.649860] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.650251] head: 0200000000000001 ffffea0004028d81 00000000ffffffff 00000000ffffffff [ 10.650567] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.650821] page dumped because: kasan: bad access detected [ 10.651070] [ 10.651179] Memory state around the buggy address: [ 10.651584] ffff888100a36f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.651948] ffff888100a37000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.652283] >ffff888100a37080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.652669] ^ [ 10.653103] ffff888100a37100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.653532] ffff888100a37180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.653903] ================================================================== [ 10.780509] ================================================================== [ 10.781367] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.781739] Write of size 1 at addr ffff888102a060eb by task kunit_try_catch/178 [ 10.782144] [ 10.782253] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.782299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.782311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.782332] Call Trace: [ 10.782345] <TASK> [ 10.782362] dump_stack_lvl+0x73/0xb0 [ 10.782401] print_report+0xd1/0x650 [ 10.782423] ? __virt_addr_valid+0x1db/0x2d0 [ 10.782445] ? krealloc_more_oob_helper+0x821/0x930 [ 10.782468] ? kasan_addr_to_slab+0x11/0xa0 [ 10.782488] ? krealloc_more_oob_helper+0x821/0x930 [ 10.782512] kasan_report+0x141/0x180 [ 10.782533] ? krealloc_more_oob_helper+0x821/0x930 [ 10.782561] __asan_report_store1_noabort+0x1b/0x30 [ 10.782581] krealloc_more_oob_helper+0x821/0x930 [ 10.782603] ? __schedule+0x10cc/0x2b60 [ 10.782626] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.782650] ? finish_task_switch.isra.0+0x153/0x700 [ 10.782672] ? __switch_to+0x47/0xf50 [ 10.782697] ? __schedule+0x10cc/0x2b60 [ 10.782729] ? __pfx_read_tsc+0x10/0x10 [ 10.782753] krealloc_large_more_oob+0x1c/0x30 [ 10.782776] kunit_try_run_case+0x1a5/0x480 [ 10.782797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.782816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.782840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.782863] ? __kthread_parkme+0x82/0x180 [ 10.782882] ? preempt_count_sub+0x50/0x80 [ 10.782904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.782925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.782948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.782971] kthread+0x337/0x6f0 [ 10.782989] ? trace_preempt_on+0x20/0xc0 [ 10.783067] ? __pfx_kthread+0x10/0x10 [ 10.783089] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.783111] ? calculate_sigpending+0x7b/0xa0 [ 10.783133] ? __pfx_kthread+0x10/0x10 [ 10.783154] ret_from_fork+0x116/0x1d0 [ 10.783172] ? __pfx_kthread+0x10/0x10 [ 10.783192] ret_from_fork_asm+0x1a/0x30 [ 10.783221] </TASK> [ 10.783232] [ 10.790919] The buggy address belongs to the physical page: [ 10.791225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 10.791490] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.791967] flags: 0x200000000000040(head|node=0|zone=2) [ 10.792226] page_type: f8(unknown) [ 10.792412] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.792878] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.793225] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.793483] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.793820] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff [ 10.794349] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.794614] page dumped because: kasan: bad access detected [ 10.794831] [ 10.794926] Memory state around the buggy address: [ 10.795168] ffff888102a05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.795547] ffff888102a06000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.795889] >ffff888102a06080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.796403] ^ [ 10.796636] ffff888102a06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.796936] ffff888102a06180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.797437] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user: Failure
Automatically assigned
[ 15.017354] ================================================================== [ 15.017852] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.018096] Write of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.018331] [ 15.018472] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.018523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.018538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.018563] Call Trace: [ 15.018579] <TASK> [ 15.018598] dump_stack_lvl+0x73/0xb0 [ 15.018629] print_report+0xd1/0x650 [ 15.018654] ? __virt_addr_valid+0x1db/0x2d0 [ 15.018680] ? _copy_from_user+0x32/0x90 [ 15.018732] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.018758] ? _copy_from_user+0x32/0x90 [ 15.018780] kasan_report+0x141/0x180 [ 15.018817] ? _copy_from_user+0x32/0x90 [ 15.018844] kasan_check_range+0x10c/0x1c0 [ 15.018869] __kasan_check_write+0x18/0x20 [ 15.018899] _copy_from_user+0x32/0x90 [ 15.018921] copy_user_test_oob+0x2be/0x10f0 [ 15.018950] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.018984] ? finish_task_switch.isra.0+0x153/0x700 [ 15.019008] ? __switch_to+0x47/0xf50 [ 15.019037] ? __schedule+0x10cc/0x2b60 [ 15.019072] ? __pfx_read_tsc+0x10/0x10 [ 15.019094] ? ktime_get_ts64+0x86/0x230 [ 15.019130] kunit_try_run_case+0x1a5/0x480 [ 15.019153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.019200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.019235] ? __kthread_parkme+0x82/0x180 [ 15.019257] ? preempt_count_sub+0x50/0x80 [ 15.019283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.019342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.019367] kthread+0x337/0x6f0 [ 15.019399] ? trace_preempt_on+0x20/0xc0 [ 15.019424] ? __pfx_kthread+0x10/0x10 [ 15.019445] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.019469] ? calculate_sigpending+0x7b/0xa0 [ 15.019494] ? __pfx_kthread+0x10/0x10 [ 15.019517] ret_from_fork+0x116/0x1d0 [ 15.019537] ? __pfx_kthread+0x10/0x10 [ 15.019559] ret_from_fork_asm+0x1a/0x30 [ 15.019591] </TASK> [ 15.019604] [ 15.032415] Allocated by task 303: [ 15.032792] kasan_save_stack+0x45/0x70 [ 15.033179] kasan_save_track+0x18/0x40 [ 15.033553] kasan_save_alloc_info+0x3b/0x50 [ 15.033975] __kasan_kmalloc+0xb7/0xc0 [ 15.034342] __kmalloc_noprof+0x1c9/0x500 [ 15.034761] kunit_kmalloc_array+0x25/0x60 [ 15.035147] copy_user_test_oob+0xab/0x10f0 [ 15.035553] kunit_try_run_case+0x1a5/0x480 [ 15.035969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.036472] kthread+0x337/0x6f0 [ 15.036616] ret_from_fork+0x116/0x1d0 [ 15.036895] ret_from_fork_asm+0x1a/0x30 [ 15.037300] [ 15.037475] The buggy address belongs to the object at ffff8881039b7800 [ 15.037475] which belongs to the cache kmalloc-128 of size 128 [ 15.038229] The buggy address is located 0 bytes inside of [ 15.038229] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.038608] [ 15.038685] The buggy address belongs to the physical page: [ 15.039207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.039924] flags: 0x200000000000000(node=0|zone=2) [ 15.040383] page_type: f5(slab) [ 15.040721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.041393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.042083] page dumped because: kasan: bad access detected [ 15.042584] [ 15.042773] Memory state around the buggy address: [ 15.043160] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.043483] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043724] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.044334] ^ [ 15.044981] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.045614] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.046146] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault: Failure
Automatically assigned
[ 14.949733] ================================================================== [ 14.950938] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 14.951494] Read of size 8 at addr ffff888102826b78 by task kunit_try_catch/299 [ 14.951794] [ 14.951983] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.952032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.952046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.952070] Call Trace: [ 14.952084] <TASK> [ 14.952102] dump_stack_lvl+0x73/0xb0 [ 14.952133] print_report+0xd1/0x650 [ 14.952160] ? __virt_addr_valid+0x1db/0x2d0 [ 14.952207] ? copy_to_kernel_nofault+0x225/0x260 [ 14.952232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.952257] ? copy_to_kernel_nofault+0x225/0x260 [ 14.952328] kasan_report+0x141/0x180 [ 14.952354] ? copy_to_kernel_nofault+0x225/0x260 [ 14.952395] __asan_report_load8_noabort+0x18/0x20 [ 14.952418] copy_to_kernel_nofault+0x225/0x260 [ 14.952444] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 14.952470] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.952494] ? finish_task_switch.isra.0+0x153/0x700 [ 14.952519] ? __schedule+0x10cc/0x2b60 [ 14.952545] ? trace_hardirqs_on+0x37/0xe0 [ 14.952577] ? __pfx_read_tsc+0x10/0x10 [ 14.952600] ? ktime_get_ts64+0x86/0x230 [ 14.952627] kunit_try_run_case+0x1a5/0x480 [ 14.952651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.952671] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.952698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.952732] ? __kthread_parkme+0x82/0x180 [ 14.952754] ? preempt_count_sub+0x50/0x80 [ 14.952778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.952800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.952825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.952851] kthread+0x337/0x6f0 [ 14.952872] ? trace_preempt_on+0x20/0xc0 [ 14.952895] ? __pfx_kthread+0x10/0x10 [ 14.952917] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.952941] ? calculate_sigpending+0x7b/0xa0 [ 14.952967] ? __pfx_kthread+0x10/0x10 [ 14.952989] ret_from_fork+0x116/0x1d0 [ 14.953046] ? __pfx_kthread+0x10/0x10 [ 14.953069] ret_from_fork_asm+0x1a/0x30 [ 14.953101] </TASK> [ 14.953113] [ 14.966737] Allocated by task 299: [ 14.966877] kasan_save_stack+0x45/0x70 [ 14.967108] kasan_save_track+0x18/0x40 [ 14.967475] kasan_save_alloc_info+0x3b/0x50 [ 14.967870] __kasan_kmalloc+0xb7/0xc0 [ 14.968237] __kmalloc_cache_noprof+0x189/0x420 [ 14.968690] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.969205] kunit_try_run_case+0x1a5/0x480 [ 14.969658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.969931] kthread+0x337/0x6f0 [ 14.970271] ret_from_fork+0x116/0x1d0 [ 14.970695] ret_from_fork_asm+0x1a/0x30 [ 14.971200] [ 14.971362] The buggy address belongs to the object at ffff888102826b00 [ 14.971362] which belongs to the cache kmalloc-128 of size 128 [ 14.971777] The buggy address is located 0 bytes to the right of [ 14.971777] allocated 120-byte region [ffff888102826b00, ffff888102826b78) [ 14.973023] [ 14.973190] The buggy address belongs to the physical page: [ 14.973668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102826 [ 14.974338] flags: 0x200000000000000(node=0|zone=2) [ 14.974524] page_type: f5(slab) [ 14.974654] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.975289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.976094] page dumped because: kasan: bad access detected [ 14.976666] [ 14.976832] Memory state around the buggy address: [ 14.977356] ffff888102826a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.977831] ffff888102826a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.978115] >ffff888102826b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.978731] ^ [ 14.979441] ffff888102826b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979930] ffff888102826c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980305] ================================================================== [ 14.981426] ================================================================== [ 14.982424] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 14.983189] Write of size 8 at addr ffff888102826b78 by task kunit_try_catch/299 [ 14.984002] [ 14.984132] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.984179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.984193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.984216] Call Trace: [ 14.984230] <TASK> [ 14.984246] dump_stack_lvl+0x73/0xb0 [ 14.984274] print_report+0xd1/0x650 [ 14.984297] ? __virt_addr_valid+0x1db/0x2d0 [ 14.984394] ? copy_to_kernel_nofault+0x99/0x260 [ 14.984427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.984472] ? copy_to_kernel_nofault+0x99/0x260 [ 14.984498] kasan_report+0x141/0x180 [ 14.984522] ? copy_to_kernel_nofault+0x99/0x260 [ 14.984551] kasan_check_range+0x10c/0x1c0 [ 14.984577] __kasan_check_write+0x18/0x20 [ 14.984597] copy_to_kernel_nofault+0x99/0x260 [ 14.984623] copy_to_kernel_nofault_oob+0x288/0x560 [ 14.984649] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.984673] ? finish_task_switch.isra.0+0x153/0x700 [ 14.984697] ? __schedule+0x10cc/0x2b60 [ 14.984721] ? trace_hardirqs_on+0x37/0xe0 [ 14.984753] ? __pfx_read_tsc+0x10/0x10 [ 14.984775] ? ktime_get_ts64+0x86/0x230 [ 14.984800] kunit_try_run_case+0x1a5/0x480 [ 14.984822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.984843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.984871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.984898] ? __kthread_parkme+0x82/0x180 [ 14.984920] ? preempt_count_sub+0x50/0x80 [ 14.984945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.984966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.984991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.985058] kthread+0x337/0x6f0 [ 14.985079] ? trace_preempt_on+0x20/0xc0 [ 14.985102] ? __pfx_kthread+0x10/0x10 [ 14.985124] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.985148] ? calculate_sigpending+0x7b/0xa0 [ 14.985173] ? __pfx_kthread+0x10/0x10 [ 14.985196] ret_from_fork+0x116/0x1d0 [ 14.985215] ? __pfx_kthread+0x10/0x10 [ 14.985237] ret_from_fork_asm+0x1a/0x30 [ 14.985268] </TASK> [ 14.985280] [ 14.994812] Allocated by task 299: [ 14.995004] kasan_save_stack+0x45/0x70 [ 14.995220] kasan_save_track+0x18/0x40 [ 14.995501] kasan_save_alloc_info+0x3b/0x50 [ 14.995716] __kasan_kmalloc+0xb7/0xc0 [ 14.995927] __kmalloc_cache_noprof+0x189/0x420 [ 14.996133] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.996397] kunit_try_run_case+0x1a5/0x480 [ 14.996607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.996990] kthread+0x337/0x6f0 [ 14.997173] ret_from_fork+0x116/0x1d0 [ 14.997468] ret_from_fork_asm+0x1a/0x30 [ 14.997687] [ 14.997807] The buggy address belongs to the object at ffff888102826b00 [ 14.997807] which belongs to the cache kmalloc-128 of size 128 [ 14.998424] The buggy address is located 0 bytes to the right of [ 14.998424] allocated 120-byte region [ffff888102826b00, ffff888102826b78) [ 14.999151] [ 14.999299] The buggy address belongs to the physical page: [ 14.999638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102826 [ 15.000049] flags: 0x200000000000000(node=0|zone=2) [ 15.000436] page_type: f5(slab) [ 15.000614] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.000962] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.001551] page dumped because: kasan: bad access detected [ 15.001847] [ 15.001926] Memory state around the buggy address: [ 15.002262] ffff888102826a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.002508] ffff888102826a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002745] >ffff888102826b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.003146] ^ [ 15.003502] ffff888102826b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004534] ffff888102826c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.005093] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper: Failure
Automatically assigned
[ 14.192900] ================================================================== [ 14.193527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.193819] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.194189] [ 14.194306] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.194351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.194364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.194398] Call Trace: [ 14.194415] <TASK> [ 14.194432] dump_stack_lvl+0x73/0xb0 [ 14.194460] print_report+0xd1/0x650 [ 14.194484] ? __virt_addr_valid+0x1db/0x2d0 [ 14.194507] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.194530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.194553] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.194576] kasan_report+0x141/0x180 [ 14.194599] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.194626] __asan_report_load4_noabort+0x18/0x20 [ 14.194648] kasan_atomics_helper+0x49ce/0x5450 [ 14.194672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.194695] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.194716] ? ret_from_fork_asm+0x1a/0x30 [ 14.194738] ? kasan_atomics+0x152/0x310 [ 14.194762] kasan_atomics+0x1dc/0x310 [ 14.194798] ? __pfx_kasan_atomics+0x10/0x10 [ 14.194820] ? __pfx_read_tsc+0x10/0x10 [ 14.194841] ? ktime_get_ts64+0x86/0x230 [ 14.194868] kunit_try_run_case+0x1a5/0x480 [ 14.194891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.194911] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.194938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.194963] ? __kthread_parkme+0x82/0x180 [ 14.194984] ? preempt_count_sub+0x50/0x80 [ 14.195049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.195076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.195103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.195128] kthread+0x337/0x6f0 [ 14.195148] ? trace_preempt_on+0x20/0xc0 [ 14.195174] ? __pfx_kthread+0x10/0x10 [ 14.195196] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.195220] ? calculate_sigpending+0x7b/0xa0 [ 14.195244] ? __pfx_kthread+0x10/0x10 [ 14.195266] ret_from_fork+0x116/0x1d0 [ 14.195285] ? __pfx_kthread+0x10/0x10 [ 14.195306] ret_from_fork_asm+0x1a/0x30 [ 14.195337] </TASK> [ 14.195349] [ 14.208433] Allocated by task 283: [ 14.208918] kasan_save_stack+0x45/0x70 [ 14.209307] kasan_save_track+0x18/0x40 [ 14.209467] kasan_save_alloc_info+0x3b/0x50 [ 14.209614] __kasan_kmalloc+0xb7/0xc0 [ 14.209763] __kmalloc_cache_noprof+0x189/0x420 [ 14.210192] kasan_atomics+0x95/0x310 [ 14.210573] kunit_try_run_case+0x1a5/0x480 [ 14.211050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.211643] kthread+0x337/0x6f0 [ 14.212037] ret_from_fork+0x116/0x1d0 [ 14.212413] ret_from_fork_asm+0x1a/0x30 [ 14.212679] [ 14.212819] The buggy address belongs to the object at ffff8881039bd780 [ 14.212819] which belongs to the cache kmalloc-64 of size 64 [ 14.213738] The buggy address is located 0 bytes to the right of [ 14.213738] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.214850] [ 14.214936] The buggy address belongs to the physical page: [ 14.215400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.216348] flags: 0x200000000000000(node=0|zone=2) [ 14.216532] page_type: f5(slab) [ 14.216654] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.217303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.218103] page dumped because: kasan: bad access detected [ 14.218793] [ 14.218963] Memory state around the buggy address: [ 14.219454] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.219675] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.220323] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.221200] ^ [ 14.221654] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.221925] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222445] ================================================================== [ 14.499547] ================================================================== [ 14.499911] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.500344] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.500616] [ 14.500703] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.500751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.500764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.500821] Call Trace: [ 14.500860] <TASK> [ 14.500898] dump_stack_lvl+0x73/0xb0 [ 14.500950] print_report+0xd1/0x650 [ 14.500974] ? __virt_addr_valid+0x1db/0x2d0 [ 14.500997] ? kasan_atomics_helper+0x194a/0x5450 [ 14.501021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501044] ? kasan_atomics_helper+0x194a/0x5450 [ 14.501067] kasan_report+0x141/0x180 [ 14.501090] ? kasan_atomics_helper+0x194a/0x5450 [ 14.501118] kasan_check_range+0x10c/0x1c0 [ 14.501143] __kasan_check_write+0x18/0x20 [ 14.501164] kasan_atomics_helper+0x194a/0x5450 [ 14.501188] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.501211] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.501232] ? ret_from_fork_asm+0x1a/0x30 [ 14.501255] ? kasan_atomics+0x152/0x310 [ 14.501289] kasan_atomics+0x1dc/0x310 [ 14.501309] ? __pfx_kasan_atomics+0x10/0x10 [ 14.501330] ? __pfx_read_tsc+0x10/0x10 [ 14.501352] ? ktime_get_ts64+0x86/0x230 [ 14.501388] kunit_try_run_case+0x1a5/0x480 [ 14.501410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501465] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.501515] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.501541] ? __kthread_parkme+0x82/0x180 [ 14.501561] ? preempt_count_sub+0x50/0x80 [ 14.501585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.501631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.501687] kthread+0x337/0x6f0 [ 14.501707] ? trace_preempt_on+0x20/0xc0 [ 14.501741] ? __pfx_kthread+0x10/0x10 [ 14.501762] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.501786] ? calculate_sigpending+0x7b/0xa0 [ 14.501810] ? __pfx_kthread+0x10/0x10 [ 14.501863] ret_from_fork+0x116/0x1d0 [ 14.501882] ? __pfx_kthread+0x10/0x10 [ 14.501903] ret_from_fork_asm+0x1a/0x30 [ 14.501934] </TASK> [ 14.501945] [ 14.510397] Allocated by task 283: [ 14.510595] kasan_save_stack+0x45/0x70 [ 14.510822] kasan_save_track+0x18/0x40 [ 14.511033] kasan_save_alloc_info+0x3b/0x50 [ 14.511238] __kasan_kmalloc+0xb7/0xc0 [ 14.511442] __kmalloc_cache_noprof+0x189/0x420 [ 14.511603] kasan_atomics+0x95/0x310 [ 14.511802] kunit_try_run_case+0x1a5/0x480 [ 14.512018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512292] kthread+0x337/0x6f0 [ 14.512431] ret_from_fork+0x116/0x1d0 [ 14.512568] ret_from_fork_asm+0x1a/0x30 [ 14.512873] [ 14.513002] The buggy address belongs to the object at ffff8881039bd780 [ 14.513002] which belongs to the cache kmalloc-64 of size 64 [ 14.513683] The buggy address is located 0 bytes to the right of [ 14.513683] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.514148] [ 14.514223] The buggy address belongs to the physical page: [ 14.514475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.514942] flags: 0x200000000000000(node=0|zone=2) [ 14.515140] page_type: f5(slab) [ 14.515316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.515678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.516083] page dumped because: kasan: bad access detected [ 14.516343] [ 14.516448] Memory state around the buggy address: [ 14.516679] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517117] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.517448] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.517789] ^ [ 14.518040] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518405] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518726] ================================================================== [ 13.892845] ================================================================== [ 13.893206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 13.893534] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.893872] [ 13.894076] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.894127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.894141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.894164] Call Trace: [ 13.894179] <TASK> [ 13.894194] dump_stack_lvl+0x73/0xb0 [ 13.894221] print_report+0xd1/0x650 [ 13.894246] ? __virt_addr_valid+0x1db/0x2d0 [ 13.894269] ? kasan_atomics_helper+0xe78/0x5450 [ 13.894290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.894315] ? kasan_atomics_helper+0xe78/0x5450 [ 13.894339] kasan_report+0x141/0x180 [ 13.894364] ? kasan_atomics_helper+0xe78/0x5450 [ 13.894404] kasan_check_range+0x10c/0x1c0 [ 13.894429] __kasan_check_write+0x18/0x20 [ 13.894449] kasan_atomics_helper+0xe78/0x5450 [ 13.894473] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.894496] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.894518] ? ret_from_fork_asm+0x1a/0x30 [ 13.894539] ? kasan_atomics+0x152/0x310 [ 13.894562] kasan_atomics+0x1dc/0x310 [ 13.894583] ? __pfx_kasan_atomics+0x10/0x10 [ 13.894603] ? __pfx_read_tsc+0x10/0x10 [ 13.894625] ? ktime_get_ts64+0x86/0x230 [ 13.894650] kunit_try_run_case+0x1a5/0x480 [ 13.894672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.894692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.894717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.894743] ? __kthread_parkme+0x82/0x180 [ 13.894784] ? preempt_count_sub+0x50/0x80 [ 13.894808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.894830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.894855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.894881] kthread+0x337/0x6f0 [ 13.894900] ? trace_preempt_on+0x20/0xc0 [ 13.894924] ? __pfx_kthread+0x10/0x10 [ 13.894945] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.894968] ? calculate_sigpending+0x7b/0xa0 [ 13.895174] ? __pfx_kthread+0x10/0x10 [ 13.895204] ret_from_fork+0x116/0x1d0 [ 13.895226] ? __pfx_kthread+0x10/0x10 [ 13.895247] ret_from_fork_asm+0x1a/0x30 [ 13.895278] </TASK> [ 13.895290] [ 13.903341] Allocated by task 283: [ 13.904769] kasan_save_stack+0x45/0x70 [ 13.905437] kasan_save_track+0x18/0x40 [ 13.906193] kasan_save_alloc_info+0x3b/0x50 [ 13.906426] __kasan_kmalloc+0xb7/0xc0 [ 13.906567] __kmalloc_cache_noprof+0x189/0x420 [ 13.906721] kasan_atomics+0x95/0x310 [ 13.907138] kunit_try_run_case+0x1a5/0x480 [ 13.907550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.908145] kthread+0x337/0x6f0 [ 13.908583] ret_from_fork+0x116/0x1d0 [ 13.909034] ret_from_fork_asm+0x1a/0x30 [ 13.909464] [ 13.909539] The buggy address belongs to the object at ffff8881039bd780 [ 13.909539] which belongs to the cache kmalloc-64 of size 64 [ 13.909919] The buggy address is located 0 bytes to the right of [ 13.909919] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.911248] [ 13.911328] The buggy address belongs to the physical page: [ 13.911518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.912322] flags: 0x200000000000000(node=0|zone=2) [ 13.912794] page_type: f5(slab) [ 13.913110] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.913940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.914547] page dumped because: kasan: bad access detected [ 13.914731] [ 13.914904] Memory state around the buggy address: [ 13.915450] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.916366] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.917015] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.917264] ^ [ 13.917843] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.918582] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.919063] ================================================================== [ 13.539505] ================================================================== [ 13.539821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.540191] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.540436] [ 13.540519] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.540564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.540577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.540599] Call Trace: [ 13.540615] <TASK> [ 13.540630] dump_stack_lvl+0x73/0xb0 [ 13.540657] print_report+0xd1/0x650 [ 13.540681] ? __virt_addr_valid+0x1db/0x2d0 [ 13.540706] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.540729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.540753] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.540776] kasan_report+0x141/0x180 [ 13.540800] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.540828] __asan_report_load4_noabort+0x18/0x20 [ 13.540850] kasan_atomics_helper+0x4b54/0x5450 [ 13.540875] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.540899] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.540921] ? ret_from_fork_asm+0x1a/0x30 [ 13.540943] ? kasan_atomics+0x152/0x310 [ 13.540979] kasan_atomics+0x1dc/0x310 [ 13.540999] ? __pfx_kasan_atomics+0x10/0x10 [ 13.541031] ? __pfx_read_tsc+0x10/0x10 [ 13.541052] ? ktime_get_ts64+0x86/0x230 [ 13.541079] kunit_try_run_case+0x1a5/0x480 [ 13.541102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.541123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.541148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.541174] ? __kthread_parkme+0x82/0x180 [ 13.541195] ? preempt_count_sub+0x50/0x80 [ 13.541220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.541242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.541267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.541293] kthread+0x337/0x6f0 [ 13.541313] ? trace_preempt_on+0x20/0xc0 [ 13.541339] ? __pfx_kthread+0x10/0x10 [ 13.541360] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.541395] ? calculate_sigpending+0x7b/0xa0 [ 13.541420] ? __pfx_kthread+0x10/0x10 [ 13.541443] ret_from_fork+0x116/0x1d0 [ 13.541463] ? __pfx_kthread+0x10/0x10 [ 13.541485] ret_from_fork_asm+0x1a/0x30 [ 13.541517] </TASK> [ 13.541528] [ 13.549795] Allocated by task 283: [ 13.549967] kasan_save_stack+0x45/0x70 [ 13.550200] kasan_save_track+0x18/0x40 [ 13.550413] kasan_save_alloc_info+0x3b/0x50 [ 13.550626] __kasan_kmalloc+0xb7/0xc0 [ 13.550983] __kmalloc_cache_noprof+0x189/0x420 [ 13.551356] kasan_atomics+0x95/0x310 [ 13.551551] kunit_try_run_case+0x1a5/0x480 [ 13.551774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.551998] kthread+0x337/0x6f0 [ 13.552209] ret_from_fork+0x116/0x1d0 [ 13.552410] ret_from_fork_asm+0x1a/0x30 [ 13.552553] [ 13.552626] The buggy address belongs to the object at ffff8881039bd780 [ 13.552626] which belongs to the cache kmalloc-64 of size 64 [ 13.553109] The buggy address is located 0 bytes to the right of [ 13.553109] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.553787] [ 13.553894] The buggy address belongs to the physical page: [ 13.554116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.554360] flags: 0x200000000000000(node=0|zone=2) [ 13.554534] page_type: f5(slab) [ 13.554658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.555478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.555837] page dumped because: kasan: bad access detected [ 13.556099] [ 13.556197] Memory state around the buggy address: [ 13.556368] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.556837] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.557221] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.557454] ^ [ 13.557682] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.558001] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.558411] ================================================================== [ 13.657404] ================================================================== [ 13.657708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.658021] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.658360] [ 13.659269] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.659320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.659333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.659356] Call Trace: [ 13.659370] <TASK> [ 13.659396] dump_stack_lvl+0x73/0xb0 [ 13.659425] print_report+0xd1/0x650 [ 13.659448] ? __virt_addr_valid+0x1db/0x2d0 [ 13.659486] ? kasan_atomics_helper+0x72f/0x5450 [ 13.659510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.659532] ? kasan_atomics_helper+0x72f/0x5450 [ 13.659555] kasan_report+0x141/0x180 [ 13.659578] ? kasan_atomics_helper+0x72f/0x5450 [ 13.659607] kasan_check_range+0x10c/0x1c0 [ 13.659635] __kasan_check_write+0x18/0x20 [ 13.659656] kasan_atomics_helper+0x72f/0x5450 [ 13.659679] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.659723] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.659745] ? ret_from_fork_asm+0x1a/0x30 [ 13.659766] ? kasan_atomics+0x152/0x310 [ 13.659791] kasan_atomics+0x1dc/0x310 [ 13.659810] ? __pfx_kasan_atomics+0x10/0x10 [ 13.659832] ? __pfx_read_tsc+0x10/0x10 [ 13.659853] ? ktime_get_ts64+0x86/0x230 [ 13.659878] kunit_try_run_case+0x1a5/0x480 [ 13.659900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.659946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.659972] ? __kthread_parkme+0x82/0x180 [ 13.660248] ? preempt_count_sub+0x50/0x80 [ 13.660278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.660302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.660328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.660354] kthread+0x337/0x6f0 [ 13.660386] ? trace_preempt_on+0x20/0xc0 [ 13.660412] ? __pfx_kthread+0x10/0x10 [ 13.660435] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.660459] ? calculate_sigpending+0x7b/0xa0 [ 13.660484] ? __pfx_kthread+0x10/0x10 [ 13.660507] ret_from_fork+0x116/0x1d0 [ 13.660527] ? __pfx_kthread+0x10/0x10 [ 13.660548] ret_from_fork_asm+0x1a/0x30 [ 13.660579] </TASK> [ 13.660591] [ 13.669279] Allocated by task 283: [ 13.669426] kasan_save_stack+0x45/0x70 [ 13.669610] kasan_save_track+0x18/0x40 [ 13.669827] kasan_save_alloc_info+0x3b/0x50 [ 13.670200] __kasan_kmalloc+0xb7/0xc0 [ 13.670421] __kmalloc_cache_noprof+0x189/0x420 [ 13.670648] kasan_atomics+0x95/0x310 [ 13.670860] kunit_try_run_case+0x1a5/0x480 [ 13.671158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.671442] kthread+0x337/0x6f0 [ 13.671615] ret_from_fork+0x116/0x1d0 [ 13.671816] ret_from_fork_asm+0x1a/0x30 [ 13.672082] [ 13.672171] The buggy address belongs to the object at ffff8881039bd780 [ 13.672171] which belongs to the cache kmalloc-64 of size 64 [ 13.672668] The buggy address is located 0 bytes to the right of [ 13.672668] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.673263] [ 13.673346] The buggy address belongs to the physical page: [ 13.673592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.673923] flags: 0x200000000000000(node=0|zone=2) [ 13.674369] page_type: f5(slab) [ 13.674565] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.674869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.675271] page dumped because: kasan: bad access detected [ 13.675491] [ 13.675564] Memory state around the buggy address: [ 13.675744] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.676098] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.676431] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.676750] ^ [ 13.676930] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677149] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677475] ================================================================== [ 14.910948] ================================================================== [ 14.911354] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 14.911689] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.912054] [ 14.912140] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.912184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.912197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.912218] Call Trace: [ 14.912231] <TASK> [ 14.912245] dump_stack_lvl+0x73/0xb0 [ 14.912271] print_report+0xd1/0x650 [ 14.912296] ? __virt_addr_valid+0x1db/0x2d0 [ 14.912319] ? kasan_atomics_helper+0x5115/0x5450 [ 14.912341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.912364] ? kasan_atomics_helper+0x5115/0x5450 [ 14.912398] kasan_report+0x141/0x180 [ 14.912421] ? kasan_atomics_helper+0x5115/0x5450 [ 14.912448] __asan_report_load8_noabort+0x18/0x20 [ 14.912469] kasan_atomics_helper+0x5115/0x5450 [ 14.912494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.912517] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.912538] ? ret_from_fork_asm+0x1a/0x30 [ 14.912561] ? kasan_atomics+0x152/0x310 [ 14.912585] kasan_atomics+0x1dc/0x310 [ 14.912605] ? __pfx_kasan_atomics+0x10/0x10 [ 14.912626] ? __pfx_read_tsc+0x10/0x10 [ 14.912683] ? ktime_get_ts64+0x86/0x230 [ 14.912709] kunit_try_run_case+0x1a5/0x480 [ 14.912742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.912789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.912843] ? __kthread_parkme+0x82/0x180 [ 14.912864] ? preempt_count_sub+0x50/0x80 [ 14.912898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.912945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.912971] kthread+0x337/0x6f0 [ 14.912991] ? trace_preempt_on+0x20/0xc0 [ 14.913015] ? __pfx_kthread+0x10/0x10 [ 14.913065] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.913089] ? calculate_sigpending+0x7b/0xa0 [ 14.913113] ? __pfx_kthread+0x10/0x10 [ 14.913145] ret_from_fork+0x116/0x1d0 [ 14.913165] ? __pfx_kthread+0x10/0x10 [ 14.913186] ret_from_fork_asm+0x1a/0x30 [ 14.913219] </TASK> [ 14.913230] [ 14.921332] Allocated by task 283: [ 14.921475] kasan_save_stack+0x45/0x70 [ 14.921622] kasan_save_track+0x18/0x40 [ 14.921784] kasan_save_alloc_info+0x3b/0x50 [ 14.921994] __kasan_kmalloc+0xb7/0xc0 [ 14.922242] __kmalloc_cache_noprof+0x189/0x420 [ 14.922685] kasan_atomics+0x95/0x310 [ 14.922858] kunit_try_run_case+0x1a5/0x480 [ 14.923005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.923410] kthread+0x337/0x6f0 [ 14.923655] ret_from_fork+0x116/0x1d0 [ 14.923902] ret_from_fork_asm+0x1a/0x30 [ 14.924053] [ 14.924125] The buggy address belongs to the object at ffff8881039bd780 [ 14.924125] which belongs to the cache kmalloc-64 of size 64 [ 14.924490] The buggy address is located 0 bytes to the right of [ 14.924490] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.925430] [ 14.925528] The buggy address belongs to the physical page: [ 14.925831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.926196] flags: 0x200000000000000(node=0|zone=2) [ 14.926528] page_type: f5(slab) [ 14.926672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.927085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.927348] page dumped because: kasan: bad access detected [ 14.927532] [ 14.927603] Memory state around the buggy address: [ 14.927871] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.928196] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.928585] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.928918] ^ [ 14.929152] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929454] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929806] ================================================================== [ 14.832120] ================================================================== [ 14.832532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.833007] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.833410] [ 14.833554] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.833632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.833645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.833677] Call Trace: [ 14.833691] <TASK> [ 14.833707] dump_stack_lvl+0x73/0xb0 [ 14.833733] print_report+0xd1/0x650 [ 14.833756] ? __virt_addr_valid+0x1db/0x2d0 [ 14.833778] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.833800] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.833852] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.833875] kasan_report+0x141/0x180 [ 14.833909] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.833937] __asan_report_load8_noabort+0x18/0x20 [ 14.833959] kasan_atomics_helper+0x4fb2/0x5450 [ 14.833982] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.834005] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.834030] ? ret_from_fork_asm+0x1a/0x30 [ 14.834053] ? kasan_atomics+0x152/0x310 [ 14.834078] kasan_atomics+0x1dc/0x310 [ 14.834097] ? __pfx_kasan_atomics+0x10/0x10 [ 14.834119] ? __pfx_read_tsc+0x10/0x10 [ 14.834140] ? ktime_get_ts64+0x86/0x230 [ 14.834165] kunit_try_run_case+0x1a5/0x480 [ 14.834187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.834207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.834264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.834289] ? __kthread_parkme+0x82/0x180 [ 14.834342] ? preempt_count_sub+0x50/0x80 [ 14.834392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.834414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.834439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.834464] kthread+0x337/0x6f0 [ 14.834484] ? trace_preempt_on+0x20/0xc0 [ 14.834508] ? __pfx_kthread+0x10/0x10 [ 14.834530] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.834554] ? calculate_sigpending+0x7b/0xa0 [ 14.834577] ? __pfx_kthread+0x10/0x10 [ 14.834613] ret_from_fork+0x116/0x1d0 [ 14.834633] ? __pfx_kthread+0x10/0x10 [ 14.834654] ret_from_fork_asm+0x1a/0x30 [ 14.834685] </TASK> [ 14.834697] [ 14.843074] Allocated by task 283: [ 14.843309] kasan_save_stack+0x45/0x70 [ 14.843553] kasan_save_track+0x18/0x40 [ 14.843778] kasan_save_alloc_info+0x3b/0x50 [ 14.843995] __kasan_kmalloc+0xb7/0xc0 [ 14.844160] __kmalloc_cache_noprof+0x189/0x420 [ 14.844354] kasan_atomics+0x95/0x310 [ 14.844518] kunit_try_run_case+0x1a5/0x480 [ 14.844707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844943] kthread+0x337/0x6f0 [ 14.845121] ret_from_fork+0x116/0x1d0 [ 14.845330] ret_from_fork_asm+0x1a/0x30 [ 14.845592] [ 14.845760] The buggy address belongs to the object at ffff8881039bd780 [ 14.845760] which belongs to the cache kmalloc-64 of size 64 [ 14.846220] The buggy address is located 0 bytes to the right of [ 14.846220] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.846932] [ 14.847030] The buggy address belongs to the physical page: [ 14.847288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.847583] flags: 0x200000000000000(node=0|zone=2) [ 14.847871] page_type: f5(slab) [ 14.848051] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.848528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.848902] page dumped because: kasan: bad access detected [ 14.849137] [ 14.849208] Memory state around the buggy address: [ 14.849364] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.849702] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.850032] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.850310] ^ [ 14.850577] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850851] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.851228] ================================================================== [ 13.558839] ================================================================== [ 13.559159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.559437] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.559662] [ 13.559747] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.559793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.559805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.559827] Call Trace: [ 13.559841] <TASK> [ 13.559856] dump_stack_lvl+0x73/0xb0 [ 13.559882] print_report+0xd1/0x650 [ 13.559906] ? __virt_addr_valid+0x1db/0x2d0 [ 13.559928] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.559950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.559974] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.559997] kasan_report+0x141/0x180 [ 13.560019] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.560048] kasan_check_range+0x10c/0x1c0 [ 13.560074] __kasan_check_write+0x18/0x20 [ 13.560095] kasan_atomics_helper+0x4a0/0x5450 [ 13.560119] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.560142] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.560164] ? ret_from_fork_asm+0x1a/0x30 [ 13.560186] ? kasan_atomics+0x152/0x310 [ 13.560210] kasan_atomics+0x1dc/0x310 [ 13.560230] ? __pfx_kasan_atomics+0x10/0x10 [ 13.560252] ? __pfx_read_tsc+0x10/0x10 [ 13.560434] ? ktime_get_ts64+0x86/0x230 [ 13.560466] kunit_try_run_case+0x1a5/0x480 [ 13.560490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.560510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.560536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.560563] ? __kthread_parkme+0x82/0x180 [ 13.560585] ? preempt_count_sub+0x50/0x80 [ 13.560609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.560631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.560682] kthread+0x337/0x6f0 [ 13.560702] ? trace_preempt_on+0x20/0xc0 [ 13.560737] ? __pfx_kthread+0x10/0x10 [ 13.560759] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.560783] ? calculate_sigpending+0x7b/0xa0 [ 13.560806] ? __pfx_kthread+0x10/0x10 [ 13.560829] ret_from_fork+0x116/0x1d0 [ 13.560849] ? __pfx_kthread+0x10/0x10 [ 13.560870] ret_from_fork_asm+0x1a/0x30 [ 13.560902] </TASK> [ 13.560913] [ 13.569921] Allocated by task 283: [ 13.570135] kasan_save_stack+0x45/0x70 [ 13.570286] kasan_save_track+0x18/0x40 [ 13.570461] kasan_save_alloc_info+0x3b/0x50 [ 13.570679] __kasan_kmalloc+0xb7/0xc0 [ 13.570879] __kmalloc_cache_noprof+0x189/0x420 [ 13.571242] kasan_atomics+0x95/0x310 [ 13.571392] kunit_try_run_case+0x1a5/0x480 [ 13.571608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.571916] kthread+0x337/0x6f0 [ 13.572264] ret_from_fork+0x116/0x1d0 [ 13.572434] ret_from_fork_asm+0x1a/0x30 [ 13.572637] [ 13.572739] The buggy address belongs to the object at ffff8881039bd780 [ 13.572739] which belongs to the cache kmalloc-64 of size 64 [ 13.573219] The buggy address is located 0 bytes to the right of [ 13.573219] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.573849] [ 13.573953] The buggy address belongs to the physical page: [ 13.574250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.574577] flags: 0x200000000000000(node=0|zone=2) [ 13.574816] page_type: f5(slab) [ 13.574974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.575210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.575484] page dumped because: kasan: bad access detected [ 13.575872] [ 13.575968] Memory state around the buggy address: [ 13.576195] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.576592] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.576810] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.577519] ^ [ 13.577771] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.578204] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.578505] ================================================================== [ 14.386425] ================================================================== [ 14.386955] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.387400] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.387687] [ 14.387815] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.387945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.388023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.388061] Call Trace: [ 14.388076] <TASK> [ 14.388093] dump_stack_lvl+0x73/0xb0 [ 14.388123] print_report+0xd1/0x650 [ 14.388148] ? __virt_addr_valid+0x1db/0x2d0 [ 14.388171] ? kasan_atomics_helper+0x164f/0x5450 [ 14.388193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.388216] ? kasan_atomics_helper+0x164f/0x5450 [ 14.388239] kasan_report+0x141/0x180 [ 14.388262] ? kasan_atomics_helper+0x164f/0x5450 [ 14.388290] kasan_check_range+0x10c/0x1c0 [ 14.388314] __kasan_check_write+0x18/0x20 [ 14.388334] kasan_atomics_helper+0x164f/0x5450 [ 14.388358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.388391] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.388412] ? ret_from_fork_asm+0x1a/0x30 [ 14.388434] ? kasan_atomics+0x152/0x310 [ 14.388457] kasan_atomics+0x1dc/0x310 [ 14.388476] ? __pfx_kasan_atomics+0x10/0x10 [ 14.388498] ? __pfx_read_tsc+0x10/0x10 [ 14.388519] ? ktime_get_ts64+0x86/0x230 [ 14.388543] kunit_try_run_case+0x1a5/0x480 [ 14.388565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.388610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.388635] ? __kthread_parkme+0x82/0x180 [ 14.388655] ? preempt_count_sub+0x50/0x80 [ 14.388680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.388883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.388909] kthread+0x337/0x6f0 [ 14.388929] ? trace_preempt_on+0x20/0xc0 [ 14.388954] ? __pfx_kthread+0x10/0x10 [ 14.388975] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.388999] ? calculate_sigpending+0x7b/0xa0 [ 14.389033] ? __pfx_kthread+0x10/0x10 [ 14.389057] ret_from_fork+0x116/0x1d0 [ 14.389076] ? __pfx_kthread+0x10/0x10 [ 14.389098] ret_from_fork_asm+0x1a/0x30 [ 14.389128] </TASK> [ 14.389139] [ 14.399836] Allocated by task 283: [ 14.400113] kasan_save_stack+0x45/0x70 [ 14.400300] kasan_save_track+0x18/0x40 [ 14.400525] kasan_save_alloc_info+0x3b/0x50 [ 14.401064] __kasan_kmalloc+0xb7/0xc0 [ 14.401370] __kmalloc_cache_noprof+0x189/0x420 [ 14.401603] kasan_atomics+0x95/0x310 [ 14.401894] kunit_try_run_case+0x1a5/0x480 [ 14.402161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.402623] kthread+0x337/0x6f0 [ 14.402808] ret_from_fork+0x116/0x1d0 [ 14.403155] ret_from_fork_asm+0x1a/0x30 [ 14.403331] [ 14.403444] The buggy address belongs to the object at ffff8881039bd780 [ 14.403444] which belongs to the cache kmalloc-64 of size 64 [ 14.403944] The buggy address is located 0 bytes to the right of [ 14.403944] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.404886] [ 14.405008] The buggy address belongs to the physical page: [ 14.405474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.405984] flags: 0x200000000000000(node=0|zone=2) [ 14.406352] page_type: f5(slab) [ 14.406520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.407056] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.407543] page dumped because: kasan: bad access detected [ 14.407736] [ 14.407842] Memory state around the buggy address: [ 14.408050] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.408640] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.408947] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.409433] ^ [ 14.409703] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.409952] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.410546] ================================================================== [ 14.456309] ================================================================== [ 14.456602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.456963] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.457338] [ 14.457437] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.457482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.457495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.457516] Call Trace: [ 14.457532] <TASK> [ 14.457547] dump_stack_lvl+0x73/0xb0 [ 14.457573] print_report+0xd1/0x650 [ 14.457597] ? __virt_addr_valid+0x1db/0x2d0 [ 14.457620] ? kasan_atomics_helper+0x1818/0x5450 [ 14.457643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.457667] ? kasan_atomics_helper+0x1818/0x5450 [ 14.457689] kasan_report+0x141/0x180 [ 14.457713] ? kasan_atomics_helper+0x1818/0x5450 [ 14.457740] kasan_check_range+0x10c/0x1c0 [ 14.457766] __kasan_check_write+0x18/0x20 [ 14.457786] kasan_atomics_helper+0x1818/0x5450 [ 14.457810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.457833] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.457855] ? ret_from_fork_asm+0x1a/0x30 [ 14.457877] ? kasan_atomics+0x152/0x310 [ 14.457901] kasan_atomics+0x1dc/0x310 [ 14.457920] ? __pfx_kasan_atomics+0x10/0x10 [ 14.457942] ? __pfx_read_tsc+0x10/0x10 [ 14.457963] ? ktime_get_ts64+0x86/0x230 [ 14.457988] kunit_try_run_case+0x1a5/0x480 [ 14.458023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.458048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.458073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.458098] ? __kthread_parkme+0x82/0x180 [ 14.458119] ? preempt_count_sub+0x50/0x80 [ 14.458143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.458165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.458224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.458250] kthread+0x337/0x6f0 [ 14.458270] ? trace_preempt_on+0x20/0xc0 [ 14.458295] ? __pfx_kthread+0x10/0x10 [ 14.458316] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.458339] ? calculate_sigpending+0x7b/0xa0 [ 14.458363] ? __pfx_kthread+0x10/0x10 [ 14.458395] ret_from_fork+0x116/0x1d0 [ 14.458415] ? __pfx_kthread+0x10/0x10 [ 14.458435] ret_from_fork_asm+0x1a/0x30 [ 14.458499] </TASK> [ 14.458510] [ 14.467290] Allocated by task 283: [ 14.467488] kasan_save_stack+0x45/0x70 [ 14.467679] kasan_save_track+0x18/0x40 [ 14.467821] kasan_save_alloc_info+0x3b/0x50 [ 14.467970] __kasan_kmalloc+0xb7/0xc0 [ 14.468105] __kmalloc_cache_noprof+0x189/0x420 [ 14.468259] kasan_atomics+0x95/0x310 [ 14.468486] kunit_try_run_case+0x1a5/0x480 [ 14.468833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.469090] kthread+0x337/0x6f0 [ 14.469260] ret_from_fork+0x116/0x1d0 [ 14.469458] ret_from_fork_asm+0x1a/0x30 [ 14.469656] [ 14.469791] The buggy address belongs to the object at ffff8881039bd780 [ 14.469791] which belongs to the cache kmalloc-64 of size 64 [ 14.470506] The buggy address is located 0 bytes to the right of [ 14.470506] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.471163] [ 14.471280] The buggy address belongs to the physical page: [ 14.471543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.471964] flags: 0x200000000000000(node=0|zone=2) [ 14.472132] page_type: f5(slab) [ 14.472255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.473281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.473639] page dumped because: kasan: bad access detected [ 14.474529] [ 14.474650] Memory state around the buggy address: [ 14.475335] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.475696] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.475999] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.476268] ^ [ 14.476488] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.477057] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.477698] ================================================================== [ 14.478601] ================================================================== [ 14.479140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.479574] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.480409] [ 14.480762] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.480815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.480837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.480860] Call Trace: [ 14.480876] <TASK> [ 14.480893] dump_stack_lvl+0x73/0xb0 [ 14.480922] print_report+0xd1/0x650 [ 14.480946] ? __virt_addr_valid+0x1db/0x2d0 [ 14.480969] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.480992] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.481015] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.481038] kasan_report+0x141/0x180 [ 14.481062] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.481089] kasan_check_range+0x10c/0x1c0 [ 14.481114] __kasan_check_write+0x18/0x20 [ 14.481135] kasan_atomics_helper+0x18b1/0x5450 [ 14.481160] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.481183] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.481204] ? ret_from_fork_asm+0x1a/0x30 [ 14.481226] ? kasan_atomics+0x152/0x310 [ 14.481249] kasan_atomics+0x1dc/0x310 [ 14.481269] ? __pfx_kasan_atomics+0x10/0x10 [ 14.481290] ? __pfx_read_tsc+0x10/0x10 [ 14.481311] ? ktime_get_ts64+0x86/0x230 [ 14.481336] kunit_try_run_case+0x1a5/0x480 [ 14.481357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.481415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.481440] ? __kthread_parkme+0x82/0x180 [ 14.481461] ? preempt_count_sub+0x50/0x80 [ 14.481485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.481532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.481559] kthread+0x337/0x6f0 [ 14.481581] ? trace_preempt_on+0x20/0xc0 [ 14.481605] ? __pfx_kthread+0x10/0x10 [ 14.481628] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.481652] ? calculate_sigpending+0x7b/0xa0 [ 14.481677] ? __pfx_kthread+0x10/0x10 [ 14.481698] ret_from_fork+0x116/0x1d0 [ 14.481728] ? __pfx_kthread+0x10/0x10 [ 14.481750] ret_from_fork_asm+0x1a/0x30 [ 14.481780] </TASK> [ 14.481792] [ 14.490279] Allocated by task 283: [ 14.490486] kasan_save_stack+0x45/0x70 [ 14.490744] kasan_save_track+0x18/0x40 [ 14.490916] kasan_save_alloc_info+0x3b/0x50 [ 14.491131] __kasan_kmalloc+0xb7/0xc0 [ 14.491317] __kmalloc_cache_noprof+0x189/0x420 [ 14.491517] kasan_atomics+0x95/0x310 [ 14.491848] kunit_try_run_case+0x1a5/0x480 [ 14.492016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492211] kthread+0x337/0x6f0 [ 14.492425] ret_from_fork+0x116/0x1d0 [ 14.492673] ret_from_fork_asm+0x1a/0x30 [ 14.492967] [ 14.493058] The buggy address belongs to the object at ffff8881039bd780 [ 14.493058] which belongs to the cache kmalloc-64 of size 64 [ 14.493540] The buggy address is located 0 bytes to the right of [ 14.493540] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.494305] [ 14.494433] The buggy address belongs to the physical page: [ 14.494695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.494977] flags: 0x200000000000000(node=0|zone=2) [ 14.495254] page_type: f5(slab) [ 14.495430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.495663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.496312] page dumped because: kasan: bad access detected [ 14.496518] [ 14.496587] Memory state around the buggy address: [ 14.496911] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.497248] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.497597] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.497930] ^ [ 14.498176] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498509] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498821] ================================================================== [ 13.736264] ================================================================== [ 13.736625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.736950] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.737303] [ 13.737427] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.737472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.737485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.737507] Call Trace: [ 13.737520] <TASK> [ 13.737534] dump_stack_lvl+0x73/0xb0 [ 13.737560] print_report+0xd1/0x650 [ 13.737584] ? __virt_addr_valid+0x1db/0x2d0 [ 13.737607] ? kasan_atomics_helper+0x992/0x5450 [ 13.737629] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.737653] ? kasan_atomics_helper+0x992/0x5450 [ 13.737676] kasan_report+0x141/0x180 [ 13.737720] ? kasan_atomics_helper+0x992/0x5450 [ 13.737750] kasan_check_range+0x10c/0x1c0 [ 13.737775] __kasan_check_write+0x18/0x20 [ 13.737796] kasan_atomics_helper+0x992/0x5450 [ 13.737819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.737843] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.737864] ? ret_from_fork_asm+0x1a/0x30 [ 13.737886] ? kasan_atomics+0x152/0x310 [ 13.737911] kasan_atomics+0x1dc/0x310 [ 13.737931] ? __pfx_kasan_atomics+0x10/0x10 [ 13.737952] ? __pfx_read_tsc+0x10/0x10 [ 13.737974] ? ktime_get_ts64+0x86/0x230 [ 13.738069] kunit_try_run_case+0x1a5/0x480 [ 13.738094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.738115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.738141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.738167] ? __kthread_parkme+0x82/0x180 [ 13.738188] ? preempt_count_sub+0x50/0x80 [ 13.738212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.738234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.738259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.738284] kthread+0x337/0x6f0 [ 13.738304] ? trace_preempt_on+0x20/0xc0 [ 13.738328] ? __pfx_kthread+0x10/0x10 [ 13.738349] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.738383] ? calculate_sigpending+0x7b/0xa0 [ 13.738407] ? __pfx_kthread+0x10/0x10 [ 13.738428] ret_from_fork+0x116/0x1d0 [ 13.738448] ? __pfx_kthread+0x10/0x10 [ 13.738469] ret_from_fork_asm+0x1a/0x30 [ 13.738499] </TASK> [ 13.738511] [ 13.747288] Allocated by task 283: [ 13.747456] kasan_save_stack+0x45/0x70 [ 13.747661] kasan_save_track+0x18/0x40 [ 13.747861] kasan_save_alloc_info+0x3b/0x50 [ 13.748238] __kasan_kmalloc+0xb7/0xc0 [ 13.748451] __kmalloc_cache_noprof+0x189/0x420 [ 13.748657] kasan_atomics+0x95/0x310 [ 13.748795] kunit_try_run_case+0x1a5/0x480 [ 13.749110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.749351] kthread+0x337/0x6f0 [ 13.749529] ret_from_fork+0x116/0x1d0 [ 13.749709] ret_from_fork_asm+0x1a/0x30 [ 13.749935] [ 13.750101] The buggy address belongs to the object at ffff8881039bd780 [ 13.750101] which belongs to the cache kmalloc-64 of size 64 [ 13.750596] The buggy address is located 0 bytes to the right of [ 13.750596] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.751157] [ 13.751260] The buggy address belongs to the physical page: [ 13.751493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.751803] flags: 0x200000000000000(node=0|zone=2) [ 13.752251] page_type: f5(slab) [ 13.752420] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.752665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.752921] page dumped because: kasan: bad access detected [ 13.753230] [ 13.753328] Memory state around the buggy address: [ 13.753573] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.753913] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.754309] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.754601] ^ [ 13.754801] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755030] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755334] ================================================================== [ 13.853701] ================================================================== [ 13.854132] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 13.854475] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.854819] [ 13.854917] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.854961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.854974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.855185] Call Trace: [ 13.855208] <TASK> [ 13.855225] dump_stack_lvl+0x73/0xb0 [ 13.855255] print_report+0xd1/0x650 [ 13.855279] ? __virt_addr_valid+0x1db/0x2d0 [ 13.855303] ? kasan_atomics_helper+0xd47/0x5450 [ 13.855325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.855349] ? kasan_atomics_helper+0xd47/0x5450 [ 13.855371] kasan_report+0x141/0x180 [ 13.855408] ? kasan_atomics_helper+0xd47/0x5450 [ 13.855436] kasan_check_range+0x10c/0x1c0 [ 13.855460] __kasan_check_write+0x18/0x20 [ 13.855481] kasan_atomics_helper+0xd47/0x5450 [ 13.855504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.855527] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.855548] ? ret_from_fork_asm+0x1a/0x30 [ 13.855570] ? kasan_atomics+0x152/0x310 [ 13.855593] kasan_atomics+0x1dc/0x310 [ 13.855613] ? __pfx_kasan_atomics+0x10/0x10 [ 13.855635] ? __pfx_read_tsc+0x10/0x10 [ 13.855656] ? ktime_get_ts64+0x86/0x230 [ 13.855682] kunit_try_run_case+0x1a5/0x480 [ 13.855704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.855750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.855776] ? __kthread_parkme+0x82/0x180 [ 13.855797] ? preempt_count_sub+0x50/0x80 [ 13.855821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.855843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.855889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.855914] kthread+0x337/0x6f0 [ 13.855934] ? trace_preempt_on+0x20/0xc0 [ 13.855960] ? __pfx_kthread+0x10/0x10 [ 13.855982] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.856070] ? calculate_sigpending+0x7b/0xa0 [ 13.856095] ? __pfx_kthread+0x10/0x10 [ 13.856118] ret_from_fork+0x116/0x1d0 [ 13.856137] ? __pfx_kthread+0x10/0x10 [ 13.856159] ret_from_fork_asm+0x1a/0x30 [ 13.856191] </TASK> [ 13.856202] [ 13.864528] Allocated by task 283: [ 13.864689] kasan_save_stack+0x45/0x70 [ 13.864894] kasan_save_track+0x18/0x40 [ 13.865134] kasan_save_alloc_info+0x3b/0x50 [ 13.865329] __kasan_kmalloc+0xb7/0xc0 [ 13.865509] __kmalloc_cache_noprof+0x189/0x420 [ 13.865717] kasan_atomics+0x95/0x310 [ 13.865847] kunit_try_run_case+0x1a5/0x480 [ 13.865990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.866228] kthread+0x337/0x6f0 [ 13.866429] ret_from_fork+0x116/0x1d0 [ 13.866620] ret_from_fork_asm+0x1a/0x30 [ 13.866822] [ 13.866917] The buggy address belongs to the object at ffff8881039bd780 [ 13.866917] which belongs to the cache kmalloc-64 of size 64 [ 13.867603] The buggy address is located 0 bytes to the right of [ 13.867603] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.868218] [ 13.868324] The buggy address belongs to the physical page: [ 13.868559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.868924] flags: 0x200000000000000(node=0|zone=2) [ 13.869240] page_type: f5(slab) [ 13.869404] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.869708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.869952] page dumped because: kasan: bad access detected [ 13.870132] [ 13.870202] Memory state around the buggy address: [ 13.870364] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.870690] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.871005] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.871317] ^ [ 13.871775] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.872139] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.872363] ================================================================== [ 14.695138] ================================================================== [ 14.695857] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.696102] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.696329] [ 14.696680] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.696951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.696968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.696990] Call Trace: [ 14.697009] <TASK> [ 14.697027] dump_stack_lvl+0x73/0xb0 [ 14.697091] print_report+0xd1/0x650 [ 14.697119] ? __virt_addr_valid+0x1db/0x2d0 [ 14.697141] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.697164] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.697188] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.697211] kasan_report+0x141/0x180 [ 14.697234] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.697262] kasan_check_range+0x10c/0x1c0 [ 14.697287] __kasan_check_write+0x18/0x20 [ 14.697309] kasan_atomics_helper+0x1eaa/0x5450 [ 14.697333] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.697357] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.697388] ? ret_from_fork_asm+0x1a/0x30 [ 14.697411] ? kasan_atomics+0x152/0x310 [ 14.697435] kasan_atomics+0x1dc/0x310 [ 14.697455] ? __pfx_kasan_atomics+0x10/0x10 [ 14.697477] ? __pfx_read_tsc+0x10/0x10 [ 14.697498] ? ktime_get_ts64+0x86/0x230 [ 14.697524] kunit_try_run_case+0x1a5/0x480 [ 14.697546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.697593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.697619] ? __kthread_parkme+0x82/0x180 [ 14.697642] ? preempt_count_sub+0x50/0x80 [ 14.697666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.697736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.697761] kthread+0x337/0x6f0 [ 14.697781] ? trace_preempt_on+0x20/0xc0 [ 14.697806] ? __pfx_kthread+0x10/0x10 [ 14.697828] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.697852] ? calculate_sigpending+0x7b/0xa0 [ 14.697877] ? __pfx_kthread+0x10/0x10 [ 14.697899] ret_from_fork+0x116/0x1d0 [ 14.697918] ? __pfx_kthread+0x10/0x10 [ 14.697939] ret_from_fork_asm+0x1a/0x30 [ 14.697970] </TASK> [ 14.697981] [ 14.710942] Allocated by task 283: [ 14.711264] kasan_save_stack+0x45/0x70 [ 14.711635] kasan_save_track+0x18/0x40 [ 14.712009] kasan_save_alloc_info+0x3b/0x50 [ 14.712402] __kasan_kmalloc+0xb7/0xc0 [ 14.712563] __kmalloc_cache_noprof+0x189/0x420 [ 14.712767] kasan_atomics+0x95/0x310 [ 14.713101] kunit_try_run_case+0x1a5/0x480 [ 14.713476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.713955] kthread+0x337/0x6f0 [ 14.714154] ret_from_fork+0x116/0x1d0 [ 14.714290] ret_from_fork_asm+0x1a/0x30 [ 14.714444] [ 14.714516] The buggy address belongs to the object at ffff8881039bd780 [ 14.714516] which belongs to the cache kmalloc-64 of size 64 [ 14.715240] The buggy address is located 0 bytes to the right of [ 14.715240] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.716328] [ 14.716495] The buggy address belongs to the physical page: [ 14.716981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.717660] flags: 0x200000000000000(node=0|zone=2) [ 14.718070] page_type: f5(slab) [ 14.718199] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.718449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.718676] page dumped because: kasan: bad access detected [ 14.719175] [ 14.719333] Memory state around the buggy address: [ 14.719783] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.720396] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.721020] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.721635] ^ [ 14.722087] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.722501] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.722750] ================================================================== [ 14.302121] ================================================================== [ 14.303031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.303939] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.304856] [ 14.305142] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.305203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.305218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.305241] Call Trace: [ 14.305259] <TASK> [ 14.305351] dump_stack_lvl+0x73/0xb0 [ 14.305396] print_report+0xd1/0x650 [ 14.305421] ? __virt_addr_valid+0x1db/0x2d0 [ 14.305444] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.305466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.305489] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.305512] kasan_report+0x141/0x180 [ 14.305535] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.305562] __asan_report_store8_noabort+0x1b/0x30 [ 14.305584] kasan_atomics_helper+0x50d4/0x5450 [ 14.305607] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.305631] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.305652] ? ret_from_fork_asm+0x1a/0x30 [ 14.305673] ? kasan_atomics+0x152/0x310 [ 14.305696] kasan_atomics+0x1dc/0x310 [ 14.305728] ? __pfx_kasan_atomics+0x10/0x10 [ 14.305750] ? __pfx_read_tsc+0x10/0x10 [ 14.305771] ? ktime_get_ts64+0x86/0x230 [ 14.305796] kunit_try_run_case+0x1a5/0x480 [ 14.305818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.305866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.305891] ? __kthread_parkme+0x82/0x180 [ 14.305911] ? preempt_count_sub+0x50/0x80 [ 14.305936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.305983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.306018] kthread+0x337/0x6f0 [ 14.306046] ? trace_preempt_on+0x20/0xc0 [ 14.306070] ? __pfx_kthread+0x10/0x10 [ 14.306091] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.306115] ? calculate_sigpending+0x7b/0xa0 [ 14.306140] ? __pfx_kthread+0x10/0x10 [ 14.306162] ret_from_fork+0x116/0x1d0 [ 14.306181] ? __pfx_kthread+0x10/0x10 [ 14.306202] ret_from_fork_asm+0x1a/0x30 [ 14.306232] </TASK> [ 14.306244] [ 14.320933] Allocated by task 283: [ 14.321586] kasan_save_stack+0x45/0x70 [ 14.321785] kasan_save_track+0x18/0x40 [ 14.321977] kasan_save_alloc_info+0x3b/0x50 [ 14.322395] __kasan_kmalloc+0xb7/0xc0 [ 14.322672] __kmalloc_cache_noprof+0x189/0x420 [ 14.322870] kasan_atomics+0x95/0x310 [ 14.323213] kunit_try_run_case+0x1a5/0x480 [ 14.323410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323668] kthread+0x337/0x6f0 [ 14.323962] ret_from_fork+0x116/0x1d0 [ 14.324351] ret_from_fork_asm+0x1a/0x30 [ 14.324643] [ 14.324771] The buggy address belongs to the object at ffff8881039bd780 [ 14.324771] which belongs to the cache kmalloc-64 of size 64 [ 14.325585] The buggy address is located 0 bytes to the right of [ 14.325585] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.326325] [ 14.326441] The buggy address belongs to the physical page: [ 14.326811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.327344] flags: 0x200000000000000(node=0|zone=2) [ 14.327554] page_type: f5(slab) [ 14.327735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.328399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.328944] page dumped because: kasan: bad access detected [ 14.329147] [ 14.329413] Memory state around the buggy address: [ 14.329606] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.330175] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.330555] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.330999] ^ [ 14.331307] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.331697] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.332209] ================================================================== [ 14.812336] ================================================================== [ 14.812718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.813117] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.813494] [ 14.813621] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.813667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.813681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.813703] Call Trace: [ 14.813719] <TASK> [ 14.813735] dump_stack_lvl+0x73/0xb0 [ 14.813795] print_report+0xd1/0x650 [ 14.813819] ? __virt_addr_valid+0x1db/0x2d0 [ 14.813853] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.813876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.813899] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.813922] kasan_report+0x141/0x180 [ 14.813945] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.813986] kasan_check_range+0x10c/0x1c0 [ 14.814010] __kasan_check_write+0x18/0x20 [ 14.814034] kasan_atomics_helper+0x20c8/0x5450 [ 14.814089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.814113] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.814145] ? ret_from_fork_asm+0x1a/0x30 [ 14.814167] ? kasan_atomics+0x152/0x310 [ 14.814190] kasan_atomics+0x1dc/0x310 [ 14.814210] ? __pfx_kasan_atomics+0x10/0x10 [ 14.814231] ? __pfx_read_tsc+0x10/0x10 [ 14.814253] ? ktime_get_ts64+0x86/0x230 [ 14.814278] kunit_try_run_case+0x1a5/0x480 [ 14.814299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.814319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.814344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.814410] ? __kthread_parkme+0x82/0x180 [ 14.814432] ? preempt_count_sub+0x50/0x80 [ 14.814467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.814489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.814513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.814539] kthread+0x337/0x6f0 [ 14.814558] ? trace_preempt_on+0x20/0xc0 [ 14.814582] ? __pfx_kthread+0x10/0x10 [ 14.814603] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.814627] ? calculate_sigpending+0x7b/0xa0 [ 14.814650] ? __pfx_kthread+0x10/0x10 [ 14.814673] ret_from_fork+0x116/0x1d0 [ 14.814692] ? __pfx_kthread+0x10/0x10 [ 14.814713] ret_from_fork_asm+0x1a/0x30 [ 14.814743] </TASK> [ 14.814755] [ 14.822984] Allocated by task 283: [ 14.823209] kasan_save_stack+0x45/0x70 [ 14.823356] kasan_save_track+0x18/0x40 [ 14.823538] kasan_save_alloc_info+0x3b/0x50 [ 14.823793] __kasan_kmalloc+0xb7/0xc0 [ 14.824088] __kmalloc_cache_noprof+0x189/0x420 [ 14.824401] kasan_atomics+0x95/0x310 [ 14.824593] kunit_try_run_case+0x1a5/0x480 [ 14.824846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.825100] kthread+0x337/0x6f0 [ 14.825229] ret_from_fork+0x116/0x1d0 [ 14.825403] ret_from_fork_asm+0x1a/0x30 [ 14.825654] [ 14.825752] The buggy address belongs to the object at ffff8881039bd780 [ 14.825752] which belongs to the cache kmalloc-64 of size 64 [ 14.826392] The buggy address is located 0 bytes to the right of [ 14.826392] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.827142] [ 14.827217] The buggy address belongs to the physical page: [ 14.827399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.827719] flags: 0x200000000000000(node=0|zone=2) [ 14.827990] page_type: f5(slab) [ 14.828174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.828534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.829008] page dumped because: kasan: bad access detected [ 14.829256] [ 14.829329] Memory state around the buggy address: [ 14.829496] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.829911] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.830283] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.830615] ^ [ 14.830899] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.831217] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.831524] ================================================================== [ 13.994548] ================================================================== [ 13.995162] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 13.995956] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.996686] [ 13.996973] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.997024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.997038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.997059] Call Trace: [ 13.997073] <TASK> [ 13.997088] dump_stack_lvl+0x73/0xb0 [ 13.997115] print_report+0xd1/0x650 [ 13.997140] ? __virt_addr_valid+0x1db/0x2d0 [ 13.997163] ? kasan_atomics_helper+0x1079/0x5450 [ 13.997185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.997209] ? kasan_atomics_helper+0x1079/0x5450 [ 13.997245] kasan_report+0x141/0x180 [ 13.997270] ? kasan_atomics_helper+0x1079/0x5450 [ 13.997298] kasan_check_range+0x10c/0x1c0 [ 13.997323] __kasan_check_write+0x18/0x20 [ 13.997343] kasan_atomics_helper+0x1079/0x5450 [ 13.997367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.997402] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.997423] ? ret_from_fork_asm+0x1a/0x30 [ 13.997445] ? kasan_atomics+0x152/0x310 [ 13.997468] kasan_atomics+0x1dc/0x310 [ 13.997488] ? __pfx_kasan_atomics+0x10/0x10 [ 13.997510] ? __pfx_read_tsc+0x10/0x10 [ 13.997531] ? ktime_get_ts64+0x86/0x230 [ 13.997556] kunit_try_run_case+0x1a5/0x480 [ 13.997578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.997599] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.997624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.997649] ? __kthread_parkme+0x82/0x180 [ 13.997670] ? preempt_count_sub+0x50/0x80 [ 13.997694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.997715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.997789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.997813] kthread+0x337/0x6f0 [ 13.997834] ? trace_preempt_on+0x20/0xc0 [ 13.997858] ? __pfx_kthread+0x10/0x10 [ 13.997879] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.997903] ? calculate_sigpending+0x7b/0xa0 [ 13.997927] ? __pfx_kthread+0x10/0x10 [ 13.997948] ret_from_fork+0x116/0x1d0 [ 13.997968] ? __pfx_kthread+0x10/0x10 [ 13.997988] ret_from_fork_asm+0x1a/0x30 [ 13.998186] </TASK> [ 13.998200] [ 14.009482] Allocated by task 283: [ 14.009665] kasan_save_stack+0x45/0x70 [ 14.009845] kasan_save_track+0x18/0x40 [ 14.009987] kasan_save_alloc_info+0x3b/0x50 [ 14.010388] __kasan_kmalloc+0xb7/0xc0 [ 14.010768] __kmalloc_cache_noprof+0x189/0x420 [ 14.011277] kasan_atomics+0x95/0x310 [ 14.011638] kunit_try_run_case+0x1a5/0x480 [ 14.012137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.012653] kthread+0x337/0x6f0 [ 14.012997] ret_from_fork+0x116/0x1d0 [ 14.013426] ret_from_fork_asm+0x1a/0x30 [ 14.013673] [ 14.013805] The buggy address belongs to the object at ffff8881039bd780 [ 14.013805] which belongs to the cache kmalloc-64 of size 64 [ 14.015047] The buggy address is located 0 bytes to the right of [ 14.015047] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.015684] [ 14.015785] The buggy address belongs to the physical page: [ 14.015964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.016592] flags: 0x200000000000000(node=0|zone=2) [ 14.017201] page_type: f5(slab) [ 14.017538] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.018413] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.019063] page dumped because: kasan: bad access detected [ 14.019632] [ 14.019803] Memory state around the buggy address: [ 14.020140] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.020758] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.021320] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.021557] ^ [ 14.021727] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.022642] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.023410] ================================================================== [ 13.755884] ================================================================== [ 13.756436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 13.756694] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.757118] [ 13.757209] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.757255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.757269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.757291] Call Trace: [ 13.757305] <TASK> [ 13.757321] dump_stack_lvl+0x73/0xb0 [ 13.757348] print_report+0xd1/0x650 [ 13.757373] ? __virt_addr_valid+0x1db/0x2d0 [ 13.757409] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.757431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.757454] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.757477] kasan_report+0x141/0x180 [ 13.757500] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.757528] kasan_check_range+0x10c/0x1c0 [ 13.757553] __kasan_check_write+0x18/0x20 [ 13.757574] kasan_atomics_helper+0xa2b/0x5450 [ 13.757597] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.757621] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.757644] ? ret_from_fork_asm+0x1a/0x30 [ 13.757667] ? kasan_atomics+0x152/0x310 [ 13.757691] kasan_atomics+0x1dc/0x310 [ 13.757712] ? __pfx_kasan_atomics+0x10/0x10 [ 13.757733] ? __pfx_read_tsc+0x10/0x10 [ 13.757776] ? ktime_get_ts64+0x86/0x230 [ 13.757802] kunit_try_run_case+0x1a5/0x480 [ 13.757824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.757870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.757896] ? __kthread_parkme+0x82/0x180 [ 13.757916] ? preempt_count_sub+0x50/0x80 [ 13.757941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.757963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.758065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.758096] kthread+0x337/0x6f0 [ 13.758117] ? trace_preempt_on+0x20/0xc0 [ 13.758141] ? __pfx_kthread+0x10/0x10 [ 13.758163] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.758188] ? calculate_sigpending+0x7b/0xa0 [ 13.758213] ? __pfx_kthread+0x10/0x10 [ 13.758235] ret_from_fork+0x116/0x1d0 [ 13.758254] ? __pfx_kthread+0x10/0x10 [ 13.758276] ret_from_fork_asm+0x1a/0x30 [ 13.758308] </TASK> [ 13.758319] [ 13.766608] Allocated by task 283: [ 13.766821] kasan_save_stack+0x45/0x70 [ 13.767100] kasan_save_track+0x18/0x40 [ 13.767278] kasan_save_alloc_info+0x3b/0x50 [ 13.767481] __kasan_kmalloc+0xb7/0xc0 [ 13.767672] __kmalloc_cache_noprof+0x189/0x420 [ 13.767894] kasan_atomics+0x95/0x310 [ 13.768148] kunit_try_run_case+0x1a5/0x480 [ 13.768354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.768607] kthread+0x337/0x6f0 [ 13.768758] ret_from_fork+0x116/0x1d0 [ 13.768927] ret_from_fork_asm+0x1a/0x30 [ 13.769331] [ 13.769433] The buggy address belongs to the object at ffff8881039bd780 [ 13.769433] which belongs to the cache kmalloc-64 of size 64 [ 13.770075] The buggy address is located 0 bytes to the right of [ 13.770075] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.770542] [ 13.770623] The buggy address belongs to the physical page: [ 13.770829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.771423] flags: 0x200000000000000(node=0|zone=2) [ 13.771668] page_type: f5(slab) [ 13.771836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.772200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.772553] page dumped because: kasan: bad access detected [ 13.772844] [ 13.772944] Memory state around the buggy address: [ 13.773334] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.773640] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.773947] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.774340] ^ [ 13.774575] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774887] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775253] ================================================================== [ 14.435662] ================================================================== [ 14.436458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.436894] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.437407] [ 14.437523] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.437650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.437666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.437689] Call Trace: [ 14.437707] <TASK> [ 14.437725] dump_stack_lvl+0x73/0xb0 [ 14.437755] print_report+0xd1/0x650 [ 14.437780] ? __virt_addr_valid+0x1db/0x2d0 [ 14.437802] ? kasan_atomics_helper+0x177f/0x5450 [ 14.437825] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.437848] ? kasan_atomics_helper+0x177f/0x5450 [ 14.437872] kasan_report+0x141/0x180 [ 14.437896] ? kasan_atomics_helper+0x177f/0x5450 [ 14.437923] kasan_check_range+0x10c/0x1c0 [ 14.437948] __kasan_check_write+0x18/0x20 [ 14.437969] kasan_atomics_helper+0x177f/0x5450 [ 14.437993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.438016] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.438050] ? ret_from_fork_asm+0x1a/0x30 [ 14.438073] ? kasan_atomics+0x152/0x310 [ 14.438097] kasan_atomics+0x1dc/0x310 [ 14.438117] ? __pfx_kasan_atomics+0x10/0x10 [ 14.438139] ? __pfx_read_tsc+0x10/0x10 [ 14.438160] ? ktime_get_ts64+0x86/0x230 [ 14.438186] kunit_try_run_case+0x1a5/0x480 [ 14.438208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.438228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.438254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.438281] ? __kthread_parkme+0x82/0x180 [ 14.438303] ? preempt_count_sub+0x50/0x80 [ 14.438329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.438352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.438390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.438415] kthread+0x337/0x6f0 [ 14.438434] ? trace_preempt_on+0x20/0xc0 [ 14.438458] ? __pfx_kthread+0x10/0x10 [ 14.438480] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.438505] ? calculate_sigpending+0x7b/0xa0 [ 14.438529] ? __pfx_kthread+0x10/0x10 [ 14.438551] ret_from_fork+0x116/0x1d0 [ 14.438570] ? __pfx_kthread+0x10/0x10 [ 14.438592] ret_from_fork_asm+0x1a/0x30 [ 14.438623] </TASK> [ 14.438635] [ 14.447233] Allocated by task 283: [ 14.447442] kasan_save_stack+0x45/0x70 [ 14.447592] kasan_save_track+0x18/0x40 [ 14.447739] kasan_save_alloc_info+0x3b/0x50 [ 14.448108] __kasan_kmalloc+0xb7/0xc0 [ 14.448299] __kmalloc_cache_noprof+0x189/0x420 [ 14.448478] kasan_atomics+0x95/0x310 [ 14.448611] kunit_try_run_case+0x1a5/0x480 [ 14.448801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.449123] kthread+0x337/0x6f0 [ 14.449297] ret_from_fork+0x116/0x1d0 [ 14.449500] ret_from_fork_asm+0x1a/0x30 [ 14.449747] [ 14.449876] The buggy address belongs to the object at ffff8881039bd780 [ 14.449876] which belongs to the cache kmalloc-64 of size 64 [ 14.450353] The buggy address is located 0 bytes to the right of [ 14.450353] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.451011] [ 14.451127] The buggy address belongs to the physical page: [ 14.451410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.451798] flags: 0x200000000000000(node=0|zone=2) [ 14.452035] page_type: f5(slab) [ 14.452226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.452568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.452973] page dumped because: kasan: bad access detected [ 14.453248] [ 14.453344] Memory state around the buggy address: [ 14.453585] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.453977] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.454312] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.454637] ^ [ 14.454889] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455211] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455564] ================================================================== [ 13.834332] ================================================================== [ 13.834605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 13.834950] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.835452] [ 13.835572] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.835619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.835631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.835654] Call Trace: [ 13.835667] <TASK> [ 13.835682] dump_stack_lvl+0x73/0xb0 [ 13.835710] print_report+0xd1/0x650 [ 13.835734] ? __virt_addr_valid+0x1db/0x2d0 [ 13.835756] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.835779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.835803] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.835825] kasan_report+0x141/0x180 [ 13.835870] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.835898] __asan_report_load4_noabort+0x18/0x20 [ 13.835919] kasan_atomics_helper+0x4a84/0x5450 [ 13.835942] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.835966] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.836087] ? ret_from_fork_asm+0x1a/0x30 [ 13.836117] ? kasan_atomics+0x152/0x310 [ 13.836142] kasan_atomics+0x1dc/0x310 [ 13.836163] ? __pfx_kasan_atomics+0x10/0x10 [ 13.836184] ? __pfx_read_tsc+0x10/0x10 [ 13.836206] ? ktime_get_ts64+0x86/0x230 [ 13.836231] kunit_try_run_case+0x1a5/0x480 [ 13.836253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.836274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.836299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.836325] ? __kthread_parkme+0x82/0x180 [ 13.836347] ? preempt_count_sub+0x50/0x80 [ 13.836371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.836404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.836429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.836454] kthread+0x337/0x6f0 [ 13.836475] ? trace_preempt_on+0x20/0xc0 [ 13.836499] ? __pfx_kthread+0x10/0x10 [ 13.836520] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.836544] ? calculate_sigpending+0x7b/0xa0 [ 13.836568] ? __pfx_kthread+0x10/0x10 [ 13.836589] ret_from_fork+0x116/0x1d0 [ 13.836609] ? __pfx_kthread+0x10/0x10 [ 13.836630] ret_from_fork_asm+0x1a/0x30 [ 13.836660] </TASK> [ 13.836671] [ 13.844596] Allocated by task 283: [ 13.844812] kasan_save_stack+0x45/0x70 [ 13.845126] kasan_save_track+0x18/0x40 [ 13.845332] kasan_save_alloc_info+0x3b/0x50 [ 13.845539] __kasan_kmalloc+0xb7/0xc0 [ 13.845764] __kmalloc_cache_noprof+0x189/0x420 [ 13.845938] kasan_atomics+0x95/0x310 [ 13.846149] kunit_try_run_case+0x1a5/0x480 [ 13.846369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.846640] kthread+0x337/0x6f0 [ 13.846847] ret_from_fork+0x116/0x1d0 [ 13.847311] ret_from_fork_asm+0x1a/0x30 [ 13.847541] [ 13.847628] The buggy address belongs to the object at ffff8881039bd780 [ 13.847628] which belongs to the cache kmalloc-64 of size 64 [ 13.848240] The buggy address is located 0 bytes to the right of [ 13.848240] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.848710] [ 13.848810] The buggy address belongs to the physical page: [ 13.849071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.849450] flags: 0x200000000000000(node=0|zone=2) [ 13.849686] page_type: f5(slab) [ 13.849881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.850274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.850522] page dumped because: kasan: bad access detected [ 13.850777] [ 13.850874] Memory state around the buggy address: [ 13.851291] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.851645] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.851963] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.852326] ^ [ 13.852548] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.852859] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.853235] ================================================================== [ 14.223361] ================================================================== [ 14.224126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.224448] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.224674] [ 14.224799] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.224847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.224860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.224883] Call Trace: [ 14.224899] <TASK> [ 14.224915] dump_stack_lvl+0x73/0xb0 [ 14.224942] print_report+0xd1/0x650 [ 14.224965] ? __virt_addr_valid+0x1db/0x2d0 [ 14.224988] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.225011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.225034] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.225228] kasan_report+0x141/0x180 [ 14.225260] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.225289] kasan_check_range+0x10c/0x1c0 [ 14.225314] __kasan_check_read+0x15/0x20 [ 14.225336] kasan_atomics_helper+0x13b5/0x5450 [ 14.225360] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.225399] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.225420] ? ret_from_fork_asm+0x1a/0x30 [ 14.225442] ? kasan_atomics+0x152/0x310 [ 14.225466] kasan_atomics+0x1dc/0x310 [ 14.225486] ? __pfx_kasan_atomics+0x10/0x10 [ 14.225508] ? __pfx_read_tsc+0x10/0x10 [ 14.225529] ? ktime_get_ts64+0x86/0x230 [ 14.225555] kunit_try_run_case+0x1a5/0x480 [ 14.225577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.225622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.225649] ? __kthread_parkme+0x82/0x180 [ 14.225670] ? preempt_count_sub+0x50/0x80 [ 14.225694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.225765] kthread+0x337/0x6f0 [ 14.225785] ? trace_preempt_on+0x20/0xc0 [ 14.225808] ? __pfx_kthread+0x10/0x10 [ 14.225829] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.225853] ? calculate_sigpending+0x7b/0xa0 [ 14.225877] ? __pfx_kthread+0x10/0x10 [ 14.225899] ret_from_fork+0x116/0x1d0 [ 14.225918] ? __pfx_kthread+0x10/0x10 [ 14.225939] ret_from_fork_asm+0x1a/0x30 [ 14.225969] </TASK> [ 14.225981] [ 14.239574] Allocated by task 283: [ 14.239807] kasan_save_stack+0x45/0x70 [ 14.240026] kasan_save_track+0x18/0x40 [ 14.240230] kasan_save_alloc_info+0x3b/0x50 [ 14.240392] __kasan_kmalloc+0xb7/0xc0 [ 14.240528] __kmalloc_cache_noprof+0x189/0x420 [ 14.240734] kasan_atomics+0x95/0x310 [ 14.240917] kunit_try_run_case+0x1a5/0x480 [ 14.241403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.241648] kthread+0x337/0x6f0 [ 14.241830] ret_from_fork+0x116/0x1d0 [ 14.242000] ret_from_fork_asm+0x1a/0x30 [ 14.242146] [ 14.242218] The buggy address belongs to the object at ffff8881039bd780 [ 14.242218] which belongs to the cache kmalloc-64 of size 64 [ 14.242933] The buggy address is located 0 bytes to the right of [ 14.242933] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.243439] [ 14.243557] The buggy address belongs to the physical page: [ 14.243816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.244143] flags: 0x200000000000000(node=0|zone=2) [ 14.244371] page_type: f5(slab) [ 14.244533] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.244872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.245187] page dumped because: kasan: bad access detected [ 14.245371] [ 14.245453] Memory state around the buggy address: [ 14.245688] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.246041] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.246302] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.246625] ^ [ 14.246834] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.247243] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.247560] ================================================================== [ 14.273556] ================================================================== [ 14.273905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.274334] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.274602] [ 14.274689] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.274733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.274746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.274767] Call Trace: [ 14.274784] <TASK> [ 14.274801] dump_stack_lvl+0x73/0xb0 [ 14.274828] print_report+0xd1/0x650 [ 14.274852] ? __virt_addr_valid+0x1db/0x2d0 [ 14.274874] ? kasan_atomics_helper+0x1467/0x5450 [ 14.274897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.274920] ? kasan_atomics_helper+0x1467/0x5450 [ 14.274943] kasan_report+0x141/0x180 [ 14.274967] ? kasan_atomics_helper+0x1467/0x5450 [ 14.274996] kasan_check_range+0x10c/0x1c0 [ 14.275022] __kasan_check_write+0x18/0x20 [ 14.275042] kasan_atomics_helper+0x1467/0x5450 [ 14.275066] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.275089] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.275110] ? ret_from_fork_asm+0x1a/0x30 [ 14.275131] ? kasan_atomics+0x152/0x310 [ 14.275157] kasan_atomics+0x1dc/0x310 [ 14.275176] ? __pfx_kasan_atomics+0x10/0x10 [ 14.275198] ? __pfx_read_tsc+0x10/0x10 [ 14.275219] ? ktime_get_ts64+0x86/0x230 [ 14.275245] kunit_try_run_case+0x1a5/0x480 [ 14.275267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.275313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275340] ? __kthread_parkme+0x82/0x180 [ 14.275360] ? preempt_count_sub+0x50/0x80 [ 14.275393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275464] kthread+0x337/0x6f0 [ 14.275484] ? trace_preempt_on+0x20/0xc0 [ 14.275509] ? __pfx_kthread+0x10/0x10 [ 14.275530] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.275554] ? calculate_sigpending+0x7b/0xa0 [ 14.275579] ? __pfx_kthread+0x10/0x10 [ 14.275601] ret_from_fork+0x116/0x1d0 [ 14.275620] ? __pfx_kthread+0x10/0x10 [ 14.275641] ret_from_fork_asm+0x1a/0x30 [ 14.275673] </TASK> [ 14.275683] [ 14.288285] Allocated by task 283: [ 14.289019] kasan_save_stack+0x45/0x70 [ 14.289186] kasan_save_track+0x18/0x40 [ 14.289330] kasan_save_alloc_info+0x3b/0x50 [ 14.289495] __kasan_kmalloc+0xb7/0xc0 [ 14.289632] __kmalloc_cache_noprof+0x189/0x420 [ 14.290220] kasan_atomics+0x95/0x310 [ 14.290369] kunit_try_run_case+0x1a5/0x480 [ 14.290650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.290946] kthread+0x337/0x6f0 [ 14.291146] ret_from_fork+0x116/0x1d0 [ 14.291423] ret_from_fork_asm+0x1a/0x30 [ 14.291626] [ 14.291746] The buggy address belongs to the object at ffff8881039bd780 [ 14.291746] which belongs to the cache kmalloc-64 of size 64 [ 14.293070] The buggy address is located 0 bytes to the right of [ 14.293070] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.294033] [ 14.294156] The buggy address belongs to the physical page: [ 14.294501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.295105] flags: 0x200000000000000(node=0|zone=2) [ 14.295279] page_type: f5(slab) [ 14.295617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.296427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.296668] page dumped because: kasan: bad access detected [ 14.297386] [ 14.297649] Memory state around the buggy address: [ 14.298265] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.298884] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.299528] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.300240] ^ [ 14.300754] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.301270] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.301505] ================================================================== [ 14.587853] ================================================================== [ 14.588464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.588838] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.589321] [ 14.589641] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.589691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.589705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.589728] Call Trace: [ 14.589762] <TASK> [ 14.589778] dump_stack_lvl+0x73/0xb0 [ 14.589807] print_report+0xd1/0x650 [ 14.589833] ? __virt_addr_valid+0x1db/0x2d0 [ 14.589856] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.589880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.589904] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.589927] kasan_report+0x141/0x180 [ 14.589951] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.589978] kasan_check_range+0x10c/0x1c0 [ 14.590003] __kasan_check_write+0x18/0x20 [ 14.590023] kasan_atomics_helper+0x1c18/0x5450 [ 14.590053] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.590077] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.590098] ? ret_from_fork_asm+0x1a/0x30 [ 14.590120] ? kasan_atomics+0x152/0x310 [ 14.590144] kasan_atomics+0x1dc/0x310 [ 14.590164] ? __pfx_kasan_atomics+0x10/0x10 [ 14.590185] ? __pfx_read_tsc+0x10/0x10 [ 14.590206] ? ktime_get_ts64+0x86/0x230 [ 14.590231] kunit_try_run_case+0x1a5/0x480 [ 14.590255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.590302] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.590328] ? __kthread_parkme+0x82/0x180 [ 14.590349] ? preempt_count_sub+0x50/0x80 [ 14.590373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.590459] kthread+0x337/0x6f0 [ 14.590479] ? trace_preempt_on+0x20/0xc0 [ 14.590502] ? __pfx_kthread+0x10/0x10 [ 14.590523] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.590547] ? calculate_sigpending+0x7b/0xa0 [ 14.590571] ? __pfx_kthread+0x10/0x10 [ 14.590593] ret_from_fork+0x116/0x1d0 [ 14.590612] ? __pfx_kthread+0x10/0x10 [ 14.590635] ret_from_fork_asm+0x1a/0x30 [ 14.590666] </TASK> [ 14.590678] [ 14.599977] Allocated by task 283: [ 14.600158] kasan_save_stack+0x45/0x70 [ 14.600358] kasan_save_track+0x18/0x40 [ 14.600556] kasan_save_alloc_info+0x3b/0x50 [ 14.600788] __kasan_kmalloc+0xb7/0xc0 [ 14.600968] __kmalloc_cache_noprof+0x189/0x420 [ 14.601176] kasan_atomics+0x95/0x310 [ 14.601352] kunit_try_run_case+0x1a5/0x480 [ 14.601558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.601883] kthread+0x337/0x6f0 [ 14.602044] ret_from_fork+0x116/0x1d0 [ 14.602221] ret_from_fork_asm+0x1a/0x30 [ 14.602907] [ 14.603146] The buggy address belongs to the object at ffff8881039bd780 [ 14.603146] which belongs to the cache kmalloc-64 of size 64 [ 14.604090] The buggy address is located 0 bytes to the right of [ 14.604090] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.604884] [ 14.605111] The buggy address belongs to the physical page: [ 14.605535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.606241] flags: 0x200000000000000(node=0|zone=2) [ 14.606660] page_type: f5(slab) [ 14.606963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.607597] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.608063] page dumped because: kasan: bad access detected [ 14.608309] [ 14.608421] Memory state around the buggy address: [ 14.608631] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.609332] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.610032] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.610535] ^ [ 14.610986] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.611493] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.611953] ================================================================== [ 13.814782] ================================================================== [ 13.815106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 13.815369] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.815923] [ 13.816113] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.816162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.816175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.816198] Call Trace: [ 13.816213] <TASK> [ 13.816227] dump_stack_lvl+0x73/0xb0 [ 13.816255] print_report+0xd1/0x650 [ 13.816279] ? __virt_addr_valid+0x1db/0x2d0 [ 13.816302] ? kasan_atomics_helper+0xc70/0x5450 [ 13.816324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.816347] ? kasan_atomics_helper+0xc70/0x5450 [ 13.816369] kasan_report+0x141/0x180 [ 13.816405] ? kasan_atomics_helper+0xc70/0x5450 [ 13.816433] kasan_check_range+0x10c/0x1c0 [ 13.816458] __kasan_check_write+0x18/0x20 [ 13.816478] kasan_atomics_helper+0xc70/0x5450 [ 13.816503] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.816526] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.816547] ? ret_from_fork_asm+0x1a/0x30 [ 13.816569] ? kasan_atomics+0x152/0x310 [ 13.816593] kasan_atomics+0x1dc/0x310 [ 13.816614] ? __pfx_kasan_atomics+0x10/0x10 [ 13.816635] ? __pfx_read_tsc+0x10/0x10 [ 13.816657] ? ktime_get_ts64+0x86/0x230 [ 13.816683] kunit_try_run_case+0x1a5/0x480 [ 13.816705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.816725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.816771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.816796] ? __kthread_parkme+0x82/0x180 [ 13.816818] ? preempt_count_sub+0x50/0x80 [ 13.816843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.816865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.816890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.816915] kthread+0x337/0x6f0 [ 13.816935] ? trace_preempt_on+0x20/0xc0 [ 13.816959] ? __pfx_kthread+0x10/0x10 [ 13.816981] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.817094] ? calculate_sigpending+0x7b/0xa0 [ 13.817119] ? __pfx_kthread+0x10/0x10 [ 13.817142] ret_from_fork+0x116/0x1d0 [ 13.817162] ? __pfx_kthread+0x10/0x10 [ 13.817184] ret_from_fork_asm+0x1a/0x30 [ 13.817215] </TASK> [ 13.817226] [ 13.825519] Allocated by task 283: [ 13.825685] kasan_save_stack+0x45/0x70 [ 13.825860] kasan_save_track+0x18/0x40 [ 13.826050] kasan_save_alloc_info+0x3b/0x50 [ 13.826249] __kasan_kmalloc+0xb7/0xc0 [ 13.826542] __kmalloc_cache_noprof+0x189/0x420 [ 13.826774] kasan_atomics+0x95/0x310 [ 13.826944] kunit_try_run_case+0x1a5/0x480 [ 13.827262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.827499] kthread+0x337/0x6f0 [ 13.827672] ret_from_fork+0x116/0x1d0 [ 13.827882] ret_from_fork_asm+0x1a/0x30 [ 13.828184] [ 13.828285] The buggy address belongs to the object at ffff8881039bd780 [ 13.828285] which belongs to the cache kmalloc-64 of size 64 [ 13.828730] The buggy address is located 0 bytes to the right of [ 13.828730] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.829305] [ 13.829421] The buggy address belongs to the physical page: [ 13.829684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.830167] flags: 0x200000000000000(node=0|zone=2) [ 13.830385] page_type: f5(slab) [ 13.830536] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.830876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.831325] page dumped because: kasan: bad access detected [ 13.831521] [ 13.831594] Memory state around the buggy address: [ 13.831846] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.832270] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.832614] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.832887] ^ [ 13.833182] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.833525] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.833828] ================================================================== [ 13.618060] ================================================================== [ 13.618440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.618791] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.619155] [ 13.619242] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.619285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.619297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.619320] Call Trace: [ 13.619335] <TASK> [ 13.619349] dump_stack_lvl+0x73/0xb0 [ 13.619387] print_report+0xd1/0x650 [ 13.619411] ? __virt_addr_valid+0x1db/0x2d0 [ 13.619434] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.619458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.619482] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.619505] kasan_report+0x141/0x180 [ 13.619529] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.619556] kasan_check_range+0x10c/0x1c0 [ 13.619581] __kasan_check_write+0x18/0x20 [ 13.619601] kasan_atomics_helper+0x5fe/0x5450 [ 13.619625] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.619649] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.619669] ? ret_from_fork_asm+0x1a/0x30 [ 13.619691] ? kasan_atomics+0x152/0x310 [ 13.619715] kasan_atomics+0x1dc/0x310 [ 13.619735] ? __pfx_kasan_atomics+0x10/0x10 [ 13.619757] ? __pfx_read_tsc+0x10/0x10 [ 13.619778] ? ktime_get_ts64+0x86/0x230 [ 13.619803] kunit_try_run_case+0x1a5/0x480 [ 13.619825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.619845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.619871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.619896] ? __kthread_parkme+0x82/0x180 [ 13.619918] ? preempt_count_sub+0x50/0x80 [ 13.619943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.619965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.619990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.620016] kthread+0x337/0x6f0 [ 13.620036] ? trace_preempt_on+0x20/0xc0 [ 13.620060] ? __pfx_kthread+0x10/0x10 [ 13.620082] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.620117] ? calculate_sigpending+0x7b/0xa0 [ 13.620142] ? __pfx_kthread+0x10/0x10 [ 13.620164] ret_from_fork+0x116/0x1d0 [ 13.620184] ? __pfx_kthread+0x10/0x10 [ 13.620205] ret_from_fork_asm+0x1a/0x30 [ 13.620237] </TASK> [ 13.620249] [ 13.628659] Allocated by task 283: [ 13.628799] kasan_save_stack+0x45/0x70 [ 13.628947] kasan_save_track+0x18/0x40 [ 13.629213] kasan_save_alloc_info+0x3b/0x50 [ 13.629617] __kasan_kmalloc+0xb7/0xc0 [ 13.629866] __kmalloc_cache_noprof+0x189/0x420 [ 13.630022] kasan_atomics+0x95/0x310 [ 13.630159] kunit_try_run_case+0x1a5/0x480 [ 13.630305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.630567] kthread+0x337/0x6f0 [ 13.630732] ret_from_fork+0x116/0x1d0 [ 13.630923] ret_from_fork_asm+0x1a/0x30 [ 13.631126] [ 13.631243] The buggy address belongs to the object at ffff8881039bd780 [ 13.631243] which belongs to the cache kmalloc-64 of size 64 [ 13.631984] The buggy address is located 0 bytes to the right of [ 13.631984] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.632553] [ 13.632633] The buggy address belongs to the physical page: [ 13.632836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.633258] flags: 0x200000000000000(node=0|zone=2) [ 13.633486] page_type: f5(slab) [ 13.633609] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.633849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.634360] page dumped because: kasan: bad access detected [ 13.634627] [ 13.634724] Memory state around the buggy address: [ 13.635265] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.635560] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.635880] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.636247] ^ [ 13.636485] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.636837] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.637131] ================================================================== [ 13.460372] ================================================================== [ 13.460763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.461296] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.461655] [ 13.461776] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.461822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.461834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.461856] Call Trace: [ 13.461867] <TASK> [ 13.461883] dump_stack_lvl+0x73/0xb0 [ 13.461909] print_report+0xd1/0x650 [ 13.461932] ? __virt_addr_valid+0x1db/0x2d0 [ 13.461954] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.461975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.461998] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.462043] kasan_report+0x141/0x180 [ 13.462065] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.462092] __asan_report_store4_noabort+0x1b/0x30 [ 13.462113] kasan_atomics_helper+0x4ba2/0x5450 [ 13.462136] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.462159] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.462180] ? ret_from_fork_asm+0x1a/0x30 [ 13.462202] ? kasan_atomics+0x152/0x310 [ 13.462225] kasan_atomics+0x1dc/0x310 [ 13.462244] ? __pfx_kasan_atomics+0x10/0x10 [ 13.462265] ? __pfx_read_tsc+0x10/0x10 [ 13.462285] ? ktime_get_ts64+0x86/0x230 [ 13.462310] kunit_try_run_case+0x1a5/0x480 [ 13.462331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.462350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.462384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.462409] ? __kthread_parkme+0x82/0x180 [ 13.462430] ? preempt_count_sub+0x50/0x80 [ 13.462453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.462474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.462498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.462523] kthread+0x337/0x6f0 [ 13.462542] ? trace_preempt_on+0x20/0xc0 [ 13.462565] ? __pfx_kthread+0x10/0x10 [ 13.462586] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.462608] ? calculate_sigpending+0x7b/0xa0 [ 13.462632] ? __pfx_kthread+0x10/0x10 [ 13.462653] ret_from_fork+0x116/0x1d0 [ 13.462672] ? __pfx_kthread+0x10/0x10 [ 13.462693] ret_from_fork_asm+0x1a/0x30 [ 13.462722] </TASK> [ 13.462732] [ 13.470262] Allocated by task 283: [ 13.470404] kasan_save_stack+0x45/0x70 [ 13.470548] kasan_save_track+0x18/0x40 [ 13.470873] kasan_save_alloc_info+0x3b/0x50 [ 13.471211] __kasan_kmalloc+0xb7/0xc0 [ 13.471411] __kmalloc_cache_noprof+0x189/0x420 [ 13.471626] kasan_atomics+0x95/0x310 [ 13.471967] kunit_try_run_case+0x1a5/0x480 [ 13.472211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.472414] kthread+0x337/0x6f0 [ 13.472588] ret_from_fork+0x116/0x1d0 [ 13.472827] ret_from_fork_asm+0x1a/0x30 [ 13.473071] [ 13.473156] The buggy address belongs to the object at ffff8881039bd780 [ 13.473156] which belongs to the cache kmalloc-64 of size 64 [ 13.473598] The buggy address is located 0 bytes to the right of [ 13.473598] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.473966] [ 13.474066] The buggy address belongs to the physical page: [ 13.474318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.474794] flags: 0x200000000000000(node=0|zone=2) [ 13.475211] page_type: f5(slab) [ 13.475349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.475596] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.476013] page dumped because: kasan: bad access detected [ 13.476273] [ 13.476368] Memory state around the buggy address: [ 13.476780] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.477090] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.477461] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.477693] ^ [ 13.477923] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.478301] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.478583] ================================================================== [ 14.165223] ================================================================== [ 14.165781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.166084] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.166735] [ 14.166911] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.166958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.166972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.166994] Call Trace: [ 14.167007] <TASK> [ 14.167038] dump_stack_lvl+0x73/0xb0 [ 14.167065] print_report+0xd1/0x650 [ 14.167089] ? __virt_addr_valid+0x1db/0x2d0 [ 14.167111] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.167134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.167157] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.167180] kasan_report+0x141/0x180 [ 14.167203] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.167230] kasan_check_range+0x10c/0x1c0 [ 14.167255] __kasan_check_write+0x18/0x20 [ 14.167275] kasan_atomics_helper+0x12e6/0x5450 [ 14.167299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.167322] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.167343] ? ret_from_fork_asm+0x1a/0x30 [ 14.167365] ? kasan_atomics+0x152/0x310 [ 14.167398] kasan_atomics+0x1dc/0x310 [ 14.167418] ? __pfx_kasan_atomics+0x10/0x10 [ 14.167441] ? __pfx_read_tsc+0x10/0x10 [ 14.167462] ? ktime_get_ts64+0x86/0x230 [ 14.167488] kunit_try_run_case+0x1a5/0x480 [ 14.167510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.167555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.167581] ? __kthread_parkme+0x82/0x180 [ 14.167602] ? preempt_count_sub+0x50/0x80 [ 14.167627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.167648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.167673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.167699] kthread+0x337/0x6f0 [ 14.167735] ? trace_preempt_on+0x20/0xc0 [ 14.167760] ? __pfx_kthread+0x10/0x10 [ 14.167783] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.167807] ? calculate_sigpending+0x7b/0xa0 [ 14.167830] ? __pfx_kthread+0x10/0x10 [ 14.167852] ret_from_fork+0x116/0x1d0 [ 14.167872] ? __pfx_kthread+0x10/0x10 [ 14.167893] ret_from_fork_asm+0x1a/0x30 [ 14.167924] </TASK> [ 14.167936] [ 14.181904] Allocated by task 283: [ 14.182396] kasan_save_stack+0x45/0x70 [ 14.182706] kasan_save_track+0x18/0x40 [ 14.182923] kasan_save_alloc_info+0x3b/0x50 [ 14.183330] __kasan_kmalloc+0xb7/0xc0 [ 14.183535] __kmalloc_cache_noprof+0x189/0x420 [ 14.183923] kasan_atomics+0x95/0x310 [ 14.184550] kunit_try_run_case+0x1a5/0x480 [ 14.184934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.185352] kthread+0x337/0x6f0 [ 14.185530] ret_from_fork+0x116/0x1d0 [ 14.185705] ret_from_fork_asm+0x1a/0x30 [ 14.186242] [ 14.186495] The buggy address belongs to the object at ffff8881039bd780 [ 14.186495] which belongs to the cache kmalloc-64 of size 64 [ 14.187353] The buggy address is located 0 bytes to the right of [ 14.187353] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.187864] [ 14.188282] The buggy address belongs to the physical page: [ 14.188510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.188890] flags: 0x200000000000000(node=0|zone=2) [ 14.189229] page_type: f5(slab) [ 14.189413] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.189663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.190054] page dumped because: kasan: bad access detected [ 14.190254] [ 14.190356] Memory state around the buggy address: [ 14.190653] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.191165] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.191479] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.191743] ^ [ 14.191978] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192226] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192548] ================================================================== [ 14.539232] ================================================================== [ 14.539630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.540002] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.540356] [ 14.540509] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.540553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.540567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.540588] Call Trace: [ 14.540603] <TASK> [ 14.540651] dump_stack_lvl+0x73/0xb0 [ 14.540679] print_report+0xd1/0x650 [ 14.540703] ? __virt_addr_valid+0x1db/0x2d0 [ 14.540738] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.540761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.540816] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.540842] kasan_report+0x141/0x180 [ 14.540866] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.540893] kasan_check_range+0x10c/0x1c0 [ 14.540918] __kasan_check_write+0x18/0x20 [ 14.540938] kasan_atomics_helper+0x1a7f/0x5450 [ 14.540992] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.541016] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.541037] ? ret_from_fork_asm+0x1a/0x30 [ 14.541059] ? kasan_atomics+0x152/0x310 [ 14.541084] kasan_atomics+0x1dc/0x310 [ 14.541134] ? __pfx_kasan_atomics+0x10/0x10 [ 14.541156] ? __pfx_read_tsc+0x10/0x10 [ 14.541177] ? ktime_get_ts64+0x86/0x230 [ 14.541203] kunit_try_run_case+0x1a5/0x480 [ 14.541225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.541301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.541326] ? __kthread_parkme+0x82/0x180 [ 14.541348] ? preempt_count_sub+0x50/0x80 [ 14.541413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.541461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.541485] kthread+0x337/0x6f0 [ 14.541505] ? trace_preempt_on+0x20/0xc0 [ 14.541559] ? __pfx_kthread+0x10/0x10 [ 14.541580] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.541604] ? calculate_sigpending+0x7b/0xa0 [ 14.541629] ? __pfx_kthread+0x10/0x10 [ 14.541679] ret_from_fork+0x116/0x1d0 [ 14.541699] ? __pfx_kthread+0x10/0x10 [ 14.541729] ret_from_fork_asm+0x1a/0x30 [ 14.541760] </TASK> [ 14.541800] [ 14.549814] Allocated by task 283: [ 14.550018] kasan_save_stack+0x45/0x70 [ 14.550223] kasan_save_track+0x18/0x40 [ 14.550451] kasan_save_alloc_info+0x3b/0x50 [ 14.550687] __kasan_kmalloc+0xb7/0xc0 [ 14.550872] __kmalloc_cache_noprof+0x189/0x420 [ 14.551028] kasan_atomics+0x95/0x310 [ 14.551169] kunit_try_run_case+0x1a5/0x480 [ 14.551424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.551721] kthread+0x337/0x6f0 [ 14.551981] ret_from_fork+0x116/0x1d0 [ 14.552194] ret_from_fork_asm+0x1a/0x30 [ 14.552405] [ 14.552538] The buggy address belongs to the object at ffff8881039bd780 [ 14.552538] which belongs to the cache kmalloc-64 of size 64 [ 14.553115] The buggy address is located 0 bytes to the right of [ 14.553115] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.553646] [ 14.554755] The buggy address belongs to the physical page: [ 14.555575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.555836] flags: 0x200000000000000(node=0|zone=2) [ 14.556008] page_type: f5(slab) [ 14.556133] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.557002] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.557676] page dumped because: kasan: bad access detected [ 14.558077] [ 14.558350] Memory state around the buggy address: [ 14.558793] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559243] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559546] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.560126] ^ [ 14.560598] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.561246] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.561845] ================================================================== [ 13.499089] ================================================================== [ 13.499411] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.499670] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.499916] [ 13.500041] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.500085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.500098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.500120] Call Trace: [ 13.500133] <TASK> [ 13.500148] dump_stack_lvl+0x73/0xb0 [ 13.500174] print_report+0xd1/0x650 [ 13.500197] ? __virt_addr_valid+0x1db/0x2d0 [ 13.500220] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.500242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.500266] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.500289] kasan_report+0x141/0x180 [ 13.500311] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.500339] __asan_report_store4_noabort+0x1b/0x30 [ 13.500361] kasan_atomics_helper+0x4b6e/0x5450 [ 13.500582] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.500614] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.500636] ? ret_from_fork_asm+0x1a/0x30 [ 13.500659] ? kasan_atomics+0x152/0x310 [ 13.500684] kasan_atomics+0x1dc/0x310 [ 13.500705] ? __pfx_kasan_atomics+0x10/0x10 [ 13.500726] ? __pfx_read_tsc+0x10/0x10 [ 13.500749] ? ktime_get_ts64+0x86/0x230 [ 13.500774] kunit_try_run_case+0x1a5/0x480 [ 13.500797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.500817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.500843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.500869] ? __kthread_parkme+0x82/0x180 [ 13.500890] ? preempt_count_sub+0x50/0x80 [ 13.500914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.500936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.500962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.500987] kthread+0x337/0x6f0 [ 13.501008] ? trace_preempt_on+0x20/0xc0 [ 13.501033] ? __pfx_kthread+0x10/0x10 [ 13.501397] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.501427] ? calculate_sigpending+0x7b/0xa0 [ 13.501451] ? __pfx_kthread+0x10/0x10 [ 13.501474] ret_from_fork+0x116/0x1d0 [ 13.501496] ? __pfx_kthread+0x10/0x10 [ 13.501518] ret_from_fork_asm+0x1a/0x30 [ 13.501549] </TASK> [ 13.501561] [ 13.510163] Allocated by task 283: [ 13.510363] kasan_save_stack+0x45/0x70 [ 13.510704] kasan_save_track+0x18/0x40 [ 13.510911] kasan_save_alloc_info+0x3b/0x50 [ 13.511246] __kasan_kmalloc+0xb7/0xc0 [ 13.511437] __kmalloc_cache_noprof+0x189/0x420 [ 13.511601] kasan_atomics+0x95/0x310 [ 13.511734] kunit_try_run_case+0x1a5/0x480 [ 13.511925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.512185] kthread+0x337/0x6f0 [ 13.512433] ret_from_fork+0x116/0x1d0 [ 13.512835] ret_from_fork_asm+0x1a/0x30 [ 13.513020] [ 13.513156] The buggy address belongs to the object at ffff8881039bd780 [ 13.513156] which belongs to the cache kmalloc-64 of size 64 [ 13.513673] The buggy address is located 0 bytes to the right of [ 13.513673] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.514107] [ 13.514349] The buggy address belongs to the physical page: [ 13.514577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.514820] flags: 0x200000000000000(node=0|zone=2) [ 13.514984] page_type: f5(slab) [ 13.515122] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.515473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.515816] page dumped because: kasan: bad access detected [ 13.516508] [ 13.516602] Memory state around the buggy address: [ 13.516896] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.517242] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.517485] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.517757] ^ [ 13.518003] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.518478] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.518893] ================================================================== [ 14.111831] ================================================================== [ 14.112269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.112536] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.112888] [ 14.112992] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.113080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.113094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.113115] Call Trace: [ 14.113132] <TASK> [ 14.113147] dump_stack_lvl+0x73/0xb0 [ 14.113174] print_report+0xd1/0x650 [ 14.113198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.113221] ? kasan_atomics_helper+0x1217/0x5450 [ 14.113244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.113267] ? kasan_atomics_helper+0x1217/0x5450 [ 14.113290] kasan_report+0x141/0x180 [ 14.113313] ? kasan_atomics_helper+0x1217/0x5450 [ 14.113341] kasan_check_range+0x10c/0x1c0 [ 14.113366] __kasan_check_write+0x18/0x20 [ 14.113398] kasan_atomics_helper+0x1217/0x5450 [ 14.113422] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.113445] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.113466] ? ret_from_fork_asm+0x1a/0x30 [ 14.113488] ? kasan_atomics+0x152/0x310 [ 14.113512] kasan_atomics+0x1dc/0x310 [ 14.113532] ? __pfx_kasan_atomics+0x10/0x10 [ 14.113553] ? __pfx_read_tsc+0x10/0x10 [ 14.113575] ? ktime_get_ts64+0x86/0x230 [ 14.113601] kunit_try_run_case+0x1a5/0x480 [ 14.113623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.113668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.113694] ? __kthread_parkme+0x82/0x180 [ 14.113726] ? preempt_count_sub+0x50/0x80 [ 14.113750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.113772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.113796] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.113822] kthread+0x337/0x6f0 [ 14.113842] ? trace_preempt_on+0x20/0xc0 [ 14.113867] ? __pfx_kthread+0x10/0x10 [ 14.113889] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.113913] ? calculate_sigpending+0x7b/0xa0 [ 14.113938] ? __pfx_kthread+0x10/0x10 [ 14.113962] ret_from_fork+0x116/0x1d0 [ 14.113981] ? __pfx_kthread+0x10/0x10 [ 14.114191] ret_from_fork_asm+0x1a/0x30 [ 14.114232] </TASK> [ 14.114246] [ 14.122753] Allocated by task 283: [ 14.122941] kasan_save_stack+0x45/0x70 [ 14.123228] kasan_save_track+0x18/0x40 [ 14.123443] kasan_save_alloc_info+0x3b/0x50 [ 14.123656] __kasan_kmalloc+0xb7/0xc0 [ 14.123969] __kmalloc_cache_noprof+0x189/0x420 [ 14.124297] kasan_atomics+0x95/0x310 [ 14.124447] kunit_try_run_case+0x1a5/0x480 [ 14.124657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.124920] kthread+0x337/0x6f0 [ 14.125165] ret_from_fork+0x116/0x1d0 [ 14.125365] ret_from_fork_asm+0x1a/0x30 [ 14.127365] [ 14.127478] The buggy address belongs to the object at ffff8881039bd780 [ 14.127478] which belongs to the cache kmalloc-64 of size 64 [ 14.129153] The buggy address is located 0 bytes to the right of [ 14.129153] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.130589] [ 14.131334] The buggy address belongs to the physical page: [ 14.132002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.132583] flags: 0x200000000000000(node=0|zone=2) [ 14.132955] page_type: f5(slab) [ 14.133317] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.133678] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.134143] page dumped because: kasan: bad access detected [ 14.134724] [ 14.134816] Memory state around the buggy address: [ 14.135033] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.135458] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.135858] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.136200] ^ [ 14.136839] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.137124] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.137614] ================================================================== [ 14.332822] ================================================================== [ 14.333473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.333715] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.333945] [ 14.334038] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.334084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.334097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.334119] Call Trace: [ 14.334133] <TASK> [ 14.334148] dump_stack_lvl+0x73/0xb0 [ 14.334174] print_report+0xd1/0x650 [ 14.334198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.334220] ? kasan_atomics_helper+0x151d/0x5450 [ 14.334242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.334265] ? kasan_atomics_helper+0x151d/0x5450 [ 14.334288] kasan_report+0x141/0x180 [ 14.334310] ? kasan_atomics_helper+0x151d/0x5450 [ 14.334338] kasan_check_range+0x10c/0x1c0 [ 14.334362] __kasan_check_write+0x18/0x20 [ 14.334393] kasan_atomics_helper+0x151d/0x5450 [ 14.334416] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.334438] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.334459] ? ret_from_fork_asm+0x1a/0x30 [ 14.334480] ? kasan_atomics+0x152/0x310 [ 14.334503] kasan_atomics+0x1dc/0x310 [ 14.334522] ? __pfx_kasan_atomics+0x10/0x10 [ 14.334544] ? __pfx_read_tsc+0x10/0x10 [ 14.334565] ? ktime_get_ts64+0x86/0x230 [ 14.334590] kunit_try_run_case+0x1a5/0x480 [ 14.334612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.334656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.334681] ? __kthread_parkme+0x82/0x180 [ 14.334701] ? preempt_count_sub+0x50/0x80 [ 14.334725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.334771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.334797] kthread+0x337/0x6f0 [ 14.334816] ? trace_preempt_on+0x20/0xc0 [ 14.334840] ? __pfx_kthread+0x10/0x10 [ 14.334861] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.334885] ? calculate_sigpending+0x7b/0xa0 [ 14.334909] ? __pfx_kthread+0x10/0x10 [ 14.334931] ret_from_fork+0x116/0x1d0 [ 14.335071] ? __pfx_kthread+0x10/0x10 [ 14.335094] ret_from_fork_asm+0x1a/0x30 [ 14.335126] </TASK> [ 14.335138] [ 14.346862] Allocated by task 283: [ 14.347003] kasan_save_stack+0x45/0x70 [ 14.347602] kasan_save_track+0x18/0x40 [ 14.347763] kasan_save_alloc_info+0x3b/0x50 [ 14.347997] __kasan_kmalloc+0xb7/0xc0 [ 14.348237] __kmalloc_cache_noprof+0x189/0x420 [ 14.348613] kasan_atomics+0x95/0x310 [ 14.349018] kunit_try_run_case+0x1a5/0x480 [ 14.349281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.349630] kthread+0x337/0x6f0 [ 14.349774] ret_from_fork+0x116/0x1d0 [ 14.350119] ret_from_fork_asm+0x1a/0x30 [ 14.350290] [ 14.350421] The buggy address belongs to the object at ffff8881039bd780 [ 14.350421] which belongs to the cache kmalloc-64 of size 64 [ 14.351413] The buggy address is located 0 bytes to the right of [ 14.351413] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.352152] [ 14.352277] The buggy address belongs to the physical page: [ 14.352639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.353232] flags: 0x200000000000000(node=0|zone=2) [ 14.353733] page_type: f5(slab) [ 14.354154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.354528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.354971] page dumped because: kasan: bad access detected [ 14.355369] [ 14.355561] Memory state around the buggy address: [ 14.355976] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.356514] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.356828] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.357345] ^ [ 14.357566] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358103] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358406] ================================================================== [ 14.674636] ================================================================== [ 14.675185] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.675543] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.675887] [ 14.676039] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.676084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.676097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.676119] Call Trace: [ 14.676133] <TASK> [ 14.676148] dump_stack_lvl+0x73/0xb0 [ 14.676174] print_report+0xd1/0x650 [ 14.676198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.676221] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.676243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.676267] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.676289] kasan_report+0x141/0x180 [ 14.676312] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.676340] kasan_check_range+0x10c/0x1c0 [ 14.676365] __kasan_check_write+0x18/0x20 [ 14.676397] kasan_atomics_helper+0x1e12/0x5450 [ 14.676421] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.676445] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.676466] ? ret_from_fork_asm+0x1a/0x30 [ 14.676488] ? kasan_atomics+0x152/0x310 [ 14.676512] kasan_atomics+0x1dc/0x310 [ 14.676532] ? __pfx_kasan_atomics+0x10/0x10 [ 14.676553] ? __pfx_read_tsc+0x10/0x10 [ 14.676574] ? ktime_get_ts64+0x86/0x230 [ 14.676599] kunit_try_run_case+0x1a5/0x480 [ 14.676621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.676666] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.676691] ? __kthread_parkme+0x82/0x180 [ 14.676712] ? preempt_count_sub+0x50/0x80 [ 14.676745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.676792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.676818] kthread+0x337/0x6f0 [ 14.676839] ? trace_preempt_on+0x20/0xc0 [ 14.676864] ? __pfx_kthread+0x10/0x10 [ 14.676886] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.676911] ? calculate_sigpending+0x7b/0xa0 [ 14.676935] ? __pfx_kthread+0x10/0x10 [ 14.676958] ret_from_fork+0x116/0x1d0 [ 14.676978] ? __pfx_kthread+0x10/0x10 [ 14.676999] ret_from_fork_asm+0x1a/0x30 [ 14.677030] </TASK> [ 14.677042] [ 14.684811] Allocated by task 283: [ 14.684978] kasan_save_stack+0x45/0x70 [ 14.685152] kasan_save_track+0x18/0x40 [ 14.685345] kasan_save_alloc_info+0x3b/0x50 [ 14.685535] __kasan_kmalloc+0xb7/0xc0 [ 14.685721] __kmalloc_cache_noprof+0x189/0x420 [ 14.685882] kasan_atomics+0x95/0x310 [ 14.686013] kunit_try_run_case+0x1a5/0x480 [ 14.686162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.686338] kthread+0x337/0x6f0 [ 14.686512] ret_from_fork+0x116/0x1d0 [ 14.686720] ret_from_fork_asm+0x1a/0x30 [ 14.686916] [ 14.687010] The buggy address belongs to the object at ffff8881039bd780 [ 14.687010] which belongs to the cache kmalloc-64 of size 64 [ 14.687546] The buggy address is located 0 bytes to the right of [ 14.687546] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.688068] [ 14.688142] The buggy address belongs to the physical page: [ 14.688328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.688694] flags: 0x200000000000000(node=0|zone=2) [ 14.688936] page_type: f5(slab) [ 14.689105] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.689449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.690077] page dumped because: kasan: bad access detected [ 14.690280] [ 14.690353] Memory state around the buggy address: [ 14.690524] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.691039] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.691527] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.692056] ^ [ 14.692272] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.692571] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.693609] ================================================================== [ 13.795297] ================================================================== [ 13.795671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 13.796060] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.796394] [ 13.796501] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.796547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.796560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.796583] Call Trace: [ 13.796599] <TASK> [ 13.796614] dump_stack_lvl+0x73/0xb0 [ 13.796641] print_report+0xd1/0x650 [ 13.796665] ? __virt_addr_valid+0x1db/0x2d0 [ 13.796688] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.796711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.796735] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.796779] kasan_report+0x141/0x180 [ 13.796802] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.796830] kasan_check_range+0x10c/0x1c0 [ 13.796855] __kasan_check_write+0x18/0x20 [ 13.796876] kasan_atomics_helper+0xb6a/0x5450 [ 13.796900] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.796924] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.796945] ? ret_from_fork_asm+0x1a/0x30 [ 13.796967] ? kasan_atomics+0x152/0x310 [ 13.797078] kasan_atomics+0x1dc/0x310 [ 13.797106] ? __pfx_kasan_atomics+0x10/0x10 [ 13.797128] ? __pfx_read_tsc+0x10/0x10 [ 13.797150] ? ktime_get_ts64+0x86/0x230 [ 13.797176] kunit_try_run_case+0x1a5/0x480 [ 13.797198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.797244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.797269] ? __kthread_parkme+0x82/0x180 [ 13.797290] ? preempt_count_sub+0x50/0x80 [ 13.797315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.797361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.797397] kthread+0x337/0x6f0 [ 13.797418] ? trace_preempt_on+0x20/0xc0 [ 13.797441] ? __pfx_kthread+0x10/0x10 [ 13.797463] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.797487] ? calculate_sigpending+0x7b/0xa0 [ 13.797511] ? __pfx_kthread+0x10/0x10 [ 13.797533] ret_from_fork+0x116/0x1d0 [ 13.797553] ? __pfx_kthread+0x10/0x10 [ 13.797575] ret_from_fork_asm+0x1a/0x30 [ 13.797605] </TASK> [ 13.797618] [ 13.805776] Allocated by task 283: [ 13.805967] kasan_save_stack+0x45/0x70 [ 13.806252] kasan_save_track+0x18/0x40 [ 13.806467] kasan_save_alloc_info+0x3b/0x50 [ 13.806659] __kasan_kmalloc+0xb7/0xc0 [ 13.806865] __kmalloc_cache_noprof+0x189/0x420 [ 13.807248] kasan_atomics+0x95/0x310 [ 13.807464] kunit_try_run_case+0x1a5/0x480 [ 13.807636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.807896] kthread+0x337/0x6f0 [ 13.808159] ret_from_fork+0x116/0x1d0 [ 13.808344] ret_from_fork_asm+0x1a/0x30 [ 13.808526] [ 13.808601] The buggy address belongs to the object at ffff8881039bd780 [ 13.808601] which belongs to the cache kmalloc-64 of size 64 [ 13.809213] The buggy address is located 0 bytes to the right of [ 13.809213] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.809772] [ 13.809875] The buggy address belongs to the physical page: [ 13.810168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.810532] flags: 0x200000000000000(node=0|zone=2) [ 13.810758] page_type: f5(slab) [ 13.810920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.811356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.811608] page dumped because: kasan: bad access detected [ 13.811884] [ 13.811979] Memory state around the buggy address: [ 13.812281] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.812610] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.812953] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.813260] ^ [ 13.813469] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.813823] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814214] ================================================================== [ 14.753193] ================================================================== [ 14.753612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.753868] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.754296] [ 14.754498] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.754545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.754568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.754590] Call Trace: [ 14.754604] <TASK> [ 14.754619] dump_stack_lvl+0x73/0xb0 [ 14.754659] print_report+0xd1/0x650 [ 14.754683] ? __virt_addr_valid+0x1db/0x2d0 [ 14.754706] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.754729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.754752] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.754775] kasan_report+0x141/0x180 [ 14.754799] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.754827] __asan_report_load8_noabort+0x18/0x20 [ 14.754850] kasan_atomics_helper+0x4f71/0x5450 [ 14.754880] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.754913] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.754934] ? ret_from_fork_asm+0x1a/0x30 [ 14.754955] ? kasan_atomics+0x152/0x310 [ 14.754991] kasan_atomics+0x1dc/0x310 [ 14.755013] ? __pfx_kasan_atomics+0x10/0x10 [ 14.755035] ? __pfx_read_tsc+0x10/0x10 [ 14.755056] ? ktime_get_ts64+0x86/0x230 [ 14.755081] kunit_try_run_case+0x1a5/0x480 [ 14.755103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.755124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.755150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.755175] ? __kthread_parkme+0x82/0x180 [ 14.755196] ? preempt_count_sub+0x50/0x80 [ 14.755220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.755242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.755267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.755293] kthread+0x337/0x6f0 [ 14.755313] ? trace_preempt_on+0x20/0xc0 [ 14.755337] ? __pfx_kthread+0x10/0x10 [ 14.755358] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.755390] ? calculate_sigpending+0x7b/0xa0 [ 14.755414] ? __pfx_kthread+0x10/0x10 [ 14.755436] ret_from_fork+0x116/0x1d0 [ 14.755456] ? __pfx_kthread+0x10/0x10 [ 14.755478] ret_from_fork_asm+0x1a/0x30 [ 14.755509] </TASK> [ 14.755521] [ 14.764585] Allocated by task 283: [ 14.764777] kasan_save_stack+0x45/0x70 [ 14.764988] kasan_save_track+0x18/0x40 [ 14.765187] kasan_save_alloc_info+0x3b/0x50 [ 14.765409] __kasan_kmalloc+0xb7/0xc0 [ 14.765598] __kmalloc_cache_noprof+0x189/0x420 [ 14.765850] kasan_atomics+0x95/0x310 [ 14.766004] kunit_try_run_case+0x1a5/0x480 [ 14.766246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.766511] kthread+0x337/0x6f0 [ 14.766690] ret_from_fork+0x116/0x1d0 [ 14.766889] ret_from_fork_asm+0x1a/0x30 [ 14.767075] [ 14.767149] The buggy address belongs to the object at ffff8881039bd780 [ 14.767149] which belongs to the cache kmalloc-64 of size 64 [ 14.767651] The buggy address is located 0 bytes to the right of [ 14.767651] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.768276] [ 14.768350] The buggy address belongs to the physical page: [ 14.768641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.768994] flags: 0x200000000000000(node=0|zone=2) [ 14.769220] page_type: f5(slab) [ 14.769425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.769742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.770083] page dumped because: kasan: bad access detected [ 14.770310] [ 14.770420] Memory state around the buggy address: [ 14.770620] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.770950] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.771260] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.771508] ^ [ 14.771664] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.771880] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.772217] ================================================================== [ 13.578946] ================================================================== [ 13.579265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.579587] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.579889] [ 13.579975] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.580018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.580031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.580053] Call Trace: [ 13.580066] <TASK> [ 13.580081] dump_stack_lvl+0x73/0xb0 [ 13.580106] print_report+0xd1/0x650 [ 13.580130] ? __virt_addr_valid+0x1db/0x2d0 [ 13.580152] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.580175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.580198] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.580221] kasan_report+0x141/0x180 [ 13.580245] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.580273] __asan_report_store4_noabort+0x1b/0x30 [ 13.580295] kasan_atomics_helper+0x4b3a/0x5450 [ 13.580319] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.580342] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.580364] ? ret_from_fork_asm+0x1a/0x30 [ 13.580407] ? kasan_atomics+0x152/0x310 [ 13.580431] kasan_atomics+0x1dc/0x310 [ 13.580452] ? __pfx_kasan_atomics+0x10/0x10 [ 13.580474] ? __pfx_read_tsc+0x10/0x10 [ 13.580495] ? ktime_get_ts64+0x86/0x230 [ 13.580521] kunit_try_run_case+0x1a5/0x480 [ 13.580542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.580563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.580588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.580614] ? __kthread_parkme+0x82/0x180 [ 13.580635] ? preempt_count_sub+0x50/0x80 [ 13.580659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.580681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.580706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.580732] kthread+0x337/0x6f0 [ 13.580752] ? trace_preempt_on+0x20/0xc0 [ 13.580776] ? __pfx_kthread+0x10/0x10 [ 13.580797] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.580821] ? calculate_sigpending+0x7b/0xa0 [ 13.580846] ? __pfx_kthread+0x10/0x10 [ 13.580869] ret_from_fork+0x116/0x1d0 [ 13.580888] ? __pfx_kthread+0x10/0x10 [ 13.580959] ret_from_fork_asm+0x1a/0x30 [ 13.580990] </TASK> [ 13.581128] [ 13.589940] Allocated by task 283: [ 13.590104] kasan_save_stack+0x45/0x70 [ 13.590315] kasan_save_track+0x18/0x40 [ 13.590532] kasan_save_alloc_info+0x3b/0x50 [ 13.590715] __kasan_kmalloc+0xb7/0xc0 [ 13.590933] __kmalloc_cache_noprof+0x189/0x420 [ 13.591136] kasan_atomics+0x95/0x310 [ 13.591304] kunit_try_run_case+0x1a5/0x480 [ 13.591511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.591691] kthread+0x337/0x6f0 [ 13.591865] ret_from_fork+0x116/0x1d0 [ 13.592138] ret_from_fork_asm+0x1a/0x30 [ 13.592309] [ 13.592406] The buggy address belongs to the object at ffff8881039bd780 [ 13.592406] which belongs to the cache kmalloc-64 of size 64 [ 13.592901] The buggy address is located 0 bytes to the right of [ 13.592901] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.593665] [ 13.593811] The buggy address belongs to the physical page: [ 13.594023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.594464] flags: 0x200000000000000(node=0|zone=2) [ 13.594701] page_type: f5(slab) [ 13.594867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.595142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.595372] page dumped because: kasan: bad access detected [ 13.595634] [ 13.595778] Memory state around the buggy address: [ 13.596038] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.596279] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.596516] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.597141] ^ [ 13.597393] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.597710] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.598056] ================================================================== [ 14.612515] ================================================================== [ 14.612866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.613798] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.614406] [ 14.614657] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.614706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.614720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.614742] Call Trace: [ 14.614760] <TASK> [ 14.614815] dump_stack_lvl+0x73/0xb0 [ 14.614845] print_report+0xd1/0x650 [ 14.614871] ? __virt_addr_valid+0x1db/0x2d0 [ 14.614895] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.614917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.614941] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.614964] kasan_report+0x141/0x180 [ 14.614990] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.615018] __asan_report_load8_noabort+0x18/0x20 [ 14.615040] kasan_atomics_helper+0x4f30/0x5450 [ 14.615063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.615087] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.615108] ? ret_from_fork_asm+0x1a/0x30 [ 14.615130] ? kasan_atomics+0x152/0x310 [ 14.615154] kasan_atomics+0x1dc/0x310 [ 14.615173] ? __pfx_kasan_atomics+0x10/0x10 [ 14.615195] ? __pfx_read_tsc+0x10/0x10 [ 14.615217] ? ktime_get_ts64+0x86/0x230 [ 14.615243] kunit_try_run_case+0x1a5/0x480 [ 14.615265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.615312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.615338] ? __kthread_parkme+0x82/0x180 [ 14.615359] ? preempt_count_sub+0x50/0x80 [ 14.615395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.615467] kthread+0x337/0x6f0 [ 14.615487] ? trace_preempt_on+0x20/0xc0 [ 14.615512] ? __pfx_kthread+0x10/0x10 [ 14.615534] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.615558] ? calculate_sigpending+0x7b/0xa0 [ 14.615583] ? __pfx_kthread+0x10/0x10 [ 14.615605] ret_from_fork+0x116/0x1d0 [ 14.615623] ? __pfx_kthread+0x10/0x10 [ 14.615644] ret_from_fork_asm+0x1a/0x30 [ 14.615675] </TASK> [ 14.615686] [ 14.627019] Allocated by task 283: [ 14.627448] kasan_save_stack+0x45/0x70 [ 14.627721] kasan_save_track+0x18/0x40 [ 14.628011] kasan_save_alloc_info+0x3b/0x50 [ 14.628221] __kasan_kmalloc+0xb7/0xc0 [ 14.628413] __kmalloc_cache_noprof+0x189/0x420 [ 14.628630] kasan_atomics+0x95/0x310 [ 14.629191] kunit_try_run_case+0x1a5/0x480 [ 14.629460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.629906] kthread+0x337/0x6f0 [ 14.630198] ret_from_fork+0x116/0x1d0 [ 14.630615] ret_from_fork_asm+0x1a/0x30 [ 14.631039] [ 14.631133] The buggy address belongs to the object at ffff8881039bd780 [ 14.631133] which belongs to the cache kmalloc-64 of size 64 [ 14.631635] The buggy address is located 0 bytes to the right of [ 14.631635] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.632525] [ 14.632760] The buggy address belongs to the physical page: [ 14.633128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.633477] flags: 0x200000000000000(node=0|zone=2) [ 14.633692] page_type: f5(slab) [ 14.634166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.634636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.635139] page dumped because: kasan: bad access detected [ 14.635512] [ 14.635607] Memory state around the buggy address: [ 14.636149] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.636602] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.637126] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.637442] ^ [ 14.637649] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.638207] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.638727] ================================================================== [ 14.871832] ================================================================== [ 14.872178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.872536] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.872882] [ 