Date
May 29, 2025, 7:10 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
Automatically assigned
[ 11.458669] ================================================================== [ 11.459459] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.459829] Read of size 8 at addr ffff8881028a3740 by task kunit_try_catch/217 [ 11.460113] [ 11.460221] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.460268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.460280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.460309] Call Trace: [ 11.460321] <TASK> [ 11.460336] dump_stack_lvl+0x73/0xb0 [ 11.460362] print_report+0xd1/0x650 [ 11.460384] ? __virt_addr_valid+0x1db/0x2d0 [ 11.460406] ? workqueue_uaf+0x4d6/0x560 [ 11.460428] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.460450] ? workqueue_uaf+0x4d6/0x560 [ 11.460472] kasan_report+0x141/0x180 [ 11.460494] ? workqueue_uaf+0x4d6/0x560 [ 11.460520] __asan_report_load8_noabort+0x18/0x20 [ 11.460541] workqueue_uaf+0x4d6/0x560 [ 11.460563] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.460585] ? __schedule+0x10cc/0x2b60 [ 11.461012] ? __pfx_read_tsc+0x10/0x10 [ 11.461054] ? ktime_get_ts64+0x86/0x230 [ 11.461084] kunit_try_run_case+0x1a5/0x480 [ 11.461378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.461430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.461454] ? __kthread_parkme+0x82/0x180 [ 11.461474] ? preempt_count_sub+0x50/0x80 [ 11.461498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.461542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.461566] kthread+0x337/0x6f0 [ 11.461585] ? trace_preempt_on+0x20/0xc0 [ 11.461622] ? __pfx_kthread+0x10/0x10 [ 11.461643] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.461665] ? calculate_sigpending+0x7b/0xa0 [ 11.461688] ? __pfx_kthread+0x10/0x10 [ 11.461710] ret_from_fork+0x116/0x1d0 [ 11.461727] ? __pfx_kthread+0x10/0x10 [ 11.461754] ret_from_fork_asm+0x1a/0x30 [ 11.461784] </TASK> [ 11.461795] [ 11.472184] Allocated by task 217: [ 11.472335] kasan_save_stack+0x45/0x70 [ 11.472679] kasan_save_track+0x18/0x40 [ 11.472923] kasan_save_alloc_info+0x3b/0x50 [ 11.473215] __kasan_kmalloc+0xb7/0xc0 [ 11.473474] __kmalloc_cache_noprof+0x189/0x420 [ 11.473715] workqueue_uaf+0x152/0x560 [ 11.474068] kunit_try_run_case+0x1a5/0x480 [ 11.474230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.474487] kthread+0x337/0x6f0 [ 11.474801] ret_from_fork+0x116/0x1d0 [ 11.475029] ret_from_fork_asm+0x1a/0x30 [ 11.475224] [ 11.475331] Freed by task 44: [ 11.475473] kasan_save_stack+0x45/0x70 [ 11.475667] kasan_save_track+0x18/0x40 [ 11.476227] kasan_save_free_info+0x3f/0x60 [ 11.476394] __kasan_slab_free+0x56/0x70 [ 11.476738] kfree+0x222/0x3f0 [ 11.477042] workqueue_uaf_work+0x12/0x20 [ 11.477222] process_one_work+0x5ee/0xf60 [ 11.477557] worker_thread+0x758/0x1220 [ 11.477888] kthread+0x337/0x6f0 [ 11.478136] ret_from_fork+0x116/0x1d0 [ 11.478452] ret_from_fork_asm+0x1a/0x30 [ 11.478656] [ 11.478972] Last potentially related work creation: [ 11.479219] kasan_save_stack+0x45/0x70 [ 11.479412] kasan_record_aux_stack+0xb2/0xc0 [ 11.479628] __queue_work+0x626/0xeb0 [ 11.480090] queue_work_on+0xb6/0xc0 [ 11.480267] workqueue_uaf+0x26d/0x560 [ 11.480417] kunit_try_run_case+0x1a5/0x480 [ 11.480645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.481058] kthread+0x337/0x6f0 [ 11.481321] ret_from_fork+0x116/0x1d0 [ 11.481651] ret_from_fork_asm+0x1a/0x30 [ 11.481990] [ 11.482163] The buggy address belongs to the object at ffff8881028a3740 [ 11.482163] which belongs to the cache kmalloc-32 of size 32 [ 11.482705] The buggy address is located 0 bytes inside of [ 11.482705] freed 32-byte region [ffff8881028a3740, ffff8881028a3760) [ 11.483656] [ 11.483821] The buggy address belongs to the physical page: [ 11.484284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a3 [ 11.484890] flags: 0x200000000000000(node=0|zone=2) [ 11.485232] page_type: f5(slab) [ 11.485416] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.485732] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.486426] page dumped because: kasan: bad access detected [ 11.486852] [ 11.487045] Memory state around the buggy address: [ 11.487306] ffff8881028a3600: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.487804] ffff8881028a3680: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.488155] >ffff8881028a3700: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.488586] ^ [ 11.489014] ffff8881028a3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.489472] ffff8881028a3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.490062] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
Automatically assigned
[ 11.415872] ================================================================== [ 11.416572] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.417262] Read of size 4 at addr ffff8881028a3680 by task swapper/1/0 [ 11.417784] [ 11.418049] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.418106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.418119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.418142] Call Trace: [ 11.418207] <IRQ> [ 11.418231] dump_stack_lvl+0x73/0xb0 [ 11.418265] print_report+0xd1/0x650 [ 11.418288] ? __virt_addr_valid+0x1db/0x2d0 [ 11.418313] ? rcu_uaf_reclaim+0x50/0x60 [ 11.418333] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.418355] ? rcu_uaf_reclaim+0x50/0x60 [ 11.418376] kasan_report+0x141/0x180 [ 11.418398] ? rcu_uaf_reclaim+0x50/0x60 [ 11.418424] __asan_report_load4_noabort+0x18/0x20 [ 11.418445] rcu_uaf_reclaim+0x50/0x60 [ 11.418467] rcu_core+0x66f/0x1c40 [ 11.418496] ? __pfx_rcu_core+0x10/0x10 [ 11.418518] ? ktime_get+0x6b/0x150 [ 11.418547] ? handle_softirqs+0x18e/0x730 [ 11.418572] rcu_core_si+0x12/0x20 [ 11.418593] handle_softirqs+0x209/0x730 [ 11.418624] ? hrtimer_interrupt+0x2fe/0x780 [ 11.418646] ? __pfx_handle_softirqs+0x10/0x10 [ 11.418672] __irq_exit_rcu+0xc9/0x110 [ 11.418692] irq_exit_rcu+0x12/0x20 [ 11.418711] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.418738] </IRQ> [ 11.418768] <TASK> [ 11.418780] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.418870] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.419076] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 a8 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.419166] RSP: 0000:ffff88810087fdc8 EFLAGS: 00010216 [ 11.419258] RAX: ffff8881c975b000 RBX: ffff88810085b000 RCX: ffffffff88ab1245 [ 11.419305] RDX: ffffed102a8e618b RSI: 0000000000000004 RDI: 000000000001ce7c [ 11.419348] RBP: ffff88810087fdd0 R08: 0000000000000001 R09: ffffed102a8e618a [ 11.419389] R10: ffff888154730c53 R11: 0000000000012800 R12: 0000000000000001 [ 11.419431] R13: ffffed102010b600 R14: ffffffff8a7c3190 R15: 0000000000000000 [ 11.419489] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.419539] ? default_idle+0xd/0x20 [ 11.419559] arch_cpu_idle+0xd/0x20 [ 11.419577] default_idle_call+0x48/0x80 [ 11.419597] do_idle+0x379/0x4f0 [ 11.419628] ? complete+0x15b/0x1d0 [ 11.419647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.419673] ? __pfx_do_idle+0x10/0x10 [ 11.419690] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 11.419714] ? complete+0x15b/0x1d0 [ 11.419735] cpu_startup_entry+0x5c/0x70 [ 11.419755] start_secondary+0x211/0x290 [ 11.419777] ? __pfx_start_secondary+0x10/0x10 [ 11.419803] common_startup_64+0x13e/0x148 [ 11.419836] </TASK> [ 11.419847] [ 11.434067] Allocated by task 215: [ 11.434363] kasan_save_stack+0x45/0x70 [ 11.434780] kasan_save_track+0x18/0x40 [ 11.435083] kasan_save_alloc_info+0x3b/0x50 [ 11.435300] __kasan_kmalloc+0xb7/0xc0 [ 11.435484] __kmalloc_cache_noprof+0x189/0x420 [ 11.435702] rcu_uaf+0xb0/0x330 [ 11.436121] kunit_try_run_case+0x1a5/0x480 [ 11.436538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.437006] kthread+0x337/0x6f0 [ 11.437311] ret_from_fork+0x116/0x1d0 [ 11.437509] ret_from_fork_asm+0x1a/0x30 [ 11.437709] [ 11.438047] Freed by task 0: [ 11.438263] kasan_save_stack+0x45/0x70 [ 11.438597] kasan_save_track+0x18/0x40 [ 11.439136] kasan_save_free_info+0x3f/0x60 [ 11.439347] __kasan_slab_free+0x56/0x70 [ 11.439532] kfree+0x222/0x3f0 [ 11.439690] rcu_uaf_reclaim+0x1f/0x60 [ 11.440137] rcu_core+0x66f/0x1c40 [ 11.440438] rcu_core_si+0x12/0x20 [ 11.440735] handle_softirqs+0x209/0x730 [ 11.441139] __irq_exit_rcu+0xc9/0x110 [ 11.441324] irq_exit_rcu+0x12/0x20 [ 11.441487] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.441716] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.442294] [ 11.442550] Last potentially related work creation: [ 11.442891] kasan_save_stack+0x45/0x70 [ 11.443237] kasan_record_aux_stack+0xb2/0xc0 [ 11.443443] __call_rcu_common.constprop.0+0x72/0x9d0 [ 11.443667] call_rcu+0x12/0x20 [ 11.444097] rcu_uaf+0x168/0x330 [ 11.444325] kunit_try_run_case+0x1a5/0x480 [ 11.444675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.445135] kthread+0x337/0x6f0 [ 11.445314] ret_from_fork+0x116/0x1d0 [ 11.445487] ret_from_fork_asm+0x1a/0x30 [ 11.445692] [ 11.446071] The buggy address belongs to the object at ffff8881028a3680 [ 11.446071] which belongs to the cache kmalloc-32 of size 32 [ 11.446889] The buggy address is located 0 bytes inside of [ 11.446889] freed 32-byte region [ffff8881028a3680, ffff8881028a36a0) [ 11.447365] [ 11.447460] The buggy address belongs to the physical page: [ 11.447707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a3 [ 11.448451] flags: 0x200000000000000(node=0|zone=2) [ 11.448929] page_type: f5(slab) [ 11.449245] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.449806] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.450267] page dumped because: kasan: bad access detected [ 11.450489] [ 11.450578] Memory state around the buggy address: [ 11.451061] ffff8881028a3580: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 11.451511] ffff8881028a3600: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.452270] >ffff8881028a3680: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 11.452566] ^ [ 11.452737] ffff8881028a3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.453312] ffff8881028a3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.453903] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
Automatically assigned
[ 11.357051] ================================================================== [ 11.357406] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.357680] Read of size 1 at addr ffff888102f96200 by task kunit_try_catch/213 [ 11.358065] [ 11.358205] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.358252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.358263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.358284] Call Trace: [ 11.358295] <TASK> [ 11.358309] dump_stack_lvl+0x73/0xb0 [ 11.358354] print_report+0xd1/0x650 [ 11.358376] ? __virt_addr_valid+0x1db/0x2d0 [ 11.358398] ? ksize_uaf+0x5fe/0x6c0 [ 11.358418] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.358440] ? ksize_uaf+0x5fe/0x6c0 [ 11.358461] kasan_report+0x141/0x180 [ 11.358484] ? ksize_uaf+0x5fe/0x6c0 [ 11.358527] __asan_report_load1_noabort+0x18/0x20 [ 11.358556] ksize_uaf+0x5fe/0x6c0 [ 11.358577] ? __pfx_ksize_uaf+0x10/0x10 [ 11.358600] ? __schedule+0x10cc/0x2b60 [ 11.358634] ? __pfx_read_tsc+0x10/0x10 [ 11.358654] ? ktime_get_ts64+0x86/0x230 [ 11.358678] kunit_try_run_case+0x1a5/0x480 [ 11.358700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.358719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.358956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.358986] ? __kthread_parkme+0x82/0x180 [ 11.359007] ? preempt_count_sub+0x50/0x80 [ 11.359031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.359073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.359098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.359122] kthread+0x337/0x6f0 [ 11.359141] ? trace_preempt_on+0x20/0xc0 [ 11.359164] ? __pfx_kthread+0x10/0x10 [ 11.359184] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.359207] ? calculate_sigpending+0x7b/0xa0 [ 11.359230] ? __pfx_kthread+0x10/0x10 [ 11.359252] ret_from_fork+0x116/0x1d0 [ 11.359270] ? __pfx_kthread+0x10/0x10 [ 11.359290] ret_from_fork_asm+0x1a/0x30 [ 11.359319] </TASK> [ 11.359330] [ 11.366689] Allocated by task 213: [ 11.367087] kasan_save_stack+0x45/0x70 [ 11.367299] kasan_save_track+0x18/0x40 [ 11.367487] kasan_save_alloc_info+0x3b/0x50 [ 11.367682] __kasan_kmalloc+0xb7/0xc0 [ 11.367853] __kmalloc_cache_noprof+0x189/0x420 [ 11.368057] ksize_uaf+0xaa/0x6c0 [ 11.368182] kunit_try_run_case+0x1a5/0x480 [ 11.368348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.368605] kthread+0x337/0x6f0 [ 11.368947] ret_from_fork+0x116/0x1d0 [ 11.369087] ret_from_fork_asm+0x1a/0x30 [ 11.369230] [ 11.369304] Freed by task 213: [ 11.369418] kasan_save_stack+0x45/0x70 [ 11.369569] kasan_save_track+0x18/0x40 [ 11.369872] kasan_save_free_info+0x3f/0x60 [ 11.370090] __kasan_slab_free+0x56/0x70 [ 11.370290] kfree+0x222/0x3f0 [ 11.370474] ksize_uaf+0x12c/0x6c0 [ 11.370692] kunit_try_run_case+0x1a5/0x480 [ 11.371182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.371479] kthread+0x337/0x6f0 [ 11.371677] ret_from_fork+0x116/0x1d0 [ 11.371940] ret_from_fork_asm+0x1a/0x30 [ 11.372090] [ 11.372165] The buggy address belongs to the object at ffff888102f96200 [ 11.372165] which belongs to the cache kmalloc-128 of size 128 [ 11.372809] The buggy address is located 0 bytes inside of [ 11.372809] freed 128-byte region [ffff888102f96200, ffff888102f96280) [ 11.373286] [ 11.373363] The buggy address belongs to the physical page: [ 11.373629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 11.374080] flags: 0x200000000000000(node=0|zone=2) [ 11.374328] page_type: f5(slab) [ 11.374511] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.375077] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.375383] page dumped because: kasan: bad access detected [ 11.375673] [ 11.375865] Memory state around the buggy address: [ 11.376087] ffff888102f96100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.376377] ffff888102f96180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.376671] >ffff888102f96200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.377087] ^ [ 11.377267] ffff888102f96280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.377588] ffff888102f96300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.377997] ================================================================== [ 11.329548] ================================================================== [ 11.329981] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.330200] Read of size 1 at addr ffff888102f96200 by task kunit_try_catch/213 [ 11.330424] [ 11.330512] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.330564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.330576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.330597] Call Trace: [ 11.330607] <TASK> [ 11.330634] dump_stack_lvl+0x73/0xb0 [ 11.330659] print_report+0xd1/0x650 [ 11.330681] ? __virt_addr_valid+0x1db/0x2d0 [ 11.330702] ? ksize_uaf+0x19d/0x6c0 [ 11.330723] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.330745] ? ksize_uaf+0x19d/0x6c0 [ 11.330765] kasan_report+0x141/0x180 [ 11.330787] ? ksize_uaf+0x19d/0x6c0 [ 11.330811] ? ksize_uaf+0x19d/0x6c0 [ 11.330832] __kasan_check_byte+0x3d/0x50 [ 11.330853] ksize+0x20/0x60 [ 11.330874] ksize_uaf+0x19d/0x6c0 [ 11.330895] ? __pfx_ksize_uaf+0x10/0x10 [ 11.330916] ? __schedule+0x10cc/0x2b60 [ 11.330938] ? __pfx_read_tsc+0x10/0x10 [ 11.330958] ? ktime_get_ts64+0x86/0x230 [ 11.330982] kunit_try_run_case+0x1a5/0x480 [ 11.331002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.331021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.331044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.331068] ? __kthread_parkme+0x82/0x180 [ 11.331088] ? preempt_count_sub+0x50/0x80 [ 11.331111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.331131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.331154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.331178] kthread+0x337/0x6f0 [ 11.331196] ? trace_preempt_on+0x20/0xc0 [ 11.331218] ? __pfx_kthread+0x10/0x10 [ 11.331238] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.331260] ? calculate_sigpending+0x7b/0xa0 [ 11.331283] ? __pfx_kthread+0x10/0x10 [ 11.331304] ret_from_fork+0x116/0x1d0 [ 11.331322] ? __pfx_kthread+0x10/0x10 [ 11.331342] ret_from_fork_asm+0x1a/0x30 [ 11.331371] </TASK> [ 11.331380] [ 11.343639] Allocated by task 213: [ 11.344116] kasan_save_stack+0x45/0x70 [ 11.344337] kasan_save_track+0x18/0x40 [ 11.344735] kasan_save_alloc_info+0x3b/0x50 [ 11.345116] __kasan_kmalloc+0xb7/0xc0 [ 11.345315] __kmalloc_cache_noprof+0x189/0x420 [ 11.345534] ksize_uaf+0xaa/0x6c0 [ 11.345721] kunit_try_run_case+0x1a5/0x480 [ 11.346194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.346522] kthread+0x337/0x6f0 [ 11.346882] ret_from_fork+0x116/0x1d0 [ 11.347218] ret_from_fork_asm+0x1a/0x30 [ 11.347437] [ 11.347537] Freed by task 213: [ 11.347710] kasan_save_stack+0x45/0x70 [ 11.347994] kasan_save_track+0x18/0x40 [ 11.348147] kasan_save_free_info+0x3f/0x60 [ 11.348433] __kasan_slab_free+0x56/0x70 [ 11.348655] kfree+0x222/0x3f0 [ 11.348828] ksize_uaf+0x12c/0x6c0 [ 11.349110] kunit_try_run_case+0x1a5/0x480 [ 11.349269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.349518] kthread+0x337/0x6f0 [ 11.349724] ret_from_fork+0x116/0x1d0 [ 11.350018] ret_from_fork_asm+0x1a/0x30 [ 11.350231] [ 11.350319] The buggy address belongs to the object at ffff888102f96200 [ 11.350319] which belongs to the cache kmalloc-128 of size 128 [ 11.351075] The buggy address is located 0 bytes inside of [ 11.351075] freed 128-byte region [ffff888102f96200, ffff888102f96280) [ 11.351538] [ 11.351679] The buggy address belongs to the physical page: [ 11.352006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 11.352360] flags: 0x200000000000000(node=0|zone=2) [ 11.352630] page_type: f5(slab) [ 11.352861] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.353211] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.353509] page dumped because: kasan: bad access detected [ 11.353716] [ 11.353918] Memory state around the buggy address: [ 11.354148] ffff888102f96100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.354436] ffff888102f96180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.354999] >ffff888102f96200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.355259] ^ [ 11.355447] ffff888102f96280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.355861] ffff888102f96300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.356163] ================================================================== [ 11.378438] ================================================================== [ 11.378943] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.379288] Read of size 1 at addr ffff888102f96278 by task kunit_try_catch/213 [ 11.379548] [ 11.379668] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.379711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.379722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.379859] Call Trace: [ 11.379875] <TASK> [ 11.379889] dump_stack_lvl+0x73/0xb0 [ 11.379915] print_report+0xd1/0x650 [ 11.379936] ? __virt_addr_valid+0x1db/0x2d0 [ 11.379959] ? ksize_uaf+0x5e4/0x6c0 [ 11.379979] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.380002] ? ksize_uaf+0x5e4/0x6c0 [ 11.380023] kasan_report+0x141/0x180 [ 11.380045] ? ksize_uaf+0x5e4/0x6c0 [ 11.380092] __asan_report_load1_noabort+0x18/0x20 [ 11.380114] ksize_uaf+0x5e4/0x6c0 [ 11.380135] ? __pfx_ksize_uaf+0x10/0x10 [ 11.380158] ? __schedule+0x10cc/0x2b60 [ 11.380181] ? __pfx_read_tsc+0x10/0x10 [ 11.380202] ? ktime_get_ts64+0x86/0x230 [ 11.380244] kunit_try_run_case+0x1a5/0x480 [ 11.380265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.380285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.380310] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.380335] ? __kthread_parkme+0x82/0x180 [ 11.380355] ? preempt_count_sub+0x50/0x80 [ 11.380379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.380400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.380424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.380448] kthread+0x337/0x6f0 [ 11.380467] ? trace_preempt_on+0x20/0xc0 [ 11.380489] ? __pfx_kthread+0x10/0x10 [ 11.380511] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.380534] ? calculate_sigpending+0x7b/0xa0 [ 11.380556] ? __pfx_kthread+0x10/0x10 [ 11.380597] ret_from_fork+0x116/0x1d0 [ 11.380624] ? __pfx_kthread+0x10/0x10 [ 11.380645] ret_from_fork_asm+0x1a/0x30 [ 11.380674] </TASK> [ 11.380684] [ 11.388450] Allocated by task 213: [ 11.388635] kasan_save_stack+0x45/0x70 [ 11.388940] kasan_save_track+0x18/0x40 [ 11.389167] kasan_save_alloc_info+0x3b/0x50 [ 11.389380] __kasan_kmalloc+0xb7/0xc0 [ 11.389591] __kmalloc_cache_noprof+0x189/0x420 [ 11.389843] ksize_uaf+0xaa/0x6c0 [ 11.390049] kunit_try_run_case+0x1a5/0x480 [ 11.390259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.390517] kthread+0x337/0x6f0 [ 11.390677] ret_from_fork+0x116/0x1d0 [ 11.391244] ret_from_fork_asm+0x1a/0x30 [ 11.391446] [ 11.391538] Freed by task 213: [ 11.392304] kasan_save_stack+0x45/0x70 [ 11.392497] kasan_save_track+0x18/0x40 [ 11.392674] kasan_save_free_info+0x3f/0x60 [ 11.393119] __kasan_slab_free+0x56/0x70 [ 11.393320] kfree+0x222/0x3f0 [ 11.393473] ksize_uaf+0x12c/0x6c0 [ 11.393650] kunit_try_run_case+0x1a5/0x480 [ 11.394291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.395086] kthread+0x337/0x6f0 [ 11.395334] ret_from_fork+0x116/0x1d0 [ 11.395668] ret_from_fork_asm+0x1a/0x30 [ 11.396172] [ 11.396444] The buggy address belongs to the object at ffff888102f96200 [ 11.396444] which belongs to the cache kmalloc-128 of size 128 [ 11.397235] The buggy address is located 120 bytes inside of [ 11.397235] freed 128-byte region [ffff888102f96200, ffff888102f96280) [ 11.398071] [ 11.398313] The buggy address belongs to the physical page: [ 11.398704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 11.399240] flags: 0x200000000000000(node=0|zone=2) [ 11.399460] page_type: f5(slab) [ 11.399630] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.400506] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.401131] page dumped because: kasan: bad access detected [ 11.401656] [ 11.401937] Memory state around the buggy address: [ 11.402294] ffff888102f96100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.402620] ffff888102f96180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.403432] >ffff888102f96200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.404202] ^ [ 11.404507] ffff888102f96280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.405174] ffff888102f96300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.405634] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
Automatically assigned
[ 11.301548] ================================================================== [ 11.302251] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.302584] Read of size 1 at addr ffff888102f9617f by task kunit_try_catch/211 [ 11.303065] [ 11.303164] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.303209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.303221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.303241] Call Trace: [ 11.303255] <TASK> [ 11.303270] dump_stack_lvl+0x73/0xb0 [ 11.303295] print_report+0xd1/0x650 [ 11.303318] ? __virt_addr_valid+0x1db/0x2d0 [ 11.303539] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.303563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.303585] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.303620] kasan_report+0x141/0x180 [ 11.303643] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.303671] __asan_report_load1_noabort+0x18/0x20 [ 11.303691] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.303715] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.303738] ? finish_task_switch.isra.0+0x153/0x700 [ 11.303823] ? __switch_to+0x47/0xf50 [ 11.303848] ? __schedule+0x10cc/0x2b60 [ 11.303871] ? __pfx_read_tsc+0x10/0x10 [ 11.303893] ? ktime_get_ts64+0x86/0x230 [ 11.303917] kunit_try_run_case+0x1a5/0x480 [ 11.303939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.303959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.303982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.304006] ? __kthread_parkme+0x82/0x180 [ 11.304027] ? preempt_count_sub+0x50/0x80 [ 11.304049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.304070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.304093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.304118] kthread+0x337/0x6f0 [ 11.304137] ? trace_preempt_on+0x20/0xc0 [ 11.304159] ? __pfx_kthread+0x10/0x10 [ 11.304180] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.304202] ? calculate_sigpending+0x7b/0xa0 [ 11.304225] ? __pfx_kthread+0x10/0x10 [ 11.304246] ret_from_fork+0x116/0x1d0 [ 11.304264] ? __pfx_kthread+0x10/0x10 [ 11.304285] ret_from_fork_asm+0x1a/0x30 [ 11.304315] </TASK> [ 11.304325] [ 11.314687] Allocated by task 211: [ 11.315157] kasan_save_stack+0x45/0x70 [ 11.315353] kasan_save_track+0x18/0x40 [ 11.315551] kasan_save_alloc_info+0x3b/0x50 [ 11.315760] __kasan_kmalloc+0xb7/0xc0 [ 11.316205] __kmalloc_cache_noprof+0x189/0x420 [ 11.316433] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.316654] kunit_try_run_case+0x1a5/0x480 [ 11.317268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.317547] kthread+0x337/0x6f0 [ 11.317728] ret_from_fork+0x116/0x1d0 [ 11.317910] ret_from_fork_asm+0x1a/0x30 [ 11.318201] [ 11.318291] The buggy address belongs to the object at ffff888102f96100 [ 11.318291] which belongs to the cache kmalloc-128 of size 128 [ 11.318808] The buggy address is located 12 bytes to the right of [ 11.318808] allocated 115-byte region [ffff888102f96100, ffff888102f96173) [ 11.319724] [ 11.319885] The buggy address belongs to the physical page: [ 11.320477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 11.321111] flags: 0x200000000000000(node=0|zone=2) [ 11.321338] page_type: f5(slab) [ 11.321680] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.322164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.322507] page dumped because: kasan: bad access detected [ 11.322766] [ 11.322846] Memory state around the buggy address: [ 11.323503] ffff888102f96000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.323935] ffff888102f96080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.324418] >ffff888102f96100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.324964] ^ [ 11.325302] ffff888102f96180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.325620] ffff888102f96200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.325941] ================================================================== [ 11.244931] ================================================================== [ 11.245593] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.246133] Read of size 1 at addr ffff888102f96173 by task kunit_try_catch/211 [ 11.246539] [ 11.246942] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.247013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.247026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.247046] Call Trace: [ 11.247058] <TASK> [ 11.247073] dump_stack_lvl+0x73/0xb0 [ 11.247100] print_report+0xd1/0x650 [ 11.247122] ? __virt_addr_valid+0x1db/0x2d0 [ 11.247143] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.247166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.247189] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.247212] kasan_report+0x141/0x180 [ 11.247234] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.247263] __asan_report_load1_noabort+0x18/0x20 [ 11.247283] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.247307] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.247330] ? finish_task_switch.isra.0+0x153/0x700 [ 11.247352] ? __switch_to+0x47/0xf50 [ 11.247378] ? __schedule+0x10cc/0x2b60 [ 11.247401] ? __pfx_read_tsc+0x10/0x10 [ 11.247421] ? ktime_get_ts64+0x86/0x230 [ 11.247446] kunit_try_run_case+0x1a5/0x480 [ 11.247466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.247486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.247510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.247534] ? __kthread_parkme+0x82/0x180 [ 11.247554] ? preempt_count_sub+0x50/0x80 [ 11.247576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.247597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.247635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.247659] kthread+0x337/0x6f0 [ 11.247678] ? trace_preempt_on+0x20/0xc0 [ 11.247701] ? __pfx_kthread+0x10/0x10 [ 11.247721] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.247744] ? calculate_sigpending+0x7b/0xa0 [ 11.247767] ? __pfx_kthread+0x10/0x10 [ 11.247789] ret_from_fork+0x116/0x1d0 [ 11.247806] ? __pfx_kthread+0x10/0x10 [ 11.247890] ret_from_fork_asm+0x1a/0x30 [ 11.247924] </TASK> [ 11.247934] [ 11.261910] Allocated by task 211: [ 11.262295] kasan_save_stack+0x45/0x70 [ 11.262697] kasan_save_track+0x18/0x40 [ 11.263024] kasan_save_alloc_info+0x3b/0x50 [ 11.263178] __kasan_kmalloc+0xb7/0xc0 [ 11.263316] __kmalloc_cache_noprof+0x189/0x420 [ 11.263475] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.263641] kunit_try_run_case+0x1a5/0x480 [ 11.263861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.264377] kthread+0x337/0x6f0 [ 11.264725] ret_from_fork+0x116/0x1d0 [ 11.265377] ret_from_fork_asm+0x1a/0x30 [ 11.265852] [ 11.266029] The buggy address belongs to the object at ffff888102f96100 [ 11.266029] which belongs to the cache kmalloc-128 of size 128 [ 11.267260] The buggy address is located 0 bytes to the right of [ 11.267260] allocated 115-byte region [ffff888102f96100, ffff888102f96173) [ 11.268475] [ 11.268665] The buggy address belongs to the physical page: [ 11.269250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 11.269508] flags: 0x200000000000000(node=0|zone=2) [ 11.269699] page_type: f5(slab) [ 11.269846] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.270602] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.271062] page dumped because: kasan: bad access detected [ 11.271308] [ 11.271405] Memory state around the buggy address: [ 11.271621] ffff888102f96000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.272226] ffff888102f96080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.272496] >ffff888102f96100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.273217] ^ [ 11.273691] ffff888102f96180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.274182] ffff888102f96200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.274655] ================================================================== [ 11.276033] ================================================================== [ 11.276358] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.276770] Read of size 1 at addr ffff888102f96178 by task kunit_try_catch/211 [ 11.277307] [ 11.277564] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.277624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.277636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.277657] Call Trace: [ 11.277670] <TASK> [ 11.277687] dump_stack_lvl+0x73/0xb0 [ 11.277715] print_report+0xd1/0x650 [ 11.277737] ? __virt_addr_valid+0x1db/0x2d0 [ 11.277938] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.277966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.277990] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.278015] kasan_report+0x141/0x180 [ 11.278038] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.278066] __asan_report_load1_noabort+0x18/0x20 [ 11.278087] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.278111] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.278134] ? finish_task_switch.isra.0+0x153/0x700 [ 11.278157] ? __switch_to+0x47/0xf50 [ 11.278183] ? __schedule+0x10cc/0x2b60 [ 11.278207] ? __pfx_read_tsc+0x10/0x10 [ 11.278229] ? ktime_get_ts64+0x86/0x230 [ 11.278253] kunit_try_run_case+0x1a5/0x480 [ 11.278276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.278296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.278320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.278344] ? __kthread_parkme+0x82/0x180 [ 11.278364] ? preempt_count_sub+0x50/0x80 [ 11.278386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.278406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.278430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.278454] kthread+0x337/0x6f0 [ 11.278473] ? trace_preempt_on+0x20/0xc0 [ 11.278496] ? __pfx_kthread+0x10/0x10 [ 11.278516] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.278543] ? calculate_sigpending+0x7b/0xa0 [ 11.278567] ? __pfx_kthread+0x10/0x10 [ 11.278588] ret_from_fork+0x116/0x1d0 [ 11.278605] ? __pfx_kthread+0x10/0x10 [ 11.278635] ret_from_fork_asm+0x1a/0x30 [ 11.278666] </TASK> [ 11.278676] [ 11.289740] Allocated by task 211: [ 11.290237] kasan_save_stack+0x45/0x70 [ 11.290450] kasan_save_track+0x18/0x40 [ 11.290657] kasan_save_alloc_info+0x3b/0x50 [ 11.291088] __kasan_kmalloc+0xb7/0xc0 [ 11.291276] __kmalloc_cache_noprof+0x189/0x420 [ 11.291595] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.291852] kunit_try_run_case+0x1a5/0x480 [ 11.292249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.292514] kthread+0x337/0x6f0 [ 11.292696] ret_from_fork+0x116/0x1d0 [ 11.293240] ret_from_fork_asm+0x1a/0x30 [ 11.293460] [ 11.293543] The buggy address belongs to the object at ffff888102f96100 [ 11.293543] which belongs to the cache kmalloc-128 of size 128 [ 11.294305] The buggy address is located 5 bytes to the right of [ 11.294305] allocated 115-byte region [ffff888102f96100, ffff888102f96173) [ 11.295164] [ 11.295259] The buggy address belongs to the physical page: [ 11.295500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 11.296089] flags: 0x200000000000000(node=0|zone=2) [ 11.296320] page_type: f5(slab) [ 11.296485] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.297220] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.297532] page dumped because: kasan: bad access detected [ 11.297788] [ 11.298037] Memory state around the buggy address: [ 11.298233] ffff888102f96000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.298548] ffff888102f96080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.299126] >ffff888102f96100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.299508] ^ [ 11.299985] ffff888102f96180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.300378] ffff888102f96200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.300734] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive: Failure
Automatically assigned
[ 11.219319] ================================================================== [ 11.219659] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.220061] Free of addr ffff888101c55fc0 by task kunit_try_catch/209 [ 11.220317] [ 11.220430] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.220474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.220485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.220505] Call Trace: [ 11.220517] <TASK> [ 11.220531] dump_stack_lvl+0x73/0xb0 [ 11.220557] print_report+0xd1/0x650 [ 11.220580] ? __virt_addr_valid+0x1db/0x2d0 [ 11.220603] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.220637] ? kfree_sensitive+0x2e/0x90 [ 11.220658] kasan_report_invalid_free+0x10a/0x130 [ 11.220682] ? kfree_sensitive+0x2e/0x90 [ 11.220704] ? kfree_sensitive+0x2e/0x90 [ 11.220724] check_slab_allocation+0x101/0x130 [ 11.220829] __kasan_slab_pre_free+0x28/0x40 [ 11.220853] kfree+0xf0/0x3f0 [ 11.220872] ? kfree_sensitive+0x2e/0x90 [ 11.220894] kfree_sensitive+0x2e/0x90 [ 11.220914] kmalloc_double_kzfree+0x19c/0x350 [ 11.220938] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.220965] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.220992] ? __pfx_read_tsc+0x10/0x10 [ 11.221013] ? ktime_get_ts64+0x86/0x230 [ 11.221036] kunit_try_run_case+0x1a5/0x480 [ 11.221057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.221077] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 11.221101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.221125] ? __kthread_parkme+0x82/0x180 [ 11.221145] ? preempt_count_sub+0x50/0x80 [ 11.221168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.221189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.221213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.221237] kthread+0x337/0x6f0 [ 11.221256] ? trace_preempt_on+0x20/0xc0 [ 11.221279] ? __pfx_kthread+0x10/0x10 [ 11.221299] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.221321] ? calculate_sigpending+0x7b/0xa0 [ 11.221344] ? __pfx_kthread+0x10/0x10 [ 11.221366] ret_from_fork+0x116/0x1d0 [ 11.221383] ? __pfx_kthread+0x10/0x10 [ 11.221404] ret_from_fork_asm+0x1a/0x30 [ 11.221434] </TASK> [ 11.221444] [ 11.229673] Allocated by task 209: [ 11.229950] kasan_save_stack+0x45/0x70 [ 11.230130] kasan_save_track+0x18/0x40 [ 11.230329] kasan_save_alloc_info+0x3b/0x50 [ 11.230507] __kasan_kmalloc+0xb7/0xc0 [ 11.230719] __kmalloc_cache_noprof+0x189/0x420 [ 11.231098] kmalloc_double_kzfree+0xa9/0x350 [ 11.231274] kunit_try_run_case+0x1a5/0x480 [ 11.231474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.231844] kthread+0x337/0x6f0 [ 11.232019] ret_from_fork+0x116/0x1d0 [ 11.232190] ret_from_fork_asm+0x1a/0x30 [ 11.232380] [ 11.232454] Freed by task 209: [ 11.232570] kasan_save_stack+0x45/0x70 [ 11.232724] kasan_save_track+0x18/0x40 [ 11.232942] kasan_save_free_info+0x3f/0x60 [ 11.233152] __kasan_slab_free+0x56/0x70 [ 11.233359] kfree+0x222/0x3f0 [ 11.233529] kfree_sensitive+0x67/0x90 [ 11.233730] kmalloc_double_kzfree+0x12b/0x350 [ 11.234058] kunit_try_run_case+0x1a5/0x480 [ 11.234209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.234390] kthread+0x337/0x6f0 [ 11.234567] ret_from_fork+0x116/0x1d0 [ 11.234929] ret_from_fork_asm+0x1a/0x30 [ 11.235146] [ 11.235245] The buggy address belongs to the object at ffff888101c55fc0 [ 11.235245] which belongs to the cache kmalloc-16 of size 16 [ 11.235872] The buggy address is located 0 bytes inside of [ 11.235872] 16-byte region [ffff888101c55fc0, ffff888101c55fd0) [ 11.236324] [ 11.236409] The buggy address belongs to the physical page: [ 11.236654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c55 [ 11.237060] flags: 0x200000000000000(node=0|zone=2) [ 11.237272] page_type: f5(slab) [ 11.237445] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.237871] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.238194] page dumped because: kasan: bad access detected [ 11.238371] [ 11.238443] Memory state around the buggy address: [ 11.238606] ffff888101c55e80: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.239114] ffff888101c55f00: 00 06 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.239448] >ffff888101c55f80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.239877] ^ [ 11.240127] ffff888101c56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.240432] ffff888101c56080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 11.240720] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
Automatically assigned