14.873002] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.873046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.873059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.873079] Call Trace: [ 14.873094] <TASK> [ 14.873109] dump_stack_lvl+0x73/0xb0 [ 14.873135] print_report+0xd1/0x650 [ 14.873158] ? __virt_addr_valid+0x1db/0x2d0 [ 14.873181] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.873203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.873226] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.873249] kasan_report+0x141/0x180 [ 14.873272] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.873316] __asan_report_load8_noabort+0x18/0x20 [ 14.873337] kasan_atomics_helper+0x4fa5/0x5450 [ 14.873361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.873395] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.873415] ? ret_from_fork_asm+0x1a/0x30 [ 14.873437] ? kasan_atomics+0x152/0x310 [ 14.873461] kasan_atomics+0x1dc/0x310 [ 14.873481] ? __pfx_kasan_atomics+0x10/0x10 [ 14.873503] ? __pfx_read_tsc+0x10/0x10 [ 14.873524] ? ktime_get_ts64+0x86/0x230 [ 14.873549] kunit_try_run_case+0x1a5/0x480 [ 14.873571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.873591] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.873617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.873642] ? __kthread_parkme+0x82/0x180 [ 14.873663] ? preempt_count_sub+0x50/0x80 [ 14.873687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.873709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.873768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.873793] kthread+0x337/0x6f0 [ 14.873826] ? trace_preempt_on+0x20/0xc0 [ 14.873852] ? __pfx_kthread+0x10/0x10 [ 14.873892] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.873917] ? calculate_sigpending+0x7b/0xa0 [ 14.873941] ? __pfx_kthread+0x10/0x10 [ 14.873973] ret_from_fork+0x116/0x1d0 [ 14.873993] ? __pfx_kthread+0x10/0x10 [ 14.874014] ret_from_fork_asm+0x1a/0x30 [ 14.874048] </TASK> [ 14.874059] [ 14.882630] Allocated by task 283: [ 14.882766] kasan_save_stack+0x45/0x70 [ 14.882915] kasan_save_track+0x18/0x40 [ 14.883222] kasan_save_alloc_info+0x3b/0x50 [ 14.883454] __kasan_kmalloc+0xb7/0xc0 [ 14.883649] __kmalloc_cache_noprof+0x189/0x420 [ 14.883869] kasan_atomics+0x95/0x310 [ 14.884107] kunit_try_run_case+0x1a5/0x480 [ 14.884354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884621] kthread+0x337/0x6f0 [ 14.884876] ret_from_fork+0x116/0x1d0 [ 14.885014] ret_from_fork_asm+0x1a/0x30 [ 14.885155] [ 14.885253] The buggy address belongs to the object at ffff8881039bd780 [ 14.885253] which belongs to the cache kmalloc-64 of size 64 [ 14.885966] The buggy address is located 0 bytes to the right of [ 14.885966] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.886562] [ 14.886639] The buggy address belongs to the physical page: [ 14.886981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.887404] flags: 0x200000000000000(node=0|zone=2) [ 14.887611] page_type: f5(slab) [ 14.887735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.888169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.888493] page dumped because: kasan: bad access detected [ 14.888683] [ 14.888753] Memory state around the buggy address: [ 14.888910] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.889296] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.889632] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.890098] ^ [ 14.890309] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890539] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891005] ================================================================== [ 14.090714] ================================================================== [ 14.091337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.092000] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.092495] [ 14.092676] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.092722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.092735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.092759] Call Trace: [ 14.092773] <TASK> [ 14.092789] dump_stack_lvl+0x73/0xb0 [ 14.092816] print_report+0xd1/0x650 [ 14.092841] ? __virt_addr_valid+0x1db/0x2d0 [ 14.092865] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.092887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.092911] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.092934] kasan_report+0x141/0x180 [ 14.092957] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.092985] __asan_report_load4_noabort+0x18/0x20 [ 14.093006] kasan_atomics_helper+0x4a02/0x5450 [ 14.093030] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.093053] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.093161] ? ret_from_fork_asm+0x1a/0x30 [ 14.093187] ? kasan_atomics+0x152/0x310 [ 14.093213] kasan_atomics+0x1dc/0x310 [ 14.093233] ? __pfx_kasan_atomics+0x10/0x10 [ 14.093256] ? __pfx_read_tsc+0x10/0x10 [ 14.093277] ? ktime_get_ts64+0x86/0x230 [ 14.093304] kunit_try_run_case+0x1a5/0x480 [ 14.093326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.093346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.093372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.093410] ? __kthread_parkme+0x82/0x180 [ 14.093432] ? preempt_count_sub+0x50/0x80 [ 14.093456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.093478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.093503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.093528] kthread+0x337/0x6f0 [ 14.093548] ? trace_preempt_on+0x20/0xc0 [ 14.093572] ? __pfx_kthread+0x10/0x10 [ 14.093593] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.093618] ? calculate_sigpending+0x7b/0xa0 [ 14.093642] ? __pfx_kthread+0x10/0x10 [ 14.093664] ret_from_fork+0x116/0x1d0 [ 14.093683] ? __pfx_kthread+0x10/0x10 [ 14.093705] ret_from_fork_asm+0x1a/0x30 [ 14.093738] </TASK> [ 14.093750] [ 14.102349] Allocated by task 283: [ 14.102536] kasan_save_stack+0x45/0x70 [ 14.102688] kasan_save_track+0x18/0x40 [ 14.103103] kasan_save_alloc_info+0x3b/0x50 [ 14.103333] __kasan_kmalloc+0xb7/0xc0 [ 14.103538] __kmalloc_cache_noprof+0x189/0x420 [ 14.103762] kasan_atomics+0x95/0x310 [ 14.103924] kunit_try_run_case+0x1a5/0x480 [ 14.104091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104267] kthread+0x337/0x6f0 [ 14.104397] ret_from_fork+0x116/0x1d0 [ 14.104550] ret_from_fork_asm+0x1a/0x30 [ 14.104751] [ 14.104850] The buggy address belongs to the object at ffff8881039bd780 [ 14.104850] which belongs to the cache kmalloc-64 of size 64 [ 14.105806] The buggy address is located 0 bytes to the right of [ 14.105806] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.106194] [ 14.106524] The buggy address belongs to the physical page: [ 14.106872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.107328] flags: 0x200000000000000(node=0|zone=2) [ 14.107664] page_type: f5(slab) [ 14.107915] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.108280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.108550] page dumped because: kasan: bad access detected [ 14.108883] [ 14.109022] Memory state around the buggy address: [ 14.109181] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.109412] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.109787] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.110088] ^ [ 14.110246] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.110987] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.111261] ================================================================== [ 13.677989] ================================================================== [ 13.678340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.678942] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.679335] [ 13.679462] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.679511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.679524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.679546] Call Trace: [ 13.679564] <TASK> [ 13.679581] dump_stack_lvl+0x73/0xb0 [ 13.679609] print_report+0xd1/0x650 [ 13.679634] ? __virt_addr_valid+0x1db/0x2d0 [ 13.679657] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.679680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.679725] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.679749] kasan_report+0x141/0x180 [ 13.679772] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.679799] kasan_check_range+0x10c/0x1c0 [ 13.679824] __kasan_check_write+0x18/0x20 [ 13.679845] kasan_atomics_helper+0x7c7/0x5450 [ 13.679868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.679891] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.679912] ? ret_from_fork_asm+0x1a/0x30 [ 13.679934] ? kasan_atomics+0x152/0x310 [ 13.679958] kasan_atomics+0x1dc/0x310 [ 13.679978] ? __pfx_kasan_atomics+0x10/0x10 [ 13.680058] ? __pfx_read_tsc+0x10/0x10 [ 13.680081] ? ktime_get_ts64+0x86/0x230 [ 13.680107] kunit_try_run_case+0x1a5/0x480 [ 13.680129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.680175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.680201] ? __kthread_parkme+0x82/0x180 [ 13.680222] ? preempt_count_sub+0x50/0x80 [ 13.680245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.680267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.680292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.680318] kthread+0x337/0x6f0 [ 13.680338] ? trace_preempt_on+0x20/0xc0 [ 13.680362] ? __pfx_kthread+0x10/0x10 [ 13.680393] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.680418] ? calculate_sigpending+0x7b/0xa0 [ 13.680443] ? __pfx_kthread+0x10/0x10 [ 13.680465] ret_from_fork+0x116/0x1d0 [ 13.680484] ? __pfx_kthread+0x10/0x10 [ 13.680505] ret_from_fork_asm+0x1a/0x30 [ 13.680536] </TASK> [ 13.680548] [ 13.689215] Allocated by task 283: [ 13.689388] kasan_save_stack+0x45/0x70 [ 13.689586] kasan_save_track+0x18/0x40 [ 13.689810] kasan_save_alloc_info+0x3b/0x50 [ 13.690216] __kasan_kmalloc+0xb7/0xc0 [ 13.690447] __kmalloc_cache_noprof+0x189/0x420 [ 13.690674] kasan_atomics+0x95/0x310 [ 13.690842] kunit_try_run_case+0x1a5/0x480 [ 13.691055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.691328] kthread+0x337/0x6f0 [ 13.691515] ret_from_fork+0x116/0x1d0 [ 13.691710] ret_from_fork_asm+0x1a/0x30 [ 13.691917] [ 13.692002] The buggy address belongs to the object at ffff8881039bd780 [ 13.692002] which belongs to the cache kmalloc-64 of size 64 [ 13.692361] The buggy address is located 0 bytes to the right of [ 13.692361] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.692822] [ 13.692918] The buggy address belongs to the physical page: [ 13.693167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.693596] flags: 0x200000000000000(node=0|zone=2) [ 13.693852] page_type: f5(slab) [ 13.693977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.694452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.694836] page dumped because: kasan: bad access detected [ 13.695171] [ 13.695272] Memory state around the buggy address: [ 13.695519] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.695861] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.696211] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.696527] ^ [ 13.696730] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.697079] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.697298] ================================================================== [ 13.440228] ================================================================== [ 13.440938] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.441265] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.441576] [ 13.441679] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.441724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.441737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.441760] Call Trace: [ 13.441772] <TASK> [ 13.441975] dump_stack_lvl+0x73/0xb0 [ 13.442013] print_report+0xd1/0x650 [ 13.442044] ? __virt_addr_valid+0x1db/0x2d0 [ 13.442160] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.442183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.442206] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.442229] kasan_report+0x141/0x180 [ 13.442252] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.442279] __asan_report_load4_noabort+0x18/0x20 [ 13.442300] kasan_atomics_helper+0x4bbc/0x5450 [ 13.442322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.442345] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.442366] ? ret_from_fork_asm+0x1a/0x30 [ 13.442401] ? kasan_atomics+0x152/0x310 [ 13.442425] kasan_atomics+0x1dc/0x310 [ 13.442444] ? __pfx_kasan_atomics+0x10/0x10 [ 13.442465] ? __pfx_read_tsc+0x10/0x10 [ 13.442486] ? ktime_get_ts64+0x86/0x230 [ 13.442512] kunit_try_run_case+0x1a5/0x480 [ 13.442535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.442555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.442581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.442607] ? __kthread_parkme+0x82/0x180 [ 13.442627] ? preempt_count_sub+0x50/0x80 [ 13.442652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.442673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.442697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.442730] kthread+0x337/0x6f0 [ 13.442750] ? trace_preempt_on+0x20/0xc0 [ 13.442774] ? __pfx_kthread+0x10/0x10 [ 13.442795] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.442818] ? calculate_sigpending+0x7b/0xa0 [ 13.442842] ? __pfx_kthread+0x10/0x10 [ 13.442864] ret_from_fork+0x116/0x1d0 [ 13.442883] ? __pfx_kthread+0x10/0x10 [ 13.442905] ret_from_fork_asm+0x1a/0x30 [ 13.442935] </TASK> [ 13.442946] [ 13.451313] Allocated by task 283: [ 13.451494] kasan_save_stack+0x45/0x70 [ 13.451692] kasan_save_track+0x18/0x40 [ 13.451860] kasan_save_alloc_info+0x3b/0x50 [ 13.452040] __kasan_kmalloc+0xb7/0xc0 [ 13.452175] __kmalloc_cache_noprof+0x189/0x420 [ 13.452327] kasan_atomics+0x95/0x310 [ 13.452503] kunit_try_run_case+0x1a5/0x480 [ 13.452716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.453132] kthread+0x337/0x6f0 [ 13.453316] ret_from_fork+0x116/0x1d0 [ 13.453518] ret_from_fork_asm+0x1a/0x30 [ 13.453676] [ 13.453832] The buggy address belongs to the object at ffff8881039bd780 [ 13.453832] which belongs to the cache kmalloc-64 of size 64 [ 13.454524] The buggy address is located 0 bytes to the right of [ 13.454524] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.454984] [ 13.455059] The buggy address belongs to the physical page: [ 13.455290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.455785] flags: 0x200000000000000(node=0|zone=2) [ 13.456033] page_type: f5(slab) [ 13.456239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.456540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.456992] page dumped because: kasan: bad access detected [ 13.457220] [ 13.457297] Memory state around the buggy address: [ 13.457482] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.457701] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.457944] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.458271] ^ [ 13.458516] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.459106] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.459397] ================================================================== [ 14.519390] ================================================================== [ 14.519768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.520101] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.520460] [ 14.520547] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.520649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.520687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.520709] Call Trace: [ 14.520727] <TASK> [ 14.520743] dump_stack_lvl+0x73/0xb0 [ 14.520771] print_report+0xd1/0x650 [ 14.520795] ? __virt_addr_valid+0x1db/0x2d0 [ 14.520818] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.520841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.520863] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.520887] kasan_report+0x141/0x180 [ 14.520910] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.520970] kasan_check_range+0x10c/0x1c0 [ 14.521020] __kasan_check_write+0x18/0x20 [ 14.521086] kasan_atomics_helper+0x19e3/0x5450 [ 14.521112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.521135] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.521157] ? ret_from_fork_asm+0x1a/0x30 [ 14.521179] ? kasan_atomics+0x152/0x310 [ 14.521203] kasan_atomics+0x1dc/0x310 [ 14.521223] ? __pfx_kasan_atomics+0x10/0x10 [ 14.521244] ? __pfx_read_tsc+0x10/0x10 [ 14.521266] ? ktime_get_ts64+0x86/0x230 [ 14.521292] kunit_try_run_case+0x1a5/0x480 [ 14.521314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.521362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.521399] ? __kthread_parkme+0x82/0x180 [ 14.521420] ? preempt_count_sub+0x50/0x80 [ 14.521444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.521515] kthread+0x337/0x6f0 [ 14.521535] ? trace_preempt_on+0x20/0xc0 [ 14.521560] ? __pfx_kthread+0x10/0x10 [ 14.521581] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.521606] ? calculate_sigpending+0x7b/0xa0 [ 14.521631] ? __pfx_kthread+0x10/0x10 [ 14.521653] ret_from_fork+0x116/0x1d0 [ 14.521673] ? __pfx_kthread+0x10/0x10 [ 14.521694] ret_from_fork_asm+0x1a/0x30 [ 14.521724] </TASK> [ 14.521735] [ 14.530422] Allocated by task 283: [ 14.530605] kasan_save_stack+0x45/0x70 [ 14.530864] kasan_save_track+0x18/0x40 [ 14.531063] kasan_save_alloc_info+0x3b/0x50 [ 14.531278] __kasan_kmalloc+0xb7/0xc0 [ 14.531522] __kmalloc_cache_noprof+0x189/0x420 [ 14.531718] kasan_atomics+0x95/0x310 [ 14.531863] kunit_try_run_case+0x1a5/0x480 [ 14.532097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.532325] kthread+0x337/0x6f0 [ 14.532498] ret_from_fork+0x116/0x1d0 [ 14.532686] ret_from_fork_asm+0x1a/0x30 [ 14.532909] [ 14.532980] The buggy address belongs to the object at ffff8881039bd780 [ 14.532980] which belongs to the cache kmalloc-64 of size 64 [ 14.533705] The buggy address is located 0 bytes to the right of [ 14.533705] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.534149] [ 14.534224] The buggy address belongs to the physical page: [ 14.534444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.534894] flags: 0x200000000000000(node=0|zone=2) [ 14.535186] page_type: f5(slab) [ 14.535395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.535765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.536081] page dumped because: kasan: bad access detected [ 14.536254] [ 14.536348] Memory state around the buggy address: [ 14.536621] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537047] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537402] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.537733] ^ [ 14.537927] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538347] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538710] ================================================================== [ 13.598512] ================================================================== [ 13.598746] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.598981] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.599308] [ 13.599430] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.599492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.599506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.599528] Call Trace: [ 13.599545] <TASK> [ 13.599561] dump_stack_lvl+0x73/0xb0 [ 13.599590] print_report+0xd1/0x650 [ 13.599614] ? __virt_addr_valid+0x1db/0x2d0 [ 13.599638] ? kasan_atomics_helper+0x565/0x5450 [ 13.599661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.599685] ? kasan_atomics_helper+0x565/0x5450 [ 13.599708] kasan_report+0x141/0x180 [ 13.599732] ? kasan_atomics_helper+0x565/0x5450 [ 13.599760] kasan_check_range+0x10c/0x1c0 [ 13.599785] __kasan_check_write+0x18/0x20 [ 13.599806] kasan_atomics_helper+0x565/0x5450 [ 13.599830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.599853] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.599874] ? ret_from_fork_asm+0x1a/0x30 [ 13.599897] ? kasan_atomics+0x152/0x310 [ 13.599921] kasan_atomics+0x1dc/0x310 [ 13.599942] ? __pfx_kasan_atomics+0x10/0x10 [ 13.599966] ? __pfx_read_tsc+0x10/0x10 [ 13.599989] ? ktime_get_ts64+0x86/0x230 [ 13.600016] kunit_try_run_case+0x1a5/0x480 [ 13.600038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600058] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.600137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.600165] ? __kthread_parkme+0x82/0x180 [ 13.600186] ? preempt_count_sub+0x50/0x80 [ 13.600211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.600233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.600258] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.600284] kthread+0x337/0x6f0 [ 13.600304] ? trace_preempt_on+0x20/0xc0 [ 13.600329] ? __pfx_kthread+0x10/0x10 [ 13.600351] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.600386] ? calculate_sigpending+0x7b/0xa0 [ 13.600412] ? __pfx_kthread+0x10/0x10 [ 13.600435] ret_from_fork+0x116/0x1d0 [ 13.600454] ? __pfx_kthread+0x10/0x10 [ 13.600477] ret_from_fork_asm+0x1a/0x30 [ 13.600512] </TASK> [ 13.600523] [ 13.608850] Allocated by task 283: [ 13.609251] kasan_save_stack+0x45/0x70 [ 13.609483] kasan_save_track+0x18/0x40 [ 13.609690] kasan_save_alloc_info+0x3b/0x50 [ 13.609918] __kasan_kmalloc+0xb7/0xc0 [ 13.610312] __kmalloc_cache_noprof+0x189/0x420 [ 13.610565] kasan_atomics+0x95/0x310 [ 13.610798] kunit_try_run_case+0x1a5/0x480 [ 13.611019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.611280] kthread+0x337/0x6f0 [ 13.611445] ret_from_fork+0x116/0x1d0 [ 13.611582] ret_from_fork_asm+0x1a/0x30 [ 13.611907] [ 13.612039] The buggy address belongs to the object at ffff8881039bd780 [ 13.612039] which belongs to the cache kmalloc-64 of size 64 [ 13.612517] The buggy address is located 0 bytes to the right of [ 13.612517] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.613349] [ 13.613473] The buggy address belongs to the physical page: [ 13.613651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.614163] flags: 0x200000000000000(node=0|zone=2) [ 13.614333] page_type: f5(slab) [ 13.614468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.614703] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.615110] page dumped because: kasan: bad access detected [ 13.615366] [ 13.615472] Memory state around the buggy address: [ 13.615698] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.616020] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.616329] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.616552] ^ [ 13.616711] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.617264] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.617617] ================================================================== [ 14.657050] ================================================================== [ 14.657406] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.657752] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.658211] [ 14.658325] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.658369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.658392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.658414] Call Trace: [ 14.658427] <TASK> [ 14.658441] dump_stack_lvl+0x73/0xb0 [ 14.658468] print_report+0xd1/0x650 [ 14.658491] ? __virt_addr_valid+0x1db/0x2d0 [ 14.658513] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.658546] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.658569] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.658592] kasan_report+0x141/0x180 [ 14.658615] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.658643] kasan_check_range+0x10c/0x1c0 [ 14.658668] __kasan_check_write+0x18/0x20 [ 14.658688] kasan_atomics_helper+0x1d7a/0x5450 [ 14.658712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.658735] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.658756] ? ret_from_fork_asm+0x1a/0x30 [ 14.658778] ? kasan_atomics+0x152/0x310 [ 14.658801] kasan_atomics+0x1dc/0x310 [ 14.658821] ? __pfx_kasan_atomics+0x10/0x10 [ 14.658842] ? __pfx_read_tsc+0x10/0x10 [ 14.658876] ? ktime_get_ts64+0x86/0x230 [ 14.658900] kunit_try_run_case+0x1a5/0x480 [ 14.658922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.658942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.658967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.658993] ? __kthread_parkme+0x82/0x180 [ 14.659014] ? preempt_count_sub+0x50/0x80 [ 14.659037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.659060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.659085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.659110] kthread+0x337/0x6f0 [ 14.659130] ? trace_preempt_on+0x20/0xc0 [ 14.659153] ? __pfx_kthread+0x10/0x10 [ 14.659175] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.659199] ? calculate_sigpending+0x7b/0xa0 [ 14.659223] ? __pfx_kthread+0x10/0x10 [ 14.659245] ret_from_fork+0x116/0x1d0 [ 14.659264] ? __pfx_kthread+0x10/0x10 [ 14.659285] ret_from_fork_asm+0x1a/0x30 [ 14.659316] </TASK> [ 14.659328] [ 14.667186] Allocated by task 283: [ 14.667341] kasan_save_stack+0x45/0x70 [ 14.667550] kasan_save_track+0x18/0x40 [ 14.667689] kasan_save_alloc_info+0x3b/0x50 [ 14.667908] __kasan_kmalloc+0xb7/0xc0 [ 14.668105] __kmalloc_cache_noprof+0x189/0x420 [ 14.668295] kasan_atomics+0x95/0x310 [ 14.668480] kunit_try_run_case+0x1a5/0x480 [ 14.668657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.668953] kthread+0x337/0x6f0 [ 14.669126] ret_from_fork+0x116/0x1d0 [ 14.669269] ret_from_fork_asm+0x1a/0x30 [ 14.669421] [ 14.669518] The buggy address belongs to the object at ffff8881039bd780 [ 14.669518] which belongs to the cache kmalloc-64 of size 64 [ 14.670198] The buggy address is located 0 bytes to the right of [ 14.670198] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.670623] [ 14.670696] The buggy address belongs to the physical page: [ 14.670872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.671115] flags: 0x200000000000000(node=0|zone=2) [ 14.671278] page_type: f5(slab) [ 14.671414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.671753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.672096] page dumped because: kasan: bad access detected [ 14.672347] [ 14.672450] Memory state around the buggy address: [ 14.672672] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.673030] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.673244] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.673467] ^ [ 14.673620] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.673836] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.674120] ================================================================== [ 14.792315] ================================================================== [ 14.792690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.793097] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.793481] [ 14.793604] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.793648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.793660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.793681] Call Trace: [ 14.793697] <TASK> [ 14.793712] dump_stack_lvl+0x73/0xb0 [ 14.793738] print_report+0xd1/0x650 [ 14.793761] ? __virt_addr_valid+0x1db/0x2d0 [ 14.793785] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.793824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.793847] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.793871] kasan_report+0x141/0x180 [ 14.793894] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.793923] __asan_report_load8_noabort+0x18/0x20 [ 14.793945] kasan_atomics_helper+0x4f98/0x5450 [ 14.793968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.793991] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.794013] ? ret_from_fork_asm+0x1a/0x30 [ 14.794039] ? kasan_atomics+0x152/0x310 [ 14.794062] kasan_atomics+0x1dc/0x310 [ 14.794082] ? __pfx_kasan_atomics+0x10/0x10 [ 14.794103] ? __pfx_read_tsc+0x10/0x10 [ 14.794125] ? ktime_get_ts64+0x86/0x230 [ 14.794150] kunit_try_run_case+0x1a5/0x480 [ 14.794171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.794191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.794217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.794242] ? __kthread_parkme+0x82/0x180 [ 14.794263] ? preempt_count_sub+0x50/0x80 [ 14.794287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.794309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.794334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.794359] kthread+0x337/0x6f0 [ 14.794388] ? trace_preempt_on+0x20/0xc0 [ 14.794412] ? __pfx_kthread+0x10/0x10 [ 14.794433] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.794457] ? calculate_sigpending+0x7b/0xa0 [ 14.794481] ? __pfx_kthread+0x10/0x10 [ 14.794503] ret_from_fork+0x116/0x1d0 [ 14.794523] ? __pfx_kthread+0x10/0x10 [ 14.794544] ret_from_fork_asm+0x1a/0x30 [ 14.794574] </TASK> [ 14.794585] [ 14.802745] Allocated by task 283: [ 14.802935] kasan_save_stack+0x45/0x70 [ 14.803211] kasan_save_track+0x18/0x40 [ 14.803518] kasan_save_alloc_info+0x3b/0x50 [ 14.803791] __kasan_kmalloc+0xb7/0xc0 [ 14.803986] __kmalloc_cache_noprof+0x189/0x420 [ 14.804223] kasan_atomics+0x95/0x310 [ 14.804419] kunit_try_run_case+0x1a5/0x480 [ 14.804625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.804919] kthread+0x337/0x6f0 [ 14.805085] ret_from_fork+0x116/0x1d0 [ 14.805235] ret_from_fork_asm+0x1a/0x30 [ 14.805384] [ 14.805457] The buggy address belongs to the object at ffff8881039bd780 [ 14.805457] which belongs to the cache kmalloc-64 of size 64 [ 14.806362] The buggy address is located 0 bytes to the right of [ 14.806362] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.806970] [ 14.807046] The buggy address belongs to the physical page: [ 14.807221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.807824] flags: 0x200000000000000(node=0|zone=2) [ 14.808057] page_type: f5(slab) [ 14.808181] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.808435] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.808778] page dumped because: kasan: bad access detected [ 14.809230] [ 14.809355] Memory state around the buggy address: [ 14.809667] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.809984] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.810209] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.810433] ^ [ 14.810628] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811260] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.811741] ================================================================== [ 14.639430] ================================================================== [ 14.639694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.640091] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.640432] [ 14.640546] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.640593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.640606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.640628] Call Trace: [ 14.640645] <TASK> [ 14.640663] dump_stack_lvl+0x73/0xb0 [ 14.640690] print_report+0xd1/0x650 [ 14.640713] ? __virt_addr_valid+0x1db/0x2d0 [ 14.640736] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.640759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.640782] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.640805] kasan_report+0x141/0x180 [ 14.640828] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.640856] kasan_check_range+0x10c/0x1c0 [ 14.640895] __kasan_check_write+0x18/0x20 [ 14.640915] kasan_atomics_helper+0x1ce1/0x5450 [ 14.640938] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.640962] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.640983] ? ret_from_fork_asm+0x1a/0x30 [ 14.641004] ? kasan_atomics+0x152/0x310 [ 14.641027] kasan_atomics+0x1dc/0x310 [ 14.641047] ? __pfx_kasan_atomics+0x10/0x10 [ 14.641068] ? __pfx_read_tsc+0x10/0x10 [ 14.641089] ? ktime_get_ts64+0x86/0x230 [ 14.641114] kunit_try_run_case+0x1a5/0x480 [ 14.641136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641156] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.641181] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.641206] ? __kthread_parkme+0x82/0x180 [ 14.641227] ? preempt_count_sub+0x50/0x80 [ 14.641252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.641274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.641298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.641323] kthread+0x337/0x6f0 [ 14.641343] ? trace_preempt_on+0x20/0xc0 [ 14.641366] ? __pfx_kthread+0x10/0x10 [ 14.641399] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.641423] ? calculate_sigpending+0x7b/0xa0 [ 14.641447] ? __pfx_kthread+0x10/0x10 [ 14.641469] ret_from_fork+0x116/0x1d0 [ 14.641488] ? __pfx_kthread+0x10/0x10 [ 14.641509] ret_from_fork_asm+0x1a/0x30 [ 14.641541] </TASK> [ 14.641552] [ 14.649474] Allocated by task 283: [ 14.649635] kasan_save_stack+0x45/0x70 [ 14.649784] kasan_save_track+0x18/0x40 [ 14.649943] kasan_save_alloc_info+0x3b/0x50 [ 14.650164] __kasan_kmalloc+0xb7/0xc0 [ 14.650358] __kmalloc_cache_noprof+0x189/0x420 [ 14.650600] kasan_atomics+0x95/0x310 [ 14.650764] kunit_try_run_case+0x1a5/0x480 [ 14.650985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.651207] kthread+0x337/0x6f0 [ 14.651367] ret_from_fork+0x116/0x1d0 [ 14.651540] ret_from_fork_asm+0x1a/0x30 [ 14.651681] [ 14.651764] The buggy address belongs to the object at ffff8881039bd780 [ 14.651764] which belongs to the cache kmalloc-64 of size 64 [ 14.652298] The buggy address is located 0 bytes to the right of [ 14.652298] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.652846] [ 14.652924] The buggy address belongs to the physical page: [ 14.653142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.653460] flags: 0x200000000000000(node=0|zone=2) [ 14.653687] page_type: f5(slab) [ 14.653867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.654153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.654393] page dumped because: kasan: bad access detected [ 14.654568] [ 14.654639] Memory state around the buggy address: [ 14.654794] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.655200] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.655532] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.656017] ^ [ 14.656204] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.656431] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.656645] ================================================================== [ 14.891571] ================================================================== [ 14.892023] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.892397] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.892732] [ 14.892882] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.892969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.892993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.893016] Call Trace: [ 14.893058] <TASK> [ 14.893074] dump_stack_lvl+0x73/0xb0 [ 14.893100] print_report+0xd1/0x650 [ 14.893135] ? __virt_addr_valid+0x1db/0x2d0 [ 14.893158] ? kasan_atomics_helper+0x224c/0x5450 [ 14.893180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.893204] ? kasan_atomics_helper+0x224c/0x5450 [ 14.893227] kasan_report+0x141/0x180 [ 14.893251] ? kasan_atomics_helper+0x224c/0x5450 [ 14.893278] kasan_check_range+0x10c/0x1c0 [ 14.893302] __kasan_check_write+0x18/0x20 [ 14.893322] kasan_atomics_helper+0x224c/0x5450 [ 14.893346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.893368] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.893399] ? ret_from_fork_asm+0x1a/0x30 [ 14.893420] ? kasan_atomics+0x152/0x310 [ 14.893444] kasan_atomics+0x1dc/0x310 [ 14.893464] ? __pfx_kasan_atomics+0x10/0x10 [ 14.893485] ? __pfx_read_tsc+0x10/0x10 [ 14.893506] ? ktime_get_ts64+0x86/0x230 [ 14.893560] kunit_try_run_case+0x1a5/0x480 [ 14.893583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.893640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.893665] ? __kthread_parkme+0x82/0x180 [ 14.893686] ? preempt_count_sub+0x50/0x80 [ 14.893710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.893756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.893782] kthread+0x337/0x6f0 [ 14.893802] ? trace_preempt_on+0x20/0xc0 [ 14.893853] ? __pfx_kthread+0x10/0x10 [ 14.893875] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.893898] ? calculate_sigpending+0x7b/0xa0 [ 14.893933] ? __pfx_kthread+0x10/0x10 [ 14.893955] ret_from_fork+0x116/0x1d0 [ 14.893975] ? __pfx_kthread+0x10/0x10 [ 14.893995] ret_from_fork_asm+0x1a/0x30 [ 14.894031] </TASK> [ 14.894042] [ 14.902255] Allocated by task 283: [ 14.902444] kasan_save_stack+0x45/0x70 [ 14.902670] kasan_save_track+0x18/0x40 [ 14.902889] kasan_save_alloc_info+0x3b/0x50 [ 14.903126] __kasan_kmalloc+0xb7/0xc0 [ 14.903343] __kmalloc_cache_noprof+0x189/0x420 [ 14.903510] kasan_atomics+0x95/0x310 [ 14.903697] kunit_try_run_case+0x1a5/0x480 [ 14.903960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904195] kthread+0x337/0x6f0 [ 14.904318] ret_from_fork+0x116/0x1d0 [ 14.904464] ret_from_fork_asm+0x1a/0x30 [ 14.904679] [ 14.904854] The buggy address belongs to the object at ffff8881039bd780 [ 14.904854] which belongs to the cache kmalloc-64 of size 64 [ 14.905363] The buggy address is located 0 bytes to the right of [ 14.905363] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.905739] [ 14.905837] The buggy address belongs to the physical page: [ 14.906141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.906585] flags: 0x200000000000000(node=0|zone=2) [ 14.906900] page_type: f5(slab) [ 14.907112] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.907347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.907642] page dumped because: kasan: bad access detected [ 14.908130] [ 14.908256] Memory state around the buggy address: [ 14.908546] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.908975] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.909327] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.909611] ^ [ 14.909840] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910162] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910490] ================================================================== [ 14.562711] ================================================================== [ 14.563022] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.563327] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.564301] [ 14.564438] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.564487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.564500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.564523] Call Trace: [ 14.564538] <TASK> [ 14.564555] dump_stack_lvl+0x73/0xb0 [ 14.564583] print_report+0xd1/0x650 [ 14.564607] ? __virt_addr_valid+0x1db/0x2d0 [ 14.564629] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.564651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.564675] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.564698] kasan_report+0x141/0x180 [ 14.564722] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.564749] kasan_check_range+0x10c/0x1c0 [ 14.564774] __kasan_check_write+0x18/0x20 [ 14.564794] kasan_atomics_helper+0x1b22/0x5450 [ 14.564818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.564866] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.564912] ? ret_from_fork_asm+0x1a/0x30 [ 14.564934] ? kasan_atomics+0x152/0x310 [ 14.564958] kasan_atomics+0x1dc/0x310 [ 14.564989] ? __pfx_kasan_atomics+0x10/0x10 [ 14.565012] ? __pfx_read_tsc+0x10/0x10 [ 14.565033] ? ktime_get_ts64+0x86/0x230 [ 14.565058] kunit_try_run_case+0x1a5/0x480 [ 14.565080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.565101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.565127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.565152] ? __kthread_parkme+0x82/0x180 [ 14.565173] ? preempt_count_sub+0x50/0x80 [ 14.565197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.565219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.565244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.565269] kthread+0x337/0x6f0 [ 14.565289] ? trace_preempt_on+0x20/0xc0 [ 14.565311] ? __pfx_kthread+0x10/0x10 [ 14.565333] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.565356] ? calculate_sigpending+0x7b/0xa0 [ 14.565389] ? __pfx_kthread+0x10/0x10 [ 14.565412] ret_from_fork+0x116/0x1d0 [ 14.565433] ? __pfx_kthread+0x10/0x10 [ 14.565457] ret_from_fork_asm+0x1a/0x30 [ 14.565489] </TASK> [ 14.565501] [ 14.576300] Allocated by task 283: [ 14.576568] kasan_save_stack+0x45/0x70 [ 14.576937] kasan_save_track+0x18/0x40 [ 14.577195] kasan_save_alloc_info+0x3b/0x50 [ 14.577538] __kasan_kmalloc+0xb7/0xc0 [ 14.577859] __kmalloc_cache_noprof+0x189/0x420 [ 14.578090] kasan_atomics+0x95/0x310 [ 14.578277] kunit_try_run_case+0x1a5/0x480 [ 14.578471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.578799] kthread+0x337/0x6f0 [ 14.579144] ret_from_fork+0x116/0x1d0 [ 14.579316] ret_from_fork_asm+0x1a/0x30 [ 14.579660] [ 14.579822] The buggy address belongs to the object at ffff8881039bd780 [ 14.579822] which belongs to the cache kmalloc-64 of size 64 [ 14.580498] The buggy address is located 0 bytes to the right of [ 14.580498] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.581330] [ 14.581530] The buggy address belongs to the physical page: [ 14.581865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.582367] flags: 0x200000000000000(node=0|zone=2) [ 14.582692] page_type: f5(slab) [ 14.582904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.583356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.583813] page dumped because: kasan: bad access detected [ 14.584143] [ 14.584265] Memory state around the buggy address: [ 14.584640] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.585059] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.585482] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.585961] ^ [ 14.586178] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.586603] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.587141] ================================================================== [ 13.952585] ================================================================== [ 13.953286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 13.954008] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.954744] [ 13.954884] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.954930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.954944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.954966] Call Trace: [ 13.954984] <TASK> [ 13.955002] dump_stack_lvl+0x73/0xb0 [ 13.955030] print_report+0xd1/0x650 [ 13.955055] ? __virt_addr_valid+0x1db/0x2d0 [ 13.955078] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.955100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.955124] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.955146] kasan_report+0x141/0x180 [ 13.955169] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.955197] kasan_check_range+0x10c/0x1c0 [ 13.955222] __kasan_check_write+0x18/0x20 [ 13.955242] kasan_atomics_helper+0xfa9/0x5450 [ 13.955266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.955289] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.955310] ? ret_from_fork_asm+0x1a/0x30 [ 13.955332] ? kasan_atomics+0x152/0x310 [ 13.955356] kasan_atomics+0x1dc/0x310 [ 13.955387] ? __pfx_kasan_atomics+0x10/0x10 [ 13.955409] ? __pfx_read_tsc+0x10/0x10 [ 13.955430] ? ktime_get_ts64+0x86/0x230 [ 13.955456] kunit_try_run_case+0x1a5/0x480 [ 13.955477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.955524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.955549] ? __kthread_parkme+0x82/0x180 [ 13.955570] ? preempt_count_sub+0x50/0x80 [ 13.955595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.955616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.955641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.955665] kthread+0x337/0x6f0 [ 13.955686] ? trace_preempt_on+0x20/0xc0 [ 13.955710] ? __pfx_kthread+0x10/0x10 [ 13.955732] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.955756] ? calculate_sigpending+0x7b/0xa0 [ 13.955780] ? __pfx_kthread+0x10/0x10 [ 13.955802] ret_from_fork+0x116/0x1d0 [ 13.955821] ? __pfx_kthread+0x10/0x10 [ 13.955843] ret_from_fork_asm+0x1a/0x30 [ 13.955874] </TASK> [ 13.955886] [ 13.963875] Allocated by task 283: [ 13.964180] kasan_save_stack+0x45/0x70 [ 13.964416] kasan_save_track+0x18/0x40 [ 13.964618] kasan_save_alloc_info+0x3b/0x50 [ 13.964971] __kasan_kmalloc+0xb7/0xc0 [ 13.965168] __kmalloc_cache_noprof+0x189/0x420 [ 13.965399] kasan_atomics+0x95/0x310 [ 13.965549] kunit_try_run_case+0x1a5/0x480 [ 13.965696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.965987] kthread+0x337/0x6f0 [ 13.966180] ret_from_fork+0x116/0x1d0 [ 13.966336] ret_from_fork_asm+0x1a/0x30 [ 13.966487] [ 13.966560] The buggy address belongs to the object at ffff8881039bd780 [ 13.966560] which belongs to the cache kmalloc-64 of size 64 [ 13.967253] The buggy address is located 0 bytes to the right of [ 13.967253] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.967993] [ 13.968097] The buggy address belongs to the physical page: [ 13.968306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.968622] flags: 0x200000000000000(node=0|zone=2) [ 13.968886] page_type: f5(slab) [ 13.969178] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.969484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.969831] page dumped because: kasan: bad access detected [ 13.970007] [ 13.970085] Memory state around the buggy address: [ 13.970243] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970568] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970893] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.971401] ^ [ 13.971563] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971781] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.972222] ================================================================== [ 14.057278] ================================================================== [ 14.057820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.058257] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.058839] [ 14.059020] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.059114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.059127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.059150] Call Trace: [ 14.059167] <TASK> [ 14.059183] dump_stack_lvl+0x73/0xb0 [ 14.059210] print_report+0xd1/0x650 [ 14.059234] ? __virt_addr_valid+0x1db/0x2d0 [ 14.059257] ? kasan_atomics_helper+0x1148/0x5450 [ 14.059279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.059303] ? kasan_atomics_helper+0x1148/0x5450 [ 14.059326] kasan_report+0x141/0x180 [ 14.059349] ? kasan_atomics_helper+0x1148/0x5450 [ 14.059389] kasan_check_range+0x10c/0x1c0 [ 14.059414] __kasan_check_write+0x18/0x20 [ 14.059434] kasan_atomics_helper+0x1148/0x5450 [ 14.059458] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.059482] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.059502] ? ret_from_fork_asm+0x1a/0x30 [ 14.059524] ? kasan_atomics+0x152/0x310 [ 14.059547] kasan_atomics+0x1dc/0x310 [ 14.059567] ? __pfx_kasan_atomics+0x10/0x10 [ 14.059588] ? __pfx_read_tsc+0x10/0x10 [ 14.059609] ? ktime_get_ts64+0x86/0x230 [ 14.059635] kunit_try_run_case+0x1a5/0x480 [ 14.059656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.059676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.059701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.059737] ? __kthread_parkme+0x82/0x180 [ 14.059758] ? preempt_count_sub+0x50/0x80 [ 14.059783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.059804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.059829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.059854] kthread+0x337/0x6f0 [ 14.059874] ? trace_preempt_on+0x20/0xc0 [ 14.059898] ? __pfx_kthread+0x10/0x10 [ 14.059919] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.059942] ? calculate_sigpending+0x7b/0xa0 [ 14.059966] ? __pfx_kthread+0x10/0x10 [ 14.059989] ret_from_fork+0x116/0x1d0 [ 14.060074] ? __pfx_kthread+0x10/0x10 [ 14.060098] ret_from_fork_asm+0x1a/0x30 [ 14.060131] </TASK> [ 14.060143] [ 14.074965] Allocated by task 283: [ 14.075360] kasan_save_stack+0x45/0x70 [ 14.075745] kasan_save_track+0x18/0x40 [ 14.076216] kasan_save_alloc_info+0x3b/0x50 [ 14.076625] __kasan_kmalloc+0xb7/0xc0 [ 14.076916] __kmalloc_cache_noprof+0x189/0x420 [ 14.077268] kasan_atomics+0x95/0x310 [ 14.077626] kunit_try_run_case+0x1a5/0x480 [ 14.078016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.078407] kthread+0x337/0x6f0 [ 14.078546] ret_from_fork+0x116/0x1d0 [ 14.078686] ret_from_fork_asm+0x1a/0x30 [ 14.079077] [ 14.079313] The buggy address belongs to the object at ffff8881039bd780 [ 14.079313] which belongs to the cache kmalloc-64 of size 64 [ 14.080528] The buggy address is located 0 bytes to the right of [ 14.080528] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.081820] [ 14.082011] The buggy address belongs to the physical page: [ 14.082439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.082691] flags: 0x200000000000000(node=0|zone=2) [ 14.083168] page_type: f5(slab) [ 14.083712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.084509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.085370] page dumped because: kasan: bad access detected [ 14.086031] [ 14.086334] Memory state around the buggy address: [ 14.086514] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.086752] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.087416] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.088146] ^ [ 14.088663] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089437] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089956] ================================================================== [ 14.359204] ================================================================== [ 14.359865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.360308] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.360855] [ 14.360952] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.360999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.361012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.361034] Call Trace: [ 14.361052] <TASK> [ 14.361069] dump_stack_lvl+0x73/0xb0 [ 14.361292] print_report+0xd1/0x650 [ 14.361319] ? __virt_addr_valid+0x1db/0x2d0 [ 14.361343] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.361365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.361399] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.361422] kasan_report+0x141/0x180 [ 14.361445] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.361473] kasan_check_range+0x10c/0x1c0 [ 14.361497] __kasan_check_write+0x18/0x20 [ 14.361518] kasan_atomics_helper+0x15b6/0x5450 [ 14.361542] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.361565] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.361586] ? ret_from_fork_asm+0x1a/0x30 [ 14.361608] ? kasan_atomics+0x152/0x310 [ 14.361632] kasan_atomics+0x1dc/0x310 [ 14.361652] ? __pfx_kasan_atomics+0x10/0x10 [ 14.361673] ? __pfx_read_tsc+0x10/0x10 [ 14.361694] ? ktime_get_ts64+0x86/0x230 [ 14.361811] kunit_try_run_case+0x1a5/0x480 [ 14.361834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.361881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.361906] ? __kthread_parkme+0x82/0x180 [ 14.361928] ? preempt_count_sub+0x50/0x80 [ 14.361951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.361998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.362038] kthread+0x337/0x6f0 [ 14.362058] ? trace_preempt_on+0x20/0xc0 [ 14.362082] ? __pfx_kthread+0x10/0x10 [ 14.362104] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.362128] ? calculate_sigpending+0x7b/0xa0 [ 14.362152] ? __pfx_kthread+0x10/0x10 [ 14.362174] ret_from_fork+0x116/0x1d0 [ 14.362194] ? __pfx_kthread+0x10/0x10 [ 14.362215] ret_from_fork_asm+0x1a/0x30 [ 14.362246] </TASK> [ 14.362258] [ 14.374123] Allocated by task 283: [ 14.374413] kasan_save_stack+0x45/0x70 [ 14.374580] kasan_save_track+0x18/0x40 [ 14.375027] kasan_save_alloc_info+0x3b/0x50 [ 14.375210] __kasan_kmalloc+0xb7/0xc0 [ 14.375422] __kmalloc_cache_noprof+0x189/0x420 [ 14.375749] kasan_atomics+0x95/0x310 [ 14.375938] kunit_try_run_case+0x1a5/0x480 [ 14.376397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.376782] kthread+0x337/0x6f0 [ 14.376927] ret_from_fork+0x116/0x1d0 [ 14.377357] ret_from_fork_asm+0x1a/0x30 [ 14.377563] [ 14.377841] The buggy address belongs to the object at ffff8881039bd780 [ 14.377841] which belongs to the cache kmalloc-64 of size 64 [ 14.378532] The buggy address is located 0 bytes to the right of [ 14.378532] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.379339] [ 14.379462] The buggy address belongs to the physical page: [ 14.379841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.380453] flags: 0x200000000000000(node=0|zone=2) [ 14.380675] page_type: f5(slab) [ 14.380885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.381479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.381998] page dumped because: kasan: bad access detected [ 14.382244] [ 14.382445] Memory state around the buggy address: [ 14.382878] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.383281] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.383839] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.384204] ^ [ 14.384616] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.385092] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.385541] ================================================================== [ 13.637652] ================================================================== [ 13.638193] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.638521] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.638760] [ 13.638874] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.638920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.638933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.638957] Call Trace: [ 13.638971] <TASK> [ 13.638988] dump_stack_lvl+0x73/0xb0 [ 13.639013] print_report+0xd1/0x650 [ 13.639037] ? __virt_addr_valid+0x1db/0x2d0 [ 13.639060] ? kasan_atomics_helper+0x697/0x5450 [ 13.639083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.639106] ? kasan_atomics_helper+0x697/0x5450 [ 13.639130] kasan_report+0x141/0x180 [ 13.639153] ? kasan_atomics_helper+0x697/0x5450 [ 13.639180] kasan_check_range+0x10c/0x1c0 [ 13.639206] __kasan_check_write+0x18/0x20 [ 13.639226] kasan_atomics_helper+0x697/0x5450 [ 13.639250] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.639274] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.639294] ? ret_from_fork_asm+0x1a/0x30 [ 13.639316] ? kasan_atomics+0x152/0x310 [ 13.639340] kasan_atomics+0x1dc/0x310 [ 13.639361] ? __pfx_kasan_atomics+0x10/0x10 [ 13.639393] ? __pfx_read_tsc+0x10/0x10 [ 13.639414] ? ktime_get_ts64+0x86/0x230 [ 13.639439] kunit_try_run_case+0x1a5/0x480 [ 13.639461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.639506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.639532] ? __kthread_parkme+0x82/0x180 [ 13.639704] ? preempt_count_sub+0x50/0x80 [ 13.639734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.639757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.639783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.639809] kthread+0x337/0x6f0 [ 13.639829] ? trace_preempt_on+0x20/0xc0 [ 13.639853] ? __pfx_kthread+0x10/0x10 [ 13.639875] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.639899] ? calculate_sigpending+0x7b/0xa0 [ 13.639924] ? __pfx_kthread+0x10/0x10 [ 13.639947] ret_from_fork+0x116/0x1d0 [ 13.639966] ? __pfx_kthread+0x10/0x10 [ 13.639988] ret_from_fork_asm+0x1a/0x30 [ 13.640019] </TASK> [ 13.640032] [ 13.648533] Allocated by task 283: [ 13.648667] kasan_save_stack+0x45/0x70 [ 13.648856] kasan_save_track+0x18/0x40 [ 13.649056] kasan_save_alloc_info+0x3b/0x50 [ 13.649273] __kasan_kmalloc+0xb7/0xc0 [ 13.649482] __kmalloc_cache_noprof+0x189/0x420 [ 13.649825] kasan_atomics+0x95/0x310 [ 13.650017] kunit_try_run_case+0x1a5/0x480 [ 13.650176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.650354] kthread+0x337/0x6f0 [ 13.650492] ret_from_fork+0x116/0x1d0 [ 13.650643] ret_from_fork_asm+0x1a/0x30 [ 13.651132] [ 13.651247] The buggy address belongs to the object at ffff8881039bd780 [ 13.651247] which belongs to the cache kmalloc-64 of size 64 [ 13.651910] The buggy address is located 0 bytes to the right of [ 13.651910] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.652386] [ 13.652491] The buggy address belongs to the physical page: [ 13.652751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.653131] flags: 0x200000000000000(node=0|zone=2) [ 13.653428] page_type: f5(slab) [ 13.653587] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.653932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.654262] page dumped because: kasan: bad access detected [ 13.654452] [ 13.654524] Memory state around the buggy address: [ 13.654680] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.654961] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.655283] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.655636] ^ [ 13.655875] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656206] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656935] ================================================================== [ 13.519421] ================================================================== [ 13.519692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.520151] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.520447] [ 13.520562] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.520609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.520622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.520645] Call Trace: [ 13.520663] <TASK> [ 13.520681] dump_stack_lvl+0x73/0xb0 [ 13.520708] print_report+0xd1/0x650 [ 13.520887] ? __virt_addr_valid+0x1db/0x2d0 [ 13.520917] ? kasan_atomics_helper+0x3df/0x5450 [ 13.520939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.520963] ? kasan_atomics_helper+0x3df/0x5450 [ 13.520986] kasan_report+0x141/0x180 [ 13.521010] ? kasan_atomics_helper+0x3df/0x5450 [ 13.521037] kasan_check_range+0x10c/0x1c0 [ 13.521062] __kasan_check_read+0x15/0x20 [ 13.521083] kasan_atomics_helper+0x3df/0x5450 [ 13.521106] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.521130] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.521152] ? ret_from_fork_asm+0x1a/0x30 [ 13.521174] ? kasan_atomics+0x152/0x310 [ 13.521246] kasan_atomics+0x1dc/0x310 [ 13.521268] ? __pfx_kasan_atomics+0x10/0x10 [ 13.521289] ? __pfx_read_tsc+0x10/0x10 [ 13.521312] ? ktime_get_ts64+0x86/0x230 [ 13.521338] kunit_try_run_case+0x1a5/0x480 [ 13.521361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.521394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.521421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.521447] ? __kthread_parkme+0x82/0x180 [ 13.521469] ? preempt_count_sub+0x50/0x80 [ 13.521495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.521517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.521542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.521568] kthread+0x337/0x6f0 [ 13.521588] ? trace_preempt_on+0x20/0xc0 [ 13.521613] ? __pfx_kthread+0x10/0x10 [ 13.521634] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.521659] ? calculate_sigpending+0x7b/0xa0 [ 13.521683] ? __pfx_kthread+0x10/0x10 [ 13.521705] ret_from_fork+0x116/0x1d0 [ 13.521725] ? __pfx_kthread+0x10/0x10 [ 13.521746] ret_from_fork_asm+0x1a/0x30 [ 13.521778] </TASK> [ 13.521790] [ 13.530246] Allocated by task 283: [ 13.530674] kasan_save_stack+0x45/0x70 [ 13.530880] kasan_save_track+0x18/0x40 [ 13.531061] kasan_save_alloc_info+0x3b/0x50 [ 13.531275] __kasan_kmalloc+0xb7/0xc0 [ 13.531431] __kmalloc_cache_noprof+0x189/0x420 [ 13.531588] kasan_atomics+0x95/0x310 [ 13.531720] kunit_try_run_case+0x1a5/0x480 [ 13.531866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.532083] kthread+0x337/0x6f0 [ 13.532254] ret_from_fork+0x116/0x1d0 [ 13.532453] ret_from_fork_asm+0x1a/0x30 [ 13.532898] [ 13.533091] The buggy address belongs to the object at ffff8881039bd780 [ 13.533091] which belongs to the cache kmalloc-64 of size 64 [ 13.533472] The buggy address is located 0 bytes to the right of [ 13.533472] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.534350] [ 13.534478] The buggy address belongs to the physical page: [ 13.534775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.535304] flags: 0x200000000000000(node=0|zone=2) [ 13.535536] page_type: f5(slab) [ 13.535701] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.536022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.536309] page dumped because: kasan: bad access detected [ 13.536565] [ 13.536652] Memory state around the buggy address: [ 13.536945] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.537169] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.537576] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.537901] ^ [ 13.538290] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.538629] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.539117] ================================================================== [ 14.024219] ================================================================== [ 14.024863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.025603] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.026155] [ 14.026273] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.026319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.026332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.026354] Call Trace: [ 14.026372] <TASK> [ 14.026565] dump_stack_lvl+0x73/0xb0 [ 14.026602] print_report+0xd1/0x650 [ 14.026627] ? __virt_addr_valid+0x1db/0x2d0 [ 14.026651] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.026674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.026697] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.026730] kasan_report+0x141/0x180 [ 14.026754] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.026781] __asan_report_load4_noabort+0x18/0x20 [ 14.026803] kasan_atomics_helper+0x4a1c/0x5450 [ 14.026827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.026850] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.026871] ? ret_from_fork_asm+0x1a/0x30 [ 14.026894] ? kasan_atomics+0x152/0x310 [ 14.026918] kasan_atomics+0x1dc/0x310 [ 14.026938] ? __pfx_kasan_atomics+0x10/0x10 [ 14.026960] ? __pfx_read_tsc+0x10/0x10 [ 14.026982] ? ktime_get_ts64+0x86/0x230 [ 14.027058] kunit_try_run_case+0x1a5/0x480 [ 14.027082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.027104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.027130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.027155] ? __kthread_parkme+0x82/0x180 [ 14.027176] ? preempt_count_sub+0x50/0x80 [ 14.027201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.027223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.027248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.027273] kthread+0x337/0x6f0 [ 14.027293] ? trace_preempt_on+0x20/0xc0 [ 14.027318] ? __pfx_kthread+0x10/0x10 [ 14.027339] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.027363] ? calculate_sigpending+0x7b/0xa0 [ 14.027401] ? __pfx_kthread+0x10/0x10 [ 14.027424] ret_from_fork+0x116/0x1d0 [ 14.027444] ? __pfx_kthread+0x10/0x10 [ 14.027466] ret_from_fork_asm+0x1a/0x30 [ 14.027497] </TASK> [ 14.027508] [ 14.042198] Allocated by task 283: [ 14.042437] kasan_save_stack+0x45/0x70 [ 14.042592] kasan_save_track+0x18/0x40 [ 14.042746] kasan_save_alloc_info+0x3b/0x50 [ 14.043126] __kasan_kmalloc+0xb7/0xc0 [ 14.043545] __kmalloc_cache_noprof+0x189/0x420 [ 14.044070] kasan_atomics+0x95/0x310 [ 14.044532] kunit_try_run_case+0x1a5/0x480 [ 14.044949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.045534] kthread+0x337/0x6f0 [ 14.045671] ret_from_fork+0x116/0x1d0 [ 14.045871] ret_from_fork_asm+0x1a/0x30 [ 14.046428] [ 14.046602] The buggy address belongs to the object at ffff8881039bd780 [ 14.046602] which belongs to the cache kmalloc-64 of size 64 [ 14.047751] The buggy address is located 0 bytes to the right of [ 14.047751] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.048691] [ 14.048768] The buggy address belongs to the physical page: [ 14.049487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.050388] flags: 0x200000000000000(node=0|zone=2) [ 14.050737] page_type: f5(slab) [ 14.050874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.051189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.051883] page dumped because: kasan: bad access detected [ 14.052484] [ 14.052650] Memory state around the buggy address: [ 14.053184] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053594] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053995] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.054876] ^ [ 14.055339] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.055905] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.056438] ================================================================== [ 14.723693] ================================================================== [ 14.724403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.725043] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.725298] [ 14.725490] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.725537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.725550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.725573] Call Trace: [ 14.725590] <TASK> [ 14.725607] dump_stack_lvl+0x73/0xb0 [ 14.725634] print_report+0xd1/0x650 [ 14.725657] ? __virt_addr_valid+0x1db/0x2d0 [ 14.725680] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.725723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.725747] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.725771] kasan_report+0x141/0x180 [ 14.725795] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.725822] kasan_check_range+0x10c/0x1c0 [ 14.725847] __kasan_check_write+0x18/0x20 [ 14.725867] kasan_atomics_helper+0x1f43/0x5450 [ 14.725891] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.725914] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.725935] ? ret_from_fork_asm+0x1a/0x30 [ 14.725957] ? kasan_atomics+0x152/0x310 [ 14.725980] kasan_atomics+0x1dc/0x310 [ 14.726000] ? __pfx_kasan_atomics+0x10/0x10 [ 14.726022] ? __pfx_read_tsc+0x10/0x10 [ 14.726058] ? ktime_get_ts64+0x86/0x230 [ 14.726083] kunit_try_run_case+0x1a5/0x480 [ 14.726106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.726127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.726153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.726179] ? __kthread_parkme+0x82/0x180 [ 14.726200] ? preempt_count_sub+0x50/0x80 [ 14.726224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.726246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.726270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.726296] kthread+0x337/0x6f0 [ 14.726316] ? trace_preempt_on+0x20/0xc0 [ 14.726341] ? __pfx_kthread+0x10/0x10 [ 14.726362] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.726397] ? calculate_sigpending+0x7b/0xa0 [ 14.726421] ? __pfx_kthread+0x10/0x10 [ 14.726444] ret_from_fork+0x116/0x1d0 [ 14.726463] ? __pfx_kthread+0x10/0x10 [ 14.726484] ret_from_fork_asm+0x1a/0x30 [ 14.726516] </TASK> [ 14.726527] [ 14.739647] Allocated by task 283: [ 14.740019] kasan_save_stack+0x45/0x70 [ 14.740404] kasan_save_track+0x18/0x40 [ 14.740768] kasan_save_alloc_info+0x3b/0x50 [ 14.741156] __kasan_kmalloc+0xb7/0xc0 [ 14.741524] __kmalloc_cache_noprof+0x189/0x420 [ 14.741780] kasan_atomics+0x95/0x310 [ 14.742119] kunit_try_run_case+0x1a5/0x480 [ 14.742421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.742600] kthread+0x337/0x6f0 [ 14.742748] ret_from_fork+0x116/0x1d0 [ 14.743085] ret_from_fork_asm+0x1a/0x30 [ 14.743447] [ 14.743606] The buggy address belongs to the object at ffff8881039bd780 [ 14.743606] which belongs to the cache kmalloc-64 of size 64 [ 14.744783] The buggy address is located 0 bytes to the right of [ 14.744783] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.745425] [ 14.745501] The buggy address belongs to the physical page: [ 14.745677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.746421] flags: 0x200000000000000(node=0|zone=2) [ 14.746895] page_type: f5(slab) [ 14.747228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.747930] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.748600] page dumped because: kasan: bad access detected [ 14.749089] [ 14.749168] Memory state around the buggy address: [ 14.749328] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.749565] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.749869] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.750824] ^ [ 14.751319] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752037] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.752671] ================================================================== [ 14.138249] ================================================================== [ 14.138652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.139539] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.139976] [ 14.140164] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.140213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.140227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.140250] Call Trace: [ 14.140266] <TASK> [ 14.140282] dump_stack_lvl+0x73/0xb0 [ 14.140311] print_report+0xd1/0x650 [ 14.140335] ? __virt_addr_valid+0x1db/0x2d0 [ 14.140357] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.140394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.140419] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.140442] kasan_report+0x141/0x180 [ 14.140465] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.140493] __asan_report_load4_noabort+0x18/0x20 [ 14.140514] kasan_atomics_helper+0x49e8/0x5450 [ 14.140538] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.140561] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.140582] ? ret_from_fork_asm+0x1a/0x30 [ 14.140605] ? kasan_atomics+0x152/0x310 [ 14.140628] kasan_atomics+0x1dc/0x310 [ 14.140648] ? __pfx_kasan_atomics+0x10/0x10 [ 14.140669] ? __pfx_read_tsc+0x10/0x10 [ 14.140691] ? ktime_get_ts64+0x86/0x230 [ 14.140726] kunit_try_run_case+0x1a5/0x480 [ 14.140747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.140768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.140793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.140818] ? __kthread_parkme+0x82/0x180 [ 14.140839] ? preempt_count_sub+0x50/0x80 [ 14.140864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.140885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.140936] kthread+0x337/0x6f0 [ 14.140956] ? trace_preempt_on+0x20/0xc0 [ 14.140980] ? __pfx_kthread+0x10/0x10 [ 14.141049] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.141077] ? calculate_sigpending+0x7b/0xa0 [ 14.141101] ? __pfx_kthread+0x10/0x10 [ 14.141123] ret_from_fork+0x116/0x1d0 [ 14.141144] ? __pfx_kthread+0x10/0x10 [ 14.141165] ret_from_fork_asm+0x1a/0x30 [ 14.141196] </TASK> [ 14.141208] [ 14.152135] Allocated by task 283: [ 14.152336] kasan_save_stack+0x45/0x70 [ 14.152553] kasan_save_track+0x18/0x40 [ 14.152773] kasan_save_alloc_info+0x3b/0x50 [ 14.152938] __kasan_kmalloc+0xb7/0xc0 [ 14.153087] __kmalloc_cache_noprof+0x189/0x420 [ 14.153309] kasan_atomics+0x95/0x310 [ 14.153665] kunit_try_run_case+0x1a5/0x480 [ 14.153924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.154249] kthread+0x337/0x6f0 [ 14.154430] ret_from_fork+0x116/0x1d0 [ 14.154569] ret_from_fork_asm+0x1a/0x30 [ 14.154769] [ 14.155509] The buggy address belongs to the object at ffff8881039bd780 [ 14.155509] which belongs to the cache kmalloc-64 of size 64 [ 14.156161] The buggy address is located 0 bytes to the right of [ 14.156161] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.156941] [ 14.157189] The buggy address belongs to the physical page: [ 14.157734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.158298] flags: 0x200000000000000(node=0|zone=2) [ 14.158637] page_type: f5(slab) [ 14.158910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.159725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.159967] page dumped because: kasan: bad access detected [ 14.160577] [ 14.160772] Memory state around the buggy address: [ 14.161282] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.161916] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.162484] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.162869] ^ [ 14.163095] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.163753] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.164057] ================================================================== [ 13.717176] ================================================================== [ 13.717546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.717922] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.718434] [ 13.718548] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.718597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.718610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.718633] Call Trace: [ 13.718650] <TASK> [ 13.718667] dump_stack_lvl+0x73/0xb0 [ 13.718695] print_report+0xd1/0x650 [ 13.718718] ? __virt_addr_valid+0x1db/0x2d0 [ 13.718741] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.718786] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718809] kasan_report+0x141/0x180 [ 13.718832] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.718881] kasan_check_range+0x10c/0x1c0 [ 13.718906] __kasan_check_write+0x18/0x20 [ 13.718928] kasan_atomics_helper+0x8f9/0x5450 [ 13.718952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.718975] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.719068] ? ret_from_fork_asm+0x1a/0x30 [ 13.719092] ? kasan_atomics+0x152/0x310 [ 13.719115] kasan_atomics+0x1dc/0x310 [ 13.719135] ? __pfx_kasan_atomics+0x10/0x10 [ 13.719156] ? __pfx_read_tsc+0x10/0x10 [ 13.719177] ? ktime_get_ts64+0x86/0x230 [ 13.719202] kunit_try_run_case+0x1a5/0x480 [ 13.719224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.719244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.719269] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.719294] ? __kthread_parkme+0x82/0x180 [ 13.719315] ? preempt_count_sub+0x50/0x80 [ 13.719339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.719360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.719395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.719421] kthread+0x337/0x6f0 [ 13.719440] ? trace_preempt_on+0x20/0xc0 [ 13.719463] ? __pfx_kthread+0x10/0x10 [ 13.719485] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.719509] ? calculate_sigpending+0x7b/0xa0 [ 13.719532] ? __pfx_kthread+0x10/0x10 [ 13.719554] ret_from_fork+0x116/0x1d0 [ 13.719574] ? __pfx_kthread+0x10/0x10 [ 13.719596] ret_from_fork_asm+0x1a/0x30 [ 13.719627] </TASK> [ 13.719638] [ 13.727938] Allocated by task 283: [ 13.728131] kasan_save_stack+0x45/0x70 [ 13.728341] kasan_save_track+0x18/0x40 [ 13.728548] kasan_save_alloc_info+0x3b/0x50 [ 13.728715] __kasan_kmalloc+0xb7/0xc0 [ 13.728849] __kmalloc_cache_noprof+0x189/0x420 [ 13.729001] kasan_atomics+0x95/0x310 [ 13.729170] kunit_try_run_case+0x1a5/0x480 [ 13.729434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.729727] kthread+0x337/0x6f0 [ 13.729889] ret_from_fork+0x116/0x1d0 [ 13.730201] ret_from_fork_asm+0x1a/0x30 [ 13.730354] [ 13.730471] The buggy address belongs to the object at ffff8881039bd780 [ 13.730471] which belongs to the cache kmalloc-64 of size 64 [ 13.731118] The buggy address is located 0 bytes to the right of [ 13.731118] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.731718] [ 13.731817] The buggy address belongs to the physical page: [ 13.732076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.732343] flags: 0x200000000000000(node=0|zone=2) [ 13.732589] page_type: f5(slab) [ 13.732780] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.733188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.733509] page dumped because: kasan: bad access detected [ 13.733753] [ 13.733822] Memory state around the buggy address: [ 13.733975] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.734248] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.734584] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.734910] ^ [ 13.735145] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.735440] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.735729] ================================================================== [ 13.775659] ================================================================== [ 13.776012] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 13.776288] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.776718] [ 13.776835] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.776879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.776892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.776914] Call Trace: [ 13.776930] <TASK> [ 13.776945] dump_stack_lvl+0x73/0xb0 [ 13.776974] print_report+0xd1/0x650 [ 13.777168] ? __virt_addr_valid+0x1db/0x2d0 [ 13.777195] ? kasan_atomics_helper+0xac7/0x5450 [ 13.777218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.777241] ? kasan_atomics_helper+0xac7/0x5450 [ 13.777265] kasan_report+0x141/0x180 [ 13.777288] ? kasan_atomics_helper+0xac7/0x5450 [ 13.777316] kasan_check_range+0x10c/0x1c0 [ 13.777341] __kasan_check_write+0x18/0x20 [ 13.777362] kasan_atomics_helper+0xac7/0x5450 [ 13.777400] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.777424] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.777445] ? ret_from_fork_asm+0x1a/0x30 [ 13.777467] ? kasan_atomics+0x152/0x310 [ 13.777491] kasan_atomics+0x1dc/0x310 [ 13.777511] ? __pfx_kasan_atomics+0x10/0x10 [ 13.777533] ? __pfx_read_tsc+0x10/0x10 [ 13.777554] ? ktime_get_ts64+0x86/0x230 [ 13.777581] kunit_try_run_case+0x1a5/0x480 [ 13.777602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.777649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.777675] ? __kthread_parkme+0x82/0x180 [ 13.777716] ? preempt_count_sub+0x50/0x80 [ 13.777742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.777764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.777789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.777814] kthread+0x337/0x6f0 [ 13.777836] ? trace_preempt_on+0x20/0xc0 [ 13.777860] ? __pfx_kthread+0x10/0x10 [ 13.777882] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.777906] ? calculate_sigpending+0x7b/0xa0 [ 13.777930] ? __pfx_kthread+0x10/0x10 [ 13.777953] ret_from_fork+0x116/0x1d0 [ 13.777973] ? __pfx_kthread+0x10/0x10 [ 13.778112] ret_from_fork_asm+0x1a/0x30 [ 13.778147] </TASK> [ 13.778159] [ 13.786265] Allocated by task 283: [ 13.786461] kasan_save_stack+0x45/0x70 [ 13.786633] kasan_save_track+0x18/0x40 [ 13.786860] kasan_save_alloc_info+0x3b/0x50 [ 13.787241] __kasan_kmalloc+0xb7/0xc0 [ 13.787445] __kmalloc_cache_noprof+0x189/0x420 [ 13.787602] kasan_atomics+0x95/0x310 [ 13.787784] kunit_try_run_case+0x1a5/0x480 [ 13.788102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788370] kthread+0x337/0x6f0 [ 13.788550] ret_from_fork+0x116/0x1d0 [ 13.788684] ret_from_fork_asm+0x1a/0x30 [ 13.788907] [ 13.789105] The buggy address belongs to the object at ffff8881039bd780 [ 13.789105] which belongs to the cache kmalloc-64 of size 64 [ 13.789589] The buggy address is located 0 bytes to the right of [ 13.789589] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.790200] [ 13.790277] The buggy address belongs to the physical page: [ 13.790553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.790903] flags: 0x200000000000000(node=0|zone=2) [ 13.791288] page_type: f5(slab) [ 13.791477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.791757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.792183] page dumped because: kasan: bad access detected [ 13.792412] [ 13.792484] Memory state around the buggy address: [ 13.792716] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.793137] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.793360] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.793692] ^ [ 13.793944] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794338] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794585] ================================================================== [ 13.919749] ================================================================== [ 13.919981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 13.920299] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.920997] [ 13.921180] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.921259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.921274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.921296] Call Trace: [ 13.921322] <TASK> [ 13.921338] dump_stack_lvl+0x73/0xb0 [ 13.921367] print_report+0xd1/0x650 [ 13.921401] ? __virt_addr_valid+0x1db/0x2d0 [ 13.921424] ? kasan_atomics_helper+0xf10/0x5450 [ 13.921446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.921470] ? kasan_atomics_helper+0xf10/0x5450 [ 13.921493] kasan_report+0x141/0x180 [ 13.921517] ? kasan_atomics_helper+0xf10/0x5450 [ 13.921543] kasan_check_range+0x10c/0x1c0 [ 13.921569] __kasan_check_write+0x18/0x20 [ 13.921588] kasan_atomics_helper+0xf10/0x5450 [ 13.921612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.921635] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.921673] ? ret_from_fork_asm+0x1a/0x30 [ 13.921695] ? kasan_atomics+0x152/0x310 [ 13.921719] kasan_atomics+0x1dc/0x310 [ 13.921738] ? __pfx_kasan_atomics+0x10/0x10 [ 13.921759] ? __pfx_read_tsc+0x10/0x10 [ 13.921780] ? ktime_get_ts64+0x86/0x230 [ 13.921805] kunit_try_run_case+0x1a5/0x480 [ 13.921827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.921847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.921873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.921898] ? __kthread_parkme+0x82/0x180 [ 13.921919] ? preempt_count_sub+0x50/0x80 [ 13.921943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.921965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.921990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.922015] kthread+0x337/0x6f0 [ 13.922041] ? trace_preempt_on+0x20/0xc0 [ 13.922066] ? __pfx_kthread+0x10/0x10 [ 13.922087] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.922111] ? calculate_sigpending+0x7b/0xa0 [ 13.922135] ? __pfx_kthread+0x10/0x10 [ 13.922157] ret_from_fork+0x116/0x1d0 [ 13.922176] ? __pfx_kthread+0x10/0x10 [ 13.922197] ret_from_fork_asm+0x1a/0x30 [ 13.922227] </TASK> [ 13.922239] [ 13.938061] Allocated by task 283: [ 13.938328] kasan_save_stack+0x45/0x70 [ 13.938628] kasan_save_track+0x18/0x40 [ 13.938791] kasan_save_alloc_info+0x3b/0x50 [ 13.938941] __kasan_kmalloc+0xb7/0xc0 [ 13.939145] __kmalloc_cache_noprof+0x189/0x420 [ 13.939648] kasan_atomics+0x95/0x310 [ 13.940291] kunit_try_run_case+0x1a5/0x480 [ 13.940719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.941282] kthread+0x337/0x6f0 [ 13.941428] ret_from_fork+0x116/0x1d0 [ 13.941565] ret_from_fork_asm+0x1a/0x30 [ 13.941708] [ 13.941880] The buggy address belongs to the object at ffff8881039bd780 [ 13.941880] which belongs to the cache kmalloc-64 of size 64 [ 13.943059] The buggy address is located 0 bytes to the right of [ 13.943059] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.944353] [ 13.944684] The buggy address belongs to the physical page: [ 13.944975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.945473] flags: 0x200000000000000(node=0|zone=2) [ 13.945644] page_type: f5(slab) [ 13.945790] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.946577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.947406] page dumped because: kasan: bad access detected [ 13.947997] [ 13.948358] Memory state around the buggy address: [ 13.948862] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949477] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949893] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.950342] ^ [ 13.950807] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951434] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951655] ================================================================== [ 13.972624] ================================================================== [ 13.972858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 13.973150] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.973742] [ 13.973863] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.973910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.973923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.973945] Call Trace: [ 13.973960] <TASK> [ 13.973975] dump_stack_lvl+0x73/0xb0 [ 13.974002] print_report+0xd1/0x650 [ 13.974030] ? __virt_addr_valid+0x1db/0x2d0 [ 13.974053] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.974076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.974100] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.974188] kasan_report+0x141/0x180 [ 13.974212] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.974241] __asan_report_load4_noabort+0x18/0x20 [ 13.974263] kasan_atomics_helper+0x4a36/0x5450 [ 13.974287] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.974310] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.974331] ? ret_from_fork_asm+0x1a/0x30 [ 13.974354] ? kasan_atomics+0x152/0x310 [ 13.974390] kasan_atomics+0x1dc/0x310 [ 13.974410] ? __pfx_kasan_atomics+0x10/0x10 [ 13.974432] ? __pfx_read_tsc+0x10/0x10 [ 13.974453] ? ktime_get_ts64+0x86/0x230 [ 13.974478] kunit_try_run_case+0x1a5/0x480 [ 13.974501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.974547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.974572] ? __kthread_parkme+0x82/0x180 [ 13.974593] ? preempt_count_sub+0x50/0x80 [ 13.974618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.974665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.974690] kthread+0x337/0x6f0 [ 13.974710] ? trace_preempt_on+0x20/0xc0 [ 13.974743] ? __pfx_kthread+0x10/0x10 [ 13.974765] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.974789] ? calculate_sigpending+0x7b/0xa0 [ 13.974813] ? __pfx_kthread+0x10/0x10 [ 13.974835] ret_from_fork+0x116/0x1d0 [ 13.974854] ? __pfx_kthread+0x10/0x10 [ 13.974875] ret_from_fork_asm+0x1a/0x30 [ 13.974905] </TASK> [ 13.974916] [ 13.983662] Allocated by task 283: [ 13.983973] kasan_save_stack+0x45/0x70 [ 13.984254] kasan_save_track+0x18/0x40 [ 13.984431] kasan_save_alloc_info+0x3b/0x50 [ 13.984646] __kasan_kmalloc+0xb7/0xc0 [ 13.984855] __kmalloc_cache_noprof+0x189/0x420 [ 13.985225] kasan_atomics+0x95/0x310 [ 13.985370] kunit_try_run_case+0x1a5/0x480 [ 13.985529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.985821] kthread+0x337/0x6f0 [ 13.986111] ret_from_fork+0x116/0x1d0 [ 13.986279] ret_from_fork_asm+0x1a/0x30 [ 13.986438] [ 13.986511] The buggy address belongs to the object at ffff8881039bd780 [ 13.986511] which belongs to the cache kmalloc-64 of size 64 [ 13.987161] The buggy address is located 0 bytes to the right of [ 13.987161] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.987618] [ 13.987695] The buggy address belongs to the physical page: [ 13.987871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.988222] flags: 0x200000000000000(node=0|zone=2) [ 13.988481] page_type: f5(slab) [ 13.988786] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.989168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.989407] page dumped because: kasan: bad access detected [ 13.989578] [ 13.989648] Memory state around the buggy address: [ 13.989803] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.990571] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.991220] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.991579] ^ [ 13.992563] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.992915] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.993806] ================================================================== [ 14.247979] ================================================================== [ 14.248473] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.248713] Read of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.249040] [ 14.251085] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.251154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.251170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.251193] Call Trace: [ 14.251207] <TASK> [ 14.251224] dump_stack_lvl+0x73/0xb0 [ 14.251254] print_report+0xd1/0x650 [ 14.251277] ? __virt_addr_valid+0x1db/0x2d0 [ 14.251300] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.251323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.251348] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.251371] kasan_report+0x141/0x180 [ 14.251407] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.251436] __asan_report_load8_noabort+0x18/0x20 [ 14.251459] kasan_atomics_helper+0x4eae/0x5450 [ 14.251484] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.251508] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.251529] ? ret_from_fork_asm+0x1a/0x30 [ 14.251551] ? kasan_atomics+0x152/0x310 [ 14.251574] kasan_atomics+0x1dc/0x310 [ 14.251594] ? __pfx_kasan_atomics+0x10/0x10 [ 14.251615] ? __pfx_read_tsc+0x10/0x10 [ 14.251637] ? ktime_get_ts64+0x86/0x230 [ 14.251662] kunit_try_run_case+0x1a5/0x480 [ 14.251685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.251726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.251752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.251777] ? __kthread_parkme+0x82/0x180 [ 14.251798] ? preempt_count_sub+0x50/0x80 [ 14.251822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.251843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.251868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.251893] kthread+0x337/0x6f0 [ 14.251913] ? trace_preempt_on+0x20/0xc0 [ 14.251937] ? __pfx_kthread+0x10/0x10 [ 14.251958] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.251982] ? calculate_sigpending+0x7b/0xa0 [ 14.252023] ? __pfx_kthread+0x10/0x10 [ 14.252045] ret_from_fork+0x116/0x1d0 [ 14.252064] ? __pfx_kthread+0x10/0x10 [ 14.252086] ret_from_fork_asm+0x1a/0x30 [ 14.252117] </TASK> [ 14.252128] [ 14.263178] Allocated by task 283: [ 14.263399] kasan_save_stack+0x45/0x70 [ 14.263647] kasan_save_track+0x18/0x40 [ 14.263877] kasan_save_alloc_info+0x3b/0x50 [ 14.264035] __kasan_kmalloc+0xb7/0xc0 [ 14.264366] __kmalloc_cache_noprof+0x189/0x420 [ 14.264887] kasan_atomics+0x95/0x310 [ 14.265255] kunit_try_run_case+0x1a5/0x480 [ 14.265460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.265713] kthread+0x337/0x6f0 [ 14.265971] ret_from_fork+0x116/0x1d0 [ 14.266173] ret_from_fork_asm+0x1a/0x30 [ 14.266385] [ 14.266485] The buggy address belongs to the object at ffff8881039bd780 [ 14.266485] which belongs to the cache kmalloc-64 of size 64 [ 14.266996] The buggy address is located 0 bytes to the right of [ 14.266996] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.267624] [ 14.267721] The buggy address belongs to the physical page: [ 14.268003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.268404] flags: 0x200000000000000(node=0|zone=2) [ 14.268869] page_type: f5(slab) [ 14.269080] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.269487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.269899] page dumped because: kasan: bad access detected [ 14.270322] [ 14.270431] Memory state around the buggy address: [ 14.270727] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271175] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.271523] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.271838] ^ [ 14.272101] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.272550] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.273122] ================================================================== [ 13.479072] ================================================================== [ 13.479507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.479745] Read of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.480166] [ 13.480273] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.480317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.480329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.480349] Call Trace: [ 13.480362] <TASK> [ 13.480386] dump_stack_lvl+0x73/0xb0 [ 13.480412] print_report+0xd1/0x650 [ 13.480435] ? __virt_addr_valid+0x1db/0x2d0 [ 13.480458] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.480480] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.480504] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.480526] kasan_report+0x141/0x180 [ 13.480549] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.480576] __asan_report_load4_noabort+0x18/0x20 [ 13.480597] kasan_atomics_helper+0x4b88/0x5450 [ 13.480620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.480643] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.480662] ? ret_from_fork_asm+0x1a/0x30 [ 13.480747] ? kasan_atomics+0x152/0x310 [ 13.480770] kasan_atomics+0x1dc/0x310 [ 13.480790] ? __pfx_kasan_atomics+0x10/0x10 [ 13.480811] ? __pfx_read_tsc+0x10/0x10 [ 13.480831] ? ktime_get_ts64+0x86/0x230 [ 13.480855] kunit_try_run_case+0x1a5/0x480 [ 13.480877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.480897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.480921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.480946] ? __kthread_parkme+0x82/0x180 [ 13.480967] ? preempt_count_sub+0x50/0x80 [ 13.480990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.481011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.481035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.481060] kthread+0x337/0x6f0 [ 13.481079] ? trace_preempt_on+0x20/0xc0 [ 13.481102] ? __pfx_kthread+0x10/0x10 [ 13.481124] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.481146] ? calculate_sigpending+0x7b/0xa0 [ 13.481183] ? __pfx_kthread+0x10/0x10 [ 13.481204] ret_from_fork+0x116/0x1d0 [ 13.481222] ? __pfx_kthread+0x10/0x10 [ 13.481242] ret_from_fork_asm+0x1a/0x30 [ 13.481272] </TASK> [ 13.481282] [ 13.489729] Allocated by task 283: [ 13.489882] kasan_save_stack+0x45/0x70 [ 13.490090] kasan_save_track+0x18/0x40 [ 13.490417] kasan_save_alloc_info+0x3b/0x50 [ 13.490629] __kasan_kmalloc+0xb7/0xc0 [ 13.491198] __kmalloc_cache_noprof+0x189/0x420 [ 13.491436] kasan_atomics+0x95/0x310 [ 13.491571] kunit_try_run_case+0x1a5/0x480 [ 13.491717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.491907] kthread+0x337/0x6f0 [ 13.492206] ret_from_fork+0x116/0x1d0 [ 13.492419] ret_from_fork_asm+0x1a/0x30 [ 13.492623] [ 13.492719] The buggy address belongs to the object at ffff8881039bd780 [ 13.492719] which belongs to the cache kmalloc-64 of size 64 [ 13.493367] The buggy address is located 0 bytes to the right of [ 13.493367] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.493949] [ 13.494111] The buggy address belongs to the physical page: [ 13.494290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.494601] flags: 0x200000000000000(node=0|zone=2) [ 13.494838] page_type: f5(slab) [ 13.495005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.495533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.495895] page dumped because: kasan: bad access detected [ 13.496234] [ 13.496318] Memory state around the buggy address: [ 13.496524] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.496792] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.497120] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.497596] ^ [ 13.497843] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.498160] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.498482] ================================================================== [ 14.411119] ================================================================== [ 14.411434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.411709] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.412237] [ 14.412360] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.412422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.412435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.412458] Call Trace: [ 14.412471] <TASK> [ 14.412486] dump_stack_lvl+0x73/0xb0 [ 14.413058] print_report+0xd1/0x650 [ 14.413083] ? __virt_addr_valid+0x1db/0x2d0 [ 14.413107] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.413129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.413153] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.413176] kasan_report+0x141/0x180 [ 14.413200] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.413227] kasan_check_range+0x10c/0x1c0 [ 14.413251] __kasan_check_write+0x18/0x20 [ 14.413273] kasan_atomics_helper+0x16e7/0x5450 [ 14.413297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.413321] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.413341] ? ret_from_fork_asm+0x1a/0x30 [ 14.413362] ? kasan_atomics+0x152/0x310 [ 14.413399] kasan_atomics+0x1dc/0x310 [ 14.413419] ? __pfx_kasan_atomics+0x10/0x10 [ 14.413441] ? __pfx_read_tsc+0x10/0x10 [ 14.413462] ? ktime_get_ts64+0x86/0x230 [ 14.413487] kunit_try_run_case+0x1a5/0x480 [ 14.413509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.413555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.413579] ? __kthread_parkme+0x82/0x180 [ 14.413600] ? preempt_count_sub+0x50/0x80 [ 14.413624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.413646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.413670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.413695] kthread+0x337/0x6f0 [ 14.413723] ? trace_preempt_on+0x20/0xc0 [ 14.413747] ? __pfx_kthread+0x10/0x10 [ 14.413769] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.413792] ? calculate_sigpending+0x7b/0xa0 [ 14.413816] ? __pfx_kthread+0x10/0x10 [ 14.413838] ret_from_fork+0x116/0x1d0 [ 14.413857] ? __pfx_kthread+0x10/0x10 [ 14.413878] ret_from_fork_asm+0x1a/0x30 [ 14.413908] </TASK> [ 14.413920] [ 14.424722] Allocated by task 283: [ 14.424926] kasan_save_stack+0x45/0x70 [ 14.425125] kasan_save_track+0x18/0x40 [ 14.425309] kasan_save_alloc_info+0x3b/0x50 [ 14.425514] __kasan_kmalloc+0xb7/0xc0 [ 14.425692] __kmalloc_cache_noprof+0x189/0x420 [ 14.425880] kasan_atomics+0x95/0x310 [ 14.426076] kunit_try_run_case+0x1a5/0x480 [ 14.426264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.427023] kthread+0x337/0x6f0 [ 14.427180] ret_from_fork+0x116/0x1d0 [ 14.427523] ret_from_fork_asm+0x1a/0x30 [ 14.427815] [ 14.427921] The buggy address belongs to the object at ffff8881039bd780 [ 14.427921] which belongs to the cache kmalloc-64 of size 64 [ 14.428599] The buggy address is located 0 bytes to the right of [ 14.428599] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.429321] [ 14.429413] The buggy address belongs to the physical page: [ 14.429815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.430245] flags: 0x200000000000000(node=0|zone=2) [ 14.430483] page_type: f5(slab) [ 14.430859] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.431206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.431609] page dumped because: kasan: bad access detected [ 14.432029] [ 14.432154] Memory state around the buggy address: [ 14.432482] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.432913] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.433311] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.433731] ^ [ 14.434136] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.434529] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.434993] ================================================================== [ 14.772749] ================================================================== [ 14.773168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.773420] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.774110] [ 14.774219] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.774261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.774275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.774295] Call Trace: [ 14.774313] <TASK> [ 14.774330] dump_stack_lvl+0x73/0xb0 [ 14.774357] print_report+0xd1/0x650 [ 14.774404] ? __virt_addr_valid+0x1db/0x2d0 [ 14.774428] ? kasan_atomics_helper+0x2006/0x5450 [ 14.774462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.774486] ? kasan_atomics_helper+0x2006/0x5450 [ 14.774509] kasan_report+0x141/0x180 [ 14.774541] ? kasan_atomics_helper+0x2006/0x5450 [ 14.774569] kasan_check_range+0x10c/0x1c0 [ 14.774605] __kasan_check_write+0x18/0x20 [ 14.774625] kasan_atomics_helper+0x2006/0x5450 [ 14.774649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.774674] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.774695] ? ret_from_fork_asm+0x1a/0x30 [ 14.774724] ? kasan_atomics+0x152/0x310 [ 14.774749] kasan_atomics+0x1dc/0x310 [ 14.774768] ? __pfx_kasan_atomics+0x10/0x10 [ 14.774790] ? __pfx_read_tsc+0x10/0x10 [ 14.774812] ? ktime_get_ts64+0x86/0x230 [ 14.774838] kunit_try_run_case+0x1a5/0x480 [ 14.774860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.774891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.774920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.774947] ? __kthread_parkme+0x82/0x180 [ 14.774978] ? preempt_count_sub+0x50/0x80 [ 14.775003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.775024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.775057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.775083] kthread+0x337/0x6f0 [ 14.775102] ? trace_preempt_on+0x20/0xc0 [ 14.775137] ? __pfx_kthread+0x10/0x10 [ 14.775159] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.775182] ? calculate_sigpending+0x7b/0xa0 [ 14.775207] ? __pfx_kthread+0x10/0x10 [ 14.775238] ret_from_fork+0x116/0x1d0 [ 14.775257] ? __pfx_kthread+0x10/0x10 [ 14.775279] ret_from_fork_asm+0x1a/0x30 [ 14.775320] </TASK> [ 14.775331] [ 14.783669] Allocated by task 283: [ 14.783869] kasan_save_stack+0x45/0x70 [ 14.784092] kasan_save_track+0x18/0x40 [ 14.784303] kasan_save_alloc_info+0x3b/0x50 [ 14.784500] __kasan_kmalloc+0xb7/0xc0 [ 14.784709] __kmalloc_cache_noprof+0x189/0x420 [ 14.784920] kasan_atomics+0x95/0x310 [ 14.785136] kunit_try_run_case+0x1a5/0x480 [ 14.785341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.785548] kthread+0x337/0x6f0 [ 14.785674] ret_from_fork+0x116/0x1d0 [ 14.785807] ret_from_fork_asm+0x1a/0x30 [ 14.785946] [ 14.786017] The buggy address belongs to the object at ffff8881039bd780 [ 14.786017] which belongs to the cache kmalloc-64 of size 64 [ 14.786471] The buggy address is located 0 bytes to the right of [ 14.786471] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.787047] [ 14.787145] The buggy address belongs to the physical page: [ 14.787364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.787617] flags: 0x200000000000000(node=0|zone=2) [ 14.787779] page_type: f5(slab) [ 14.787898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.788310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.788659] page dumped because: kasan: bad access detected [ 14.789209] [ 14.789305] Memory state around the buggy address: [ 14.789545] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.790059] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.790337] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.790564] ^ [ 14.790879] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.791283] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.791636] ================================================================== [ 14.851715] ================================================================== [ 14.852271] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.852635] Write of size 8 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 14.852976] [ 14.853082] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 14.853125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.853139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.853191] Call Trace: [ 14.853210] <TASK> [ 14.853226] dump_stack_lvl+0x73/0xb0 [ 14.853265] print_report+0xd1/0x650 [ 14.853290] ? __virt_addr_valid+0x1db/0x2d0 [ 14.853313] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.853359] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853389] kasan_report+0x141/0x180 [ 14.853412] ? kasan_atomics_helper+0x218a/0x5450 [ 14.853440] kasan_check_range+0x10c/0x1c0 [ 14.853493] __kasan_check_write+0x18/0x20 [ 14.853514] kasan_atomics_helper+0x218a/0x5450 [ 14.853559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.853583] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.853631] ? ret_from_fork_asm+0x1a/0x30 [ 14.853653] ? kasan_atomics+0x152/0x310 [ 14.853688] kasan_atomics+0x1dc/0x310 [ 14.853709] ? __pfx_kasan_atomics+0x10/0x10 [ 14.853738] ? __pfx_read_tsc+0x10/0x10 [ 14.853760] ? ktime_get_ts64+0x86/0x230 [ 14.853787] kunit_try_run_case+0x1a5/0x480 [ 14.853836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.853857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.853884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.853945] ? __kthread_parkme+0x82/0x180 [ 14.853966] ? preempt_count_sub+0x50/0x80 [ 14.854000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.854022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.854053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.854079] kthread+0x337/0x6f0 [ 14.854099] ? trace_preempt_on+0x20/0xc0 [ 14.854123] ? __pfx_kthread+0x10/0x10 [ 14.854145] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.854169] ? calculate_sigpending+0x7b/0xa0 [ 14.854193] ? __pfx_kthread+0x10/0x10 [ 14.854215] ret_from_fork+0x116/0x1d0 [ 14.854235] ? __pfx_kthread+0x10/0x10 [ 14.854256] ret_from_fork_asm+0x1a/0x30 [ 14.854287] </TASK> [ 14.854298] [ 14.862693] Allocated by task 283: [ 14.862840] kasan_save_stack+0x45/0x70 [ 14.863090] kasan_save_track+0x18/0x40 [ 14.863293] kasan_save_alloc_info+0x3b/0x50 [ 14.863688] __kasan_kmalloc+0xb7/0xc0 [ 14.864010] __kmalloc_cache_noprof+0x189/0x420 [ 14.864303] kasan_atomics+0x95/0x310 [ 14.864516] kunit_try_run_case+0x1a5/0x480 [ 14.864665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.864842] kthread+0x337/0x6f0 [ 14.865077] ret_from_fork+0x116/0x1d0 [ 14.865274] ret_from_fork_asm+0x1a/0x30 [ 14.865481] [ 14.865579] The buggy address belongs to the object at ffff8881039bd780 [ 14.865579] which belongs to the cache kmalloc-64 of size 64 [ 14.866286] The buggy address is located 0 bytes to the right of [ 14.866286] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 14.866801] [ 14.866875] The buggy address belongs to the physical page: [ 14.867049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 14.867552] flags: 0x200000000000000(node=0|zone=2) [ 14.867874] page_type: f5(slab) [ 14.868090] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.868454] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.868798] page dumped because: kasan: bad access detected [ 14.869023] [ 14.869214] Memory state around the buggy address: [ 14.869443] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.869838] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.870144] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.870360] ^ [ 14.870529] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.870884] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.871231] ================================================================== [ 13.697830] ================================================================== [ 13.698400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.698744] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.699172] [ 13.699289] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.699333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.699346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.699368] Call Trace: [ 13.699394] <TASK> [ 13.699409] dump_stack_lvl+0x73/0xb0 [ 13.699438] print_report+0xd1/0x650 [ 13.699461] ? __virt_addr_valid+0x1db/0x2d0 [ 13.699485] ? kasan_atomics_helper+0x860/0x5450 [ 13.699507] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.699530] ? kasan_atomics_helper+0x860/0x5450 [ 13.699553] kasan_report+0x141/0x180 [ 13.699577] ? kasan_atomics_helper+0x860/0x5450 [ 13.699604] kasan_check_range+0x10c/0x1c0 [ 13.699628] __kasan_check_write+0x18/0x20 [ 13.699649] kasan_atomics_helper+0x860/0x5450 [ 13.699672] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.699694] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.699716] ? ret_from_fork_asm+0x1a/0x30 [ 13.699737] ? kasan_atomics+0x152/0x310 [ 13.699768] kasan_atomics+0x1dc/0x310 [ 13.699787] ? __pfx_kasan_atomics+0x10/0x10 [ 13.699809] ? __pfx_read_tsc+0x10/0x10 [ 13.699829] ? ktime_get_ts64+0x86/0x230 [ 13.699854] kunit_try_run_case+0x1a5/0x480 [ 13.699876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.699896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.699922] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.699949] ? __kthread_parkme+0x82/0x180 [ 13.699970] ? preempt_count_sub+0x50/0x80 [ 13.699993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.700015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.700039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.700064] kthread+0x337/0x6f0 [ 13.700084] ? trace_preempt_on+0x20/0xc0 [ 13.700108] ? __pfx_kthread+0x10/0x10 [ 13.700129] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.700153] ? calculate_sigpending+0x7b/0xa0 [ 13.700177] ? __pfx_kthread+0x10/0x10 [ 13.700199] ret_from_fork+0x116/0x1d0 [ 13.700218] ? __pfx_kthread+0x10/0x10 [ 13.700240] ret_from_fork_asm+0x1a/0x30 [ 13.700271] </TASK> [ 13.700282] [ 13.708617] Allocated by task 283: [ 13.708802] kasan_save_stack+0x45/0x70 [ 13.708954] kasan_save_track+0x18/0x40 [ 13.709163] kasan_save_alloc_info+0x3b/0x50 [ 13.709317] __kasan_kmalloc+0xb7/0xc0 [ 13.709508] __kmalloc_cache_noprof+0x189/0x420 [ 13.709730] kasan_atomics+0x95/0x310 [ 13.709935] kunit_try_run_case+0x1a5/0x480 [ 13.710342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.710625] kthread+0x337/0x6f0 [ 13.710777] ret_from_fork+0x116/0x1d0 [ 13.710937] ret_from_fork_asm+0x1a/0x30 [ 13.711211] [ 13.711309] The buggy address belongs to the object at ffff8881039bd780 [ 13.711309] which belongs to the cache kmalloc-64 of size 64 [ 13.711892] The buggy address is located 0 bytes to the right of [ 13.711892] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.712449] [ 13.712549] The buggy address belongs to the physical page: [ 13.712770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.713082] flags: 0x200000000000000(node=0|zone=2) [ 13.713305] page_type: f5(slab) [ 13.713452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.713762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.714090] page dumped because: kasan: bad access detected [ 13.714268] [ 13.714340] Memory state around the buggy address: [ 13.714727] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.715139] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.715480] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.715832] ^ [ 13.716132] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716455] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.716686] ================================================================== [ 13.873452] ================================================================== [ 13.873793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 13.874123] Write of size 4 at addr ffff8881039bd7b0 by task kunit_try_catch/283 [ 13.874416] [ 13.874508] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.874553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.874566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.874589] Call Trace: [ 13.874604] <TASK> [ 13.874620] dump_stack_lvl+0x73/0xb0 [ 13.874645] print_report+0xd1/0x650 [ 13.874670] ? __virt_addr_valid+0x1db/0x2d0 [ 13.874692] ? kasan_atomics_helper+0xde0/0x5450 [ 13.874714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.874737] ? kasan_atomics_helper+0xde0/0x5450 [ 13.874759] kasan_report+0x141/0x180 [ 13.874781] ? kasan_atomics_helper+0xde0/0x5450 [ 13.874808] kasan_check_range+0x10c/0x1c0 [ 13.874833] __kasan_check_write+0x18/0x20 [ 13.874852] kasan_atomics_helper+0xde0/0x5450 [ 13.874876] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.874899] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.874919] ? ret_from_fork_asm+0x1a/0x30 [ 13.874941] ? kasan_atomics+0x152/0x310 [ 13.874964] kasan_atomics+0x1dc/0x310 [ 13.874984] ? __pfx_kasan_atomics+0x10/0x10 [ 13.875005] ? __pfx_read_tsc+0x10/0x10 [ 13.875025] ? ktime_get_ts64+0x86/0x230 [ 13.875049] kunit_try_run_case+0x1a5/0x480 [ 13.875071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.875091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.875116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.875141] ? __kthread_parkme+0x82/0x180 [ 13.875162] ? preempt_count_sub+0x50/0x80 [ 13.875185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.875206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.875230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.875255] kthread+0x337/0x6f0 [ 13.875274] ? trace_preempt_on+0x20/0xc0 [ 13.875297] ? __pfx_kthread+0x10/0x10 [ 13.875318] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.875341] ? calculate_sigpending+0x7b/0xa0 [ 13.875365] ? __pfx_kthread+0x10/0x10 [ 13.875724] ret_from_fork+0x116/0x1d0 [ 13.875751] ? __pfx_kthread+0x10/0x10 [ 13.875774] ret_from_fork_asm+0x1a/0x30 [ 13.875805] </TASK> [ 13.875816] [ 13.884271] Allocated by task 283: [ 13.884475] kasan_save_stack+0x45/0x70 [ 13.884686] kasan_save_track+0x18/0x40 [ 13.884883] kasan_save_alloc_info+0x3b/0x50 [ 13.885040] __kasan_kmalloc+0xb7/0xc0 [ 13.885176] __kmalloc_cache_noprof+0x189/0x420 [ 13.885410] kasan_atomics+0x95/0x310 [ 13.885599] kunit_try_run_case+0x1a5/0x480 [ 13.885805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886019] kthread+0x337/0x6f0 [ 13.886168] ret_from_fork+0x116/0x1d0 [ 13.886354] ret_from_fork_asm+0x1a/0x30 [ 13.886597] [ 13.886715] The buggy address belongs to the object at ffff8881039bd780 [ 13.886715] which belongs to the cache kmalloc-64 of size 64 [ 13.887298] The buggy address is located 0 bytes to the right of [ 13.887298] allocated 48-byte region [ffff8881039bd780, ffff8881039bd7b0) [ 13.887933] [ 13.888117] The buggy address belongs to the physical page: [ 13.888342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bd [ 13.888624] flags: 0x200000000000000(node=0|zone=2) [ 13.888892] page_type: f5(slab) [ 13.889136] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.889489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.889809] page dumped because: kasan: bad access detected [ 13.890048] [ 13.890127] Memory state around the buggy address: [ 13.890314] ffff8881039bd680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.890649] ffff8881039bd700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.890949] >ffff8881039bd780: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.891387] ^ [ 13.891631] ffff8881039bd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.892062] ffff8881039bd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.892405] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
Automatically assigned
[ 13.233239] ================================================================== [ 13.233571] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.234126] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.234467] [ 13.234646] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.234692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.234728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.234773] Call Trace: [ 13.234816] <TASK> [ 13.234831] dump_stack_lvl+0x73/0xb0 [ 13.234857] print_report+0xd1/0x650 [ 13.234880] ? __virt_addr_valid+0x1db/0x2d0 [ 13.234902] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.234929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.234952] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.234979] kasan_report+0x141/0x180 [ 13.235002] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.235034] kasan_check_range+0x10c/0x1c0 [ 13.235058] __kasan_check_write+0x18/0x20 [ 13.235078] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.235106] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.235134] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.235154] ? trace_hardirqs_on+0x37/0xe0 [ 13.235175] ? kasan_bitops_generic+0x92/0x1c0 [ 13.235199] kasan_bitops_generic+0x121/0x1c0 [ 13.235219] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.235244] ? __pfx_read_tsc+0x10/0x10 [ 13.235265] ? ktime_get_ts64+0x86/0x230 [ 13.235289] kunit_try_run_case+0x1a5/0x480 [ 13.235310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235330] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.235354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.235392] ? __kthread_parkme+0x82/0x180 [ 13.235412] ? preempt_count_sub+0x50/0x80 [ 13.235435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.235481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.235505] kthread+0x337/0x6f0 [ 13.235524] ? trace_preempt_on+0x20/0xc0 [ 13.235546] ? __pfx_kthread+0x10/0x10 [ 13.235567] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.235590] ? calculate_sigpending+0x7b/0xa0 [ 13.235614] ? __pfx_kthread+0x10/0x10 [ 13.235635] ret_from_fork+0x116/0x1d0 [ 13.235654] ? __pfx_kthread+0x10/0x10 [ 13.235674] ret_from_fork_asm+0x1a/0x30 [ 13.235704] </TASK> [ 13.235715] [ 13.246136] Allocated by task 279: [ 13.246370] kasan_save_stack+0x45/0x70 [ 13.246705] kasan_save_track+0x18/0x40 [ 13.246951] kasan_save_alloc_info+0x3b/0x50 [ 13.247244] __kasan_kmalloc+0xb7/0xc0 [ 13.247427] __kmalloc_cache_noprof+0x189/0x420 [ 13.247584] kasan_bitops_generic+0x92/0x1c0 [ 13.247925] kunit_try_run_case+0x1a5/0x480 [ 13.248240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.248566] kthread+0x337/0x6f0 [ 13.248760] ret_from_fork+0x116/0x1d0 [ 13.248907] ret_from_fork_asm+0x1a/0x30 [ 13.249347] [ 13.249478] The buggy address belongs to the object at ffff888101892d40 [ 13.249478] which belongs to the cache kmalloc-16 of size 16 [ 13.250151] The buggy address is located 8 bytes inside of [ 13.250151] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.250748] [ 13.250851] The buggy address belongs to the physical page: [ 13.251206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.251586] flags: 0x200000000000000(node=0|zone=2) [ 13.251903] page_type: f5(slab) [ 13.252201] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.252589] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.253015] page dumped because: kasan: bad access detected [ 13.253192] [ 13.253291] Memory state around the buggy address: [ 13.253534] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.253929] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.254264] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.254729] ^ [ 13.254917] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.255488] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.256147] ================================================================== [ 13.344323] ================================================================== [ 13.344688] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.345143] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.345409] [ 13.345514] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.345557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.345569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.345590] Call Trace: [ 13.345607] <TASK> [ 13.345623] dump_stack_lvl+0x73/0xb0 [ 13.345650] print_report+0xd1/0x650 [ 13.345674] ? __virt_addr_valid+0x1db/0x2d0 [ 13.345695] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.345723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.345754] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.345781] kasan_report+0x141/0x180 [ 13.345804] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.345836] kasan_check_range+0x10c/0x1c0 [ 13.345860] __kasan_check_write+0x18/0x20 [ 13.345880] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.345907] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.345936] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.345956] ? trace_hardirqs_on+0x37/0xe0 [ 13.345980] ? kasan_bitops_generic+0x92/0x1c0 [ 13.346004] kasan_bitops_generic+0x121/0x1c0 [ 13.346031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.346057] ? __pfx_read_tsc+0x10/0x10 [ 13.346078] ? ktime_get_ts64+0x86/0x230 [ 13.346103] kunit_try_run_case+0x1a5/0x480 [ 13.346124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.346170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.346195] ? __kthread_parkme+0x82/0x180 [ 13.346215] ? preempt_count_sub+0x50/0x80 [ 13.346239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.346259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.346284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.346308] kthread+0x337/0x6f0 [ 13.346327] ? trace_preempt_on+0x20/0xc0 [ 13.346349] ? __pfx_kthread+0x10/0x10 [ 13.346371] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.346403] ? calculate_sigpending+0x7b/0xa0 [ 13.346428] ? __pfx_kthread+0x10/0x10 [ 13.346449] ret_from_fork+0x116/0x1d0 [ 13.346467] ? __pfx_kthread+0x10/0x10 [ 13.346488] ret_from_fork_asm+0x1a/0x30 [ 13.346518] </TASK> [ 13.346528] [ 13.355729] Allocated by task 279: [ 13.355987] kasan_save_stack+0x45/0x70 [ 13.356155] kasan_save_track+0x18/0x40 [ 13.356292] kasan_save_alloc_info+0x3b/0x50 [ 13.356482] __kasan_kmalloc+0xb7/0xc0 [ 13.356675] __kmalloc_cache_noprof+0x189/0x420 [ 13.356902] kasan_bitops_generic+0x92/0x1c0 [ 13.357205] kunit_try_run_case+0x1a5/0x480 [ 13.357462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.357686] kthread+0x337/0x6f0 [ 13.357849] ret_from_fork+0x116/0x1d0 [ 13.358197] ret_from_fork_asm+0x1a/0x30 [ 13.358387] [ 13.358463] The buggy address belongs to the object at ffff888101892d40 [ 13.358463] which belongs to the cache kmalloc-16 of size 16 [ 13.358878] The buggy address is located 8 bytes inside of [ 13.358878] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.359500] [ 13.359714] The buggy address belongs to the physical page: [ 13.359952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.360283] flags: 0x200000000000000(node=0|zone=2) [ 13.360463] page_type: f5(slab) [ 13.360585] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.361210] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.361576] page dumped because: kasan: bad access detected [ 13.361797] [ 13.361903] Memory state around the buggy address: [ 13.362162] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.362397] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.362727] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.363251] ^ [ 13.363508] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.363802] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.364315] ================================================================== [ 13.324603] ================================================================== [ 13.324939] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.325517] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.325866] [ 13.325976] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.326022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.326037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.326057] Call Trace: [ 13.326071] <TASK> [ 13.326085] dump_stack_lvl+0x73/0xb0 [ 13.326112] print_report+0xd1/0x650 [ 13.326135] ? __virt_addr_valid+0x1db/0x2d0 [ 13.326156] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.326183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.326205] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.326233] kasan_report+0x141/0x180 [ 13.326255] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.326287] kasan_check_range+0x10c/0x1c0 [ 13.326311] __kasan_check_write+0x18/0x20 [ 13.326331] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.326358] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.326398] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.326418] ? trace_hardirqs_on+0x37/0xe0 [ 13.326439] ? kasan_bitops_generic+0x92/0x1c0 [ 13.326464] kasan_bitops_generic+0x121/0x1c0 [ 13.326484] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.326509] ? __pfx_read_tsc+0x10/0x10 [ 13.326530] ? ktime_get_ts64+0x86/0x230 [ 13.326554] kunit_try_run_case+0x1a5/0x480 [ 13.326575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.326595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.326620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.326646] ? __kthread_parkme+0x82/0x180 [ 13.326666] ? preempt_count_sub+0x50/0x80 [ 13.326690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.326711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.326791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.326816] kthread+0x337/0x6f0 [ 13.326836] ? trace_preempt_on+0x20/0xc0 [ 13.326859] ? __pfx_kthread+0x10/0x10 [ 13.326879] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.326903] ? calculate_sigpending+0x7b/0xa0 [ 13.326926] ? __pfx_kthread+0x10/0x10 [ 13.326947] ret_from_fork+0x116/0x1d0 [ 13.326966] ? __pfx_kthread+0x10/0x10 [ 13.326986] ret_from_fork_asm+0x1a/0x30 [ 13.327050] </TASK> [ 13.327062] [ 13.335428] Allocated by task 279: [ 13.335617] kasan_save_stack+0x45/0x70 [ 13.335810] kasan_save_track+0x18/0x40 [ 13.336011] kasan_save_alloc_info+0x3b/0x50 [ 13.336199] __kasan_kmalloc+0xb7/0xc0 [ 13.336399] __kmalloc_cache_noprof+0x189/0x420 [ 13.336607] kasan_bitops_generic+0x92/0x1c0 [ 13.336792] kunit_try_run_case+0x1a5/0x480 [ 13.336936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.337114] kthread+0x337/0x6f0 [ 13.337235] ret_from_fork+0x116/0x1d0 [ 13.337477] ret_from_fork_asm+0x1a/0x30 [ 13.337682] [ 13.337824] The buggy address belongs to the object at ffff888101892d40 [ 13.337824] which belongs to the cache kmalloc-16 of size 16 [ 13.338542] The buggy address is located 8 bytes inside of [ 13.338542] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.338898] [ 13.338970] The buggy address belongs to the physical page: [ 13.339292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.339671] flags: 0x200000000000000(node=0|zone=2) [ 13.339972] page_type: f5(slab) [ 13.340390] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.340782] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.341162] page dumped because: kasan: bad access detected [ 13.341412] [ 13.341488] Memory state around the buggy address: [ 13.341731] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.342068] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.342356] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.342597] ^ [ 13.342776] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343168] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343669] ================================================================== [ 13.280401] ================================================================== [ 13.280728] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.281220] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.281561] [ 13.281678] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.281733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.281745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.281766] Call Trace: [ 13.281779] <TASK> [ 13.281792] dump_stack_lvl+0x73/0xb0 [ 13.281842] print_report+0xd1/0x650 [ 13.281866] ? __virt_addr_valid+0x1db/0x2d0 [ 13.281888] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.281915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.281938] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.281965] kasan_report+0x141/0x180 [ 13.282003] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.282060] kasan_check_range+0x10c/0x1c0 [ 13.282084] __kasan_check_write+0x18/0x20 [ 13.282104] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.282133] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.282162] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.282183] ? trace_hardirqs_on+0x37/0xe0 [ 13.282206] ? kasan_bitops_generic+0x92/0x1c0 [ 13.282230] kasan_bitops_generic+0x121/0x1c0 [ 13.282250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.282275] ? __pfx_read_tsc+0x10/0x10 [ 13.282295] ? ktime_get_ts64+0x86/0x230 [ 13.282320] kunit_try_run_case+0x1a5/0x480 [ 13.282340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.282360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.282396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.282421] ? __kthread_parkme+0x82/0x180 [ 13.282442] ? preempt_count_sub+0x50/0x80 [ 13.282465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.282486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.282511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.282538] kthread+0x337/0x6f0 [ 13.282557] ? trace_preempt_on+0x20/0xc0 [ 13.282579] ? __pfx_kthread+0x10/0x10 [ 13.282599] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.282623] ? calculate_sigpending+0x7b/0xa0 [ 13.282647] ? __pfx_kthread+0x10/0x10 [ 13.282668] ret_from_fork+0x116/0x1d0 [ 13.282687] ? __pfx_kthread+0x10/0x10 [ 13.282710] ret_from_fork_asm+0x1a/0x30 [ 13.282741] </TASK> [ 13.282751] [ 13.293425] Allocated by task 279: [ 13.293565] kasan_save_stack+0x45/0x70 [ 13.293826] kasan_save_track+0x18/0x40 [ 13.294033] kasan_save_alloc_info+0x3b/0x50 [ 13.294283] __kasan_kmalloc+0xb7/0xc0 [ 13.294479] __kmalloc_cache_noprof+0x189/0x420 [ 13.294668] kasan_bitops_generic+0x92/0x1c0 [ 13.294819] kunit_try_run_case+0x1a5/0x480 [ 13.294969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.295265] kthread+0x337/0x6f0 [ 13.295457] ret_from_fork+0x116/0x1d0 [ 13.295636] ret_from_fork_asm+0x1a/0x30 [ 13.295933] [ 13.296058] The buggy address belongs to the object at ffff888101892d40 [ 13.296058] which belongs to the cache kmalloc-16 of size 16 [ 13.296535] The buggy address is located 8 bytes inside of [ 13.296535] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.297252] [ 13.297363] The buggy address belongs to the physical page: [ 13.297588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.297917] flags: 0x200000000000000(node=0|zone=2) [ 13.298187] page_type: f5(slab) [ 13.298368] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.298728] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.299149] page dumped because: kasan: bad access detected [ 13.299411] [ 13.299491] Memory state around the buggy address: [ 13.299700] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.299953] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.300191] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.300518] ^ [ 13.300848] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.301342] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.301633] ================================================================== [ 13.302037] ================================================================== [ 13.302549] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.302916] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.303185] [ 13.303473] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.303524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.303536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.303558] Call Trace: [ 13.303572] <TASK> [ 13.303588] dump_stack_lvl+0x73/0xb0 [ 13.303615] print_report+0xd1/0x650 [ 13.303639] ? __virt_addr_valid+0x1db/0x2d0 [ 13.303661] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.303689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.303711] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.303740] kasan_report+0x141/0x180 [ 13.303763] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.303795] kasan_check_range+0x10c/0x1c0 [ 13.303819] __kasan_check_write+0x18/0x20 [ 13.303839] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.303867] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.303895] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.303916] ? trace_hardirqs_on+0x37/0xe0 [ 13.303937] ? kasan_bitops_generic+0x92/0x1c0 [ 13.303961] kasan_bitops_generic+0x121/0x1c0 [ 13.303981] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.304007] ? __pfx_read_tsc+0x10/0x10 [ 13.304027] ? ktime_get_ts64+0x86/0x230 [ 13.304051] kunit_try_run_case+0x1a5/0x480 [ 13.304072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.304091] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.304117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.304142] ? __kthread_parkme+0x82/0x180 [ 13.304163] ? preempt_count_sub+0x50/0x80 [ 13.304186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.304208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.304232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.304256] kthread+0x337/0x6f0 [ 13.304276] ? trace_preempt_on+0x20/0xc0 [ 13.304298] ? __pfx_kthread+0x10/0x10 [ 13.304318] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.304342] ? calculate_sigpending+0x7b/0xa0 [ 13.304365] ? __pfx_kthread+0x10/0x10 [ 13.304396] ret_from_fork+0x116/0x1d0 [ 13.304415] ? __pfx_kthread+0x10/0x10 [ 13.304435] ret_from_fork_asm+0x1a/0x30 [ 13.304465] </TASK> [ 13.304475] [ 13.314627] Allocated by task 279: [ 13.315077] kasan_save_stack+0x45/0x70 [ 13.315325] kasan_save_track+0x18/0x40 [ 13.315629] kasan_save_alloc_info+0x3b/0x50 [ 13.315971] __kasan_kmalloc+0xb7/0xc0 [ 13.316258] __kmalloc_cache_noprof+0x189/0x420 [ 13.316476] kasan_bitops_generic+0x92/0x1c0 [ 13.316677] kunit_try_run_case+0x1a5/0x480 [ 13.317315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.317643] kthread+0x337/0x6f0 [ 13.317910] ret_from_fork+0x116/0x1d0 [ 13.318246] ret_from_fork_asm+0x1a/0x30 [ 13.318446] [ 13.318534] The buggy address belongs to the object at ffff888101892d40 [ 13.318534] which belongs to the cache kmalloc-16 of size 16 [ 13.318985] The buggy address is located 8 bytes inside of [ 13.318985] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.319720] [ 13.319830] The buggy address belongs to the physical page: [ 13.320123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.320452] flags: 0x200000000000000(node=0|zone=2) [ 13.320680] page_type: f5(slab) [ 13.320895] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.321174] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.321578] page dumped because: kasan: bad access detected [ 13.321913] [ 13.321995] Memory state around the buggy address: [ 13.322194] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.322512] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.322814] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.323223] ^ [ 13.323435] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.323707] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.324100] ================================================================== [ 13.364690] ================================================================== [ 13.365026] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.365533] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.365905] [ 13.366057] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.366102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.366114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.366134] Call Trace: [ 13.366148] <TASK> [ 13.366162] dump_stack_lvl+0x73/0xb0 [ 13.366189] print_report+0xd1/0x650 [ 13.366212] ? __virt_addr_valid+0x1db/0x2d0 [ 13.366234] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.366261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.366283] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.366311] kasan_report+0x141/0x180 [ 13.366334] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.366367] kasan_check_range+0x10c/0x1c0 [ 13.366404] __kasan_check_write+0x18/0x20 [ 13.366427] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.366454] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.366483] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.366503] ? trace_hardirqs_on+0x37/0xe0 [ 13.366525] ? kasan_bitops_generic+0x92/0x1c0 [ 13.366549] kasan_bitops_generic+0x121/0x1c0 [ 13.366569] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.366594] ? __pfx_read_tsc+0x10/0x10 [ 13.366615] ? ktime_get_ts64+0x86/0x230 [ 13.366638] kunit_try_run_case+0x1a5/0x480 [ 13.366660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.366679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.366704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.366728] ? __kthread_parkme+0x82/0x180 [ 13.366748] ? preempt_count_sub+0x50/0x80 [ 13.366772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.366793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.366817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.366841] kthread+0x337/0x6f0 [ 13.366860] ? trace_preempt_on+0x20/0xc0 [ 13.366881] ? __pfx_kthread+0x10/0x10 [ 13.366912] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.366935] ? calculate_sigpending+0x7b/0xa0 [ 13.366958] ? __pfx_kthread+0x10/0x10 [ 13.366980] ret_from_fork+0x116/0x1d0 [ 13.366998] ? __pfx_kthread+0x10/0x10 [ 13.367028] ret_from_fork_asm+0x1a/0x30 [ 13.367058] </TASK> [ 13.367068] [ 13.377347] Allocated by task 279: [ 13.377536] kasan_save_stack+0x45/0x70 [ 13.377729] kasan_save_track+0x18/0x40 [ 13.377914] kasan_save_alloc_info+0x3b/0x50 [ 13.378428] __kasan_kmalloc+0xb7/0xc0 [ 13.378818] __kmalloc_cache_noprof+0x189/0x420 [ 13.379300] kasan_bitops_generic+0x92/0x1c0 [ 13.379530] kunit_try_run_case+0x1a5/0x480 [ 13.379724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.379952] kthread+0x337/0x6f0 [ 13.380588] ret_from_fork+0x116/0x1d0 [ 13.381104] ret_from_fork_asm+0x1a/0x30 [ 13.381392] [ 13.381495] The buggy address belongs to the object at ffff888101892d40 [ 13.381495] which belongs to the cache kmalloc-16 of size 16 [ 13.382333] The buggy address is located 8 bytes inside of [ 13.382333] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.383265] [ 13.383517] The buggy address belongs to the physical page: [ 13.383848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.384355] flags: 0x200000000000000(node=0|zone=2) [ 13.384585] page_type: f5(slab) [ 13.384923] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.385883] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.386275] page dumped because: kasan: bad access detected [ 13.386523] [ 13.386613] Memory state around the buggy address: [ 13.387053] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.387683] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.388028] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.388319] ^ [ 13.388567] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.389188] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.389658] ================================================================== [ 13.390740] ================================================================== [ 13.391387] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.391878] Read of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.392609] [ 13.392732] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.392781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.392793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.392816] Call Trace: [ 13.392830] <TASK> [ 13.392846] dump_stack_lvl+0x73/0xb0 [ 13.392874] print_report+0xd1/0x650 [ 13.392898] ? __virt_addr_valid+0x1db/0x2d0 [ 13.392920] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.392947] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.392970] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.392997] kasan_report+0x141/0x180 [ 13.393021] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.393053] kasan_check_range+0x10c/0x1c0 [ 13.393077] __kasan_check_read+0x15/0x20 [ 13.393097] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.393125] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.393154] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.393174] ? trace_hardirqs_on+0x37/0xe0 [ 13.393196] ? kasan_bitops_generic+0x92/0x1c0 [ 13.393219] kasan_bitops_generic+0x121/0x1c0 [ 13.393239] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.393264] ? __pfx_read_tsc+0x10/0x10 [ 13.393284] ? ktime_get_ts64+0x86/0x230 [ 13.393309] kunit_try_run_case+0x1a5/0x480 [ 13.393330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.393349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.393383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.393408] ? __kthread_parkme+0x82/0x180 [ 13.393429] ? preempt_count_sub+0x50/0x80 [ 13.393452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.393473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.393496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.393521] kthread+0x337/0x6f0 [ 13.393540] ? trace_preempt_on+0x20/0xc0 [ 13.393562] ? __pfx_kthread+0x10/0x10 [ 13.393583] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.393605] ? calculate_sigpending+0x7b/0xa0 [ 13.393629] ? __pfx_kthread+0x10/0x10 [ 13.393650] ret_from_fork+0x116/0x1d0 [ 13.393671] ? __pfx_kthread+0x10/0x10 [ 13.393693] ret_from_fork_asm+0x1a/0x30 [ 13.393735] </TASK> [ 13.393745] [ 13.402542] Allocated by task 279: [ 13.402705] kasan_save_stack+0x45/0x70 [ 13.402910] kasan_save_track+0x18/0x40 [ 13.403139] kasan_save_alloc_info+0x3b/0x50 [ 13.403294] __kasan_kmalloc+0xb7/0xc0 [ 13.403456] __kmalloc_cache_noprof+0x189/0x420 [ 13.403678] kasan_bitops_generic+0x92/0x1c0 [ 13.403929] kunit_try_run_case+0x1a5/0x480 [ 13.404263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.405131] kthread+0x337/0x6f0 [ 13.405282] ret_from_fork+0x116/0x1d0 [ 13.405431] ret_from_fork_asm+0x1a/0x30 [ 13.405575] [ 13.405674] The buggy address belongs to the object at ffff888101892d40 [ 13.405674] which belongs to the cache kmalloc-16 of size 16 [ 13.406343] The buggy address is located 8 bytes inside of [ 13.406343] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.406887] [ 13.406964] The buggy address belongs to the physical page: [ 13.407209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.407706] flags: 0x200000000000000(node=0|zone=2) [ 13.407901] page_type: f5(slab) [ 13.408192] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.408533] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.408890] page dumped because: kasan: bad access detected [ 13.409067] [ 13.409162] Memory state around the buggy address: [ 13.409411] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.409909] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.410220] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.410524] ^ [ 13.410789] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.411129] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.411628] ================================================================== [ 13.412017] ================================================================== [ 13.412493] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.412975] Read of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.413314] [ 13.413479] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.413527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.413539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.413561] Call Trace: [ 13.413574] <TASK> [ 13.413589] dump_stack_lvl+0x73/0xb0 [ 13.413615] print_report+0xd1/0x650 [ 13.413638] ? __virt_addr_valid+0x1db/0x2d0 [ 13.413661] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.413688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.413711] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.413747] kasan_report+0x141/0x180 [ 13.413770] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.413803] __asan_report_load8_noabort+0x18/0x20 [ 13.413824] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.413852] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.413881] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.413901] ? trace_hardirqs_on+0x37/0xe0 [ 13.413923] ? kasan_bitops_generic+0x92/0x1c0 [ 13.413947] kasan_bitops_generic+0x121/0x1c0 [ 13.413967] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.413992] ? __pfx_read_tsc+0x10/0x10 [ 13.414012] ? ktime_get_ts64+0x86/0x230 [ 13.414083] kunit_try_run_case+0x1a5/0x480 [ 13.414105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.414125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.414149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.414174] ? __kthread_parkme+0x82/0x180 [ 13.414195] ? preempt_count_sub+0x50/0x80 [ 13.414218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.414239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.414264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.414288] kthread+0x337/0x6f0 [ 13.414307] ? trace_preempt_on+0x20/0xc0 [ 13.414330] ? __pfx_kthread+0x10/0x10 [ 13.414350] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.414385] ? calculate_sigpending+0x7b/0xa0 [ 13.414409] ? __pfx_kthread+0x10/0x10 [ 13.414431] ret_from_fork+0x116/0x1d0 [ 13.414449] ? __pfx_kthread+0x10/0x10 [ 13.414469] ret_from_fork_asm+0x1a/0x30 [ 13.414499] </TASK> [ 13.414510] [ 13.423109] Allocated by task 279: [ 13.423244] kasan_save_stack+0x45/0x70 [ 13.423456] kasan_save_track+0x18/0x40 [ 13.423663] kasan_save_alloc_info+0x3b/0x50 [ 13.424121] __kasan_kmalloc+0xb7/0xc0 [ 13.424323] __kmalloc_cache_noprof+0x189/0x420 [ 13.424522] kasan_bitops_generic+0x92/0x1c0 [ 13.424721] kunit_try_run_case+0x1a5/0x480 [ 13.424932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.425282] kthread+0x337/0x6f0 [ 13.425461] ret_from_fork+0x116/0x1d0 [ 13.425612] ret_from_fork_asm+0x1a/0x30 [ 13.425924] [ 13.426251] The buggy address belongs to the object at ffff888101892d40 [ 13.426251] which belongs to the cache kmalloc-16 of size 16 [ 13.426791] The buggy address is located 8 bytes inside of [ 13.426791] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.427366] [ 13.427477] The buggy address belongs to the physical page: [ 13.427668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.428141] flags: 0x200000000000000(node=0|zone=2) [ 13.428448] page_type: f5(slab) [ 13.428664] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.428918] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.429144] page dumped because: kasan: bad access detected [ 13.429397] [ 13.429490] Memory state around the buggy address: [ 13.429842] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.430262] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.430499] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.430720] ^ [ 13.430979] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.431501] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.431991] ================================================================== [ 13.256935] ================================================================== [ 13.257349] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.257972] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.258372] [ 13.258504] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.258587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.258600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.258621] Call Trace: [ 13.258638] <TASK> [ 13.258656] dump_stack_lvl+0x73/0xb0 [ 13.258684] print_report+0xd1/0x650 [ 13.258707] ? __virt_addr_valid+0x1db/0x2d0 [ 13.258770] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.258798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.258821] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.258848] kasan_report+0x141/0x180 [ 13.258871] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.258902] kasan_check_range+0x10c/0x1c0 [ 13.258926] __kasan_check_write+0x18/0x20 [ 13.258946] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.258974] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.259004] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.259100] ? trace_hardirqs_on+0x37/0xe0 [ 13.259125] ? kasan_bitops_generic+0x92/0x1c0 [ 13.259150] kasan_bitops_generic+0x121/0x1c0 [ 13.259170] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.259231] ? __pfx_read_tsc+0x10/0x10 [ 13.259252] ? ktime_get_ts64+0x86/0x230 [ 13.259276] kunit_try_run_case+0x1a5/0x480 [ 13.259299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.259318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.259387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.259413] ? __kthread_parkme+0x82/0x180 [ 13.259433] ? preempt_count_sub+0x50/0x80 [ 13.259457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.259478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.259503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.259528] kthread+0x337/0x6f0 [ 13.259547] ? trace_preempt_on+0x20/0xc0 [ 13.259569] ? __pfx_kthread+0x10/0x10 [ 13.259590] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.259613] ? calculate_sigpending+0x7b/0xa0 [ 13.259636] ? __pfx_kthread+0x10/0x10 [ 13.259658] ret_from_fork+0x116/0x1d0 [ 13.259677] ? __pfx_kthread+0x10/0x10 [ 13.259698] ret_from_fork_asm+0x1a/0x30 [ 13.259740] </TASK> [ 13.259751] [ 13.269813] Allocated by task 279: [ 13.270046] kasan_save_stack+0x45/0x70 [ 13.270336] kasan_save_track+0x18/0x40 [ 13.270836] kasan_save_alloc_info+0x3b/0x50 [ 13.271097] __kasan_kmalloc+0xb7/0xc0 [ 13.271235] __kmalloc_cache_noprof+0x189/0x420 [ 13.271400] kasan_bitops_generic+0x92/0x1c0 [ 13.271651] kunit_try_run_case+0x1a5/0x480 [ 13.272134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.272467] kthread+0x337/0x6f0 [ 13.272666] ret_from_fork+0x116/0x1d0 [ 13.272905] ret_from_fork_asm+0x1a/0x30 [ 13.273160] [ 13.273235] The buggy address belongs to the object at ffff888101892d40 [ 13.273235] which belongs to the cache kmalloc-16 of size 16 [ 13.273758] The buggy address is located 8 bytes inside of [ 13.273758] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.274421] [ 13.274499] The buggy address belongs to the physical page: [ 13.274993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.275474] flags: 0x200000000000000(node=0|zone=2) [ 13.275644] page_type: f5(slab) [ 13.275838] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.276254] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.276921] page dumped because: kasan: bad access detected [ 13.277116] [ 13.277240] Memory state around the buggy address: [ 13.277523] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.277901] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.278282] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.278627] ^ [ 13.278952] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.279525] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.279812] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
Automatically assigned