[ 11.194924] ================================================================== [ 11.195513] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.195919] Read of size 1 at addr ffff888101c55fc0 by task kunit_try_catch/209 [ 11.196230] [ 11.196348] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.196393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.196405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.196426] Call Trace: [ 11.196438] <TASK> [ 11.196453] dump_stack_lvl+0x73/0xb0 [ 11.196478] print_report+0xd1/0x650 [ 11.196500] ? __virt_addr_valid+0x1db/0x2d0 [ 11.196523] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.196546] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.196568] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.196591] kasan_report+0x141/0x180 [ 11.196625] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.196651] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.196675] __kasan_check_byte+0x3d/0x50 [ 11.196696] kfree_sensitive+0x22/0x90 [ 11.196719] kmalloc_double_kzfree+0x19c/0x350 [ 11.196742] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.196811] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.196837] ? __pfx_read_tsc+0x10/0x10 [ 11.196869] ? ktime_get_ts64+0x86/0x230 [ 11.196894] kunit_try_run_case+0x1a5/0x480 [ 11.196916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.196935] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 11.196958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.196982] ? __kthread_parkme+0x82/0x180 [ 11.197002] ? preempt_count_sub+0x50/0x80 [ 11.197025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.197046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.197070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.197376] kthread+0x337/0x6f0 [ 11.197397] ? trace_preempt_on+0x20/0xc0 [ 11.197420] ? __pfx_kthread+0x10/0x10 [ 11.197441] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.197463] ? calculate_sigpending+0x7b/0xa0 [ 11.197486] ? __pfx_kthread+0x10/0x10 [ 11.197508] ret_from_fork+0x116/0x1d0 [ 11.197526] ? __pfx_kthread+0x10/0x10 [ 11.197546] ret_from_fork_asm+0x1a/0x30 [ 11.197575] </TASK> [ 11.197586] [ 11.207161] Allocated by task 209: [ 11.207301] kasan_save_stack+0x45/0x70 [ 11.207455] kasan_save_track+0x18/0x40 [ 11.207599] kasan_save_alloc_info+0x3b/0x50 [ 11.207769] __kasan_kmalloc+0xb7/0xc0 [ 11.207910] __kmalloc_cache_noprof+0x189/0x420 [ 11.208418] kmalloc_double_kzfree+0xa9/0x350 [ 11.208906] kunit_try_run_case+0x1a5/0x480 [ 11.209164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.209348] kthread+0x337/0x6f0 [ 11.209481] ret_from_fork+0x116/0x1d0 [ 11.209633] ret_from_fork_asm+0x1a/0x30 [ 11.209892] [ 11.209993] Freed by task 209: [ 11.210151] kasan_save_stack+0x45/0x70 [ 11.210324] kasan_save_track+0x18/0x40 [ 11.210505] kasan_save_free_info+0x3f/0x60 [ 11.210679] __kasan_slab_free+0x56/0x70 [ 11.210830] kfree+0x222/0x3f0 [ 11.210995] kfree_sensitive+0x67/0x90 [ 11.211185] kmalloc_double_kzfree+0x12b/0x350 [ 11.211403] kunit_try_run_case+0x1a5/0x480 [ 11.211889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.212162] kthread+0x337/0x6f0 [ 11.212321] ret_from_fork+0x116/0x1d0 [ 11.212495] ret_from_fork_asm+0x1a/0x30 [ 11.212698] [ 11.212885] The buggy address belongs to the object at ffff888101c55fc0 [ 11.212885] which belongs to the cache kmalloc-16 of size 16 [ 11.213375] The buggy address is located 0 bytes inside of [ 11.213375] freed 16-byte region [ffff888101c55fc0, ffff888101c55fd0) [ 11.213908] [ 11.213995] The buggy address belongs to the physical page: [ 11.214260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c55 [ 11.214596] flags: 0x200000000000000(node=0|zone=2) [ 11.215034] page_type: f5(slab) [ 11.215200] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.215517] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.215935] page dumped because: kasan: bad access detected [ 11.216163] [ 11.216266] Memory state around the buggy address: [ 11.216477] ffff888101c55e80: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.216872] ffff888101c55f00: 00 06 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.217194] >ffff888101c55f80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.217481] ^ [ 11.217702] ffff888101c56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.218280] ffff888101c56080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 11.218626] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
Automatically assigned
[ 11.163033] ================================================================== [ 11.163452] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.163712] Read of size 1 at addr ffff888102f991a8 by task kunit_try_catch/205 [ 11.164371] [ 11.164636] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.164685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.164697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.164736] Call Trace: [ 11.164747] <TASK> [ 11.164762] dump_stack_lvl+0x73/0xb0 [ 11.164789] print_report+0xd1/0x650 [ 11.164811] ? __virt_addr_valid+0x1db/0x2d0 [ 11.164833] ? kmalloc_uaf2+0x4a8/0x520 [ 11.164878] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.164901] ? kmalloc_uaf2+0x4a8/0x520 [ 11.164922] kasan_report+0x141/0x180 [ 11.164955] ? kmalloc_uaf2+0x4a8/0x520 [ 11.164980] __asan_report_load1_noabort+0x18/0x20 [ 11.165009] kmalloc_uaf2+0x4a8/0x520 [ 11.165043] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.165063] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.165093] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.165118] kunit_try_run_case+0x1a5/0x480 [ 11.165139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.165158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.165183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.165206] ? __kthread_parkme+0x82/0x180 [ 11.165227] ? preempt_count_sub+0x50/0x80 [ 11.165249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.165270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.165293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.165317] kthread+0x337/0x6f0 [ 11.165336] ? trace_preempt_on+0x20/0xc0 [ 11.165359] ? __pfx_kthread+0x10/0x10 [ 11.165380] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.165402] ? calculate_sigpending+0x7b/0xa0 [ 11.165425] ? __pfx_kthread+0x10/0x10 [ 11.165446] ret_from_fork+0x116/0x1d0 [ 11.165464] ? __pfx_kthread+0x10/0x10 [ 11.165484] ret_from_fork_asm+0x1a/0x30 [ 11.165514] </TASK> [ 11.165524] [ 11.176468] Allocated by task 205: [ 11.176667] kasan_save_stack+0x45/0x70 [ 11.177143] kasan_save_track+0x18/0x40 [ 11.177333] kasan_save_alloc_info+0x3b/0x50 [ 11.177520] __kasan_kmalloc+0xb7/0xc0 [ 11.177726] __kmalloc_cache_noprof+0x189/0x420 [ 11.177911] kmalloc_uaf2+0xc6/0x520 [ 11.178244] kunit_try_run_case+0x1a5/0x480 [ 11.178526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.178845] kthread+0x337/0x6f0 [ 11.179151] ret_from_fork+0x116/0x1d0 [ 11.179345] ret_from_fork_asm+0x1a/0x30 [ 11.179547] [ 11.179847] Freed by task 205: [ 11.180087] kasan_save_stack+0x45/0x70 [ 11.180394] kasan_save_track+0x18/0x40 [ 11.180589] kasan_save_free_info+0x3f/0x60 [ 11.180945] __kasan_slab_free+0x56/0x70 [ 11.181162] kfree+0x222/0x3f0 [ 11.181329] kmalloc_uaf2+0x14c/0x520 [ 11.181580] kunit_try_run_case+0x1a5/0x480 [ 11.181834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.182205] kthread+0x337/0x6f0 [ 11.182344] ret_from_fork+0x116/0x1d0 [ 11.182545] ret_from_fork_asm+0x1a/0x30 [ 11.182756] [ 11.183076] The buggy address belongs to the object at ffff888102f99180 [ 11.183076] which belongs to the cache kmalloc-64 of size 64 [ 11.183531] The buggy address is located 40 bytes inside of [ 11.183531] freed 64-byte region [ffff888102f99180, ffff888102f991c0) [ 11.184121] [ 11.184367] The buggy address belongs to the physical page: [ 11.184630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f99 [ 11.185118] flags: 0x200000000000000(node=0|zone=2) [ 11.185424] page_type: f5(slab) [ 11.185729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.186193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.186490] page dumped because: kasan: bad access detected [ 11.186732] [ 11.187113] Memory state around the buggy address: [ 11.187418] ffff888102f99080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.187714] ffff888102f99100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.188401] >ffff888102f99180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.188748] ^ [ 11.189058] ffff888102f99200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.189423] ffff888102f99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.189816] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
Automatically assigned
[ 11.131076] ================================================================== [ 11.131549] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.132065] Write of size 33 at addr ffff888102f99080 by task kunit_try_catch/203 [ 11.132362] [ 11.132566] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.132649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.132663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.132685] Call Trace: [ 11.132698] <TASK> [ 11.132715] dump_stack_lvl+0x73/0xb0 [ 11.132745] print_report+0xd1/0x650 [ 11.132889] ? __virt_addr_valid+0x1db/0x2d0 [ 11.132915] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.132936] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.132959] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.132981] kasan_report+0x141/0x180 [ 11.133003] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.133030] kasan_check_range+0x10c/0x1c0 [ 11.133070] __asan_memset+0x27/0x50 [ 11.133091] kmalloc_uaf_memset+0x1a3/0x360 [ 11.133112] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.133135] ? __schedule+0x10cc/0x2b60 [ 11.133159] ? __pfx_read_tsc+0x10/0x10 [ 11.133180] ? ktime_get_ts64+0x86/0x230 [ 11.133205] kunit_try_run_case+0x1a5/0x480 [ 11.133227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.133260] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.133285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.133309] ? __kthread_parkme+0x82/0x180 [ 11.133329] ? preempt_count_sub+0x50/0x80 [ 11.133353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.133374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.133398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.133422] kthread+0x337/0x6f0 [ 11.133441] ? trace_preempt_on+0x20/0xc0 [ 11.133465] ? __pfx_kthread+0x10/0x10 [ 11.133485] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.133507] ? calculate_sigpending+0x7b/0xa0 [ 11.133531] ? __pfx_kthread+0x10/0x10 [ 11.133552] ret_from_fork+0x116/0x1d0 [ 11.133570] ? __pfx_kthread+0x10/0x10 [ 11.133590] ret_from_fork_asm+0x1a/0x30 [ 11.133634] </TASK> [ 11.133645] [ 11.143456] Allocated by task 203: [ 11.143604] kasan_save_stack+0x45/0x70 [ 11.144017] kasan_save_track+0x18/0x40 [ 11.144248] kasan_save_alloc_info+0x3b/0x50 [ 11.144501] __kasan_kmalloc+0xb7/0xc0 [ 11.144738] __kmalloc_cache_noprof+0x189/0x420 [ 11.144992] kmalloc_uaf_memset+0xa9/0x360 [ 11.145354] kunit_try_run_case+0x1a5/0x480 [ 11.146084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.146303] kthread+0x337/0x6f0 [ 11.146477] ret_from_fork+0x116/0x1d0 [ 11.146707] ret_from_fork_asm+0x1a/0x30 [ 11.147253] [ 11.147384] Freed by task 203: [ 11.147555] kasan_save_stack+0x45/0x70 [ 11.148026] kasan_save_track+0x18/0x40 [ 11.148241] kasan_save_free_info+0x3f/0x60 [ 11.148575] __kasan_slab_free+0x56/0x70 [ 11.148798] kfree+0x222/0x3f0 [ 11.149089] kmalloc_uaf_memset+0x12b/0x360 [ 11.149445] kunit_try_run_case+0x1a5/0x480 [ 11.149672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.150250] kthread+0x337/0x6f0 [ 11.150540] ret_from_fork+0x116/0x1d0 [ 11.150939] ret_from_fork_asm+0x1a/0x30 [ 11.151261] [ 11.151380] The buggy address belongs to the object at ffff888102f99080 [ 11.151380] which belongs to the cache kmalloc-64 of size 64 [ 11.152208] The buggy address is located 0 bytes inside of [ 11.152208] freed 64-byte region [ffff888102f99080, ffff888102f990c0) [ 11.152985] [ 11.153090] The buggy address belongs to the physical page: [ 11.153477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f99 [ 11.154069] flags: 0x200000000000000(node=0|zone=2) [ 11.154301] page_type: f5(slab) [ 11.154473] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.154957] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.155261] page dumped because: kasan: bad access detected [ 11.155524] [ 11.155623] Memory state around the buggy address: [ 11.155804] ffff888102f98f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.156212] ffff888102f99000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.156506] >ffff888102f99080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.156794] ^ [ 11.157050] ffff888102f99100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.157327] ffff888102f99180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.157598] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
Automatically assigned
[ 11.103024] ================================================================== [ 11.103822] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.104444] Read of size 1 at addr ffff888101c55fa8 by task kunit_try_catch/201 [ 11.104822] [ 11.104922] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.104969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.105049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.105091] Call Trace: [ 11.105103] <TASK> [ 11.105117] dump_stack_lvl+0x73/0xb0 [ 11.105144] print_report+0xd1/0x650 [ 11.105166] ? __virt_addr_valid+0x1db/0x2d0 [ 11.105188] ? kmalloc_uaf+0x320/0x380 [ 11.105208] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.105230] ? kmalloc_uaf+0x320/0x380 [ 11.105251] kasan_report+0x141/0x180 [ 11.105273] ? kmalloc_uaf+0x320/0x380 [ 11.105298] __asan_report_load1_noabort+0x18/0x20 [ 11.105318] kmalloc_uaf+0x320/0x380 [ 11.105339] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.105359] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.105402] ? trace_hardirqs_on+0x37/0xe0 [ 11.105437] ? __pfx_read_tsc+0x10/0x10 [ 11.105458] ? ktime_get_ts64+0x86/0x230 [ 11.105483] kunit_try_run_case+0x1a5/0x480 [ 11.105505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.105526] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.105550] ? __kthread_parkme+0x82/0x180 [ 11.105570] ? preempt_count_sub+0x50/0x80 [ 11.105594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.105627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.105651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.105675] kthread+0x337/0x6f0 [ 11.105694] ? trace_preempt_on+0x20/0xc0 [ 11.105715] ? __pfx_kthread+0x10/0x10 [ 11.105737] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.105809] ? calculate_sigpending+0x7b/0xa0 [ 11.105834] ? __pfx_kthread+0x10/0x10 [ 11.105856] ret_from_fork+0x116/0x1d0 [ 11.105874] ? __pfx_kthread+0x10/0x10 [ 11.105894] ret_from_fork_asm+0x1a/0x30 [ 11.105925] </TASK> [ 11.105935] [ 11.114414] Allocated by task 201: [ 11.114555] kasan_save_stack+0x45/0x70 [ 11.114889] kasan_save_track+0x18/0x40 [ 11.115221] kasan_save_alloc_info+0x3b/0x50 [ 11.115437] __kasan_kmalloc+0xb7/0xc0 [ 11.115642] __kmalloc_cache_noprof+0x189/0x420 [ 11.115833] kmalloc_uaf+0xaa/0x380 [ 11.116181] kunit_try_run_case+0x1a5/0x480 [ 11.116467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.116674] kthread+0x337/0x6f0 [ 11.116803] ret_from_fork+0x116/0x1d0 [ 11.116987] ret_from_fork_asm+0x1a/0x30 [ 11.117232] [ 11.117434] Freed by task 201: [ 11.117661] kasan_save_stack+0x45/0x70 [ 11.117996] kasan_save_track+0x18/0x40 [ 11.118264] kasan_save_free_info+0x3f/0x60 [ 11.118453] __kasan_slab_free+0x56/0x70 [ 11.118604] kfree+0x222/0x3f0 [ 11.118736] kmalloc_uaf+0x12c/0x380 [ 11.118909] kunit_try_run_case+0x1a5/0x480 [ 11.119139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.119428] kthread+0x337/0x6f0 [ 11.119626] ret_from_fork+0x116/0x1d0 [ 11.120054] ret_from_fork_asm+0x1a/0x30 [ 11.120436] [ 11.120518] The buggy address belongs to the object at ffff888101c55fa0 [ 11.120518] which belongs to the cache kmalloc-16 of size 16 [ 11.121277] The buggy address is located 8 bytes inside of [ 11.121277] freed 16-byte region [ffff888101c55fa0, ffff888101c55fb0) [ 11.121663] [ 11.121817] The buggy address belongs to the physical page: [ 11.122123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c55 [ 11.122525] flags: 0x200000000000000(node=0|zone=2) [ 11.122831] page_type: f5(slab) [ 11.123026] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.123268] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.123640] page dumped because: kasan: bad access detected [ 11.123900] [ 11.124142] Memory state around the buggy address: [ 11.124390] ffff888101c55e80: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 11.124682] ffff888101c55f00: 00 06 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.125025] >ffff888101c55f80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.125293] ^ [ 11.125753] ffff888101c56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.126216] ffff888101c56080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 11.126552] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
Automatically assigned
[ 11.079105] ================================================================== [ 11.079693] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.080309] Read of size 64 at addr ffff8881028a0584 by task kunit_try_catch/199 [ 11.080985] [ 11.081109] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.081157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.081183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.081203] Call Trace: [ 11.081215] <TASK> [ 11.081229] dump_stack_lvl+0x73/0xb0 [ 11.081257] print_report+0xd1/0x650 [ 11.081280] ? __virt_addr_valid+0x1db/0x2d0 [ 11.081302] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.081326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.081348] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.081381] kasan_report+0x141/0x180 [ 11.081403] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.081432] kasan_check_range+0x10c/0x1c0 [ 11.081455] __asan_memmove+0x27/0x70 [ 11.081475] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.081499] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.081535] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.081564] kunit_try_run_case+0x1a5/0x480 [ 11.081584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.081604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.081642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.081666] ? __kthread_parkme+0x82/0x180 [ 11.081686] ? preempt_count_sub+0x50/0x80 [ 11.081709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.081729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.081812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.081840] kthread+0x337/0x6f0 [ 11.081859] ? trace_preempt_on+0x20/0xc0 [ 11.081882] ? __pfx_kthread+0x10/0x10 [ 11.081903] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.081925] ? calculate_sigpending+0x7b/0xa0 [ 11.081948] ? __pfx_kthread+0x10/0x10 [ 11.081969] ret_from_fork+0x116/0x1d0 [ 11.081988] ? __pfx_kthread+0x10/0x10 [ 11.082008] ret_from_fork_asm+0x1a/0x30 [ 11.082038] </TASK> [ 11.082047] [ 11.089501] Allocated by task 199: [ 11.089652] kasan_save_stack+0x45/0x70 [ 11.090004] kasan_save_track+0x18/0x40 [ 11.090207] kasan_save_alloc_info+0x3b/0x50 [ 11.090418] __kasan_kmalloc+0xb7/0xc0 [ 11.090633] __kmalloc_cache_noprof+0x189/0x420 [ 11.090938] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.091184] kunit_try_run_case+0x1a5/0x480 [ 11.091335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.091593] kthread+0x337/0x6f0 [ 11.091792] ret_from_fork+0x116/0x1d0 [ 11.091982] ret_from_fork_asm+0x1a/0x30 [ 11.092175] [ 11.092259] The buggy address belongs to the object at ffff8881028a0580 [ 11.092259] which belongs to the cache kmalloc-64 of size 64 [ 11.092718] The buggy address is located 4 bytes inside of [ 11.092718] allocated 64-byte region [ffff8881028a0580, ffff8881028a05c0) [ 11.093302] [ 11.093400] The buggy address belongs to the physical page: [ 11.093906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a0 [ 11.094233] flags: 0x200000000000000(node=0|zone=2) [ 11.094454] page_type: f5(slab) [ 11.094624] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.095032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.095385] page dumped because: kasan: bad access detected [ 11.095566] [ 11.096274] Memory state around the buggy address: [ 11.096691] ffff8881028a0480: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 11.097736] ffff8881028a0500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.098067] >ffff8881028a0580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.098416] ^ [ 11.098670] ffff8881028a0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.099221] ffff8881028a0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.099472] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
Automatically assigned
[ 11.057299] ================================================================== [ 11.057804] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.058146] Read of size 18446744073709551614 at addr ffff8881028a0404 by task kunit_try_catch/197 [ 11.058552] [ 11.058676] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.058720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.058733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.058754] Call Trace: [ 11.058765] <TASK> [ 11.058780] dump_stack_lvl+0x73/0xb0 [ 11.058806] print_report+0xd1/0x650 [ 11.058828] ? __virt_addr_valid+0x1db/0x2d0 [ 11.059070] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.059095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.059117] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.059163] kasan_report+0x141/0x180 [ 11.059186] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.059216] kasan_check_range+0x10c/0x1c0 [ 11.059240] __asan_memmove+0x27/0x70 [ 11.059260] kmalloc_memmove_negative_size+0x171/0x330 [ 11.059285] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.059311] ? __schedule+0x10cc/0x2b60 [ 11.059334] ? __pfx_read_tsc+0x10/0x10 [ 11.059355] ? ktime_get_ts64+0x86/0x230 [ 11.059380] kunit_try_run_case+0x1a5/0x480 [ 11.059401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.059420] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.059443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.059468] ? __kthread_parkme+0x82/0x180 [ 11.059488] ? preempt_count_sub+0x50/0x80 [ 11.059511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.059532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.059555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.059579] kthread+0x337/0x6f0 [ 11.059599] ? trace_preempt_on+0x20/0xc0 [ 11.059636] ? __pfx_kthread+0x10/0x10 [ 11.059656] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.059678] ? calculate_sigpending+0x7b/0xa0 [ 11.059703] ? __pfx_kthread+0x10/0x10 [ 11.059724] ret_from_fork+0x116/0x1d0 [ 11.059742] ? __pfx_kthread+0x10/0x10 [ 11.059824] ret_from_fork_asm+0x1a/0x30 [ 11.059855] </TASK> [ 11.059865] [ 11.067303] Allocated by task 197: [ 11.067440] kasan_save_stack+0x45/0x70 [ 11.067701] kasan_save_track+0x18/0x40 [ 11.067910] kasan_save_alloc_info+0x3b/0x50 [ 11.068057] __kasan_kmalloc+0xb7/0xc0 [ 11.068190] __kmalloc_cache_noprof+0x189/0x420 [ 11.068343] kmalloc_memmove_negative_size+0xac/0x330 [ 11.068512] kunit_try_run_case+0x1a5/0x480 [ 11.068667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.068843] kthread+0x337/0x6f0 [ 11.068965] ret_from_fork+0x116/0x1d0 [ 11.069097] ret_from_fork_asm+0x1a/0x30 [ 11.069235] [ 11.069320] The buggy address belongs to the object at ffff8881028a0400 [ 11.069320] which belongs to the cache kmalloc-64 of size 64 [ 11.069983] The buggy address is located 4 bytes inside of [ 11.069983] 64-byte region [ffff8881028a0400, ffff8881028a0440) [ 11.070712] [ 11.070820] The buggy address belongs to the physical page: [ 11.071090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a0 [ 11.071443] flags: 0x200000000000000(node=0|zone=2) [ 11.071701] page_type: f5(slab) [ 11.071872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.072357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.072588] page dumped because: kasan: bad access detected [ 11.072950] [ 11.073134] Memory state around the buggy address: [ 11.073414] ffff8881028a0300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.073838] ffff8881028a0380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.074161] >ffff8881028a0400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.074377] ^ [ 11.074496] ffff8881028a0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.074782] ffff8881028a0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.075140] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
Automatically assigned
[ 11.033015] ================================================================== [ 11.034645] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.035034] Write of size 16 at addr ffff888102896d69 by task kunit_try_catch/195 [ 11.035319] [ 11.035438] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.035484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.035497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.035517] Call Trace: [ 11.035530] <TASK> [ 11.035545] dump_stack_lvl+0x73/0xb0 [ 11.035571] print_report+0xd1/0x650 [ 11.035593] ? __virt_addr_valid+0x1db/0x2d0 [ 11.035628] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.035649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.035671] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.035694] kasan_report+0x141/0x180 [ 11.035716] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.035743] kasan_check_range+0x10c/0x1c0 [ 11.035766] __asan_memset+0x27/0x50 [ 11.035787] kmalloc_oob_memset_16+0x166/0x330 [ 11.035810] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.035833] ? __schedule+0x10cc/0x2b60 [ 11.035855] ? irqentry_exit+0x2a/0x60 [ 11.035873] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.035898] ? __pfx_read_tsc+0x10/0x10 [ 11.035981] ? ktime_get_ts64+0x86/0x230 [ 11.036002] ? trace_hardirqs_on+0x37/0xe0 [ 11.036027] kunit_try_run_case+0x1a5/0x480 [ 11.036049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.036068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.036093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.036117] ? __kthread_parkme+0x82/0x180 [ 11.036137] ? preempt_count_sub+0x50/0x80 [ 11.036160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.036181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.036205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.036229] kthread+0x337/0x6f0 [ 11.036248] ? trace_preempt_on+0x20/0xc0 [ 11.036269] ? __pfx_kthread+0x10/0x10 [ 11.036290] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.036312] ? calculate_sigpending+0x7b/0xa0 [ 11.036335] ? __pfx_kthread+0x10/0x10 [ 11.036356] ret_from_fork+0x116/0x1d0 [ 11.036374] ? __pfx_kthread+0x10/0x10 [ 11.036395] ret_from_fork_asm+0x1a/0x30 [ 11.036425] </TASK> [ 11.036435] [ 11.044970] Allocated by task 195: [ 11.045111] kasan_save_stack+0x45/0x70 [ 11.045324] kasan_save_track+0x18/0x40 [ 11.045521] kasan_save_alloc_info+0x3b/0x50 [ 11.045742] __kasan_kmalloc+0xb7/0xc0 [ 11.045976] __kmalloc_cache_noprof+0x189/0x420 [ 11.046144] kmalloc_oob_memset_16+0xac/0x330 [ 11.046363] kunit_try_run_case+0x1a5/0x480 [ 11.046579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.046881] kthread+0x337/0x6f0 [ 11.047043] ret_from_fork+0x116/0x1d0 [ 11.047184] ret_from_fork_asm+0x1a/0x30 [ 11.047333] [ 11.047407] The buggy address belongs to the object at ffff888102896d00 [ 11.047407] which belongs to the cache kmalloc-128 of size 128 [ 11.047920] The buggy address is located 105 bytes inside of [ 11.047920] allocated 120-byte region [ffff888102896d00, ffff888102896d78) [ 11.048531] [ 11.048725] The buggy address belongs to the physical page: [ 11.048913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102896 [ 11.049163] flags: 0x200000000000000(node=0|zone=2) [ 11.049801] page_type: f5(slab) [ 11.050058] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.050554] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.050873] page dumped because: kasan: bad access detected [ 11.051147] [ 11.051247] Memory state around the buggy address: [ 11.051470] ffff888102896c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.051712] ffff888102896c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.052122] >ffff888102896d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.052560] ^ [ 11.052890] ffff888102896d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.053121] ffff888102896e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.053653] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
Automatically assigned
[ 11.010053] ================================================================== [ 11.011807] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.012153] Write of size 8 at addr ffff888102896c71 by task kunit_try_catch/193 [ 11.012454] [ 11.012548] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.012595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.012607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.012640] Call Trace: [ 11.012651] <TASK> [ 11.012666] dump_stack_lvl+0x73/0xb0 [ 11.012691] print_report+0xd1/0x650 [ 11.012713] ? __virt_addr_valid+0x1db/0x2d0 [ 11.012735] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.012763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.012785] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.012807] kasan_report+0x141/0x180 [ 11.012829] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.012855] kasan_check_range+0x10c/0x1c0 [ 11.012879] __asan_memset+0x27/0x50 [ 11.012898] kmalloc_oob_memset_8+0x166/0x330 [ 11.012921] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.012944] ? __schedule+0x10cc/0x2b60 [ 11.012966] ? __pfx_read_tsc+0x10/0x10 [ 11.012986] ? ktime_get_ts64+0x86/0x230 [ 11.013010] kunit_try_run_case+0x1a5/0x480 [ 11.013031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.013050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.013073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.013097] ? __kthread_parkme+0x82/0x180 [ 11.013117] ? preempt_count_sub+0x50/0x80 [ 11.013140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.013160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.013185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.013208] kthread+0x337/0x6f0 [ 11.013228] ? trace_preempt_on+0x20/0xc0 [ 11.013250] ? __pfx_kthread+0x10/0x10 [ 11.013270] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.013313] ? calculate_sigpending+0x7b/0xa0 [ 11.013349] ? __pfx_kthread+0x10/0x10 [ 11.013384] ret_from_fork+0x116/0x1d0 [ 11.013402] ? __pfx_kthread+0x10/0x10 [ 11.013422] ret_from_fork_asm+0x1a/0x30 [ 11.013452] </TASK> [ 11.013462] [ 11.021044] Allocated by task 193: [ 11.021225] kasan_save_stack+0x45/0x70 [ 11.021437] kasan_save_track+0x18/0x40 [ 11.021649] kasan_save_alloc_info+0x3b/0x50 [ 11.021920] __kasan_kmalloc+0xb7/0xc0 [ 11.022098] __kmalloc_cache_noprof+0x189/0x420 [ 11.022256] kmalloc_oob_memset_8+0xac/0x330 [ 11.022469] kunit_try_run_case+0x1a5/0x480 [ 11.022699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.023110] kthread+0x337/0x6f0 [ 11.023247] ret_from_fork+0x116/0x1d0 [ 11.023385] ret_from_fork_asm+0x1a/0x30 [ 11.023547] [ 11.023664] The buggy address belongs to the object at ffff888102896c00 [ 11.023664] which belongs to the cache kmalloc-128 of size 128 [ 11.024297] The buggy address is located 113 bytes inside of [ 11.024297] allocated 120-byte region [ffff888102896c00, ffff888102896c78) [ 11.024889] [ 11.024993] The buggy address belongs to the physical page: [ 11.025220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102896 [ 11.025505] flags: 0x200000000000000(node=0|zone=2) [ 11.025687] page_type: f5(slab) [ 11.025920] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.026273] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.026635] page dumped because: kasan: bad access detected [ 11.026963] [ 11.027062] Memory state around the buggy address: [ 11.027291] ffff888102896b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.027539] ffff888102896b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.028074] >ffff888102896c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.028385] ^ [ 11.028662] ffff888102896c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.029006] ffff888102896d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.029333] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
Automatically assigned
[ 10.988404] ================================================================== [ 10.988909] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 10.989197] Write of size 4 at addr ffff888102896b75 by task kunit_try_catch/191 [ 10.989508] [ 10.989622] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.989667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.989679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.989700] Call Trace: [ 10.989711] <TASK> [ 10.989726] dump_stack_lvl+0x73/0xb0 [ 10.989751] print_report+0xd1/0x650 [ 10.989773] ? __virt_addr_valid+0x1db/0x2d0 [ 10.989795] ? kmalloc_oob_memset_4+0x166/0x330 [ 10.989815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.989837] ? kmalloc_oob_memset_4+0x166/0x330 [ 10.989859] kasan_report+0x141/0x180 [ 10.989880] ? kmalloc_oob_memset_4+0x166/0x330 [ 10.989906] kasan_check_range+0x10c/0x1c0 [ 10.989930] __asan_memset+0x27/0x50 [ 10.989949] kmalloc_oob_memset_4+0x166/0x330 [ 10.989971] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 10.989994] ? __schedule+0x10cc/0x2b60 [ 10.990016] ? __pfx_read_tsc+0x10/0x10 [ 10.990036] ? ktime_get_ts64+0x86/0x230 [ 10.990060] kunit_try_run_case+0x1a5/0x480 [ 10.990081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.990099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.990123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.990146] ? __kthread_parkme+0x82/0x180 [ 10.990166] ? preempt_count_sub+0x50/0x80 [ 10.990188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.990209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.990232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.990255] kthread+0x337/0x6f0 [ 10.990274] ? trace_preempt_on+0x20/0xc0 [ 10.990297] ? __pfx_kthread+0x10/0x10 [ 10.990316] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.990338] ? calculate_sigpending+0x7b/0xa0 [ 10.990361] ? __pfx_kthread+0x10/0x10 [ 10.990382] ret_from_fork+0x116/0x1d0 [ 10.990400] ? __pfx_kthread+0x10/0x10 [ 10.990419] ret_from_fork_asm+0x1a/0x30 [ 10.990449] </TASK> [ 10.990459] [ 10.997958] Allocated by task 191: [ 10.998136] kasan_save_stack+0x45/0x70 [ 10.998316] kasan_save_track+0x18/0x40 [ 10.998501] kasan_save_alloc_info+0x3b/0x50 [ 10.998711] __kasan_kmalloc+0xb7/0xc0 [ 10.998964] __kmalloc_cache_noprof+0x189/0x420 [ 10.999128] kmalloc_oob_memset_4+0xac/0x330 [ 10.999330] kunit_try_run_case+0x1a5/0x480 [ 10.999538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.999875] kthread+0x337/0x6f0 [ 11.000052] ret_from_fork+0x116/0x1d0 [ 11.000196] ret_from_fork_asm+0x1a/0x30 [ 11.000396] [ 11.000486] The buggy address belongs to the object at ffff888102896b00 [ 11.000486] which belongs to the cache kmalloc-128 of size 128 [ 11.000935] The buggy address is located 117 bytes inside of [ 11.000935] allocated 120-byte region [ffff888102896b00, ffff888102896b78) [ 11.001480] [ 11.001577] The buggy address belongs to the physical page: [ 11.001920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102896 [ 11.002269] flags: 0x200000000000000(node=0|zone=2) [ 11.002483] page_type: f5(slab) [ 11.002620] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.002930] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.003273] page dumped because: kasan: bad access detected [ 11.003532] [ 11.003636] Memory state around the buggy address: [ 11.004035] ffff888102896a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.004377] ffff888102896a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.004691] >ffff888102896b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.005041] ^ [ 11.005346] ffff888102896b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.005645] ffff888102896c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.005998] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
Automatically assigned
[ 10.958532] ================================================================== [ 10.958978] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 10.959222] Write of size 2 at addr ffff888102f96077 by task kunit_try_catch/189 [ 10.959450] [ 10.959539] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.959583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.959595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.959625] Call Trace: [ 10.959637] <TASK> [ 10.959652] dump_stack_lvl+0x73/0xb0 [ 10.959678] print_report+0xd1/0x650 [ 10.959700] ? __virt_addr_valid+0x1db/0x2d0 [ 10.959724] ? kmalloc_oob_memset_2+0x166/0x330 [ 10.959745] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.959766] ? kmalloc_oob_memset_2+0x166/0x330 [ 10.959788] kasan_report+0x141/0x180 [ 10.959810] ? kmalloc_oob_memset_2+0x166/0x330 [ 10.959836] kasan_check_range+0x10c/0x1c0 [ 10.959859] __asan_memset+0x27/0x50 [ 10.959879] kmalloc_oob_memset_2+0x166/0x330 [ 10.959901] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 10.960206] ? __schedule+0x10cc/0x2b60 [ 10.960259] ? __pfx_read_tsc+0x10/0x10 [ 10.960283] ? ktime_get_ts64+0x86/0x230 [ 10.960308] kunit_try_run_case+0x1a5/0x480 [ 10.960330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.960350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.960374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.960398] ? __kthread_parkme+0x82/0x180 [ 10.960418] ? preempt_count_sub+0x50/0x80 [ 10.960441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.960462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.960485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.960509] kthread+0x337/0x6f0 [ 10.960528] ? trace_preempt_on+0x20/0xc0 [ 10.960551] ? __pfx_kthread+0x10/0x10 [ 10.960571] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.960593] ? calculate_sigpending+0x7b/0xa0 [ 10.960627] ? __pfx_kthread+0x10/0x10 [ 10.960648] ret_from_fork+0x116/0x1d0 [ 10.960667] ? __pfx_kthread+0x10/0x10 [ 10.960687] ret_from_fork_asm+0x1a/0x30 [ 10.960717] </TASK> [ 10.960727] [ 10.972507] Allocated by task 189: [ 10.973208] kasan_save_stack+0x45/0x70 [ 10.973598] kasan_save_track+0x18/0x40 [ 10.973930] kasan_save_alloc_info+0x3b/0x50 [ 10.974395] __kasan_kmalloc+0xb7/0xc0 [ 10.974542] __kmalloc_cache_noprof+0x189/0x420 [ 10.974710] kmalloc_oob_memset_2+0xac/0x330 [ 10.975505] kunit_try_run_case+0x1a5/0x480 [ 10.976058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.976545] kthread+0x337/0x6f0 [ 10.976995] ret_from_fork+0x116/0x1d0 [ 10.977351] ret_from_fork_asm+0x1a/0x30 [ 10.977744] [ 10.977923] The buggy address belongs to the object at ffff888102f96000 [ 10.977923] which belongs to the cache kmalloc-128 of size 128 [ 10.978572] The buggy address is located 119 bytes inside of [ 10.978572] allocated 120-byte region [ffff888102f96000, ffff888102f96078) [ 10.979474] [ 10.979653] The buggy address belongs to the physical page: [ 10.980220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 10.981162] flags: 0x200000000000000(node=0|zone=2) [ 10.981640] page_type: f5(slab) [ 10.981913] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.982367] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.982622] page dumped because: kasan: bad access detected [ 10.982809] [ 10.982881] Memory state around the buggy address: [ 10.983165] ffff888102f95f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.983439] ffff888102f95f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.983782] >ffff888102f96000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.984020] ^ [ 10.984343] ffff888102f96080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.984604] ffff888102f96100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.984983] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
Automatically assigned