[ 13.093694] ================================================================== [ 13.094791] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.095358] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.095758] [ 13.095992] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.096159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.096175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.096196] Call Trace: [ 13.096212] <TASK> [ 13.096228] dump_stack_lvl+0x73/0xb0 [ 13.096257] print_report+0xd1/0x650 [ 13.096282] ? __virt_addr_valid+0x1db/0x2d0 [ 13.096305] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.096331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.096354] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.096396] kasan_report+0x141/0x180 [ 13.096419] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.096449] kasan_check_range+0x10c/0x1c0 [ 13.096474] __kasan_check_write+0x18/0x20 [ 13.096493] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.096519] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.096546] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.096566] ? trace_hardirqs_on+0x37/0xe0 [ 13.096590] ? kasan_bitops_generic+0x92/0x1c0 [ 13.096616] kasan_bitops_generic+0x116/0x1c0 [ 13.096636] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.096663] ? __pfx_read_tsc+0x10/0x10 [ 13.096685] ? ktime_get_ts64+0x86/0x230 [ 13.096710] kunit_try_run_case+0x1a5/0x480 [ 13.096731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.096750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.096775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.096800] ? __kthread_parkme+0x82/0x180 [ 13.096820] ? preempt_count_sub+0x50/0x80 [ 13.096844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.096864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.096888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.096912] kthread+0x337/0x6f0 [ 13.096931] ? trace_preempt_on+0x20/0xc0 [ 13.096953] ? __pfx_kthread+0x10/0x10 [ 13.096973] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.096996] ? calculate_sigpending+0x7b/0xa0 [ 13.097072] ? __pfx_kthread+0x10/0x10 [ 13.097096] ret_from_fork+0x116/0x1d0 [ 13.097115] ? __pfx_kthread+0x10/0x10 [ 13.097136] ret_from_fork_asm+0x1a/0x30 [ 13.097167] </TASK> [ 13.097177] [ 13.106200] Allocated by task 279: [ 13.106543] kasan_save_stack+0x45/0x70 [ 13.106928] kasan_save_track+0x18/0x40 [ 13.107279] kasan_save_alloc_info+0x3b/0x50 [ 13.107943] __kasan_kmalloc+0xb7/0xc0 [ 13.108285] __kmalloc_cache_noprof+0x189/0x420 [ 13.108533] kasan_bitops_generic+0x92/0x1c0 [ 13.108696] kunit_try_run_case+0x1a5/0x480 [ 13.108900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.109160] kthread+0x337/0x6f0 [ 13.109408] ret_from_fork+0x116/0x1d0 [ 13.109585] ret_from_fork_asm+0x1a/0x30 [ 13.109738] [ 13.109827] The buggy address belongs to the object at ffff888101892d40 [ 13.109827] which belongs to the cache kmalloc-16 of size 16 [ 13.110646] The buggy address is located 8 bytes inside of [ 13.110646] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.111148] [ 13.111246] The buggy address belongs to the physical page: [ 13.111489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.112540] flags: 0x200000000000000(node=0|zone=2) [ 13.113229] page_type: f5(slab) [ 13.113408] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.113892] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.114331] page dumped because: kasan: bad access detected [ 13.114768] [ 13.114852] Memory state around the buggy address: [ 13.115068] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.115601] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.116088] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.116501] ^ [ 13.116760] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.117443] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.117914] ================================================================== [ 13.164394] ================================================================== [ 13.164681] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.165145] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.165441] [ 13.165528] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.165574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.165585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.165607] Call Trace: [ 13.165620] <TASK> [ 13.165634] dump_stack_lvl+0x73/0xb0 [ 13.165660] print_report+0xd1/0x650 [ 13.165683] ? __virt_addr_valid+0x1db/0x2d0 [ 13.165743] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.165768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.165801] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.165827] kasan_report+0x141/0x180 [ 13.165877] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.165908] kasan_check_range+0x10c/0x1c0 [ 13.165931] __kasan_check_write+0x18/0x20 [ 13.165961] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.165987] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.166013] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.166037] ? trace_hardirqs_on+0x37/0xe0 [ 13.166060] ? kasan_bitops_generic+0x92/0x1c0 [ 13.166084] kasan_bitops_generic+0x116/0x1c0 [ 13.166103] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.166128] ? __pfx_read_tsc+0x10/0x10 [ 13.166148] ? ktime_get_ts64+0x86/0x230 [ 13.166245] kunit_try_run_case+0x1a5/0x480 [ 13.166283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.166303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.166328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.166353] ? __kthread_parkme+0x82/0x180 [ 13.166373] ? preempt_count_sub+0x50/0x80 [ 13.166407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.166428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.166451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.166475] kthread+0x337/0x6f0 [ 13.166494] ? trace_preempt_on+0x20/0xc0 [ 13.166516] ? __pfx_kthread+0x10/0x10 [ 13.166536] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.166559] ? calculate_sigpending+0x7b/0xa0 [ 13.166582] ? __pfx_kthread+0x10/0x10 [ 13.166603] ret_from_fork+0x116/0x1d0 [ 13.166621] ? __pfx_kthread+0x10/0x10 [ 13.166641] ret_from_fork_asm+0x1a/0x30 [ 13.166671] </TASK> [ 13.166682] [ 13.176737] Allocated by task 279: [ 13.176931] kasan_save_stack+0x45/0x70 [ 13.177193] kasan_save_track+0x18/0x40 [ 13.177437] kasan_save_alloc_info+0x3b/0x50 [ 13.177796] __kasan_kmalloc+0xb7/0xc0 [ 13.177997] __kmalloc_cache_noprof+0x189/0x420 [ 13.178300] kasan_bitops_generic+0x92/0x1c0 [ 13.178464] kunit_try_run_case+0x1a5/0x480 [ 13.178630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.179074] kthread+0x337/0x6f0 [ 13.179255] ret_from_fork+0x116/0x1d0 [ 13.179434] ret_from_fork_asm+0x1a/0x30 [ 13.179612] [ 13.179684] The buggy address belongs to the object at ffff888101892d40 [ 13.179684] which belongs to the cache kmalloc-16 of size 16 [ 13.180312] The buggy address is located 8 bytes inside of [ 13.180312] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.181031] [ 13.181249] The buggy address belongs to the physical page: [ 13.181478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.181724] flags: 0x200000000000000(node=0|zone=2) [ 13.181933] page_type: f5(slab) [ 13.182165] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.182667] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.183249] page dumped because: kasan: bad access detected [ 13.183468] [ 13.183586] Memory state around the buggy address: [ 13.183909] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.184302] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.184616] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.185050] ^ [ 13.185348] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.185647] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.186340] ================================================================== [ 13.051914] ================================================================== [ 13.052501] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.052900] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.053251] [ 13.053368] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.053428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.053441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.053464] Call Trace: [ 13.053476] <TASK> [ 13.053493] dump_stack_lvl+0x73/0xb0 [ 13.053520] print_report+0xd1/0x650 [ 13.053543] ? __virt_addr_valid+0x1db/0x2d0 [ 13.053567] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.053592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.053614] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.053640] kasan_report+0x141/0x180 [ 13.053663] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.053693] kasan_check_range+0x10c/0x1c0 [ 13.053716] __kasan_check_write+0x18/0x20 [ 13.053735] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.053761] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.053787] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.053808] ? trace_hardirqs_on+0x37/0xe0 [ 13.053830] ? kasan_bitops_generic+0x92/0x1c0 [ 13.053853] kasan_bitops_generic+0x116/0x1c0 [ 13.053873] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.053898] ? __pfx_read_tsc+0x10/0x10 [ 13.053919] ? ktime_get_ts64+0x86/0x230 [ 13.053943] kunit_try_run_case+0x1a5/0x480 [ 13.053965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.053984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.054021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.054049] ? __kthread_parkme+0x82/0x180 [ 13.054070] ? preempt_count_sub+0x50/0x80 [ 13.054094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.054114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.054138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.054162] kthread+0x337/0x6f0 [ 13.054180] ? trace_preempt_on+0x20/0xc0 [ 13.054202] ? __pfx_kthread+0x10/0x10 [ 13.054222] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.054245] ? calculate_sigpending+0x7b/0xa0 [ 13.054269] ? __pfx_kthread+0x10/0x10 [ 13.054290] ret_from_fork+0x116/0x1d0 [ 13.054308] ? __pfx_kthread+0x10/0x10 [ 13.054328] ret_from_fork_asm+0x1a/0x30 [ 13.054358] </TASK> [ 13.054368] [ 13.062590] Allocated by task 279: [ 13.062777] kasan_save_stack+0x45/0x70 [ 13.062986] kasan_save_track+0x18/0x40 [ 13.063169] kasan_save_alloc_info+0x3b/0x50 [ 13.063455] __kasan_kmalloc+0xb7/0xc0 [ 13.063606] __kmalloc_cache_noprof+0x189/0x420 [ 13.063920] kasan_bitops_generic+0x92/0x1c0 [ 13.064186] kunit_try_run_case+0x1a5/0x480 [ 13.064392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.064618] kthread+0x337/0x6f0 [ 13.064808] ret_from_fork+0x116/0x1d0 [ 13.064962] ret_from_fork_asm+0x1a/0x30 [ 13.065205] [ 13.065289] The buggy address belongs to the object at ffff888101892d40 [ 13.065289] which belongs to the cache kmalloc-16 of size 16 [ 13.065813] The buggy address is located 8 bytes inside of [ 13.065813] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.066438] [ 13.066520] The buggy address belongs to the physical page: [ 13.066696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.066941] flags: 0x200000000000000(node=0|zone=2) [ 13.067172] page_type: f5(slab) [ 13.067559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.067980] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.068291] page dumped because: kasan: bad access detected [ 13.068481] [ 13.068552] Memory state around the buggy address: [ 13.068708] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.069176] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.069512] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.069836] ^ [ 13.070171] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070450] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070700] ================================================================== [ 13.209235] ================================================================== [ 13.209558] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.209853] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.210570] [ 13.210703] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.210761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.210774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.210795] Call Trace: [ 13.210810] <TASK> [ 13.210825] dump_stack_lvl+0x73/0xb0 [ 13.210851] print_report+0xd1/0x650 [ 13.210874] ? __virt_addr_valid+0x1db/0x2d0 [ 13.210896] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.210921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.210943] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.210968] kasan_report+0x141/0x180 [ 13.210990] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.211088] kasan_check_range+0x10c/0x1c0 [ 13.211157] __kasan_check_write+0x18/0x20 [ 13.211188] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.211224] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.211251] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.211271] ? trace_hardirqs_on+0x37/0xe0 [ 13.211293] ? kasan_bitops_generic+0x92/0x1c0 [ 13.211317] kasan_bitops_generic+0x116/0x1c0 [ 13.211338] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.211363] ? __pfx_read_tsc+0x10/0x10 [ 13.211393] ? ktime_get_ts64+0x86/0x230 [ 13.211417] kunit_try_run_case+0x1a5/0x480 [ 13.211438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.211458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.211482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.211507] ? __kthread_parkme+0x82/0x180 [ 13.211556] ? preempt_count_sub+0x50/0x80 [ 13.211580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.211613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.211637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.211662] kthread+0x337/0x6f0 [ 13.211681] ? trace_preempt_on+0x20/0xc0 [ 13.211703] ? __pfx_kthread+0x10/0x10 [ 13.211736] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.211759] ? calculate_sigpending+0x7b/0xa0 [ 13.211782] ? __pfx_kthread+0x10/0x10 [ 13.211804] ret_from_fork+0x116/0x1d0 [ 13.211822] ? __pfx_kthread+0x10/0x10 [ 13.211843] ret_from_fork_asm+0x1a/0x30 [ 13.211872] </TASK> [ 13.211882] [ 13.222246] Allocated by task 279: [ 13.222438] kasan_save_stack+0x45/0x70 [ 13.222641] kasan_save_track+0x18/0x40 [ 13.222877] kasan_save_alloc_info+0x3b/0x50 [ 13.223029] __kasan_kmalloc+0xb7/0xc0 [ 13.223448] __kmalloc_cache_noprof+0x189/0x420 [ 13.223911] kasan_bitops_generic+0x92/0x1c0 [ 13.224256] kunit_try_run_case+0x1a5/0x480 [ 13.224476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.224732] kthread+0x337/0x6f0 [ 13.224909] ret_from_fork+0x116/0x1d0 [ 13.225149] ret_from_fork_asm+0x1a/0x30 [ 13.225648] [ 13.225726] The buggy address belongs to the object at ffff888101892d40 [ 13.225726] which belongs to the cache kmalloc-16 of size 16 [ 13.226399] The buggy address is located 8 bytes inside of [ 13.226399] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.226991] [ 13.227199] The buggy address belongs to the physical page: [ 13.227573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.227989] flags: 0x200000000000000(node=0|zone=2) [ 13.228251] page_type: f5(slab) [ 13.228405] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.228822] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.229208] page dumped because: kasan: bad access detected [ 13.229546] [ 13.229618] Memory state around the buggy address: [ 13.230180] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.230516] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.230925] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.231412] ^ [ 13.231695] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.231998] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.232430] ================================================================== [ 13.071181] ================================================================== [ 13.071854] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.072227] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.072538] [ 13.072645] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.072689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.072701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.072722] Call Trace: [ 13.072735] <TASK> [ 13.072748] dump_stack_lvl+0x73/0xb0 [ 13.072774] print_report+0xd1/0x650 [ 13.072797] ? __virt_addr_valid+0x1db/0x2d0 [ 13.072819] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.072845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.072868] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.072893] kasan_report+0x141/0x180 [ 13.072916] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.072946] kasan_check_range+0x10c/0x1c0 [ 13.072970] __kasan_check_write+0x18/0x20 [ 13.072992] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.073018] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.073095] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.073117] ? trace_hardirqs_on+0x37/0xe0 [ 13.073139] ? kasan_bitops_generic+0x92/0x1c0 [ 13.073164] kasan_bitops_generic+0x116/0x1c0 [ 13.073185] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.073209] ? __pfx_read_tsc+0x10/0x10 [ 13.073229] ? ktime_get_ts64+0x86/0x230 [ 13.073254] kunit_try_run_case+0x1a5/0x480 [ 13.073275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.073294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.073318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.073343] ? __kthread_parkme+0x82/0x180 [ 13.073363] ? preempt_count_sub+0x50/0x80 [ 13.073400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.073421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.073445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.073469] kthread+0x337/0x6f0 [ 13.073489] ? trace_preempt_on+0x20/0xc0 [ 13.073511] ? __pfx_kthread+0x10/0x10 [ 13.073532] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.073554] ? calculate_sigpending+0x7b/0xa0 [ 13.073578] ? __pfx_kthread+0x10/0x10 [ 13.073599] ret_from_fork+0x116/0x1d0 [ 13.073617] ? __pfx_kthread+0x10/0x10 [ 13.073637] ret_from_fork_asm+0x1a/0x30 [ 13.073668] </TASK> [ 13.073678] [ 13.082256] Allocated by task 279: [ 13.082397] kasan_save_stack+0x45/0x70 [ 13.082911] kasan_save_track+0x18/0x40 [ 13.083273] kasan_save_alloc_info+0x3b/0x50 [ 13.083510] __kasan_kmalloc+0xb7/0xc0 [ 13.083702] __kmalloc_cache_noprof+0x189/0x420 [ 13.083973] kasan_bitops_generic+0x92/0x1c0 [ 13.084220] kunit_try_run_case+0x1a5/0x480 [ 13.084409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.084626] kthread+0x337/0x6f0 [ 13.084822] ret_from_fork+0x116/0x1d0 [ 13.084970] ret_from_fork_asm+0x1a/0x30 [ 13.085281] [ 13.085413] The buggy address belongs to the object at ffff888101892d40 [ 13.085413] which belongs to the cache kmalloc-16 of size 16 [ 13.085924] The buggy address is located 8 bytes inside of [ 13.085924] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.086410] [ 13.086510] The buggy address belongs to the physical page: [ 13.086773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.087403] flags: 0x200000000000000(node=0|zone=2) [ 13.087613] page_type: f5(slab) [ 13.087825] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.088222] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.088563] page dumped because: kasan: bad access detected [ 13.088832] [ 13.088918] Memory state around the buggy address: [ 13.089178] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.089503] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.089733] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.089950] ^ [ 13.090139] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.091126] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.091945] ================================================================== [ 13.186830] ================================================================== [ 13.187284] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.187713] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.188163] [ 13.188254] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.188334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.188347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.188386] Call Trace: [ 13.188428] <TASK> [ 13.188443] dump_stack_lvl+0x73/0xb0 [ 13.188470] print_report+0xd1/0x650 [ 13.188504] ? __virt_addr_valid+0x1db/0x2d0 [ 13.188526] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.188552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.188574] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.188629] kasan_report+0x141/0x180 [ 13.188652] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.188693] kasan_check_range+0x10c/0x1c0 [ 13.188745] __kasan_check_write+0x18/0x20 [ 13.188764] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.188800] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.188827] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.188847] ? trace_hardirqs_on+0x37/0xe0 [ 13.188869] ? kasan_bitops_generic+0x92/0x1c0 [ 13.188893] kasan_bitops_generic+0x116/0x1c0 [ 13.188912] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.188938] ? __pfx_read_tsc+0x10/0x10 [ 13.188958] ? ktime_get_ts64+0x86/0x230 [ 13.188983] kunit_try_run_case+0x1a5/0x480 [ 13.189003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.189023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.189047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.189072] ? __kthread_parkme+0x82/0x180 [ 13.189162] ? preempt_count_sub+0x50/0x80 [ 13.189202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.189224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.189250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.189275] kthread+0x337/0x6f0 [ 13.189294] ? trace_preempt_on+0x20/0xc0 [ 13.189318] ? __pfx_kthread+0x10/0x10 [ 13.189339] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.189361] ? calculate_sigpending+0x7b/0xa0 [ 13.189396] ? __pfx_kthread+0x10/0x10 [ 13.189418] ret_from_fork+0x116/0x1d0 [ 13.189436] ? __pfx_kthread+0x10/0x10 [ 13.189456] ret_from_fork_asm+0x1a/0x30 [ 13.189486] </TASK> [ 13.189496] [ 13.199305] Allocated by task 279: [ 13.199455] kasan_save_stack+0x45/0x70 [ 13.199718] kasan_save_track+0x18/0x40 [ 13.199920] kasan_save_alloc_info+0x3b/0x50 [ 13.200241] __kasan_kmalloc+0xb7/0xc0 [ 13.200490] __kmalloc_cache_noprof+0x189/0x420 [ 13.200783] kasan_bitops_generic+0x92/0x1c0 [ 13.201066] kunit_try_run_case+0x1a5/0x480 [ 13.201399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.201645] kthread+0x337/0x6f0 [ 13.201957] ret_from_fork+0x116/0x1d0 [ 13.202353] ret_from_fork_asm+0x1a/0x30 [ 13.202523] [ 13.202595] The buggy address belongs to the object at ffff888101892d40 [ 13.202595] which belongs to the cache kmalloc-16 of size 16 [ 13.203068] The buggy address is located 8 bytes inside of [ 13.203068] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.203770] [ 13.203870] The buggy address belongs to the physical page: [ 13.204169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.204622] flags: 0x200000000000000(node=0|zone=2) [ 13.204973] page_type: f5(slab) [ 13.205094] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.205402] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.205804] page dumped because: kasan: bad access detected [ 13.206075] [ 13.206174] Memory state around the buggy address: [ 13.206475] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.206924] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.207433] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.207687] ^ [ 13.207991] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.208361] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.208766] ================================================================== [ 13.141147] ================================================================== [ 13.141508] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.142227] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.142561] [ 13.142676] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.142735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.142747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.142769] Call Trace: [ 13.142783] <TASK> [ 13.142798] dump_stack_lvl+0x73/0xb0 [ 13.142858] print_report+0xd1/0x650 [ 13.142881] ? __virt_addr_valid+0x1db/0x2d0 [ 13.142915] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.142941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.142964] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.142990] kasan_report+0x141/0x180 [ 13.143013] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.143042] kasan_check_range+0x10c/0x1c0 [ 13.143066] __kasan_check_write+0x18/0x20 [ 13.143085] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.143111] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.143137] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.143157] ? trace_hardirqs_on+0x37/0xe0 [ 13.143178] ? kasan_bitops_generic+0x92/0x1c0 [ 13.143201] kasan_bitops_generic+0x116/0x1c0 [ 13.143221] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.143246] ? __pfx_read_tsc+0x10/0x10 [ 13.143266] ? ktime_get_ts64+0x86/0x230 [ 13.143290] kunit_try_run_case+0x1a5/0x480 [ 13.143310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.143329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.143444] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.143494] ? __kthread_parkme+0x82/0x180 [ 13.143517] ? preempt_count_sub+0x50/0x80 [ 13.143539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.143560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.143585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.143608] kthread+0x337/0x6f0 [ 13.143627] ? trace_preempt_on+0x20/0xc0 [ 13.143649] ? __pfx_kthread+0x10/0x10 [ 13.143669] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.143692] ? calculate_sigpending+0x7b/0xa0 [ 13.143722] ? __pfx_kthread+0x10/0x10 [ 13.143742] ret_from_fork+0x116/0x1d0 [ 13.143761] ? __pfx_kthread+0x10/0x10 [ 13.143781] ret_from_fork_asm+0x1a/0x30 [ 13.143811] </TASK> [ 13.143821] [ 13.153962] Allocated by task 279: [ 13.154235] kasan_save_stack+0x45/0x70 [ 13.154469] kasan_save_track+0x18/0x40 [ 13.154701] kasan_save_alloc_info+0x3b/0x50 [ 13.154961] __kasan_kmalloc+0xb7/0xc0 [ 13.155217] __kmalloc_cache_noprof+0x189/0x420 [ 13.155389] kasan_bitops_generic+0x92/0x1c0 [ 13.155603] kunit_try_run_case+0x1a5/0x480 [ 13.155942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.156140] kthread+0x337/0x6f0 [ 13.156670] ret_from_fork+0x116/0x1d0 [ 13.156890] ret_from_fork_asm+0x1a/0x30 [ 13.157170] [ 13.157358] The buggy address belongs to the object at ffff888101892d40 [ 13.157358] which belongs to the cache kmalloc-16 of size 16 [ 13.157798] The buggy address is located 8 bytes inside of [ 13.157798] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.158644] [ 13.158895] The buggy address belongs to the physical page: [ 13.159146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.159569] flags: 0x200000000000000(node=0|zone=2) [ 13.159803] page_type: f5(slab) [ 13.159983] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.160329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.160704] page dumped because: kasan: bad access detected [ 13.160943] [ 13.161250] Memory state around the buggy address: [ 13.161473] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.161867] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.162280] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.162620] ^ [ 13.162958] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.163407] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.163896] ================================================================== [ 13.118786] ================================================================== [ 13.119540] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.120024] Write of size 8 at addr ffff888101892d48 by task kunit_try_catch/279 [ 13.120597] [ 13.120709] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.120756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.120768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.120790] Call Trace: [ 13.120804] <TASK> [ 13.120819] dump_stack_lvl+0x73/0xb0 [ 13.120846] print_report+0xd1/0x650 [ 13.120868] ? __virt_addr_valid+0x1db/0x2d0 [ 13.120890] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.120915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.120938] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.120963] kasan_report+0x141/0x180 [ 13.120985] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.121088] kasan_check_range+0x10c/0x1c0 [ 13.121131] __kasan_check_write+0x18/0x20 [ 13.121151] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.121177] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.121204] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.121225] ? trace_hardirqs_on+0x37/0xe0 [ 13.121247] ? kasan_bitops_generic+0x92/0x1c0 [ 13.121271] kasan_bitops_generic+0x116/0x1c0 [ 13.121291] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.121316] ? __pfx_read_tsc+0x10/0x10 [ 13.121336] ? ktime_get_ts64+0x86/0x230 [ 13.121360] kunit_try_run_case+0x1a5/0x480 [ 13.121389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.121409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.121433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.121458] ? __kthread_parkme+0x82/0x180 [ 13.121478] ? preempt_count_sub+0x50/0x80 [ 13.121501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.121522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.121546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.121569] kthread+0x337/0x6f0 [ 13.121588] ? trace_preempt_on+0x20/0xc0 [ 13.121610] ? __pfx_kthread+0x10/0x10 [ 13.121630] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.121652] ? calculate_sigpending+0x7b/0xa0 [ 13.121676] ? __pfx_kthread+0x10/0x10 [ 13.121697] ret_from_fork+0x116/0x1d0 [ 13.121723] ? __pfx_kthread+0x10/0x10 [ 13.121743] ret_from_fork_asm+0x1a/0x30 [ 13.121773] </TASK> [ 13.121783] [ 13.131703] Allocated by task 279: [ 13.131837] kasan_save_stack+0x45/0x70 [ 13.132138] kasan_save_track+0x18/0x40 [ 13.132441] kasan_save_alloc_info+0x3b/0x50 [ 13.132663] __kasan_kmalloc+0xb7/0xc0 [ 13.132857] __kmalloc_cache_noprof+0x189/0x420 [ 13.133085] kasan_bitops_generic+0x92/0x1c0 [ 13.133453] kunit_try_run_case+0x1a5/0x480 [ 13.133633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.133920] kthread+0x337/0x6f0 [ 13.134289] ret_from_fork+0x116/0x1d0 [ 13.134532] ret_from_fork_asm+0x1a/0x30 [ 13.134677] [ 13.134748] The buggy address belongs to the object at ffff888101892d40 [ 13.134748] which belongs to the cache kmalloc-16 of size 16 [ 13.135404] The buggy address is located 8 bytes inside of [ 13.135404] allocated 9-byte region [ffff888101892d40, ffff888101892d49) [ 13.136206] [ 13.136287] The buggy address belongs to the physical page: [ 13.136547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 13.136985] flags: 0x200000000000000(node=0|zone=2) [ 13.137269] page_type: f5(slab) [ 13.137458] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.137808] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.138042] page dumped because: kasan: bad access detected [ 13.138282] [ 13.138412] Memory state around the buggy address: [ 13.138646] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 13.139052] ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.139451] >ffff888101892d00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.139770] ^ [ 13.140097] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.140346] ffff888101892e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.140671] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
Automatically assigned
[ 13.025438] ================================================================== [ 13.025809] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.026261] Read of size 1 at addr ffff8881039b9850 by task kunit_try_catch/277 [ 13.026580] [ 13.026666] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 13.026711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.026774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.026798] Call Trace: [ 13.026815] <TASK> [ 13.026831] dump_stack_lvl+0x73/0xb0 [ 13.026859] print_report+0xd1/0x650 [ 13.026882] ? __virt_addr_valid+0x1db/0x2d0 [ 13.026905] ? strnlen+0x73/0x80 [ 13.026924] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.026948] ? strnlen+0x73/0x80 [ 13.026969] kasan_report+0x141/0x180 [ 13.026993] ? strnlen+0x73/0x80 [ 13.027017] __asan_report_load1_noabort+0x18/0x20 [ 13.027038] strnlen+0x73/0x80 [ 13.027059] kasan_strings+0x615/0xe80 [ 13.027080] ? trace_hardirqs_on+0x37/0xe0 [ 13.027103] ? __pfx_kasan_strings+0x10/0x10 [ 13.027124] ? finish_task_switch.isra.0+0x153/0x700 [ 13.027146] ? __switch_to+0x47/0xf50 [ 13.027171] ? __schedule+0x10cc/0x2b60 [ 13.027195] ? __pfx_read_tsc+0x10/0x10 [ 13.027216] ? ktime_get_ts64+0x86/0x230 [ 13.027241] kunit_try_run_case+0x1a5/0x480 [ 13.027263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.027282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.027474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.027504] ? __kthread_parkme+0x82/0x180 [ 13.027525] ? preempt_count_sub+0x50/0x80 [ 13.027548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.027569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.027594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.027618] kthread+0x337/0x6f0 [ 13.027637] ? trace_preempt_on+0x20/0xc0 [ 13.027660] ? __pfx_kthread+0x10/0x10 [ 13.027680] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.027704] ? calculate_sigpending+0x7b/0xa0 [ 13.027728] ? __pfx_kthread+0x10/0x10 [ 13.027750] ret_from_fork+0x116/0x1d0 [ 13.027776] ? __pfx_kthread+0x10/0x10 [ 13.027797] ret_from_fork_asm+0x1a/0x30 [ 13.027827] </TASK> [ 13.027839] [ 13.036225] Allocated by task 277: [ 13.036428] kasan_save_stack+0x45/0x70 [ 13.036634] kasan_save_track+0x18/0x40 [ 13.036839] kasan_save_alloc_info+0x3b/0x50 [ 13.037075] __kasan_kmalloc+0xb7/0xc0 [ 13.037233] __kmalloc_cache_noprof+0x189/0x420 [ 13.037471] kasan_strings+0xc0/0xe80 [ 13.037621] kunit_try_run_case+0x1a5/0x480 [ 13.037764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.038010] kthread+0x337/0x6f0 [ 13.038188] ret_from_fork+0x116/0x1d0 [ 13.038388] ret_from_fork_asm+0x1a/0x30 [ 13.038594] [ 13.038689] Freed by task 277: [ 13.038854] kasan_save_stack+0x45/0x70 [ 13.039032] kasan_save_track+0x18/0x40 [ 13.039329] kasan_save_free_info+0x3f/0x60 [ 13.039494] __kasan_slab_free+0x56/0x70 [ 13.039690] kfree+0x222/0x3f0 [ 13.039859] kasan_strings+0x2aa/0xe80 [ 13.040130] kunit_try_run_case+0x1a5/0x480 [ 13.040419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.040648] kthread+0x337/0x6f0 [ 13.040873] ret_from_fork+0x116/0x1d0 [ 13.041028] ret_from_fork_asm+0x1a/0x30 [ 13.041285] [ 13.041357] The buggy address belongs to the object at ffff8881039b9840 [ 13.041357] which belongs to the cache kmalloc-32 of size 32 [ 13.041953] The buggy address is located 16 bytes inside of [ 13.041953] freed 32-byte region [ffff8881039b9840, ffff8881039b9860) [ 13.042321] [ 13.042411] The buggy address belongs to the physical page: [ 13.042670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 13.043483] flags: 0x200000000000000(node=0|zone=2) [ 13.043704] page_type: f5(slab) [ 13.043885] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.044224] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.044653] page dumped because: kasan: bad access detected [ 13.044931] [ 13.045066] Memory state around the buggy address: [ 13.045235] ffff8881039b9700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.045466] ffff8881039b9780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.045899] >ffff8881039b9800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.046285] ^ [ 13.046477] ffff8881039b9880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.046777] ffff8881039b9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.047198] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
Automatically assigned
[ 12.995348] ================================================================== [ 12.995998] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 12.996589] Read of size 1 at addr ffff8881039b9850 by task kunit_try_catch/277 [ 12.997360] [ 12.997556] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.997604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.997617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.997639] Call Trace: [ 12.997652] <TASK> [ 12.997667] dump_stack_lvl+0x73/0xb0 [ 12.997694] print_report+0xd1/0x650 [ 12.997718] ? __virt_addr_valid+0x1db/0x2d0 [ 12.997741] ? strlen+0x8f/0xb0 [ 12.997760] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.997783] ? strlen+0x8f/0xb0 [ 12.997802] kasan_report+0x141/0x180 [ 12.997824] ? strlen+0x8f/0xb0 [ 12.997848] __asan_report_load1_noabort+0x18/0x20 [ 12.997869] strlen+0x8f/0xb0 [ 12.997889] kasan_strings+0x57b/0xe80 [ 12.997909] ? trace_hardirqs_on+0x37/0xe0 [ 12.997931] ? __pfx_kasan_strings+0x10/0x10 [ 12.997952] ? finish_task_switch.isra.0+0x153/0x700 [ 12.997973] ? __switch_to+0x47/0xf50 [ 12.997998] ? __schedule+0x10cc/0x2b60 [ 12.998030] ? __pfx_read_tsc+0x10/0x10 [ 12.998051] ? ktime_get_ts64+0x86/0x230 [ 12.998076] kunit_try_run_case+0x1a5/0x480 [ 12.998097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.998116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.998140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.998164] ? __kthread_parkme+0x82/0x180 [ 12.998184] ? preempt_count_sub+0x50/0x80 [ 12.998207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.998227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.998250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.998275] kthread+0x337/0x6f0 [ 12.998294] ? trace_preempt_on+0x20/0xc0 [ 12.998315] ? __pfx_kthread+0x10/0x10 [ 12.998336] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.998358] ? calculate_sigpending+0x7b/0xa0 [ 12.998394] ? __pfx_kthread+0x10/0x10 [ 12.998415] ret_from_fork+0x116/0x1d0 [ 12.998433] ? __pfx_kthread+0x10/0x10 [ 12.998453] ret_from_fork_asm+0x1a/0x30 [ 12.998486] </TASK> [ 12.998497] [ 13.012434] Allocated by task 277: [ 13.012890] kasan_save_stack+0x45/0x70 [ 13.013347] kasan_save_track+0x18/0x40 [ 13.013507] kasan_save_alloc_info+0x3b/0x50 [ 13.013844] __kasan_kmalloc+0xb7/0xc0 [ 13.014155] __kmalloc_cache_noprof+0x189/0x420 [ 13.014322] kasan_strings+0xc0/0xe80 [ 13.014476] kunit_try_run_case+0x1a5/0x480 [ 13.014633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.014995] kthread+0x337/0x6f0 [ 13.015505] ret_from_fork+0x116/0x1d0 [ 13.015935] ret_from_fork_asm+0x1a/0x30 [ 13.016219] [ 13.016391] Freed by task 277: [ 13.016693] kasan_save_stack+0x45/0x70 [ 13.017099] kasan_save_track+0x18/0x40 [ 13.017247] kasan_save_free_info+0x3f/0x60 [ 13.017402] __kasan_slab_free+0x56/0x70 [ 13.017541] kfree+0x222/0x3f0 [ 13.017656] kasan_strings+0x2aa/0xe80 [ 13.017823] kunit_try_run_case+0x1a5/0x480 [ 13.017967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.018509] kthread+0x337/0x6f0 [ 13.018654] ret_from_fork+0x116/0x1d0 [ 13.018966] ret_from_fork_asm+0x1a/0x30 [ 13.019138] [ 13.019361] The buggy address belongs to the object at ffff8881039b9840 [ 13.019361] which belongs to the cache kmalloc-32 of size 32 [ 13.019888] The buggy address is located 16 bytes inside of [ 13.019888] freed 32-byte region [ffff8881039b9840, ffff8881039b9860) [ 13.020309] [ 13.020417] The buggy address belongs to the physical page: [ 13.020732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 13.021059] flags: 0x200000000000000(node=0|zone=2) [ 13.021308] page_type: f5(slab) [ 13.021481] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.021828] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.022083] page dumped because: kasan: bad access detected [ 13.022257] [ 13.022370] Memory state around the buggy address: [ 13.022604] ffff8881039b9700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.023077] ffff8881039b9780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.023568] >ffff8881039b9800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.024111] ^ [ 13.024345] ffff8881039b9880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.024664] ffff8881039b9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.024881] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
Automatically assigned
[ 12.961214] ================================================================== [ 12.961517] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 12.961871] Read of size 1 at addr ffff8881039b9850 by task kunit_try_catch/277 [ 12.962180] [ 12.962823] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.962894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.962909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.962934] Call Trace: [ 12.962950] <TASK> [ 12.962968] dump_stack_lvl+0x73/0xb0 [ 12.963005] print_report+0xd1/0x650 [ 12.963029] ? __virt_addr_valid+0x1db/0x2d0 [ 12.963051] ? kasan_strings+0xcbc/0xe80 [ 12.963072] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.963096] ? kasan_strings+0xcbc/0xe80 [ 12.963118] kasan_report+0x141/0x180 [ 12.963141] ? kasan_strings+0xcbc/0xe80 [ 12.963168] __asan_report_load1_noabort+0x18/0x20 [ 12.963188] kasan_strings+0xcbc/0xe80 [ 12.963207] ? trace_hardirqs_on+0x37/0xe0 [ 12.963230] ? __pfx_kasan_strings+0x10/0x10 [ 12.963250] ? finish_task_switch.isra.0+0x153/0x700 [ 12.963273] ? __switch_to+0x47/0xf50 [ 12.963299] ? __schedule+0x10cc/0x2b60 [ 12.963323] ? __pfx_read_tsc+0x10/0x10 [ 12.963343] ? ktime_get_ts64+0x86/0x230 [ 12.963367] kunit_try_run_case+0x1a5/0x480 [ 12.963398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.963438] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.963462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.963487] ? __kthread_parkme+0x82/0x180 [ 12.963506] ? preempt_count_sub+0x50/0x80 [ 12.963529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.963550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.963574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.963598] kthread+0x337/0x6f0 [ 12.963617] ? trace_preempt_on+0x20/0xc0 [ 12.963639] ? __pfx_kthread+0x10/0x10 [ 12.963659] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.963681] ? calculate_sigpending+0x7b/0xa0 [ 12.963705] ? __pfx_kthread+0x10/0x10 [ 12.963733] ret_from_fork+0x116/0x1d0 [ 12.963752] ? __pfx_kthread+0x10/0x10 [ 12.963772] ret_from_fork_asm+0x1a/0x30 [ 12.963803] </TASK> [ 12.963813] [ 12.977388] Allocated by task 277: [ 12.977715] kasan_save_stack+0x45/0x70 [ 12.978169] kasan_save_track+0x18/0x40 [ 12.978359] kasan_save_alloc_info+0x3b/0x50 [ 12.978524] __kasan_kmalloc+0xb7/0xc0 [ 12.978661] __kmalloc_cache_noprof+0x189/0x420 [ 12.979010] kasan_strings+0xc0/0xe80 [ 12.979528] kunit_try_run_case+0x1a5/0x480 [ 12.979937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.980571] kthread+0x337/0x6f0 [ 12.980934] ret_from_fork+0x116/0x1d0 [ 12.981322] ret_from_fork_asm+0x1a/0x30 [ 12.981840] [ 12.981961] Freed by task 277: [ 12.982129] kasan_save_stack+0x45/0x70 [ 12.982495] kasan_save_track+0x18/0x40 [ 12.982859] kasan_save_free_info+0x3f/0x60 [ 12.983120] __kasan_slab_free+0x56/0x70 [ 12.983618] kfree+0x222/0x3f0 [ 12.983792] kasan_strings+0x2aa/0xe80 [ 12.983971] kunit_try_run_case+0x1a5/0x480 [ 12.984423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.984758] kthread+0x337/0x6f0 [ 12.984883] ret_from_fork+0x116/0x1d0 [ 12.985097] ret_from_fork_asm+0x1a/0x30 [ 12.985466] [ 12.985627] The buggy address belongs to the object at ffff8881039b9840 [ 12.985627] which belongs to the cache kmalloc-32 of size 32 [ 12.986725] The buggy address is located 16 bytes inside of [ 12.986725] freed 32-byte region [ffff8881039b9840, ffff8881039b9860) [ 12.987503] [ 12.987585] The buggy address belongs to the physical page: [ 12.987786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 12.988541] flags: 0x200000000000000(node=0|zone=2) [ 12.989094] page_type: f5(slab) [ 12.989411] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.990154] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.990667] page dumped because: kasan: bad access detected [ 12.990918] [ 12.991078] Memory state around the buggy address: [ 12.991664] ffff8881039b9700: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.992428] ffff8881039b9780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.992776] >ffff8881039b9800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.992995] ^ [ 12.993595] ffff8881039b9880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.994269] ffff8881039b9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.994649] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
Automatically assigned
[ 12.931711] ================================================================== [ 12.933247] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 12.933546] Read of size 1 at addr ffff8881039b9850 by task kunit_try_catch/277 [ 12.934041] [ 12.934397] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.934449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.934462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.934484] Call Trace: [ 12.934497] <TASK> [ 12.934514] dump_stack_lvl+0x73/0xb0 [ 12.934543] print_report+0xd1/0x650 [ 12.934568] ? __virt_addr_valid+0x1db/0x2d0 [ 12.934591] ? strcmp+0xb0/0xc0 [ 12.934610] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.934634] ? strcmp+0xb0/0xc0 [ 12.934652] kasan_report+0x141/0x180 [ 12.934676] ? strcmp+0xb0/0xc0 [ 12.934699] __asan_report_load1_noabort+0x18/0x20 [ 12.934914] strcmp+0xb0/0xc0 [ 12.934939] kasan_strings+0x431/0xe80 [ 12.934960] ? trace_hardirqs_on+0x37/0xe0 [ 12.934999] ? __pfx_kasan_strings+0x10/0x10 [ 12.935024] ? finish_task_switch.isra.0+0x153/0x700 [ 12.935047] ? __switch_to+0x47/0xf50 [ 12.935074] ? __schedule+0x10cc/0x2b60 [ 12.935100] ? __pfx_read_tsc+0x10/0x10 [ 12.935122] ? ktime_get_ts64+0x86/0x230 [ 12.935147] kunit_try_run_case+0x1a5/0x480 [ 12.935169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.935189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.935214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.935240] ? __kthread_parkme+0x82/0x180 [ 12.935259] ? preempt_count_sub+0x50/0x80 [ 12.935282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.935302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.935327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.935352] kthread+0x337/0x6f0 [ 12.935371] ? trace_preempt_on+0x20/0xc0 [ 12.935402] ? __pfx_kthread+0x10/0x10 [ 12.935422] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.935445] ? calculate_sigpending+0x7b/0xa0 [ 12.935469] ? __pfx_kthread+0x10/0x10 [ 12.935491] ret_from_fork+0x116/0x1d0 [ 12.935510] ? __pfx_kthread+0x10/0x10 [ 12.935530] ret_from_fork_asm+0x1a/0x30 [ 12.935560] </TASK> [ 12.935571] [ 12.946186] Allocated by task 277: [ 12.946346] kasan_save_stack+0x45/0x70 [ 12.946559] kasan_save_track+0x18/0x40 [ 12.947096] kasan_save_alloc_info+0x3b/0x50 [ 12.947430] __kasan_kmalloc+0xb7/0xc0 [ 12.947582] __kmalloc_cache_noprof+0x189/0x420 [ 12.947945] kasan_strings+0xc0/0xe80 [ 12.948341] kunit_try_run_case+0x1a5/0x480 [ 12.948654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.948900] kthread+0x337/0x6f0 [ 12.949259] ret_from_fork+0x116/0x1d0 [ 12.949479] ret_from_fork_asm+0x1a/0x30 [ 12.949802] [ 12.949903] Freed by task 277: [ 12.950050] kasan_save_stack+0x45/0x70 [ 12.950251] kasan_save_track+0x18/0x40 [ 12.950460] kasan_save_free_info+0x3f/0x60 [ 12.950641] __kasan_slab_free+0x56/0x70 [ 12.950875] kfree+0x222/0x3f0 [ 12.951389] kasan_strings+0x2aa/0xe80 [ 12.951567] kunit_try_run_case+0x1a5/0x480 [ 12.951929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.952294] kthread+0x337/0x6f0 [ 12.952488] ret_from_fork+0x116/0x1d0 [ 12.952819] ret_from_fork_asm+0x1a/0x30 [ 12.953204] [ 12.953310] The buggy address belongs to the object at ffff8881039b9840 [ 12.953310] which belongs to the cache kmalloc-32 of size 32 [ 12.953926] The buggy address is located 16 bytes inside of [ 12.953926] freed 32-byte region [ffff8881039b9840, ffff8881039b9860) [ 12.954621] [ 12.954721] The buggy address belongs to the physical page: [ 12.955134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b9 [ 12.955482] flags: 0x200000000000000(node=0|zone=2) [ 12.955699] page_type: f5(slab) [ 12.956236] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.956551] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.957022] page dumped because: kasan: bad access detected [ 12.957357] [ 12.957473] Memory state around the buggy address: [ 12.957692] ffff8881039b9700: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.958324] ffff8881039b9780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.958709] >ffff8881039b9800: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.959117] ^ [ 12.959540] ffff8881039b9880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.959869] ffff8881039b9900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.960419] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
Automatically assigned
[ 12.890882] ================================================================== [ 12.891826] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 12.892220] Read of size 1 at addr ffff8881039823d8 by task kunit_try_catch/275 [ 12.893425] [ 12.893579] CPU: 0 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.893630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.893884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.893911] Call Trace: [ 12.893926] <TASK> [ 12.893942] dump_stack_lvl+0x73/0xb0 [ 12.893972] print_report+0xd1/0x650 [ 12.893996] ? __virt_addr_valid+0x1db/0x2d0 [ 12.894020] ? memcmp+0x1b4/0x1d0 [ 12.894045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.894068] ? memcmp+0x1b4/0x1d0 [ 12.894087] kasan_report+0x141/0x180 [ 12.894110] ? memcmp+0x1b4/0x1d0 [ 12.894133] __asan_report_load1_noabort+0x18/0x20 [ 12.894154] memcmp+0x1b4/0x1d0 [ 12.894175] kasan_memcmp+0x18f/0x390 [ 12.894195] ? trace_hardirqs_on+0x37/0xe0 [ 12.894218] ? __pfx_kasan_memcmp+0x10/0x10 [ 12.894238] ? finish_task_switch.isra.0+0x153/0x700 [ 12.894260] ? __switch_to+0x47/0xf50 [ 12.894288] ? __pfx_read_tsc+0x10/0x10 [ 12.894309] ? ktime_get_ts64+0x86/0x230 [ 12.894334] kunit_try_run_case+0x1a5/0x480 [ 12.894355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.894384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.894409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.894434] ? __kthread_parkme+0x82/0x180 [ 12.894454] ? preempt_count_sub+0x50/0x80 [ 12.894476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.894497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.894521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.894545] kthread+0x337/0x6f0 [ 12.894564] ? trace_preempt_on+0x20/0xc0 [ 12.894586] ? __pfx_kthread+0x10/0x10 [ 12.894607] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.894629] ? calculate_sigpending+0x7b/0xa0 [ 12.894654] ? __pfx_kthread+0x10/0x10 [ 12.894675] ret_from_fork+0x116/0x1d0 [ 12.894693] ? __pfx_kthread+0x10/0x10 [ 12.894739] ret_from_fork_asm+0x1a/0x30 [ 12.894769] </TASK> [ 12.894780] [ 12.909371] Allocated by task 275: [ 12.909546] kasan_save_stack+0x45/0x70 [ 12.909885] kasan_save_track+0x18/0x40 [ 12.910300] kasan_save_alloc_info+0x3b/0x50 [ 12.910517] __kasan_kmalloc+0xb7/0xc0 [ 12.910874] __kmalloc_cache_noprof+0x189/0x420 [ 12.911477] kasan_memcmp+0xb7/0x390 [ 12.911660] kunit_try_run_case+0x1a5/0x480 [ 12.911877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912240] kthread+0x337/0x6f0 [ 12.912665] ret_from_fork+0x116/0x1d0 [ 12.913057] ret_from_fork_asm+0x1a/0x30 [ 12.913270] [ 12.913351] The buggy address belongs to the object at ffff8881039823c0 [ 12.913351] which belongs to the cache kmalloc-32 of size 32 [ 12.914397] The buggy address is located 0 bytes to the right of [ 12.914397] allocated 24-byte region [ffff8881039823c0, ffff8881039823d8) [ 12.915204] [ 12.915548] The buggy address belongs to the physical page: [ 12.915931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103982 [ 12.916399] flags: 0x200000000000000(node=0|zone=2) [ 12.916634] page_type: f5(slab) [ 12.917020] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.917533] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.918180] page dumped because: kasan: bad access detected [ 12.918530] [ 12.918611] Memory state around the buggy address: [ 12.919102] ffff888103982280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.919549] ffff888103982300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.920255] >ffff888103982380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.920578] ^ [ 12.921113] ffff888103982400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.921507] ffff888103982480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.922004] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
Automatically assigned
[ 11.471326] ================================================================== [ 11.472417] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.472642] Read of size 1 at addr ffff888102a7ae00 by task kunit_try_catch/214 [ 11.473766] [ 11.474158] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.474211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.474236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.474257] Call Trace: [ 11.474271] <TASK> [ 11.474286] dump_stack_lvl+0x73/0xb0 [ 11.474320] print_report+0xd1/0x650 [ 11.474342] ? __virt_addr_valid+0x1db/0x2d0 [ 11.474364] ? ksize_uaf+0x5fe/0x6c0 [ 11.474393] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.474415] ? ksize_uaf+0x5fe/0x6c0 [ 11.474436] kasan_report+0x141/0x180 [ 11.474457] ? ksize_uaf+0x5fe/0x6c0 [ 11.474483] __asan_report_load1_noabort+0x18/0x20 [ 11.474502] ksize_uaf+0x5fe/0x6c0 [ 11.474523] ? __pfx_ksize_uaf+0x10/0x10 [ 11.474544] ? __schedule+0x10cc/0x2b60 [ 11.474567] ? __pfx_read_tsc+0x10/0x10 [ 11.474586] ? ktime_get_ts64+0x86/0x230 [ 11.474609] kunit_try_run_case+0x1a5/0x480 [ 11.474629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.474648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.474671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.474695] ? __kthread_parkme+0x82/0x180 [ 11.474744] ? preempt_count_sub+0x50/0x80 [ 11.474767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.474788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.474811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.474835] kthread+0x337/0x6f0 [ 11.474853] ? trace_preempt_on+0x20/0xc0 [ 11.474875] ? __pfx_kthread+0x10/0x10 [ 11.474895] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.474918] ? calculate_sigpending+0x7b/0xa0 [ 11.474940] ? __pfx_kthread+0x10/0x10 [ 11.474961] ret_from_fork+0x116/0x1d0 [ 11.474979] ? __pfx_kthread+0x10/0x10 [ 11.474998] ret_from_fork_asm+0x1a/0x30 [ 11.475077] </TASK> [ 11.475088] [ 11.489923] Allocated by task 214: [ 11.490317] kasan_save_stack+0x45/0x70 [ 11.490609] kasan_save_track+0x18/0x40 [ 11.490995] kasan_save_alloc_info+0x3b/0x50 [ 11.491396] __kasan_kmalloc+0xb7/0xc0 [ 11.491602] __kmalloc_cache_noprof+0x189/0x420 [ 11.492115] ksize_uaf+0xaa/0x6c0 [ 11.492427] kunit_try_run_case+0x1a5/0x480 [ 11.492574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.492764] kthread+0x337/0x6f0 [ 11.492887] ret_from_fork+0x116/0x1d0 [ 11.493030] ret_from_fork_asm+0x1a/0x30 [ 11.493434] [ 11.493661] Freed by task 214: [ 11.494097] kasan_save_stack+0x45/0x70 [ 11.494552] kasan_save_track+0x18/0x40 [ 11.494913] kasan_save_free_info+0x3f/0x60 [ 11.495122] __kasan_slab_free+0x56/0x70 [ 11.495563] kfree+0x222/0x3f0 [ 11.495859] ksize_uaf+0x12c/0x6c0 [ 11.496269] kunit_try_run_case+0x1a5/0x480 [ 11.496525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.497005] kthread+0x337/0x6f0 [ 11.497411] ret_from_fork+0x116/0x1d0 [ 11.497741] ret_from_fork_asm+0x1a/0x30 [ 11.498141] [ 11.498213] The buggy address belongs to the object at ffff888102a7ae00 [ 11.498213] which belongs to the cache kmalloc-128 of size 128 [ 11.499072] The buggy address is located 0 bytes inside of [ 11.499072] freed 128-byte region [ffff888102a7ae00, ffff888102a7ae80) [ 11.500269] [ 11.500460] The buggy address belongs to the physical page: [ 11.500773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.501554] flags: 0x200000000000000(node=0|zone=2) [ 11.501731] page_type: f5(slab) [ 11.502030] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.502942] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.503325] page dumped because: kasan: bad access detected [ 11.503508] [ 11.503590] Memory state around the buggy address: [ 11.503746] ffff888102a7ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.504491] ffff888102a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.505237] >ffff888102a7ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.505693] ^ [ 11.505908] ffff888102a7ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.506482] ffff888102a7af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.506699] ================================================================== [ 11.507936] ================================================================== [ 11.508735] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.509412] Read of size 1 at addr ffff888102a7ae78 by task kunit_try_catch/214 [ 11.509886] [ 11.509976] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.510019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.510035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.510055] Call Trace: [ 11.510066] <TASK> [ 11.510082] dump_stack_lvl+0x73/0xb0 [ 11.510109] print_report+0xd1/0x650 [ 11.510132] ? __virt_addr_valid+0x1db/0x2d0 [ 11.510154] ? ksize_uaf+0x5e4/0x6c0 [ 11.510174] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.510196] ? ksize_uaf+0x5e4/0x6c0 [ 11.510217] kasan_report+0x141/0x180 [ 11.510239] ? ksize_uaf+0x5e4/0x6c0 [ 11.510264] __asan_report_load1_noabort+0x18/0x20 [ 11.510284] ksize_uaf+0x5e4/0x6c0 [ 11.510304] ? __pfx_ksize_uaf+0x10/0x10 [ 11.510325] ? __schedule+0x10cc/0x2b60 [ 11.510349] ? __pfx_read_tsc+0x10/0x10 [ 11.510369] ? ktime_get_ts64+0x86/0x230 [ 11.510407] kunit_try_run_case+0x1a5/0x480 [ 11.510427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.510446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.510470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.510494] ? __kthread_parkme+0x82/0x180 [ 11.510513] ? preempt_count_sub+0x50/0x80 [ 11.510537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.510557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.510580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.510604] kthread+0x337/0x6f0 [ 11.510622] ? trace_preempt_on+0x20/0xc0 [ 11.510645] ? __pfx_kthread+0x10/0x10 [ 11.510665] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.510687] ? calculate_sigpending+0x7b/0xa0 [ 11.510711] ? __pfx_kthread+0x10/0x10 [ 11.510731] ret_from_fork+0x116/0x1d0 [ 11.510799] ? __pfx_kthread+0x10/0x10 [ 11.510820] ret_from_fork_asm+0x1a/0x30 [ 11.510862] </TASK> [ 11.510872] [ 11.518387] Allocated by task 214: [ 11.518715] kasan_save_stack+0x45/0x70 [ 11.518981] kasan_save_track+0x18/0x40 [ 11.519277] kasan_save_alloc_info+0x3b/0x50 [ 11.519618] __kasan_kmalloc+0xb7/0xc0 [ 11.519859] __kmalloc_cache_noprof+0x189/0x420 [ 11.520072] ksize_uaf+0xaa/0x6c0 [ 11.520252] kunit_try_run_case+0x1a5/0x480 [ 11.520472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.520710] kthread+0x337/0x6f0 [ 11.520905] ret_from_fork+0x116/0x1d0 [ 11.521096] ret_from_fork_asm+0x1a/0x30 [ 11.521329] [ 11.521435] Freed by task 214: [ 11.521625] kasan_save_stack+0x45/0x70 [ 11.521798] kasan_save_track+0x18/0x40 [ 11.522010] kasan_save_free_info+0x3f/0x60 [ 11.522410] __kasan_slab_free+0x56/0x70 [ 11.522724] kfree+0x222/0x3f0 [ 11.522847] ksize_uaf+0x12c/0x6c0 [ 11.522973] kunit_try_run_case+0x1a5/0x480 [ 11.523116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.523370] kthread+0x337/0x6f0 [ 11.523553] ret_from_fork+0x116/0x1d0 [ 11.523739] ret_from_fork_asm+0x1a/0x30 [ 11.524070] [ 11.524146] The buggy address belongs to the object at ffff888102a7ae00 [ 11.524146] which belongs to the cache kmalloc-128 of size 128 [ 11.524588] The buggy address is located 120 bytes inside of [ 11.524588] freed 128-byte region [ffff888102a7ae00, ffff888102a7ae80) [ 11.525492] [ 11.525613] The buggy address belongs to the physical page: [ 11.525844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.526343] flags: 0x200000000000000(node=0|zone=2) [ 11.526601] page_type: f5(slab) [ 11.526807] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.527189] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.527677] page dumped because: kasan: bad access detected [ 11.528017] [ 11.528218] Memory state around the buggy address: [ 11.528454] ffff888102a7ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.528768] ffff888102a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.529141] >ffff888102a7ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.529477] ^ [ 11.529818] ffff888102a7ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.530171] ffff888102a7af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.530460] ================================================================== [ 11.446445] ================================================================== [ 11.446975] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.447477] Read of size 1 at addr ffff888102a7ae00 by task kunit_try_catch/214 [ 11.447806] [ 11.447905] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.447949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.447961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.447981] Call Trace: [ 11.447992] <TASK> [ 11.448007] dump_stack_lvl+0x73/0xb0 [ 11.448034] print_report+0xd1/0x650 [ 11.448056] ? __virt_addr_valid+0x1db/0x2d0 [ 11.448078] ? ksize_uaf+0x19d/0x6c0 [ 11.448098] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.448120] ? ksize_uaf+0x19d/0x6c0 [ 11.448141] kasan_report+0x141/0x180 [ 11.448162] ? ksize_uaf+0x19d/0x6c0 [ 11.448186] ? ksize_uaf+0x19d/0x6c0 [ 11.448206] __kasan_check_byte+0x3d/0x50 [ 11.448228] ksize+0x20/0x60 [ 11.448248] ksize_uaf+0x19d/0x6c0 [ 11.448269] ? __pfx_ksize_uaf+0x10/0x10 [ 11.448291] ? __schedule+0x10cc/0x2b60 [ 11.448314] ? __pfx_read_tsc+0x10/0x10 [ 11.448334] ? ktime_get_ts64+0x86/0x230 [ 11.448358] kunit_try_run_case+0x1a5/0x480 [ 11.448388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.448407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.448431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.448455] ? __kthread_parkme+0x82/0x180 [ 11.448474] ? preempt_count_sub+0x50/0x80 [ 11.448497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.448517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.448540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.448563] kthread+0x337/0x6f0 [ 11.448582] ? trace_preempt_on+0x20/0xc0 [ 11.448604] ? __pfx_kthread+0x10/0x10 [ 11.448624] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.448646] ? calculate_sigpending+0x7b/0xa0 [ 11.448668] ? __pfx_kthread+0x10/0x10 [ 11.448689] ret_from_fork+0x116/0x1d0 [ 11.448707] ? __pfx_kthread+0x10/0x10 [ 11.448778] ret_from_fork_asm+0x1a/0x30 [ 11.448808] </TASK> [ 11.448818] [ 11.456309] Allocated by task 214: [ 11.456491] kasan_save_stack+0x45/0x70 [ 11.456662] kasan_save_track+0x18/0x40 [ 11.456890] kasan_save_alloc_info+0x3b/0x50 [ 11.457160] __kasan_kmalloc+0xb7/0xc0 [ 11.457298] __kmalloc_cache_noprof+0x189/0x420 [ 11.457494] ksize_uaf+0xaa/0x6c0 [ 11.457669] kunit_try_run_case+0x1a5/0x480 [ 11.457903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.458414] kthread+0x337/0x6f0 [ 11.458578] ret_from_fork+0x116/0x1d0 [ 11.458712] ret_from_fork_asm+0x1a/0x30 [ 11.458893] [ 11.458990] Freed by task 214: [ 11.459286] kasan_save_stack+0x45/0x70 [ 11.459491] kasan_save_track+0x18/0x40 [ 11.459687] kasan_save_free_info+0x3f/0x60 [ 11.459947] __kasan_slab_free+0x56/0x70 [ 11.460188] kfree+0x222/0x3f0 [ 11.460347] ksize_uaf+0x12c/0x6c0 [ 11.460587] kunit_try_run_case+0x1a5/0x480 [ 11.460827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.461031] kthread+0x337/0x6f0 [ 11.461225] ret_from_fork+0x116/0x1d0 [ 11.461414] ret_from_fork_asm+0x1a/0x30 [ 11.461641] [ 11.461780] The buggy address belongs to the object at ffff888102a7ae00 [ 11.461780] which belongs to the cache kmalloc-128 of size 128 [ 11.462347] The buggy address is located 0 bytes inside of [ 11.462347] freed 128-byte region [ffff888102a7ae00, ffff888102a7ae80) [ 11.462710] [ 11.462829] The buggy address belongs to the physical page: [ 11.463083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.463677] flags: 0x200000000000000(node=0|zone=2) [ 11.464081] page_type: f5(slab) [ 11.464300] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.464715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.464972] page dumped because: kasan: bad access detected [ 11.465146] [ 11.465275] Memory state around the buggy address: [ 11.465545] ffff888102a7ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.465946] ffff888102a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.466334] >ffff888102a7ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.466611] ^ [ 11.467420] ffff888102a7ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.467940] ffff888102a7af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.468800] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
Automatically assigned
[ 11.400690] ================================================================== [ 11.401425] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.402240] Read of size 1 at addr ffff888102a7ad78 by task kunit_try_catch/212 [ 11.402817] [ 11.402906] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.402950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.402961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.402981] Call Trace: [ 11.402993] <TASK> [ 11.403016] dump_stack_lvl+0x73/0xb0 [ 11.403044] print_report+0xd1/0x650 [ 11.403067] ? __virt_addr_valid+0x1db/0x2d0 [ 11.403088] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.403161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.403196] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.403220] kasan_report+0x141/0x180 [ 11.403242] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.403270] __asan_report_load1_noabort+0x18/0x20 [ 11.403299] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.403323] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.403345] ? finish_task_switch.isra.0+0x153/0x700 [ 11.403386] ? __switch_to+0x47/0xf50 [ 11.403411] ? __schedule+0x10cc/0x2b60 [ 11.403436] ? __pfx_read_tsc+0x10/0x10 [ 11.403455] ? ktime_get_ts64+0x86/0x230 [ 11.403479] kunit_try_run_case+0x1a5/0x480 [ 11.403499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.403518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.403542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.403566] ? __kthread_parkme+0x82/0x180 [ 11.403586] ? preempt_count_sub+0x50/0x80 [ 11.403608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.403628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.403651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.403674] kthread+0x337/0x6f0 [ 11.403693] ? trace_preempt_on+0x20/0xc0 [ 11.403715] ? __pfx_kthread+0x10/0x10 [ 11.403736] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.403758] ? calculate_sigpending+0x7b/0xa0 [ 11.403781] ? __pfx_kthread+0x10/0x10 [ 11.403802] ret_from_fork+0x116/0x1d0 [ 11.403819] ? __pfx_kthread+0x10/0x10 [ 11.403839] ret_from_fork_asm+0x1a/0x30 [ 11.403869] </TASK> [ 11.403880] [ 11.415941] Allocated by task 212: [ 11.416102] kasan_save_stack+0x45/0x70 [ 11.416253] kasan_save_track+0x18/0x40 [ 11.416440] kasan_save_alloc_info+0x3b/0x50 [ 11.416648] __kasan_kmalloc+0xb7/0xc0 [ 11.416834] __kmalloc_cache_noprof+0x189/0x420 [ 11.417045] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.417305] kunit_try_run_case+0x1a5/0x480 [ 11.417492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.417775] kthread+0x337/0x6f0 [ 11.417921] ret_from_fork+0x116/0x1d0 [ 11.418060] ret_from_fork_asm+0x1a/0x30 [ 11.418237] [ 11.418393] The buggy address belongs to the object at ffff888102a7ad00 [ 11.418393] which belongs to the cache kmalloc-128 of size 128 [ 11.419283] The buggy address is located 5 bytes to the right of [ 11.419283] allocated 115-byte region [ffff888102a7ad00, ffff888102a7ad73) [ 11.419949] [ 11.420048] The buggy address belongs to the physical page: [ 11.420248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.420661] flags: 0x200000000000000(node=0|zone=2) [ 11.421118] page_type: f5(slab) [ 11.421272] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.421516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.422273] page dumped because: kasan: bad access detected [ 11.422528] [ 11.422606] Memory state around the buggy address: [ 11.422810] ffff888102a7ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.423078] ffff888102a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.423414] >ffff888102a7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.423701] ^ [ 11.424008] ffff888102a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.424303] ffff888102a7ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.424694] ================================================================== [ 11.366532] ================================================================== [ 11.366959] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.367203] Read of size 1 at addr ffff888102a7ad73 by task kunit_try_catch/212 [ 11.367436] [ 11.367524] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.367569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.367580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.367601] Call Trace: [ 11.367612] <TASK> [ 11.367628] dump_stack_lvl+0x73/0xb0 [ 11.367653] print_report+0xd1/0x650 [ 11.367676] ? __virt_addr_valid+0x1db/0x2d0 [ 11.367698] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.367721] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.367743] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.367766] kasan_report+0x141/0x180 [ 11.367787] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.367815] __asan_report_load1_noabort+0x18/0x20 [ 11.367834] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.367857] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.367879] ? finish_task_switch.isra.0+0x153/0x700 [ 11.367900] ? __switch_to+0x47/0xf50 [ 11.367926] ? __schedule+0x10cc/0x2b60 [ 11.367949] ? __pfx_read_tsc+0x10/0x10 [ 11.367968] ? ktime_get_ts64+0x86/0x230 [ 11.367992] kunit_try_run_case+0x1a5/0x480 [ 11.368013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.368032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.368056] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.368079] ? __kthread_parkme+0x82/0x180 [ 11.368098] ? preempt_count_sub+0x50/0x80 [ 11.368120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.368140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.368163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.368187] kthread+0x337/0x6f0 [ 11.368205] ? trace_preempt_on+0x20/0xc0 [ 11.368226] ? __pfx_kthread+0x10/0x10 [ 11.368246] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.368267] ? calculate_sigpending+0x7b/0xa0 [ 11.368289] ? __pfx_kthread+0x10/0x10 [ 11.368310] ret_from_fork+0x116/0x1d0 [ 11.368327] ? __pfx_kthread+0x10/0x10 [ 11.368346] ret_from_fork_asm+0x1a/0x30 [ 11.368397] </TASK> [ 11.368408] [ 11.385159] Allocated by task 212: [ 11.385690] kasan_save_stack+0x45/0x70 [ 11.386173] kasan_save_track+0x18/0x40 [ 11.386561] kasan_save_alloc_info+0x3b/0x50 [ 11.386987] __kasan_kmalloc+0xb7/0xc0 [ 11.387367] __kmalloc_cache_noprof+0x189/0x420 [ 11.387534] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.387686] kunit_try_run_case+0x1a5/0x480 [ 11.388103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.388671] kthread+0x337/0x6f0 [ 11.389046] ret_from_fork+0x116/0x1d0 [ 11.389459] ret_from_fork_asm+0x1a/0x30 [ 11.389884] [ 11.390251] The buggy address belongs to the object at ffff888102a7ad00 [ 11.390251] which belongs to the cache kmalloc-128 of size 128 [ 11.390726] The buggy address is located 0 bytes to the right of [ 11.390726] allocated 115-byte region [ffff888102a7ad00, ffff888102a7ad73) [ 11.392054] [ 11.392249] The buggy address belongs to the physical page: [ 11.392769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.393270] flags: 0x200000000000000(node=0|zone=2) [ 11.393657] page_type: f5(slab) [ 11.393814] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.394473] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.394896] page dumped because: kasan: bad access detected [ 11.395165] [ 11.395354] Memory state around the buggy address: [ 11.395838] ffff888102a7ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.396660] ffff888102a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.397269] >ffff888102a7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.397503] ^ [ 11.397721] ffff888102a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.398501] ffff888102a7ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.399391] ================================================================== [ 11.425061] ================================================================== [ 11.425410] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.425810] Read of size 1 at addr ffff888102a7ad7f by task kunit_try_catch/212 [ 11.426102] [ 11.426197] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.426238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.426250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.426270] Call Trace: [ 11.426286] <TASK> [ 11.426301] dump_stack_lvl+0x73/0xb0 [ 11.426326] print_report+0xd1/0x650 [ 11.426349] ? __virt_addr_valid+0x1db/0x2d0 [ 11.426370] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.426404] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.426426] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.426449] kasan_report+0x141/0x180 [ 11.426471] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.426498] __asan_report_load1_noabort+0x18/0x20 [ 11.426519] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.426543] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.426566] ? finish_task_switch.isra.0+0x153/0x700 [ 11.426587] ? __switch_to+0x47/0xf50 [ 11.426612] ? __schedule+0x10cc/0x2b60 [ 11.426636] ? __pfx_read_tsc+0x10/0x10 [ 11.426656] ? ktime_get_ts64+0x86/0x230 [ 11.426680] kunit_try_run_case+0x1a5/0x480 [ 11.426700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.426719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.426743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.426767] ? __kthread_parkme+0x82/0x180 [ 11.426941] ? preempt_count_sub+0x50/0x80 [ 11.426968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.426989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.427055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.427080] kthread+0x337/0x6f0 [ 11.427098] ? trace_preempt_on+0x20/0xc0 [ 11.427122] ? __pfx_kthread+0x10/0x10 [ 11.427142] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.427164] ? calculate_sigpending+0x7b/0xa0 [ 11.427187] ? __pfx_kthread+0x10/0x10 [ 11.427208] ret_from_fork+0x116/0x1d0 [ 11.427225] ? __pfx_kthread+0x10/0x10 [ 11.427245] ret_from_fork_asm+0x1a/0x30 [ 11.427275] </TASK> [ 11.427285] [ 11.434586] Allocated by task 212: [ 11.434796] kasan_save_stack+0x45/0x70 [ 11.435005] kasan_save_track+0x18/0x40 [ 11.435249] kasan_save_alloc_info+0x3b/0x50 [ 11.435480] __kasan_kmalloc+0xb7/0xc0 [ 11.435672] __kmalloc_cache_noprof+0x189/0x420 [ 11.436127] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.436354] kunit_try_run_case+0x1a5/0x480 [ 11.436551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.437016] kthread+0x337/0x6f0 [ 11.437150] ret_from_fork+0x116/0x1d0 [ 11.437327] ret_from_fork_asm+0x1a/0x30 [ 11.437540] [ 11.437636] The buggy address belongs to the object at ffff888102a7ad00 [ 11.437636] which belongs to the cache kmalloc-128 of size 128 [ 11.438243] The buggy address is located 12 bytes to the right of [ 11.438243] allocated 115-byte region [ffff888102a7ad00, ffff888102a7ad73) [ 11.438620] [ 11.438714] The buggy address belongs to the physical page: [ 11.438963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 11.439394] flags: 0x200000000000000(node=0|zone=2) [ 11.439562] page_type: f5(slab) [ 11.439732] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.440196] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.440485] page dumped because: kasan: bad access detected [ 11.440658] [ 11.440731] Memory state around the buggy address: [ 11.440890] ffff888102a7ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.441302] ffff888102a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.441636] >ffff888102a7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.441952] ^ [ 11.442283] ffff888102a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.442766] ffff888102a7ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.443154] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive: Failure
Automatically assigned
[ 11.339173] ================================================================== [ 11.339878] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.340179] Free of addr ffff888101e62300 by task kunit_try_catch/210 [ 11.340391] [ 11.340473] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.340514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.340526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.340545] Call Trace: [ 11.340556] <TASK> [ 11.340571] dump_stack_lvl+0x73/0xb0 [ 11.340596] print_report+0xd1/0x650 [ 11.340619] ? __virt_addr_valid+0x1db/0x2d0 [ 11.340641] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.340662] ? kfree_sensitive+0x2e/0x90 [ 11.340683] kasan_report_invalid_free+0x10a/0x130 [ 11.340708] ? kfree_sensitive+0x2e/0x90 [ 11.340742] ? kfree_sensitive+0x2e/0x90 [ 11.340761] check_slab_allocation+0x101/0x130 [ 11.340783] __kasan_slab_pre_free+0x28/0x40 [ 11.340804] kfree+0xf0/0x3f0 [ 11.340821] ? kfree_sensitive+0x2e/0x90 [ 11.340843] kfree_sensitive+0x2e/0x90 [ 11.340863] kmalloc_double_kzfree+0x19c/0x350 [ 11.340886] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.340909] ? __schedule+0x10cc/0x2b60 [ 11.340933] ? __pfx_read_tsc+0x10/0x10 [ 11.340954] ? ktime_get_ts64+0x86/0x230 [ 11.340978] kunit_try_run_case+0x1a5/0x480 [ 11.340998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.341082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.341106] ? __kthread_parkme+0x82/0x180 [ 11.341126] ? preempt_count_sub+0x50/0x80 [ 11.341149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.341192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.341216] kthread+0x337/0x6f0 [ 11.341234] ? trace_preempt_on+0x20/0xc0 [ 11.341258] ? __pfx_kthread+0x10/0x10 [ 11.341278] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.341301] ? calculate_sigpending+0x7b/0xa0 [ 11.341324] ? __pfx_kthread+0x10/0x10 [ 11.341345] ret_from_fork+0x116/0x1d0 [ 11.341363] ? __pfx_kthread+0x10/0x10 [ 11.341395] ret_from_fork_asm+0x1a/0x30 [ 11.341425] </TASK> [ 11.341434] [ 11.349928] Allocated by task 210: [ 11.350101] kasan_save_stack+0x45/0x70 [ 11.350292] kasan_save_track+0x18/0x40 [ 11.350470] kasan_save_alloc_info+0x3b/0x50 [ 11.350619] __kasan_kmalloc+0xb7/0xc0 [ 11.350776] __kmalloc_cache_noprof+0x189/0x420 [ 11.350992] kmalloc_double_kzfree+0xa9/0x350 [ 11.351215] kunit_try_run_case+0x1a5/0x480 [ 11.351431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.351623] kthread+0x337/0x6f0 [ 11.351876] ret_from_fork+0x116/0x1d0 [ 11.352071] ret_from_fork_asm+0x1a/0x30 [ 11.352238] [ 11.352335] Freed by task 210: [ 11.352493] kasan_save_stack+0x45/0x70 [ 11.352664] kasan_save_track+0x18/0x40 [ 11.352872] kasan_save_free_info+0x3f/0x60 [ 11.353051] __kasan_slab_free+0x56/0x70 [ 11.353229] kfree+0x222/0x3f0 [ 11.353371] kfree_sensitive+0x67/0x90 [ 11.353514] kmalloc_double_kzfree+0x12b/0x350 [ 11.353667] kunit_try_run_case+0x1a5/0x480 [ 11.353864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.354219] kthread+0x337/0x6f0 [ 11.354398] ret_from_fork+0x116/0x1d0 [ 11.354600] ret_from_fork_asm+0x1a/0x30 [ 11.354783] [ 11.354854] The buggy address belongs to the object at ffff888101e62300 [ 11.354854] which belongs to the cache kmalloc-16 of size 16 [ 11.355508] The buggy address is located 0 bytes inside of [ 11.355508] 16-byte region [ffff888101e62300, ffff888101e62310) [ 11.355878] [ 11.355950] The buggy address belongs to the physical page: [ 11.356266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e62 [ 11.356632] flags: 0x200000000000000(node=0|zone=2) [ 11.356984] page_type: f5(slab) [ 11.357104] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.357587] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.357908] page dumped because: kasan: bad access detected [ 11.358152] [ 11.358222] Memory state around the buggy address: [ 11.358455] ffff888101e62200: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.358780] ffff888101e62280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.359065] >ffff888101e62300: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.359342] ^ [ 11.359501] ffff888101e62380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.359804] ffff888101e62400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.360084] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti: Failure
Automatically assigned
[ 107.663953] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
Automatically assigned
[ 47.499900] ================================================================== [ 47.500288] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.500288] [ 47.500898] Use-after-free read at 0x(____ptrval____) (in kfence-#133): [ 47.501209] test_krealloc+0x6fc/0xbe0 [ 47.501427] kunit_try_run_case+0x1a5/0x480 [ 47.501639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.502393] kthread+0x337/0x6f0 [ 47.502554] ret_from_fork+0x116/0x1d0 [ 47.502923] ret_from_fork_asm+0x1a/0x30 [ 47.503306] [ 47.503518] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.503518] [ 47.504009] allocated by task 355 on cpu 0 at 47.499261s (0.004746s ago): [ 47.504481] test_alloc+0x364/0x10f0 [ 47.504671] test_krealloc+0xad/0xbe0 [ 47.505040] kunit_try_run_case+0x1a5/0x480 [ 47.505384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.505717] kthread+0x337/0x6f0 [ 47.505914] ret_from_fork+0x116/0x1d0 [ 47.506221] ret_from_fork_asm+0x1a/0x30 [ 47.506446] [ 47.506542] freed by task 355 on cpu 0 at 47.499537s (0.007003s ago): [ 47.507123] krealloc_noprof+0x108/0x340 [ 47.507304] test_krealloc+0x226/0xbe0 [ 47.507654] kunit_try_run_case+0x1a5/0x480 [ 47.507972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.508221] kthread+0x337/0x6f0 [ 47.508522] ret_from_fork+0x116/0x1d0 [ 47.508803] ret_from_fork_asm+0x1a/0x30 [ 47.509012] [ 47.509313] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 47.509850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.510155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.510561] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
Automatically assigned
[ 47.409326] ================================================================== [ 47.409737] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.409737] [ 47.410108] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 47.411181] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.411439] kunit_try_run_case+0x1a5/0x480 [ 47.411784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.412095] kthread+0x337/0x6f0 [ 47.412402] ret_from_fork+0x116/0x1d0 [ 47.412592] ret_from_fork_asm+0x1a/0x30 [ 47.412899] [ 47.412995] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.412995] [ 47.413479] allocated by task 353 on cpu 1 at 47.396229s (0.017248s ago): [ 47.413804] test_alloc+0x2a6/0x10f0 [ 47.414019] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.414227] kunit_try_run_case+0x1a5/0x480 [ 47.414444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.414760] kthread+0x337/0x6f0 [ 47.414904] ret_from_fork+0x116/0x1d0 [ 47.415067] ret_from_fork_asm+0x1a/0x30 [ 47.415287] [ 47.415423] freed by task 353 on cpu 1 at 47.396333s (0.019088s ago): [ 47.415691] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.415988] kunit_try_run_case+0x1a5/0x480 [ 47.416144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.416439] kthread+0x337/0x6f0 [ 47.416607] ret_from_fork+0x116/0x1d0 [ 47.416909] ret_from_fork_asm+0x1a/0x30 [ 47.417068] [ 47.417197] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 47.418212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.418426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.418875] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
Automatically assigned
[ 22.343634] ================================================================== [ 22.344215] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 22.344215] [ 22.345292] Invalid read at 0x(____ptrval____): [ 22.345716] test_invalid_access+0xf0/0x210 [ 22.346220] kunit_try_run_case+0x1a5/0x480 [ 22.346462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.346708] kthread+0x337/0x6f0 [ 22.346917] ret_from_fork+0x116/0x1d0 [ 22.347222] ret_from_fork_asm+0x1a/0x30 [ 22.347492] [ 22.347609] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 22.348211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.348402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.348819] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
Automatically assigned
[ 22.123592] ================================================================== [ 22.123975] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.123975] [ 22.124398] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#127): [ 22.125009] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.125284] kunit_try_run_case+0x1a5/0x480 [ 22.125484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.125725] kthread+0x337/0x6f0 [ 22.125885] ret_from_fork+0x116/0x1d0 [ 22.126059] ret_from_fork_asm+0x1a/0x30 [ 22.126267] [ 22.126344] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.126344] [ 22.126743] allocated by task 343 on cpu 1 at 22.123316s (0.003424s ago): [ 22.127060] test_alloc+0x364/0x10f0 [ 22.127240] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.127458] kunit_try_run_case+0x1a5/0x480 [ 22.127670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.127930] kthread+0x337/0x6f0 [ 22.128054] ret_from_fork+0x116/0x1d0 [ 22.128219] ret_from_fork_asm+0x1a/0x30 [ 22.128427] [ 22.128510] freed by task 343 on cpu 1 at 22.123469s (0.005038s ago): [ 22.128719] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.129150] kunit_try_run_case+0x1a5/0x480 [ 22.129481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.129731] kthread+0x337/0x6f0 [ 22.129854] ret_from_fork+0x116/0x1d0 [ 22.130040] ret_from_fork_asm+0x1a/0x30 [ 22.130236] [ 22.130357] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 22.130958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.131158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.131513] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
Automatically assigned
[ 22.019480] ================================================================== [ 22.019942] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.019942] [ 22.020383] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#126): [ 22.021153] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.021665] kunit_try_run_case+0x1a5/0x480 [ 22.021969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.022286] kthread+0x337/0x6f0 [ 22.022446] ret_from_fork+0x116/0x1d0 [ 22.022806] ret_from_fork_asm+0x1a/0x30 [ 22.023018] [ 22.023094] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.023094] [ 22.023528] allocated by task 341 on cpu 0 at 22.019263s (0.004262s ago): [ 22.024142] test_alloc+0x364/0x10f0 [ 22.024322] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.024640] kunit_try_run_case+0x1a5/0x480 [ 22.024965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.025215] kthread+0x337/0x6f0 [ 22.025511] ret_from_fork+0x116/0x1d0 [ 22.025834] ret_from_fork_asm+0x1a/0x30 [ 22.026193] [ 22.026320] CPU: 0 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 22.026940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.027125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.027512] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
Automatically assigned
[ 17.443572] ================================================================== [ 17.443982] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.443982] [ 17.444298] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#82): [ 17.444663] test_corruption+0x2df/0x3e0 [ 17.444970] kunit_try_run_case+0x1a5/0x480 [ 17.445166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.445369] kthread+0x337/0x6f0 [ 17.445557] ret_from_fork+0x116/0x1d0 [ 17.445800] ret_from_fork_asm+0x1a/0x30 [ 17.445962] [ 17.446065] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.446065] [ 17.446410] allocated by task 329 on cpu 0 at 17.443318s (0.003090s ago): [ 17.446736] test_alloc+0x364/0x10f0 [ 17.446951] test_corruption+0x1cb/0x3e0 [ 17.447126] kunit_try_run_case+0x1a5/0x480 [ 17.447291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.447570] kthread+0x337/0x6f0 [ 17.447790] ret_from_fork+0x116/0x1d0 [ 17.447950] ret_from_fork_asm+0x1a/0x30 [ 17.448134] [ 17.448230] freed by task 329 on cpu 0 at 17.443420s (0.004808s ago): [ 17.448521] test_corruption+0x2df/0x3e0 [ 17.448695] kunit_try_run_case+0x1a5/0x480 [ 17.448844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.449031] kthread+0x337/0x6f0 [ 17.449205] ret_from_fork+0x116/0x1d0 [ 17.449455] ret_from_fork_asm+0x1a/0x30 [ 17.449634] [ 17.449727] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 17.450245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.450445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.450886] ================================================================== [ 17.963498] ================================================================== [ 17.963992] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 17.963992] [ 17.964285] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#87): [ 17.964690] test_corruption+0x216/0x3e0 [ 17.964851] kunit_try_run_case+0x1a5/0x480 [ 17.965133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.965383] kthread+0x337/0x6f0 [ 17.965554] ret_from_fork+0x116/0x1d0 [ 17.965695] ret_from_fork_asm+0x1a/0x30 [ 17.965913] [ 17.966014] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.966014] [ 17.966415] allocated by task 331 on cpu 0 at 17.963349s (0.003065s ago): [ 17.966689] test_alloc+0x2a6/0x10f0 [ 17.966888] test_corruption+0x1cb/0x3e0 [ 17.967066] kunit_try_run_case+0x1a5/0x480 [ 17.967275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.967466] kthread+0x337/0x6f0 [ 17.967589] ret_from_fork+0x116/0x1d0 [ 17.967826] ret_from_fork_asm+0x1a/0x30 [ 17.968220] [ 17.968319] freed by task 331 on cpu 0 at 17.963421s (0.004896s ago): [ 17.968571] test_corruption+0x216/0x3e0 [ 17.968714] kunit_try_run_case+0x1a5/0x480 [ 17.968915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.969177] kthread+0x337/0x6f0 [ 17.969360] ret_from_fork+0x116/0x1d0 [ 17.969586] ret_from_fork_asm+0x1a/0x30 [ 17.969780] [ 17.969875] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 17.970426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.970589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.970981] ================================================================== [ 17.651422] ================================================================== [ 17.651878] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.651878] [ 17.652212] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 17.652893] test_corruption+0x131/0x3e0 [ 17.653094] kunit_try_run_case+0x1a5/0x480 [ 17.653305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.653550] kthread+0x337/0x6f0 [ 17.653739] ret_from_fork+0x116/0x1d0 [ 17.653904] ret_from_fork_asm+0x1a/0x30 [ 17.654074] [ 17.654178] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.654178] [ 17.654560] allocated by task 331 on cpu 0 at 17.651294s (0.003263s ago): [ 17.654985] test_alloc+0x2a6/0x10f0 [ 17.655181] test_corruption+0xe6/0x3e0 [ 17.655356] kunit_try_run_case+0x1a5/0x480 [ 17.655564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.655809] kthread+0x337/0x6f0 [ 17.655966] ret_from_fork+0x116/0x1d0 [ 17.656135] ret_from_fork_asm+0x1a/0x30 [ 17.656278] [ 17.656350] freed by task 331 on cpu 0 at 17.651337s (0.005012s ago): [ 17.656648] test_corruption+0x131/0x3e0 [ 17.656845] kunit_try_run_case+0x1a5/0x480 [ 17.657015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.657196] kthread+0x337/0x6f0 [ 17.657390] ret_from_fork+0x116/0x1d0 [ 17.657582] ret_from_fork_asm+0x1a/0x30 [ 17.657873] [ 17.657998] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 17.658491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.658683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.659056] ================================================================== [ 17.339552] ================================================================== [ 17.340083] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.340083] [ 17.340463] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#81): [ 17.341228] test_corruption+0x2d2/0x3e0 [ 17.341431] kunit_try_run_case+0x1a5/0x480 [ 17.341613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.341827] kthread+0x337/0x6f0 [ 17.342096] ret_from_fork+0x116/0x1d0 [ 17.342274] ret_from_fork_asm+0x1a/0x30 [ 17.342460] [ 17.342562] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.342562] [ 17.343037] allocated by task 329 on cpu 0 at 17.339287s (0.003749s ago): [ 17.343294] test_alloc+0x364/0x10f0 [ 17.343467] test_corruption+0xe6/0x3e0 [ 17.343658] kunit_try_run_case+0x1a5/0x480 [ 17.343833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.344054] kthread+0x337/0x6f0 [ 17.344228] ret_from_fork+0x116/0x1d0 [ 17.344382] ret_from_fork_asm+0x1a/0x30 [ 17.344573] [ 17.344673] freed by task 329 on cpu 0 at 17.339395s (0.005275s ago): [ 17.344928] test_corruption+0x2d2/0x3e0 [ 17.345119] kunit_try_run_case+0x1a5/0x480 [ 17.345332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.345599] kthread+0x337/0x6f0 [ 17.345742] ret_from_fork+0x116/0x1d0 [ 17.345931] ret_from_fork_asm+0x1a/0x30 [ 17.346122] [ 17.346239] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 17.346629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.346788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.347192] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
Automatically assigned
[ 11.317430] ================================================================== [ 11.318172] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.318623] Read of size 1 at addr ffff888101e62300 by task kunit_try_catch/210 [ 11.318934] [ 11.319093] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.319141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.319153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.319173] Call Trace: [ 11.319185] <TASK> [ 11.319200] dump_stack_lvl+0x73/0xb0 [ 11.319227] print_report+0xd1/0x650 [ 11.319249] ? __virt_addr_valid+0x1db/0x2d0 [ 11.319272] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.319294] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.319316] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.319339] kasan_report+0x141/0x180 [ 11.319362] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.319402] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.319425] __kasan_check_byte+0x3d/0x50 [ 11.319447] kfree_sensitive+0x22/0x90 [ 11.319471] kmalloc_double_kzfree+0x19c/0x350 [ 11.319494] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.319519] ? __schedule+0x10cc/0x2b60 [ 11.319543] ? __pfx_read_tsc+0x10/0x10 [ 11.319564] ? ktime_get_ts64+0x86/0x230 [ 11.319588] kunit_try_run_case+0x1a5/0x480 [ 11.319609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.319628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.319652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.319676] ? __kthread_parkme+0x82/0x180 [ 11.319696] ? preempt_count_sub+0x50/0x80 [ 11.319730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.319750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.319774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.319797] kthread+0x337/0x6f0 [ 11.319816] ? trace_preempt_on+0x20/0xc0 [ 11.319839] ? __pfx_kthread+0x10/0x10 [ 11.319859] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.319882] ? calculate_sigpending+0x7b/0xa0 [ 11.319905] ? __pfx_kthread+0x10/0x10 [ 11.319927] ret_from_fork+0x116/0x1d0 [ 11.319945] ? __pfx_kthread+0x10/0x10 [ 11.319965] ret_from_fork_asm+0x1a/0x30 [ 11.319995] </TASK> [ 11.320045] [ 11.327774] Allocated by task 210: [ 11.327912] kasan_save_stack+0x45/0x70 [ 11.328056] kasan_save_track+0x18/0x40 [ 11.328191] kasan_save_alloc_info+0x3b/0x50 [ 11.328465] __kasan_kmalloc+0xb7/0xc0 [ 11.328654] __kmalloc_cache_noprof+0x189/0x420 [ 11.328872] kmalloc_double_kzfree+0xa9/0x350 [ 11.329060] kunit_try_run_case+0x1a5/0x480 [ 11.329210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.329485] kthread+0x337/0x6f0 [ 11.329657] ret_from_fork+0x116/0x1d0 [ 11.329962] ret_from_fork_asm+0x1a/0x30 [ 11.330267] [ 11.330364] Freed by task 210: [ 11.330495] kasan_save_stack+0x45/0x70 [ 11.330646] kasan_save_track+0x18/0x40 [ 11.330940] kasan_save_free_info+0x3f/0x60 [ 11.331285] __kasan_slab_free+0x56/0x70 [ 11.331463] kfree+0x222/0x3f0 [ 11.331581] kfree_sensitive+0x67/0x90 [ 11.331811] kmalloc_double_kzfree+0x12b/0x350 [ 11.332042] kunit_try_run_case+0x1a5/0x480 [ 11.332224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.332441] kthread+0x337/0x6f0 [ 11.332611] ret_from_fork+0x116/0x1d0 [ 11.332810] ret_from_fork_asm+0x1a/0x30 [ 11.333004] [ 11.333082] The buggy address belongs to the object at ffff888101e62300 [ 11.333082] which belongs to the cache kmalloc-16 of size 16 [ 11.333482] The buggy address is located 0 bytes inside of [ 11.333482] freed 16-byte region [ffff888101e62300, ffff888101e62310) [ 11.333823] [ 11.333895] The buggy address belongs to the physical page: [ 11.334170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e62 [ 11.334587] flags: 0x200000000000000(node=0|zone=2) [ 11.334929] page_type: f5(slab) [ 11.335305] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.335588] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.336155] page dumped because: kasan: bad access detected [ 11.336426] [ 11.336530] Memory state around the buggy address: [ 11.336725] ffff888101e62200: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.337087] ffff888101e62280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.337393] >ffff888101e62300: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337615] ^ [ 11.337730] ffff888101e62380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337973] ffff888101e62400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.338411] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
Automatically assigned
[ 16.923363] ================================================================== [ 16.923766] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 16.923766] [ 16.924268] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 16.924581] test_invalid_addr_free+0x1e1/0x260 [ 16.924750] kunit_try_run_case+0x1a5/0x480 [ 16.924948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.925258] kthread+0x337/0x6f0 [ 16.925475] ret_from_fork+0x116/0x1d0 [ 16.925706] ret_from_fork_asm+0x1a/0x30 [ 16.926136] [ 16.926237] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.926237] [ 16.926698] allocated by task 325 on cpu 1 at 16.923256s (0.003440s ago): [ 16.927009] test_alloc+0x364/0x10f0 [ 16.927179] test_invalid_addr_free+0xdb/0x260 [ 16.927339] kunit_try_run_case+0x1a5/0x480 [ 16.927495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.927672] kthread+0x337/0x6f0 [ 16.927835] ret_from_fork+0x116/0x1d0 [ 16.928029] ret_from_fork_asm+0x1a/0x30 [ 16.928232] [ 16.928353] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.928961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.929172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.930099] ================================================================== [ 17.027440] ================================================================== [ 17.027897] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.027897] [ 17.028242] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.028551] test_invalid_addr_free+0xfb/0x260 [ 17.028742] kunit_try_run_case+0x1a5/0x480 [ 17.028933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.029223] kthread+0x337/0x6f0 [ 17.029405] ret_from_fork+0x116/0x1d0 [ 17.029544] ret_from_fork_asm+0x1a/0x30 [ 17.029742] [ 17.029844] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.029844] [ 17.030300] allocated by task 327 on cpu 0 at 17.027309s (0.002988s ago): [ 17.030575] test_alloc+0x2a6/0x10f0 [ 17.030816] test_invalid_addr_free+0xdb/0x260 [ 17.031064] kunit_try_run_case+0x1a5/0x480 [ 17.031265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.031497] kthread+0x337/0x6f0 [ 17.031693] ret_from_fork+0x116/0x1d0 [ 17.031855] ret_from_fork_asm+0x1a/0x30 [ 17.032000] [ 17.032120] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 17.032617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.032761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.033469] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
Automatically assigned
[ 16.715532] ================================================================== [ 16.716107] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.716107] [ 16.716457] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 16.716742] test_double_free+0x1d3/0x260 [ 16.717427] kunit_try_run_case+0x1a5/0x480 [ 16.717638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.717913] kthread+0x337/0x6f0 [ 16.718078] ret_from_fork+0x116/0x1d0 [ 16.718261] ret_from_fork_asm+0x1a/0x30 [ 16.718445] [ 16.718547] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.718547] [ 16.719276] allocated by task 321 on cpu 1 at 16.715293s (0.003981s ago): [ 16.719632] test_alloc+0x364/0x10f0 [ 16.720013] test_double_free+0xdb/0x260 [ 16.720279] kunit_try_run_case+0x1a5/0x480 [ 16.720453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.720861] kthread+0x337/0x6f0 [ 16.721094] ret_from_fork+0x116/0x1d0 [ 16.721331] ret_from_fork_asm+0x1a/0x30 [ 16.721593] [ 16.721685] freed by task 321 on cpu 1 at 16.715343s (0.006339s ago): [ 16.722124] test_double_free+0x1e0/0x260 [ 16.722316] kunit_try_run_case+0x1a5/0x480 [ 16.722729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.722960] kthread+0x337/0x6f0 [ 16.723101] ret_from_fork+0x116/0x1d0 [ 16.723409] ret_from_fork_asm+0x1a/0x30 [ 16.723603] [ 16.723713] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.724390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.724662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.725025] ================================================================== [ 16.819451] ================================================================== [ 16.819891] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 16.819891] [ 16.820294] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 16.820574] test_double_free+0x112/0x260 [ 16.821305] kunit_try_run_case+0x1a5/0x480 [ 16.821524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.822010] kthread+0x337/0x6f0 [ 16.822207] ret_from_fork+0x116/0x1d0 [ 16.822543] ret_from_fork_asm+0x1a/0x30 [ 16.822878] [ 16.823000] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.823000] [ 16.823399] allocated by task 323 on cpu 1 at 16.819297s (0.004100s ago): [ 16.823718] test_alloc+0x2a6/0x10f0 [ 16.824224] test_double_free+0xdb/0x260 [ 16.824522] kunit_try_run_case+0x1a5/0x480 [ 16.824839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.825104] kthread+0x337/0x6f0 [ 16.825412] ret_from_fork+0x116/0x1d0 [ 16.825697] ret_from_fork_asm+0x1a/0x30 [ 16.825988] [ 16.826125] freed by task 323 on cpu 1 at 16.819336s (0.006786s ago): [ 16.826437] test_double_free+0xfa/0x260 [ 16.826860] kunit_try_run_case+0x1a5/0x480 [ 16.827166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.827488] kthread+0x337/0x6f0 [ 16.827693] ret_from_fork+0x116/0x1d0 [ 16.828038] ret_from_fork_asm+0x1a/0x30 [ 16.828241] [ 16.828391] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.829059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.829284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.829858] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
Automatically assigned
[ 16.403454] ================================================================== [ 16.403943] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.403943] [ 16.404366] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 16.404958] test_use_after_free_read+0x129/0x270 [ 16.405196] kunit_try_run_case+0x1a5/0x480 [ 16.405400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.405634] kthread+0x337/0x6f0 [ 16.406163] ret_from_fork+0x116/0x1d0 [ 16.406344] ret_from_fork_asm+0x1a/0x30 [ 16.406565] [ 16.406732] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.406732] [ 16.407281] allocated by task 315 on cpu 0 at 16.403312s (0.003966s ago): [ 16.407760] test_alloc+0x2a6/0x10f0 [ 16.408006] test_use_after_free_read+0xdc/0x270 [ 16.408207] kunit_try_run_case+0x1a5/0x480 [ 16.408417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.408657] kthread+0x337/0x6f0 [ 16.409022] ret_from_fork+0x116/0x1d0 [ 16.409210] ret_from_fork_asm+0x1a/0x30 [ 16.409593] [ 16.409692] freed by task 315 on cpu 0 at 16.403364s (0.006326s ago): [ 16.410237] test_use_after_free_read+0xfb/0x270 [ 16.410543] kunit_try_run_case+0x1a5/0x480 [ 16.410756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.411136] kthread+0x337/0x6f0 [ 16.411296] ret_from_fork+0x116/0x1d0 [ 16.411589] ret_from_fork_asm+0x1a/0x30 [ 16.411782] [ 16.411928] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.412425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.412611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.413301] ================================================================== [ 16.299544] ================================================================== [ 16.300016] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.300016] [ 16.300482] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 16.300734] test_use_after_free_read+0x129/0x270 [ 16.300976] kunit_try_run_case+0x1a5/0x480 [ 16.301312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.301529] kthread+0x337/0x6f0 [ 16.301671] ret_from_fork+0x116/0x1d0 [ 16.301860] ret_from_fork_asm+0x1a/0x30 [ 16.302155] [ 16.302245] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.302245] [ 16.302574] allocated by task 313 on cpu 1 at 16.299326s (0.003246s ago): [ 16.303080] test_alloc+0x364/0x10f0 [ 16.303260] test_use_after_free_read+0xdc/0x270 [ 16.303496] kunit_try_run_case+0x1a5/0x480 [ 16.303716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.303926] kthread+0x337/0x6f0 [ 16.304099] ret_from_fork+0x116/0x1d0 [ 16.304300] ret_from_fork_asm+0x1a/0x30 [ 16.304495] [ 16.304755] freed by task 313 on cpu 1 at 16.299372s (0.005284s ago): [ 16.305102] test_use_after_free_read+0x1e7/0x270 [ 16.305361] kunit_try_run_case+0x1a5/0x480 [ 16.305605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.305890] kthread+0x337/0x6f0 [ 16.306084] ret_from_fork+0x116/0x1d0 [ 16.306285] ret_from_fork_asm+0x1a/0x30 [ 16.306508] [ 16.306634] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.307267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.307475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.308347] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
Automatically assigned
[ 16.195355] ================================================================== [ 16.195729] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.195729] [ 16.196083] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 16.196315] test_out_of_bounds_write+0x10d/0x260 [ 16.196623] kunit_try_run_case+0x1a5/0x480 [ 16.197571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.197877] kthread+0x337/0x6f0 [ 16.198072] ret_from_fork+0x116/0x1d0 [ 16.198253] ret_from_fork_asm+0x1a/0x30 [ 16.198447] [ 16.198547] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.198547] [ 16.199248] allocated by task 311 on cpu 0 at 16.195299s (0.003946s ago): [ 16.199548] test_alloc+0x2a6/0x10f0 [ 16.199902] test_out_of_bounds_write+0xd4/0x260 [ 16.200202] kunit_try_run_case+0x1a5/0x480 [ 16.200431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.200841] kthread+0x337/0x6f0 [ 16.201024] ret_from_fork+0x116/0x1d0 [ 16.201322] ret_from_fork_asm+0x1a/0x30 [ 16.201600] [ 16.201724] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.202412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.202603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.203120] ================================================================== [ 16.091449] ================================================================== [ 16.091968] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.091968] [ 16.092402] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 16.092725] test_out_of_bounds_write+0x10d/0x260 [ 16.092983] kunit_try_run_case+0x1a5/0x480 [ 16.093190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.093429] kthread+0x337/0x6f0 [ 16.093560] ret_from_fork+0x116/0x1d0 [ 16.093699] ret_from_fork_asm+0x1a/0x30 [ 16.093894] [ 16.094021] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.094021] [ 16.094463] allocated by task 309 on cpu 1 at 16.091308s (0.003153s ago): [ 16.094695] test_alloc+0x364/0x10f0 [ 16.095028] test_out_of_bounds_write+0xd4/0x260 [ 16.095241] kunit_try_run_case+0x1a5/0x480 [ 16.095441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.095673] kthread+0x337/0x6f0 [ 16.095874] ret_from_fork+0x116/0x1d0 [ 16.096029] ret_from_fork_asm+0x1a/0x30 [ 16.096171] [ 16.096268] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 16.096636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.096841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.097177] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
Automatically assigned
[ 15.883391] ================================================================== [ 15.883802] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.883802] [ 15.884177] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#67): [ 15.884477] test_out_of_bounds_read+0x216/0x4e0 [ 15.884719] kunit_try_run_case+0x1a5/0x480 [ 15.884942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.885189] kthread+0x337/0x6f0 [ 15.885359] ret_from_fork+0x116/0x1d0 [ 15.885545] ret_from_fork_asm+0x1a/0x30 [ 15.885694] [ 15.885791] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.885791] [ 15.886239] allocated by task 307 on cpu 0 at 15.883330s (0.002907s ago): [ 15.886542] test_alloc+0x2a6/0x10f0 [ 15.886717] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.886962] kunit_try_run_case+0x1a5/0x480 [ 15.887167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.887347] kthread+0x337/0x6f0 [ 15.887532] ret_from_fork+0x116/0x1d0 [ 15.887724] ret_from_fork_asm+0x1a/0x30 [ 15.887920] [ 15.888028] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.888488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.888692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.889052] ================================================================== [ 15.571502] ================================================================== [ 15.572007] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.572007] [ 15.572482] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 15.573278] test_out_of_bounds_read+0x216/0x4e0 [ 15.573510] kunit_try_run_case+0x1a5/0x480 [ 15.573839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.574172] kthread+0x337/0x6f0 [ 15.574330] ret_from_fork+0x116/0x1d0 [ 15.574650] ret_from_fork_asm+0x1a/0x30 [ 15.574968] [ 15.575073] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.575073] [ 15.575471] allocated by task 305 on cpu 0 at 15.571309s (0.004160s ago): [ 15.575781] test_alloc+0x364/0x10f0 [ 15.576208] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.576495] kunit_try_run_case+0x1a5/0x480 [ 15.576792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.577105] kthread+0x337/0x6f0 [ 15.577241] ret_from_fork+0x116/0x1d0 [ 15.577549] ret_from_fork_asm+0x1a/0x30 [ 15.577810] [ 15.578059] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.578656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.579005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.579399] ================================================================== [ 15.468329] ================================================================== [ 15.468794] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.468794] [ 15.469322] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 15.470131] test_out_of_bounds_read+0x126/0x4e0 [ 15.470370] kunit_try_run_case+0x1a5/0x480 [ 15.470581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.471096] kthread+0x337/0x6f0 [ 15.471252] ret_from_fork+0x116/0x1d0 [ 15.471599] ret_from_fork_asm+0x1a/0x30 [ 15.471846] [ 15.472262] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.472262] [ 15.472768] allocated by task 305 on cpu 0 at 15.467296s (0.005413s ago): [ 15.473319] test_alloc+0x364/0x10f0 [ 15.473534] test_out_of_bounds_read+0xed/0x4e0 [ 15.474045] kunit_try_run_case+0x1a5/0x480 [ 15.474248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.474498] kthread+0x337/0x6f0 [ 15.474802] ret_from_fork+0x116/0x1d0 [ 15.475057] ret_from_fork_asm+0x1a/0x30 [ 15.475371] [ 15.475628] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.476231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.476441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.476995] ================================================================== [ 15.779350] ================================================================== [ 15.779768] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.779768] [ 15.780239] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 15.780523] test_out_of_bounds_read+0x126/0x4e0 [ 15.780753] kunit_try_run_case+0x1a5/0x480 [ 15.780970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.781199] kthread+0x337/0x6f0 [ 15.781348] ret_from_fork+0x116/0x1d0 [ 15.781559] ret_from_fork_asm+0x1a/0x30 [ 15.781776] [ 15.781852] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.781852] [ 15.782173] allocated by task 307 on cpu 0 at 15.779295s (0.002876s ago): [ 15.782545] test_alloc+0x2a6/0x10f0 [ 15.782750] test_out_of_bounds_read+0xed/0x4e0 [ 15.782999] kunit_try_run_case+0x1a5/0x480 [ 15.783175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783442] kthread+0x337/0x6f0 [ 15.783592] ret_from_fork+0x116/0x1d0 [ 15.783763] ret_from_fork_asm+0x1a/0x30 [ 15.783997] [ 15.784122] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.784557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.784809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.785154] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user: Failure
Automatically assigned
[ 15.175314] ================================================================== [ 15.175677] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.176135] Write of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.176456] [ 15.176641] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.176687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.176699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.176722] Call Trace: [ 15.176737] <TASK> [ 15.176752] dump_stack_lvl+0x73/0xb0 [ 15.176779] print_report+0xd1/0x650 [ 15.176803] ? __virt_addr_valid+0x1db/0x2d0 [ 15.176826] ? strncpy_from_user+0x2e/0x1d0 [ 15.176848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.176872] ? strncpy_from_user+0x2e/0x1d0 [ 15.176893] kasan_report+0x141/0x180 [ 15.176917] ? strncpy_from_user+0x2e/0x1d0 [ 15.176942] kasan_check_range+0x10c/0x1c0 [ 15.176967] __kasan_check_write+0x18/0x20 [ 15.176988] strncpy_from_user+0x2e/0x1d0 [ 15.177008] ? __kasan_check_read+0x15/0x20 [ 15.177054] copy_user_test_oob+0x760/0x10f0 [ 15.177082] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.177105] ? finish_task_switch.isra.0+0x153/0x700 [ 15.177128] ? __switch_to+0x47/0xf50 [ 15.177153] ? __schedule+0x10cc/0x2b60 [ 15.177178] ? __pfx_read_tsc+0x10/0x10 [ 15.177200] ? ktime_get_ts64+0x86/0x230 [ 15.177224] kunit_try_run_case+0x1a5/0x480 [ 15.177246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.177267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.177292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.177317] ? __kthread_parkme+0x82/0x180 [ 15.177338] ? preempt_count_sub+0x50/0x80 [ 15.177362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.177395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.177420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.177446] kthread+0x337/0x6f0 [ 15.177466] ? trace_preempt_on+0x20/0xc0 [ 15.177490] ? __pfx_kthread+0x10/0x10 [ 15.177529] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.177554] ? calculate_sigpending+0x7b/0xa0 [ 15.177578] ? __pfx_kthread+0x10/0x10 [ 15.177600] ret_from_fork+0x116/0x1d0 [ 15.177620] ? __pfx_kthread+0x10/0x10 [ 15.177642] ret_from_fork_asm+0x1a/0x30 [ 15.177672] </TASK> [ 15.177684] [ 15.185403] Allocated by task 303: [ 15.185536] kasan_save_stack+0x45/0x70 [ 15.185866] kasan_save_track+0x18/0x40 [ 15.186075] kasan_save_alloc_info+0x3b/0x50 [ 15.186269] __kasan_kmalloc+0xb7/0xc0 [ 15.186474] __kmalloc_noprof+0x1c9/0x500 [ 15.186758] kunit_kmalloc_array+0x25/0x60 [ 15.187001] copy_user_test_oob+0xab/0x10f0 [ 15.187239] kunit_try_run_case+0x1a5/0x480 [ 15.187457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.187698] kthread+0x337/0x6f0 [ 15.187918] ret_from_fork+0x116/0x1d0 [ 15.188118] ret_from_fork_asm+0x1a/0x30 [ 15.188287] [ 15.188359] The buggy address belongs to the object at ffff8881039b7800 [ 15.188359] which belongs to the cache kmalloc-128 of size 128 [ 15.188735] The buggy address is located 0 bytes inside of [ 15.188735] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.189339] [ 15.189515] The buggy address belongs to the physical page: [ 15.189923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.190338] flags: 0x200000000000000(node=0|zone=2) [ 15.190632] page_type: f5(slab) [ 15.190822] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.191057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.191286] page dumped because: kasan: bad access detected [ 15.191588] [ 15.191723] Memory state around the buggy address: [ 15.191952] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.192306] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.192603] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.192988] ^ [ 15.193263] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193573] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.194059] ================================================================== [ 15.194608] ================================================================== [ 15.194873] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.195510] Write of size 1 at addr ffff8881039b7878 by task kunit_try_catch/303 [ 15.195750] [ 15.195835] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.195879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.195892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.195949] Call Trace: [ 15.195966] <TASK> [ 15.195983] dump_stack_lvl+0x73/0xb0 [ 15.196010] print_report+0xd1/0x650 [ 15.196036] ? __virt_addr_valid+0x1db/0x2d0 [ 15.196060] ? strncpy_from_user+0x1a5/0x1d0 [ 15.196082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.196143] ? strncpy_from_user+0x1a5/0x1d0 [ 15.196167] kasan_report+0x141/0x180 [ 15.196191] ? strncpy_from_user+0x1a5/0x1d0 [ 15.196218] __asan_report_store1_noabort+0x1b/0x30 [ 15.196272] strncpy_from_user+0x1a5/0x1d0 [ 15.196296] copy_user_test_oob+0x760/0x10f0 [ 15.196323] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.196347] ? finish_task_switch.isra.0+0x153/0x700 [ 15.196371] ? __switch_to+0x47/0xf50 [ 15.196438] ? __schedule+0x10cc/0x2b60 [ 15.196463] ? __pfx_read_tsc+0x10/0x10 [ 15.196486] ? ktime_get_ts64+0x86/0x230 [ 15.196512] kunit_try_run_case+0x1a5/0x480 [ 15.196534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.196554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.196579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.196605] ? __kthread_parkme+0x82/0x180 [ 15.196626] ? preempt_count_sub+0x50/0x80 [ 15.196649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.196673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196727] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.196754] kthread+0x337/0x6f0 [ 15.196775] ? trace_preempt_on+0x20/0xc0 [ 15.196814] ? __pfx_kthread+0x10/0x10 [ 15.196835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.196892] ? calculate_sigpending+0x7b/0xa0 [ 15.196917] ? __pfx_kthread+0x10/0x10 [ 15.196940] ret_from_fork+0x116/0x1d0 [ 15.196960] ? __pfx_kthread+0x10/0x10 [ 15.196982] ret_from_fork_asm+0x1a/0x30 [ 15.197045] </TASK> [ 15.197056] [ 15.205252] Allocated by task 303: [ 15.205491] kasan_save_stack+0x45/0x70 [ 15.205827] kasan_save_track+0x18/0x40 [ 15.206033] kasan_save_alloc_info+0x3b/0x50 [ 15.206244] __kasan_kmalloc+0xb7/0xc0 [ 15.206445] __kmalloc_noprof+0x1c9/0x500 [ 15.206647] kunit_kmalloc_array+0x25/0x60 [ 15.206913] copy_user_test_oob+0xab/0x10f0 [ 15.207129] kunit_try_run_case+0x1a5/0x480 [ 15.207338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.207527] kthread+0x337/0x6f0 [ 15.207669] ret_from_fork+0x116/0x1d0 [ 15.208039] ret_from_fork_asm+0x1a/0x30 [ 15.208300] [ 15.208412] The buggy address belongs to the object at ffff8881039b7800 [ 15.208412] which belongs to the cache kmalloc-128 of size 128 [ 15.209065] The buggy address is located 0 bytes to the right of [ 15.209065] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.209627] [ 15.209733] The buggy address belongs to the physical page: [ 15.209988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.210386] flags: 0x200000000000000(node=0|zone=2) [ 15.210641] page_type: f5(slab) [ 15.210813] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.211174] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.211513] page dumped because: kasan: bad access detected [ 15.211811] [ 15.211941] Memory state around the buggy address: [ 15.212174] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.212501] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212858] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.213164] ^ [ 15.213526] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.213874] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214202] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob: Failure
Automatically assigned
[ 15.156318] ================================================================== [ 15.156798] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.157387] Read of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.157869] [ 15.158232] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.158285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.158322] Call Trace: [ 15.158338] <TASK> [ 15.158356] dump_stack_lvl+0x73/0xb0 [ 15.158398] print_report+0xd1/0x650 [ 15.158422] ? __virt_addr_valid+0x1db/0x2d0 [ 15.158446] ? copy_user_test_oob+0x604/0x10f0 [ 15.158470] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.158494] ? copy_user_test_oob+0x604/0x10f0 [ 15.158519] kasan_report+0x141/0x180 [ 15.158542] ? copy_user_test_oob+0x604/0x10f0 [ 15.158572] kasan_check_range+0x10c/0x1c0 [ 15.158597] __kasan_check_read+0x15/0x20 [ 15.158618] copy_user_test_oob+0x604/0x10f0 [ 15.158644] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.158668] ? finish_task_switch.isra.0+0x153/0x700 [ 15.158691] ? __switch_to+0x47/0xf50 [ 15.158740] ? __schedule+0x10cc/0x2b60 [ 15.158765] ? __pfx_read_tsc+0x10/0x10 [ 15.158787] ? ktime_get_ts64+0x86/0x230 [ 15.158812] kunit_try_run_case+0x1a5/0x480 [ 15.158834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.158855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.158880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.158905] ? __kthread_parkme+0x82/0x180 [ 15.158926] ? preempt_count_sub+0x50/0x80 [ 15.158950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.158972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.158997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.159023] kthread+0x337/0x6f0 [ 15.159043] ? trace_preempt_on+0x20/0xc0 [ 15.159067] ? __pfx_kthread+0x10/0x10 [ 15.159089] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.159112] ? calculate_sigpending+0x7b/0xa0 [ 15.159136] ? __pfx_kthread+0x10/0x10 [ 15.159159] ret_from_fork+0x116/0x1d0 [ 15.159178] ? __pfx_kthread+0x10/0x10 [ 15.159199] ret_from_fork_asm+0x1a/0x30 [ 15.159230] </TASK> [ 15.159242] [ 15.166575] Allocated by task 303: [ 15.166806] kasan_save_stack+0x45/0x70 [ 15.166953] kasan_save_track+0x18/0x40 [ 15.167092] kasan_save_alloc_info+0x3b/0x50 [ 15.167306] __kasan_kmalloc+0xb7/0xc0 [ 15.167531] __kmalloc_noprof+0x1c9/0x500 [ 15.167741] kunit_kmalloc_array+0x25/0x60 [ 15.167944] copy_user_test_oob+0xab/0x10f0 [ 15.168176] kunit_try_run_case+0x1a5/0x480 [ 15.168354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.168636] kthread+0x337/0x6f0 [ 15.168889] ret_from_fork+0x116/0x1d0 [ 15.169055] ret_from_fork_asm+0x1a/0x30 [ 15.169260] [ 15.169358] The buggy address belongs to the object at ffff8881039b7800 [ 15.169358] which belongs to the cache kmalloc-128 of size 128 [ 15.169879] The buggy address is located 0 bytes inside of [ 15.169879] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.170400] [ 15.170474] The buggy address belongs to the physical page: [ 15.170650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.171180] flags: 0x200000000000000(node=0|zone=2) [ 15.171355] page_type: f5(slab) [ 15.171487] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.172138] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.172480] page dumped because: kasan: bad access detected [ 15.172701] [ 15.172864] Memory state around the buggy address: [ 15.173021] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.173261] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173587] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.173899] ^ [ 15.174211] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174553] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174767] ================================================================== [ 15.107605] ================================================================== [ 15.108162] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.108631] Read of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.109283] [ 15.109529] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.109609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.109625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.109647] Call Trace: [ 15.109666] <TASK> [ 15.109684] dump_stack_lvl+0x73/0xb0 [ 15.109798] print_report+0xd1/0x650 [ 15.109826] ? __virt_addr_valid+0x1db/0x2d0 [ 15.109850] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.109875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.109900] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.109927] kasan_report+0x141/0x180 [ 15.109951] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.109981] kasan_check_range+0x10c/0x1c0 [ 15.110006] __kasan_check_read+0x15/0x20 [ 15.110033] copy_user_test_oob+0x4aa/0x10f0 [ 15.110060] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.110083] ? finish_task_switch.isra.0+0x153/0x700 [ 15.110107] ? __switch_to+0x47/0xf50 [ 15.110133] ? __schedule+0x10cc/0x2b60 [ 15.110159] ? __pfx_read_tsc+0x10/0x10 [ 15.110182] ? ktime_get_ts64+0x86/0x230 [ 15.110208] kunit_try_run_case+0x1a5/0x480 [ 15.110231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.110251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.110277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.110303] ? __kthread_parkme+0x82/0x180 [ 15.110325] ? preempt_count_sub+0x50/0x80 [ 15.110348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.110370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.110407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.110433] kthread+0x337/0x6f0 [ 15.110455] ? trace_preempt_on+0x20/0xc0 [ 15.110483] ? __pfx_kthread+0x10/0x10 [ 15.110505] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.110529] ? calculate_sigpending+0x7b/0xa0 [ 15.110555] ? __pfx_kthread+0x10/0x10 [ 15.110577] ret_from_fork+0x116/0x1d0 [ 15.110597] ? __pfx_kthread+0x10/0x10 [ 15.110618] ret_from_fork_asm+0x1a/0x30 [ 15.110650] </TASK> [ 15.110660] [ 15.121558] Allocated by task 303: [ 15.121925] kasan_save_stack+0x45/0x70 [ 15.122277] kasan_save_track+0x18/0x40 [ 15.122588] kasan_save_alloc_info+0x3b/0x50 [ 15.122892] __kasan_kmalloc+0xb7/0xc0 [ 15.123074] __kmalloc_noprof+0x1c9/0x500 [ 15.123253] kunit_kmalloc_array+0x25/0x60 [ 15.123456] copy_user_test_oob+0xab/0x10f0 [ 15.123663] kunit_try_run_case+0x1a5/0x480 [ 15.124284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.124542] kthread+0x337/0x6f0 [ 15.124885] ret_from_fork+0x116/0x1d0 [ 15.125171] ret_from_fork_asm+0x1a/0x30 [ 15.125494] [ 15.125781] The buggy address belongs to the object at ffff8881039b7800 [ 15.125781] which belongs to the cache kmalloc-128 of size 128 [ 15.126502] The buggy address is located 0 bytes inside of [ 15.126502] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.126977] [ 15.127056] The buggy address belongs to the physical page: [ 15.127226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.127478] flags: 0x200000000000000(node=0|zone=2) [ 15.127638] page_type: f5(slab) [ 15.127757] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.127983] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.128203] page dumped because: kasan: bad access detected [ 15.128372] [ 15.128457] Memory state around the buggy address: [ 15.129122] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.129675] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.130142] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.130544] ^ [ 15.131128] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131479] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131766] ================================================================== [ 15.083575] ================================================================== [ 15.084245] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.084502] Write of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.084836] [ 15.085045] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.085093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.085108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.085131] Call Trace: [ 15.085147] <TASK> [ 15.085164] dump_stack_lvl+0x73/0xb0 [ 15.085191] print_report+0xd1/0x650 [ 15.085216] ? __virt_addr_valid+0x1db/0x2d0 [ 15.085250] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.085274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.085297] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.085333] kasan_report+0x141/0x180 [ 15.085357] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.085395] kasan_check_range+0x10c/0x1c0 [ 15.085420] __kasan_check_write+0x18/0x20 [ 15.085441] copy_user_test_oob+0x3fd/0x10f0 [ 15.085467] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.085491] ? finish_task_switch.isra.0+0x153/0x700 [ 15.085514] ? __switch_to+0x47/0xf50 [ 15.085549] ? __schedule+0x10cc/0x2b60 [ 15.085574] ? __pfx_read_tsc+0x10/0x10 [ 15.085595] ? ktime_get_ts64+0x86/0x230 [ 15.085630] kunit_try_run_case+0x1a5/0x480 [ 15.085653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.085674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.085708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.085756] ? __kthread_parkme+0x82/0x180 [ 15.085777] ? preempt_count_sub+0x50/0x80 [ 15.085812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.085835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.085859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.085884] kthread+0x337/0x6f0 [ 15.085905] ? trace_preempt_on+0x20/0xc0 [ 15.085929] ? __pfx_kthread+0x10/0x10 [ 15.085950] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.085973] ? calculate_sigpending+0x7b/0xa0 [ 15.085999] ? __pfx_kthread+0x10/0x10 [ 15.086021] ret_from_fork+0x116/0x1d0 [ 15.086051] ? __pfx_kthread+0x10/0x10 [ 15.086074] ret_from_fork_asm+0x1a/0x30 [ 15.086107] </TASK> [ 15.086119] [ 15.097213] Allocated by task 303: [ 15.097502] kasan_save_stack+0x45/0x70 [ 15.097699] kasan_save_track+0x18/0x40 [ 15.098036] kasan_save_alloc_info+0x3b/0x50 [ 15.098307] __kasan_kmalloc+0xb7/0xc0 [ 15.098466] __kmalloc_noprof+0x1c9/0x500 [ 15.098792] kunit_kmalloc_array+0x25/0x60 [ 15.099065] copy_user_test_oob+0xab/0x10f0 [ 15.099229] kunit_try_run_case+0x1a5/0x480 [ 15.099520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.099721] kthread+0x337/0x6f0 [ 15.099903] ret_from_fork+0x116/0x1d0 [ 15.100084] ret_from_fork_asm+0x1a/0x30 [ 15.100320] [ 15.100408] The buggy address belongs to the object at ffff8881039b7800 [ 15.100408] which belongs to the cache kmalloc-128 of size 128 [ 15.100949] The buggy address is located 0 bytes inside of [ 15.100949] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.101480] [ 15.101572] The buggy address belongs to the physical page: [ 15.101871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.102343] flags: 0x200000000000000(node=0|zone=2) [ 15.102599] page_type: f5(slab) [ 15.102747] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.103100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.103500] page dumped because: kasan: bad access detected [ 15.103765] [ 15.103849] Memory state around the buggy address: [ 15.104010] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.104387] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104689] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.105393] ^ [ 15.105897] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.106297] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.106742] ================================================================== [ 15.132201] ================================================================== [ 15.132738] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.133330] Write of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.133697] [ 15.133821] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.133867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.133881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.133903] Call Trace: [ 15.133919] <TASK> [ 15.133935] dump_stack_lvl+0x73/0xb0 [ 15.133963] print_report+0xd1/0x650 [ 15.133987] ? __virt_addr_valid+0x1db/0x2d0 [ 15.134011] ? copy_user_test_oob+0x557/0x10f0 [ 15.134039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.134062] ? copy_user_test_oob+0x557/0x10f0 [ 15.134087] kasan_report+0x141/0x180 [ 15.134110] ? copy_user_test_oob+0x557/0x10f0 [ 15.134139] kasan_check_range+0x10c/0x1c0 [ 15.134164] __kasan_check_write+0x18/0x20 [ 15.134185] copy_user_test_oob+0x557/0x10f0 [ 15.134211] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.134236] ? finish_task_switch.isra.0+0x153/0x700 [ 15.134260] ? __switch_to+0x47/0xf50 [ 15.134286] ? __schedule+0x10cc/0x2b60 [ 15.134311] ? __pfx_read_tsc+0x10/0x10 [ 15.134332] ? ktime_get_ts64+0x86/0x230 [ 15.134358] kunit_try_run_case+0x1a5/0x480 [ 15.134392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.134413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.134438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.134463] ? __kthread_parkme+0x82/0x180 [ 15.134484] ? preempt_count_sub+0x50/0x80 [ 15.134507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.134529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.134554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.134579] kthread+0x337/0x6f0 [ 15.134599] ? trace_preempt_on+0x20/0xc0 [ 15.134624] ? __pfx_kthread+0x10/0x10 [ 15.134645] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.134669] ? calculate_sigpending+0x7b/0xa0 [ 15.134693] ? __pfx_kthread+0x10/0x10 [ 15.134729] ret_from_fork+0x116/0x1d0 [ 15.134749] ? __pfx_kthread+0x10/0x10 [ 15.134770] ret_from_fork_asm+0x1a/0x30 [ 15.135317] </TASK> [ 15.135332] [ 15.144811] Allocated by task 303: [ 15.145139] kasan_save_stack+0x45/0x70 [ 15.145307] kasan_save_track+0x18/0x40 [ 15.145519] kasan_save_alloc_info+0x3b/0x50 [ 15.145722] __kasan_kmalloc+0xb7/0xc0 [ 15.146194] __kmalloc_noprof+0x1c9/0x500 [ 15.146351] kunit_kmalloc_array+0x25/0x60 [ 15.146693] copy_user_test_oob+0xab/0x10f0 [ 15.147043] kunit_try_run_case+0x1a5/0x480 [ 15.147281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.147687] kthread+0x337/0x6f0 [ 15.147967] ret_from_fork+0x116/0x1d0 [ 15.148197] ret_from_fork_asm+0x1a/0x30 [ 15.148371] [ 15.148485] The buggy address belongs to the object at ffff8881039b7800 [ 15.148485] which belongs to the cache kmalloc-128 of size 128 [ 15.149196] The buggy address is located 0 bytes inside of [ 15.149196] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.149821] [ 15.150160] The buggy address belongs to the physical page: [ 15.150415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.150924] flags: 0x200000000000000(node=0|zone=2) [ 15.151231] page_type: f5(slab) [ 15.151503] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.151910] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.152288] page dumped because: kasan: bad access detected [ 15.152622] [ 15.152714] Memory state around the buggy address: [ 15.153174] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.153505] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.153986] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.154369] ^ [ 15.154786] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155134] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155502] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user: Failure
Automatically assigned
[ 15.049777] ================================================================== [ 15.050482] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.051114] Read of size 121 at addr ffff8881039b7800 by task kunit_try_catch/303 [ 15.051789] [ 15.051878] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 15.051942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.051956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.051989] Call Trace: [ 15.052002] <TASK> [ 15.052019] dump_stack_lvl+0x73/0xb0 [ 15.052047] print_report+0xd1/0x650 [ 15.052072] ? __virt_addr_valid+0x1db/0x2d0 [ 15.052097] ? _copy_to_user+0x3c/0x70 [ 15.052118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.052141] ? _copy_to_user+0x3c/0x70 [ 15.052163] kasan_report+0x141/0x180 [ 15.052186] ? _copy_to_user+0x3c/0x70 [ 15.052222] kasan_check_range+0x10c/0x1c0 [ 15.052247] __kasan_check_read+0x15/0x20 [ 15.052267] _copy_to_user+0x3c/0x70 [ 15.052300] copy_user_test_oob+0x364/0x10f0 [ 15.052327] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.052351] ? finish_task_switch.isra.0+0x153/0x700 [ 15.052383] ? __switch_to+0x47/0xf50 [ 15.052409] ? __schedule+0x10cc/0x2b60 [ 15.052435] ? __pfx_read_tsc+0x10/0x10 [ 15.052456] ? ktime_get_ts64+0x86/0x230 [ 15.052482] kunit_try_run_case+0x1a5/0x480 [ 15.052505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.052525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.052550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.052576] ? __kthread_parkme+0x82/0x180 [ 15.052598] ? preempt_count_sub+0x50/0x80 [ 15.052622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.052644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.052668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.052713] kthread+0x337/0x6f0 [ 15.052735] ? trace_preempt_on+0x20/0xc0 [ 15.052760] ? __pfx_kthread+0x10/0x10 [ 15.052781] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.052805] ? calculate_sigpending+0x7b/0xa0 [ 15.052830] ? __pfx_kthread+0x10/0x10 [ 15.052853] ret_from_fork+0x116/0x1d0 [ 15.052872] ? __pfx_kthread+0x10/0x10 [ 15.052894] ret_from_fork_asm+0x1a/0x30 [ 15.052925] </TASK> [ 15.052936] [ 15.065837] Allocated by task 303: [ 15.066206] kasan_save_stack+0x45/0x70 [ 15.066599] kasan_save_track+0x18/0x40 [ 15.066935] kasan_save_alloc_info+0x3b/0x50 [ 15.067193] __kasan_kmalloc+0xb7/0xc0 [ 15.067330] __kmalloc_noprof+0x1c9/0x500 [ 15.067485] kunit_kmalloc_array+0x25/0x60 [ 15.067630] copy_user_test_oob+0xab/0x10f0 [ 15.067975] kunit_try_run_case+0x1a5/0x480 [ 15.068389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.068901] kthread+0x337/0x6f0 [ 15.069230] ret_from_fork+0x116/0x1d0 [ 15.069599] ret_from_fork_asm+0x1a/0x30 [ 15.069997] [ 15.070162] The buggy address belongs to the object at ffff8881039b7800 [ 15.070162] which belongs to the cache kmalloc-128 of size 128 [ 15.071204] The buggy address is located 0 bytes inside of [ 15.071204] allocated 120-byte region [ffff8881039b7800, ffff8881039b7878) [ 15.071569] [ 15.071645] The buggy address belongs to the physical page: [ 15.072109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 15.072843] flags: 0x200000000000000(node=0|zone=2) [ 15.073297] page_type: f5(slab) [ 15.073623] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.074305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.074998] page dumped because: kasan: bad access detected [ 15.075176] [ 15.075248] Memory state around the buggy address: [ 15.075419] ffff8881039b7700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.075639] ffff8881039b7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076245] >ffff8881039b7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.076910] ^ [ 15.077532] ffff8881039b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.078181] ffff8881039b7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.078826] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
Automatically assigned
[ 12.866351] ================================================================== [ 12.866858] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 12.867237] Read of size 1 at addr ffff88810387fc4a by task kunit_try_catch/271 [ 12.867539] [ 12.867648] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.867693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.867706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.867726] Call Trace: [ 12.867738] <TASK> [ 12.867753] dump_stack_lvl+0x73/0xb0 [ 12.867779] print_report+0xd1/0x650 [ 12.867802] ? __virt_addr_valid+0x1db/0x2d0 [ 12.867825] ? kasan_alloca_oob_right+0x329/0x390 [ 12.867847] ? kasan_addr_to_slab+0x11/0xa0 [ 12.867867] ? kasan_alloca_oob_right+0x329/0x390 [ 12.867891] kasan_report+0x141/0x180 [ 12.867969] ? kasan_alloca_oob_right+0x329/0x390 [ 12.868000] __asan_report_load1_noabort+0x18/0x20 [ 12.868021] kasan_alloca_oob_right+0x329/0x390 [ 12.868077] ? __kasan_check_write+0x18/0x20 [ 12.868098] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.868121] ? irqentry_exit+0x2a/0x60 [ 12.868141] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.868167] ? trace_hardirqs_on+0x37/0xe0 [ 12.868192] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 12.868220] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 12.868248] kunit_try_run_case+0x1a5/0x480 [ 12.868269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.868289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.868314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.868338] ? __kthread_parkme+0x82/0x180 [ 12.868359] ? preempt_count_sub+0x50/0x80 [ 12.868393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.868414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.868462] kthread+0x337/0x6f0 [ 12.868481] ? trace_preempt_on+0x20/0xc0 [ 12.868503] ? __pfx_kthread+0x10/0x10 [ 12.868523] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.868545] ? calculate_sigpending+0x7b/0xa0 [ 12.868568] ? __pfx_kthread+0x10/0x10 [ 12.868589] ret_from_fork+0x116/0x1d0 [ 12.868607] ? __pfx_kthread+0x10/0x10 [ 12.868627] ret_from_fork_asm+0x1a/0x30 [ 12.868657] </TASK> [ 12.868666] [ 12.877311] The buggy address belongs to stack of task kunit_try_catch/271 [ 12.877633] [ 12.878485] The buggy address belongs to the physical page: [ 12.879009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10387f [ 12.879774] flags: 0x200000000000000(node=0|zone=2) [ 12.880038] raw: 0200000000000000 ffffea00040e1fc8 ffffea00040e1fc8 0000000000000000 [ 12.880403] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.880714] page dumped because: kasan: bad access detected [ 12.880939] [ 12.881036] Memory state around the buggy address: [ 12.881308] ffff88810387fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.881602] ffff88810387fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.881940] >ffff88810387fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.882284] ^ [ 12.882476] ffff88810387fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.882792] ffff88810387fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.883150] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
Automatically assigned
[ 12.842691] ================================================================== [ 12.843180] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 12.843522] Read of size 1 at addr ffff88810392fc3f by task kunit_try_catch/269 [ 12.843879] [ 12.843979] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.844024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.844037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.844059] Call Trace: [ 12.844070] <TASK> [ 12.844087] dump_stack_lvl+0x73/0xb0 [ 12.844114] print_report+0xd1/0x650 [ 12.844138] ? __virt_addr_valid+0x1db/0x2d0 [ 12.844161] ? kasan_alloca_oob_left+0x320/0x380 [ 12.844183] ? kasan_addr_to_slab+0x11/0xa0 [ 12.844205] ? kasan_alloca_oob_left+0x320/0x380 [ 12.844228] kasan_report+0x141/0x180 [ 12.844250] ? kasan_alloca_oob_left+0x320/0x380 [ 12.844278] __asan_report_load1_noabort+0x18/0x20 [ 12.844299] kasan_alloca_oob_left+0x320/0x380 [ 12.844322] ? irqentry_exit+0x2a/0x60 [ 12.844342] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.844369] ? trace_hardirqs_on+0x37/0xe0 [ 12.844407] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 12.844435] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 12.844464] kunit_try_run_case+0x1a5/0x480 [ 12.844488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.844509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.844536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.844561] ? __kthread_parkme+0x82/0x180 [ 12.844582] ? preempt_count_sub+0x50/0x80 [ 12.844605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.844626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.844651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.844675] kthread+0x337/0x6f0 [ 12.844695] ? trace_preempt_on+0x20/0xc0 [ 12.844716] ? __pfx_kthread+0x10/0x10 [ 12.844737] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.844760] ? calculate_sigpending+0x7b/0xa0 [ 12.844840] ? __pfx_kthread+0x10/0x10 [ 12.844865] ret_from_fork+0x116/0x1d0 [ 12.844885] ? __pfx_kthread+0x10/0x10 [ 12.844905] ret_from_fork_asm+0x1a/0x30 [ 12.844936] </TASK> [ 12.844947] [ 12.856493] The buggy address belongs to stack of task kunit_try_catch/269 [ 12.857102] [ 12.857308] The buggy address belongs to the physical page: [ 12.857611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10392f [ 12.858276] flags: 0x200000000000000(node=0|zone=2) [ 12.858585] raw: 0200000000000000 ffffea00040e4bc8 ffffea00040e4bc8 0000000000000000 [ 12.859276] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.859607] page dumped because: kasan: bad access detected [ 12.860021] [ 12.860249] Memory state around the buggy address: [ 12.860692] ffff88810392fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.861231] ffff88810392fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.861647] >ffff88810392fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.862211] ^ [ 12.862459] ffff88810392fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.862931] ffff88810392fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.863436] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
Automatically assigned
[ 12.816117] ================================================================== [ 12.817314] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 12.817638] Read of size 1 at addr ffff888103957d02 by task kunit_try_catch/267 [ 12.818531] [ 12.818876] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.818931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.818945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.818968] Call Trace: [ 12.818981] <TASK> [ 12.818997] dump_stack_lvl+0x73/0xb0 [ 12.819063] print_report+0xd1/0x650 [ 12.819087] ? __virt_addr_valid+0x1db/0x2d0 [ 12.819111] ? kasan_stack_oob+0x2b5/0x300 [ 12.819131] ? kasan_addr_to_slab+0x11/0xa0 [ 12.819153] ? kasan_stack_oob+0x2b5/0x300 [ 12.819175] kasan_report+0x141/0x180 [ 12.819197] ? kasan_stack_oob+0x2b5/0x300 [ 12.819222] __asan_report_load1_noabort+0x18/0x20 [ 12.819243] kasan_stack_oob+0x2b5/0x300 [ 12.819263] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.819283] ? finish_task_switch.isra.0+0x153/0x700 [ 12.819305] ? __switch_to+0x47/0xf50 [ 12.819332] ? __schedule+0x10cc/0x2b60 [ 12.819357] ? __pfx_read_tsc+0x10/0x10 [ 12.819386] ? ktime_get_ts64+0x86/0x230 [ 12.819412] kunit_try_run_case+0x1a5/0x480 [ 12.819434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.819454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.819479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.819504] ? __kthread_parkme+0x82/0x180 [ 12.819526] ? preempt_count_sub+0x50/0x80 [ 12.819551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.819572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.819597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.819621] kthread+0x337/0x6f0 [ 12.819641] ? trace_preempt_on+0x20/0xc0 [ 12.819664] ? __pfx_kthread+0x10/0x10 [ 12.819685] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.819706] ? calculate_sigpending+0x7b/0xa0 [ 12.819730] ? __pfx_kthread+0x10/0x10 [ 12.819751] ret_from_fork+0x116/0x1d0 [ 12.819769] ? __pfx_kthread+0x10/0x10 [ 12.819790] ret_from_fork_asm+0x1a/0x30 [ 12.819821] </TASK> [ 12.819831] [ 12.832294] The buggy address belongs to stack of task kunit_try_catch/267 [ 12.832754] and is located at offset 138 in frame: [ 12.832977] kasan_stack_oob+0x0/0x300 [ 12.833715] [ 12.833992] This frame has 4 objects: [ 12.834353] [48, 49) '__assertion' [ 12.834395] [64, 72) 'array' [ 12.834540] [96, 112) '__assertion' [ 12.834698] [128, 138) 'stack_array' [ 12.834904] [ 12.835289] The buggy address belongs to the physical page: [ 12.835503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103957 [ 12.835938] flags: 0x200000000000000(node=0|zone=2) [ 12.836115] raw: 0200000000000000 ffffea00040e55c8 ffffea00040e55c8 0000000000000000 [ 12.836480] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.836779] page dumped because: kasan: bad access detected [ 12.837016] [ 12.837089] Memory state around the buggy address: [ 12.837307] ffff888103957c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.837655] ffff888103957c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 12.838105] >ffff888103957d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.838344] ^ [ 12.838521] ffff888103957d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 12.838840] ffff888103957e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.839189] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
Automatically assigned
[ 12.792135] ================================================================== [ 12.793074] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 12.793664] Read of size 1 at addr ffffffffa987ae4d by task kunit_try_catch/263 [ 12.794177] [ 12.794319] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.794551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.794565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.794589] Call Trace: [ 12.794603] <TASK> [ 12.794621] dump_stack_lvl+0x73/0xb0 [ 12.794650] print_report+0xd1/0x650 [ 12.794674] ? __virt_addr_valid+0x1db/0x2d0 [ 12.794698] ? kasan_global_oob_right+0x286/0x2d0 [ 12.794736] ? kasan_addr_to_slab+0x11/0xa0 [ 12.794757] ? kasan_global_oob_right+0x286/0x2d0 [ 12.794779] kasan_report+0x141/0x180 [ 12.794801] ? kasan_global_oob_right+0x286/0x2d0 [ 12.794828] __asan_report_load1_noabort+0x18/0x20 [ 12.794849] kasan_global_oob_right+0x286/0x2d0 [ 12.794871] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 12.794895] ? __schedule+0x10cc/0x2b60 [ 12.794920] ? __pfx_read_tsc+0x10/0x10 [ 12.794941] ? ktime_get_ts64+0x86/0x230 [ 12.794966] kunit_try_run_case+0x1a5/0x480 [ 12.794988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.795019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.795045] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.795068] ? __kthread_parkme+0x82/0x180 [ 12.795088] ? preempt_count_sub+0x50/0x80 [ 12.795112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.795133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.795156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.795180] kthread+0x337/0x6f0 [ 12.795199] ? trace_preempt_on+0x20/0xc0 [ 12.795222] ? __pfx_kthread+0x10/0x10 [ 12.795243] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.795265] ? calculate_sigpending+0x7b/0xa0 [ 12.795289] ? __pfx_kthread+0x10/0x10 [ 12.795309] ret_from_fork+0x116/0x1d0 [ 12.795328] ? __pfx_kthread+0x10/0x10 [ 12.795347] ret_from_fork_asm+0x1a/0x30 [ 12.795390] </TASK> [ 12.795400] [ 12.805397] The buggy address belongs to the variable: [ 12.805650] global_array+0xd/0x40 [ 12.805864] [ 12.806400] The buggy address belongs to the physical page: [ 12.806619] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x16cc7a [ 12.807249] flags: 0x200000000002000(reserved|node=0|zone=2) [ 12.807506] raw: 0200000000002000 ffffea0005b31e88 ffffea0005b31e88 0000000000000000 [ 12.807980] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.808387] page dumped because: kasan: bad access detected [ 12.808622] [ 12.808698] Memory state around the buggy address: [ 12.809151] ffffffffa987ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.809563] ffffffffa987ad80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.809999] >ffffffffa987ae00: 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 [ 12.810441] ^ [ 12.810659] ffffffffa987ae80: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 12.811298] ffffffffa987af00: 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 12.811599] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper: Failure
Automatically assigned