[ 10.931042] ================================================================== [ 10.931415] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 10.931732] Write of size 128 at addr ffff888102896a00 by task kunit_try_catch/187 [ 10.932196] [ 10.932376] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.932421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.932434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.932455] Call Trace: [ 10.932465] <TASK> [ 10.932480] dump_stack_lvl+0x73/0xb0 [ 10.932823] print_report+0xd1/0x650 [ 10.932855] ? __virt_addr_valid+0x1db/0x2d0 [ 10.932879] ? kmalloc_oob_in_memset+0x15f/0x320 [ 10.932901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.932925] ? kmalloc_oob_in_memset+0x15f/0x320 [ 10.932947] kasan_report+0x141/0x180 [ 10.932969] ? kmalloc_oob_in_memset+0x15f/0x320 [ 10.932996] kasan_check_range+0x10c/0x1c0 [ 10.933021] __asan_memset+0x27/0x50 [ 10.933041] kmalloc_oob_in_memset+0x15f/0x320 [ 10.933063] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 10.933089] ? __pfx_read_tsc+0x10/0x10 [ 10.933110] ? ktime_get_ts64+0x86/0x230 [ 10.933134] kunit_try_run_case+0x1a5/0x480 [ 10.933155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.933174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.933198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.933222] ? __kthread_parkme+0x82/0x180 [ 10.933242] ? preempt_count_sub+0x50/0x80 [ 10.933265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.933285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.933309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.933333] kthread+0x337/0x6f0 [ 10.933352] ? trace_preempt_on+0x20/0xc0 [ 10.933375] ? __pfx_kthread+0x10/0x10 [ 10.933395] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.933417] ? calculate_sigpending+0x7b/0xa0 [ 10.933440] ? __pfx_kthread+0x10/0x10 [ 10.933461] ret_from_fork+0x116/0x1d0 [ 10.933480] ? __pfx_kthread+0x10/0x10 [ 10.933502] ret_from_fork_asm+0x1a/0x30 [ 10.933532] </TASK> [ 10.933542] [ 10.943915] Allocated by task 187: [ 10.944209] kasan_save_stack+0x45/0x70 [ 10.945132] kasan_save_track+0x18/0x40 [ 10.945319] kasan_save_alloc_info+0x3b/0x50 [ 10.945549] __kasan_kmalloc+0xb7/0xc0 [ 10.946036] __kmalloc_cache_noprof+0x189/0x420 [ 10.946378] kmalloc_oob_in_memset+0xac/0x320 [ 10.946686] kunit_try_run_case+0x1a5/0x480 [ 10.947106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.947456] kthread+0x337/0x6f0 [ 10.947724] ret_from_fork+0x116/0x1d0 [ 10.948094] ret_from_fork_asm+0x1a/0x30 [ 10.948255] [ 10.948529] The buggy address belongs to the object at ffff888102896a00 [ 10.948529] which belongs to the cache kmalloc-128 of size 128 [ 10.949275] The buggy address is located 0 bytes inside of [ 10.949275] allocated 120-byte region [ffff888102896a00, ffff888102896a78) [ 10.949904] [ 10.950032] The buggy address belongs to the physical page: [ 10.950255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102896 [ 10.950592] flags: 0x200000000000000(node=0|zone=2) [ 10.950794] page_type: f5(slab) [ 10.951044] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.951345] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.951749] page dumped because: kasan: bad access detected [ 10.952012] [ 10.952234] Memory state around the buggy address: [ 10.952539] ffff888102896900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.953099] ffff888102896980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.953671] >ffff888102896a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.954199] ^ [ 10.954595] ffff888102896a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.955090] ffff888102896b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.955497] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
Automatically assigned
[ 10.896800] ================================================================== [ 10.897694] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 10.898547] Read of size 16 at addr ffff888102856060 by task kunit_try_catch/185 [ 10.899045] [ 10.899313] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.899362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.899374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.899396] Call Trace: [ 10.899408] <TASK> [ 10.899424] dump_stack_lvl+0x73/0xb0 [ 10.899484] print_report+0xd1/0x650 [ 10.899507] ? __virt_addr_valid+0x1db/0x2d0 [ 10.899530] ? kmalloc_uaf_16+0x47b/0x4c0 [ 10.899550] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.899572] ? kmalloc_uaf_16+0x47b/0x4c0 [ 10.899593] kasan_report+0x141/0x180 [ 10.899626] ? kmalloc_uaf_16+0x47b/0x4c0 [ 10.899652] __asan_report_load16_noabort+0x18/0x20 [ 10.899672] kmalloc_uaf_16+0x47b/0x4c0 [ 10.899693] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 10.899715] ? __schedule+0x10cc/0x2b60 [ 10.899739] ? __pfx_read_tsc+0x10/0x10 [ 10.899767] ? ktime_get_ts64+0x86/0x230 [ 10.899792] kunit_try_run_case+0x1a5/0x480 [ 10.899814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.899833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.899857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.899881] ? __kthread_parkme+0x82/0x180 [ 10.899902] ? preempt_count_sub+0x50/0x80 [ 10.899926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.899946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.899970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.899994] kthread+0x337/0x6f0 [ 10.900013] ? trace_preempt_on+0x20/0xc0 [ 10.900037] ? __pfx_kthread+0x10/0x10 [ 10.900057] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.900078] ? calculate_sigpending+0x7b/0xa0 [ 10.900103] ? __pfx_kthread+0x10/0x10 [ 10.900124] ret_from_fork+0x116/0x1d0 [ 10.900141] ? __pfx_kthread+0x10/0x10 [ 10.900161] ret_from_fork_asm+0x1a/0x30 [ 10.900192] </TASK> [ 10.900202] [ 10.914379] Allocated by task 185: [ 10.914520] kasan_save_stack+0x45/0x70 [ 10.914696] kasan_save_track+0x18/0x40 [ 10.914979] kasan_save_alloc_info+0x3b/0x50 [ 10.915172] __kasan_kmalloc+0xb7/0xc0 [ 10.915330] __kmalloc_cache_noprof+0x189/0x420 [ 10.915508] kmalloc_uaf_16+0x15b/0x4c0 [ 10.915716] kunit_try_run_case+0x1a5/0x480 [ 10.915912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.916141] kthread+0x337/0x6f0 [ 10.916266] ret_from_fork+0x116/0x1d0 [ 10.916889] ret_from_fork_asm+0x1a/0x30 [ 10.917118] [ 10.917220] Freed by task 185: [ 10.917380] kasan_save_stack+0x45/0x70 [ 10.917578] kasan_save_track+0x18/0x40 [ 10.917761] kasan_save_free_info+0x3f/0x60 [ 10.917963] __kasan_slab_free+0x56/0x70 [ 10.918346] kfree+0x222/0x3f0 [ 10.918493] kmalloc_uaf_16+0x1d6/0x4c0 [ 10.918683] kunit_try_run_case+0x1a5/0x480 [ 10.918987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.919270] kthread+0x337/0x6f0 [ 10.919396] ret_from_fork+0x116/0x1d0 [ 10.919575] ret_from_fork_asm+0x1a/0x30 [ 10.919929] [ 10.920020] The buggy address belongs to the object at ffff888102856060 [ 10.920020] which belongs to the cache kmalloc-16 of size 16 [ 10.920508] The buggy address is located 0 bytes inside of [ 10.920508] freed 16-byte region [ffff888102856060, ffff888102856070) [ 10.921551] [ 10.921653] The buggy address belongs to the physical page: [ 10.922203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 10.922848] flags: 0x200000000000000(node=0|zone=2) [ 10.923204] page_type: f5(slab) [ 10.923353] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.924050] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.924397] page dumped because: kasan: bad access detected [ 10.924630] [ 10.924729] Memory state around the buggy address: [ 10.925184] ffff888102855f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.925620] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.926095] >ffff888102856000: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 10.926513] ^ [ 10.927017] ffff888102856080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.927341] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.927681] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
Automatically assigned
[ 10.868775] ================================================================== [ 10.869298] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 10.869666] Write of size 16 at addr ffff888101c55f60 by task kunit_try_catch/183 [ 10.869977] [ 10.870070] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.870117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.870129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.870492] Call Trace: [ 10.870505] <TASK> [ 10.870521] dump_stack_lvl+0x73/0xb0 [ 10.870555] print_report+0xd1/0x650 [ 10.870578] ? __virt_addr_valid+0x1db/0x2d0 [ 10.870602] ? kmalloc_oob_16+0x452/0x4a0 [ 10.870634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.870656] ? kmalloc_oob_16+0x452/0x4a0 [ 10.870677] kasan_report+0x141/0x180 [ 10.870700] ? kmalloc_oob_16+0x452/0x4a0 [ 10.870725] __asan_report_store16_noabort+0x1b/0x30 [ 10.870747] kmalloc_oob_16+0x452/0x4a0 [ 10.870787] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 10.870819] ? __schedule+0x10cc/0x2b60 [ 10.870843] ? __pfx_read_tsc+0x10/0x10 [ 10.870882] ? ktime_get_ts64+0x86/0x230 [ 10.870906] kunit_try_run_case+0x1a5/0x480 [ 10.870929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.870948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.870973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.871006] ? __kthread_parkme+0x82/0x180 [ 10.871092] ? preempt_count_sub+0x50/0x80 [ 10.871115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.871136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.871160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.871183] kthread+0x337/0x6f0 [ 10.871203] ? trace_preempt_on+0x20/0xc0 [ 10.871225] ? __pfx_kthread+0x10/0x10 [ 10.871245] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.871268] ? calculate_sigpending+0x7b/0xa0 [ 10.871291] ? __pfx_kthread+0x10/0x10 [ 10.871313] ret_from_fork+0x116/0x1d0 [ 10.871331] ? __pfx_kthread+0x10/0x10 [ 10.871351] ret_from_fork_asm+0x1a/0x30 [ 10.871381] </TASK> [ 10.871392] [ 10.880719] Allocated by task 183: [ 10.881154] kasan_save_stack+0x45/0x70 [ 10.881472] kasan_save_track+0x18/0x40 [ 10.881854] kasan_save_alloc_info+0x3b/0x50 [ 10.882132] __kasan_kmalloc+0xb7/0xc0 [ 10.882309] __kmalloc_cache_noprof+0x189/0x420 [ 10.882514] kmalloc_oob_16+0xa8/0x4a0 [ 10.882706] kunit_try_run_case+0x1a5/0x480 [ 10.883180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.883489] kthread+0x337/0x6f0 [ 10.883902] ret_from_fork+0x116/0x1d0 [ 10.884315] ret_from_fork_asm+0x1a/0x30 [ 10.884635] [ 10.884885] The buggy address belongs to the object at ffff888101c55f60 [ 10.884885] which belongs to the cache kmalloc-16 of size 16 [ 10.885800] The buggy address is located 0 bytes inside of [ 10.885800] allocated 13-byte region [ffff888101c55f60, ffff888101c55f6d) [ 10.886698] [ 10.886947] The buggy address belongs to the physical page: [ 10.887455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c55 [ 10.887950] flags: 0x200000000000000(node=0|zone=2) [ 10.888402] page_type: f5(slab) [ 10.888868] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.889316] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.889766] page dumped because: kasan: bad access detected [ 10.890031] [ 10.890116] Memory state around the buggy address: [ 10.890311] ffff888101c55e00: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 10.890885] ffff888101c55e80: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 10.891325] >ffff888101c55f00: 00 06 fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc [ 10.891863] ^ [ 10.892583] ffff888101c55f80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.893251] ffff888101c56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.893543] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
Automatically assigned
[ 10.836352] ================================================================== [ 10.836692] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 10.837046] Read of size 1 at addr ffff888100a1de00 by task kunit_try_catch/181 [ 10.837352] [ 10.837753] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.837962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.837978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.837999] Call Trace: [ 10.838011] <TASK> [ 10.838027] dump_stack_lvl+0x73/0xb0 [ 10.838056] print_report+0xd1/0x650 [ 10.838079] ? __virt_addr_valid+0x1db/0x2d0 [ 10.838102] ? krealloc_uaf+0x53c/0x5e0 [ 10.838123] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.838146] ? krealloc_uaf+0x53c/0x5e0 [ 10.838167] kasan_report+0x141/0x180 [ 10.838189] ? krealloc_uaf+0x53c/0x5e0 [ 10.838215] __asan_report_load1_noabort+0x18/0x20 [ 10.838236] krealloc_uaf+0x53c/0x5e0 [ 10.838257] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.838278] ? finish_task_switch.isra.0+0x153/0x700 [ 10.838299] ? __switch_to+0x47/0xf50 [ 10.838324] ? __schedule+0x10cc/0x2b60 [ 10.838347] ? __pfx_read_tsc+0x10/0x10 [ 10.838367] ? ktime_get_ts64+0x86/0x230 [ 10.838391] kunit_try_run_case+0x1a5/0x480 [ 10.838412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.838431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.838455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.838479] ? __kthread_parkme+0x82/0x180 [ 10.838499] ? preempt_count_sub+0x50/0x80 [ 10.838521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.838547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.838571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.838595] kthread+0x337/0x6f0 [ 10.838624] ? trace_preempt_on+0x20/0xc0 [ 10.838647] ? __pfx_kthread+0x10/0x10 [ 10.838667] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.838689] ? calculate_sigpending+0x7b/0xa0 [ 10.838713] ? __pfx_kthread+0x10/0x10 [ 10.838734] ret_from_fork+0x116/0x1d0 [ 10.838819] ? __pfx_kthread+0x10/0x10 [ 10.838841] ret_from_fork_asm+0x1a/0x30 [ 10.838872] </TASK> [ 10.838882] [ 10.849548] Allocated by task 181: [ 10.849782] kasan_save_stack+0x45/0x70 [ 10.850040] kasan_save_track+0x18/0x40 [ 10.850255] kasan_save_alloc_info+0x3b/0x50 [ 10.850600] __kasan_kmalloc+0xb7/0xc0 [ 10.850794] __kmalloc_cache_noprof+0x189/0x420 [ 10.851031] krealloc_uaf+0xbb/0x5e0 [ 10.851169] kunit_try_run_case+0x1a5/0x480 [ 10.851326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.851593] kthread+0x337/0x6f0 [ 10.851848] ret_from_fork+0x116/0x1d0 [ 10.852199] ret_from_fork_asm+0x1a/0x30 [ 10.852578] [ 10.852721] Freed by task 181: [ 10.853123] kasan_save_stack+0x45/0x70 [ 10.853408] kasan_save_track+0x18/0x40 [ 10.853606] kasan_save_free_info+0x3f/0x60 [ 10.853904] __kasan_slab_free+0x56/0x70 [ 10.854077] kfree+0x222/0x3f0 [ 10.854197] krealloc_uaf+0x13d/0x5e0 [ 10.854386] kunit_try_run_case+0x1a5/0x480 [ 10.854627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.855001] kthread+0x337/0x6f0 [ 10.855205] ret_from_fork+0x116/0x1d0 [ 10.855365] ret_from_fork_asm+0x1a/0x30 [ 10.855590] [ 10.855725] The buggy address belongs to the object at ffff888100a1de00 [ 10.855725] which belongs to the cache kmalloc-256 of size 256 [ 10.856322] The buggy address is located 0 bytes inside of [ 10.856322] freed 256-byte region [ffff888100a1de00, ffff888100a1df00) [ 10.856929] [ 10.857046] The buggy address belongs to the physical page: [ 10.857324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.857625] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.857996] flags: 0x200000000000040(head|node=0|zone=2) [ 10.858463] page_type: f5(slab) [ 10.858646] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.859178] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.859515] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.859937] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.860325] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.860641] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.861003] page dumped because: kasan: bad access detected [ 10.861241] [ 10.861426] Memory state around the buggy address: [ 10.861591] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.862153] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.862500] >ffff888100a1de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.862825] ^ [ 10.863115] ffff888100a1de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.863552] ffff888100a1df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.863917] ================================================================== [ 10.804223] ================================================================== [ 10.804737] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 10.805124] Read of size 1 at addr ffff888100a1de00 by task kunit_try_catch/181 [ 10.805437] [ 10.805552] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.805597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.805621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.805642] Call Trace: [ 10.805654] <TASK> [ 10.805669] dump_stack_lvl+0x73/0xb0 [ 10.805694] print_report+0xd1/0x650 [ 10.805716] ? __virt_addr_valid+0x1db/0x2d0 [ 10.805739] ? krealloc_uaf+0x1b8/0x5e0 [ 10.805828] ? kasan_complete_mode_report_info+0x64/0x200 [ 10.805853] ? krealloc_uaf+0x1b8/0x5e0 [ 10.805875] kasan_report+0x141/0x180 [ 10.805897] ? krealloc_uaf+0x1b8/0x5e0 [ 10.805923] ? krealloc_uaf+0x1b8/0x5e0 [ 10.805944] __kasan_check_byte+0x3d/0x50 [ 10.805966] krealloc_noprof+0x3f/0x340 [ 10.805992] krealloc_uaf+0x1b8/0x5e0 [ 10.806014] ? __pfx_krealloc_uaf+0x10/0x10 [ 10.806035] ? finish_task_switch.isra.0+0x153/0x700 [ 10.806057] ? __switch_to+0x47/0xf50 [ 10.806080] ? __schedule+0x10cc/0x2b60 [ 10.806104] ? __pfx_read_tsc+0x10/0x10 [ 10.806124] ? ktime_get_ts64+0x86/0x230 [ 10.806149] kunit_try_run_case+0x1a5/0x480 [ 10.806170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.806189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.806213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.806237] ? __kthread_parkme+0x82/0x180 [ 10.806256] ? preempt_count_sub+0x50/0x80 [ 10.806279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.806300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.806324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.806348] kthread+0x337/0x6f0 [ 10.806367] ? trace_preempt_on+0x20/0xc0 [ 10.806390] ? __pfx_kthread+0x10/0x10 [ 10.806410] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.806432] ? calculate_sigpending+0x7b/0xa0 [ 10.806456] ? __pfx_kthread+0x10/0x10 [ 10.806478] ret_from_fork+0x116/0x1d0 [ 10.806495] ? __pfx_kthread+0x10/0x10 [ 10.806516] ret_from_fork_asm+0x1a/0x30 [ 10.806553] </TASK> [ 10.806564] [ 10.818518] Allocated by task 181: [ 10.818709] kasan_save_stack+0x45/0x70 [ 10.819324] kasan_save_track+0x18/0x40 [ 10.819528] kasan_save_alloc_info+0x3b/0x50 [ 10.819734] __kasan_kmalloc+0xb7/0xc0 [ 10.820170] __kmalloc_cache_noprof+0x189/0x420 [ 10.820382] krealloc_uaf+0xbb/0x5e0 [ 10.820557] kunit_try_run_case+0x1a5/0x480 [ 10.821021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.821327] kthread+0x337/0x6f0 [ 10.821719] ret_from_fork+0x116/0x1d0 [ 10.822104] ret_from_fork_asm+0x1a/0x30 [ 10.822299] [ 10.822409] Freed by task 181: [ 10.822577] kasan_save_stack+0x45/0x70 [ 10.822738] kasan_save_track+0x18/0x40 [ 10.822881] kasan_save_free_info+0x3f/0x60 [ 10.823200] __kasan_slab_free+0x56/0x70 [ 10.823431] kfree+0x222/0x3f0 [ 10.823579] krealloc_uaf+0x13d/0x5e0 [ 10.823792] kunit_try_run_case+0x1a5/0x480 [ 10.824098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.824282] kthread+0x337/0x6f0 [ 10.824453] ret_from_fork+0x116/0x1d0 [ 10.824679] ret_from_fork_asm+0x1a/0x30 [ 10.824994] [ 10.825172] The buggy address belongs to the object at ffff888100a1de00 [ 10.825172] which belongs to the cache kmalloc-256 of size 256 [ 10.825692] The buggy address is located 0 bytes inside of [ 10.825692] freed 256-byte region [ffff888100a1de00, ffff888100a1df00) [ 10.826320] [ 10.826397] The buggy address belongs to the physical page: [ 10.827029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.827606] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.828318] flags: 0x200000000000040(head|node=0|zone=2) [ 10.828667] page_type: f5(slab) [ 10.828898] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.829520] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.829998] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.830416] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.830898] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.831280] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.831659] page dumped because: kasan: bad access detected [ 10.832163] [ 10.832273] Memory state around the buggy address: [ 10.832547] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.832984] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.833692] >ffff888100a1de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.834183] ^ [ 10.834352] ffff888100a1de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.834687] ffff888100a1df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.835215] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
Automatically assigned
[ 10.781587] ================================================================== [ 10.781857] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.782166] Write of size 1 at addr ffff888102a720eb by task kunit_try_catch/179 [ 10.782491] [ 10.782580] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.782633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.782645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.782718] Call Trace: [ 10.782763] <TASK> [ 10.782778] dump_stack_lvl+0x73/0xb0 [ 10.782834] print_report+0xd1/0x650 [ 10.782856] ? __virt_addr_valid+0x1db/0x2d0 [ 10.782878] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.782902] ? kasan_addr_to_slab+0x11/0xa0 [ 10.782923] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.782948] kasan_report+0x141/0x180 [ 10.782971] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.783002] __asan_report_store1_noabort+0x1b/0x30 [ 10.783023] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.783050] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.783075] ? finish_task_switch.isra.0+0x153/0x700 [ 10.783096] ? __switch_to+0x47/0xf50 [ 10.783122] ? __schedule+0x10cc/0x2b60 [ 10.783147] ? __pfx_read_tsc+0x10/0x10 [ 10.783172] krealloc_large_less_oob+0x1c/0x30 [ 10.783195] kunit_try_run_case+0x1a5/0x480 [ 10.783217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.783236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.783260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.783284] ? __kthread_parkme+0x82/0x180 [ 10.783304] ? preempt_count_sub+0x50/0x80 [ 10.783328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.783350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.783374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.783398] kthread+0x337/0x6f0 [ 10.783417] ? trace_preempt_on+0x20/0xc0 [ 10.783440] ? __pfx_kthread+0x10/0x10 [ 10.783460] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.783483] ? calculate_sigpending+0x7b/0xa0 [ 10.783506] ? __pfx_kthread+0x10/0x10 [ 10.783529] ret_from_fork+0x116/0x1d0 [ 10.783547] ? __pfx_kthread+0x10/0x10 [ 10.783567] ret_from_fork_asm+0x1a/0x30 [ 10.783601] </TASK> [ 10.783621] [ 10.794321] The buggy address belongs to the physical page: [ 10.794586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 10.795078] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.795365] flags: 0x200000000000040(head|node=0|zone=2) [ 10.795641] page_type: f8(unknown) [ 10.795876] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.796162] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.796469] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.796761] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.797145] head: 0200000000000002 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 10.797460] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.797729] page dumped because: kasan: bad access detected [ 10.798036] [ 10.798132] Memory state around the buggy address: [ 10.798336] ffff888102a71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.798586] ffff888102a72000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.798929] >ffff888102a72080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.799266] ^ [ 10.799538] ffff888102a72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.799996] ffff888102a72180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.800349] ================================================================== [ 10.701237] ================================================================== [ 10.701744] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.702316] Write of size 1 at addr ffff888102a720c9 by task kunit_try_catch/179 [ 10.702620] [ 10.702743] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.702787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.702799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.702821] Call Trace: [ 10.702833] <TASK> [ 10.702849] dump_stack_lvl+0x73/0xb0 [ 10.702876] print_report+0xd1/0x650 [ 10.702899] ? __virt_addr_valid+0x1db/0x2d0 [ 10.702923] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.702946] ? kasan_addr_to_slab+0x11/0xa0 [ 10.702968] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.702992] kasan_report+0x141/0x180 [ 10.703016] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.703047] __asan_report_store1_noabort+0x1b/0x30 [ 10.703068] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.703097] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.703122] ? finish_task_switch.isra.0+0x153/0x700 [ 10.703144] ? __switch_to+0x47/0xf50 [ 10.703172] ? __schedule+0x10cc/0x2b60 [ 10.703197] ? __pfx_read_tsc+0x10/0x10 [ 10.703223] krealloc_large_less_oob+0x1c/0x30 [ 10.703246] kunit_try_run_case+0x1a5/0x480 [ 10.703270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.703289] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.703313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.703338] ? __kthread_parkme+0x82/0x180 [ 10.703359] ? preempt_count_sub+0x50/0x80 [ 10.703383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.703404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.703429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.703453] kthread+0x337/0x6f0 [ 10.703473] ? trace_preempt_on+0x20/0xc0 [ 10.703497] ? __pfx_kthread+0x10/0x10 [ 10.703518] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.703541] ? calculate_sigpending+0x7b/0xa0 [ 10.703565] ? __pfx_kthread+0x10/0x10 [ 10.703593] ret_from_fork+0x116/0x1d0 [ 10.703619] ? __pfx_kthread+0x10/0x10 [ 10.703641] ret_from_fork_asm+0x1a/0x30 [ 10.703693] </TASK> [ 10.703703] [ 10.713549] The buggy address belongs to the physical page: [ 10.714027] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 10.714483] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.714978] flags: 0x200000000000040(head|node=0|zone=2) [ 10.715329] page_type: f8(unknown) [ 10.715693] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.716183] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.716501] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.717110] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.717493] head: 0200000000000002 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 10.718173] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.718734] page dumped because: kasan: bad access detected [ 10.719255] [ 10.719478] Memory state around the buggy address: [ 10.719709] ffff888102a71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.720284] ffff888102a72000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.720594] >ffff888102a72080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.721164] ^ [ 10.721496] ffff888102a72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.722122] ffff888102a72180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.722723] ================================================================== [ 10.636958] ================================================================== [ 10.637317] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.637657] Write of size 1 at addr ffff888100a1dceb by task kunit_try_catch/175 [ 10.638029] [ 10.638135] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.638178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.638190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.638211] Call Trace: [ 10.638226] <TASK> [ 10.638242] dump_stack_lvl+0x73/0xb0 [ 10.638266] print_report+0xd1/0x650 [ 10.638289] ? __virt_addr_valid+0x1db/0x2d0 [ 10.638311] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.638334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.638357] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.638382] kasan_report+0x141/0x180 [ 10.638405] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.638437] __asan_report_store1_noabort+0x1b/0x30 [ 10.638458] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.638486] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.638510] ? finish_task_switch.isra.0+0x153/0x700 [ 10.638532] ? __switch_to+0x47/0xf50 [ 10.638563] ? __schedule+0x10cc/0x2b60 [ 10.638587] ? __pfx_read_tsc+0x10/0x10 [ 10.638623] krealloc_less_oob+0x1c/0x30 [ 10.638645] kunit_try_run_case+0x1a5/0x480 [ 10.638667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.638687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.638711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.638735] ? __kthread_parkme+0x82/0x180 [ 10.638756] ? preempt_count_sub+0x50/0x80 [ 10.638797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.638819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.638843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.638868] kthread+0x337/0x6f0 [ 10.638888] ? trace_preempt_on+0x20/0xc0 [ 10.638911] ? __pfx_kthread+0x10/0x10 [ 10.638933] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.638955] ? calculate_sigpending+0x7b/0xa0 [ 10.638979] ? __pfx_kthread+0x10/0x10 [ 10.639002] ret_from_fork+0x116/0x1d0 [ 10.639019] ? __pfx_kthread+0x10/0x10 [ 10.639041] ret_from_fork_asm+0x1a/0x30 [ 10.639076] </TASK> [ 10.639086] [ 10.647170] Allocated by task 175: [ 10.647344] kasan_save_stack+0x45/0x70 [ 10.647551] kasan_save_track+0x18/0x40 [ 10.647734] kasan_save_alloc_info+0x3b/0x50 [ 10.647949] __kasan_krealloc+0x190/0x1f0 [ 10.648130] krealloc_noprof+0xf3/0x340 [ 10.648314] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.648518] krealloc_less_oob+0x1c/0x30 [ 10.648722] kunit_try_run_case+0x1a5/0x480 [ 10.648908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.649165] kthread+0x337/0x6f0 [ 10.649290] ret_from_fork+0x116/0x1d0 [ 10.649426] ret_from_fork_asm+0x1a/0x30 [ 10.649570] [ 10.649651] The buggy address belongs to the object at ffff888100a1dc00 [ 10.649651] which belongs to the cache kmalloc-256 of size 256 [ 10.650302] The buggy address is located 34 bytes to the right of [ 10.650302] allocated 201-byte region [ffff888100a1dc00, ffff888100a1dcc9) [ 10.650914] [ 10.651014] The buggy address belongs to the physical page: [ 10.651208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.651454] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.652008] flags: 0x200000000000040(head|node=0|zone=2) [ 10.652262] page_type: f5(slab) [ 10.652434] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.652798] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.653039] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.653359] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.653712] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.654046] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.654282] page dumped because: kasan: bad access detected [ 10.654460] [ 10.654554] Memory state around the buggy address: [ 10.654797] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.655128] ffff888100a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.655453] >ffff888100a1dc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.655784] ^ [ 10.656082] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.656383] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.656675] ================================================================== [ 10.593873] ================================================================== [ 10.594346] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.594690] Write of size 1 at addr ffff888100a1dcda by task kunit_try_catch/175 [ 10.595046] [ 10.595180] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.595223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.595235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.595254] Call Trace: [ 10.595269] <TASK> [ 10.595283] dump_stack_lvl+0x73/0xb0 [ 10.595307] print_report+0xd1/0x650 [ 10.595329] ? __virt_addr_valid+0x1db/0x2d0 [ 10.595352] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.595375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.595398] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.595423] kasan_report+0x141/0x180 [ 10.595446] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.595478] __asan_report_store1_noabort+0x1b/0x30 [ 10.595500] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.595527] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.595552] ? finish_task_switch.isra.0+0x153/0x700 [ 10.595574] ? __switch_to+0x47/0xf50 [ 10.595602] ? __schedule+0x10cc/0x2b60 [ 10.595638] ? __pfx_read_tsc+0x10/0x10 [ 10.595663] krealloc_less_oob+0x1c/0x30 [ 10.595685] kunit_try_run_case+0x1a5/0x480 [ 10.595706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.595725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.595749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.595774] ? __kthread_parkme+0x82/0x180 [ 10.595794] ? preempt_count_sub+0x50/0x80 [ 10.595819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.595841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.595865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.595889] kthread+0x337/0x6f0 [ 10.595909] ? trace_preempt_on+0x20/0xc0 [ 10.595932] ? __pfx_kthread+0x10/0x10 [ 10.595953] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.595976] ? calculate_sigpending+0x7b/0xa0 [ 10.595999] ? __pfx_kthread+0x10/0x10 [ 10.596021] ret_from_fork+0x116/0x1d0 [ 10.596040] ? __pfx_kthread+0x10/0x10 [ 10.596061] ret_from_fork_asm+0x1a/0x30 [ 10.596096] </TASK> [ 10.596106] [ 10.603914] Allocated by task 175: [ 10.604099] kasan_save_stack+0x45/0x70 [ 10.604304] kasan_save_track+0x18/0x40 [ 10.604503] kasan_save_alloc_info+0x3b/0x50 [ 10.604726] __kasan_krealloc+0x190/0x1f0 [ 10.604932] krealloc_noprof+0xf3/0x340 [ 10.605107] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.605344] krealloc_less_oob+0x1c/0x30 [ 10.605513] kunit_try_run_case+0x1a5/0x480 [ 10.605727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.606019] kthread+0x337/0x6f0 [ 10.606147] ret_from_fork+0x116/0x1d0 [ 10.606283] ret_from_fork_asm+0x1a/0x30 [ 10.606475] [ 10.606580] The buggy address belongs to the object at ffff888100a1dc00 [ 10.606580] which belongs to the cache kmalloc-256 of size 256 [ 10.607369] The buggy address is located 17 bytes to the right of [ 10.607369] allocated 201-byte region [ffff888100a1dc00, ffff888100a1dcc9) [ 10.607759] [ 10.607857] The buggy address belongs to the physical page: [ 10.608112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.608677] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.608915] flags: 0x200000000000040(head|node=0|zone=2) [ 10.609092] page_type: f5(slab) [ 10.609231] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.609583] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.610109] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.610440] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.610767] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.611137] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.611428] page dumped because: kasan: bad access detected [ 10.611664] [ 10.611736] Memory state around the buggy address: [ 10.612140] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.612427] ffff888100a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.612750] >ffff888100a1dc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.613031] ^ [ 10.613283] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.613577] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.613925] ================================================================== [ 10.723469] ================================================================== [ 10.723766] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.724033] Write of size 1 at addr ffff888102a720d0 by task kunit_try_catch/179 [ 10.724401] [ 10.724533] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.724578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.724590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.724623] Call Trace: [ 10.724635] <TASK> [ 10.724649] dump_stack_lvl+0x73/0xb0 [ 10.724674] print_report+0xd1/0x650 [ 10.724697] ? __virt_addr_valid+0x1db/0x2d0 [ 10.724720] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.724744] ? kasan_addr_to_slab+0x11/0xa0 [ 10.724776] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.724801] kasan_report+0x141/0x180 [ 10.724830] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.724862] __asan_report_store1_noabort+0x1b/0x30 [ 10.724884] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.724912] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.724936] ? finish_task_switch.isra.0+0x153/0x700 [ 10.724958] ? __switch_to+0x47/0xf50 [ 10.724984] ? __schedule+0x10cc/0x2b60 [ 10.725008] ? __pfx_read_tsc+0x10/0x10 [ 10.725033] krealloc_large_less_oob+0x1c/0x30 [ 10.725056] kunit_try_run_case+0x1a5/0x480 [ 10.725079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.725098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.725122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.725146] ? __kthread_parkme+0x82/0x180 [ 10.725166] ? preempt_count_sub+0x50/0x80 [ 10.725191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.725212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.725236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.725260] kthread+0x337/0x6f0 [ 10.725280] ? trace_preempt_on+0x20/0xc0 [ 10.725303] ? __pfx_kthread+0x10/0x10 [ 10.725324] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.725346] ? calculate_sigpending+0x7b/0xa0 [ 10.725370] ? __pfx_kthread+0x10/0x10 [ 10.725392] ret_from_fork+0x116/0x1d0 [ 10.725411] ? __pfx_kthread+0x10/0x10 [ 10.725432] ret_from_fork_asm+0x1a/0x30 [ 10.725467] </TASK> [ 10.725477] [ 10.735737] The buggy address belongs to the physical page: [ 10.736312] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 10.736683] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.737195] flags: 0x200000000000040(head|node=0|zone=2) [ 10.737447] page_type: f8(unknown) [ 10.737766] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.738151] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.738598] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.739047] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.739419] head: 0200000000000002 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 10.739746] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.740141] page dumped because: kasan: bad access detected [ 10.740607] [ 10.740790] Memory state around the buggy address: [ 10.741028] ffff888102a71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.741421] ffff888102a72000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.741742] >ffff888102a72080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.742190] ^ [ 10.742516] ffff888102a72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.742970] ffff888102a72180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.743450] ================================================================== [ 10.744006] ================================================================== [ 10.744456] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.745092] Write of size 1 at addr ffff888102a720da by task kunit_try_catch/179 [ 10.745408] [ 10.745502] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.745547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.745558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.745578] Call Trace: [ 10.745592] <TASK> [ 10.745607] dump_stack_lvl+0x73/0xb0 [ 10.745644] print_report+0xd1/0x650 [ 10.745668] ? __virt_addr_valid+0x1db/0x2d0 [ 10.745690] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.745714] ? kasan_addr_to_slab+0x11/0xa0 [ 10.745735] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.745760] kasan_report+0x141/0x180 [ 10.745783] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.745815] __asan_report_store1_noabort+0x1b/0x30 [ 10.745837] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.745865] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.745904] ? finish_task_switch.isra.0+0x153/0x700 [ 10.745952] ? __switch_to+0x47/0xf50 [ 10.745979] ? __schedule+0x10cc/0x2b60 [ 10.746003] ? __pfx_read_tsc+0x10/0x10 [ 10.746028] krealloc_large_less_oob+0x1c/0x30 [ 10.746051] kunit_try_run_case+0x1a5/0x480 [ 10.746073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.746092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.746117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.746142] ? __kthread_parkme+0x82/0x180 [ 10.746163] ? preempt_count_sub+0x50/0x80 [ 10.746187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.746209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.746233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.746257] kthread+0x337/0x6f0 [ 10.746277] ? trace_preempt_on+0x20/0xc0 [ 10.746300] ? __pfx_kthread+0x10/0x10 [ 10.746321] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.746344] ? calculate_sigpending+0x7b/0xa0 [ 10.746368] ? __pfx_kthread+0x10/0x10 [ 10.746390] ret_from_fork+0x116/0x1d0 [ 10.746408] ? __pfx_kthread+0x10/0x10 [ 10.746430] ret_from_fork_asm+0x1a/0x30 [ 10.746465] </TASK> [ 10.746475] [ 10.754651] The buggy address belongs to the physical page: [ 10.755003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 10.755364] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.755718] flags: 0x200000000000040(head|node=0|zone=2) [ 10.755910] page_type: f8(unknown) [ 10.756132] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.756480] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.756846] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.757119] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.757479] head: 0200000000000002 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 10.757800] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.758049] page dumped because: kasan: bad access detected [ 10.758224] [ 10.758321] Memory state around the buggy address: [ 10.758554] ffff888102a71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.759010] ffff888102a72000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.759376] >ffff888102a72080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.759595] ^ [ 10.759839] ffff888102a72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.760434] ffff888102a72180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.760762] ================================================================== [ 10.761130] ================================================================== [ 10.761357] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.761708] Write of size 1 at addr ffff888102a720ea by task kunit_try_catch/179 [ 10.762423] [ 10.762560] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.762603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.762624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.762643] Call Trace: [ 10.762657] <TASK> [ 10.762672] dump_stack_lvl+0x73/0xb0 [ 10.762695] print_report+0xd1/0x650 [ 10.762719] ? __virt_addr_valid+0x1db/0x2d0 [ 10.762742] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.762766] ? kasan_addr_to_slab+0x11/0xa0 [ 10.762788] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.762812] kasan_report+0x141/0x180 [ 10.762836] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.762867] __asan_report_store1_noabort+0x1b/0x30 [ 10.762888] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.762915] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.762940] ? finish_task_switch.isra.0+0x153/0x700 [ 10.762962] ? __switch_to+0x47/0xf50 [ 10.762988] ? __schedule+0x10cc/0x2b60 [ 10.763012] ? __pfx_read_tsc+0x10/0x10 [ 10.763037] krealloc_large_less_oob+0x1c/0x30 [ 10.763060] kunit_try_run_case+0x1a5/0x480 [ 10.763082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.763101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.763125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.763150] ? __kthread_parkme+0x82/0x180 [ 10.763170] ? preempt_count_sub+0x50/0x80 [ 10.763195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.763216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.763240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.763264] kthread+0x337/0x6f0 [ 10.763284] ? trace_preempt_on+0x20/0xc0 [ 10.763307] ? __pfx_kthread+0x10/0x10 [ 10.763328] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.763350] ? calculate_sigpending+0x7b/0xa0 [ 10.763373] ? __pfx_kthread+0x10/0x10 [ 10.763396] ret_from_fork+0x116/0x1d0 [ 10.763414] ? __pfx_kthread+0x10/0x10 [ 10.763437] ret_from_fork_asm+0x1a/0x30 [ 10.763471] </TASK> [ 10.763482] [ 10.772016] The buggy address belongs to the physical page: [ 10.773631] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 10.774159] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.774491] flags: 0x200000000000040(head|node=0|zone=2) [ 10.774753] page_type: f8(unknown) [ 10.775120] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.775462] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.775785] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.776336] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.776680] head: 0200000000000002 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 10.777203] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.777530] page dumped because: kasan: bad access detected [ 10.777779] [ 10.777879] Memory state around the buggy address: [ 10.778414] ffff888102a71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.778801] ffff888102a72000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.779405] >ffff888102a72080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 10.779782] ^ [ 10.780118] ffff888102a72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.780497] ffff888102a72180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.781141] ================================================================== [ 10.553043] ================================================================== [ 10.553514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.554160] Write of size 1 at addr ffff888100a1dcc9 by task kunit_try_catch/175 [ 10.554503] [ 10.554636] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.554684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.554697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.554719] Call Trace: [ 10.554731] <TASK> [ 10.554748] dump_stack_lvl+0x73/0xb0 [ 10.554790] print_report+0xd1/0x650 [ 10.554813] ? __virt_addr_valid+0x1db/0x2d0 [ 10.554837] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.554861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.554884] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.554909] kasan_report+0x141/0x180 [ 10.554933] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.554965] __asan_report_store1_noabort+0x1b/0x30 [ 10.554986] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.555014] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.555040] ? finish_task_switch.isra.0+0x153/0x700 [ 10.555062] ? __switch_to+0x47/0xf50 [ 10.555089] ? __schedule+0x10cc/0x2b60 [ 10.555114] ? __pfx_read_tsc+0x10/0x10 [ 10.555139] krealloc_less_oob+0x1c/0x30 [ 10.555161] kunit_try_run_case+0x1a5/0x480 [ 10.555184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.555203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.555228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.555252] ? __kthread_parkme+0x82/0x180 [ 10.555273] ? preempt_count_sub+0x50/0x80 [ 10.555298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.555320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.555344] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.555368] kthread+0x337/0x6f0 [ 10.555388] ? trace_preempt_on+0x20/0xc0 [ 10.555411] ? __pfx_kthread+0x10/0x10 [ 10.555432] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.555455] ? calculate_sigpending+0x7b/0xa0 [ 10.555479] ? __pfx_kthread+0x10/0x10 [ 10.555502] ret_from_fork+0x116/0x1d0 [ 10.555520] ? __pfx_kthread+0x10/0x10 [ 10.555541] ret_from_fork_asm+0x1a/0x30 [ 10.555577] </TASK> [ 10.555588] [ 10.563228] Allocated by task 175: [ 10.563363] kasan_save_stack+0x45/0x70 [ 10.563512] kasan_save_track+0x18/0x40 [ 10.563665] kasan_save_alloc_info+0x3b/0x50 [ 10.564001] __kasan_krealloc+0x190/0x1f0 [ 10.564209] krealloc_noprof+0xf3/0x340 [ 10.564402] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.564653] krealloc_less_oob+0x1c/0x30 [ 10.564827] kunit_try_run_case+0x1a5/0x480 [ 10.565028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.565281] kthread+0x337/0x6f0 [ 10.565440] ret_from_fork+0x116/0x1d0 [ 10.565596] ret_from_fork_asm+0x1a/0x30 [ 10.565807] [ 10.565888] The buggy address belongs to the object at ffff888100a1dc00 [ 10.565888] which belongs to the cache kmalloc-256 of size 256 [ 10.566282] The buggy address is located 0 bytes to the right of [ 10.566282] allocated 201-byte region [ffff888100a1dc00, ffff888100a1dcc9) [ 10.566892] [ 10.566999] The buggy address belongs to the physical page: [ 10.567262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.567627] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.567926] flags: 0x200000000000040(head|node=0|zone=2) [ 10.568119] page_type: f5(slab) [ 10.568292] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.568644] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.568993] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.569292] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.569649] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.570037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.570271] page dumped because: kasan: bad access detected [ 10.570449] [ 10.570520] Memory state around the buggy address: [ 10.570755] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.571117] ffff888100a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.571435] >ffff888100a1dc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.571702] ^ [ 10.572145] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.572384] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.572601] ================================================================== [ 10.573956] ================================================================== [ 10.574315] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.574671] Write of size 1 at addr ffff888100a1dcd0 by task kunit_try_catch/175 [ 10.575017] [ 10.575121] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.575164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.575177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.575197] Call Trace: [ 10.575208] <TASK> [ 10.575222] dump_stack_lvl+0x73/0xb0 [ 10.575248] print_report+0xd1/0x650 [ 10.575271] ? __virt_addr_valid+0x1db/0x2d0 [ 10.575293] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.575317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.575340] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.575366] kasan_report+0x141/0x180 [ 10.575389] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.575421] __asan_report_store1_noabort+0x1b/0x30 [ 10.575442] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.575470] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.575495] ? finish_task_switch.isra.0+0x153/0x700 [ 10.575516] ? __switch_to+0x47/0xf50 [ 10.575543] ? __schedule+0x10cc/0x2b60 [ 10.575567] ? __pfx_read_tsc+0x10/0x10 [ 10.575592] krealloc_less_oob+0x1c/0x30 [ 10.575626] kunit_try_run_case+0x1a5/0x480 [ 10.575649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.575668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.575693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.575718] ? __kthread_parkme+0x82/0x180 [ 10.575739] ? preempt_count_sub+0x50/0x80 [ 10.575763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.575785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.575817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.575842] kthread+0x337/0x6f0 [ 10.575862] ? trace_preempt_on+0x20/0xc0 [ 10.575885] ? __pfx_kthread+0x10/0x10 [ 10.575906] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.575929] ? calculate_sigpending+0x7b/0xa0 [ 10.575953] ? __pfx_kthread+0x10/0x10 [ 10.575976] ret_from_fork+0x116/0x1d0 [ 10.575994] ? __pfx_kthread+0x10/0x10 [ 10.576015] ret_from_fork_asm+0x1a/0x30 [ 10.576050] </TASK> [ 10.576059] [ 10.583553] Allocated by task 175: [ 10.583742] kasan_save_stack+0x45/0x70 [ 10.583958] kasan_save_track+0x18/0x40 [ 10.584161] kasan_save_alloc_info+0x3b/0x50 [ 10.584358] __kasan_krealloc+0x190/0x1f0 [ 10.584539] krealloc_noprof+0xf3/0x340 [ 10.584744] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.584961] krealloc_less_oob+0x1c/0x30 [ 10.585105] kunit_try_run_case+0x1a5/0x480 [ 10.585274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.585528] kthread+0x337/0x6f0 [ 10.585711] ret_from_fork+0x116/0x1d0 [ 10.586034] ret_from_fork_asm+0x1a/0x30 [ 10.586178] [ 10.586250] The buggy address belongs to the object at ffff888100a1dc00 [ 10.586250] which belongs to the cache kmalloc-256 of size 256 [ 10.586740] The buggy address is located 7 bytes to the right of [ 10.586740] allocated 201-byte region [ffff888100a1dc00, ffff888100a1dcc9) [ 10.587301] [ 10.587402] The buggy address belongs to the physical page: [ 10.587659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.587961] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.588292] flags: 0x200000000000040(head|node=0|zone=2) [ 10.588505] page_type: f5(slab) [ 10.588694] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.589009] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.589249] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.589488] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.589794] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.590149] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.590490] page dumped because: kasan: bad access detected [ 10.590774] [ 10.590870] Memory state around the buggy address: [ 10.591095] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.591358] ffff888100a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.591580] >ffff888100a1dc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.591808] ^ [ 10.592083] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.592518] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.592971] ================================================================== [ 10.614897] ================================================================== [ 10.615244] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.615573] Write of size 1 at addr ffff888100a1dcea by task kunit_try_catch/175 [ 10.616221] [ 10.616318] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.616362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.616374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.616395] Call Trace: [ 10.616410] <TASK> [ 10.616425] dump_stack_lvl+0x73/0xb0 [ 10.616452] print_report+0xd1/0x650 [ 10.616476] ? __virt_addr_valid+0x1db/0x2d0 [ 10.616498] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.616522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.616545] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.616570] kasan_report+0x141/0x180 [ 10.616593] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.616636] __asan_report_store1_noabort+0x1b/0x30 [ 10.616657] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.616685] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.616709] ? finish_task_switch.isra.0+0x153/0x700 [ 10.616731] ? __switch_to+0x47/0xf50 [ 10.616757] ? __schedule+0x10cc/0x2b60 [ 10.616781] ? __pfx_read_tsc+0x10/0x10 [ 10.616806] krealloc_less_oob+0x1c/0x30 [ 10.616828] kunit_try_run_case+0x1a5/0x480 [ 10.616850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.616869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.616893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.616918] ? __kthread_parkme+0x82/0x180 [ 10.616938] ? preempt_count_sub+0x50/0x80 [ 10.616962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.616984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.617008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.617032] kthread+0x337/0x6f0 [ 10.617052] ? trace_preempt_on+0x20/0xc0 [ 10.617075] ? __pfx_kthread+0x10/0x10 [ 10.617097] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.617119] ? calculate_sigpending+0x7b/0xa0 [ 10.617143] ? __pfx_kthread+0x10/0x10 [ 10.617165] ret_from_fork+0x116/0x1d0 [ 10.617183] ? __pfx_kthread+0x10/0x10 [ 10.617204] ret_from_fork_asm+0x1a/0x30 [ 10.617238] </TASK> [ 10.617248] [ 10.624721] Allocated by task 175: [ 10.624854] kasan_save_stack+0x45/0x70 [ 10.625002] kasan_save_track+0x18/0x40 [ 10.625206] kasan_save_alloc_info+0x3b/0x50 [ 10.625416] __kasan_krealloc+0x190/0x1f0 [ 10.625634] krealloc_noprof+0xf3/0x340 [ 10.625892] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.626131] krealloc_less_oob+0x1c/0x30 [ 10.626328] kunit_try_run_case+0x1a5/0x480 [ 10.626535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.626875] kthread+0x337/0x6f0 [ 10.627012] ret_from_fork+0x116/0x1d0 [ 10.627173] ret_from_fork_asm+0x1a/0x30 [ 10.627372] [ 10.627469] The buggy address belongs to the object at ffff888100a1dc00 [ 10.627469] which belongs to the cache kmalloc-256 of size 256 [ 10.627994] The buggy address is located 33 bytes to the right of [ 10.627994] allocated 201-byte region [ffff888100a1dc00, ffff888100a1dcc9) [ 10.628384] [ 10.628458] The buggy address belongs to the physical page: [ 10.628730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.629381] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.629734] flags: 0x200000000000040(head|node=0|zone=2) [ 10.630064] page_type: f5(slab) [ 10.630188] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.630427] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.630682] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.631217] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.631570] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.631944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.632282] page dumped because: kasan: bad access detected [ 10.632563] [ 10.632643] Memory state around the buggy address: [ 10.632805] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.633059] ffff888100a1dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.633383] >ffff888100a1dc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.633718] ^ [ 10.634249] ffff888100a1dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.634502] ffff888100a1dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.634741] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
Automatically assigned
[ 10.492924] ================================================================== [ 10.493355] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.493605] Write of size 1 at addr ffff888100a1daeb by task kunit_try_catch/173 [ 10.493862] [ 10.493950] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.493993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.494005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.494024] Call Trace: [ 10.494036] <TASK> [ 10.494050] dump_stack_lvl+0x73/0xb0 [ 10.494076] print_report+0xd1/0x650 [ 10.494097] ? __virt_addr_valid+0x1db/0x2d0 [ 10.494119] ? krealloc_more_oob_helper+0x821/0x930 [ 10.494142] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.494164] ? krealloc_more_oob_helper+0x821/0x930 [ 10.494188] kasan_report+0x141/0x180 [ 10.494210] ? krealloc_more_oob_helper+0x821/0x930 [ 10.494238] __asan_report_store1_noabort+0x1b/0x30 [ 10.494258] krealloc_more_oob_helper+0x821/0x930 [ 10.494280] ? __schedule+0x10cc/0x2b60 [ 10.494303] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.494327] ? finish_task_switch.isra.0+0x153/0x700 [ 10.494348] ? __switch_to+0x47/0xf50 [ 10.494373] ? __schedule+0x10cc/0x2b60 [ 10.494395] ? __pfx_read_tsc+0x10/0x10 [ 10.494418] krealloc_more_oob+0x1c/0x30 [ 10.494440] kunit_try_run_case+0x1a5/0x480 [ 10.494460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.494479] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.494503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.494526] ? __kthread_parkme+0x82/0x180 [ 10.494553] ? preempt_count_sub+0x50/0x80 [ 10.494575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.494595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.494934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.494965] kthread+0x337/0x6f0 [ 10.494986] ? trace_preempt_on+0x20/0xc0 [ 10.495010] ? __pfx_kthread+0x10/0x10 [ 10.495030] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.495217] ? calculate_sigpending+0x7b/0xa0 [ 10.495258] ? __pfx_kthread+0x10/0x10 [ 10.495282] ret_from_fork+0x116/0x1d0 [ 10.495301] ? __pfx_kthread+0x10/0x10 [ 10.495322] ret_from_fork_asm+0x1a/0x30 [ 10.495355] </TASK> [ 10.495365] [ 10.512367] Allocated by task 173: [ 10.512512] kasan_save_stack+0x45/0x70 [ 10.512690] kasan_save_track+0x18/0x40 [ 10.512951] kasan_save_alloc_info+0x3b/0x50 [ 10.513160] __kasan_krealloc+0x190/0x1f0 [ 10.513383] krealloc_noprof+0xf3/0x340 [ 10.513575] krealloc_more_oob_helper+0x1a9/0x930 [ 10.513836] krealloc_more_oob+0x1c/0x30 [ 10.513990] kunit_try_run_case+0x1a5/0x480 [ 10.514139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.514401] kthread+0x337/0x6f0 [ 10.514582] ret_from_fork+0x116/0x1d0 [ 10.515572] ret_from_fork_asm+0x1a/0x30 [ 10.515787] [ 10.516108] The buggy address belongs to the object at ffff888100a1da00 [ 10.516108] which belongs to the cache kmalloc-256 of size 256 [ 10.516681] The buggy address is located 0 bytes to the right of [ 10.516681] allocated 235-byte region [ffff888100a1da00, ffff888100a1daeb) [ 10.517777] [ 10.517953] The buggy address belongs to the physical page: [ 10.518188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.518668] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.519185] flags: 0x200000000000040(head|node=0|zone=2) [ 10.519514] page_type: f5(slab) [ 10.519663] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.520271] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.520627] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.521092] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.521488] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.521986] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.522322] page dumped because: kasan: bad access detected [ 10.522569] [ 10.522670] Memory state around the buggy address: [ 10.523212] ffff888100a1d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.523503] ffff888100a1da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.523938] >ffff888100a1da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.524381] ^ [ 10.524692] ffff888100a1db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.525221] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.525575] ================================================================== [ 10.661142] ================================================================== [ 10.661620] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.661924] Write of size 1 at addr ffff8881039560eb by task kunit_try_catch/177 [ 10.662508] [ 10.662635] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.662680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.662693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.662713] Call Trace: [ 10.662725] <TASK> [ 10.662738] dump_stack_lvl+0x73/0xb0 [ 10.662779] print_report+0xd1/0x650 [ 10.662802] ? __virt_addr_valid+0x1db/0x2d0 [ 10.662825] ? krealloc_more_oob_helper+0x821/0x930 [ 10.662849] ? kasan_addr_to_slab+0x11/0xa0 [ 10.662869] ? krealloc_more_oob_helper+0x821/0x930 [ 10.662894] kasan_report+0x141/0x180 [ 10.662916] ? krealloc_more_oob_helper+0x821/0x930 [ 10.662945] __asan_report_store1_noabort+0x1b/0x30 [ 10.662968] krealloc_more_oob_helper+0x821/0x930 [ 10.662992] ? __schedule+0x10cc/0x2b60 [ 10.663017] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.663042] ? finish_task_switch.isra.0+0x153/0x700 [ 10.663064] ? __switch_to+0x47/0xf50 [ 10.663090] ? __schedule+0x10cc/0x2b60 [ 10.663113] ? __pfx_read_tsc+0x10/0x10 [ 10.663138] krealloc_large_more_oob+0x1c/0x30 [ 10.663161] kunit_try_run_case+0x1a5/0x480 [ 10.663182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.663202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.663227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.663251] ? __kthread_parkme+0x82/0x180 [ 10.663272] ? preempt_count_sub+0x50/0x80 [ 10.663294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.663315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.663339] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.663363] kthread+0x337/0x6f0 [ 10.663382] ? trace_preempt_on+0x20/0xc0 [ 10.663405] ? __pfx_kthread+0x10/0x10 [ 10.663452] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.663475] ? calculate_sigpending+0x7b/0xa0 [ 10.663499] ? __pfx_kthread+0x10/0x10 [ 10.663521] ret_from_fork+0x116/0x1d0 [ 10.663540] ? __pfx_kthread+0x10/0x10 [ 10.663560] ret_from_fork_asm+0x1a/0x30 [ 10.663590] </TASK> [ 10.663600] [ 10.671968] The buggy address belongs to the physical page: [ 10.672248] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.672575] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.672842] flags: 0x200000000000040(head|node=0|zone=2) [ 10.673175] page_type: f8(unknown) [ 10.673363] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.673779] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.674067] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.674305] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.674626] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.674973] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.675474] page dumped because: kasan: bad access detected [ 10.675673] [ 10.675799] Memory state around the buggy address: [ 10.676302] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.676637] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.676995] >ffff888103956080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.677295] ^ [ 10.677556] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.677991] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.678238] ================================================================== [ 10.526773] ================================================================== [ 10.527192] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.527683] Write of size 1 at addr ffff888100a1daf0 by task kunit_try_catch/173 [ 10.528346] [ 10.528459] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.528504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.528516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.528537] Call Trace: [ 10.528549] <TASK> [ 10.528563] dump_stack_lvl+0x73/0xb0 [ 10.528589] print_report+0xd1/0x650 [ 10.528624] ? __virt_addr_valid+0x1db/0x2d0 [ 10.528647] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.528670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.528692] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.528717] kasan_report+0x141/0x180 [ 10.528739] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.528767] __asan_report_store1_noabort+0x1b/0x30 [ 10.528789] krealloc_more_oob_helper+0x7eb/0x930 [ 10.528812] ? __schedule+0x10cc/0x2b60 [ 10.528835] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.528859] ? finish_task_switch.isra.0+0x153/0x700 [ 10.528880] ? __switch_to+0x47/0xf50 [ 10.528905] ? __schedule+0x10cc/0x2b60 [ 10.528928] ? __pfx_read_tsc+0x10/0x10 [ 10.528950] krealloc_more_oob+0x1c/0x30 [ 10.528972] kunit_try_run_case+0x1a5/0x480 [ 10.528993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.529013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.529036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.529060] ? __kthread_parkme+0x82/0x180 [ 10.529080] ? preempt_count_sub+0x50/0x80 [ 10.529102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.529123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.529147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.529171] kthread+0x337/0x6f0 [ 10.529190] ? trace_preempt_on+0x20/0xc0 [ 10.529212] ? __pfx_kthread+0x10/0x10 [ 10.529232] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.529254] ? calculate_sigpending+0x7b/0xa0 [ 10.529277] ? __pfx_kthread+0x10/0x10 [ 10.529298] ret_from_fork+0x116/0x1d0 [ 10.529316] ? __pfx_kthread+0x10/0x10 [ 10.529336] ret_from_fork_asm+0x1a/0x30 [ 10.529366] </TASK> [ 10.529376] [ 10.538051] Allocated by task 173: [ 10.538242] kasan_save_stack+0x45/0x70 [ 10.538420] kasan_save_track+0x18/0x40 [ 10.538641] kasan_save_alloc_info+0x3b/0x50 [ 10.538919] __kasan_krealloc+0x190/0x1f0 [ 10.539091] krealloc_noprof+0xf3/0x340 [ 10.539230] krealloc_more_oob_helper+0x1a9/0x930 [ 10.539395] krealloc_more_oob+0x1c/0x30 [ 10.539574] kunit_try_run_case+0x1a5/0x480 [ 10.539790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.540050] kthread+0x337/0x6f0 [ 10.540229] ret_from_fork+0x116/0x1d0 [ 10.540585] ret_from_fork_asm+0x1a/0x30 [ 10.540764] [ 10.540862] The buggy address belongs to the object at ffff888100a1da00 [ 10.540862] which belongs to the cache kmalloc-256 of size 256 [ 10.541339] The buggy address is located 5 bytes to the right of [ 10.541339] allocated 235-byte region [ffff888100a1da00, ffff888100a1daeb) [ 10.542131] [ 10.542246] The buggy address belongs to the physical page: [ 10.542442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a1c [ 10.542967] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.543268] flags: 0x200000000000040(head|node=0|zone=2) [ 10.543492] page_type: f5(slab) [ 10.543626] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.543868] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.544205] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.544600] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.544866] head: 0200000000000001 ffffea0004028701 00000000ffffffff 00000000ffffffff [ 10.545103] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.545601] page dumped because: kasan: bad access detected [ 10.546131] [ 10.546243] Memory state around the buggy address: [ 10.546478] ffff888100a1d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.546970] ffff888100a1da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.547232] >ffff888100a1da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.547530] ^ [ 10.547896] ffff888100a1db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.548131] ffff888100a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.548404] ================================================================== [ 10.678650] ================================================================== [ 10.679046] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.679368] Write of size 1 at addr ffff8881039560f0 by task kunit_try_catch/177 [ 10.679710] [ 10.679812] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.679855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.679867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.679886] Call Trace: [ 10.679900] <TASK> [ 10.679914] dump_stack_lvl+0x73/0xb0 [ 10.679938] print_report+0xd1/0x650 [ 10.679960] ? __virt_addr_valid+0x1db/0x2d0 [ 10.679982] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.680005] ? kasan_addr_to_slab+0x11/0xa0 [ 10.680026] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.680050] kasan_report+0x141/0x180 [ 10.680073] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.680101] __asan_report_store1_noabort+0x1b/0x30 [ 10.680122] krealloc_more_oob_helper+0x7eb/0x930 [ 10.680145] ? __schedule+0x10cc/0x2b60 [ 10.680168] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.680193] ? finish_task_switch.isra.0+0x153/0x700 [ 10.680215] ? __switch_to+0x47/0xf50 [ 10.680240] ? __schedule+0x10cc/0x2b60 [ 10.680263] ? __pfx_read_tsc+0x10/0x10 [ 10.680286] krealloc_large_more_oob+0x1c/0x30 [ 10.680309] kunit_try_run_case+0x1a5/0x480 [ 10.680330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.680349] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.680372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.680396] ? __kthread_parkme+0x82/0x180 [ 10.680416] ? preempt_count_sub+0x50/0x80 [ 10.680439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.680460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.680483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.680507] kthread+0x337/0x6f0 [ 10.680527] ? trace_preempt_on+0x20/0xc0 [ 10.680549] ? __pfx_kthread+0x10/0x10 [ 10.680569] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.680591] ? calculate_sigpending+0x7b/0xa0 [ 10.680791] ? __pfx_kthread+0x10/0x10 [ 10.680822] ret_from_fork+0x116/0x1d0 [ 10.680844] ? __pfx_kthread+0x10/0x10 [ 10.680866] ret_from_fork_asm+0x1a/0x30 [ 10.680898] </TASK> [ 10.680909] [ 10.689477] The buggy address belongs to the physical page: [ 10.689729] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103954 [ 10.690214] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.690522] flags: 0x200000000000040(head|node=0|zone=2) [ 10.690775] page_type: f8(unknown) [ 10.690953] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.691189] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.691502] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.691855] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.692349] head: 0200000000000002 ffffea00040e5501 00000000ffffffff 00000000ffffffff [ 10.692683] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.692972] page dumped because: kasan: bad access detected [ 10.693268] [ 10.693363] Memory state around the buggy address: [ 10.693523] ffff888103955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.693831] ffff888103956000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.694320] >ffff888103956080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.694649] ^ [ 10.694972] ffff888103956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.695239] ffff888103956180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.695559] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
Automatically assigned
[ 17.618259] ================================================================== [ 17.618662] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 17.618662] [ 17.619017] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 17.619400] test_corruption+0x216/0x3e0 [ 17.619573] kunit_try_run_case+0x1a5/0x480 [ 17.619787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.620054] kthread+0x337/0x6f0 [ 17.620235] ret_from_fork+0x116/0x1d0 [ 17.620377] ret_from_fork_asm+0x1a/0x30 [ 17.620583] [ 17.620692] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.620692] [ 17.621065] allocated by task 330 on cpu 1 at 17.618133s (0.002930s ago): [ 17.621372] test_alloc+0x2a6/0x10f0 [ 17.621564] test_corruption+0x1cb/0x3e0 [ 17.621735] kunit_try_run_case+0x1a5/0x480 [ 17.621981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.622215] kthread+0x337/0x6f0 [ 17.622388] ret_from_fork+0x116/0x1d0 [ 17.622551] ret_from_fork_asm+0x1a/0x30 [ 17.622707] [ 17.622783] freed by task 330 on cpu 1 at 17.618192s (0.004588s ago): [ 17.623097] test_corruption+0x216/0x3e0 [ 17.623303] kunit_try_run_case+0x1a5/0x480 [ 17.623512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.623771] kthread+0x337/0x6f0 [ 17.623899] ret_from_fork+0x116/0x1d0 [ 17.624073] ret_from_fork_asm+0x1a/0x30 [ 17.624275] [ 17.624404] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 17.624948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.625095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.625473] ================================================================== [ 17.410280] ================================================================== [ 17.410704] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.410704] [ 17.411054] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 17.411448] test_corruption+0x2df/0x3e0 [ 17.411652] kunit_try_run_case+0x1a5/0x480 [ 17.411857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.412044] kthread+0x337/0x6f0 [ 17.412197] ret_from_fork+0x116/0x1d0 [ 17.412397] ret_from_fork_asm+0x1a/0x30 [ 17.412602] [ 17.412712] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.412712] [ 17.413101] allocated by task 328 on cpu 0 at 17.410048s (0.003051s ago): [ 17.413384] test_alloc+0x364/0x10f0 [ 17.413524] test_corruption+0x1cb/0x3e0 [ 17.413698] kunit_try_run_case+0x1a5/0x480 [ 17.414066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.414334] kthread+0x337/0x6f0 [ 17.414509] ret_from_fork+0x116/0x1d0 [ 17.414738] ret_from_fork_asm+0x1a/0x30 [ 17.414947] [ 17.415048] freed by task 328 on cpu 0 at 17.410126s (0.004920s ago): [ 17.415272] test_corruption+0x2df/0x3e0 [ 17.415487] kunit_try_run_case+0x1a5/0x480 [ 17.415716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.415987] kthread+0x337/0x6f0 [ 17.416123] ret_from_fork+0x116/0x1d0 [ 17.416314] ret_from_fork_asm+0x1a/0x30 [ 17.416522] [ 17.416638] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 17.417002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.417218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.417646] ================================================================== [ 17.514225] ================================================================== [ 17.514633] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.514633] [ 17.515051] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 17.515692] test_corruption+0x131/0x3e0 [ 17.516032] kunit_try_run_case+0x1a5/0x480 [ 17.516229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.516438] kthread+0x337/0x6f0 [ 17.516574] ret_from_fork+0x116/0x1d0 [ 17.516778] ret_from_fork_asm+0x1a/0x30 [ 17.517003] [ 17.517133] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.517133] [ 17.517426] allocated by task 330 on cpu 1 at 17.514097s (0.003327s ago): [ 17.517760] test_alloc+0x2a6/0x10f0 [ 17.517962] test_corruption+0xe6/0x3e0 [ 17.518139] kunit_try_run_case+0x1a5/0x480 [ 17.518326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.518579] kthread+0x337/0x6f0 [ 17.518722] ret_from_fork+0x116/0x1d0 [ 17.519004] ret_from_fork_asm+0x1a/0x30 [ 17.519179] [ 17.519279] freed by task 330 on cpu 1 at 17.514156s (0.005120s ago): [ 17.519572] test_corruption+0x131/0x3e0 [ 17.519750] kunit_try_run_case+0x1a5/0x480 [ 17.519900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.520082] kthread+0x337/0x6f0 [ 17.520298] ret_from_fork+0x116/0x1d0 [ 17.520499] ret_from_fork_asm+0x1a/0x30 [ 17.520711] [ 17.520874] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 17.521353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.521518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.521937] ================================================================== [ 17.202217] ================================================================== [ 17.202633] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.202633] [ 17.202997] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#79): [ 17.204119] test_corruption+0x2d2/0x3e0 [ 17.204329] kunit_try_run_case+0x1a5/0x480 [ 17.204525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.204988] kthread+0x337/0x6f0 [ 17.205184] ret_from_fork+0x116/0x1d0 [ 17.205459] ret_from_fork_asm+0x1a/0x30 [ 17.205658] [ 17.205755] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.205755] [ 17.206252] allocated by task 328 on cpu 0 at 17.202051s (0.004198s ago): [ 17.206574] test_alloc+0x364/0x10f0 [ 17.206752] test_corruption+0xe6/0x3e0 [ 17.206898] kunit_try_run_case+0x1a5/0x480 [ 17.207402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.207707] kthread+0x337/0x6f0 [ 17.207994] ret_from_fork+0x116/0x1d0 [ 17.208196] ret_from_fork_asm+0x1a/0x30 [ 17.208379] [ 17.208466] freed by task 328 on cpu 0 at 17.202150s (0.006314s ago): [ 17.208747] test_corruption+0x2d2/0x3e0 [ 17.209238] kunit_try_run_case+0x1a5/0x480 [ 17.209433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.209712] kthread+0x337/0x6f0 [ 17.209851] ret_from_fork+0x116/0x1d0 [ 17.210088] ret_from_fork_asm+0x1a/0x30 [ 17.210275] [ 17.210378] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 17.210886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.211058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.211435] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti: Failure