[ 12.765442] ================================================================== [ 12.766141] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.766489] Free of addr ffff888103a6c001 by task kunit_try_catch/261 [ 12.766865] [ 12.766957] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.767157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.767171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.767192] Call Trace: [ 12.767204] <TASK> [ 12.767218] dump_stack_lvl+0x73/0xb0 [ 12.767246] print_report+0xd1/0x650 [ 12.767269] ? __virt_addr_valid+0x1db/0x2d0 [ 12.767293] ? kasan_addr_to_slab+0x11/0xa0 [ 12.767314] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.767340] kasan_report_invalid_free+0x10a/0x130 [ 12.767365] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.767535] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.767561] __kasan_mempool_poison_object+0x102/0x1d0 [ 12.767586] mempool_free+0x2ec/0x380 [ 12.767609] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.767634] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.767662] ? __kasan_check_write+0x18/0x20 [ 12.767682] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.767728] ? finish_task_switch.isra.0+0x153/0x700 [ 12.767753] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 12.767778] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.767805] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.767823] ? __pfx_mempool_kfree+0x10/0x10 [ 12.767845] ? __pfx_read_tsc+0x10/0x10 [ 12.767866] ? ktime_get_ts64+0x86/0x230 [ 12.767889] kunit_try_run_case+0x1a5/0x480 [ 12.767909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.767929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.767953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.767977] ? __kthread_parkme+0x82/0x180 [ 12.768012] ? preempt_count_sub+0x50/0x80 [ 12.768035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.768056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.768080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.768103] kthread+0x337/0x6f0 [ 12.768123] ? trace_preempt_on+0x20/0xc0 [ 12.768146] ? __pfx_kthread+0x10/0x10 [ 12.768167] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.768188] ? calculate_sigpending+0x7b/0xa0 [ 12.768213] ? __pfx_kthread+0x10/0x10 [ 12.768234] ret_from_fork+0x116/0x1d0 [ 12.768253] ? __pfx_kthread+0x10/0x10 [ 12.768273] ret_from_fork_asm+0x1a/0x30 [ 12.768303] </TASK> [ 12.768313] [ 12.780225] The buggy address belongs to the physical page: [ 12.781145] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c [ 12.781592] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.782118] flags: 0x200000000000040(head|node=0|zone=2) [ 12.782544] page_type: f8(unknown) [ 12.782765] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.783224] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.783720] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.784366] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.784856] head: 0200000000000002 ffffea00040e9b01 00000000ffffffff 00000000ffffffff [ 12.785276] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.785577] page dumped because: kasan: bad access detected [ 12.785976] [ 12.786174] Memory state around the buggy address: [ 12.786360] ffff888103a6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.786924] ffff888103a6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.787293] >ffff888103a6c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.787644] ^ [ 12.787952] ffff888103a6c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.788564] ffff888103a6c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.789081] ================================================================== [ 12.731861] ================================================================== [ 12.732614] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.733223] Free of addr ffff888102826801 by task kunit_try_catch/259 [ 12.733717] [ 12.733887] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.733935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.733969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.733992] Call Trace: [ 12.734132] <TASK> [ 12.734151] dump_stack_lvl+0x73/0xb0 [ 12.734180] print_report+0xd1/0x650 [ 12.734202] ? __virt_addr_valid+0x1db/0x2d0 [ 12.734225] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.734247] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.734273] kasan_report_invalid_free+0x10a/0x130 [ 12.734298] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.734325] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.734349] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.734374] check_slab_allocation+0x11f/0x130 [ 12.734409] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.734433] mempool_free+0x2ec/0x380 [ 12.734456] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.734481] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.734508] ? __kasan_check_write+0x18/0x20 [ 12.734529] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.734550] ? finish_task_switch.isra.0+0x153/0x700 [ 12.734576] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.734600] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.734626] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.734645] ? __pfx_mempool_kfree+0x10/0x10 [ 12.734666] ? __pfx_read_tsc+0x10/0x10 [ 12.734685] ? ktime_get_ts64+0x86/0x230 [ 12.734708] kunit_try_run_case+0x1a5/0x480 [ 12.734730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.734749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.734773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.734796] ? __kthread_parkme+0x82/0x180 [ 12.734816] ? preempt_count_sub+0x50/0x80 [ 12.734838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.734858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.734883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.734907] kthread+0x337/0x6f0 [ 12.734925] ? trace_preempt_on+0x20/0xc0 [ 12.734947] ? __pfx_kthread+0x10/0x10 [ 12.734966] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.734989] ? calculate_sigpending+0x7b/0xa0 [ 12.735025] ? __pfx_kthread+0x10/0x10 [ 12.735047] ret_from_fork+0x116/0x1d0 [ 12.735064] ? __pfx_kthread+0x10/0x10 [ 12.735084] ret_from_fork_asm+0x1a/0x30 [ 12.735114] </TASK> [ 12.735124] [ 12.748870] Allocated by task 259: [ 12.749292] kasan_save_stack+0x45/0x70 [ 12.749599] kasan_save_track+0x18/0x40 [ 12.749923] kasan_save_alloc_info+0x3b/0x50 [ 12.750301] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.750544] remove_element+0x11e/0x190 [ 12.751003] mempool_alloc_preallocated+0x4d/0x90 [ 12.751290] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 12.751647] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.751989] kunit_try_run_case+0x1a5/0x480 [ 12.752274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.752621] kthread+0x337/0x6f0 [ 12.752838] ret_from_fork+0x116/0x1d0 [ 12.753281] ret_from_fork_asm+0x1a/0x30 [ 12.753584] [ 12.753667] The buggy address belongs to the object at ffff888102826800 [ 12.753667] which belongs to the cache kmalloc-128 of size 128 [ 12.754667] The buggy address is located 1 bytes inside of [ 12.754667] 128-byte region [ffff888102826800, ffff888102826880) [ 12.755358] [ 12.755608] The buggy address belongs to the physical page: [ 12.755834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102826 [ 12.756509] flags: 0x200000000000000(node=0|zone=2) [ 12.756739] page_type: f5(slab) [ 12.757009] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.757647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.758197] page dumped because: kasan: bad access detected [ 12.758672] [ 12.758810] Memory state around the buggy address: [ 12.759231] ffff888102826700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.759581] ffff888102826780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.759987] >ffff888102826800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.760432] ^ [ 12.760616] ffff888102826880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.761237] ffff888102826900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.761675] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure
Automatically assigned
[ 12.672112] ================================================================== [ 12.672558] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.673248] Free of addr ffff888103a68000 by task kunit_try_catch/255 [ 12.674005] [ 12.674240] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.674287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.674336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.674361] Call Trace: [ 12.674413] <TASK> [ 12.674431] dump_stack_lvl+0x73/0xb0 [ 12.674467] print_report+0xd1/0x650 [ 12.674491] ? __virt_addr_valid+0x1db/0x2d0 [ 12.674515] ? kasan_addr_to_slab+0x11/0xa0 [ 12.674536] ? mempool_double_free_helper+0x184/0x370 [ 12.674560] kasan_report_invalid_free+0x10a/0x130 [ 12.674585] ? mempool_double_free_helper+0x184/0x370 [ 12.674611] ? mempool_double_free_helper+0x184/0x370 [ 12.674634] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.674659] mempool_free+0x2ec/0x380 [ 12.674682] mempool_double_free_helper+0x184/0x370 [ 12.674726] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.674752] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.674775] ? finish_task_switch.isra.0+0x153/0x700 [ 12.674801] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.674826] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.674852] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.674871] ? __pfx_mempool_kfree+0x10/0x10 [ 12.674893] ? __pfx_read_tsc+0x10/0x10 [ 12.674914] ? ktime_get_ts64+0x86/0x230 [ 12.674937] kunit_try_run_case+0x1a5/0x480 [ 12.674960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.674979] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.675030] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.675056] ? __kthread_parkme+0x82/0x180 [ 12.675076] ? preempt_count_sub+0x50/0x80 [ 12.675098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.675119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.675142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.675167] kthread+0x337/0x6f0 [ 12.675186] ? trace_preempt_on+0x20/0xc0 [ 12.675210] ? __pfx_kthread+0x10/0x10 [ 12.675230] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.675252] ? calculate_sigpending+0x7b/0xa0 [ 12.675276] ? __pfx_kthread+0x10/0x10 [ 12.675297] ret_from_fork+0x116/0x1d0 [ 12.675315] ? __pfx_kthread+0x10/0x10 [ 12.675335] ret_from_fork_asm+0x1a/0x30 [ 12.675366] </TASK> [ 12.675386] [ 12.689348] The buggy address belongs to the physical page: [ 12.690005] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a68 [ 12.690867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.691444] flags: 0x200000000000040(head|node=0|zone=2) [ 12.691631] page_type: f8(unknown) [ 12.691884] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.692613] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.693327] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.693586] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.694182] head: 0200000000000002 ffffea00040e9a01 00000000ffffffff 00000000ffffffff [ 12.694867] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.695598] page dumped because: kasan: bad access detected [ 12.695954] [ 12.696163] Memory state around the buggy address: [ 12.696534] ffff888103a67f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.696801] ffff888103a67f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.697610] >ffff888103a68000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.698202] ^ [ 12.698324] ffff888103a68080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.698559] ffff888103a68100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.698830] ================================================================== [ 12.702192] ================================================================== [ 12.702614] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.702857] Free of addr ffff888103a68000 by task kunit_try_catch/257 [ 12.703057] [ 12.703139] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.703184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.703196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.703218] Call Trace: [ 12.703229] <TASK> [ 12.703244] dump_stack_lvl+0x73/0xb0 [ 12.703267] print_report+0xd1/0x650 [ 12.703288] ? __virt_addr_valid+0x1db/0x2d0 [ 12.703312] ? kasan_addr_to_slab+0x11/0xa0 [ 12.703332] ? mempool_double_free_helper+0x184/0x370 [ 12.703357] kasan_report_invalid_free+0x10a/0x130 [ 12.703391] ? mempool_double_free_helper+0x184/0x370 [ 12.703417] ? mempool_double_free_helper+0x184/0x370 [ 12.703440] __kasan_mempool_poison_pages+0x115/0x130 [ 12.703466] mempool_free+0x290/0x380 [ 12.703490] mempool_double_free_helper+0x184/0x370 [ 12.703513] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.703538] ? __kasan_check_write+0x18/0x20 [ 12.703558] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.703578] ? finish_task_switch.isra.0+0x153/0x700 [ 12.703604] mempool_page_alloc_double_free+0xe8/0x140 [ 12.703628] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 12.703656] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.703675] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.703696] ? __pfx_read_tsc+0x10/0x10 [ 12.703716] ? ktime_get_ts64+0x86/0x230 [ 12.703740] kunit_try_run_case+0x1a5/0x480 [ 12.703762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.703781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.703804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.703828] ? __kthread_parkme+0x82/0x180 [ 12.703847] ? preempt_count_sub+0x50/0x80 [ 12.703869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.703889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.703912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.703936] kthread+0x337/0x6f0 [ 12.703954] ? trace_preempt_on+0x20/0xc0 [ 12.703975] ? __pfx_kthread+0x10/0x10 [ 12.703995] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.704017] ? calculate_sigpending+0x7b/0xa0 [ 12.704039] ? __pfx_kthread+0x10/0x10 [ 12.704060] ret_from_fork+0x116/0x1d0 [ 12.704077] ? __pfx_kthread+0x10/0x10 [ 12.704096] ret_from_fork_asm+0x1a/0x30 [ 12.704126] </TASK> [ 12.704135] [ 12.721634] The buggy address belongs to the physical page: [ 12.722212] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a68 [ 12.722507] flags: 0x200000000000000(node=0|zone=2) [ 12.722808] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.723648] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.724267] page dumped because: kasan: bad access detected [ 12.724550] [ 12.724636] Memory state around the buggy address: [ 12.724794] ffff888103a67f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.725411] ffff888103a67f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.725819] >ffff888103a68000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.726449] ^ [ 12.726800] ffff888103a68080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.727179] ffff888103a68100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.727555] ================================================================== [ 12.631149] ================================================================== [ 12.632339] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.632597] Free of addr ffff8881039b7500 by task kunit_try_catch/253 [ 12.633017] [ 12.633249] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.633314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.633327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.633419] Call Trace: [ 12.633434] <TASK> [ 12.633450] dump_stack_lvl+0x73/0xb0 [ 12.633478] print_report+0xd1/0x650 [ 12.633502] ? __virt_addr_valid+0x1db/0x2d0 [ 12.633527] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.633550] ? mempool_double_free_helper+0x184/0x370 [ 12.633575] kasan_report_invalid_free+0x10a/0x130 [ 12.633600] ? mempool_double_free_helper+0x184/0x370 [ 12.633627] ? mempool_double_free_helper+0x184/0x370 [ 12.633650] ? mempool_double_free_helper+0x184/0x370 [ 12.633673] check_slab_allocation+0x101/0x130 [ 12.633696] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.633737] mempool_free+0x2ec/0x380 [ 12.633762] mempool_double_free_helper+0x184/0x370 [ 12.633787] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.633811] ? update_load_avg+0x1be/0x21b0 [ 12.633840] ? finish_task_switch.isra.0+0x153/0x700 [ 12.633868] mempool_kmalloc_double_free+0xed/0x140 [ 12.633893] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.633922] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.633941] ? __pfx_mempool_kfree+0x10/0x10 [ 12.633964] ? __pfx_read_tsc+0x10/0x10 [ 12.633985] ? ktime_get_ts64+0x86/0x230 [ 12.634010] kunit_try_run_case+0x1a5/0x480 [ 12.634074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.634094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.634120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.634145] ? __kthread_parkme+0x82/0x180 [ 12.634166] ? preempt_count_sub+0x50/0x80 [ 12.634190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.634211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.634236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.634260] kthread+0x337/0x6f0 [ 12.634279] ? trace_preempt_on+0x20/0xc0 [ 12.634304] ? __pfx_kthread+0x10/0x10 [ 12.634326] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.634349] ? calculate_sigpending+0x7b/0xa0 [ 12.634373] ? __pfx_kthread+0x10/0x10 [ 12.634410] ret_from_fork+0x116/0x1d0 [ 12.634428] ? __pfx_kthread+0x10/0x10 [ 12.634449] ret_from_fork_asm+0x1a/0x30 [ 12.634482] </TASK> [ 12.634493] [ 12.649740] Allocated by task 253: [ 12.650323] kasan_save_stack+0x45/0x70 [ 12.650692] kasan_save_track+0x18/0x40 [ 12.650924] kasan_save_alloc_info+0x3b/0x50 [ 12.651516] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.651987] remove_element+0x11e/0x190 [ 12.652485] mempool_alloc_preallocated+0x4d/0x90 [ 12.652658] mempool_double_free_helper+0x8a/0x370 [ 12.653263] mempool_kmalloc_double_free+0xed/0x140 [ 12.654040] kunit_try_run_case+0x1a5/0x480 [ 12.654414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.654599] kthread+0x337/0x6f0 [ 12.654744] ret_from_fork+0x116/0x1d0 [ 12.655169] ret_from_fork_asm+0x1a/0x30 [ 12.655681] [ 12.655857] Freed by task 253: [ 12.656308] kasan_save_stack+0x45/0x70 [ 12.656722] kasan_save_track+0x18/0x40 [ 12.656905] kasan_save_free_info+0x3f/0x60 [ 12.657094] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.657735] mempool_free+0x2ec/0x380 [ 12.658246] mempool_double_free_helper+0x109/0x370 [ 12.658505] mempool_kmalloc_double_free+0xed/0x140 [ 12.658672] kunit_try_run_case+0x1a5/0x480 [ 12.658831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.659011] kthread+0x337/0x6f0 [ 12.659284] ret_from_fork+0x116/0x1d0 [ 12.659639] ret_from_fork_asm+0x1a/0x30 [ 12.660033] [ 12.660242] The buggy address belongs to the object at ffff8881039b7500 [ 12.660242] which belongs to the cache kmalloc-128 of size 128 [ 12.661295] The buggy address is located 0 bytes inside of [ 12.661295] 128-byte region [ffff8881039b7500, ffff8881039b7580) [ 12.661818] [ 12.661896] The buggy address belongs to the physical page: [ 12.662534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 12.663256] flags: 0x200000000000000(node=0|zone=2) [ 12.663758] page_type: f5(slab) [ 12.663979] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.664553] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.664860] page dumped because: kasan: bad access detected [ 12.665419] [ 12.665657] Memory state around the buggy address: [ 12.666193] ffff8881039b7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.666624] ffff8881039b7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.666981] >ffff8881039b7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.667870] ^ [ 12.668261] ffff8881039b7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.668670] ffff8881039b7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.668930] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 12.532517] ================================================================== [ 12.533560] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.534080] Read of size 1 at addr ffff8881039f4000 by task kunit_try_catch/247 [ 12.534918] [ 12.535125] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.535185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.535198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.535237] Call Trace: [ 12.535250] <TASK> [ 12.535294] dump_stack_lvl+0x73/0xb0 [ 12.535325] print_report+0xd1/0x650 [ 12.535348] ? __virt_addr_valid+0x1db/0x2d0 [ 12.535392] ? mempool_uaf_helper+0x392/0x400 [ 12.535415] ? kasan_addr_to_slab+0x11/0xa0 [ 12.535435] ? mempool_uaf_helper+0x392/0x400 [ 12.535459] kasan_report+0x141/0x180 [ 12.535481] ? mempool_uaf_helper+0x392/0x400 [ 12.535509] __asan_report_load1_noabort+0x18/0x20 [ 12.535529] mempool_uaf_helper+0x392/0x400 [ 12.535552] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.535579] ? finish_task_switch.isra.0+0x153/0x700 [ 12.535605] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.535629] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.535656] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.535676] ? __pfx_mempool_kfree+0x10/0x10 [ 12.535715] ? __pfx_read_tsc+0x10/0x10 [ 12.535737] ? ktime_get_ts64+0x86/0x230 [ 12.535763] kunit_try_run_case+0x1a5/0x480 [ 12.535785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.535805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.535831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.535857] ? __kthread_parkme+0x82/0x180 [ 12.535878] ? preempt_count_sub+0x50/0x80 [ 12.535900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.535921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.535945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.535971] kthread+0x337/0x6f0 [ 12.536008] ? trace_preempt_on+0x20/0xc0 [ 12.536034] ? __pfx_kthread+0x10/0x10 [ 12.536055] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.536079] ? calculate_sigpending+0x7b/0xa0 [ 12.536105] ? __pfx_kthread+0x10/0x10 [ 12.536126] ret_from_fork+0x116/0x1d0 [ 12.536145] ? __pfx_kthread+0x10/0x10 [ 12.536166] ret_from_fork_asm+0x1a/0x30 [ 12.536197] </TASK> [ 12.536207] [ 12.544717] The buggy address belongs to the physical page: [ 12.544933] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 12.545232] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.545568] flags: 0x200000000000040(head|node=0|zone=2) [ 12.545926] page_type: f8(unknown) [ 12.546141] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.546565] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.547016] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.547408] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.547909] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 12.548317] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.548558] page dumped because: kasan: bad access detected [ 12.548757] [ 12.548829] Memory state around the buggy address: [ 12.549117] ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.549491] ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.549919] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.550637] ^ [ 12.550828] ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.551277] ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.551647] ================================================================== [ 12.601788] ================================================================== [ 12.602609] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.603053] Read of size 1 at addr ffff888103a30000 by task kunit_try_catch/251 [ 12.603591] [ 12.603891] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.603940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.603953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.603976] Call Trace: [ 12.603988] <TASK> [ 12.604005] dump_stack_lvl+0x73/0xb0 [ 12.604036] print_report+0xd1/0x650 [ 12.604060] ? __virt_addr_valid+0x1db/0x2d0 [ 12.604120] ? mempool_uaf_helper+0x392/0x400 [ 12.604156] ? kasan_addr_to_slab+0x11/0xa0 [ 12.604177] ? mempool_uaf_helper+0x392/0x400 [ 12.604211] kasan_report+0x141/0x180 [ 12.604235] ? mempool_uaf_helper+0x392/0x400 [ 12.604263] __asan_report_load1_noabort+0x18/0x20 [ 12.604285] mempool_uaf_helper+0x392/0x400 [ 12.604308] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.604332] ? __kasan_check_write+0x18/0x20 [ 12.604352] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.604386] ? finish_task_switch.isra.0+0x153/0x700 [ 12.604412] mempool_page_alloc_uaf+0xed/0x140 [ 12.604437] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.604464] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.604485] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.604508] ? __pfx_read_tsc+0x10/0x10 [ 12.604529] ? ktime_get_ts64+0x86/0x230 [ 12.604553] kunit_try_run_case+0x1a5/0x480 [ 12.604575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.604621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.604647] ? __kthread_parkme+0x82/0x180 [ 12.604666] ? preempt_count_sub+0x50/0x80 [ 12.604689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.604727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.604751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.604775] kthread+0x337/0x6f0 [ 12.604795] ? trace_preempt_on+0x20/0xc0 [ 12.604820] ? __pfx_kthread+0x10/0x10 [ 12.604841] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.604863] ? calculate_sigpending+0x7b/0xa0 [ 12.604889] ? __pfx_kthread+0x10/0x10 [ 12.604910] ret_from_fork+0x116/0x1d0 [ 12.604929] ? __pfx_kthread+0x10/0x10 [ 12.604949] ret_from_fork_asm+0x1a/0x30 [ 12.604979] </TASK> [ 12.605004] [ 12.618179] The buggy address belongs to the physical page: [ 12.618365] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a30 [ 12.619339] flags: 0x200000000000000(node=0|zone=2) [ 12.619846] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.620837] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.621721] page dumped because: kasan: bad access detected [ 12.622331] [ 12.622523] Memory state around the buggy address: [ 12.623039] ffff888103a2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.623688] ffff888103a2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.624535] >ffff888103a30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.625210] ^ [ 12.625581] ffff888103a30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.626314] ffff888103a30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.627221] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 12.488499] ================================================================== [ 12.490160] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.491125] Read of size 1 at addr ffff8881039b7100 by task kunit_try_catch/245 [ 12.491658] [ 12.491960] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.492140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.492156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.492180] Call Trace: [ 12.492193] <TASK> [ 12.492211] dump_stack_lvl+0x73/0xb0 [ 12.492241] print_report+0xd1/0x650 [ 12.492265] ? __virt_addr_valid+0x1db/0x2d0 [ 12.492290] ? mempool_uaf_helper+0x392/0x400 [ 12.492314] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.492337] ? mempool_uaf_helper+0x392/0x400 [ 12.492361] kasan_report+0x141/0x180 [ 12.492415] ? mempool_uaf_helper+0x392/0x400 [ 12.492443] __asan_report_load1_noabort+0x18/0x20 [ 12.492464] mempool_uaf_helper+0x392/0x400 [ 12.492487] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.492509] ? update_load_avg+0x1be/0x21b0 [ 12.492533] ? dequeue_entities+0x27e/0x1740 [ 12.492592] ? finish_task_switch.isra.0+0x153/0x700 [ 12.492620] mempool_kmalloc_uaf+0xef/0x140 [ 12.492643] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.492668] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.492688] ? __pfx_mempool_kfree+0x10/0x10 [ 12.492730] ? __pfx_read_tsc+0x10/0x10 [ 12.492752] ? ktime_get_ts64+0x86/0x230 [ 12.492777] kunit_try_run_case+0x1a5/0x480 [ 12.492799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.492818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.492844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.492869] ? __kthread_parkme+0x82/0x180 [ 12.492889] ? preempt_count_sub+0x50/0x80 [ 12.492912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.492933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.492957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.492981] kthread+0x337/0x6f0 [ 12.493028] ? trace_preempt_on+0x20/0xc0 [ 12.493055] ? __pfx_kthread+0x10/0x10 [ 12.493077] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.493100] ? calculate_sigpending+0x7b/0xa0 [ 12.493124] ? __pfx_kthread+0x10/0x10 [ 12.493146] ret_from_fork+0x116/0x1d0 [ 12.493164] ? __pfx_kthread+0x10/0x10 [ 12.493185] ret_from_fork_asm+0x1a/0x30 [ 12.493215] </TASK> [ 12.493226] [ 12.508551] Allocated by task 245: [ 12.508929] kasan_save_stack+0x45/0x70 [ 12.509465] kasan_save_track+0x18/0x40 [ 12.509658] kasan_save_alloc_info+0x3b/0x50 [ 12.510128] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.510692] remove_element+0x11e/0x190 [ 12.510884] mempool_alloc_preallocated+0x4d/0x90 [ 12.511364] mempool_uaf_helper+0x96/0x400 [ 12.511534] mempool_kmalloc_uaf+0xef/0x140 [ 12.511683] kunit_try_run_case+0x1a5/0x480 [ 12.512150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.512932] kthread+0x337/0x6f0 [ 12.513374] ret_from_fork+0x116/0x1d0 [ 12.513753] ret_from_fork_asm+0x1a/0x30 [ 12.514233] [ 12.514368] Freed by task 245: [ 12.514681] kasan_save_stack+0x45/0x70 [ 12.514927] kasan_save_track+0x18/0x40 [ 12.515345] kasan_save_free_info+0x3f/0x60 [ 12.515759] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.515939] mempool_free+0x2ec/0x380 [ 12.516093] mempool_uaf_helper+0x11a/0x400 [ 12.516240] mempool_kmalloc_uaf+0xef/0x140 [ 12.516398] kunit_try_run_case+0x1a5/0x480 [ 12.516543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.516767] kthread+0x337/0x6f0 [ 12.517168] ret_from_fork+0x116/0x1d0 [ 12.517705] ret_from_fork_asm+0x1a/0x30 [ 12.518109] [ 12.518345] The buggy address belongs to the object at ffff8881039b7100 [ 12.518345] which belongs to the cache kmalloc-128 of size 128 [ 12.519631] The buggy address is located 0 bytes inside of [ 12.519631] freed 128-byte region [ffff8881039b7100, ffff8881039b7180) [ 12.520924] [ 12.521167] The buggy address belongs to the physical page: [ 12.521690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b7 [ 12.522352] flags: 0x200000000000000(node=0|zone=2) [ 12.522893] page_type: f5(slab) [ 12.523020] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.523558] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.524320] page dumped because: kasan: bad access detected [ 12.524919] [ 12.525158] Memory state around the buggy address: [ 12.525668] ffff8881039b7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.526193] ffff8881039b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.526909] >ffff8881039b7100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.527604] ^ [ 12.527762] ffff8881039b7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.528513] ffff8881039b7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.529057] ================================================================== [ 12.555870] ================================================================== [ 12.557016] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.557503] Read of size 1 at addr ffff888103981240 by task kunit_try_catch/249 [ 12.558490] [ 12.558805] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.558857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.558870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.558893] Call Trace: [ 12.558906] <TASK> [ 12.558923] dump_stack_lvl+0x73/0xb0 [ 12.558950] print_report+0xd1/0x650 [ 12.558973] ? __virt_addr_valid+0x1db/0x2d0 [ 12.558995] ? mempool_uaf_helper+0x392/0x400 [ 12.559129] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.559153] ? mempool_uaf_helper+0x392/0x400 [ 12.559176] kasan_report+0x141/0x180 [ 12.559199] ? mempool_uaf_helper+0x392/0x400 [ 12.559225] __asan_report_load1_noabort+0x18/0x20 [ 12.559278] mempool_uaf_helper+0x392/0x400 [ 12.559305] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.559331] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.559353] ? finish_task_switch.isra.0+0x153/0x700 [ 12.559390] mempool_slab_uaf+0xea/0x140 [ 12.559410] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.559432] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.559452] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.559474] ? __pfx_read_tsc+0x10/0x10 [ 12.559495] ? ktime_get_ts64+0x86/0x230 [ 12.559518] kunit_try_run_case+0x1a5/0x480 [ 12.559541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.559561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.559586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.559611] ? __kthread_parkme+0x82/0x180 [ 12.559632] ? preempt_count_sub+0x50/0x80 [ 12.559654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.559675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.559699] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.559744] kthread+0x337/0x6f0 [ 12.559763] ? trace_preempt_on+0x20/0xc0 [ 12.559786] ? __pfx_kthread+0x10/0x10 [ 12.559807] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.559829] ? calculate_sigpending+0x7b/0xa0 [ 12.559853] ? __pfx_kthread+0x10/0x10 [ 12.559874] ret_from_fork+0x116/0x1d0 [ 12.559891] ? __pfx_kthread+0x10/0x10 [ 12.559912] ret_from_fork_asm+0x1a/0x30 [ 12.559941] </TASK> [ 12.559952] [ 12.578800] Allocated by task 249: [ 12.579363] kasan_save_stack+0x45/0x70 [ 12.579872] kasan_save_track+0x18/0x40 [ 12.580336] kasan_save_alloc_info+0x3b/0x50 [ 12.580507] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.580684] remove_element+0x11e/0x190 [ 12.581356] mempool_alloc_preallocated+0x4d/0x90 [ 12.582115] mempool_uaf_helper+0x96/0x400 [ 12.582687] mempool_slab_uaf+0xea/0x140 [ 12.583216] kunit_try_run_case+0x1a5/0x480 [ 12.583864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.584286] kthread+0x337/0x6f0 [ 12.584825] ret_from_fork+0x116/0x1d0 [ 12.585281] ret_from_fork_asm+0x1a/0x30 [ 12.585487] [ 12.585566] Freed by task 249: [ 12.585680] kasan_save_stack+0x45/0x70 [ 12.585821] kasan_save_track+0x18/0x40 [ 12.585956] kasan_save_free_info+0x3f/0x60 [ 12.586131] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.586314] mempool_free+0x2ec/0x380 [ 12.586520] mempool_uaf_helper+0x11a/0x400 [ 12.586878] mempool_slab_uaf+0xea/0x140 [ 12.587243] kunit_try_run_case+0x1a5/0x480 [ 12.587461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.587644] kthread+0x337/0x6f0 [ 12.587891] ret_from_fork+0x116/0x1d0 [ 12.588228] ret_from_fork_asm+0x1a/0x30 [ 12.588648] [ 12.588817] The buggy address belongs to the object at ffff888103981240 [ 12.588817] which belongs to the cache test_cache of size 123 [ 12.590050] The buggy address is located 0 bytes inside of [ 12.590050] freed 123-byte region [ffff888103981240, ffff8881039812bb) [ 12.591178] [ 12.591254] The buggy address belongs to the physical page: [ 12.591442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103981 [ 12.591685] flags: 0x200000000000000(node=0|zone=2) [ 12.591869] page_type: f5(slab) [ 12.592027] raw: 0200000000000000 ffff88810189cc80 dead000000000122 0000000000000000 [ 12.592290] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.592626] page dumped because: kasan: bad access detected [ 12.592864] [ 12.592969] Memory state around the buggy address: [ 12.593137] ffff888103981100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.593517] ffff888103981180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.593797] >ffff888103981200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.594269] ^ [ 12.594499] ffff888103981280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.594737] ffff888103981300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.595139] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper: Failure
Automatically assigned
[ 12.408672] ================================================================== [ 12.409292] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.409608] Read of size 1 at addr ffff888102826473 by task kunit_try_catch/239 [ 12.410200] [ 12.410324] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.410389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.410401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.410720] Call Trace: [ 12.410739] <TASK> [ 12.410760] dump_stack_lvl+0x73/0xb0 [ 12.410793] print_report+0xd1/0x650 [ 12.410818] ? __virt_addr_valid+0x1db/0x2d0 [ 12.410843] ? mempool_oob_right_helper+0x318/0x380 [ 12.410877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.410900] ? mempool_oob_right_helper+0x318/0x380 [ 12.410924] kasan_report+0x141/0x180 [ 12.410946] ? mempool_oob_right_helper+0x318/0x380 [ 12.410974] __asan_report_load1_noabort+0x18/0x20 [ 12.410995] mempool_oob_right_helper+0x318/0x380 [ 12.411050] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.411076] ? __kasan_check_write+0x18/0x20 [ 12.411096] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.411119] ? finish_task_switch.isra.0+0x153/0x700 [ 12.411146] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.411170] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.411195] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.411217] ? __pfx_mempool_kfree+0x10/0x10 [ 12.411238] ? __pfx_read_tsc+0x10/0x10 [ 12.411260] ? ktime_get_ts64+0x86/0x230 [ 12.411285] kunit_try_run_case+0x1a5/0x480 [ 12.411308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.411328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.411353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.411389] ? __kthread_parkme+0x82/0x180 [ 12.411410] ? preempt_count_sub+0x50/0x80 [ 12.411433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.411454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.411477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.411501] kthread+0x337/0x6f0 [ 12.411521] ? trace_preempt_on+0x20/0xc0 [ 12.411545] ? __pfx_kthread+0x10/0x10 [ 12.411565] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.411587] ? calculate_sigpending+0x7b/0xa0 [ 12.411612] ? __pfx_kthread+0x10/0x10 [ 12.411633] ret_from_fork+0x116/0x1d0 [ 12.411651] ? __pfx_kthread+0x10/0x10 [ 12.411671] ret_from_fork_asm+0x1a/0x30 [ 12.411702] </TASK> [ 12.411713] [ 12.421065] Allocated by task 239: [ 12.421208] kasan_save_stack+0x45/0x70 [ 12.421362] kasan_save_track+0x18/0x40 [ 12.421596] kasan_save_alloc_info+0x3b/0x50 [ 12.421892] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.422522] remove_element+0x11e/0x190 [ 12.422666] mempool_alloc_preallocated+0x4d/0x90 [ 12.423180] mempool_oob_right_helper+0x8a/0x380 [ 12.423365] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.423658] kunit_try_run_case+0x1a5/0x480 [ 12.423908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.424275] kthread+0x337/0x6f0 [ 12.424455] ret_from_fork+0x116/0x1d0 [ 12.424654] ret_from_fork_asm+0x1a/0x30 [ 12.424928] [ 12.425045] The buggy address belongs to the object at ffff888102826400 [ 12.425045] which belongs to the cache kmalloc-128 of size 128 [ 12.425508] The buggy address is located 0 bytes to the right of [ 12.425508] allocated 115-byte region [ffff888102826400, ffff888102826473) [ 12.426281] [ 12.426362] The buggy address belongs to the physical page: [ 12.426730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102826 [ 12.427156] flags: 0x200000000000000(node=0|zone=2) [ 12.427491] page_type: f5(slab) [ 12.427651] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.428066] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.428435] page dumped because: kasan: bad access detected [ 12.428712] [ 12.428864] Memory state around the buggy address: [ 12.429168] ffff888102826300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.429444] ffff888102826380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.429796] >ffff888102826400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.430107] ^ [ 12.430472] ffff888102826480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.430803] ffff888102826500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.431198] ================================================================== [ 12.459388] ================================================================== [ 12.460270] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.460635] Read of size 1 at addr ffff88810397e2bb by task kunit_try_catch/243 [ 12.460960] [ 12.461064] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.461170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.461198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.461220] Call Trace: [ 12.461233] <TASK> [ 12.461249] dump_stack_lvl+0x73/0xb0 [ 12.461286] print_report+0xd1/0x650 [ 12.461309] ? __virt_addr_valid+0x1db/0x2d0 [ 12.461331] ? mempool_oob_right_helper+0x318/0x380 [ 12.461354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.461386] ? mempool_oob_right_helper+0x318/0x380 [ 12.461410] kasan_report+0x141/0x180 [ 12.461432] ? mempool_oob_right_helper+0x318/0x380 [ 12.461461] __asan_report_load1_noabort+0x18/0x20 [ 12.461481] mempool_oob_right_helper+0x318/0x380 [ 12.461505] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.461531] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.461552] ? finish_task_switch.isra.0+0x153/0x700 [ 12.461577] mempool_slab_oob_right+0xed/0x140 [ 12.461598] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.461618] ? __kasan_check_write+0x18/0x20 [ 12.461649] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.461669] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.461690] ? __pfx_read_tsc+0x10/0x10 [ 12.461721] ? ktime_get_ts64+0x86/0x230 [ 12.461744] kunit_try_run_case+0x1a5/0x480 [ 12.461783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.461802] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.461836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.461861] ? __kthread_parkme+0x82/0x180 [ 12.461880] ? preempt_count_sub+0x50/0x80 [ 12.461903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.461923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.461947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.461971] kthread+0x337/0x6f0 [ 12.461990] ? trace_preempt_on+0x20/0xc0 [ 12.462033] ? __pfx_kthread+0x10/0x10 [ 12.462054] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.462075] ? calculate_sigpending+0x7b/0xa0 [ 12.462098] ? __pfx_kthread+0x10/0x10 [ 12.462120] ret_from_fork+0x116/0x1d0 [ 12.462138] ? __pfx_kthread+0x10/0x10 [ 12.462158] ret_from_fork_asm+0x1a/0x30 [ 12.462188] </TASK> [ 12.462199] [ 12.472189] Allocated by task 243: [ 12.472475] kasan_save_stack+0x45/0x70 [ 12.472687] kasan_save_track+0x18/0x40 [ 12.472841] kasan_save_alloc_info+0x3b/0x50 [ 12.472988] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.473162] remove_element+0x11e/0x190 [ 12.473340] mempool_alloc_preallocated+0x4d/0x90 [ 12.473627] mempool_oob_right_helper+0x8a/0x380 [ 12.474040] mempool_slab_oob_right+0xed/0x140 [ 12.474223] kunit_try_run_case+0x1a5/0x480 [ 12.474461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.474699] kthread+0x337/0x6f0 [ 12.474859] ret_from_fork+0x116/0x1d0 [ 12.475220] ret_from_fork_asm+0x1a/0x30 [ 12.475392] [ 12.475467] The buggy address belongs to the object at ffff88810397e240 [ 12.475467] which belongs to the cache test_cache of size 123 [ 12.476109] The buggy address is located 0 bytes to the right of [ 12.476109] allocated 123-byte region [ffff88810397e240, ffff88810397e2bb) [ 12.476999] [ 12.477122] The buggy address belongs to the physical page: [ 12.477352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397e [ 12.477669] flags: 0x200000000000000(node=0|zone=2) [ 12.477958] page_type: f5(slab) [ 12.478281] raw: 0200000000000000 ffff88810189cb40 dead000000000122 0000000000000000 [ 12.478639] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.478990] page dumped because: kasan: bad access detected [ 12.479460] [ 12.479562] Memory state around the buggy address: [ 12.479792] ffff88810397e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.480167] ffff88810397e200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.480450] >ffff88810397e280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.480818] ^ [ 12.481055] ffff88810397e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481449] ffff88810397e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481737] ================================================================== [ 12.434804] ================================================================== [ 12.435319] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.435643] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/241 [ 12.436011] [ 12.436115] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 12.436161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.436173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.436194] Call Trace: [ 12.436207] <TASK> [ 12.436235] dump_stack_lvl+0x73/0xb0 [ 12.436265] print_report+0xd1/0x650 [ 12.436289] ? __virt_addr_valid+0x1db/0x2d0 [ 12.436325] ? mempool_oob_right_helper+0x318/0x380 [ 12.436348] ? kasan_addr_to_slab+0x11/0xa0 [ 12.436369] ? mempool_oob_right_helper+0x318/0x380 [ 12.436401] kasan_report+0x141/0x180 [ 12.436424] ? mempool_oob_right_helper+0x318/0x380 [ 12.436452] __asan_report_load1_noabort+0x18/0x20 [ 12.436482] mempool_oob_right_helper+0x318/0x380 [ 12.436506] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.436531] ? __kasan_check_write+0x18/0x20 [ 12.436562] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.436585] ? finish_task_switch.isra.0+0x153/0x700 [ 12.436612] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.436637] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.436665] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.436685] ? __pfx_mempool_kfree+0x10/0x10 [ 12.436706] ? __pfx_read_tsc+0x10/0x10 [ 12.436738] ? ktime_get_ts64+0x86/0x230 [ 12.436763] kunit_try_run_case+0x1a5/0x480 [ 12.436794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.436814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.436840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.436876] ? __kthread_parkme+0x82/0x180 [ 12.436895] ? preempt_count_sub+0x50/0x80 [ 12.436918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.436939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.436972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.436996] kthread+0x337/0x6f0 [ 12.437016] ? trace_preempt_on+0x20/0xc0 [ 12.437051] ? __pfx_kthread+0x10/0x10 [ 12.437072] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.437118] ? calculate_sigpending+0x7b/0xa0 [ 12.437142] ? __pfx_kthread+0x10/0x10 [ 12.437164] ret_from_fork+0x116/0x1d0 [ 12.437182] ? __pfx_kthread+0x10/0x10 [ 12.437203] ret_from_fork_asm+0x1a/0x30 [ 12.437233] </TASK> [ 12.437244] [ 12.446641] The buggy address belongs to the physical page: [ 12.447180] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 12.447560] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.447920] flags: 0x200000000000040(head|node=0|zone=2) [ 12.448252] page_type: f8(unknown) [ 12.448436] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.448775] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.449118] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.449443] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.449717] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff [ 12.450055] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.450343] page dumped because: kasan: bad access detected [ 12.450616] [ 12.450689] Memory state around the buggy address: [ 12.450944] ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.451213] ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.451751] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.452289] ^ [ 12.452472] ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.452693] ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.453057] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
Automatically assigned
[ 11.835580] ================================================================== [ 11.836627] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 11.837830] Read of size 1 at addr ffff8881017ca3c0 by task kunit_try_catch/233 [ 11.838103] [ 11.838201] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.838252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.838264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.838289] Call Trace: [ 11.838304] <TASK> [ 11.838323] dump_stack_lvl+0x73/0xb0 [ 11.838357] print_report+0xd1/0x650 [ 11.838393] ? __virt_addr_valid+0x1db/0x2d0 [ 11.838419] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.838440] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.838463] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.838484] kasan_report+0x141/0x180 [ 11.838507] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.838530] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.838552] __kasan_check_byte+0x3d/0x50 [ 11.838574] kmem_cache_destroy+0x25/0x1d0 [ 11.838599] kmem_cache_double_destroy+0x1bf/0x380 [ 11.838620] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 11.838641] ? finish_task_switch.isra.0+0x153/0x700 [ 11.838678] ? __switch_to+0x47/0xf50 [ 11.838706] ? __pfx_read_tsc+0x10/0x10 [ 11.838729] ? ktime_get_ts64+0x86/0x230 [ 11.838753] kunit_try_run_case+0x1a5/0x480 [ 11.838777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.838796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.838822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.838847] ? __kthread_parkme+0x82/0x180 [ 11.838868] ? preempt_count_sub+0x50/0x80 [ 11.838893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.838913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.838937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.838961] kthread+0x337/0x6f0 [ 11.838980] ? trace_preempt_on+0x20/0xc0 [ 11.839005] ? __pfx_kthread+0x10/0x10 [ 11.839024] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.839047] ? calculate_sigpending+0x7b/0xa0 [ 11.839071] ? __pfx_kthread+0x10/0x10 [ 11.839093] ret_from_fork+0x116/0x1d0 [ 11.839122] ? __pfx_kthread+0x10/0x10 [ 11.839142] ret_from_fork_asm+0x1a/0x30 [ 11.839172] </TASK> [ 11.839183] [ 11.854268] Allocated by task 233: [ 11.854688] kasan_save_stack+0x45/0x70 [ 11.854903] kasan_save_track+0x18/0x40 [ 11.855067] kasan_save_alloc_info+0x3b/0x50 [ 11.855460] __kasan_slab_alloc+0x91/0xa0 [ 11.855858] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.856415] __kmem_cache_create_args+0x169/0x240 [ 11.856836] kmem_cache_double_destroy+0xd5/0x380 [ 11.857348] kunit_try_run_case+0x1a5/0x480 [ 11.857745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.858036] kthread+0x337/0x6f0 [ 11.858356] ret_from_fork+0x116/0x1d0 [ 11.858724] ret_from_fork_asm+0x1a/0x30 [ 11.858871] [ 11.858939] Freed by task 233: [ 11.859143] kasan_save_stack+0x45/0x70 [ 11.859534] kasan_save_track+0x18/0x40 [ 11.859986] kasan_save_free_info+0x3f/0x60 [ 11.860496] __kasan_slab_free+0x56/0x70 [ 11.860713] kmem_cache_free+0x249/0x420 [ 11.861182] slab_kmem_cache_release+0x2e/0x40 [ 11.861506] kmem_cache_release+0x16/0x20 [ 11.861742] kobject_put+0x181/0x450 [ 11.862133] sysfs_slab_release+0x16/0x20 [ 11.862465] kmem_cache_destroy+0xf0/0x1d0 [ 11.862607] kmem_cache_double_destroy+0x14e/0x380 [ 11.863151] kunit_try_run_case+0x1a5/0x480 [ 11.863598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.863796] kthread+0x337/0x6f0 [ 11.864180] ret_from_fork+0x116/0x1d0 [ 11.864612] ret_from_fork_asm+0x1a/0x30 [ 11.864984] [ 11.865099] The buggy address belongs to the object at ffff8881017ca3c0 [ 11.865099] which belongs to the cache kmem_cache of size 208 [ 11.865454] The buggy address is located 0 bytes inside of [ 11.865454] freed 208-byte region [ffff8881017ca3c0, ffff8881017ca490) [ 11.865963] [ 11.866057] The buggy address belongs to the physical page: [ 11.866612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1017ca [ 11.867440] flags: 0x200000000000000(node=0|zone=2) [ 11.867900] page_type: f5(slab) [ 11.868034] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 11.868788] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 11.869028] page dumped because: kasan: bad access detected [ 11.869559] [ 11.869720] Memory state around the buggy address: [ 11.870184] ffff8881017ca280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.870409] ffff8881017ca300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 11.870617] >ffff8881017ca380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 11.870840] ^ [ 11.871170] ffff8881017ca400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.871424] ffff8881017ca480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.871774] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf: Failure
Automatically assigned
[ 11.777347] ================================================================== [ 11.778146] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.778475] Read of size 1 at addr ffff88810397b000 by task kunit_try_catch/231 [ 11.778982] [ 11.779138] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.779185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.779197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.779220] Call Trace: [ 11.779232] <TASK> [ 11.779250] dump_stack_lvl+0x73/0xb0 [ 11.779524] print_report+0xd1/0x650 [ 11.779551] ? __virt_addr_valid+0x1db/0x2d0 [ 11.779577] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.779600] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.779624] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.779663] kasan_report+0x141/0x180 [ 11.779685] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.779713] __asan_report_load1_noabort+0x18/0x20 [ 11.779734] kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.779758] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 11.779780] ? finish_task_switch.isra.0+0x153/0x700 [ 11.779803] ? __switch_to+0x47/0xf50 [ 11.779833] ? __pfx_read_tsc+0x10/0x10 [ 11.779854] ? ktime_get_ts64+0x86/0x230 [ 11.779880] kunit_try_run_case+0x1a5/0x480 [ 11.779908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.779927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.779954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.779979] ? __kthread_parkme+0x82/0x180 [ 11.779999] ? preempt_count_sub+0x50/0x80 [ 11.780021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.780042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.780066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.780090] kthread+0x337/0x6f0 [ 11.780109] ? trace_preempt_on+0x20/0xc0 [ 11.780133] ? __pfx_kthread+0x10/0x10 [ 11.780154] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.780175] ? calculate_sigpending+0x7b/0xa0 [ 11.780199] ? __pfx_kthread+0x10/0x10 [ 11.780221] ret_from_fork+0x116/0x1d0 [ 11.780239] ? __pfx_kthread+0x10/0x10 [ 11.780259] ret_from_fork_asm+0x1a/0x30 [ 11.780290] </TASK> [ 11.780300] [ 11.788959] Allocated by task 231: [ 11.789207] kasan_save_stack+0x45/0x70 [ 11.789478] kasan_save_track+0x18/0x40 [ 11.789800] kasan_save_alloc_info+0x3b/0x50 [ 11.790070] __kasan_slab_alloc+0x91/0xa0 [ 11.790343] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.790556] kmem_cache_rcu_uaf+0x155/0x510 [ 11.790766] kunit_try_run_case+0x1a5/0x480 [ 11.791170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.791450] kthread+0x337/0x6f0 [ 11.791724] ret_from_fork+0x116/0x1d0 [ 11.791929] ret_from_fork_asm+0x1a/0x30 [ 11.792337] [ 11.792432] Freed by task 0: [ 11.792586] kasan_save_stack+0x45/0x70 [ 11.792768] kasan_save_track+0x18/0x40 [ 11.793044] kasan_save_free_info+0x3f/0x60 [ 11.793374] __kasan_slab_free+0x56/0x70 [ 11.793634] slab_free_after_rcu_debug+0xe4/0x310 [ 11.793815] rcu_core+0x66f/0x1c40 [ 11.794222] rcu_core_si+0x12/0x20 [ 11.794468] handle_softirqs+0x209/0x730 [ 11.794640] __irq_exit_rcu+0xc9/0x110 [ 11.794863] irq_exit_rcu+0x12/0x20 [ 11.795260] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.795496] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.795746] [ 11.795911] Last potentially related work creation: [ 11.796295] kasan_save_stack+0x45/0x70 [ 11.796514] kasan_record_aux_stack+0xb2/0xc0 [ 11.796769] kmem_cache_free+0x131/0x420 [ 11.796955] kmem_cache_rcu_uaf+0x194/0x510 [ 11.797337] kunit_try_run_case+0x1a5/0x480 [ 11.797573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.797876] kthread+0x337/0x6f0 [ 11.798188] ret_from_fork+0x116/0x1d0 [ 11.798460] ret_from_fork_asm+0x1a/0x30 [ 11.798708] [ 11.798790] The buggy address belongs to the object at ffff88810397b000 [ 11.798790] which belongs to the cache test_cache of size 200 [ 11.799443] The buggy address is located 0 bytes inside of [ 11.799443] freed 200-byte region [ffff88810397b000, ffff88810397b0c8) [ 11.800402] [ 11.800507] The buggy address belongs to the physical page: [ 11.800717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10397b [ 11.801194] flags: 0x200000000000000(node=0|zone=2) [ 11.801407] page_type: f5(slab) [ 11.801585] raw: 0200000000000000 ffff88810189ca00 dead000000000122 0000000000000000 [ 11.802072] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.802467] page dumped because: kasan: bad access detected [ 11.802856] [ 11.803007] Memory state around the buggy address: [ 11.803341] ffff88810397af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.803670] ffff88810397af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.804125] >ffff88810397b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.804457] ^ [ 11.804628] ffff88810397b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.804989] ffff88810397b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.805328] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
Automatically assigned
[ 11.712552] ================================================================== [ 11.714044] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 11.714806] Free of addr ffff888102a93001 by task kunit_try_catch/229 [ 11.715830] [ 11.716149] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.716200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.716212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.716235] Call Trace: [ 11.716248] <TASK> [ 11.716265] dump_stack_lvl+0x73/0xb0 [ 11.716293] print_report+0xd1/0x650 [ 11.716316] ? __virt_addr_valid+0x1db/0x2d0 [ 11.716341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.716363] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.716399] kasan_report_invalid_free+0x10a/0x130 [ 11.716423] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.716479] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.716500] check_slab_allocation+0x11f/0x130 [ 11.716521] __kasan_slab_pre_free+0x28/0x40 [ 11.716542] kmem_cache_free+0xed/0x420 [ 11.716562] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.716582] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.716605] kmem_cache_invalid_free+0x1d8/0x460 [ 11.716626] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 11.716645] ? finish_task_switch.isra.0+0x153/0x700 [ 11.716667] ? __switch_to+0x47/0xf50 [ 11.716696] ? __pfx_read_tsc+0x10/0x10 [ 11.716727] ? ktime_get_ts64+0x86/0x230 [ 11.716752] kunit_try_run_case+0x1a5/0x480 [ 11.716773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.716792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.716817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.716842] ? __kthread_parkme+0x82/0x180 [ 11.716862] ? preempt_count_sub+0x50/0x80 [ 11.716884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.716904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.716927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.716951] kthread+0x337/0x6f0 [ 11.716970] ? trace_preempt_on+0x20/0xc0 [ 11.716992] ? __pfx_kthread+0x10/0x10 [ 11.717079] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.717103] ? calculate_sigpending+0x7b/0xa0 [ 11.717127] ? __pfx_kthread+0x10/0x10 [ 11.717149] ret_from_fork+0x116/0x1d0 [ 11.717167] ? __pfx_kthread+0x10/0x10 [ 11.717188] ret_from_fork_asm+0x1a/0x30 [ 11.717218] </TASK> [ 11.717229] [ 11.730631] Allocated by task 229: [ 11.730922] kasan_save_stack+0x45/0x70 [ 11.731309] kasan_save_track+0x18/0x40 [ 11.731615] kasan_save_alloc_info+0x3b/0x50 [ 11.731768] __kasan_slab_alloc+0x91/0xa0 [ 11.731904] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.732053] kmem_cache_invalid_free+0x157/0x460 [ 11.732652] kunit_try_run_case+0x1a5/0x480 [ 11.732875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.733278] kthread+0x337/0x6f0 [ 11.733425] ret_from_fork+0x116/0x1d0 [ 11.733579] ret_from_fork_asm+0x1a/0x30 [ 11.733854] [ 11.733994] The buggy address belongs to the object at ffff888102a93000 [ 11.733994] which belongs to the cache test_cache of size 200 [ 11.734618] The buggy address is located 1 bytes inside of [ 11.734618] 200-byte region [ffff888102a93000, ffff888102a930c8) [ 11.735250] [ 11.735421] The buggy address belongs to the physical page: [ 11.735704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a93 [ 11.736210] flags: 0x200000000000000(node=0|zone=2) [ 11.736497] page_type: f5(slab) [ 11.736688] raw: 0200000000000000 ffff8881017ca280 dead000000000122 0000000000000000 [ 11.737200] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.737542] page dumped because: kasan: bad access detected [ 11.737833] [ 11.737928] Memory state around the buggy address: [ 11.738233] ffff888102a92f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.738610] ffff888102a92f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.738912] >ffff888102a93000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.739339] ^ [ 11.739573] ffff888102a93080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.740066] ffff888102a93100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.740315] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
Automatically assigned
[ 11.673471] ================================================================== [ 11.674513] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 11.674794] Free of addr ffff888103979000 by task kunit_try_catch/227 [ 11.675537] [ 11.675800] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.675848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.675860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.675881] Call Trace: [ 11.675893] <TASK> [ 11.675909] dump_stack_lvl+0x73/0xb0 [ 11.675937] print_report+0xd1/0x650 [ 11.675961] ? __virt_addr_valid+0x1db/0x2d0 [ 11.675985] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.676098] ? kmem_cache_double_free+0x1e5/0x480 [ 11.676125] kasan_report_invalid_free+0x10a/0x130 [ 11.676150] ? kmem_cache_double_free+0x1e5/0x480 [ 11.676172] ? kmem_cache_double_free+0x1e5/0x480 [ 11.676192] check_slab_allocation+0x101/0x130 [ 11.676214] __kasan_slab_pre_free+0x28/0x40 [ 11.676234] kmem_cache_free+0xed/0x420 [ 11.676254] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.676275] ? kmem_cache_double_free+0x1e5/0x480 [ 11.676298] kmem_cache_double_free+0x1e5/0x480 [ 11.676318] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 11.676338] ? finish_task_switch.isra.0+0x153/0x700 [ 11.676359] ? __switch_to+0x47/0xf50 [ 11.676400] ? __pfx_read_tsc+0x10/0x10 [ 11.676420] ? ktime_get_ts64+0x86/0x230 [ 11.676445] kunit_try_run_case+0x1a5/0x480 [ 11.676466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.676485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.676509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.676534] ? __kthread_parkme+0x82/0x180 [ 11.676553] ? preempt_count_sub+0x50/0x80 [ 11.676575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.676595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.676619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.676642] kthread+0x337/0x6f0 [ 11.676661] ? trace_preempt_on+0x20/0xc0 [ 11.676684] ? __pfx_kthread+0x10/0x10 [ 11.676704] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.676735] ? calculate_sigpending+0x7b/0xa0 [ 11.676759] ? __pfx_kthread+0x10/0x10 [ 11.676779] ret_from_fork+0x116/0x1d0 [ 11.676797] ? __pfx_kthread+0x10/0x10 [ 11.676817] ret_from_fork_asm+0x1a/0x30 [ 11.676847] </TASK> [ 11.676858] [ 11.688912] Allocated by task 227: [ 11.689138] kasan_save_stack+0x45/0x70 [ 11.689351] kasan_save_track+0x18/0x40 [ 11.689561] kasan_save_alloc_info+0x3b/0x50 [ 11.689784] __kasan_slab_alloc+0x91/0xa0 [ 11.690263] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.690527] kmem_cache_double_free+0x14f/0x480 [ 11.690763] kunit_try_run_case+0x1a5/0x480 [ 11.690960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.691373] kthread+0x337/0x6f0 [ 11.691821] ret_from_fork+0x116/0x1d0 [ 11.691966] ret_from_fork_asm+0x1a/0x30 [ 11.692107] [ 11.692177] Freed by task 227: [ 11.692334] kasan_save_stack+0x45/0x70 [ 11.692646] kasan_save_track+0x18/0x40 [ 11.693149] kasan_save_free_info+0x3f/0x60 [ 11.693362] __kasan_slab_free+0x56/0x70 [ 11.693568] kmem_cache_free+0x249/0x420 [ 11.694423] kmem_cache_double_free+0x16a/0x480 [ 11.694736] kunit_try_run_case+0x1a5/0x480 [ 11.694891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.695073] kthread+0x337/0x6f0 [ 11.695198] ret_from_fork+0x116/0x1d0 [ 11.695333] ret_from_fork_asm+0x1a/0x30 [ 11.695662] [ 11.695862] The buggy address belongs to the object at ffff888103979000 [ 11.695862] which belongs to the cache test_cache of size 200 [ 11.696958] The buggy address is located 0 bytes inside of [ 11.696958] 200-byte region [ffff888103979000, ffff8881039790c8) [ 11.698172] [ 11.698320] The buggy address belongs to the physical page: [ 11.698959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103979 [ 11.699477] flags: 0x200000000000000(node=0|zone=2) [ 11.699649] page_type: f5(slab) [ 11.699862] raw: 0200000000000000 ffff88810189c8c0 dead000000000122 0000000000000000 [ 11.700627] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.701406] page dumped because: kasan: bad access detected [ 11.701991] [ 11.702071] Memory state around the buggy address: [ 11.702411] ffff888103978f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.703217] ffff888103978f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.703670] >ffff888103979000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.704401] ^ [ 11.704695] ffff888103979080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.705284] ffff888103979100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.705708] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
Automatically assigned
[ 11.623130] ================================================================== [ 11.623937] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.624170] Read of size 1 at addr ffff88810282f0c8 by task kunit_try_catch/225 [ 11.624406] [ 11.624499] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.624544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.624556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.624579] Call Trace: [ 11.624592] <TASK> [ 11.624609] dump_stack_lvl+0x73/0xb0 [ 11.624635] print_report+0xd1/0x650 [ 11.624657] ? __virt_addr_valid+0x1db/0x2d0 [ 11.624679] ? kmem_cache_oob+0x402/0x530 [ 11.624697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.624718] ? kmem_cache_oob+0x402/0x530 [ 11.624736] kasan_report+0x141/0x180 [ 11.624759] ? kmem_cache_oob+0x402/0x530 [ 11.624782] __asan_report_load1_noabort+0x18/0x20 [ 11.624802] kmem_cache_oob+0x402/0x530 [ 11.624819] ? trace_hardirqs_on+0x37/0xe0 [ 11.624842] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.624860] ? finish_task_switch.isra.0+0x153/0x700 [ 11.624881] ? __switch_to+0x47/0xf50 [ 11.624910] ? __pfx_read_tsc+0x10/0x10 [ 11.624929] ? ktime_get_ts64+0x86/0x230 [ 11.624953] kunit_try_run_case+0x1a5/0x480 [ 11.624974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.624993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.625017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.625040] ? __kthread_parkme+0x82/0x180 [ 11.625060] ? preempt_count_sub+0x50/0x80 [ 11.625082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.625101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.625124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.625147] kthread+0x337/0x6f0 [ 11.625166] ? trace_preempt_on+0x20/0xc0 [ 11.625187] ? __pfx_kthread+0x10/0x10 [ 11.625206] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.625228] ? calculate_sigpending+0x7b/0xa0 [ 11.625251] ? __pfx_kthread+0x10/0x10 [ 11.625271] ret_from_fork+0x116/0x1d0 [ 11.625288] ? __pfx_kthread+0x10/0x10 [ 11.625308] ret_from_fork_asm+0x1a/0x30 [ 11.625338] </TASK> [ 11.625348] [ 11.641216] Allocated by task 225: [ 11.641570] kasan_save_stack+0x45/0x70 [ 11.642117] kasan_save_track+0x18/0x40 [ 11.642499] kasan_save_alloc_info+0x3b/0x50 [ 11.642651] __kasan_slab_alloc+0x91/0xa0 [ 11.642980] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.643498] kmem_cache_oob+0x157/0x530 [ 11.643896] kunit_try_run_case+0x1a5/0x480 [ 11.644305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.644611] kthread+0x337/0x6f0 [ 11.644755] ret_from_fork+0x116/0x1d0 [ 11.645200] ret_from_fork_asm+0x1a/0x30 [ 11.645602] [ 11.645765] The buggy address belongs to the object at ffff88810282f000 [ 11.645765] which belongs to the cache test_cache of size 200 [ 11.646805] The buggy address is located 0 bytes to the right of [ 11.646805] allocated 200-byte region [ffff88810282f000, ffff88810282f0c8) [ 11.647692] [ 11.647972] The buggy address belongs to the physical page: [ 11.648492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10282f [ 11.648763] flags: 0x200000000000000(node=0|zone=2) [ 11.649319] page_type: f5(slab) [ 11.649657] raw: 0200000000000000 ffff88810189c780 dead000000000122 0000000000000000 [ 11.650475] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.650909] page dumped because: kasan: bad access detected [ 11.651317] [ 11.651490] Memory state around the buggy address: [ 11.652003] ffff88810282ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.652523] ffff88810282f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.652799] >ffff88810282f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.653546] ^ [ 11.654167] ffff88810282f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.654840] ffff88810282f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.655163] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
Automatically assigned
[ 11.581937] ================================================================== [ 11.582977] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.583643] Read of size 8 at addr ffff888102824d40 by task kunit_try_catch/218 [ 11.584104] [ 11.584225] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.584271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.584283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.584304] Call Trace: [ 11.584316] <TASK> [ 11.584333] dump_stack_lvl+0x73/0xb0 [ 11.584362] print_report+0xd1/0x650 [ 11.584398] ? __virt_addr_valid+0x1db/0x2d0 [ 11.584420] ? workqueue_uaf+0x4d6/0x560 [ 11.584441] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.584463] ? workqueue_uaf+0x4d6/0x560 [ 11.584484] kasan_report+0x141/0x180 [ 11.584807] ? workqueue_uaf+0x4d6/0x560 [ 11.584836] __asan_report_load8_noabort+0x18/0x20 [ 11.584857] workqueue_uaf+0x4d6/0x560 [ 11.584879] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.584901] ? __schedule+0x10cc/0x2b60 [ 11.584926] ? __pfx_read_tsc+0x10/0x10 [ 11.584946] ? ktime_get_ts64+0x86/0x230 [ 11.584971] kunit_try_run_case+0x1a5/0x480 [ 11.584992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.585083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.585108] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.585133] ? __kthread_parkme+0x82/0x180 [ 11.585153] ? preempt_count_sub+0x50/0x80 [ 11.585176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.585196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.585220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.585243] kthread+0x337/0x6f0 [ 11.585262] ? trace_preempt_on+0x20/0xc0 [ 11.585285] ? __pfx_kthread+0x10/0x10 [ 11.585305] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.585327] ? calculate_sigpending+0x7b/0xa0 [ 11.585352] ? __pfx_kthread+0x10/0x10 [ 11.585373] ret_from_fork+0x116/0x1d0 [ 11.585403] ? __pfx_kthread+0x10/0x10 [ 11.585423] ret_from_fork_asm+0x1a/0x30 [ 11.585453] </TASK> [ 11.585464] [ 11.595878] Allocated by task 218: [ 11.596431] kasan_save_stack+0x45/0x70 [ 11.596623] kasan_save_track+0x18/0x40 [ 11.596854] kasan_save_alloc_info+0x3b/0x50 [ 11.597427] __kasan_kmalloc+0xb7/0xc0 [ 11.597749] __kmalloc_cache_noprof+0x189/0x420 [ 11.597986] workqueue_uaf+0x152/0x560 [ 11.598438] kunit_try_run_case+0x1a5/0x480 [ 11.598627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.599095] kthread+0x337/0x6f0 [ 11.599365] ret_from_fork+0x116/0x1d0 [ 11.599677] ret_from_fork_asm+0x1a/0x30 [ 11.600051] [ 11.600238] Freed by task 9: [ 11.600364] kasan_save_stack+0x45/0x70 [ 11.600584] kasan_save_track+0x18/0x40 [ 11.601267] kasan_save_free_info+0x3f/0x60 [ 11.601488] __kasan_slab_free+0x56/0x70 [ 11.601805] kfree+0x222/0x3f0 [ 11.602114] workqueue_uaf_work+0x12/0x20 [ 11.602303] process_one_work+0x5ee/0xf60 [ 11.602677] worker_thread+0x758/0x1220 [ 11.603041] kthread+0x337/0x6f0 [ 11.603286] ret_from_fork+0x116/0x1d0 [ 11.603601] ret_from_fork_asm+0x1a/0x30 [ 11.604012] [ 11.604138] Last potentially related work creation: [ 11.604368] kasan_save_stack+0x45/0x70 [ 11.604657] kasan_record_aux_stack+0xb2/0xc0 [ 11.605246] __queue_work+0x626/0xeb0 [ 11.605466] queue_work_on+0xb6/0xc0 [ 11.605646] workqueue_uaf+0x26d/0x560 [ 11.605935] kunit_try_run_case+0x1a5/0x480 [ 11.606194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.606623] kthread+0x337/0x6f0 [ 11.606804] ret_from_fork+0x116/0x1d0 [ 11.607216] ret_from_fork_asm+0x1a/0x30 [ 11.607437] [ 11.607522] The buggy address belongs to the object at ffff888102824d40 [ 11.607522] which belongs to the cache kmalloc-32 of size 32 [ 11.608406] The buggy address is located 0 bytes inside of [ 11.608406] freed 32-byte region [ffff888102824d40, ffff888102824d60) [ 11.608983] [ 11.609071] The buggy address belongs to the physical page: [ 11.609536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102824 [ 11.609947] flags: 0x200000000000000(node=0|zone=2) [ 11.610234] page_type: f5(slab) [ 11.610392] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.610729] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.611019] page dumped because: kasan: bad access detected [ 11.611271] [ 11.611421] Memory state around the buggy address: [ 11.611612] ffff888102824c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.612057] ffff888102824c80: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 11.612533] >ffff888102824d00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.613286] ^ [ 11.613561] ffff888102824d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.614126] ffff888102824e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.614517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
Automatically assigned
[ 11.542118] ================================================================== [ 11.542532] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.543134] Read of size 4 at addr ffff888102824c40 by task swapper/0/0 [ 11.544064] [ 11.544478] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 11.544528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.544541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.544686] Call Trace: [ 11.544717] <IRQ> [ 11.544735] dump_stack_lvl+0x73/0xb0 [ 11.544765] print_report+0xd1/0x650 [ 11.544788] ? __virt_addr_valid+0x1db/0x2d0 [ 11.544811] ? rcu_uaf_reclaim+0x50/0x60 [ 11.544831] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.544853] ? rcu_uaf_reclaim+0x50/0x60 [ 11.544874] kasan_report+0x141/0x180 [ 11.544895] ? rcu_uaf_reclaim+0x50/0x60 [ 11.544920] __asan_report_load4_noabort+0x18/0x20 [ 11.544941] rcu_uaf_reclaim+0x50/0x60 [ 11.544961] rcu_core+0x66f/0x1c40 [ 11.544990] ? __pfx_rcu_core+0x10/0x10 [ 11.545032] ? ktime_get+0x6b/0x150 [ 11.545053] ? handle_softirqs+0x18e/0x730 [ 11.545078] rcu_core_si+0x12/0x20 [ 11.545098] handle_softirqs+0x209/0x730 [ 11.545117] ? hrtimer_interrupt+0x2fe/0x780 [ 11.545139] ? __pfx_handle_softirqs+0x10/0x10 [ 11.545164] __irq_exit_rcu+0xc9/0x110 [ 11.545184] irq_exit_rcu+0x12/0x20 [ 11.545203] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.545229] </IRQ> [ 11.545254] <TASK> [ 11.545264] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.545351] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.545580] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 63 c8 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.545667] RSP: 0000:ffffffffa8407dd8 EFLAGS: 00010212 [ 11.545766] RAX: ffff8881ab05b000 RBX: ffffffffa841cac0 RCX: ffffffffa72af245 [ 11.545811] RDX: ffffed102a90618b RSI: 0000000000000004 RDI: 0000000000011efc [ 11.545857] RBP: ffffffffa8407de0 R08: 0000000000000001 R09: ffffed102a90618a [ 11.545899] R10: ffff888154830c53 R11: 000000000000d000 R12: 0000000000000000 [ 11.545944] R13: fffffbfff5083958 R14: ffffffffa8fc2f90 R15: 0000000000000000 [ 11.546086] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.546154] ? default_idle+0xd/0x20 [ 11.546175] arch_cpu_idle+0xd/0x20 [ 11.546194] default_idle_call+0x48/0x80 [ 11.546214] do_idle+0x379/0x4f0 [ 11.546236] ? __pfx_do_idle+0x10/0x10 [ 11.546254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.546278] ? trace_preempt_on+0x20/0xc0 [ 11.546299] ? schedule+0x86/0x2e0 [ 11.546320] ? preempt_count_sub+0x50/0x80 [ 11.546343] cpu_startup_entry+0x5c/0x70 [ 11.546363] rest_init+0x11a/0x140 [ 11.546394] ? acpi_subsystem_init+0x5d/0x150 [ 11.546419] start_kernel+0x330/0x410 [ 11.546441] x86_64_start_reservations+0x1c/0x30 [ 11.546462] x86_64_start_kernel+0x10d/0x120 [ 11.546483] common_startup_64+0x13e/0x148 [ 11.546515] </TASK> [ 11.546525] [ 11.558854] Allocated by task 216: [ 11.559032] kasan_save_stack+0x45/0x70 [ 11.559302] kasan_save_track+0x18/0x40 [ 11.559501] kasan_save_alloc_info+0x3b/0x50 [ 11.559704] __kasan_kmalloc+0xb7/0xc0 [ 11.559911] __kmalloc_cache_noprof+0x189/0x420 [ 11.560267] rcu_uaf+0xb0/0x330 [ 11.560466] kunit_try_run_case+0x1a5/0x480 [ 11.560641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.560969] kthread+0x337/0x6f0 [ 11.561213] ret_from_fork+0x116/0x1d0 [ 11.561356] ret_from_fork_asm+0x1a/0x30 [ 11.561510] [ 11.561581] Freed by task 0: [ 11.561689] kasan_save_stack+0x45/0x70 [ 11.561883] kasan_save_track+0x18/0x40 [ 11.562080] kasan_save_free_info+0x3f/0x60 [ 11.562437] __kasan_slab_free+0x56/0x70 [ 11.562646] kfree+0x222/0x3f0 [ 11.562935] rcu_uaf_reclaim+0x1f/0x60 [ 11.563325] rcu_core+0x66f/0x1c40 [ 11.563528] rcu_core_si+0x12/0x20 [ 11.563694] handle_softirqs+0x209/0x730 [ 11.563908] __irq_exit_rcu+0xc9/0x110 [ 11.564045] irq_exit_rcu+0x12/0x20 [ 11.564173] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.564338] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.564780] [ 11.564906] Last potentially related work creation: [ 11.565229] kasan_save_stack+0x45/0x70 [ 11.565459] kasan_record_aux_stack+0xb2/0xc0 [ 11.565612] __call_rcu_common.constprop.0+0x72/0x9d0 [ 11.565783] call_rcu+0x12/0x20 [ 11.566062] rcu_uaf+0x168/0x330 [ 11.566245] kunit_try_run_case+0x1a5/0x480 [ 11.566461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.566715] kthread+0x337/0x6f0 [ 11.566872] ret_from_fork+0x116/0x1d0 [ 11.567171] ret_from_fork_asm+0x1a/0x30 [ 11.567334] [ 11.567444] The buggy address belongs to the object at ffff888102824c40 [ 11.567444] which belongs to the cache kmalloc-32 of size 32 [ 11.567978] The buggy address is located 0 bytes inside of [ 11.567978] freed 32-byte region [ffff888102824c40, ffff888102824c60) [ 11.568549] [ 11.568630] The buggy address belongs to the physical page: [ 11.568909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102824 [ 11.569368] flags: 0x200000000000000(node=0|zone=2) [ 11.570672] page_type: f5(slab) [ 11.570887] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.571760] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.572067] page dumped because: kasan: bad access detected [ 11.572473] [ 11.572729] Memory state around the buggy address: [ 11.573024] ffff888102824b00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.573330] ffff888102824b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.573602] >ffff888102824c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.574310] ^ [ 11.574525] ffff888102824c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.575284] ffff888102824d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.575600] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf: Failure