Automatically assigned
[ 110.709186] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
Automatically assigned
[ 16.994192] ================================================================== [ 16.994585] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 16.994585] [ 16.994962] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 16.995236] test_invalid_addr_free+0x1e1/0x260 [ 16.995417] kunit_try_run_case+0x1a5/0x480 [ 16.995636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.995861] kthread+0x337/0x6f0 [ 16.996039] ret_from_fork+0x116/0x1d0 [ 16.996195] ret_from_fork_asm+0x1a/0x30 [ 16.996406] [ 16.996505] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.996505] [ 16.996957] allocated by task 324 on cpu 0 at 16.994089s (0.002867s ago): [ 16.997246] test_alloc+0x364/0x10f0 [ 16.997416] test_invalid_addr_free+0xdb/0x260 [ 16.997648] kunit_try_run_case+0x1a5/0x480 [ 16.997891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.998076] kthread+0x337/0x6f0 [ 16.998202] ret_from_fork+0x116/0x1d0 [ 16.998396] ret_from_fork_asm+0x1a/0x30 [ 16.998605] [ 16.998733] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.999130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.999333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.999760] ================================================================== [ 17.098221] ================================================================== [ 17.098631] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.098631] [ 17.099008] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.099308] test_invalid_addr_free+0xfb/0x260 [ 17.099964] kunit_try_run_case+0x1a5/0x480 [ 17.100184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.100426] kthread+0x337/0x6f0 [ 17.100584] ret_from_fork+0x116/0x1d0 [ 17.101098] ret_from_fork_asm+0x1a/0x30 [ 17.101301] [ 17.101384] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.101384] [ 17.101945] allocated by task 326 on cpu 1 at 17.098118s (0.003824s ago): [ 17.102406] test_alloc+0x2a6/0x10f0 [ 17.102573] test_invalid_addr_free+0xdb/0x260 [ 17.102994] kunit_try_run_case+0x1a5/0x480 [ 17.103255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.103574] kthread+0x337/0x6f0 [ 17.103880] ret_from_fork+0x116/0x1d0 [ 17.104061] ret_from_fork_asm+0x1a/0x30 [ 17.104363] [ 17.104487] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 17.105140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.105415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.105951] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
Automatically assigned
[ 48.402618] ================================================================== [ 48.403485] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.403485] [ 48.403927] Use-after-free read at 0x(____ptrval____) (in kfence-#140): [ 48.404225] test_krealloc+0x6fc/0xbe0 [ 48.404397] kunit_try_run_case+0x1a5/0x480 [ 48.404632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.405461] kthread+0x337/0x6f0 [ 48.405666] ret_from_fork+0x116/0x1d0 [ 48.405847] ret_from_fork_asm+0x1a/0x30 [ 48.406149] [ 48.406244] kfence-#140: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.406244] [ 48.406667] allocated by task 354 on cpu 0 at 48.402025s (0.004639s ago): [ 48.407344] test_alloc+0x364/0x10f0 [ 48.407528] test_krealloc+0xad/0xbe0 [ 48.407852] kunit_try_run_case+0x1a5/0x480 [ 48.408067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.408411] kthread+0x337/0x6f0 [ 48.408734] ret_from_fork+0x116/0x1d0 [ 48.409054] ret_from_fork_asm+0x1a/0x30 [ 48.409221] [ 48.409469] freed by task 354 on cpu 0 at 48.402239s (0.007227s ago): [ 48.409889] krealloc_noprof+0x108/0x340 [ 48.410184] test_krealloc+0x226/0xbe0 [ 48.410449] kunit_try_run_case+0x1a5/0x480 [ 48.410778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.411117] kthread+0x337/0x6f0 [ 48.411390] ret_from_fork+0x116/0x1d0 [ 48.411548] ret_from_fork_asm+0x1a/0x30 [ 48.411986] [ 48.412137] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 48.412638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.412853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.413211] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
Automatically assigned
[ 48.320316] ================================================================== [ 48.320743] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.320743] [ 48.321215] Use-after-free read at 0x(____ptrval____) (in kfence-#139): [ 48.321556] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.321804] kunit_try_run_case+0x1a5/0x480 [ 48.322031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.322277] kthread+0x337/0x6f0 [ 48.322478] ret_from_fork+0x116/0x1d0 [ 48.322650] ret_from_fork_asm+0x1a/0x30 [ 48.322796] [ 48.322911] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.322911] [ 48.323291] allocated by task 352 on cpu 0 at 48.299003s (0.024285s ago): [ 48.324053] test_alloc+0x2a6/0x10f0 [ 48.324252] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.324481] kunit_try_run_case+0x1a5/0x480 [ 48.324651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.324831] kthread+0x337/0x6f0 [ 48.325010] ret_from_fork+0x116/0x1d0 [ 48.325201] ret_from_fork_asm+0x1a/0x30 [ 48.325392] [ 48.325469] freed by task 352 on cpu 0 at 48.299110s (0.026356s ago): [ 48.325994] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.326226] kunit_try_run_case+0x1a5/0x480 [ 48.326423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.326686] kthread+0x337/0x6f0 [ 48.326941] ret_from_fork+0x116/0x1d0 [ 48.327107] ret_from_fork_asm+0x1a/0x30 [ 48.327284] [ 48.327411] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 48.327932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.328102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.328378] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
Automatically assigned
[ 23.143397] ================================================================== [ 23.143990] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.143990] [ 23.144333] Invalid read at 0x(____ptrval____): [ 23.144717] test_invalid_access+0xf0/0x210 [ 23.144881] kunit_try_run_case+0x1a5/0x480 [ 23.145033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.145213] kthread+0x337/0x6f0 [ 23.145537] ret_from_fork+0x116/0x1d0 [ 23.145812] ret_from_fork_asm+0x1a/0x30 [ 23.146139] [ 23.146297] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 23.147006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.147445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.148335] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
Automatically assigned
[ 22.922322] ================================================================== [ 22.922740] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.922740] [ 22.923117] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#134): [ 22.923756] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.924011] kunit_try_run_case+0x1a5/0x480 [ 22.924168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.924429] kthread+0x337/0x6f0 [ 22.924622] ret_from_fork+0x116/0x1d0 [ 22.924793] ret_from_fork_asm+0x1a/0x30 [ 22.925002] [ 22.925090] kfence-#134: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.925090] [ 22.925478] allocated by task 342 on cpu 0 at 22.922081s (0.003395s ago): [ 22.925802] test_alloc+0x364/0x10f0 [ 22.925955] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.926132] kunit_try_run_case+0x1a5/0x480 [ 22.926344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.926616] kthread+0x337/0x6f0 [ 22.926787] ret_from_fork+0x116/0x1d0 [ 22.926947] ret_from_fork_asm+0x1a/0x30 [ 22.927093] [ 22.927178] freed by task 342 on cpu 0 at 22.922215s (0.004962s ago): [ 22.927488] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.927754] kunit_try_run_case+0x1a5/0x480 [ 22.927969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.928183] kthread+0x337/0x6f0 [ 22.928364] ret_from_fork+0x116/0x1d0 [ 22.928547] ret_from_fork_asm+0x1a/0x30 [ 22.928740] [ 22.928901] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 22.929263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.929460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.929868] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
Automatically assigned
[ 22.818263] ================================================================== [ 22.818715] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.818715] [ 22.819148] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#133): [ 22.819503] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.819702] kunit_try_run_case+0x1a5/0x480 [ 22.820108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.820349] kthread+0x337/0x6f0 [ 22.820483] ret_from_fork+0x116/0x1d0 [ 22.820690] ret_from_fork_asm+0x1a/0x30 [ 22.820931] [ 22.821025] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.821025] [ 22.821339] allocated by task 340 on cpu 0 at 22.818046s (0.003291s ago): [ 22.821688] test_alloc+0x364/0x10f0 [ 22.821977] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.822215] kunit_try_run_case+0x1a5/0x480 [ 22.822401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.822671] kthread+0x337/0x6f0 [ 22.822805] ret_from_fork+0x116/0x1d0 [ 22.823001] ret_from_fork_asm+0x1a/0x30 [ 22.823207] [ 22.823308] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 22.824010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.824188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.824464] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
Automatically assigned
[ 16.786306] ================================================================== [ 16.786778] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.786778] [ 16.787118] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 16.787422] test_double_free+0x1d3/0x260 [ 16.787625] kunit_try_run_case+0x1a5/0x480 [ 16.788348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.788586] kthread+0x337/0x6f0 [ 16.788899] ret_from_fork+0x116/0x1d0 [ 16.789164] ret_from_fork_asm+0x1a/0x30 [ 16.789361] [ 16.789445] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.789445] [ 16.789836] allocated by task 320 on cpu 0 at 16.786090s (0.003744s ago): [ 16.790123] test_alloc+0x364/0x10f0 [ 16.790321] test_double_free+0xdb/0x260 [ 16.790482] kunit_try_run_case+0x1a5/0x480 [ 16.790701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.791004] kthread+0x337/0x6f0 [ 16.791178] ret_from_fork+0x116/0x1d0 [ 16.791319] ret_from_fork_asm+0x1a/0x30 [ 16.791524] [ 16.791637] freed by task 320 on cpu 0 at 16.786154s (0.005480s ago): [ 16.791916] test_double_free+0x1e0/0x260 [ 16.792171] kunit_try_run_case+0x1a5/0x480 [ 16.792337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.792605] kthread+0x337/0x6f0 [ 16.792807] ret_from_fork+0x116/0x1d0 [ 16.792979] ret_from_fork_asm+0x1a/0x30 [ 16.793146] [ 16.793273] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.793702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.793880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.794292] ================================================================== [ 16.890273] ================================================================== [ 16.890734] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 16.890734] [ 16.891140] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 16.891439] test_double_free+0x112/0x260 [ 16.891594] kunit_try_run_case+0x1a5/0x480 [ 16.891762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.892031] kthread+0x337/0x6f0 [ 16.892233] ret_from_fork+0x116/0x1d0 [ 16.892463] ret_from_fork_asm+0x1a/0x30 [ 16.892701] [ 16.892842] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.892842] [ 16.893193] allocated by task 322 on cpu 1 at 16.890115s (0.003075s ago): [ 16.893490] test_alloc+0x2a6/0x10f0 [ 16.893638] test_double_free+0xdb/0x260 [ 16.893840] kunit_try_run_case+0x1a5/0x480 [ 16.894132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.894404] kthread+0x337/0x6f0 [ 16.894602] ret_from_fork+0x116/0x1d0 [ 16.894838] ret_from_fork_asm+0x1a/0x30 [ 16.895010] [ 16.895086] freed by task 322 on cpu 1 at 16.890164s (0.004920s ago): [ 16.895343] test_double_free+0xfa/0x260 [ 16.895574] kunit_try_run_case+0x1a5/0x480 [ 16.895813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.896192] kthread+0x337/0x6f0 [ 16.896381] ret_from_fork+0x116/0x1d0 [ 16.896562] ret_from_fork_asm+0x1a/0x30 [ 16.896748] [ 16.896850] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.897556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.897795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.898126] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
Automatically assigned
[ 16.474146] ================================================================== [ 16.474557] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.474557] [ 16.474995] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 16.475296] test_use_after_free_read+0x129/0x270 [ 16.475539] kunit_try_run_case+0x1a5/0x480 [ 16.475713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.476160] kthread+0x337/0x6f0 [ 16.476299] ret_from_fork+0x116/0x1d0 [ 16.476461] ret_from_fork_asm+0x1a/0x30 [ 16.476675] [ 16.476789] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.476789] [ 16.477106] allocated by task 314 on cpu 0 at 16.474036s (0.003068s ago): [ 16.477440] test_alloc+0x2a6/0x10f0 [ 16.477647] test_use_after_free_read+0xdc/0x270 [ 16.477910] kunit_try_run_case+0x1a5/0x480 [ 16.478062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.478304] kthread+0x337/0x6f0 [ 16.478478] ret_from_fork+0x116/0x1d0 [ 16.478690] ret_from_fork_asm+0x1a/0x30 [ 16.478887] [ 16.478989] freed by task 314 on cpu 0 at 16.474081s (0.004906s ago): [ 16.479256] test_use_after_free_read+0xfb/0x270 [ 16.479451] kunit_try_run_case+0x1a5/0x480 [ 16.479676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.480134] kthread+0x337/0x6f0 [ 16.480279] ret_from_fork+0x116/0x1d0 [ 16.480464] ret_from_fork_asm+0x1a/0x30 [ 16.480621] [ 16.480720] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.481236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.481384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.481672] ================================================================== [ 16.370303] ================================================================== [ 16.370769] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.370769] [ 16.371290] Use-after-free read at 0x(____ptrval____) (in kfence-#71): [ 16.371555] test_use_after_free_read+0x129/0x270 [ 16.371919] kunit_try_run_case+0x1a5/0x480 [ 16.372168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.372392] kthread+0x337/0x6f0 [ 16.372570] ret_from_fork+0x116/0x1d0 [ 16.372723] ret_from_fork_asm+0x1a/0x30 [ 16.373177] [ 16.373385] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.373385] [ 16.373841] allocated by task 312 on cpu 0 at 16.370084s (0.003755s ago): [ 16.374090] test_alloc+0x364/0x10f0 [ 16.374227] test_use_after_free_read+0xdc/0x270 [ 16.374501] kunit_try_run_case+0x1a5/0x480 [ 16.374930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.375224] kthread+0x337/0x6f0 [ 16.375348] ret_from_fork+0x116/0x1d0 [ 16.375678] ret_from_fork_asm+0x1a/0x30 [ 16.376005] [ 16.376109] freed by task 312 on cpu 0 at 16.370150s (0.005956s ago): [ 16.376461] test_use_after_free_read+0x1e7/0x270 [ 16.376667] kunit_try_run_case+0x1a5/0x480 [ 16.377007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.377341] kthread+0x337/0x6f0 [ 16.377524] ret_from_fork+0x116/0x1d0 [ 16.377695] ret_from_fork_asm+0x1a/0x30 [ 16.378002] [ 16.378195] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.378756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.379010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.379456] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
Automatically assigned
[ 16.266148] ================================================================== [ 16.266554] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.266554] [ 16.267013] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#70): [ 16.267641] test_out_of_bounds_write+0x10d/0x260 [ 16.268272] kunit_try_run_case+0x1a5/0x480 [ 16.268492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.268733] kthread+0x337/0x6f0 [ 16.268916] ret_from_fork+0x116/0x1d0 [ 16.269090] ret_from_fork_asm+0x1a/0x30 [ 16.269262] [ 16.269368] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.269368] [ 16.269744] allocated by task 310 on cpu 1 at 16.266090s (0.003652s ago): [ 16.270412] test_alloc+0x2a6/0x10f0 [ 16.270697] test_out_of_bounds_write+0xd4/0x260 [ 16.270902] kunit_try_run_case+0x1a5/0x480 [ 16.271245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.271483] kthread+0x337/0x6f0 [ 16.271783] ret_from_fork+0x116/0x1d0 [ 16.271979] ret_from_fork_asm+0x1a/0x30 [ 16.272303] [ 16.272422] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.273067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.273340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.273715] ================================================================== [ 16.162143] ================================================================== [ 16.162563] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.162563] [ 16.163132] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#69): [ 16.163443] test_out_of_bounds_write+0x10d/0x260 [ 16.163651] kunit_try_run_case+0x1a5/0x480 [ 16.163971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.164278] kthread+0x337/0x6f0 [ 16.164472] ret_from_fork+0x116/0x1d0 [ 16.164641] ret_from_fork_asm+0x1a/0x30 [ 16.164872] [ 16.164958] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.164958] [ 16.165488] allocated by task 308 on cpu 1 at 16.162039s (0.003447s ago): [ 16.165831] test_alloc+0x364/0x10f0 [ 16.165968] test_out_of_bounds_write+0xd4/0x260 [ 16.166214] kunit_try_run_case+0x1a5/0x480 [ 16.166423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.166676] kthread+0x337/0x6f0 [ 16.166803] ret_from_fork+0x116/0x1d0 [ 16.167017] ret_from_fork_asm+0x1a/0x30 [ 16.167242] [ 16.167427] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 16.167927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.168157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.168560] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
Automatically assigned
[ 15.850107] ================================================================== [ 15.850513] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.850513] [ 15.851160] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#66): [ 15.851509] test_out_of_bounds_read+0x216/0x4e0 [ 15.851700] kunit_try_run_case+0x1a5/0x480 [ 15.852032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852287] kthread+0x337/0x6f0 [ 15.852486] ret_from_fork+0x116/0x1d0 [ 15.852692] ret_from_fork_asm+0x1a/0x30 [ 15.852919] [ 15.853040] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.853040] [ 15.853364] allocated by task 306 on cpu 0 at 15.850054s (0.003308s ago): [ 15.853741] test_alloc+0x2a6/0x10f0 [ 15.853943] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.854169] kunit_try_run_case+0x1a5/0x480 [ 15.854375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.854635] kthread+0x337/0x6f0 [ 15.854858] ret_from_fork+0x116/0x1d0 [ 15.855006] ret_from_fork_asm+0x1a/0x30 [ 15.855201] [ 15.855344] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 15.855799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.856029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.856444] ================================================================== [ 15.331017] ================================================================== [ 15.331557] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.331557] [ 15.332384] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 15.333208] test_out_of_bounds_read+0x126/0x4e0 [ 15.333431] kunit_try_run_case+0x1a5/0x480 [ 15.333661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.333961] kthread+0x337/0x6f0 [ 15.334147] ret_from_fork+0x116/0x1d0 [ 15.334328] ret_from_fork_asm+0x1a/0x30 [ 15.334526] [ 15.334617] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.334617] [ 15.335083] allocated by task 304 on cpu 1 at 15.330067s (0.005014s ago): [ 15.335421] test_alloc+0x364/0x10f0 [ 15.335658] test_out_of_bounds_read+0xed/0x4e0 [ 15.335886] kunit_try_run_case+0x1a5/0x480 [ 15.336154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.336418] kthread+0x337/0x6f0 [ 15.336582] ret_from_fork+0x116/0x1d0 [ 15.336792] ret_from_fork_asm+0x1a/0x30 [ 15.337035] [ 15.337196] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 15.337626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.337912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338216] ================================================================== [ 15.434272] ================================================================== [ 15.434706] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.434706] [ 15.435162] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#62): [ 15.435449] test_out_of_bounds_read+0x216/0x4e0 [ 15.435657] kunit_try_run_case+0x1a5/0x480 [ 15.436012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.436222] kthread+0x337/0x6f0 [ 15.436408] ret_from_fork+0x116/0x1d0 [ 15.436619] ret_from_fork_asm+0x1a/0x30 [ 15.436804] [ 15.436890] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.436890] [ 15.437281] allocated by task 304 on cpu 1 at 15.434090s (0.003189s ago): [ 15.437515] test_alloc+0x364/0x10f0 [ 15.437714] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.437953] kunit_try_run_case+0x1a5/0x480 [ 15.438173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.438388] kthread+0x337/0x6f0 [ 15.438560] ret_from_fork+0x116/0x1d0 [ 15.438710] ret_from_fork_asm+0x1a/0x30 [ 15.439109] [ 15.439232] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 15.439633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.440265] ================================================================== [ 15.538149] ================================================================== [ 15.538550] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.538550] [ 15.539056] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#63): [ 15.539432] test_out_of_bounds_read+0x126/0x4e0 [ 15.539991] kunit_try_run_case+0x1a5/0x480 [ 15.540226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.540484] kthread+0x337/0x6f0 [ 15.540630] ret_from_fork+0x116/0x1d0 [ 15.540769] ret_from_fork_asm+0x1a/0x30 [ 15.541001] [ 15.541102] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.541102] [ 15.541421] allocated by task 306 on cpu 0 at 15.538087s (0.003332s ago): [ 15.541868] test_alloc+0x2a6/0x10f0 [ 15.542093] test_out_of_bounds_read+0xed/0x4e0 [ 15.542317] kunit_try_run_case+0x1a5/0x480 [ 15.542536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.542823] kthread+0x337/0x6f0 [ 15.542984] ret_from_fork+0x116/0x1d0 [ 15.543152] ret_from_fork_asm+0x1a/0x30 [ 15.543386] [ 15.543513] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 15.544060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.544263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.544562] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
Automatically assigned
[ 12.637039] ================================================================== [ 12.637582] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 12.638246] Read of size 1 at addr ffffffff8b07ae4d by task kunit_try_catch/262 [ 12.638563] [ 12.638710] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.638762] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.638775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.638798] Call Trace: [ 12.638812] <TASK> [ 12.638830] dump_stack_lvl+0x73/0xb0 [ 12.638859] print_report+0xd1/0x650 [ 12.638883] ? __virt_addr_valid+0x1db/0x2d0 [ 12.638908] ? kasan_global_oob_right+0x286/0x2d0 [ 12.638930] ? kasan_addr_to_slab+0x11/0xa0 [ 12.638951] ? kasan_global_oob_right+0x286/0x2d0 [ 12.638975] kasan_report+0x141/0x180 [ 12.638997] ? kasan_global_oob_right+0x286/0x2d0 [ 12.639025] __asan_report_load1_noabort+0x18/0x20 [ 12.639046] kasan_global_oob_right+0x286/0x2d0 [ 12.639069] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 12.639094] ? __schedule+0x10cc/0x2b60 [ 12.639119] ? __pfx_read_tsc+0x10/0x10 [ 12.639142] ? ktime_get_ts64+0x86/0x230 [ 12.639168] kunit_try_run_case+0x1a5/0x480 [ 12.639192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.639212] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.639236] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.639261] ? __kthread_parkme+0x82/0x180 [ 12.639281] ? preempt_count_sub+0x50/0x80 [ 12.639305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.639327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.639351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.639376] kthread+0x337/0x6f0 [ 12.639395] ? trace_preempt_on+0x20/0xc0 [ 12.639419] ? __pfx_kthread+0x10/0x10 [ 12.639440] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.639463] ? calculate_sigpending+0x7b/0xa0 [ 12.639487] ? __pfx_kthread+0x10/0x10 [ 12.639508] ret_from_fork+0x116/0x1d0 [ 12.639526] ? __pfx_kthread+0x10/0x10 [ 12.639547] ret_from_fork_asm+0x1a/0x30 [ 12.639578] </TASK> [ 12.639588] [ 12.653144] The buggy address belongs to the variable: [ 12.653665] global_array+0xd/0x40 [ 12.654266] [ 12.654491] The buggy address belongs to the physical page: [ 12.654697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15cc7a [ 12.655624] flags: 0x200000000002000(reserved|node=0|zone=2) [ 12.656280] raw: 0200000000002000 ffffea0005731e88 ffffea0005731e88 0000000000000000 [ 12.656640] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.657212] page dumped because: kasan: bad access detected [ 12.657739] [ 12.657923] Memory state around the buggy address: [ 12.658404] ffffffff8b07ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.659025] ffffffff8b07ad80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.659493] >ffffffff8b07ae00: 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 [ 12.659735] ^ [ 12.660332] ffffffff8b07ae80: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 12.661036] ffffffff8b07af00: 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 12.661683] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 10.344334] ================================================================== [ 10.346179] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 10.346179] [ 10.346749] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#30): [ 10.348312] kmalloc_track_caller_oob_right+0x288/0x520 [ 10.348857] kunit_try_run_case+0x1a5/0x480 [ 10.349150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.349338] kthread+0x337/0x6f0 [ 10.349464] ret_from_fork+0x116/0x1d0 [ 10.349597] ret_from_fork_asm+0x1a/0x30 [ 10.349780] [ 10.350255] kfence-#30: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 10.350255] [ 10.351507] allocated by task 159 on cpu 1 at 10.342462s (0.008981s ago): [ 10.352493] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.353075] kunit_try_run_case+0x1a5/0x480 [ 10.353651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.354409] kthread+0x337/0x6f0 [ 10.354868] ret_from_fork+0x116/0x1d0 [ 10.355299] ret_from_fork_asm+0x1a/0x30 [ 10.355641] [ 10.355831] freed by task 159 on cpu 1 at 10.343560s (0.012200s ago): [ 10.356603] kmalloc_track_caller_oob_right+0x288/0x520 [ 10.357305] kunit_try_run_case+0x1a5/0x480 [ 10.357797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.358289] kthread+0x337/0x6f0 [ 10.358418] ret_from_fork+0x116/0x1d0 [ 10.358559] ret_from_fork_asm+0x1a/0x30 [ 10.358740] [ 10.358900] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.359729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.360112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.361149] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user: Failure
Automatically assigned
[ 14.975872] ================================================================== [ 14.976252] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 14.976668] Write of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.977026] [ 14.977312] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.977362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.977377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.977401] Call Trace: [ 14.977418] <TASK> [ 14.977434] dump_stack_lvl+0x73/0xb0 [ 14.977538] print_report+0xd1/0x650 [ 14.977563] ? __virt_addr_valid+0x1db/0x2d0 [ 14.977587] ? strncpy_from_user+0x2e/0x1d0 [ 14.977621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.977647] ? strncpy_from_user+0x2e/0x1d0 [ 14.977668] kasan_report+0x141/0x180 [ 14.977693] ? strncpy_from_user+0x2e/0x1d0 [ 14.977719] kasan_check_range+0x10c/0x1c0 [ 14.977745] __kasan_check_write+0x18/0x20 [ 14.977766] strncpy_from_user+0x2e/0x1d0 [ 14.977795] ? __kasan_check_read+0x15/0x20 [ 14.977819] copy_user_test_oob+0x760/0x10f0 [ 14.977842] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.977862] ? finish_task_switch.isra.0+0x153/0x700 [ 14.977887] ? __switch_to+0x47/0xf50 [ 14.977913] ? __schedule+0x10cc/0x2b60 [ 14.977938] ? __pfx_read_tsc+0x10/0x10 [ 14.977960] ? ktime_get_ts64+0x86/0x230 [ 14.977985] kunit_try_run_case+0x1a5/0x480 [ 14.978008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.978053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.978078] ? __kthread_parkme+0x82/0x180 [ 14.978100] ? preempt_count_sub+0x50/0x80 [ 14.978124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.978198] kthread+0x337/0x6f0 [ 14.978219] ? trace_preempt_on+0x20/0xc0 [ 14.978241] ? __pfx_kthread+0x10/0x10 [ 14.978263] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.978287] ? calculate_sigpending+0x7b/0xa0 [ 14.978311] ? __pfx_kthread+0x10/0x10 [ 14.978334] ret_from_fork+0x116/0x1d0 [ 14.978353] ? __pfx_kthread+0x10/0x10 [ 14.978375] ret_from_fork_asm+0x1a/0x30 [ 14.978406] </TASK> [ 14.978418] [ 14.988527] Allocated by task 302: [ 14.988706] kasan_save_stack+0x45/0x70 [ 14.988927] kasan_save_track+0x18/0x40 [ 14.989333] kasan_save_alloc_info+0x3b/0x50 [ 14.989600] __kasan_kmalloc+0xb7/0xc0 [ 14.989891] __kmalloc_noprof+0x1c9/0x500 [ 14.990170] kunit_kmalloc_array+0x25/0x60 [ 14.990331] copy_user_test_oob+0xab/0x10f0 [ 14.990668] kunit_try_run_case+0x1a5/0x480 [ 14.990958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.991264] kthread+0x337/0x6f0 [ 14.991497] ret_from_fork+0x116/0x1d0 [ 14.991670] ret_from_fork_asm+0x1a/0x30 [ 14.991912] [ 14.992006] The buggy address belongs to the object at ffff888102f96900 [ 14.992006] which belongs to the cache kmalloc-128 of size 128 [ 14.992496] The buggy address is located 0 bytes inside of [ 14.992496] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.993388] [ 14.993493] The buggy address belongs to the physical page: [ 14.993710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.994394] flags: 0x200000000000000(node=0|zone=2) [ 14.994719] page_type: f5(slab) [ 14.994898] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.995330] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.995727] page dumped because: kasan: bad access detected [ 14.996088] [ 14.996173] Memory state around the buggy address: [ 14.996404] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.996932] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.997317] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.997600] ^ [ 14.998148] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998471] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998930] ================================================================== [ 14.999578] ================================================================== [ 15.000205] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.000595] Write of size 1 at addr ffff888102f96978 by task kunit_try_catch/302 [ 15.001027] [ 15.001149] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 15.001198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.001211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.001235] Call Trace: [ 15.001251] <TASK> [ 15.001269] dump_stack_lvl+0x73/0xb0 [ 15.001296] print_report+0xd1/0x650 [ 15.001320] ? __virt_addr_valid+0x1db/0x2d0 [ 15.001344] ? strncpy_from_user+0x1a5/0x1d0 [ 15.001364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.001389] ? strncpy_from_user+0x1a5/0x1d0 [ 15.001411] kasan_report+0x141/0x180 [ 15.001436] ? strncpy_from_user+0x1a5/0x1d0 [ 15.001462] __asan_report_store1_noabort+0x1b/0x30 [ 15.001483] strncpy_from_user+0x1a5/0x1d0 [ 15.001508] copy_user_test_oob+0x760/0x10f0 [ 15.001531] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.001553] ? finish_task_switch.isra.0+0x153/0x700 [ 15.001576] ? __switch_to+0x47/0xf50 [ 15.001603] ? __schedule+0x10cc/0x2b60 [ 15.001641] ? __pfx_read_tsc+0x10/0x10 [ 15.001663] ? ktime_get_ts64+0x86/0x230 [ 15.001690] kunit_try_run_case+0x1a5/0x480 [ 15.001713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.001733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.001758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.001797] ? __kthread_parkme+0x82/0x180 [ 15.001821] ? preempt_count_sub+0x50/0x80 [ 15.001847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.001870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.001896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.001922] kthread+0x337/0x6f0 [ 15.001943] ? trace_preempt_on+0x20/0xc0 [ 15.001967] ? __pfx_kthread+0x10/0x10 [ 15.001989] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.002012] ? calculate_sigpending+0x7b/0xa0 [ 15.002037] ? __pfx_kthread+0x10/0x10 [ 15.002060] ret_from_fork+0x116/0x1d0 [ 15.002080] ? __pfx_kthread+0x10/0x10 [ 15.002101] ret_from_fork_asm+0x1a/0x30 [ 15.002133] </TASK> [ 15.002145] [ 15.009618] Allocated by task 302: [ 15.009805] kasan_save_stack+0x45/0x70 [ 15.010043] kasan_save_track+0x18/0x40 [ 15.010243] kasan_save_alloc_info+0x3b/0x50 [ 15.010455] __kasan_kmalloc+0xb7/0xc0 [ 15.010625] __kmalloc_noprof+0x1c9/0x500 [ 15.010786] kunit_kmalloc_array+0x25/0x60 [ 15.010989] copy_user_test_oob+0xab/0x10f0 [ 15.011341] kunit_try_run_case+0x1a5/0x480 [ 15.011524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.011717] kthread+0x337/0x6f0 [ 15.011844] ret_from_fork+0x116/0x1d0 [ 15.011983] ret_from_fork_asm+0x1a/0x30 [ 15.012169] [ 15.012267] The buggy address belongs to the object at ffff888102f96900 [ 15.012267] which belongs to the cache kmalloc-128 of size 128 [ 15.012831] The buggy address is located 0 bytes to the right of [ 15.012831] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 15.013266] [ 15.013342] The buggy address belongs to the physical page: [ 15.013522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 15.014027] flags: 0x200000000000000(node=0|zone=2) [ 15.014278] page_type: f5(slab) [ 15.014449] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.014865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.015180] page dumped because: kasan: bad access detected [ 15.015431] [ 15.015516] Memory state around the buggy address: [ 15.015734] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.016079] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016370] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.016680] ^ [ 15.017009] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017233] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017463] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob: Failure
Automatically assigned
[ 14.928343] ================================================================== [ 14.929190] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 14.929508] Write of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.929987] [ 14.930084] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.930278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.930296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.930321] Call Trace: [ 14.930337] <TASK> [ 14.930354] dump_stack_lvl+0x73/0xb0 [ 14.930382] print_report+0xd1/0x650 [ 14.930406] ? __virt_addr_valid+0x1db/0x2d0 [ 14.930429] ? copy_user_test_oob+0x557/0x10f0 [ 14.930450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.930475] ? copy_user_test_oob+0x557/0x10f0 [ 14.930496] kasan_report+0x141/0x180 [ 14.930520] ? copy_user_test_oob+0x557/0x10f0 [ 14.930552] kasan_check_range+0x10c/0x1c0 [ 14.930577] __kasan_check_write+0x18/0x20 [ 14.930599] copy_user_test_oob+0x557/0x10f0 [ 14.930634] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.930654] ? finish_task_switch.isra.0+0x153/0x700 [ 14.930678] ? __switch_to+0x47/0xf50 [ 14.930703] ? __schedule+0x10cc/0x2b60 [ 14.930727] ? __pfx_read_tsc+0x10/0x10 [ 14.930749] ? ktime_get_ts64+0x86/0x230 [ 14.930774] kunit_try_run_case+0x1a5/0x480 [ 14.930797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.930818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.930844] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.930871] ? __kthread_parkme+0x82/0x180 [ 14.930891] ? preempt_count_sub+0x50/0x80 [ 14.930916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.930939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.930965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.930993] kthread+0x337/0x6f0 [ 14.931014] ? trace_preempt_on+0x20/0xc0 [ 14.931036] ? __pfx_kthread+0x10/0x10 [ 14.931059] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.931082] ? calculate_sigpending+0x7b/0xa0 [ 14.931107] ? __pfx_kthread+0x10/0x10 [ 14.931131] ret_from_fork+0x116/0x1d0 [ 14.931150] ? __pfx_kthread+0x10/0x10 [ 14.931173] ret_from_fork_asm+0x1a/0x30 [ 14.931204] </TASK> [ 14.931216] [ 14.940930] Allocated by task 302: [ 14.941176] kasan_save_stack+0x45/0x70 [ 14.941489] kasan_save_track+0x18/0x40 [ 14.941785] kasan_save_alloc_info+0x3b/0x50 [ 14.941989] __kasan_kmalloc+0xb7/0xc0 [ 14.942172] __kmalloc_noprof+0x1c9/0x500 [ 14.942371] kunit_kmalloc_array+0x25/0x60 [ 14.942583] copy_user_test_oob+0xab/0x10f0 [ 14.942766] kunit_try_run_case+0x1a5/0x480 [ 14.943404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.943653] kthread+0x337/0x6f0 [ 14.943822] ret_from_fork+0x116/0x1d0 [ 14.944164] ret_from_fork_asm+0x1a/0x30 [ 14.944435] [ 14.944529] The buggy address belongs to the object at ffff888102f96900 [ 14.944529] which belongs to the cache kmalloc-128 of size 128 [ 14.945214] The buggy address is located 0 bytes inside of [ 14.945214] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.945875] [ 14.946049] The buggy address belongs to the physical page: [ 14.946394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.946829] flags: 0x200000000000000(node=0|zone=2) [ 14.947140] page_type: f5(slab) [ 14.947300] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.947653] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.948108] page dumped because: kasan: bad access detected [ 14.948427] [ 14.948507] Memory state around the buggy address: [ 14.948751] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.949225] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.949547] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.950036] ^ [ 14.950347] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.950734] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.951161] ================================================================== [ 14.905258] ================================================================== [ 14.905798] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 14.906222] Read of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.906630] [ 14.906754] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.906871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.906888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.906966] Call Trace: [ 14.906984] <TASK> [ 14.907000] dump_stack_lvl+0x73/0xb0 [ 14.907029] print_report+0xd1/0x650 [ 14.907053] ? __virt_addr_valid+0x1db/0x2d0 [ 14.907077] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.907099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.907123] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.907145] kasan_report+0x141/0x180 [ 14.907168] ? copy_user_test_oob+0x4aa/0x10f0 [ 14.907195] kasan_check_range+0x10c/0x1c0 [ 14.907220] __kasan_check_read+0x15/0x20 [ 14.907242] copy_user_test_oob+0x4aa/0x10f0 [ 14.907365] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.907387] ? finish_task_switch.isra.0+0x153/0x700 [ 14.907412] ? __switch_to+0x47/0xf50 [ 14.907438] ? __schedule+0x10cc/0x2b60 [ 14.907462] ? __pfx_read_tsc+0x10/0x10 [ 14.907484] ? ktime_get_ts64+0x86/0x230 [ 14.907510] kunit_try_run_case+0x1a5/0x480 [ 14.907532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.907553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.907578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.907604] ? __kthread_parkme+0x82/0x180 [ 14.907637] ? preempt_count_sub+0x50/0x80 [ 14.907661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.907683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.907708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.907735] kthread+0x337/0x6f0 [ 14.907755] ? trace_preempt_on+0x20/0xc0 [ 14.907792] ? __pfx_kthread+0x10/0x10 [ 14.907814] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.907837] ? calculate_sigpending+0x7b/0xa0 [ 14.907862] ? __pfx_kthread+0x10/0x10 [ 14.907884] ret_from_fork+0x116/0x1d0 [ 14.907905] ? __pfx_kthread+0x10/0x10 [ 14.907927] ret_from_fork_asm+0x1a/0x30 [ 14.907957] </TASK> [ 14.907969] [ 14.917558] Allocated by task 302: [ 14.917885] kasan_save_stack+0x45/0x70 [ 14.918089] kasan_save_track+0x18/0x40 [ 14.918272] kasan_save_alloc_info+0x3b/0x50 [ 14.918482] __kasan_kmalloc+0xb7/0xc0 [ 14.918682] __kmalloc_noprof+0x1c9/0x500 [ 14.919110] kunit_kmalloc_array+0x25/0x60 [ 14.919295] copy_user_test_oob+0xab/0x10f0 [ 14.919507] kunit_try_run_case+0x1a5/0x480 [ 14.919880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920193] kthread+0x337/0x6f0 [ 14.920413] ret_from_fork+0x116/0x1d0 [ 14.920680] ret_from_fork_asm+0x1a/0x30 [ 14.920849] [ 14.920958] The buggy address belongs to the object at ffff888102f96900 [ 14.920958] which belongs to the cache kmalloc-128 of size 128 [ 14.921679] The buggy address is located 0 bytes inside of [ 14.921679] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.922269] [ 14.922362] The buggy address belongs to the physical page: [ 14.922604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.923158] flags: 0x200000000000000(node=0|zone=2) [ 14.923455] page_type: f5(slab) [ 14.923711] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.924158] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.924545] page dumped because: kasan: bad access detected [ 14.924875] [ 14.924982] Memory state around the buggy address: [ 14.925311] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.925679] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.926044] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.926346] ^ [ 14.926665] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927242] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927629] ================================================================== [ 14.951681] ================================================================== [ 14.952056] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 14.952928] Read of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.953372] [ 14.953489] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.953670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.953686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.953709] Call Trace: [ 14.953726] <TASK> [ 14.953743] dump_stack_lvl+0x73/0xb0 [ 14.953782] print_report+0xd1/0x650 [ 14.953806] ? __virt_addr_valid+0x1db/0x2d0 [ 14.953830] ? copy_user_test_oob+0x604/0x10f0 [ 14.953851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.953875] ? copy_user_test_oob+0x604/0x10f0 [ 14.953897] kasan_report+0x141/0x180 [ 14.953922] ? copy_user_test_oob+0x604/0x10f0 [ 14.953949] kasan_check_range+0x10c/0x1c0 [ 14.953974] __kasan_check_read+0x15/0x20 [ 14.953996] copy_user_test_oob+0x604/0x10f0 [ 14.954019] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.954040] ? finish_task_switch.isra.0+0x153/0x700 [ 14.954063] ? __switch_to+0x47/0xf50 [ 14.954089] ? __schedule+0x10cc/0x2b60 [ 14.954114] ? __pfx_read_tsc+0x10/0x10 [ 14.954136] ? ktime_get_ts64+0x86/0x230 [ 14.954162] kunit_try_run_case+0x1a5/0x480 [ 14.954184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.954206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.954231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.954257] ? __kthread_parkme+0x82/0x180 [ 14.954279] ? preempt_count_sub+0x50/0x80 [ 14.954302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.954325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.954377] kthread+0x337/0x6f0 [ 14.954397] ? trace_preempt_on+0x20/0xc0 [ 14.954421] ? __pfx_kthread+0x10/0x10 [ 14.954443] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.954467] ? calculate_sigpending+0x7b/0xa0 [ 14.954492] ? __pfx_kthread+0x10/0x10 [ 14.954515] ret_from_fork+0x116/0x1d0 [ 14.954540] ? __pfx_kthread+0x10/0x10 [ 14.954563] ret_from_fork_asm+0x1a/0x30 [ 14.954596] </TASK> [ 14.954630] [ 14.964736] Allocated by task 302: [ 14.965037] kasan_save_stack+0x45/0x70 [ 14.965238] kasan_save_track+0x18/0x40 [ 14.965428] kasan_save_alloc_info+0x3b/0x50 [ 14.965644] __kasan_kmalloc+0xb7/0xc0 [ 14.965839] __kmalloc_noprof+0x1c9/0x500 [ 14.966330] kunit_kmalloc_array+0x25/0x60 [ 14.966503] copy_user_test_oob+0xab/0x10f0 [ 14.966825] kunit_try_run_case+0x1a5/0x480 [ 14.967161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.967443] kthread+0x337/0x6f0 [ 14.967685] ret_from_fork+0x116/0x1d0 [ 14.967986] ret_from_fork_asm+0x1a/0x30 [ 14.968143] [ 14.968247] The buggy address belongs to the object at ffff888102f96900 [ 14.968247] which belongs to the cache kmalloc-128 of size 128 [ 14.969017] The buggy address is located 0 bytes inside of [ 14.969017] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.969583] [ 14.969696] The buggy address belongs to the physical page: [ 14.970116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.970554] flags: 0x200000000000000(node=0|zone=2) [ 14.970795] page_type: f5(slab) [ 14.971105] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.971441] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.971931] page dumped because: kasan: bad access detected [ 14.972162] [ 14.972376] Memory state around the buggy address: [ 14.972566] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.973106] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.973488] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.973884] ^ [ 14.974176] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974490] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974809] ================================================================== [ 14.882012] ================================================================== [ 14.882357] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 14.882877] Write of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.883457] [ 14.883563] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.883625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.883641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.883664] Call Trace: [ 14.883679] <TASK> [ 14.883696] dump_stack_lvl+0x73/0xb0 [ 14.883724] print_report+0xd1/0x650 [ 14.883747] ? __virt_addr_valid+0x1db/0x2d0 [ 14.883771] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.883914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.883939] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.883961] kasan_report+0x141/0x180 [ 14.883985] ? copy_user_test_oob+0x3fd/0x10f0 [ 14.884010] kasan_check_range+0x10c/0x1c0 [ 14.884036] __kasan_check_write+0x18/0x20 [ 14.884058] copy_user_test_oob+0x3fd/0x10f0 [ 14.884082] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.884101] ? finish_task_switch.isra.0+0x153/0x700 [ 14.884125] ? __switch_to+0x47/0xf50 [ 14.884151] ? __schedule+0x10cc/0x2b60 [ 14.884175] ? __pfx_read_tsc+0x10/0x10 [ 14.884196] ? ktime_get_ts64+0x86/0x230 [ 14.884223] kunit_try_run_case+0x1a5/0x480 [ 14.884245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.884266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.884291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.884317] ? __kthread_parkme+0x82/0x180 [ 14.884338] ? preempt_count_sub+0x50/0x80 [ 14.884362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.884384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.884435] kthread+0x337/0x6f0 [ 14.884456] ? trace_preempt_on+0x20/0xc0 [ 14.884479] ? __pfx_kthread+0x10/0x10 [ 14.884500] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.884524] ? calculate_sigpending+0x7b/0xa0 [ 14.884549] ? __pfx_kthread+0x10/0x10 [ 14.884571] ret_from_fork+0x116/0x1d0 [ 14.884591] ? __pfx_kthread+0x10/0x10 [ 14.884626] ret_from_fork_asm+0x1a/0x30 [ 14.884657] </TASK> [ 14.884669] [ 14.894164] Allocated by task 302: [ 14.894359] kasan_save_stack+0x45/0x70 [ 14.894557] kasan_save_track+0x18/0x40 [ 14.894774] kasan_save_alloc_info+0x3b/0x50 [ 14.895279] __kasan_kmalloc+0xb7/0xc0 [ 14.895544] __kmalloc_noprof+0x1c9/0x500 [ 14.895721] kunit_kmalloc_array+0x25/0x60 [ 14.896101] copy_user_test_oob+0xab/0x10f0 [ 14.896272] kunit_try_run_case+0x1a5/0x480 [ 14.896604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896975] kthread+0x337/0x6f0 [ 14.897157] ret_from_fork+0x116/0x1d0 [ 14.897332] ret_from_fork_asm+0x1a/0x30 [ 14.897516] [ 14.897606] The buggy address belongs to the object at ffff888102f96900 [ 14.897606] which belongs to the cache kmalloc-128 of size 128 [ 14.898419] The buggy address is located 0 bytes inside of [ 14.898419] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.899116] [ 14.899346] The buggy address belongs to the physical page: [ 14.899632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.900066] flags: 0x200000000000000(node=0|zone=2) [ 14.900398] page_type: f5(slab) [ 14.900579] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.901058] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.901440] page dumped because: kasan: bad access detected [ 14.901692] [ 14.901777] Memory state around the buggy address: [ 14.902109] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.902421] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.902735] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.903287] ^ [ 14.903659] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.904114] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.904469] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user: Failure
Automatically assigned
[ 14.855520] ================================================================== [ 14.855894] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 14.856294] Read of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.856672] [ 14.856819] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.856866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.856879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.856902] Call Trace: [ 14.856915] <TASK> [ 14.856931] dump_stack_lvl+0x73/0xb0 [ 14.856958] print_report+0xd1/0x650 [ 14.856982] ? __virt_addr_valid+0x1db/0x2d0 [ 14.857006] ? _copy_to_user+0x3c/0x70 [ 14.857027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.857051] ? _copy_to_user+0x3c/0x70 [ 14.857073] kasan_report+0x141/0x180 [ 14.857098] ? _copy_to_user+0x3c/0x70 [ 14.857125] kasan_check_range+0x10c/0x1c0 [ 14.857151] __kasan_check_read+0x15/0x20 [ 14.857172] _copy_to_user+0x3c/0x70 [ 14.857194] copy_user_test_oob+0x364/0x10f0 [ 14.857218] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.857239] ? finish_task_switch.isra.0+0x153/0x700 [ 14.857262] ? __switch_to+0x47/0xf50 [ 14.857289] ? __schedule+0x10cc/0x2b60 [ 14.857315] ? __pfx_read_tsc+0x10/0x10 [ 14.857337] ? ktime_get_ts64+0x86/0x230 [ 14.857364] kunit_try_run_case+0x1a5/0x480 [ 14.857388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.857434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.857460] ? __kthread_parkme+0x82/0x180 [ 14.857482] ? preempt_count_sub+0x50/0x80 [ 14.857507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.857554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.857581] kthread+0x337/0x6f0 [ 14.857604] ? trace_preempt_on+0x20/0xc0 [ 14.857640] ? __pfx_kthread+0x10/0x10 [ 14.857661] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.857685] ? calculate_sigpending+0x7b/0xa0 [ 14.857709] ? __pfx_kthread+0x10/0x10 [ 14.857732] ret_from_fork+0x116/0x1d0 [ 14.857751] ? __pfx_kthread+0x10/0x10 [ 14.857795] ret_from_fork_asm+0x1a/0x30 [ 14.857827] </TASK> [ 14.857838] [ 14.867262] Allocated by task 302: [ 14.867416] kasan_save_stack+0x45/0x70 [ 14.867648] kasan_save_track+0x18/0x40 [ 14.868049] kasan_save_alloc_info+0x3b/0x50 [ 14.868323] __kasan_kmalloc+0xb7/0xc0 [ 14.868578] __kmalloc_noprof+0x1c9/0x500 [ 14.868761] kunit_kmalloc_array+0x25/0x60 [ 14.869140] copy_user_test_oob+0xab/0x10f0 [ 14.869399] kunit_try_run_case+0x1a5/0x480 [ 14.869671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.870031] kthread+0x337/0x6f0 [ 14.870181] ret_from_fork+0x116/0x1d0 [ 14.870372] ret_from_fork_asm+0x1a/0x30 [ 14.870562] [ 14.870653] The buggy address belongs to the object at ffff888102f96900 [ 14.870653] which belongs to the cache kmalloc-128 of size 128 [ 14.871475] The buggy address is located 0 bytes inside of [ 14.871475] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.872109] [ 14.872222] The buggy address belongs to the physical page: [ 14.872641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.873095] flags: 0x200000000000000(node=0|zone=2) [ 14.873398] page_type: f5(slab) [ 14.873622] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.874047] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.874411] page dumped because: kasan: bad access detected [ 14.874722] [ 14.874820] Memory state around the buggy address: [ 14.875027] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.875348] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.875676] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.876218] ^ [ 14.876497] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.876983] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.877374] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user: Failure
Automatically assigned
[ 14.826891] ================================================================== [ 14.827518] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 14.827897] Write of size 121 at addr ffff888102f96900 by task kunit_try_catch/302 [ 14.828274] [ 14.828407] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.828460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.828474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.828498] Call Trace: [ 14.828514] <TASK> [ 14.828535] dump_stack_lvl+0x73/0xb0 [ 14.828590] print_report+0xd1/0x650 [ 14.828627] ? __virt_addr_valid+0x1db/0x2d0 [ 14.828672] ? _copy_from_user+0x32/0x90 [ 14.828694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.828718] ? _copy_from_user+0x32/0x90 [ 14.828740] kasan_report+0x141/0x180 [ 14.828783] ? _copy_from_user+0x32/0x90 [ 14.828810] kasan_check_range+0x10c/0x1c0 [ 14.828835] __kasan_check_write+0x18/0x20 [ 14.828857] _copy_from_user+0x32/0x90 [ 14.828880] copy_user_test_oob+0x2be/0x10f0 [ 14.828905] ? __pfx_copy_user_test_oob+0x10/0x10 [ 14.828946] ? finish_task_switch.isra.0+0x153/0x700 [ 14.828999] ? __switch_to+0x47/0xf50 [ 14.829040] ? __schedule+0x10cc/0x2b60 [ 14.829066] ? __pfx_read_tsc+0x10/0x10 [ 14.829089] ? ktime_get_ts64+0x86/0x230 [ 14.829115] kunit_try_run_case+0x1a5/0x480 [ 14.829137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.829186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.829230] ? __kthread_parkme+0x82/0x180 [ 14.829252] ? preempt_count_sub+0x50/0x80 [ 14.829277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.829352] kthread+0x337/0x6f0 [ 14.829373] ? trace_preempt_on+0x20/0xc0 [ 14.829399] ? __pfx_kthread+0x10/0x10 [ 14.829420] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.829445] ? calculate_sigpending+0x7b/0xa0 [ 14.829471] ? __pfx_kthread+0x10/0x10 [ 14.829493] ret_from_fork+0x116/0x1d0 [ 14.829513] ? __pfx_kthread+0x10/0x10 [ 14.829534] ret_from_fork_asm+0x1a/0x30 [ 14.829567] </TASK> [ 14.829579] [ 14.840680] Allocated by task 302: [ 14.841235] kasan_save_stack+0x45/0x70 [ 14.841560] kasan_save_track+0x18/0x40 [ 14.841849] kasan_save_alloc_info+0x3b/0x50 [ 14.842057] __kasan_kmalloc+0xb7/0xc0 [ 14.842233] __kmalloc_noprof+0x1c9/0x500 [ 14.842413] kunit_kmalloc_array+0x25/0x60 [ 14.842590] copy_user_test_oob+0xab/0x10f0 [ 14.843268] kunit_try_run_case+0x1a5/0x480 [ 14.843478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843729] kthread+0x337/0x6f0 [ 14.843964] ret_from_fork+0x116/0x1d0 [ 14.844141] ret_from_fork_asm+0x1a/0x30 [ 14.844322] [ 14.844419] The buggy address belongs to the object at ffff888102f96900 [ 14.844419] which belongs to the cache kmalloc-128 of size 128 [ 14.844895] The buggy address is located 0 bytes inside of [ 14.844895] allocated 120-byte region [ffff888102f96900, ffff888102f96978) [ 14.845356] [ 14.845436] The buggy address belongs to the physical page: [ 14.845844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 14.846372] flags: 0x200000000000000(node=0|zone=2) [ 14.846956] page_type: f5(slab) [ 14.847165] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.847522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.848208] page dumped because: kasan: bad access detected [ 14.848733] [ 14.848972] Memory state around the buggy address: [ 14.849197] ffff888102f96800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.849499] ffff888102f96880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850043] >ffff888102f96900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.850552] ^ [ 14.851316] ffff888102f96980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.851888] ffff888102f96a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.852219] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault: Failure
Automatically assigned
[ 14.749271] ================================================================== [ 14.750867] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 14.751821] Read of size 8 at addr ffff8881028b1a78 by task kunit_try_catch/298 [ 14.752650] [ 14.752769] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.752822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.752837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.752861] Call Trace: [ 14.752875] <TASK> [ 14.752894] dump_stack_lvl+0x73/0xb0 [ 14.752924] print_report+0xd1/0x650 [ 14.752949] ? __virt_addr_valid+0x1db/0x2d0 [ 14.752974] ? copy_to_kernel_nofault+0x225/0x260 [ 14.753000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.753024] ? copy_to_kernel_nofault+0x225/0x260 [ 14.753052] kasan_report+0x141/0x180 [ 14.753076] ? copy_to_kernel_nofault+0x225/0x260 [ 14.753107] __asan_report_load8_noabort+0x18/0x20 [ 14.753129] copy_to_kernel_nofault+0x225/0x260 [ 14.753157] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 14.753182] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.753208] ? finish_task_switch.isra.0+0x153/0x700 [ 14.753233] ? __schedule+0x10cc/0x2b60 [ 14.753258] ? trace_hardirqs_on+0x37/0xe0 [ 14.753290] ? __pfx_read_tsc+0x10/0x10 [ 14.753312] ? ktime_get_ts64+0x86/0x230 [ 14.753338] kunit_try_run_case+0x1a5/0x480 [ 14.753361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.753381] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.753407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.753432] ? __kthread_parkme+0x82/0x180 [ 14.753453] ? preempt_count_sub+0x50/0x80 [ 14.753478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.753500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.753525] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.753551] kthread+0x337/0x6f0 [ 14.753572] ? trace_preempt_on+0x20/0xc0 [ 14.753595] ? __pfx_kthread+0x10/0x10 [ 14.753626] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.753650] ? calculate_sigpending+0x7b/0xa0 [ 14.753676] ? __pfx_kthread+0x10/0x10 [ 14.753698] ret_from_fork+0x116/0x1d0 [ 14.753718] ? __pfx_kthread+0x10/0x10 [ 14.753740] ret_from_fork_asm+0x1a/0x30 [ 14.753771] </TASK> [ 14.753784] [ 14.766411] Allocated by task 298: [ 14.766559] kasan_save_stack+0x45/0x70 [ 14.766924] kasan_save_track+0x18/0x40 [ 14.767272] kasan_save_alloc_info+0x3b/0x50 [ 14.767847] __kasan_kmalloc+0xb7/0xc0 [ 14.768191] __kmalloc_cache_noprof+0x189/0x420 [ 14.768635] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.769259] kunit_try_run_case+0x1a5/0x480 [ 14.769896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.770400] kthread+0x337/0x6f0 [ 14.770740] ret_from_fork+0x116/0x1d0 [ 14.771176] ret_from_fork_asm+0x1a/0x30 [ 14.771558] [ 14.771754] The buggy address belongs to the object at ffff8881028b1a00 [ 14.771754] which belongs to the cache kmalloc-128 of size 128 [ 14.773147] The buggy address is located 0 bytes to the right of [ 14.773147] allocated 120-byte region [ffff8881028b1a00, ffff8881028b1a78) [ 14.774359] [ 14.774564] The buggy address belongs to the physical page: [ 14.775220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b1 [ 14.776168] flags: 0x200000000000000(node=0|zone=2) [ 14.776648] page_type: f5(slab) [ 14.777045] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.777879] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.778563] page dumped because: kasan: bad access detected [ 14.779133] [ 14.779323] Memory state around the buggy address: [ 14.779794] ffff8881028b1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.780588] ffff8881028b1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.781348] >ffff8881028b1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.781874] ^ [ 14.782231] ffff8881028b1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.782459] ffff8881028b1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.782718] ================================================================== [ 14.784049] ================================================================== [ 14.784717] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 14.785348] Write of size 8 at addr ffff8881028b1a78 by task kunit_try_catch/298 [ 14.785995] [ 14.786227] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.786285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.786299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.786321] Call Trace: [ 14.786473] <TASK> [ 14.786489] dump_stack_lvl+0x73/0xb0 [ 14.786517] print_report+0xd1/0x650 [ 14.786545] ? __virt_addr_valid+0x1db/0x2d0 [ 14.786569] ? copy_to_kernel_nofault+0x99/0x260 [ 14.786595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.786629] ? copy_to_kernel_nofault+0x99/0x260 [ 14.786656] kasan_report+0x141/0x180 [ 14.786680] ? copy_to_kernel_nofault+0x99/0x260 [ 14.786711] kasan_check_range+0x10c/0x1c0 [ 14.786737] __kasan_check_write+0x18/0x20 [ 14.786759] copy_to_kernel_nofault+0x99/0x260 [ 14.786787] copy_to_kernel_nofault_oob+0x288/0x560 [ 14.786824] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 14.786864] ? finish_task_switch.isra.0+0x153/0x700 [ 14.786889] ? __schedule+0x10cc/0x2b60 [ 14.786913] ? trace_hardirqs_on+0x37/0xe0 [ 14.786945] ? __pfx_read_tsc+0x10/0x10 [ 14.786967] ? ktime_get_ts64+0x86/0x230 [ 14.786992] kunit_try_run_case+0x1a5/0x480 [ 14.787015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.787035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.787061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.787087] ? __kthread_parkme+0x82/0x180 [ 14.787108] ? preempt_count_sub+0x50/0x80 [ 14.787132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.787154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.787179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.787205] kthread+0x337/0x6f0 [ 14.787226] ? trace_preempt_on+0x20/0xc0 [ 14.787249] ? __pfx_kthread+0x10/0x10 [ 14.787271] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.787294] ? calculate_sigpending+0x7b/0xa0 [ 14.787319] ? __pfx_kthread+0x10/0x10 [ 14.787342] ret_from_fork+0x116/0x1d0 [ 14.787361] ? __pfx_kthread+0x10/0x10 [ 14.787383] ret_from_fork_asm+0x1a/0x30 [ 14.787414] </TASK> [ 14.787425] [ 14.800468] Allocated by task 298: [ 14.800679] kasan_save_stack+0x45/0x70 [ 14.800997] kasan_save_track+0x18/0x40 [ 14.801207] kasan_save_alloc_info+0x3b/0x50 [ 14.801408] __kasan_kmalloc+0xb7/0xc0 [ 14.801579] __kmalloc_cache_noprof+0x189/0x420 [ 14.801750] copy_to_kernel_nofault_oob+0x12f/0x560 [ 14.801981] kunit_try_run_case+0x1a5/0x480 [ 14.802304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.802503] kthread+0x337/0x6f0 [ 14.802694] ret_from_fork+0x116/0x1d0 [ 14.803145] ret_from_fork_asm+0x1a/0x30 [ 14.803330] [ 14.803427] The buggy address belongs to the object at ffff8881028b1a00 [ 14.803427] which belongs to the cache kmalloc-128 of size 128 [ 14.803838] The buggy address is located 0 bytes to the right of [ 14.803838] allocated 120-byte region [ffff8881028b1a00, ffff8881028b1a78) [ 14.804470] [ 14.804550] The buggy address belongs to the physical page: [ 14.805012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b1 [ 14.805308] flags: 0x200000000000000(node=0|zone=2) [ 14.805533] page_type: f5(slab) [ 14.805724] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.806149] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.806410] page dumped because: kasan: bad access detected [ 14.806709] [ 14.806918] Memory state around the buggy address: [ 14.807237] ffff8881028b1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.807527] ffff8881028b1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.807966] >ffff8881028b1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.808257] ^ [ 14.808543] ffff8881028b1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.808978] ffff8881028b1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.809232] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper: Failure
Automatically assigned
[ 13.411426] ================================================================== [ 13.411701] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.412316] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.412894] [ 13.413066] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.413114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.413127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.413150] Call Trace: [ 13.413166] <TASK> [ 13.413183] dump_stack_lvl+0x73/0xb0 [ 13.413211] print_report+0xd1/0x650 [ 13.413350] ? __virt_addr_valid+0x1db/0x2d0 [ 13.413373] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.413397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.413420] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.413444] kasan_report+0x141/0x180 [ 13.413525] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.413559] __asan_report_load4_noabort+0x18/0x20 [ 13.413581] kasan_atomics_helper+0x4b54/0x5450 [ 13.413606] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.413643] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.413667] ? kasan_atomics+0x152/0x310 [ 13.413691] kasan_atomics+0x1dc/0x310 [ 13.413712] ? __pfx_kasan_atomics+0x10/0x10 [ 13.413734] ? __pfx_read_tsc+0x10/0x10 [ 13.413764] ? ktime_get_ts64+0x86/0x230 [ 13.413792] kunit_try_run_case+0x1a5/0x480 [ 13.413828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.413849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.413875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.413901] ? __kthread_parkme+0x82/0x180 [ 13.413923] ? preempt_count_sub+0x50/0x80 [ 13.413948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.413971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.413996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.414023] kthread+0x337/0x6f0 [ 13.414043] ? trace_preempt_on+0x20/0xc0 [ 13.414067] ? __pfx_kthread+0x10/0x10 [ 13.414089] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.414113] ? calculate_sigpending+0x7b/0xa0 [ 13.414139] ? __pfx_kthread+0x10/0x10 [ 13.414162] ret_from_fork+0x116/0x1d0 [ 13.414182] ? __pfx_kthread+0x10/0x10 [ 13.414206] ret_from_fork_asm+0x1a/0x30 [ 13.414237] </TASK> [ 13.414248] [ 13.424975] Allocated by task 282: [ 13.425796] kasan_save_stack+0x45/0x70 [ 13.426022] kasan_save_track+0x18/0x40 [ 13.426645] kasan_save_alloc_info+0x3b/0x50 [ 13.426946] __kasan_kmalloc+0xb7/0xc0 [ 13.427157] __kmalloc_cache_noprof+0x189/0x420 [ 13.427331] kasan_atomics+0x95/0x310 [ 13.427526] kunit_try_run_case+0x1a5/0x480 [ 13.427745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.428064] kthread+0x337/0x6f0 [ 13.428227] ret_from_fork+0x116/0x1d0 [ 13.428423] ret_from_fork_asm+0x1a/0x30 [ 13.428634] [ 13.428711] The buggy address belongs to the object at ffff888102fa7d80 [ 13.428711] which belongs to the cache kmalloc-64 of size 64 [ 13.429476] The buggy address is located 0 bytes to the right of [ 13.429476] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.430053] [ 13.430203] The buggy address belongs to the physical page: [ 13.430438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.430951] flags: 0x200000000000000(node=0|zone=2) [ 13.431138] page_type: f5(slab) [ 13.431349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.431909] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.432446] page dumped because: kasan: bad access detected [ 13.433295] [ 13.433382] Memory state around the buggy address: [ 13.433861] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.434298] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.434702] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.435202] ^ [ 13.435439] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.435763] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.436071] ================================================================== [ 13.482921] ================================================================== [ 13.483376] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.483743] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.484301] [ 13.484423] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.484470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.484484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.484507] Call Trace: [ 13.484522] <TASK> [ 13.484538] dump_stack_lvl+0x73/0xb0 [ 13.484565] print_report+0xd1/0x650 [ 13.484589] ? __virt_addr_valid+0x1db/0x2d0 [ 13.484626] ? kasan_atomics_helper+0x565/0x5450 [ 13.484650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.484675] ? kasan_atomics_helper+0x565/0x5450 [ 13.484699] kasan_report+0x141/0x180 [ 13.484722] ? kasan_atomics_helper+0x565/0x5450 [ 13.484750] kasan_check_range+0x10c/0x1c0 [ 13.484837] __kasan_check_write+0x18/0x20 [ 13.484860] kasan_atomics_helper+0x565/0x5450 [ 13.484885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.484909] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.484932] ? kasan_atomics+0x152/0x310 [ 13.484957] kasan_atomics+0x1dc/0x310 [ 13.484979] ? __pfx_kasan_atomics+0x10/0x10 [ 13.485003] ? __pfx_read_tsc+0x10/0x10 [ 13.485026] ? ktime_get_ts64+0x86/0x230 [ 13.485052] kunit_try_run_case+0x1a5/0x480 [ 13.485074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.485095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.485121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.485148] ? __kthread_parkme+0x82/0x180 [ 13.485170] ? preempt_count_sub+0x50/0x80 [ 13.485196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.485219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.485244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.485270] kthread+0x337/0x6f0 [ 13.485291] ? trace_preempt_on+0x20/0xc0 [ 13.485315] ? __pfx_kthread+0x10/0x10 [ 13.485337] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.485361] ? calculate_sigpending+0x7b/0xa0 [ 13.485386] ? __pfx_kthread+0x10/0x10 [ 13.485410] ret_from_fork+0x116/0x1d0 [ 13.485429] ? __pfx_kthread+0x10/0x10 [ 13.485450] ret_from_fork_asm+0x1a/0x30 [ 13.485482] </TASK> [ 13.485494] [ 13.496443] Allocated by task 282: [ 13.496633] kasan_save_stack+0x45/0x70 [ 13.497405] kasan_save_track+0x18/0x40 [ 13.497696] kasan_save_alloc_info+0x3b/0x50 [ 13.498144] __kasan_kmalloc+0xb7/0xc0 [ 13.498349] __kmalloc_cache_noprof+0x189/0x420 [ 13.498868] kasan_atomics+0x95/0x310 [ 13.499137] kunit_try_run_case+0x1a5/0x480 [ 13.499477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.499957] kthread+0x337/0x6f0 [ 13.500135] ret_from_fork+0x116/0x1d0 [ 13.500305] ret_from_fork_asm+0x1a/0x30 [ 13.500488] [ 13.500585] The buggy address belongs to the object at ffff888102fa7d80 [ 13.500585] which belongs to the cache kmalloc-64 of size 64 [ 13.501192] The buggy address is located 0 bytes to the right of [ 13.501192] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.501863] [ 13.501953] The buggy address belongs to the physical page: [ 13.502136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.502503] flags: 0x200000000000000(node=0|zone=2) [ 13.502787] page_type: f5(slab) [ 13.502949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.503282] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.503537] page dumped because: kasan: bad access detected [ 13.503790] [ 13.504007] Memory state around the buggy address: [ 13.504175] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.504495] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.504833] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.505322] ^ [ 13.505553] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.505895] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.506261] ================================================================== [ 14.695092] ================================================================== [ 14.695491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.695917] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.696164] [ 14.696275] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.696320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.696334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.696356] Call Trace: [ 14.696371] <TASK> [ 14.696388] dump_stack_lvl+0x73/0xb0 [ 14.696417] print_report+0xd1/0x650 [ 14.696441] ? __virt_addr_valid+0x1db/0x2d0 [ 14.696464] ? kasan_atomics_helper+0x224c/0x5450 [ 14.696487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.696512] ? kasan_atomics_helper+0x224c/0x5450 [ 14.696540] kasan_report+0x141/0x180 [ 14.696566] ? kasan_atomics_helper+0x224c/0x5450 [ 14.696595] kasan_check_range+0x10c/0x1c0 [ 14.696632] __kasan_check_write+0x18/0x20 [ 14.696654] kasan_atomics_helper+0x224c/0x5450 [ 14.696679] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.696702] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.696726] ? kasan_atomics+0x152/0x310 [ 14.696750] kasan_atomics+0x1dc/0x310 [ 14.696792] ? __pfx_kasan_atomics+0x10/0x10 [ 14.696815] ? __pfx_read_tsc+0x10/0x10 [ 14.696838] ? ktime_get_ts64+0x86/0x230 [ 14.696865] kunit_try_run_case+0x1a5/0x480 [ 14.696888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.696909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.696936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.696963] ? __kthread_parkme+0x82/0x180 [ 14.696985] ? preempt_count_sub+0x50/0x80 [ 14.697009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.697058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.697084] kthread+0x337/0x6f0 [ 14.697105] ? trace_preempt_on+0x20/0xc0 [ 14.697129] ? __pfx_kthread+0x10/0x10 [ 14.697151] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.697175] ? calculate_sigpending+0x7b/0xa0 [ 14.697200] ? __pfx_kthread+0x10/0x10 [ 14.697222] ret_from_fork+0x116/0x1d0 [ 14.697241] ? __pfx_kthread+0x10/0x10 [ 14.697263] ret_from_fork_asm+0x1a/0x30 [ 14.697295] </TASK> [ 14.697307] [ 14.704927] Allocated by task 282: [ 14.705107] kasan_save_stack+0x45/0x70 [ 14.705272] kasan_save_track+0x18/0x40 [ 14.705415] kasan_save_alloc_info+0x3b/0x50 [ 14.705584] __kasan_kmalloc+0xb7/0xc0 [ 14.705810] __kmalloc_cache_noprof+0x189/0x420 [ 14.706036] kasan_atomics+0x95/0x310 [ 14.706223] kunit_try_run_case+0x1a5/0x480 [ 14.706387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.706652] kthread+0x337/0x6f0 [ 14.706844] ret_from_fork+0x116/0x1d0 [ 14.707018] ret_from_fork_asm+0x1a/0x30 [ 14.707184] [ 14.707261] The buggy address belongs to the object at ffff888102fa7d80 [ 14.707261] which belongs to the cache kmalloc-64 of size 64 [ 14.707648] The buggy address is located 0 bytes to the right of [ 14.707648] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.708235] [ 14.708336] The buggy address belongs to the physical page: [ 14.708593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.708925] flags: 0x200000000000000(node=0|zone=2) [ 14.709098] page_type: f5(slab) [ 14.709223] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.709568] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.709951] page dumped because: kasan: bad access detected [ 14.710222] [ 14.710326] Memory state around the buggy address: [ 14.710561] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.710898] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.711195] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.711483] ^ [ 14.711692] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712030] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.712309] ================================================================== [ 14.031272] ================================================================== [ 14.031575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.032083] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.032396] [ 14.032508] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.032554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.032567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.032588] Call Trace: [ 14.032604] <TASK> [ 14.032631] dump_stack_lvl+0x73/0xb0 [ 14.032658] print_report+0xd1/0x650 [ 14.032681] ? __virt_addr_valid+0x1db/0x2d0 [ 14.032705] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.032728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.032869] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.032894] kasan_report+0x141/0x180 [ 14.032918] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.032946] __asan_report_load4_noabort+0x18/0x20 [ 14.032970] kasan_atomics_helper+0x49e8/0x5450 [ 14.032994] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.033018] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.033041] ? kasan_atomics+0x152/0x310 [ 14.033065] kasan_atomics+0x1dc/0x310 [ 14.033086] ? __pfx_kasan_atomics+0x10/0x10 [ 14.033108] ? __pfx_read_tsc+0x10/0x10 [ 14.033130] ? ktime_get_ts64+0x86/0x230 [ 14.033156] kunit_try_run_case+0x1a5/0x480 [ 14.033178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.033199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.033225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.033252] ? __kthread_parkme+0x82/0x180 [ 14.033273] ? preempt_count_sub+0x50/0x80 [ 14.033298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.033320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.033345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.033371] kthread+0x337/0x6f0 [ 14.033392] ? trace_preempt_on+0x20/0xc0 [ 14.033416] ? __pfx_kthread+0x10/0x10 [ 14.033438] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.033462] ? calculate_sigpending+0x7b/0xa0 [ 14.033487] ? __pfx_kthread+0x10/0x10 [ 14.033511] ret_from_fork+0x116/0x1d0 [ 14.033530] ? __pfx_kthread+0x10/0x10 [ 14.033552] ret_from_fork_asm+0x1a/0x30 [ 14.033583] </TASK> [ 14.033595] [ 14.042133] Allocated by task 282: [ 14.042282] kasan_save_stack+0x45/0x70 [ 14.042494] kasan_save_track+0x18/0x40 [ 14.042837] kasan_save_alloc_info+0x3b/0x50 [ 14.043034] __kasan_kmalloc+0xb7/0xc0 [ 14.043174] __kmalloc_cache_noprof+0x189/0x420 [ 14.043348] kasan_atomics+0x95/0x310 [ 14.043537] kunit_try_run_case+0x1a5/0x480 [ 14.043768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.044019] kthread+0x337/0x6f0 [ 14.044147] ret_from_fork+0x116/0x1d0 [ 14.044286] ret_from_fork_asm+0x1a/0x30 [ 14.044433] [ 14.044510] The buggy address belongs to the object at ffff888102fa7d80 [ 14.044510] which belongs to the cache kmalloc-64 of size 64 [ 14.044933] The buggy address is located 0 bytes to the right of [ 14.044933] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.045576] [ 14.045685] The buggy address belongs to the physical page: [ 14.045976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.046381] flags: 0x200000000000000(node=0|zone=2) [ 14.046660] page_type: f5(slab) [ 14.046862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.047234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.047537] page dumped because: kasan: bad access detected [ 14.047752] [ 14.047842] Memory state around the buggy address: [ 14.048023] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.048616] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.048919] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.049140] ^ [ 14.049325] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.049551] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.049889] ================================================================== [ 13.506718] ================================================================== [ 13.507249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.507533] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.508019] [ 13.508119] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.508167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.508180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.508203] Call Trace: [ 13.508218] <TASK> [ 13.508234] dump_stack_lvl+0x73/0xb0 [ 13.508260] print_report+0xd1/0x650 [ 13.508283] ? __virt_addr_valid+0x1db/0x2d0 [ 13.508306] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.508329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.508353] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.508377] kasan_report+0x141/0x180 [ 13.508400] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.508429] kasan_check_range+0x10c/0x1c0 [ 13.508455] __kasan_check_write+0x18/0x20 [ 13.508476] kasan_atomics_helper+0x5fe/0x5450 [ 13.508500] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.508524] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.508548] ? kasan_atomics+0x152/0x310 [ 13.508573] kasan_atomics+0x1dc/0x310 [ 13.508593] ? __pfx_kasan_atomics+0x10/0x10 [ 13.508625] ? __pfx_read_tsc+0x10/0x10 [ 13.508647] ? ktime_get_ts64+0x86/0x230 [ 13.508674] kunit_try_run_case+0x1a5/0x480 [ 13.508695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.508716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.508758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.508783] ? __kthread_parkme+0x82/0x180 [ 13.508805] ? preempt_count_sub+0x50/0x80 [ 13.508830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.508852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.508878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.508905] kthread+0x337/0x6f0 [ 13.508926] ? trace_preempt_on+0x20/0xc0 [ 13.508950] ? __pfx_kthread+0x10/0x10 [ 13.508973] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.508996] ? calculate_sigpending+0x7b/0xa0 [ 13.509022] ? __pfx_kthread+0x10/0x10 [ 13.509044] ret_from_fork+0x116/0x1d0 [ 13.509064] ? __pfx_kthread+0x10/0x10 [ 13.509085] ret_from_fork_asm+0x1a/0x30 [ 13.509117] </TASK> [ 13.509129] [ 13.517399] Allocated by task 282: [ 13.517540] kasan_save_stack+0x45/0x70 [ 13.517764] kasan_save_track+0x18/0x40 [ 13.518163] kasan_save_alloc_info+0x3b/0x50 [ 13.518349] __kasan_kmalloc+0xb7/0xc0 [ 13.518526] __kmalloc_cache_noprof+0x189/0x420 [ 13.518801] kasan_atomics+0x95/0x310 [ 13.519137] kunit_try_run_case+0x1a5/0x480 [ 13.519313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.519542] kthread+0x337/0x6f0 [ 13.519738] ret_from_fork+0x116/0x1d0 [ 13.519980] ret_from_fork_asm+0x1a/0x30 [ 13.520166] [ 13.520266] The buggy address belongs to the object at ffff888102fa7d80 [ 13.520266] which belongs to the cache kmalloc-64 of size 64 [ 13.520724] The buggy address is located 0 bytes to the right of [ 13.520724] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.521109] [ 13.521186] The buggy address belongs to the physical page: [ 13.521410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.521781] flags: 0x200000000000000(node=0|zone=2) [ 13.522021] page_type: f5(slab) [ 13.522195] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.522527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.522781] page dumped because: kasan: bad access detected [ 13.523040] [ 13.523138] Memory state around the buggy address: [ 13.523371] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.523962] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.524247] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.524511] ^ [ 13.524714] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.525176] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.525455] ================================================================== [ 14.377398] ================================================================== [ 14.377870] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.378235] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.378572] [ 14.378686] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.378732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.378746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.378768] Call Trace: [ 14.378786] <TASK> [ 14.378802] dump_stack_lvl+0x73/0xb0 [ 14.378827] print_report+0xd1/0x650 [ 14.378850] ? __virt_addr_valid+0x1db/0x2d0 [ 14.378873] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.378896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.378921] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.378945] kasan_report+0x141/0x180 [ 14.378969] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.378997] kasan_check_range+0x10c/0x1c0 [ 14.379022] __kasan_check_write+0x18/0x20 [ 14.379043] kasan_atomics_helper+0x1b22/0x5450 [ 14.379067] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.379091] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.379114] ? kasan_atomics+0x152/0x310 [ 14.379138] kasan_atomics+0x1dc/0x310 [ 14.379159] ? __pfx_kasan_atomics+0x10/0x10 [ 14.379181] ? __pfx_read_tsc+0x10/0x10 [ 14.379204] ? ktime_get_ts64+0x86/0x230 [ 14.379229] kunit_try_run_case+0x1a5/0x480 [ 14.379252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.379273] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.379298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.379324] ? __kthread_parkme+0x82/0x180 [ 14.379345] ? preempt_count_sub+0x50/0x80 [ 14.379370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.379392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.379417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.379443] kthread+0x337/0x6f0 [ 14.379463] ? trace_preempt_on+0x20/0xc0 [ 14.379486] ? __pfx_kthread+0x10/0x10 [ 14.379510] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.379535] ? calculate_sigpending+0x7b/0xa0 [ 14.379560] ? __pfx_kthread+0x10/0x10 [ 14.379582] ret_from_fork+0x116/0x1d0 [ 14.379602] ? __pfx_kthread+0x10/0x10 [ 14.379635] ret_from_fork_asm+0x1a/0x30 [ 14.379667] </TASK> [ 14.379680] [ 14.387363] Allocated by task 282: [ 14.387545] kasan_save_stack+0x45/0x70 [ 14.387759] kasan_save_track+0x18/0x40 [ 14.387970] kasan_save_alloc_info+0x3b/0x50 [ 14.388157] __kasan_kmalloc+0xb7/0xc0 [ 14.388296] __kmalloc_cache_noprof+0x189/0x420 [ 14.388455] kasan_atomics+0x95/0x310 [ 14.388591] kunit_try_run_case+0x1a5/0x480 [ 14.388751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.388936] kthread+0x337/0x6f0 [ 14.389063] ret_from_fork+0x116/0x1d0 [ 14.389202] ret_from_fork_asm+0x1a/0x30 [ 14.389406] [ 14.389505] The buggy address belongs to the object at ffff888102fa7d80 [ 14.389505] which belongs to the cache kmalloc-64 of size 64 [ 14.390046] The buggy address is located 0 bytes to the right of [ 14.390046] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.390620] [ 14.390721] The buggy address belongs to the physical page: [ 14.391072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.391381] flags: 0x200000000000000(node=0|zone=2) [ 14.391591] page_type: f5(slab) [ 14.391726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.391969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.392205] page dumped because: kasan: bad access detected [ 14.392386] [ 14.392459] Memory state around the buggy address: [ 14.392628] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.393190] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.393523] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.393969] ^ [ 14.394212] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.394552] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.394880] ================================================================== [ 14.126864] ================================================================== [ 14.127198] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.127485] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.127728] [ 14.127913] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.127958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.127972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.127994] Call Trace: [ 14.128010] <TASK> [ 14.128026] dump_stack_lvl+0x73/0xb0 [ 14.128053] print_report+0xd1/0x650 [ 14.128076] ? __virt_addr_valid+0x1db/0x2d0 [ 14.128101] ? kasan_atomics_helper+0x1467/0x5450 [ 14.128124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.128148] ? kasan_atomics_helper+0x1467/0x5450 [ 14.128172] kasan_report+0x141/0x180 [ 14.128195] ? kasan_atomics_helper+0x1467/0x5450 [ 14.128224] kasan_check_range+0x10c/0x1c0 [ 14.128249] __kasan_check_write+0x18/0x20 [ 14.128271] kasan_atomics_helper+0x1467/0x5450 [ 14.128295] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.128320] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.128342] ? kasan_atomics+0x152/0x310 [ 14.128366] kasan_atomics+0x1dc/0x310 [ 14.128387] ? __pfx_kasan_atomics+0x10/0x10 [ 14.128410] ? __pfx_read_tsc+0x10/0x10 [ 14.128432] ? ktime_get_ts64+0x86/0x230 [ 14.128457] kunit_try_run_case+0x1a5/0x480 [ 14.128480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.128501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.128527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.128554] ? __kthread_parkme+0x82/0x180 [ 14.128575] ? preempt_count_sub+0x50/0x80 [ 14.128600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.128636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.128662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.128689] kthread+0x337/0x6f0 [ 14.128709] ? trace_preempt_on+0x20/0xc0 [ 14.128732] ? __pfx_kthread+0x10/0x10 [ 14.128755] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.128802] ? calculate_sigpending+0x7b/0xa0 [ 14.128827] ? __pfx_kthread+0x10/0x10 [ 14.128850] ret_from_fork+0x116/0x1d0 [ 14.128870] ? __pfx_kthread+0x10/0x10 [ 14.128893] ret_from_fork_asm+0x1a/0x30 [ 14.128924] </TASK> [ 14.128936] [ 14.138596] Allocated by task 282: [ 14.139092] kasan_save_stack+0x45/0x70 [ 14.139721] kasan_save_track+0x18/0x40 [ 14.140553] kasan_save_alloc_info+0x3b/0x50 [ 14.141192] __kasan_kmalloc+0xb7/0xc0 [ 14.141847] __kmalloc_cache_noprof+0x189/0x420 [ 14.142222] kasan_atomics+0x95/0x310 [ 14.142374] kunit_try_run_case+0x1a5/0x480 [ 14.142528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.143590] kthread+0x337/0x6f0 [ 14.144254] ret_from_fork+0x116/0x1d0 [ 14.144743] ret_from_fork_asm+0x1a/0x30 [ 14.145381] [ 14.145570] The buggy address belongs to the object at ffff888102fa7d80 [ 14.145570] which belongs to the cache kmalloc-64 of size 64 [ 14.146989] The buggy address is located 0 bytes to the right of [ 14.146989] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.148389] [ 14.148763] The buggy address belongs to the physical page: [ 14.149462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.150317] flags: 0x200000000000000(node=0|zone=2) [ 14.150500] page_type: f5(slab) [ 14.150647] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.151498] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.152635] page dumped because: kasan: bad access detected [ 14.153428] [ 14.153782] Memory state around the buggy address: [ 14.154239] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.154478] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.155023] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.155707] ^ [ 14.156269] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.156784] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.157150] ================================================================== [ 14.204690] ================================================================== [ 14.205051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.205398] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.205969] [ 14.206106] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.206153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.206167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.206189] Call Trace: [ 14.206205] <TASK> [ 14.206222] dump_stack_lvl+0x73/0xb0 [ 14.206248] print_report+0xd1/0x650 [ 14.206272] ? __virt_addr_valid+0x1db/0x2d0 [ 14.206296] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.206319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.206344] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.206369] kasan_report+0x141/0x180 [ 14.206394] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.206422] kasan_check_range+0x10c/0x1c0 [ 14.206447] __kasan_check_write+0x18/0x20 [ 14.206469] kasan_atomics_helper+0x15b6/0x5450 [ 14.206493] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.206517] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.206546] ? kasan_atomics+0x152/0x310 [ 14.206583] kasan_atomics+0x1dc/0x310 [ 14.206604] ? __pfx_kasan_atomics+0x10/0x10 [ 14.206636] ? __pfx_read_tsc+0x10/0x10 [ 14.206660] ? ktime_get_ts64+0x86/0x230 [ 14.206685] kunit_try_run_case+0x1a5/0x480 [ 14.206712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.206760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.206798] ? __kthread_parkme+0x82/0x180 [ 14.206822] ? preempt_count_sub+0x50/0x80 [ 14.206848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.206924] kthread+0x337/0x6f0 [ 14.206946] ? trace_preempt_on+0x20/0xc0 [ 14.206970] ? __pfx_kthread+0x10/0x10 [ 14.206993] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.207016] ? calculate_sigpending+0x7b/0xa0 [ 14.207041] ? __pfx_kthread+0x10/0x10 [ 14.207064] ret_from_fork+0x116/0x1d0 [ 14.207084] ? __pfx_kthread+0x10/0x10 [ 14.207106] ret_from_fork_asm+0x1a/0x30 [ 14.207138] </TASK> [ 14.207150] [ 14.215171] Allocated by task 282: [ 14.215341] kasan_save_stack+0x45/0x70 [ 14.215514] kasan_save_track+0x18/0x40 [ 14.215669] kasan_save_alloc_info+0x3b/0x50 [ 14.215825] __kasan_kmalloc+0xb7/0xc0 [ 14.215964] __kmalloc_cache_noprof+0x189/0x420 [ 14.216125] kasan_atomics+0x95/0x310 [ 14.216262] kunit_try_run_case+0x1a5/0x480 [ 14.216455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216735] kthread+0x337/0x6f0 [ 14.216908] ret_from_fork+0x116/0x1d0 [ 14.217100] ret_from_fork_asm+0x1a/0x30 [ 14.217300] [ 14.217398] The buggy address belongs to the object at ffff888102fa7d80 [ 14.217398] which belongs to the cache kmalloc-64 of size 64 [ 14.218335] The buggy address is located 0 bytes to the right of [ 14.218335] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.218729] [ 14.218806] The buggy address belongs to the physical page: [ 14.218985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.219670] flags: 0x200000000000000(node=0|zone=2) [ 14.220086] page_type: f5(slab) [ 14.220259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.220606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.220852] page dumped because: kasan: bad access detected [ 14.221031] [ 14.221105] Memory state around the buggy address: [ 14.221516] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.221951] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.222257] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.222559] ^ [ 14.222788] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.223056] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.223279] ================================================================== [ 14.323423] ================================================================== [ 14.323872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.324213] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.324481] [ 14.324596] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.324655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.324669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.324691] Call Trace: [ 14.324708] <TASK> [ 14.324723] dump_stack_lvl+0x73/0xb0 [ 14.324749] print_report+0xd1/0x650 [ 14.324783] ? __virt_addr_valid+0x1db/0x2d0 [ 14.324807] ? kasan_atomics_helper+0x194a/0x5450 [ 14.324829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.324853] ? kasan_atomics_helper+0x194a/0x5450 [ 14.324877] kasan_report+0x141/0x180 [ 14.324903] ? kasan_atomics_helper+0x194a/0x5450 [ 14.324931] kasan_check_range+0x10c/0x1c0 [ 14.324955] __kasan_check_write+0x18/0x20 [ 14.324976] kasan_atomics_helper+0x194a/0x5450 [ 14.325000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.325024] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.325055] ? kasan_atomics+0x152/0x310 [ 14.325079] kasan_atomics+0x1dc/0x310 [ 14.325101] ? __pfx_kasan_atomics+0x10/0x10 [ 14.325123] ? __pfx_read_tsc+0x10/0x10 [ 14.325147] ? ktime_get_ts64+0x86/0x230 [ 14.325172] kunit_try_run_case+0x1a5/0x480 [ 14.325194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.325215] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.325240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.325265] ? __kthread_parkme+0x82/0x180 [ 14.325287] ? preempt_count_sub+0x50/0x80 [ 14.325313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.325335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.325361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.325387] kthread+0x337/0x6f0 [ 14.325408] ? trace_preempt_on+0x20/0xc0 [ 14.325431] ? __pfx_kthread+0x10/0x10 [ 14.325454] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.325477] ? calculate_sigpending+0x7b/0xa0 [ 14.325502] ? __pfx_kthread+0x10/0x10 [ 14.325525] ret_from_fork+0x116/0x1d0 [ 14.325545] ? __pfx_kthread+0x10/0x10 [ 14.325567] ret_from_fork_asm+0x1a/0x30 [ 14.325599] </TASK> [ 14.325623] [ 14.333274] Allocated by task 282: [ 14.333457] kasan_save_stack+0x45/0x70 [ 14.333645] kasan_save_track+0x18/0x40 [ 14.333858] kasan_save_alloc_info+0x3b/0x50 [ 14.334064] __kasan_kmalloc+0xb7/0xc0 [ 14.334225] __kmalloc_cache_noprof+0x189/0x420 [ 14.334411] kasan_atomics+0x95/0x310 [ 14.334605] kunit_try_run_case+0x1a5/0x480 [ 14.334843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.335069] kthread+0x337/0x6f0 [ 14.335208] ret_from_fork+0x116/0x1d0 [ 14.335347] ret_from_fork_asm+0x1a/0x30 [ 14.335492] [ 14.335567] The buggy address belongs to the object at ffff888102fa7d80 [ 14.335567] which belongs to the cache kmalloc-64 of size 64 [ 14.336296] The buggy address is located 0 bytes to the right of [ 14.336296] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.336682] [ 14.336758] The buggy address belongs to the physical page: [ 14.337334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.337718] flags: 0x200000000000000(node=0|zone=2) [ 14.337961] page_type: f5(slab) [ 14.338166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.338474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.338746] page dumped because: kasan: bad access detected [ 14.339005] [ 14.339160] Memory state around the buggy address: [ 14.339359] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.339624] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.340091] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.340381] ^ [ 14.340585] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.340858] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.341081] ================================================================== [ 14.558922] ================================================================== [ 14.559407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.559732] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.560087] [ 14.560240] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.560286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.560300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.560322] Call Trace: [ 14.560336] <TASK> [ 14.560350] dump_stack_lvl+0x73/0xb0 [ 14.560376] print_report+0xd1/0x650 [ 14.560402] ? __virt_addr_valid+0x1db/0x2d0 [ 14.560425] ? kasan_atomics_helper+0x2006/0x5450 [ 14.560456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.560503] ? kasan_atomics_helper+0x2006/0x5450 [ 14.560527] kasan_report+0x141/0x180 [ 14.560551] ? kasan_atomics_helper+0x2006/0x5450 [ 14.560581] kasan_check_range+0x10c/0x1c0 [ 14.560618] __kasan_check_write+0x18/0x20 [ 14.560639] kasan_atomics_helper+0x2006/0x5450 [ 14.560664] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.560688] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.560711] ? kasan_atomics+0x152/0x310 [ 14.560735] kasan_atomics+0x1dc/0x310 [ 14.560755] ? __pfx_kasan_atomics+0x10/0x10 [ 14.560778] ? __pfx_read_tsc+0x10/0x10 [ 14.560800] ? ktime_get_ts64+0x86/0x230 [ 14.560826] kunit_try_run_case+0x1a5/0x480 [ 14.560848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.560905] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.560951] ? __kthread_parkme+0x82/0x180 [ 14.560973] ? preempt_count_sub+0x50/0x80 [ 14.560998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.561021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.561046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.561072] kthread+0x337/0x6f0 [ 14.561094] ? trace_preempt_on+0x20/0xc0 [ 14.561117] ? __pfx_kthread+0x10/0x10 [ 14.561140] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.561163] ? calculate_sigpending+0x7b/0xa0 [ 14.561188] ? __pfx_kthread+0x10/0x10 [ 14.561210] ret_from_fork+0x116/0x1d0 [ 14.561230] ? __pfx_kthread+0x10/0x10 [ 14.561251] ret_from_fork_asm+0x1a/0x30 [ 14.561283] </TASK> [ 14.561294] [ 14.569134] Allocated by task 282: [ 14.569319] kasan_save_stack+0x45/0x70 [ 14.569512] kasan_save_track+0x18/0x40 [ 14.569688] kasan_save_alloc_info+0x3b/0x50 [ 14.569840] __kasan_kmalloc+0xb7/0xc0 [ 14.569979] __kmalloc_cache_noprof+0x189/0x420 [ 14.570149] kasan_atomics+0x95/0x310 [ 14.570429] kunit_try_run_case+0x1a5/0x480 [ 14.572124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.572919] kthread+0x337/0x6f0 [ 14.573406] ret_from_fork+0x116/0x1d0 [ 14.573800] ret_from_fork_asm+0x1a/0x30 [ 14.574458] [ 14.574930] The buggy address belongs to the object at ffff888102fa7d80 [ 14.574930] which belongs to the cache kmalloc-64 of size 64 [ 14.576258] The buggy address is located 0 bytes to the right of [ 14.576258] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.577490] [ 14.577593] The buggy address belongs to the physical page: [ 14.578230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.578486] flags: 0x200000000000000(node=0|zone=2) [ 14.579056] page_type: f5(slab) [ 14.579745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.580630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.581412] page dumped because: kasan: bad access detected [ 14.581604] [ 14.581691] Memory state around the buggy address: [ 14.582416] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.583512] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.584317] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.584544] ^ [ 14.584721] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.585882] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.586800] ================================================================== [ 14.050389] ================================================================== [ 14.050933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.051277] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.051600] [ 14.051793] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.051840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.051854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.051877] Call Trace: [ 14.051893] <TASK> [ 14.051908] dump_stack_lvl+0x73/0xb0 [ 14.051935] print_report+0xd1/0x650 [ 14.051958] ? __virt_addr_valid+0x1db/0x2d0 [ 14.051981] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.052004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.052028] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.052052] kasan_report+0x141/0x180 [ 14.052076] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.052104] kasan_check_range+0x10c/0x1c0 [ 14.052129] __kasan_check_write+0x18/0x20 [ 14.052151] kasan_atomics_helper+0x12e6/0x5450 [ 14.052175] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.052199] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.052222] ? kasan_atomics+0x152/0x310 [ 14.052246] kasan_atomics+0x1dc/0x310 [ 14.052266] ? __pfx_kasan_atomics+0x10/0x10 [ 14.052288] ? __pfx_read_tsc+0x10/0x10 [ 14.052311] ? ktime_get_ts64+0x86/0x230 [ 14.052337] kunit_try_run_case+0x1a5/0x480 [ 14.052360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.052381] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.052406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.052432] ? __kthread_parkme+0x82/0x180 [ 14.052453] ? preempt_count_sub+0x50/0x80 [ 14.052479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.052502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.052527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.052555] kthread+0x337/0x6f0 [ 14.052576] ? trace_preempt_on+0x20/0xc0 [ 14.052599] ? __pfx_kthread+0x10/0x10 [ 14.052631] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.052654] ? calculate_sigpending+0x7b/0xa0 [ 14.052679] ? __pfx_kthread+0x10/0x10 [ 14.052702] ret_from_fork+0x116/0x1d0 [ 14.052722] ? __pfx_kthread+0x10/0x10 [ 14.052780] ret_from_fork_asm+0x1a/0x30 [ 14.052811] </TASK> [ 14.052823] [ 14.061107] Allocated by task 282: [ 14.061270] kasan_save_stack+0x45/0x70 [ 14.061423] kasan_save_track+0x18/0x40 [ 14.061572] kasan_save_alloc_info+0x3b/0x50 [ 14.061879] __kasan_kmalloc+0xb7/0xc0 [ 14.062079] __kmalloc_cache_noprof+0x189/0x420 [ 14.062304] kasan_atomics+0x95/0x310 [ 14.062478] kunit_try_run_case+0x1a5/0x480 [ 14.062701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.063089] kthread+0x337/0x6f0 [ 14.063229] ret_from_fork+0x116/0x1d0 [ 14.063449] ret_from_fork_asm+0x1a/0x30 [ 14.063595] [ 14.063704] The buggy address belongs to the object at ffff888102fa7d80 [ 14.063704] which belongs to the cache kmalloc-64 of size 64 [ 14.064341] The buggy address is located 0 bytes to the right of [ 14.064341] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.064831] [ 14.064908] The buggy address belongs to the physical page: [ 14.065090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.065365] flags: 0x200000000000000(node=0|zone=2) [ 14.065603] page_type: f5(slab) [ 14.065782] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.066265] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.066638] page dumped because: kasan: bad access detected [ 14.067147] [ 14.067225] Memory state around the buggy address: [ 14.067388] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.067624] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.067874] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.068507] ^ [ 14.068747] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.069341] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.069655] ================================================================== [ 14.223702] ================================================================== [ 14.224337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.224911] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.225335] [ 14.225442] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.225488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.225503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.225525] Call Trace: [ 14.225540] <TASK> [ 14.225555] dump_stack_lvl+0x73/0xb0 [ 14.225582] print_report+0xd1/0x650 [ 14.225606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.225640] ? kasan_atomics_helper+0x164f/0x5450 [ 14.225665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.225690] ? kasan_atomics_helper+0x164f/0x5450 [ 14.225714] kasan_report+0x141/0x180 [ 14.225739] ? kasan_atomics_helper+0x164f/0x5450 [ 14.225768] kasan_check_range+0x10c/0x1c0 [ 14.225794] __kasan_check_write+0x18/0x20 [ 14.225816] kasan_atomics_helper+0x164f/0x5450 [ 14.225842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.225867] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.225891] ? kasan_atomics+0x152/0x310 [ 14.225916] kasan_atomics+0x1dc/0x310 [ 14.225937] ? __pfx_kasan_atomics+0x10/0x10 [ 14.225960] ? __pfx_read_tsc+0x10/0x10 [ 14.225982] ? ktime_get_ts64+0x86/0x230 [ 14.226009] kunit_try_run_case+0x1a5/0x480 [ 14.226032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.226054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.226079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.226106] ? __kthread_parkme+0x82/0x180 [ 14.226128] ? preempt_count_sub+0x50/0x80 [ 14.226154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.226177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.226204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.226231] kthread+0x337/0x6f0 [ 14.226252] ? trace_preempt_on+0x20/0xc0 [ 14.226277] ? __pfx_kthread+0x10/0x10 [ 14.226300] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.226324] ? calculate_sigpending+0x7b/0xa0 [ 14.226349] ? __pfx_kthread+0x10/0x10 [ 14.226373] ret_from_fork+0x116/0x1d0 [ 14.226393] ? __pfx_kthread+0x10/0x10 [ 14.226416] ret_from_fork_asm+0x1a/0x30 [ 14.226448] </TASK> [ 14.226460] [ 14.234050] Allocated by task 282: [ 14.234199] kasan_save_stack+0x45/0x70 [ 14.234369] kasan_save_track+0x18/0x40 [ 14.234574] kasan_save_alloc_info+0x3b/0x50 [ 14.234821] __kasan_kmalloc+0xb7/0xc0 [ 14.235007] __kmalloc_cache_noprof+0x189/0x420 [ 14.235171] kasan_atomics+0x95/0x310 [ 14.235308] kunit_try_run_case+0x1a5/0x480 [ 14.235520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.235791] kthread+0x337/0x6f0 [ 14.235986] ret_from_fork+0x116/0x1d0 [ 14.236169] ret_from_fork_asm+0x1a/0x30 [ 14.236317] [ 14.236393] The buggy address belongs to the object at ffff888102fa7d80 [ 14.236393] which belongs to the cache kmalloc-64 of size 64 [ 14.237111] The buggy address is located 0 bytes to the right of [ 14.237111] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.237607] [ 14.237716] The buggy address belongs to the physical page: [ 14.237961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.238299] flags: 0x200000000000000(node=0|zone=2) [ 14.238516] page_type: f5(slab) [ 14.238689] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.239051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.239378] page dumped because: kasan: bad access detected [ 14.239621] [ 14.239699] Memory state around the buggy address: [ 14.239961] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.240217] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.240447] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.240680] ^ [ 14.240850] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.241145] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.241464] ================================================================== [ 14.304955] ================================================================== [ 14.305345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.305996] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.306310] [ 14.306417] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.306465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306501] Call Trace: [ 14.306518] <TASK> [ 14.306541] dump_stack_lvl+0x73/0xb0 [ 14.306569] print_report+0xd1/0x650 [ 14.306593] ? __virt_addr_valid+0x1db/0x2d0 [ 14.306630] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.306653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.306677] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.306701] kasan_report+0x141/0x180 [ 14.306725] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.306753] kasan_check_range+0x10c/0x1c0 [ 14.306779] __kasan_check_write+0x18/0x20 [ 14.306799] kasan_atomics_helper+0x18b1/0x5450 [ 14.306824] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.306847] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.306870] ? kasan_atomics+0x152/0x310 [ 14.306905] kasan_atomics+0x1dc/0x310 [ 14.306925] ? __pfx_kasan_atomics+0x10/0x10 [ 14.306947] ? __pfx_read_tsc+0x10/0x10 [ 14.306968] ? ktime_get_ts64+0x86/0x230 [ 14.306994] kunit_try_run_case+0x1a5/0x480 [ 14.307016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307037] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.307062] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.307088] ? __kthread_parkme+0x82/0x180 [ 14.307110] ? preempt_count_sub+0x50/0x80 [ 14.307135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307209] kthread+0x337/0x6f0 [ 14.307230] ? trace_preempt_on+0x20/0xc0 [ 14.307253] ? __pfx_kthread+0x10/0x10 [ 14.307275] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.307299] ? calculate_sigpending+0x7b/0xa0 [ 14.307323] ? __pfx_kthread+0x10/0x10 [ 14.307346] ret_from_fork+0x116/0x1d0 [ 14.307365] ? __pfx_kthread+0x10/0x10 [ 14.307387] ret_from_fork_asm+0x1a/0x30 [ 14.307418] </TASK> [ 14.307430] [ 14.314863] Allocated by task 282: [ 14.315048] kasan_save_stack+0x45/0x70 [ 14.315218] kasan_save_track+0x18/0x40 [ 14.315360] kasan_save_alloc_info+0x3b/0x50 [ 14.315513] __kasan_kmalloc+0xb7/0xc0 [ 14.315724] __kmalloc_cache_noprof+0x189/0x420 [ 14.316067] kasan_atomics+0x95/0x310 [ 14.316258] kunit_try_run_case+0x1a5/0x480 [ 14.316478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.316758] kthread+0x337/0x6f0 [ 14.316935] ret_from_fork+0x116/0x1d0 [ 14.317108] ret_from_fork_asm+0x1a/0x30 [ 14.317254] [ 14.317330] The buggy address belongs to the object at ffff888102fa7d80 [ 14.317330] which belongs to the cache kmalloc-64 of size 64 [ 14.317969] The buggy address is located 0 bytes to the right of [ 14.317969] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.318525] [ 14.318635] The buggy address belongs to the physical page: [ 14.318854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.319110] flags: 0x200000000000000(node=0|zone=2) [ 14.319279] page_type: f5(slab) [ 14.319463] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.319835] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.320184] page dumped because: kasan: bad access detected [ 14.320412] [ 14.320485] Memory state around the buggy address: [ 14.320656] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.321178] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.321496] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.321727] ^ [ 14.322184] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.322505] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.322813] ================================================================== [ 13.744530] ================================================================== [ 13.745195] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 13.745934] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.746640] [ 13.746741] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.746788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.746801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.746826] Call Trace: [ 13.746842] <TASK> [ 13.746859] dump_stack_lvl+0x73/0xb0 [ 13.746887] print_report+0xd1/0x650 [ 13.746911] ? __virt_addr_valid+0x1db/0x2d0 [ 13.746934] ? kasan_atomics_helper+0xc70/0x5450 [ 13.746956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.746980] ? kasan_atomics_helper+0xc70/0x5450 [ 13.747003] kasan_report+0x141/0x180 [ 13.747026] ? kasan_atomics_helper+0xc70/0x5450 [ 13.747055] kasan_check_range+0x10c/0x1c0 [ 13.747080] __kasan_check_write+0x18/0x20 [ 13.747100] kasan_atomics_helper+0xc70/0x5450 [ 13.747124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.747148] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.747170] ? kasan_atomics+0x152/0x310 [ 13.747195] kasan_atomics+0x1dc/0x310 [ 13.747215] ? __pfx_kasan_atomics+0x10/0x10 [ 13.747237] ? __pfx_read_tsc+0x10/0x10 [ 13.747260] ? ktime_get_ts64+0x86/0x230 [ 13.747284] kunit_try_run_case+0x1a5/0x480 [ 13.747307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.747328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.747354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.747379] ? __kthread_parkme+0x82/0x180 [ 13.747402] ? preempt_count_sub+0x50/0x80 [ 13.747427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.747448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.747474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.747499] kthread+0x337/0x6f0 [ 13.747520] ? trace_preempt_on+0x20/0xc0 [ 13.747544] ? __pfx_kthread+0x10/0x10 [ 13.747566] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.747589] ? calculate_sigpending+0x7b/0xa0 [ 13.747634] ? __pfx_kthread+0x10/0x10 [ 13.747658] ret_from_fork+0x116/0x1d0 [ 13.747677] ? __pfx_kthread+0x10/0x10 [ 13.747699] ret_from_fork_asm+0x1a/0x30 [ 13.747731] </TASK> [ 13.747742] [ 13.764899] Allocated by task 282: [ 13.765057] kasan_save_stack+0x45/0x70 [ 13.765517] kasan_save_track+0x18/0x40 [ 13.766002] kasan_save_alloc_info+0x3b/0x50 [ 13.766566] __kasan_kmalloc+0xb7/0xc0 [ 13.767051] __kmalloc_cache_noprof+0x189/0x420 [ 13.767424] kasan_atomics+0x95/0x310 [ 13.767570] kunit_try_run_case+0x1a5/0x480 [ 13.767730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.768409] kthread+0x337/0x6f0 [ 13.768764] ret_from_fork+0x116/0x1d0 [ 13.769187] ret_from_fork_asm+0x1a/0x30 [ 13.769681] [ 13.769856] The buggy address belongs to the object at ffff888102fa7d80 [ 13.769856] which belongs to the cache kmalloc-64 of size 64 [ 13.770817] The buggy address is located 0 bytes to the right of [ 13.770817] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.772207] [ 13.772291] The buggy address belongs to the physical page: [ 13.772479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.772741] flags: 0x200000000000000(node=0|zone=2) [ 13.773117] page_type: f5(slab) [ 13.773248] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.774063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.774777] page dumped because: kasan: bad access detected [ 13.775375] [ 13.775453] Memory state around the buggy address: [ 13.775621] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.775882] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.776113] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.776775] ^ [ 13.777246] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.777793] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.778572] ================================================================== [ 13.671434] ================================================================== [ 13.672286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 13.673173] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.674068] [ 13.674263] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.674312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.674325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.674347] Call Trace: [ 13.674364] <TASK> [ 13.674381] dump_stack_lvl+0x73/0xb0 [ 13.674410] print_report+0xd1/0x650 [ 13.674433] ? __virt_addr_valid+0x1db/0x2d0 [ 13.674457] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.674481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.674505] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.674528] kasan_report+0x141/0x180 [ 13.674559] ? kasan_atomics_helper+0xa2b/0x5450 [ 13.674587] kasan_check_range+0x10c/0x1c0 [ 13.674642] __kasan_check_write+0x18/0x20 [ 13.674663] kasan_atomics_helper+0xa2b/0x5450 [ 