Automatically assigned
[ 10.572610] ================================================================== [ 10.573586] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.573900] Read of size 1 at addr ffff888103940000 by task kunit_try_catch/172 [ 10.574367] [ 10.574498] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.574566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.574578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.574615] Call Trace: [ 10.574629] <TASK> [ 10.574645] dump_stack_lvl+0x73/0xb0 [ 10.574689] print_report+0xd1/0x650 [ 10.574712] ? __virt_addr_valid+0x1db/0x2d0 [ 10.574735] ? page_alloc_uaf+0x356/0x3d0 [ 10.574757] ? kasan_addr_to_slab+0x11/0xa0 [ 10.574778] ? page_alloc_uaf+0x356/0x3d0 [ 10.574801] kasan_report+0x141/0x180 [ 10.574823] ? page_alloc_uaf+0x356/0x3d0 [ 10.574849] __asan_report_load1_noabort+0x18/0x20 [ 10.574870] page_alloc_uaf+0x356/0x3d0 [ 10.574892] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.574915] ? __schedule+0x10cc/0x2b60 [ 10.574938] ? __pfx_read_tsc+0x10/0x10 [ 10.574959] ? ktime_get_ts64+0x86/0x230 [ 10.574984] kunit_try_run_case+0x1a5/0x480 [ 10.575085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.575108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.575133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.575157] ? __kthread_parkme+0x82/0x180 [ 10.575177] ? preempt_count_sub+0x50/0x80 [ 10.575200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.575221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.575244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.575268] kthread+0x337/0x6f0 [ 10.575287] ? trace_preempt_on+0x20/0xc0 [ 10.575310] ? __pfx_kthread+0x10/0x10 [ 10.575330] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.575352] ? calculate_sigpending+0x7b/0xa0 [ 10.575386] ? __pfx_kthread+0x10/0x10 [ 10.575407] ret_from_fork+0x116/0x1d0 [ 10.575425] ? __pfx_kthread+0x10/0x10 [ 10.575445] ret_from_fork_asm+0x1a/0x30 [ 10.575475] </TASK> [ 10.575485] [ 10.583469] The buggy address belongs to the physical page: [ 10.583751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103940 [ 10.584408] flags: 0x200000000000000(node=0|zone=2) [ 10.584840] page_type: f0(buddy) [ 10.585293] raw: 0200000000000000 ffff88817fffd4f0 ffff88817fffd4f0 0000000000000000 [ 10.586372] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 10.586730] page dumped because: kasan: bad access detected [ 10.587264] [ 10.587370] Memory state around the buggy address: [ 10.587776] ffff88810393ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.588208] ffff88810393ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.588597] >ffff888103940000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.589283] ^ [ 10.589516] ffff888103940080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.589783] ffff888103940100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.590484] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
Automatically assigned
[ 10.542527] ================================================================== [ 10.543010] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.543589] Free of addr ffff888102a04001 by task kunit_try_catch/168 [ 10.544418] [ 10.544534] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.544791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.544821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.544845] Call Trace: [ 10.544857] <TASK> [ 10.544872] dump_stack_lvl+0x73/0xb0 [ 10.544899] print_report+0xd1/0x650 [ 10.544922] ? __virt_addr_valid+0x1db/0x2d0 [ 10.544944] ? kasan_addr_to_slab+0x11/0xa0 [ 10.544964] ? kfree+0x274/0x3f0 [ 10.544982] kasan_report_invalid_free+0x10a/0x130 [ 10.545297] ? kfree+0x274/0x3f0 [ 10.545322] ? kfree+0x274/0x3f0 [ 10.545339] __kasan_kfree_large+0x86/0xd0 [ 10.545361] free_large_kmalloc+0x4b/0x110 [ 10.545397] kfree+0x274/0x3f0 [ 10.545419] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.545441] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.545464] ? __schedule+0x10cc/0x2b60 [ 10.545487] ? __pfx_read_tsc+0x10/0x10 [ 10.545507] ? ktime_get_ts64+0x86/0x230 [ 10.545530] kunit_try_run_case+0x1a5/0x480 [ 10.545550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.545569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.545592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.545616] ? __kthread_parkme+0x82/0x180 [ 10.545636] ? preempt_count_sub+0x50/0x80 [ 10.545659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.545679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.545702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.545734] kthread+0x337/0x6f0 [ 10.545752] ? trace_preempt_on+0x20/0xc0 [ 10.545774] ? __pfx_kthread+0x10/0x10 [ 10.545794] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.545816] ? calculate_sigpending+0x7b/0xa0 [ 10.545840] ? __pfx_kthread+0x10/0x10 [ 10.545860] ret_from_fork+0x116/0x1d0 [ 10.545879] ? __pfx_kthread+0x10/0x10 [ 10.545898] ret_from_fork_asm+0x1a/0x30 [ 10.545927] </TASK> [ 10.545937] [ 10.557857] The buggy address belongs to the physical page: [ 10.558275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 10.558610] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.559293] flags: 0x200000000000040(head|node=0|zone=2) [ 10.559571] page_type: f8(unknown) [ 10.559895] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.560542] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.561004] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.561556] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.561993] head: 0200000000000002 ffffea00040a8101 00000000ffffffff 00000000ffffffff [ 10.562569] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.563192] page dumped because: kasan: bad access detected [ 10.563452] [ 10.563871] Memory state around the buggy address: [ 10.564132] ffff888102a03f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.564736] ffff888102a03f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.565224] >ffff888102a04000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.565562] ^ [ 10.565939] ffff888102a04080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.566568] ffff888102a04100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.567057] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf: Failure
Automatically assigned
[ 10.518637] ================================================================== [ 10.519359] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.520053] Read of size 1 at addr ffff888102a04000 by task kunit_try_catch/166 [ 10.520867] [ 10.521053] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.521099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.521111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.521134] Call Trace: [ 10.521145] <TASK> [ 10.521160] dump_stack_lvl+0x73/0xb0 [ 10.521207] print_report+0xd1/0x650 [ 10.521230] ? __virt_addr_valid+0x1db/0x2d0 [ 10.521253] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.521273] ? kasan_addr_to_slab+0x11/0xa0 [ 10.521294] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.521316] kasan_report+0x141/0x180 [ 10.521338] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.521364] __asan_report_load1_noabort+0x18/0x20 [ 10.521393] kmalloc_large_uaf+0x2f1/0x340 [ 10.521414] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.521436] ? __schedule+0x10cc/0x2b60 [ 10.521459] ? __pfx_read_tsc+0x10/0x10 [ 10.521480] ? ktime_get_ts64+0x86/0x230 [ 10.521504] kunit_try_run_case+0x1a5/0x480 [ 10.521525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.521544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.521568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.521592] ? __kthread_parkme+0x82/0x180 [ 10.521612] ? preempt_count_sub+0x50/0x80 [ 10.521635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.521655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.521678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.521720] kthread+0x337/0x6f0 [ 10.521740] ? trace_preempt_on+0x20/0xc0 [ 10.521763] ? __pfx_kthread+0x10/0x10 [ 10.521783] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.521805] ? calculate_sigpending+0x7b/0xa0 [ 10.521828] ? __pfx_kthread+0x10/0x10 [ 10.521849] ret_from_fork+0x116/0x1d0 [ 10.521867] ? __pfx_kthread+0x10/0x10 [ 10.521886] ret_from_fork_asm+0x1a/0x30 [ 10.521917] </TASK> [ 10.521926] [ 10.534561] The buggy address belongs to the physical page: [ 10.534756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04 [ 10.535001] flags: 0x200000000000000(node=0|zone=2) [ 10.535174] raw: 0200000000000000 ffffea00040a8208 ffff888154839f80 0000000000000000 [ 10.535417] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.535645] page dumped because: kasan: bad access detected [ 10.535817] [ 10.535885] Memory state around the buggy address: [ 10.536041] ffff888102a03f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.536256] ffff888102a03f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.536884] >ffff888102a04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.537603] ^ [ 10.537959] ffff888102a04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.538722] ffff888102a04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.539433] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
Automatically assigned
[ 10.482621] ================================================================== [ 10.484212] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.485679] Write of size 1 at addr ffff88810294a00a by task kunit_try_catch/164 [ 10.485931] [ 10.486023] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.486075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.486086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.486108] Call Trace: [ 10.486121] <TASK> [ 10.486136] dump_stack_lvl+0x73/0xb0 [ 10.486165] print_report+0xd1/0x650 [ 10.486188] ? __virt_addr_valid+0x1db/0x2d0 [ 10.486209] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.486231] ? kasan_addr_to_slab+0x11/0xa0 [ 10.486251] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.486274] kasan_report+0x141/0x180 [ 10.486297] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.486324] __asan_report_store1_noabort+0x1b/0x30 [ 10.486345] kmalloc_large_oob_right+0x2e9/0x330 [ 10.486367] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.486675] ? __schedule+0x10cc/0x2b60 [ 10.486944] ? __pfx_read_tsc+0x10/0x10 [ 10.486974] ? ktime_get_ts64+0x86/0x230 [ 10.487027] kunit_try_run_case+0x1a5/0x480 [ 10.487050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.487069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.487094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.487119] ? __kthread_parkme+0x82/0x180 [ 10.487139] ? preempt_count_sub+0x50/0x80 [ 10.487162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.487183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.487206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.487230] kthread+0x337/0x6f0 [ 10.487249] ? trace_preempt_on+0x20/0xc0 [ 10.487271] ? __pfx_kthread+0x10/0x10 [ 10.487292] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.487314] ? calculate_sigpending+0x7b/0xa0 [ 10.487337] ? __pfx_kthread+0x10/0x10 [ 10.487358] ret_from_fork+0x116/0x1d0 [ 10.487386] ? __pfx_kthread+0x10/0x10 [ 10.487407] ret_from_fork_asm+0x1a/0x30 [ 10.487437] </TASK> [ 10.487447] [ 10.504986] The buggy address belongs to the physical page: [ 10.505402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102948 [ 10.505656] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.506294] flags: 0x200000000000040(head|node=0|zone=2) [ 10.506925] page_type: f8(unknown) [ 10.507454] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.508351] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.508886] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.509548] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.510530] head: 0200000000000002 ffffea00040a5201 00000000ffffffff 00000000ffffffff [ 10.510794] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.511856] page dumped because: kasan: bad access detected [ 10.512509] [ 10.512589] Memory state around the buggy address: [ 10.512769] ffff888102949f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.513651] ffff888102949f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.514437] >ffff88810294a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.514866] ^ [ 10.514992] ffff88810294a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.515235] ffff88810294a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.515466] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right: Failure
Automatically assigned
[ 10.458862] ================================================================== [ 10.459516] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.459859] Write of size 1 at addr ffff888101d75f00 by task kunit_try_catch/162 [ 10.460494] [ 10.460616] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.460663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.460675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.460696] Call Trace: [ 10.460708] <TASK> [ 10.460723] dump_stack_lvl+0x73/0xb0 [ 10.460750] print_report+0xd1/0x650 [ 10.460773] ? __virt_addr_valid+0x1db/0x2d0 [ 10.460796] ? kmalloc_big_oob_right+0x316/0x370 [ 10.460817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.460839] ? kmalloc_big_oob_right+0x316/0x370 [ 10.460861] kasan_report+0x141/0x180 [ 10.460883] ? kmalloc_big_oob_right+0x316/0x370 [ 10.460909] __asan_report_store1_noabort+0x1b/0x30 [ 10.460929] kmalloc_big_oob_right+0x316/0x370 [ 10.460951] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.460974] ? __schedule+0x10cc/0x2b60 [ 10.460997] ? __pfx_read_tsc+0x10/0x10 [ 10.461032] ? ktime_get_ts64+0x86/0x230 [ 10.461057] kunit_try_run_case+0x1a5/0x480 [ 10.461079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.461097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.461122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.461145] ? __kthread_parkme+0x82/0x180 [ 10.461165] ? preempt_count_sub+0x50/0x80 [ 10.461188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.461209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.461232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.461264] kthread+0x337/0x6f0 [ 10.461282] ? trace_preempt_on+0x20/0xc0 [ 10.461305] ? __pfx_kthread+0x10/0x10 [ 10.461325] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.461347] ? calculate_sigpending+0x7b/0xa0 [ 10.461370] ? __pfx_kthread+0x10/0x10 [ 10.461399] ret_from_fork+0x116/0x1d0 [ 10.461417] ? __pfx_kthread+0x10/0x10 [ 10.461436] ret_from_fork_asm+0x1a/0x30 [ 10.461466] </TASK> [ 10.461476] [ 10.468361] Allocated by task 162: [ 10.468514] kasan_save_stack+0x45/0x70 [ 10.468721] kasan_save_track+0x18/0x40 [ 10.469039] kasan_save_alloc_info+0x3b/0x50 [ 10.469255] __kasan_kmalloc+0xb7/0xc0 [ 10.469477] __kmalloc_cache_noprof+0x189/0x420 [ 10.469708] kmalloc_big_oob_right+0xa9/0x370 [ 10.470240] kunit_try_run_case+0x1a5/0x480 [ 10.470474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.470696] kthread+0x337/0x6f0 [ 10.470854] ret_from_fork+0x116/0x1d0 [ 10.471021] ret_from_fork_asm+0x1a/0x30 [ 10.471161] [ 10.471231] The buggy address belongs to the object at ffff888101d74000 [ 10.471231] which belongs to the cache kmalloc-8k of size 8192 [ 10.471887] The buggy address is located 0 bytes to the right of [ 10.471887] allocated 7936-byte region [ffff888101d74000, ffff888101d75f00) [ 10.472400] [ 10.472499] The buggy address belongs to the physical page: [ 10.472782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d70 [ 10.473153] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.473464] flags: 0x200000000000040(head|node=0|zone=2) [ 10.473642] page_type: f5(slab) [ 10.473810] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.474176] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.474493] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.474897] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.475399] head: 0200000000000003 ffffea0004075c01 00000000ffffffff 00000000ffffffff [ 10.475698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.475968] page dumped because: kasan: bad access detected [ 10.476416] [ 10.476516] Memory state around the buggy address: [ 10.476746] ffff888101d75e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.476966] ffff888101d75e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.477183] >ffff888101d75f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.477807] ^ [ 10.477977] ffff888101d75f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.478219] ffff888101d76000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.478443] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right: Failure
Automatically assigned
[ 10.400234] ================================================================== [ 10.400713] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.400972] Write of size 1 at addr ffff888102818e78 by task kunit_try_catch/160 [ 10.402062] [ 10.402249] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.402296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.402308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.402330] Call Trace: [ 10.402342] <TASK> [ 10.402358] dump_stack_lvl+0x73/0xb0 [ 10.402398] print_report+0xd1/0x650 [ 10.402421] ? __virt_addr_valid+0x1db/0x2d0 [ 10.402602] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.402627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.402649] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.402674] kasan_report+0x141/0x180 [ 10.402697] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.402728] __asan_report_store1_noabort+0x1b/0x30 [ 10.402749] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.402773] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.402801] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.402832] kunit_try_run_case+0x1a5/0x480 [ 10.402852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.402871] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.402896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.402920] ? __kthread_parkme+0x82/0x180 [ 10.402940] ? preempt_count_sub+0x50/0x80 [ 10.402963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.402983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.403021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.403044] kthread+0x337/0x6f0 [ 10.403063] ? trace_preempt_on+0x20/0xc0 [ 10.403086] ? __pfx_kthread+0x10/0x10 [ 10.403107] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.403129] ? calculate_sigpending+0x7b/0xa0 [ 10.403152] ? __pfx_kthread+0x10/0x10 [ 10.403173] ret_from_fork+0x116/0x1d0 [ 10.403191] ? __pfx_kthread+0x10/0x10 [ 10.403211] ret_from_fork_asm+0x1a/0x30 [ 10.403241] </TASK> [ 10.403251] [ 10.418592] Allocated by task 160: [ 10.418893] kasan_save_stack+0x45/0x70 [ 10.419411] kasan_save_track+0x18/0x40 [ 10.419683] kasan_save_alloc_info+0x3b/0x50 [ 10.420060] __kasan_kmalloc+0xb7/0xc0 [ 10.420413] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.420596] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.420889] kunit_try_run_case+0x1a5/0x480 [ 10.421355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.422079] kthread+0x337/0x6f0 [ 10.422425] ret_from_fork+0x116/0x1d0 [ 10.422806] ret_from_fork_asm+0x1a/0x30 [ 10.422960] [ 10.423036] The buggy address belongs to the object at ffff888102818e00 [ 10.423036] which belongs to the cache kmalloc-128 of size 128 [ 10.424292] The buggy address is located 0 bytes to the right of [ 10.424292] allocated 120-byte region [ffff888102818e00, ffff888102818e78) [ 10.424766] [ 10.424935] The buggy address belongs to the physical page: [ 10.425637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102818 [ 10.426545] flags: 0x200000000000000(node=0|zone=2) [ 10.426789] page_type: f5(slab) [ 10.427208] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.427586] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.427834] page dumped because: kasan: bad access detected [ 10.428050] [ 10.428218] Memory state around the buggy address: [ 10.428655] ffff888102818d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.429526] ffff888102818d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.429911] >ffff888102818e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.430468] ^ [ 10.431269] ffff888102818e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.431506] ffff888102818f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.431729] ================================================================== [ 10.432797] ================================================================== [ 10.433470] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.434466] Write of size 1 at addr ffff888102818f78 by task kunit_try_catch/160 [ 10.435160] [ 10.435340] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.435395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.435408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.435428] Call Trace: [ 10.435439] <TASK> [ 10.435454] dump_stack_lvl+0x73/0xb0 [ 10.435481] print_report+0xd1/0x650 [ 10.435504] ? __virt_addr_valid+0x1db/0x2d0 [ 10.435526] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.435550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.435572] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.435597] kasan_report+0x141/0x180 [ 10.435619] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.435648] __asan_report_store1_noabort+0x1b/0x30 [ 10.435669] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.435693] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.435728] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.435758] kunit_try_run_case+0x1a5/0x480 [ 10.435778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.435797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.435822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.435847] ? __kthread_parkme+0x82/0x180 [ 10.435866] ? preempt_count_sub+0x50/0x80 [ 10.435889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.435910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.435933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.435956] kthread+0x337/0x6f0 [ 10.435975] ? trace_preempt_on+0x20/0xc0 [ 10.435999] ? __pfx_kthread+0x10/0x10 [ 10.436029] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.436051] ? calculate_sigpending+0x7b/0xa0 [ 10.436075] ? __pfx_kthread+0x10/0x10 [ 10.436096] ret_from_fork+0x116/0x1d0 [ 10.436114] ? __pfx_kthread+0x10/0x10 [ 10.436133] ret_from_fork_asm+0x1a/0x30 [ 10.436163] </TASK> [ 10.436172] [ 10.446777] Allocated by task 160: [ 10.447172] kasan_save_stack+0x45/0x70 [ 10.447365] kasan_save_track+0x18/0x40 [ 10.447558] kasan_save_alloc_info+0x3b/0x50 [ 10.447704] __kasan_kmalloc+0xb7/0xc0 [ 10.447912] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.448226] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.448553] kunit_try_run_case+0x1a5/0x480 [ 10.448771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.448952] kthread+0x337/0x6f0 [ 10.449157] ret_from_fork+0x116/0x1d0 [ 10.449467] ret_from_fork_asm+0x1a/0x30 [ 10.449668] [ 10.449753] The buggy address belongs to the object at ffff888102818f00 [ 10.449753] which belongs to the cache kmalloc-128 of size 128 [ 10.450480] The buggy address is located 0 bytes to the right of [ 10.450480] allocated 120-byte region [ffff888102818f00, ffff888102818f78) [ 10.451096] [ 10.451173] The buggy address belongs to the physical page: [ 10.451347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102818 [ 10.451965] flags: 0x200000000000000(node=0|zone=2) [ 10.452325] page_type: f5(slab) [ 10.452483] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.452836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.453079] page dumped because: kasan: bad access detected [ 10.453460] [ 10.453555] Memory state around the buggy address: [ 10.453774] ffff888102818e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.454077] ffff888102818e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.454333] >ffff888102818f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.454655] ^ [ 10.454954] ffff888102818f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.455315] ffff888102819000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.455666] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
Automatically assigned
[ 10.371840] ================================================================== [ 10.373245] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.374262] Read of size 1 at addr ffff888103909000 by task kunit_try_catch/158 [ 10.374773] [ 10.374875] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.374923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.374936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.374960] Call Trace: [ 10.374972] <TASK> [ 10.374989] dump_stack_lvl+0x73/0xb0 [ 10.375014] print_report+0xd1/0x650 [ 10.375036] ? __virt_addr_valid+0x1db/0x2d0 [ 10.375058] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.375081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.375103] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.375127] kasan_report+0x141/0x180 [ 10.375148] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.375177] __asan_report_load1_noabort+0x18/0x20 [ 10.375197] kmalloc_node_oob_right+0x369/0x3c0 [ 10.375221] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.375246] ? __schedule+0x10cc/0x2b60 [ 10.375268] ? __pfx_read_tsc+0x10/0x10 [ 10.375288] ? ktime_get_ts64+0x86/0x230 [ 10.375311] kunit_try_run_case+0x1a5/0x480 [ 10.375331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.375350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.375374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.375411] ? __kthread_parkme+0x82/0x180 [ 10.375431] ? preempt_count_sub+0x50/0x80 [ 10.375454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.375475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.375498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.375523] kthread+0x337/0x6f0 [ 10.375541] ? trace_preempt_on+0x20/0xc0 [ 10.375563] ? __pfx_kthread+0x10/0x10 [ 10.375583] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.375605] ? calculate_sigpending+0x7b/0xa0 [ 10.375627] ? __pfx_kthread+0x10/0x10 [ 10.375648] ret_from_fork+0x116/0x1d0 [ 10.375666] ? __pfx_kthread+0x10/0x10 [ 10.375686] ret_from_fork_asm+0x1a/0x30 [ 10.375716] </TASK> [ 10.375725] [ 10.384516] Allocated by task 158: [ 10.384863] kasan_save_stack+0x45/0x70 [ 10.385199] kasan_save_track+0x18/0x40 [ 10.385389] kasan_save_alloc_info+0x3b/0x50 [ 10.385596] __kasan_kmalloc+0xb7/0xc0 [ 10.385944] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.386320] kmalloc_node_oob_right+0xab/0x3c0 [ 10.386507] kunit_try_run_case+0x1a5/0x480 [ 10.386847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.387132] kthread+0x337/0x6f0 [ 10.387271] ret_from_fork+0x116/0x1d0 [ 10.387471] ret_from_fork_asm+0x1a/0x30 [ 10.387674] [ 10.388061] The buggy address belongs to the object at ffff888103908000 [ 10.388061] which belongs to the cache kmalloc-4k of size 4096 [ 10.388652] The buggy address is located 0 bytes to the right of [ 10.388652] allocated 4096-byte region [ffff888103908000, ffff888103909000) [ 10.389584] [ 10.389732] The buggy address belongs to the physical page: [ 10.390264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103908 [ 10.390973] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.391459] flags: 0x200000000000040(head|node=0|zone=2) [ 10.391836] page_type: f5(slab) [ 10.392006] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.392431] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.392802] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.393164] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.393489] head: 0200000000000003 ffffea00040e4201 00000000ffffffff 00000000ffffffff [ 10.393942] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.394288] page dumped because: kasan: bad access detected [ 10.394612] [ 10.394759] Memory state around the buggy address: [ 10.394970] ffff888103908f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.395333] ffff888103908f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.395590] >ffff888103909000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.395926] ^ [ 10.396122] ffff888103909080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.396497] ffff888103909100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.396987] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
Automatically assigned
[ 10.343874] ================================================================== [ 10.344344] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.344594] Read of size 1 at addr ffff888101892cdf by task kunit_try_catch/156 [ 10.344839] [ 10.344929] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.344976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.344988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.345009] Call Trace: [ 10.345021] <TASK> [ 10.345038] dump_stack_lvl+0x73/0xb0 [ 10.345108] print_report+0xd1/0x650 [ 10.345131] ? __virt_addr_valid+0x1db/0x2d0 [ 10.345167] ? kmalloc_oob_left+0x361/0x3c0 [ 10.345187] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.345209] ? kmalloc_oob_left+0x361/0x3c0 [ 10.345231] kasan_report+0x141/0x180 [ 10.345253] ? kmalloc_oob_left+0x361/0x3c0 [ 10.345278] __asan_report_load1_noabort+0x18/0x20 [ 10.345299] kmalloc_oob_left+0x361/0x3c0 [ 10.345320] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.345342] ? __schedule+0x10cc/0x2b60 [ 10.345367] ? __pfx_read_tsc+0x10/0x10 [ 10.345397] ? ktime_get_ts64+0x86/0x230 [ 10.345422] kunit_try_run_case+0x1a5/0x480 [ 10.345444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.345481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.345506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.345544] ? __kthread_parkme+0x82/0x180 [ 10.345564] ? preempt_count_sub+0x50/0x80 [ 10.345587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.345617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.345640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.345664] kthread+0x337/0x6f0 [ 10.345693] ? trace_preempt_on+0x20/0xc0 [ 10.345719] ? __pfx_kthread+0x10/0x10 [ 10.345739] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.345772] ? calculate_sigpending+0x7b/0xa0 [ 10.345796] ? __pfx_kthread+0x10/0x10 [ 10.345817] ret_from_fork+0x116/0x1d0 [ 10.345834] ? __pfx_kthread+0x10/0x10 [ 10.345855] ret_from_fork_asm+0x1a/0x30 [ 10.345885] </TASK> [ 10.345895] [ 10.353997] Allocated by task 1: [ 10.354212] kasan_save_stack+0x45/0x70 [ 10.354412] kasan_save_track+0x18/0x40 [ 10.354667] kasan_save_alloc_info+0x3b/0x50 [ 10.354918] __kasan_kmalloc+0xb7/0xc0 [ 10.355116] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.355298] kvasprintf+0xc5/0x150 [ 10.355449] __kthread_create_on_node+0x18b/0x3a0 [ 10.355679] kthread_create_on_node+0xab/0xe0 [ 10.355895] create_worker+0x3e5/0x7b0 [ 10.356068] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.356246] apply_wqattrs_prepare+0x332/0xd20 [ 10.356405] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.356564] alloc_workqueue+0xcc7/0x1ad0 [ 10.356710] latency_fsnotify_init+0x1b/0x50 [ 10.356933] do_one_initcall+0xd8/0x370 [ 10.357277] kernel_init_freeable+0x420/0x6f0 [ 10.357602] kernel_init+0x23/0x1e0 [ 10.357863] ret_from_fork+0x116/0x1d0 [ 10.358417] ret_from_fork_asm+0x1a/0x30 [ 10.358903] [ 10.359409] The buggy address belongs to the object at ffff888101892cc0 [ 10.359409] which belongs to the cache kmalloc-16 of size 16 [ 10.361005] The buggy address is located 18 bytes to the right of [ 10.361005] allocated 13-byte region [ffff888101892cc0, ffff888101892ccd) [ 10.361405] [ 10.361510] The buggy address belongs to the physical page: [ 10.362411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 10.363134] flags: 0x200000000000000(node=0|zone=2) [ 10.363303] page_type: f5(slab) [ 10.363440] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.363667] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.364500] page dumped because: kasan: bad access detected [ 10.365105] [ 10.365282] Memory state around the buggy address: [ 10.365731] ffff888101892b80: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 10.366587] ffff888101892c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 10.367160] >ffff888101892c80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 07 fc fc [ 10.367392] ^ [ 10.367581] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.367924] ffff888101892d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.368674] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
Automatically assigned
[ 10.250442] ================================================================== [ 10.251481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.252609] Write of size 1 at addr ffff888102a7a973 by task kunit_try_catch/154 [ 10.253417] [ 10.254481] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.254831] Tainted: [N]=TEST [ 10.254862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.255092] Call Trace: [ 10.255160] <TASK> [ 10.255302] dump_stack_lvl+0x73/0xb0 [ 10.255398] print_report+0xd1/0x650 [ 10.255427] ? __virt_addr_valid+0x1db/0x2d0 [ 10.255452] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.255473] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.255496] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.255517] kasan_report+0x141/0x180 [ 10.255540] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.255566] __asan_report_store1_noabort+0x1b/0x30 [ 10.255587] kmalloc_oob_right+0x6f0/0x7f0 [ 10.255609] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.255632] ? __schedule+0x10cc/0x2b60 [ 10.255656] ? __pfx_read_tsc+0x10/0x10 [ 10.255677] ? ktime_get_ts64+0x86/0x230 [ 10.255703] kunit_try_run_case+0x1a5/0x480 [ 10.255735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.255754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.255780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.255804] ? __kthread_parkme+0x82/0x180 [ 10.255826] ? preempt_count_sub+0x50/0x80 [ 10.255850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.255871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.255895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.255919] kthread+0x337/0x6f0 [ 10.255938] ? trace_preempt_on+0x20/0xc0 [ 10.255964] ? __pfx_kthread+0x10/0x10 [ 10.255984] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.256016] ? calculate_sigpending+0x7b/0xa0 [ 10.256040] ? __pfx_kthread+0x10/0x10 [ 10.256061] ret_from_fork+0x116/0x1d0 [ 10.256079] ? __pfx_kthread+0x10/0x10 [ 10.256099] ret_from_fork_asm+0x1a/0x30 [ 10.256151] </TASK> [ 10.256213] [ 10.267292] Allocated by task 154: [ 10.267689] kasan_save_stack+0x45/0x70 [ 10.268153] kasan_save_track+0x18/0x40 [ 10.268529] kasan_save_alloc_info+0x3b/0x50 [ 10.268755] __kasan_kmalloc+0xb7/0xc0 [ 10.269016] __kmalloc_cache_noprof+0x189/0x420 [ 10.269482] kmalloc_oob_right+0xa9/0x7f0 [ 10.269923] kunit_try_run_case+0x1a5/0x480 [ 10.270101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.270618] kthread+0x337/0x6f0 [ 10.270960] ret_from_fork+0x116/0x1d0 [ 10.271231] ret_from_fork_asm+0x1a/0x30 [ 10.271564] [ 10.271690] The buggy address belongs to the object at ffff888102a7a900 [ 10.271690] which belongs to the cache kmalloc-128 of size 128 [ 10.272347] The buggy address is located 0 bytes to the right of [ 10.272347] allocated 115-byte region [ffff888102a7a900, ffff888102a7a973) [ 10.273590] [ 10.273867] The buggy address belongs to the physical page: [ 10.274684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 10.275739] flags: 0x200000000000000(node=0|zone=2) [ 10.276654] page_type: f5(slab) [ 10.277272] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.277532] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.277912] page dumped because: kasan: bad access detected [ 10.278561] [ 10.278733] Memory state around the buggy address: [ 10.279525] ffff888102a7a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.280281] ffff888102a7a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.281130] >ffff888102a7a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.281948] ^ [ 10.282675] ffff888102a7a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.283438] ffff888102a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.283957] ================================================================== [ 10.317198] ================================================================== [ 10.318104] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.318776] Read of size 1 at addr ffff888102a7a980 by task kunit_try_catch/154 [ 10.319341] [ 10.319539] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.319585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.319597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.319619] Call Trace: [ 10.319634] <TASK> [ 10.319650] dump_stack_lvl+0x73/0xb0 [ 10.319674] print_report+0xd1/0x650 [ 10.319695] ? __virt_addr_valid+0x1db/0x2d0 [ 10.319718] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.319738] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.319760] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.319783] kasan_report+0x141/0x180 [ 10.319804] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.319830] __asan_report_load1_noabort+0x18/0x20 [ 10.319851] kmalloc_oob_right+0x68a/0x7f0 [ 10.319873] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.319895] ? __schedule+0x10cc/0x2b60 [ 10.319918] ? __pfx_read_tsc+0x10/0x10 [ 10.319938] ? ktime_get_ts64+0x86/0x230 [ 10.319961] kunit_try_run_case+0x1a5/0x480 [ 10.319981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.320000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.320024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.320047] ? __kthread_parkme+0x82/0x180 [ 10.320067] ? preempt_count_sub+0x50/0x80 [ 10.320124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.320145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.320169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.320194] kthread+0x337/0x6f0 [ 10.320213] ? trace_preempt_on+0x20/0xc0 [ 10.320235] ? __pfx_kthread+0x10/0x10 [ 10.320255] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.320278] ? calculate_sigpending+0x7b/0xa0 [ 10.320301] ? __pfx_kthread+0x10/0x10 [ 10.320322] ret_from_fork+0x116/0x1d0 [ 10.320355] ? __pfx_kthread+0x10/0x10 [ 10.320387] ret_from_fork_asm+0x1a/0x30 [ 10.320420] </TASK> [ 10.320431] [ 10.330483] Allocated by task 154: [ 10.330703] kasan_save_stack+0x45/0x70 [ 10.330938] kasan_save_track+0x18/0x40 [ 10.331249] kasan_save_alloc_info+0x3b/0x50 [ 10.331484] __kasan_kmalloc+0xb7/0xc0 [ 10.331621] __kmalloc_cache_noprof+0x189/0x420 [ 10.331819] kmalloc_oob_right+0xa9/0x7f0 [ 10.332211] kunit_try_run_case+0x1a5/0x480 [ 10.332437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.332672] kthread+0x337/0x6f0 [ 10.332793] ret_from_fork+0x116/0x1d0 [ 10.332983] ret_from_fork_asm+0x1a/0x30 [ 10.333293] [ 10.333398] The buggy address belongs to the object at ffff888102a7a900 [ 10.333398] which belongs to the cache kmalloc-128 of size 128 [ 10.333983] The buggy address is located 13 bytes to the right of [ 10.333983] allocated 115-byte region [ffff888102a7a900, ffff888102a7a973) [ 10.334574] [ 10.334648] The buggy address belongs to the physical page: [ 10.334924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 10.335329] flags: 0x200000000000000(node=0|zone=2) [ 10.335509] page_type: f5(slab) [ 10.335675] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.336205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.336549] page dumped because: kasan: bad access detected [ 10.336798] [ 10.336889] Memory state around the buggy address: [ 10.337167] ffff888102a7a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.337975] ffff888102a7a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.338567] >ffff888102a7a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.339033] ^ [ 10.339347] ffff888102a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.339857] ffff888102a7aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.340482] ================================================================== [ 10.285727] ================================================================== [ 10.286320] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.286800] Write of size 1 at addr ffff888102a7a978 by task kunit_try_catch/154 [ 10.287026] [ 10.287113] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 10.287161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.287189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.287213] Call Trace: [ 10.287230] <TASK> [ 10.287245] dump_stack_lvl+0x73/0xb0 [ 10.287283] print_report+0xd1/0x650 [ 10.287306] ? __virt_addr_valid+0x1db/0x2d0 [ 10.287328] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.287348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.287370] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.287413] kasan_report+0x141/0x180 [ 10.287436] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.287462] __asan_report_store1_noabort+0x1b/0x30 [ 10.287483] kmalloc_oob_right+0x6bd/0x7f0 [ 10.287505] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.287528] ? __schedule+0x10cc/0x2b60 [ 10.287550] ? __pfx_read_tsc+0x10/0x10 [ 10.287570] ? ktime_get_ts64+0x86/0x230 [ 10.287594] kunit_try_run_case+0x1a5/0x480 [ 10.287614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.287647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.287681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.287705] ? __kthread_parkme+0x82/0x180 [ 10.287757] ? preempt_count_sub+0x50/0x80 [ 10.287780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.287800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.287824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.287848] kthread+0x337/0x6f0 [ 10.287867] ? trace_preempt_on+0x20/0xc0 [ 10.287889] ? __pfx_kthread+0x10/0x10 [ 10.287909] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.287930] ? calculate_sigpending+0x7b/0xa0 [ 10.287953] ? __pfx_kthread+0x10/0x10 [ 10.287974] ret_from_fork+0x116/0x1d0 [ 10.287992] ? __pfx_kthread+0x10/0x10 [ 10.288024] ret_from_fork_asm+0x1a/0x30 [ 10.288053] </TASK> [ 10.288063] [ 10.302062] Allocated by task 154: [ 10.302426] kasan_save_stack+0x45/0x70 [ 10.302574] kasan_save_track+0x18/0x40 [ 10.302713] kasan_save_alloc_info+0x3b/0x50 [ 10.303170] __kasan_kmalloc+0xb7/0xc0 [ 10.303587] __kmalloc_cache_noprof+0x189/0x420 [ 10.304103] kmalloc_oob_right+0xa9/0x7f0 [ 10.304514] kunit_try_run_case+0x1a5/0x480 [ 10.305088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.305569] kthread+0x337/0x6f0 [ 10.305761] ret_from_fork+0x116/0x1d0 [ 10.306193] ret_from_fork_asm+0x1a/0x30 [ 10.306513] [ 10.306591] The buggy address belongs to the object at ffff888102a7a900 [ 10.306591] which belongs to the cache kmalloc-128 of size 128 [ 10.307603] The buggy address is located 5 bytes to the right of [ 10.307603] allocated 115-byte region [ffff888102a7a900, ffff888102a7a973) [ 10.308628] [ 10.308756] The buggy address belongs to the physical page: [ 10.309251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a7a [ 10.309501] flags: 0x200000000000000(node=0|zone=2) [ 10.309661] page_type: f5(slab) [ 10.309944] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.310867] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.311667] page dumped because: kasan: bad access detected [ 10.312309] [ 10.312482] Memory state around the buggy address: [ 10.313041] ffff888102a7a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.313734] ffff888102a7a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.313947] >ffff888102a7a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.314451] ^ [ 10.315166] ffff888102a7a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.315892] ffff888102a7aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.316448] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale: Failure
Automatically assigned
------------[ cut here ]------------ [ 148.204600] WARNING: CPU: 1 PID: 2820 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 148.205279] Modules linked in: [ 148.205451] CPU: 1 UID: 0 PID: 2820 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 148.205952] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.206346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.206680] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 148.206910] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 c0 9e 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.207649] RSP: 0000:ffff888106257c78 EFLAGS: 00010286 [ 148.208084] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 148.208349] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa783c954 [ 148.208653] RBP: ffff888106257ca0 R08: 0000000000000000 R09: ffffed1020ada5a0 [ 148.208964] R10: ffff8881056d2d07 R11: 0000000000000000 R12: ffffffffa783c940 [ 148.209329] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106257d38 [ 148.209620] FS: 0000000000000000(0000) GS:ffff8881ab15b000(0000) knlGS:0000000000000000 [ 148.209958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.210285] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 148.210555] DR0: ffffffffa9869404 DR1: ffffffffa9869409 DR2: ffffffffa986940a [ 148.210851] DR3: ffffffffa986940b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.211117] Call Trace: [ 148.211379] <TASK> [ 148.211521] drm_test_rect_calc_vscale+0x108/0x270 [ 148.211741] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 148.211963] ? __schedule+0x10cc/0x2b60 [ 148.212356] ? __pfx_read_tsc+0x10/0x10 [ 148.212576] ? ktime_get_ts64+0x86/0x230 [ 148.212790] kunit_try_run_case+0x1a5/0x480 [ 148.212974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.213206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.213478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.213737] ? __kthread_parkme+0x82/0x180 [ 148.213947] ? preempt_count_sub+0x50/0x80 [ 148.214201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.214411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.214675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.214917] kthread+0x337/0x6f0 [ 148.215178] ? trace_preempt_on+0x20/0xc0 [ 148.215390] ? __pfx_kthread+0x10/0x10 [ 148.215587] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.215800] ? calculate_sigpending+0x7b/0xa0 [ 148.216025] ? __pfx_kthread+0x10/0x10 [ 148.216164] ret_from_fork+0x116/0x1d0 [ 148.216301] ? __pfx_kthread+0x10/0x10 [ 148.216847] ret_from_fork_asm+0x1a/0x30 [ 148.217481] </TASK> [ 148.217612] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 148.187281] WARNING: CPU: 0 PID: 2818 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 148.187696] Modules linked in: [ 148.187910] CPU: 0 UID: 0 PID: 2818 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 148.188472] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.188768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.189115] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 148.189624] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 c0 9e 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.190580] RSP: 0000:ffff888106247c78 EFLAGS: 00010286 [ 148.190912] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 148.191282] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa783c91c [ 148.191533] RBP: ffff888106247ca0 R08: 0000000000000000 R09: ffffed102078f140 [ 148.191883] R10: ffff888103c78a07 R11: 0000000000000000 R12: ffffffffa783c908 [ 148.192307] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106247d38 [ 148.192580] FS: 0000000000000000(0000) GS:ffff8881ab05b000(0000) knlGS:0000000000000000 [ 148.192913] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.193295] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 148.193600] DR0: ffffffffa9869400 DR1: ffffffffa9869401 DR2: ffffffffa9869403 [ 148.193945] DR3: ffffffffa9869405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.194237] Call Trace: [ 148.194737] <TASK> [ 148.194842] drm_test_rect_calc_vscale+0x108/0x270 [ 148.195235] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 148.195479] ? __schedule+0x207f/0x2b60 [ 148.195671] ? __pfx_read_tsc+0x10/0x10 [ 148.195852] ? ktime_get_ts64+0x86/0x230 [ 148.196024] kunit_try_run_case+0x1a5/0x480 [ 148.196309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.196525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.196748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.196936] ? __kthread_parkme+0x82/0x180 [ 148.197229] ? preempt_count_sub+0x50/0x80 [ 148.197440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.197660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.197908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.198343] kthread+0x337/0x6f0 [ 148.198515] ? trace_preempt_on+0x20/0xc0 [ 148.198664] ? __pfx_kthread+0x10/0x10 [ 148.198863] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.199209] ? calculate_sigpending+0x7b/0xa0 [ 148.199453] ? __pfx_kthread+0x10/0x10 [ 148.199616] ret_from_fork+0x116/0x1d0 [ 148.199849] ? __pfx_kthread+0x10/0x10 [ 148.200024] ret_from_fork_asm+0x1a/0x30 [ 148.200225] </TASK> [ 148.200383] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale: Failure
Automatically assigned
------------[ cut here ]------------ [ 148.159152] WARNING: CPU: 0 PID: 2808 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 148.159870] Modules linked in: [ 148.160094] CPU: 0 UID: 0 PID: 2808 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 148.160597] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.161158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.162201] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 148.162751] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.163994] RSP: 0000:ffff8881062dfc78 EFLAGS: 00010286 [ 148.164449] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 148.164669] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa783c958 [ 148.164882] RBP: ffff8881062dfca0 R08: 0000000000000000 R09: ffffed1020ada480 [ 148.165127] R10: ffff8881056d2407 R11: 0000000000000000 R12: ffffffffa783c940 [ 148.165566] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881062dfd38 [ 148.165876] FS: 0000000000000000(0000) GS:ffff8881ab05b000(0000) knlGS:0000000000000000 [ 148.166416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.166671] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 148.166977] DR0: ffffffffa9869400 DR1: ffffffffa9869401 DR2: ffffffffa9869403 [ 148.167461] DR3: ffffffffa9869405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.167764] Call Trace: [ 148.168050] <TASK> [ 148.168190] drm_test_rect_calc_hscale+0x108/0x270 [ 148.168398] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 148.168645] ? __schedule+0x10cc/0x2b60 [ 148.168795] ? __pfx_read_tsc+0x10/0x10 [ 148.168944] ? ktime_get_ts64+0x86/0x230 [ 148.169293] kunit_try_run_case+0x1a5/0x480 [ 148.169493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.169847] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.170211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.170428] ? __kthread_parkme+0x82/0x180 [ 148.170644] ? preempt_count_sub+0x50/0x80 [ 148.170840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.171223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.171461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.171749] kthread+0x337/0x6f0 [ 148.171918] ? trace_preempt_on+0x20/0xc0 [ 148.172090] ? __pfx_kthread+0x10/0x10 [ 148.172246] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.172528] ? calculate_sigpending+0x7b/0xa0 [ 148.172940] ? __pfx_kthread+0x10/0x10 [ 148.173288] ret_from_fork+0x116/0x1d0 [ 148.173477] ? __pfx_kthread+0x10/0x10 [ 148.173633] ret_from_fork_asm+0x1a/0x30 [ 148.173845] </TASK> [ 148.173973] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 148.133801] WARNING: CPU: 0 PID: 2806 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 148.134908] Modules linked in: [ 148.135367] CPU: 0 UID: 0 PID: 2806 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 148.136634] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.137440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.138351] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 148.138677] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.140373] RSP: 0000:ffff888106247c78 EFLAGS: 00010286 [ 148.140606] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 148.141024] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa783c920 [ 148.141891] RBP: ffff888106247ca0 R08: 0000000000000000 R09: ffffed102078f100 [ 148.142617] R10: ffff888103c78807 R11: 0000000000000000 R12: ffffffffa783c908 [ 148.143215] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106247d38 [ 148.143741] FS: 0000000000000000(0000) GS:ffff8881ab05b000(0000) knlGS:0000000000000000 [ 148.143982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.144540] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 148.145275] DR0: ffffffffa9869400 DR1: ffffffffa9869401 DR2: ffffffffa9869403 [ 148.146079] DR3: ffffffffa9869405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.146448] Call Trace: [ 148.146555] <TASK> [ 148.146665] drm_test_rect_calc_hscale+0x108/0x270 [ 148.146847] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 148.147073] ? __schedule+0x10cc/0x2b60 [ 148.147454] ? __pfx_read_tsc+0x10/0x10 [ 148.147963] ? ktime_get_ts64+0x86/0x230 [ 148.148457] kunit_try_run_case+0x1a5/0x480 [ 148.148809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.149225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 148.149412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.149585] ? __kthread_parkme+0x82/0x180 [ 148.149858] ? preempt_count_sub+0x50/0x80 [ 148.150271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.150809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.151327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.152170] kthread+0x337/0x6f0 [ 148.152362] ? trace_preempt_on+0x20/0xc0 [ 148.152514] ? __pfx_kthread+0x10/0x10 [ 148.152650] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.152802] ? calculate_sigpending+0x7b/0xa0 [ 148.152957] ? __pfx_kthread+0x10/0x10 [ 148.153468] ret_from_fork+0x116/0x1d0 [ 148.153821] ? __pfx_kthread+0x10/0x10 [ 148.154324] ret_from_fork_asm+0x1a/0x30 [ 148.154747] </TASK> [ 148.154970] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count: Failure
Automatically assigned
------------[ cut here ]------------ [ 147.544357] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 147.544495] WARNING: CPU: 1 PID: 2623 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 147.545750] Modules linked in: [ 147.545950] CPU: 1 UID: 0 PID: 2623 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 147.546448] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.546689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.547050] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 147.547277] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 3d 27 80 00 48 c7 c1 00 18 7f a7 4c 89 f2 48 c7 c7 c0 14 7f a7 48 89 c6 e8 04 d5 73 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 147.548786] RSP: 0000:ffff8881044f7d18 EFLAGS: 00010286 [ 147.549387] RAX: 0000000000000000 RBX: ffff888102c21c00 RCX: 1ffffffff50a4cec [ 147.549795] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 147.550562] RBP: ffff8881044f7d48 R08: 0000000000000000 R09: fffffbfff50a4cec [ 147.551243] R10: 0000000000000003 R11: 000000000003b300 R12: ffff888104324800 [ 147.551790] R13: ffff888102c21cf8 R14: ffff8881056f0080 R15: ffff8881003c7b40 [ 147.552238] FS: 0000000000000000(0000) GS:ffff8881ab15b000(0000) knlGS:0000000000000000 [ 147.552711] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.552966] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 147.553257] DR0: ffffffffa9869404 DR1: ffffffffa9869409 DR2: ffffffffa986940a [ 147.553614] DR3: ffffffffa986940b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.554344] Call Trace: [ 147.554460] <TASK> [ 147.554615] ? trace_preempt_on+0x20/0xc0 [ 147.554841] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 147.555201] drm_gem_shmem_free_wrapper+0x12/0x20 [ 147.555428] __kunit_action_free+0x57/0x70 [ 147.555647] kunit_remove_resource+0x133/0x200 [ 147.555844] ? preempt_count_sub+0x50/0x80 [ 147.556149] kunit_cleanup+0x7a/0x120 [ 147.556365] kunit_try_run_case_cleanup+0xbd/0xf0 [ 147.556562] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 147.556837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.557172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.557432] kthread+0x337/0x6f0 [ 147.557626] ? trace_preempt_on+0x20/0xc0 [ 147.557851] ? __pfx_kthread+0x10/0x10 [ 147.558132] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.558320] ? calculate_sigpending+0x7b/0xa0 [ 147.558583] ? __pfx_kthread+0x10/0x10 [ 147.558772] ret_from_fork+0x116/0x1d0 [ 147.558960] ? __pfx_kthread+0x10/0x10 [ 147.559207] ret_from_fork_asm+0x1a/0x30 [ 147.559468] </TASK> [ 147.559579] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init: Failure
Automatically assigned
------------[ cut here ]------------ [ 147.405267] WARNING: CPU: 1 PID: 2604 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 147.405941] Modules linked in: [ 147.406494] CPU: 1 UID: 0 PID: 2604 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 147.407222] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.407516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.408186] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 147.408621] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 147.410492] RSP: 0000:ffff888104277b30 EFLAGS: 00010246 [ 147.411296] RAX: dffffc0000000000 RBX: ffff888104277c28 RCX: 0000000000000000 [ 147.411536] RDX: 1ffff1102084ef8e RSI: ffff888104277c28 RDI: ffff888104277c70 [ 147.412293] RBP: ffff888104277b70 R08: ffff888103e44000 R09: ffffffffa77e1b20 [ 147.413447] R10: 0000000000000003 R11: 000000001fd5816b R12: ffff888103e44000 [ 147.413807] R13: ffff8881003c7ae8 R14: ffff888104277ba8 R15: 0000000000000000 [ 147.414617] FS: 0000000000000000(0000) GS:ffff8881ab15b000(0000) knlGS:0000000000000000 [ 147.415144] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.415367] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 147.415810] DR0: ffffffffa9869404 DR1: ffffffffa9869409 DR2: ffffffffa986940a [ 147.416276] DR3: ffffffffa986940b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.416715] Call Trace: [ 147.416855] <TASK> [ 147.417326] ? add_dr+0xc1/0x1d0 [ 147.417534] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 147.417839] ? add_dr+0x148/0x1d0 [ 147.418003] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 147.418674] ? __drmm_add_action+0x1a4/0x280 [ 147.419100] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.419466] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.419852] ? __drmm_add_action_or_reset+0x22/0x50 [ 147.420203] ? __schedule+0x10cc/0x2b60 [ 147.420411] ? __pfx_read_tsc+0x10/0x10 [ 147.420592] ? ktime_get_ts64+0x86/0x230 [ 147.420794] kunit_try_run_case+0x1a5/0x480 [ 147.420986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.421704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 147.422190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 147.422455] ? __kthread_parkme+0x82/0x180 [ 147.422735] ? preempt_count_sub+0x50/0x80 [ 147.423086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.423430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.423791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.424145] kthread+0x337/0x6f0 [ 147.424309] ? trace_preempt_on+0x20/0xc0 [ 147.424528] ? __pfx_kthread+0x10/0x10 [ 147.424705] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.425357] ? calculate_sigpending+0x7b/0xa0 [ 147.425665] ? __pfx_kthread+0x10/0x10 [ 147.425835] ret_from_fork+0x116/0x1d0 [ 147.426278] ? __pfx_kthread+0x10/0x10 [ 147.426555] ret_from_fork_asm+0x1a/0x30 [ 147.426776] </TASK> [ 147.426896] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head: Failure
Automatically assigned
------------[ cut here ]------------ [ 147.371050] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 147.371603] WARNING: CPU: 0 PID: 2600 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 147.373280] Modules linked in: [ 147.373496] CPU: 0 UID: 0 PID: 2600 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 147.374350] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.374607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.375172] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 147.375445] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 41 87 00 48 c7 c1 e0 ca 7d a7 4c 89 fa 48 c7 c7 40 cb 7d a7 48 89 c6 e8 32 ef 7a fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 147.376324] RSP: 0000:ffff888104277b68 EFLAGS: 00010282 [ 147.376581] RAX: 0000000000000000 RBX: ffff888104277c40 RCX: 1ffffffff50a4cec [ 147.377043] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 147.377509] RBP: ffff888104277b90 R08: 0000000000000000 R09: fffffbfff50a4cec [ 147.377848] R10: 0000000000000003 R11: 0000000000039b40 R12: ffff888104277c18 [ 147.378244] R13: ffff8881008fd800 R14: ffff888103da4000 R15: ffff8881031c4580 [ 147.378557] FS: 0000000000000000(0000) GS:ffff8881ab05b000(0000) knlGS:0000000000000000 [ 147.378938] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.379303] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 147.379840] DR0: ffffffffa9869400 DR1: ffffffffa9869401 DR2: ffffffffa9869403 [ 147.380313] DR3: ffffffffa9869405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.380618] Call Trace: [ 147.380722] <TASK> [ 147.380850] drm_test_framebuffer_free+0x1ab/0x610 [ 147.381258] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 147.382104] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.382384] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.382659] ? __drmm_add_action_or_reset+0x22/0x50 [ 147.383325] ? __schedule+0x10cc/0x2b60 [ 147.383671] ? __pfx_read_tsc+0x10/0x10 [ 147.383963] ? ktime_get_ts64+0x86/0x230 [ 147.384482] kunit_try_run_case+0x1a5/0x480 [ 147.384694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.385184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 147.385440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 147.385701] ? __kthread_parkme+0x82/0x180 [ 147.386144] ? preempt_count_sub+0x50/0x80 [ 147.386451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.386667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.387305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.387616] kthread+0x337/0x6f0 [ 147.387961] ? trace_preempt_on+0x20/0xc0 [ 147.388469] ? __pfx_kthread+0x10/0x10 [ 147.388777] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.389217] ? calculate_sigpending+0x7b/0xa0 [ 147.389472] ? __pfx_kthread+0x10/0x10 [ 147.389662] ret_from_fork+0x116/0x1d0 [ 147.389833] ? __pfx_kthread+0x10/0x10 [ 147.390024] ret_from_fork_asm+0x1a/0x30 [ 147.390694] </TASK> [ 147.390806] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register: Failure
Automatically assigned
------------[ cut here ]------------ [ 146.202814] WARNING: CPU: 0 PID: 2038 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 146.203801] Modules linked in: [ 146.204227] CPU: 0 UID: 0 PID: 2038 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 146.204874] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.205364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.205906] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 146.206424] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 146.208047] RSP: 0000:ffff88810c90fc90 EFLAGS: 00010246 [ 146.208786] RAX: dffffc0000000000 RBX: ffff88810c86c000 RCX: 0000000000000000 [ 146.209552] RDX: 1ffff1102190d832 RSI: ffffffffa4a425f8 RDI: ffff88810c86c190 [ 146.210145] RBP: ffff88810c90fca0 R08: 1ffff11020078f69 R09: ffffed1021921f65 [ 146.210879] R10: 0000000000000003 R11: ffffffffa34049da R12: 0000000000000000 [ 146.211460] R13: ffff88810c90fd38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 146.211685] FS: 0000000000000000(0000) GS:ffff8881ab05b000(0000) knlGS:0000000000000000 [ 146.211923] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.212626] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 146.213563] DR0: ffffffffa9869400 DR1: ffffffffa9869401 DR2: ffffffffa9869403 [ 146.214406] DR3: ffffffffa9869405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.215189] Call Trace: [ 146.215569] <TASK> [ 146.215920] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 146.216728] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 146.217388] ? __schedule+0x207f/0x2b60 [ 146.217553] ? __pfx_read_tsc+0x10/0x10 [ 146.217710] ? ktime_get_ts64+0x86/0x230 [ 146.217858] kunit_try_run_case+0x1a5/0x480 [ 146.218089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.218719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 146.218947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.219319] ? __kthread_parkme+0x82/0x180 [ 146.219512] ? preempt_count_sub+0x50/0x80 [ 146.219725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.220278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.220633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.221046] kthread+0x337/0x6f0 [ 146.221459] ? trace_preempt_on+0x20/0xc0 [ 146.221839] ? __pfx_kthread+0x10/0x10 [ 146.222254] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.222507] ? calculate_sigpending+0x7b/0xa0 [ 146.222842] ? __pfx_kthread+0x10/0x10 [ 146.223030] ret_from_fork+0x116/0x1d0 [ 146.223416] ? __pfx_kthread+0x10/0x10 [ 146.223694] ret_from_fork_asm+0x1a/0x30 [ 146.223915] </TASK> [ 146.224276] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 146.115805] WARNING: CPU: 1 PID: 2030 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 146.116241] Modules linked in: [ 146.116429] CPU: 1 UID: 0 PID: 2030 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 146.117452] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.118272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.119562] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 146.120397] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 146.122071] RSP: 0000:ffff88810ca37c90 EFLAGS: 00010246 [ 146.122295] RAX: dffffc0000000000 RBX: ffff88810cb78000 RCX: 0000000000000000 [ 146.123106] RDX: 1ffff1102196f032 RSI: ffffffffa4a425f8 RDI: ffff88810cb78190 [ 146.124052] RBP: ffff88810ca37ca0 R08: 1ffff11020078f69 R09: ffffed1021946f65 [ 146.124465] R10: 0000000000000003 R11: ffffffffa3f873b8 R12: 0000000000000000 [ 146.124701] R13: ffff88810ca37d38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 146.125684] FS: 0000000000000000(0000) GS:ffff8881ab15b000(0000) knlGS:0000000000000000 [ 146.126724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.127425] CR2: 00007ffff7ffe000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 146.127951] DR0: ffffffffa9869404 DR1: ffffffffa9869409 DR2: ffffffffa986940a [ 146.128826] DR3: ffffffffa986940b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.129481] Call Trace: [ 146.129904] <TASK> [ 146.130383] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 146.130934] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 146.131882] ? __schedule+0x10cc/0x2b60 [ 146.132513] ? __pfx_read_tsc+0x10/0x10 [ 146.132745] ? ktime_get_ts64+0x86/0x230 [ 146.132900] kunit_try_run_case+0x1a5/0x480 [ 146.133538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.134226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 146.134896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.135499] ? __kthread_parkme+0x82/0x180 [ 146.136118] ? preempt_count_sub+0x50/0x80 [ 146.136556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.136976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.137641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.138190] kthread+0x337/0x6f0 [ 146.138328] ? trace_preempt_on+0x20/0xc0 [ 146.138491] ? __pfx_kthread+0x10/0x10 [ 146.138625] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.138827] ? calculate_sigpending+0x7b/0xa0 [ 146.139498] ? __pfx_kthread+0x10/0x10 [ 146.140099] ret_from_fork+0x116/0x1d0 [ 146.140559] ? __pfx_kthread+0x10/0x10 [ 146.140721] ret_from_fork_asm+0x1a/0x30 [ 146.140876] </TASK> [ 146.140967] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10: Failure
Automatically assigned
------------[ cut here ]------------ [ 108.256878] WARNING: CPU: 1 PID: 722 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.258231] Modules linked in: [ 108.258781] CPU: 1 UID: 0 PID: 722 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 108.260117] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.260820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.261865] RIP: 0010:intlog10+0x2a/0x40 [ 108.262275] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 8d 86 02 90 <0f> 0b 90 31 c0 e9 3c 8d 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.264149] RSP: 0000:ffff88810b50fcb0 EFLAGS: 00010246 [ 108.264613] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff110216a1fb4 [ 108.265473] RDX: 1ffffffff4ed3da4 RSI: 1ffff110216a1fb3 RDI: 0000000000000000 [ 108.266104] RBP: ffff88810b50fd60 R08: 0000000000000000 R09: ffffed10202dc460 [ 108.266327] R10: ffff8881016e2307 R11: 0000000000000000 R12: 1ffff110216a1f97 [ 108.266555] R13: ffffffffa769ed20 R14: 0000000000000000 R15: ffff88810b50fd38 [ 108.266765] FS: 0000000000000000(0000) GS:ffff8881ab15b000(0000) knlGS:0000000000000000 [ 108.267002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.267188] CR2: ffff88815410a000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 108.267622] DR0: ffffffffa9869404 DR1: ffffffffa9869409 DR2: ffffffffa986940a [ 108.268401] DR3: ffffffffa986940b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.269362] Call Trace: [ 108.269681] <TASK> [ 108.269970] ? intlog10_test+0xf2/0x220 [ 108.270529] ? __pfx_intlog10_test+0x10/0x10 [ 108.271158] ? __schedule+0x10cc/0x2b60 [ 108.271601] ? __pfx_read_tsc+0x10/0x10 [ 108.272112] ? ktime_get_ts64+0x86/0x230 [ 108.272549] kunit_try_run_case+0x1a5/0x480 [ 108.273037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.273630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.274209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.274826] ? __kthread_parkme+0x82/0x180 [ 108.275105] ? preempt_count_sub+0x50/0x80 [ 108.275257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.275425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.275602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.275797] kthread+0x337/0x6f0 [ 108.275925] ? trace_preempt_on+0x20/0xc0 [ 108.276072] ? __pfx_kthread+0x10/0x10 [ 108.276208] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.276474] ? calculate_sigpending+0x7b/0xa0 [ 108.277189] ? __pfx_kthread+0x10/0x10 [ 108.277755] ret_from_fork+0x116/0x1d0 [ 108.278203] ? __pfx_kthread+0x10/0x10 [ 108.278608] ret_from_fork_asm+0x1a/0x30 [ 108.279101] </TASK> [ 108.279375] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2: Failure
Automatically assigned
------------[ cut here ]------------ [ 108.207601] WARNING: CPU: 1 PID: 704 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.207980] Modules linked in: [ 108.208370] CPU: 1 UID: 0 PID: 704 Comm: kunit_try_catch Tainted: G B D N 6.15.0-rc7-next-20250526 #1 PREEMPT(voluntary) [ 108.208903] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.209219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.209602] RIP: 0010:intlog2+0xdf/0x110 [ 108.209835] Code: 69 a7 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 6f 34 52 ff 8b 45 e4 eb [ 108.211523] RSP: 0000:ffff8881061ffcb0 EFLAGS: 00010246 [ 108.212318] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11020c3ffb4 [ 108.212558] RDX: 1ffffffff4ed3df8 RSI: 1ffff11020c3ffb3 RDI: 0000000000000000 [ 108.212812] RBP: ffff8881061ffd60 R08: 0000000000000000 R09: ffffed10202de900 [ 108.213026] R10: ffff8881016f4807 R11: 0000000000000000 R12: 1ffff11020c3ff97 [ 108.213240] R13: ffffffffa769efc0 R14: 0000000000000000 R15: ffff8881061ffd38 [ 108.213467] FS: 0000000000000000(0000) GS:ffff8881ab15b000(0000) knlGS:0000000000000000 [ 108.213705] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.213883] CR2: ffff88815410a000 CR3: 000000016b8bc000 CR4: 00000000000006f0 [ 108.214101] DR0: ffffffffa9869404 DR1: ffffffffa9869409 DR2: ffffffffa986940a [ 108.214315] DR3: ffffffffa986940b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.215599] Call Trace: [ 108.216255] <TASK> [ 108.216702] ? intlog2_test+0xf2/0x220 [ 108.217378] ? __pfx_intlog2_test+0x10/0x10 [ 108.218020] ? __schedule+0x10cc/0x2b60 [ 108.218610] ? __pfx_read_tsc+0x10/0x10 [ 108.219208] ? ktime_get_ts64+0x86/0x230 [ 108.219890] kunit_try_run_case+0x1a5/0x480 [ 108.220614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.221341] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.222182] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.222775] ? __kthread_parkme+0x82/0x180 [ 108.223410] ? preempt_count_sub+0x50/0x80 [ 108.224204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.224887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.225647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.226556] kthread+0x337/0x6f0 [ 108.227112] ? trace_preempt_on+0x20/0xc0 [ 108.227680] ? __pfx_kthread+0x10/0x10 [ 108.228261] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.228923] ? calculate_sigpending+0x7b/0xa0 [ 108.229590] ? __pfx_kthread+0x10/0x10 [ 108.229910] ret_from_fork+0x116/0x1d0 [ 108.230316] ? __pfx_kthread+0x10/0x10 [ 108.230926] ret_from_fork_asm+0x1a/0x30 [ 108.231502] </TASK> [ 108.231635] ---[ end trace 0000000000000000 ]---
Failure - kunit - lib_ratelimit_lib_ratelimit
KNOWN ISSUE - kunit/lib_ratelimit_lib_ratelimit: Failure
Automatically assigned
<8>[ 259.938388] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_lib_ratelimit RESULT=fail>
Failure - kunit - lib_ratelimit_test_ratelimit_smoke
KNOWN ISSUE - kunit/lib_ratelimit_test_ratelimit_smoke: Failure
Automatically assigned
<8>[ 259.756061] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_test_ratelimit_smoke RESULT=fail>