13.674688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.674711] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.674734] ? kasan_atomics+0x152/0x310 [ 13.674775] kasan_atomics+0x1dc/0x310 [ 13.674805] ? __pfx_kasan_atomics+0x10/0x10 [ 13.674827] ? __pfx_read_tsc+0x10/0x10 [ 13.674850] ? ktime_get_ts64+0x86/0x230 [ 13.674875] kunit_try_run_case+0x1a5/0x480 [ 13.674897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.674918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.674944] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.674969] ? __kthread_parkme+0x82/0x180 [ 13.674992] ? preempt_count_sub+0x50/0x80 [ 13.675017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.675039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.675064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.675090] kthread+0x337/0x6f0 [ 13.675112] ? trace_preempt_on+0x20/0xc0 [ 13.675139] ? __pfx_kthread+0x10/0x10 [ 13.675160] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.675184] ? calculate_sigpending+0x7b/0xa0 [ 13.675210] ? __pfx_kthread+0x10/0x10 [ 13.675232] ret_from_fork+0x116/0x1d0 [ 13.675252] ? __pfx_kthread+0x10/0x10 [ 13.675275] ret_from_fork_asm+0x1a/0x30 [ 13.675307] </TASK> [ 13.675318] [ 13.685767] Allocated by task 282: [ 13.685939] kasan_save_stack+0x45/0x70 [ 13.686290] kasan_save_track+0x18/0x40 [ 13.686474] kasan_save_alloc_info+0x3b/0x50 [ 13.686715] __kasan_kmalloc+0xb7/0xc0 [ 13.687070] __kmalloc_cache_noprof+0x189/0x420 [ 13.687238] kasan_atomics+0x95/0x310 [ 13.687373] kunit_try_run_case+0x1a5/0x480 [ 13.687574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.687843] kthread+0x337/0x6f0 [ 13.688026] ret_from_fork+0x116/0x1d0 [ 13.688218] ret_from_fork_asm+0x1a/0x30 [ 13.688421] [ 13.688523] The buggy address belongs to the object at ffff888102fa7d80 [ 13.688523] which belongs to the cache kmalloc-64 of size 64 [ 13.689124] The buggy address is located 0 bytes to the right of [ 13.689124] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.689625] [ 13.689727] The buggy address belongs to the physical page: [ 13.690179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.690523] flags: 0x200000000000000(node=0|zone=2) [ 13.690790] page_type: f5(slab) [ 13.690965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.691275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.691549] page dumped because: kasan: bad access detected [ 13.691741] [ 13.691818] Memory state around the buggy address: [ 13.692041] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.692601] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.692838] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.693060] ^ [ 13.693562] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.694289] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.694659] ================================================================== [ 14.070109] ================================================================== [ 14.070452] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.070819] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.071074] [ 14.071161] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.071210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.071225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.071250] Call Trace: [ 14.071265] <TASK> [ 14.071281] dump_stack_lvl+0x73/0xb0 [ 14.071307] print_report+0xd1/0x650 [ 14.071332] ? __virt_addr_valid+0x1db/0x2d0 [ 14.071356] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.071380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.071404] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.071429] kasan_report+0x141/0x180 [ 14.071453] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.071483] __asan_report_load4_noabort+0x18/0x20 [ 14.071505] kasan_atomics_helper+0x49ce/0x5450 [ 14.071530] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.071554] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.071577] ? kasan_atomics+0x152/0x310 [ 14.071601] kasan_atomics+0x1dc/0x310 [ 14.071635] ? __pfx_kasan_atomics+0x10/0x10 [ 14.071658] ? __pfx_read_tsc+0x10/0x10 [ 14.071681] ? ktime_get_ts64+0x86/0x230 [ 14.071706] kunit_try_run_case+0x1a5/0x480 [ 14.071729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.071787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.071813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.071838] ? __kthread_parkme+0x82/0x180 [ 14.071860] ? preempt_count_sub+0x50/0x80 [ 14.071886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.071909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.071935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.071962] kthread+0x337/0x6f0 [ 14.071983] ? trace_preempt_on+0x20/0xc0 [ 14.072025] ? __pfx_kthread+0x10/0x10 [ 14.072048] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.072072] ? calculate_sigpending+0x7b/0xa0 [ 14.072097] ? __pfx_kthread+0x10/0x10 [ 14.072120] ret_from_fork+0x116/0x1d0 [ 14.072140] ? __pfx_kthread+0x10/0x10 [ 14.072163] ret_from_fork_asm+0x1a/0x30 [ 14.072195] </TASK> [ 14.072207] [ 14.080632] Allocated by task 282: [ 14.080841] kasan_save_stack+0x45/0x70 [ 14.081053] kasan_save_track+0x18/0x40 [ 14.081253] kasan_save_alloc_info+0x3b/0x50 [ 14.081457] __kasan_kmalloc+0xb7/0xc0 [ 14.081632] __kmalloc_cache_noprof+0x189/0x420 [ 14.081823] kasan_atomics+0x95/0x310 [ 14.081959] kunit_try_run_case+0x1a5/0x480 [ 14.082109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082368] kthread+0x337/0x6f0 [ 14.082548] ret_from_fork+0x116/0x1d0 [ 14.082830] ret_from_fork_asm+0x1a/0x30 [ 14.083070] [ 14.083188] The buggy address belongs to the object at ffff888102fa7d80 [ 14.083188] which belongs to the cache kmalloc-64 of size 64 [ 14.083664] The buggy address is located 0 bytes to the right of [ 14.083664] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.084237] [ 14.084337] The buggy address belongs to the physical page: [ 14.084581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.084916] flags: 0x200000000000000(node=0|zone=2) [ 14.085130] page_type: f5(slab) [ 14.085276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.085520] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.085813] page dumped because: kasan: bad access detected [ 14.085995] [ 14.086069] Memory state around the buggy address: [ 14.086230] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.086548] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.086915] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.087237] ^ [ 14.087465] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.087990] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.088329] ================================================================== [ 14.278464] ================================================================== [ 14.278718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.278952] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.279174] [ 14.279352] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.279399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.279412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.279857] Call Trace: [ 14.279876] <TASK> [ 14.279892] dump_stack_lvl+0x73/0xb0 [ 14.279922] print_report+0xd1/0x650 [ 14.279946] ? __virt_addr_valid+0x1db/0x2d0 [ 14.279969] ? kasan_atomics_helper+0x1818/0x5450 [ 14.280471] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.280498] ? kasan_atomics_helper+0x1818/0x5450 [ 14.280523] kasan_report+0x141/0x180 [ 14.280551] ? kasan_atomics_helper+0x1818/0x5450 [ 14.280749] kasan_check_range+0x10c/0x1c0 [ 14.280792] __kasan_check_write+0x18/0x20 [ 14.280814] kasan_atomics_helper+0x1818/0x5450 [ 14.280839] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.280864] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.280887] ? kasan_atomics+0x152/0x310 [ 14.280911] kasan_atomics+0x1dc/0x310 [ 14.280948] ? __pfx_kasan_atomics+0x10/0x10 [ 14.280970] ? __pfx_read_tsc+0x10/0x10 [ 14.280993] ? ktime_get_ts64+0x86/0x230 [ 14.281018] kunit_try_run_case+0x1a5/0x480 [ 14.281041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.281062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.281088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.281114] ? __kthread_parkme+0x82/0x180 [ 14.281136] ? preempt_count_sub+0x50/0x80 [ 14.281160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.281183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.281208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.281234] kthread+0x337/0x6f0 [ 14.281254] ? trace_preempt_on+0x20/0xc0 [ 14.281278] ? __pfx_kthread+0x10/0x10 [ 14.281300] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.281324] ? calculate_sigpending+0x7b/0xa0 [ 14.281350] ? __pfx_kthread+0x10/0x10 [ 14.281374] ret_from_fork+0x116/0x1d0 [ 14.281394] ? __pfx_kthread+0x10/0x10 [ 14.281417] ret_from_fork_asm+0x1a/0x30 [ 14.281448] </TASK> [ 14.281460] [ 14.292605] Allocated by task 282: [ 14.293015] kasan_save_stack+0x45/0x70 [ 14.293330] kasan_save_track+0x18/0x40 [ 14.293539] kasan_save_alloc_info+0x3b/0x50 [ 14.293737] __kasan_kmalloc+0xb7/0xc0 [ 14.294213] __kmalloc_cache_noprof+0x189/0x420 [ 14.294505] kasan_atomics+0x95/0x310 [ 14.294821] kunit_try_run_case+0x1a5/0x480 [ 14.295031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.295257] kthread+0x337/0x6f0 [ 14.295404] ret_from_fork+0x116/0x1d0 [ 14.295566] ret_from_fork_asm+0x1a/0x30 [ 14.295751] [ 14.295848] The buggy address belongs to the object at ffff888102fa7d80 [ 14.295848] which belongs to the cache kmalloc-64 of size 64 [ 14.296313] The buggy address is located 0 bytes to the right of [ 14.296313] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.297296] [ 14.297385] The buggy address belongs to the physical page: [ 14.297836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.298351] flags: 0x200000000000000(node=0|zone=2) [ 14.298781] page_type: f5(slab) [ 14.299064] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.299661] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.300185] page dumped because: kasan: bad access detected [ 14.300607] [ 14.300853] Memory state around the buggy address: [ 14.301205] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.301521] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.302028] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.302511] ^ [ 14.302860] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.303313] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.303617] ================================================================== [ 13.525977] ================================================================== [ 13.526290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.526530] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.526856] [ 13.526969] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.527015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.527029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.527051] Call Trace: [ 13.527066] <TASK> [ 13.527081] dump_stack_lvl+0x73/0xb0 [ 13.527106] print_report+0xd1/0x650 [ 13.527129] ? __virt_addr_valid+0x1db/0x2d0 [ 13.527151] ? kasan_atomics_helper+0x697/0x5450 [ 13.527174] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.527198] ? kasan_atomics_helper+0x697/0x5450 [ 13.527220] kasan_report+0x141/0x180 [ 13.527244] ? kasan_atomics_helper+0x697/0x5450 [ 13.527356] kasan_check_range+0x10c/0x1c0 [ 13.527388] __kasan_check_write+0x18/0x20 [ 13.527409] kasan_atomics_helper+0x697/0x5450 [ 13.527435] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.527459] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.527482] ? kasan_atomics+0x152/0x310 [ 13.527506] kasan_atomics+0x1dc/0x310 [ 13.527527] ? __pfx_kasan_atomics+0x10/0x10 [ 13.527549] ? __pfx_read_tsc+0x10/0x10 [ 13.527571] ? ktime_get_ts64+0x86/0x230 [ 13.527596] kunit_try_run_case+0x1a5/0x480 [ 13.527631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.527653] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.527678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.527704] ? __kthread_parkme+0x82/0x180 [ 13.527725] ? preempt_count_sub+0x50/0x80 [ 13.527750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.527948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.527976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.528002] kthread+0x337/0x6f0 [ 13.528023] ? trace_preempt_on+0x20/0xc0 [ 13.528047] ? __pfx_kthread+0x10/0x10 [ 13.528069] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.528094] ? calculate_sigpending+0x7b/0xa0 [ 13.528120] ? __pfx_kthread+0x10/0x10 [ 13.528143] ret_from_fork+0x116/0x1d0 [ 13.528162] ? __pfx_kthread+0x10/0x10 [ 13.528185] ret_from_fork_asm+0x1a/0x30 [ 13.528217] </TASK> [ 13.528229] [ 13.536280] Allocated by task 282: [ 13.536426] kasan_save_stack+0x45/0x70 [ 13.536593] kasan_save_track+0x18/0x40 [ 13.536974] kasan_save_alloc_info+0x3b/0x50 [ 13.537197] __kasan_kmalloc+0xb7/0xc0 [ 13.537390] __kmalloc_cache_noprof+0x189/0x420 [ 13.537625] kasan_atomics+0x95/0x310 [ 13.537813] kunit_try_run_case+0x1a5/0x480 [ 13.538038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.538394] kthread+0x337/0x6f0 [ 13.538542] ret_from_fork+0x116/0x1d0 [ 13.538799] ret_from_fork_asm+0x1a/0x30 [ 13.539003] [ 13.539088] The buggy address belongs to the object at ffff888102fa7d80 [ 13.539088] which belongs to the cache kmalloc-64 of size 64 [ 13.539582] The buggy address is located 0 bytes to the right of [ 13.539582] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.540277] [ 13.540389] The buggy address belongs to the physical page: [ 13.540626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.541003] flags: 0x200000000000000(node=0|zone=2) [ 13.541178] page_type: f5(slab) [ 13.541304] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.541597] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.542061] page dumped because: kasan: bad access detected [ 13.542463] [ 13.542545] Memory state around the buggy address: [ 13.542722] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.543482] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.543734] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.543993] ^ [ 13.544228] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.544893] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.545239] ================================================================== [ 14.588034] ================================================================== [ 14.588796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.589270] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.589887] [ 14.590071] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.590150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.590192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.590216] Call Trace: [ 14.590233] <TASK> [ 14.590251] dump_stack_lvl+0x73/0xb0 [ 14.590277] print_report+0xd1/0x650 [ 14.590301] ? __virt_addr_valid+0x1db/0x2d0 [ 14.590325] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.590347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.590372] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.590395] kasan_report+0x141/0x180 [ 14.590419] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.590448] __asan_report_load8_noabort+0x18/0x20 [ 14.590471] kasan_atomics_helper+0x4f98/0x5450 [ 14.590496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.590520] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.590549] ? kasan_atomics+0x152/0x310 [ 14.590574] kasan_atomics+0x1dc/0x310 [ 14.590594] ? __pfx_kasan_atomics+0x10/0x10 [ 14.590628] ? __pfx_read_tsc+0x10/0x10 [ 14.590650] ? ktime_get_ts64+0x86/0x230 [ 14.590676] kunit_try_run_case+0x1a5/0x480 [ 14.590698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.590746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.590793] ? __kthread_parkme+0x82/0x180 [ 14.590815] ? preempt_count_sub+0x50/0x80 [ 14.590841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.590863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.590888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.590914] kthread+0x337/0x6f0 [ 14.590934] ? trace_preempt_on+0x20/0xc0 [ 14.590959] ? __pfx_kthread+0x10/0x10 [ 14.590981] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.591006] ? calculate_sigpending+0x7b/0xa0 [ 14.591030] ? __pfx_kthread+0x10/0x10 [ 14.591053] ret_from_fork+0x116/0x1d0 [ 14.591073] ? __pfx_kthread+0x10/0x10 [ 14.591095] ret_from_fork_asm+0x1a/0x30 [ 14.591127] </TASK> [ 14.591138] [ 14.603468] Allocated by task 282: [ 14.603727] kasan_save_stack+0x45/0x70 [ 14.604166] kasan_save_track+0x18/0x40 [ 14.604390] kasan_save_alloc_info+0x3b/0x50 [ 14.604825] __kasan_kmalloc+0xb7/0xc0 [ 14.605115] __kmalloc_cache_noprof+0x189/0x420 [ 14.605278] kasan_atomics+0x95/0x310 [ 14.605414] kunit_try_run_case+0x1a5/0x480 [ 14.605563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.605857] kthread+0x337/0x6f0 [ 14.606053] ret_from_fork+0x116/0x1d0 [ 14.606244] ret_from_fork_asm+0x1a/0x30 [ 14.606482] [ 14.606563] The buggy address belongs to the object at ffff888102fa7d80 [ 14.606563] which belongs to the cache kmalloc-64 of size 64 [ 14.607199] The buggy address is located 0 bytes to the right of [ 14.607199] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.607811] [ 14.607927] The buggy address belongs to the physical page: [ 14.608196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.608476] flags: 0x200000000000000(node=0|zone=2) [ 14.608785] page_type: f5(slab) [ 14.608937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.609279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.609653] page dumped because: kasan: bad access detected [ 14.609938] [ 14.610039] Memory state around the buggy address: [ 14.610315] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.610655] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.611106] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.611471] ^ [ 14.611696] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.612102] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.612426] ================================================================== [ 13.890381] ================================================================== [ 13.890840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 13.891197] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.891515] [ 13.891603] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.891661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.891675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.891697] Call Trace: [ 13.891710] <TASK> [ 13.891724] dump_stack_lvl+0x73/0xb0 [ 13.891944] print_report+0xd1/0x650 [ 13.891969] ? __virt_addr_valid+0x1db/0x2d0 [ 13.891993] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.892016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.892040] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.892064] kasan_report+0x141/0x180 [ 13.892088] ? kasan_atomics_helper+0xfa9/0x5450 [ 13.892116] kasan_check_range+0x10c/0x1c0 [ 13.892141] __kasan_check_write+0x18/0x20 [ 13.892162] kasan_atomics_helper+0xfa9/0x5450 [ 13.892186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.892211] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.892234] ? kasan_atomics+0x152/0x310 [ 13.892258] kasan_atomics+0x1dc/0x310 [ 13.892279] ? __pfx_kasan_atomics+0x10/0x10 [ 13.892301] ? __pfx_read_tsc+0x10/0x10 [ 13.892323] ? ktime_get_ts64+0x86/0x230 [ 13.892348] kunit_try_run_case+0x1a5/0x480 [ 13.892371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.892392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.892417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.892443] ? __kthread_parkme+0x82/0x180 [ 13.892465] ? preempt_count_sub+0x50/0x80 [ 13.892490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.892512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.892539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.892565] kthread+0x337/0x6f0 [ 13.892585] ? trace_preempt_on+0x20/0xc0 [ 13.892623] ? __pfx_kthread+0x10/0x10 [ 13.892646] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.892670] ? calculate_sigpending+0x7b/0xa0 [ 13.892695] ? __pfx_kthread+0x10/0x10 [ 13.892718] ret_from_fork+0x116/0x1d0 [ 13.892839] ? __pfx_kthread+0x10/0x10 [ 13.892868] ret_from_fork_asm+0x1a/0x30 [ 13.892899] </TASK> [ 13.892912] [ 13.901390] Allocated by task 282: [ 13.901585] kasan_save_stack+0x45/0x70 [ 13.901893] kasan_save_track+0x18/0x40 [ 13.902082] kasan_save_alloc_info+0x3b/0x50 [ 13.902295] __kasan_kmalloc+0xb7/0xc0 [ 13.902474] __kmalloc_cache_noprof+0x189/0x420 [ 13.902706] kasan_atomics+0x95/0x310 [ 13.902986] kunit_try_run_case+0x1a5/0x480 [ 13.903178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.903420] kthread+0x337/0x6f0 [ 13.903589] ret_from_fork+0x116/0x1d0 [ 13.904005] ret_from_fork_asm+0x1a/0x30 [ 13.904180] [ 13.904284] The buggy address belongs to the object at ffff888102fa7d80 [ 13.904284] which belongs to the cache kmalloc-64 of size 64 [ 13.904902] The buggy address is located 0 bytes to the right of [ 13.904902] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.905432] [ 13.905531] The buggy address belongs to the physical page: [ 13.905878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.906162] flags: 0x200000000000000(node=0|zone=2) [ 13.906335] page_type: f5(slab) [ 13.906461] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.906900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.907247] page dumped because: kasan: bad access detected [ 13.907503] [ 13.907580] Memory state around the buggy address: [ 13.907947] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.908291] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.908629] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.909064] ^ [ 13.909306] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.909651] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.910016] ================================================================== [ 14.157815] ================================================================== [ 14.158519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.159405] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.160135] [ 14.160339] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.160403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.160426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.160448] Call Trace: [ 14.160464] <TASK> [ 14.160483] dump_stack_lvl+0x73/0xb0 [ 14.160522] print_report+0xd1/0x650 [ 14.160546] ? __virt_addr_valid+0x1db/0x2d0 [ 14.160570] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.160593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.160627] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.160650] kasan_report+0x141/0x180 [ 14.160674] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.160702] __asan_report_store8_noabort+0x1b/0x30 [ 14.160725] kasan_atomics_helper+0x50d4/0x5450 [ 14.160749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.160787] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.160814] ? kasan_atomics+0x152/0x310 [ 14.160839] kasan_atomics+0x1dc/0x310 [ 14.160859] ? __pfx_kasan_atomics+0x10/0x10 [ 14.160883] ? __pfx_read_tsc+0x10/0x10 [ 14.160905] ? ktime_get_ts64+0x86/0x230 [ 14.160931] kunit_try_run_case+0x1a5/0x480 [ 14.160954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.160976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.161003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.161028] ? __kthread_parkme+0x82/0x180 [ 14.161050] ? preempt_count_sub+0x50/0x80 [ 14.161076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.161098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.161124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.161150] kthread+0x337/0x6f0 [ 14.161170] ? trace_preempt_on+0x20/0xc0 [ 14.161194] ? __pfx_kthread+0x10/0x10 [ 14.161216] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.161240] ? calculate_sigpending+0x7b/0xa0 [ 14.161266] ? __pfx_kthread+0x10/0x10 [ 14.161288] ret_from_fork+0x116/0x1d0 [ 14.161308] ? __pfx_kthread+0x10/0x10 [ 14.161329] ret_from_fork_asm+0x1a/0x30 [ 14.161362] </TASK> [ 14.161374] [ 14.173823] Allocated by task 282: [ 14.174211] kasan_save_stack+0x45/0x70 [ 14.174452] kasan_save_track+0x18/0x40 [ 14.174855] kasan_save_alloc_info+0x3b/0x50 [ 14.175047] __kasan_kmalloc+0xb7/0xc0 [ 14.175419] __kmalloc_cache_noprof+0x189/0x420 [ 14.175788] kasan_atomics+0x95/0x310 [ 14.176093] kunit_try_run_case+0x1a5/0x480 [ 14.176246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.176433] kthread+0x337/0x6f0 [ 14.176559] ret_from_fork+0x116/0x1d0 [ 14.176719] ret_from_fork_asm+0x1a/0x30 [ 14.177099] [ 14.177275] The buggy address belongs to the object at ffff888102fa7d80 [ 14.177275] which belongs to the cache kmalloc-64 of size 64 [ 14.178184] The buggy address is located 0 bytes to the right of [ 14.178184] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.178722] [ 14.178825] The buggy address belongs to the physical page: [ 14.179325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.180093] flags: 0x200000000000000(node=0|zone=2) [ 14.180547] page_type: f5(slab) [ 14.180873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.181280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.181518] page dumped because: kasan: bad access detected [ 14.181709] [ 14.181808] Memory state around the buggy address: [ 14.182260] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.182970] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.183596] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.184271] ^ [ 14.184723] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.185563] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.186066] ================================================================== [ 13.972137] ================================================================== [ 13.972440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 13.972882] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.973201] [ 13.973308] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.973353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.973368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.973390] Call Trace: [ 13.973404] <TASK> [ 13.973419] dump_stack_lvl+0x73/0xb0 [ 13.973445] print_report+0xd1/0x650 [ 13.973468] ? __virt_addr_valid+0x1db/0x2d0 [ 13.973492] ? kasan_atomics_helper+0x1148/0x5450 [ 13.973515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.973539] ? kasan_atomics_helper+0x1148/0x5450 [ 13.973563] kasan_report+0x141/0x180 [ 13.973586] ? kasan_atomics_helper+0x1148/0x5450 [ 13.973627] kasan_check_range+0x10c/0x1c0 [ 13.973653] __kasan_check_write+0x18/0x20 [ 13.973674] kasan_atomics_helper+0x1148/0x5450 [ 13.973698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.973722] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.973822] ? kasan_atomics+0x152/0x310 [ 13.973848] kasan_atomics+0x1dc/0x310 [ 13.973868] ? __pfx_kasan_atomics+0x10/0x10 [ 13.973890] ? __pfx_read_tsc+0x10/0x10 [ 13.973913] ? ktime_get_ts64+0x86/0x230 [ 13.973939] kunit_try_run_case+0x1a5/0x480 [ 13.973961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.973982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.974008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.974034] ? __kthread_parkme+0x82/0x180 [ 13.974056] ? preempt_count_sub+0x50/0x80 [ 13.974081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.974130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.974156] kthread+0x337/0x6f0 [ 13.974177] ? trace_preempt_on+0x20/0xc0 [ 13.974200] ? __pfx_kthread+0x10/0x10 [ 13.974223] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.974246] ? calculate_sigpending+0x7b/0xa0 [ 13.974271] ? __pfx_kthread+0x10/0x10 [ 13.974293] ret_from_fork+0x116/0x1d0 [ 13.974313] ? __pfx_kthread+0x10/0x10 [ 13.974335] ret_from_fork_asm+0x1a/0x30 [ 13.974366] </TASK> [ 13.974378] [ 13.982902] Allocated by task 282: [ 13.983095] kasan_save_stack+0x45/0x70 [ 13.983274] kasan_save_track+0x18/0x40 [ 13.983476] kasan_save_alloc_info+0x3b/0x50 [ 13.983674] __kasan_kmalloc+0xb7/0xc0 [ 13.984121] __kmalloc_cache_noprof+0x189/0x420 [ 13.984361] kasan_atomics+0x95/0x310 [ 13.984553] kunit_try_run_case+0x1a5/0x480 [ 13.984748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.985009] kthread+0x337/0x6f0 [ 13.985180] ret_from_fork+0x116/0x1d0 [ 13.985336] ret_from_fork_asm+0x1a/0x30 [ 13.985529] [ 13.985959] The buggy address belongs to the object at ffff888102fa7d80 [ 13.985959] which belongs to the cache kmalloc-64 of size 64 [ 13.986334] The buggy address is located 0 bytes to the right of [ 13.986334] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.987008] [ 13.987112] The buggy address belongs to the physical page: [ 13.987328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.987604] flags: 0x200000000000000(node=0|zone=2) [ 13.988075] page_type: f5(slab) [ 13.988258] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.988623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.989056] page dumped because: kasan: bad access detected [ 13.989295] [ 13.989401] Memory state around the buggy address: [ 13.989631] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.989995] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.990310] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.990569] ^ [ 13.990838] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.991178] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.991499] ================================================================== [ 13.849847] ================================================================== [ 13.850192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 13.850639] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.851203] [ 13.851323] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.851371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.851384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.851406] Call Trace: [ 13.851422] <TASK> [ 13.851437] dump_stack_lvl+0x73/0xb0 [ 13.851466] print_report+0xd1/0x650 [ 13.851489] ? __virt_addr_valid+0x1db/0x2d0 [ 13.851513] ? kasan_atomics_helper+0xe78/0x5450 [ 13.851537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.851562] ? kasan_atomics_helper+0xe78/0x5450 [ 13.851585] kasan_report+0x141/0x180 [ 13.851624] ? kasan_atomics_helper+0xe78/0x5450 [ 13.851653] kasan_check_range+0x10c/0x1c0 [ 13.851678] __kasan_check_write+0x18/0x20 [ 13.851699] kasan_atomics_helper+0xe78/0x5450 [ 13.851724] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.851748] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.851770] ? kasan_atomics+0x152/0x310 [ 13.851794] kasan_atomics+0x1dc/0x310 [ 13.851815] ? __pfx_kasan_atomics+0x10/0x10 [ 13.851837] ? __pfx_read_tsc+0x10/0x10 [ 13.851923] ? ktime_get_ts64+0x86/0x230 [ 13.851950] kunit_try_run_case+0x1a5/0x480 [ 13.851986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.852008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.852034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.852060] ? __kthread_parkme+0x82/0x180 [ 13.852082] ? preempt_count_sub+0x50/0x80 [ 13.852107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.852129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.852154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.852181] kthread+0x337/0x6f0 [ 13.852202] ? trace_preempt_on+0x20/0xc0 [ 13.852226] ? __pfx_kthread+0x10/0x10 [ 13.852248] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.852272] ? calculate_sigpending+0x7b/0xa0 [ 13.852297] ? __pfx_kthread+0x10/0x10 [ 13.852320] ret_from_fork+0x116/0x1d0 [ 13.852340] ? __pfx_kthread+0x10/0x10 [ 13.852365] ret_from_fork_asm+0x1a/0x30 [ 13.852397] </TASK> [ 13.852409] [ 13.860953] Allocated by task 282: [ 13.861091] kasan_save_stack+0x45/0x70 [ 13.861246] kasan_save_track+0x18/0x40 [ 13.861411] kasan_save_alloc_info+0x3b/0x50 [ 13.861636] __kasan_kmalloc+0xb7/0xc0 [ 13.861827] __kmalloc_cache_noprof+0x189/0x420 [ 13.862058] kasan_atomics+0x95/0x310 [ 13.862364] kunit_try_run_case+0x1a5/0x480 [ 13.862580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.863049] kthread+0x337/0x6f0 [ 13.863195] ret_from_fork+0x116/0x1d0 [ 13.863335] ret_from_fork_asm+0x1a/0x30 [ 13.863492] [ 13.863593] The buggy address belongs to the object at ffff888102fa7d80 [ 13.863593] which belongs to the cache kmalloc-64 of size 64 [ 13.864245] The buggy address is located 0 bytes to the right of [ 13.864245] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.865011] [ 13.865121] The buggy address belongs to the physical page: [ 13.865381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.865685] flags: 0x200000000000000(node=0|zone=2) [ 13.865858] page_type: f5(slab) [ 13.865983] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.866268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.866764] page dumped because: kasan: bad access detected [ 13.867230] [ 13.867309] Memory state around the buggy address: [ 13.867471] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.867733] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.868154] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.868482] ^ [ 13.868731] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.869118] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.869415] ================================================================== [ 13.585170] ================================================================== [ 13.585522] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.585915] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.586278] [ 13.586367] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.586415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.586429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.586452] Call Trace: [ 13.586470] <TASK> [ 13.586487] dump_stack_lvl+0x73/0xb0 [ 13.586514] print_report+0xd1/0x650 [ 13.586543] ? __virt_addr_valid+0x1db/0x2d0 [ 13.586566] ? kasan_atomics_helper+0x860/0x5450 [ 13.586590] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.586627] ? kasan_atomics_helper+0x860/0x5450 [ 13.586651] kasan_report+0x141/0x180 [ 13.586675] ? kasan_atomics_helper+0x860/0x5450 [ 13.586703] kasan_check_range+0x10c/0x1c0 [ 13.586729] __kasan_check_write+0x18/0x20 [ 13.586752] kasan_atomics_helper+0x860/0x5450 [ 13.586775] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.586799] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.586822] ? kasan_atomics+0x152/0x310 [ 13.586845] kasan_atomics+0x1dc/0x310 [ 13.586866] ? __pfx_kasan_atomics+0x10/0x10 [ 13.586888] ? __pfx_read_tsc+0x10/0x10 [ 13.586911] ? ktime_get_ts64+0x86/0x230 [ 13.586936] kunit_try_run_case+0x1a5/0x480 [ 13.587139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.587162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.587188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.587214] ? __kthread_parkme+0x82/0x180 [ 13.587236] ? preempt_count_sub+0x50/0x80 [ 13.587262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.587285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.587310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.587336] kthread+0x337/0x6f0 [ 13.587358] ? trace_preempt_on+0x20/0xc0 [ 13.587382] ? __pfx_kthread+0x10/0x10 [ 13.587404] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.587427] ? calculate_sigpending+0x7b/0xa0 [ 13.587453] ? __pfx_kthread+0x10/0x10 [ 13.587476] ret_from_fork+0x116/0x1d0 [ 13.587496] ? __pfx_kthread+0x10/0x10 [ 13.587517] ret_from_fork_asm+0x1a/0x30 [ 13.587550] </TASK> [ 13.587561] [ 13.595834] Allocated by task 282: [ 13.596269] kasan_save_stack+0x45/0x70 [ 13.596480] kasan_save_track+0x18/0x40 [ 13.596698] kasan_save_alloc_info+0x3b/0x50 [ 13.596973] __kasan_kmalloc+0xb7/0xc0 [ 13.597146] __kmalloc_cache_noprof+0x189/0x420 [ 13.597372] kasan_atomics+0x95/0x310 [ 13.597510] kunit_try_run_case+0x1a5/0x480 [ 13.597729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.598038] kthread+0x337/0x6f0 [ 13.598195] ret_from_fork+0x116/0x1d0 [ 13.598384] ret_from_fork_asm+0x1a/0x30 [ 13.598586] [ 13.598695] The buggy address belongs to the object at ffff888102fa7d80 [ 13.598695] which belongs to the cache kmalloc-64 of size 64 [ 13.599255] The buggy address is located 0 bytes to the right of [ 13.599255] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.599714] [ 13.599791] The buggy address belongs to the physical page: [ 13.599970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.600239] flags: 0x200000000000000(node=0|zone=2) [ 13.600769] page_type: f5(slab) [ 13.600960] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.601433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.601845] page dumped because: kasan: bad access detected [ 13.602092] [ 13.602166] Memory state around the buggy address: [ 13.602329] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.602654] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.603238] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.603526] ^ [ 13.603782] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.604047] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.604362] ================================================================== [ 13.931105] ================================================================== [ 13.931437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 13.932042] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.932369] [ 13.932481] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.932545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.932572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.932594] Call Trace: [ 13.932634] <TASK> [ 13.932650] dump_stack_lvl+0x73/0xb0 [ 13.932676] print_report+0xd1/0x650 [ 13.932715] ? __virt_addr_valid+0x1db/0x2d0 [ 13.932889] ? kasan_atomics_helper+0x1079/0x5450 [ 13.932916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.932940] ? kasan_atomics_helper+0x1079/0x5450 [ 13.932964] kasan_report+0x141/0x180 [ 13.932988] ? kasan_atomics_helper+0x1079/0x5450 [ 13.933016] kasan_check_range+0x10c/0x1c0 [ 13.933041] __kasan_check_write+0x18/0x20 [ 13.933063] kasan_atomics_helper+0x1079/0x5450 [ 13.933088] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.933112] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.933135] ? kasan_atomics+0x152/0x310 [ 13.933159] kasan_atomics+0x1dc/0x310 [ 13.933180] ? __pfx_kasan_atomics+0x10/0x10 [ 13.933202] ? __pfx_read_tsc+0x10/0x10 [ 13.933225] ? ktime_get_ts64+0x86/0x230 [ 13.933251] kunit_try_run_case+0x1a5/0x480 [ 13.933273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.933294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.933320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.933346] ? __kthread_parkme+0x82/0x180 [ 13.933367] ? preempt_count_sub+0x50/0x80 [ 13.933392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.933414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.933440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.933466] kthread+0x337/0x6f0 [ 13.933487] ? trace_preempt_on+0x20/0xc0 [ 13.933511] ? __pfx_kthread+0x10/0x10 [ 13.933533] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.933557] ? calculate_sigpending+0x7b/0xa0 [ 13.933582] ? __pfx_kthread+0x10/0x10 [ 13.933604] ret_from_fork+0x116/0x1d0 [ 13.933635] ? __pfx_kthread+0x10/0x10 [ 13.933657] ret_from_fork_asm+0x1a/0x30 [ 13.933689] </TASK> [ 13.933699] [ 13.943027] Allocated by task 282: [ 13.943219] kasan_save_stack+0x45/0x70 [ 13.943426] kasan_save_track+0x18/0x40 [ 13.943634] kasan_save_alloc_info+0x3b/0x50 [ 13.944051] __kasan_kmalloc+0xb7/0xc0 [ 13.944291] __kmalloc_cache_noprof+0x189/0x420 [ 13.944535] kasan_atomics+0x95/0x310 [ 13.944898] kunit_try_run_case+0x1a5/0x480 [ 13.945153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.945456] kthread+0x337/0x6f0 [ 13.945642] ret_from_fork+0x116/0x1d0 [ 13.945896] ret_from_fork_asm+0x1a/0x30 [ 13.946108] [ 13.946233] The buggy address belongs to the object at ffff888102fa7d80 [ 13.946233] which belongs to the cache kmalloc-64 of size 64 [ 13.946923] The buggy address is located 0 bytes to the right of [ 13.946923] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.947521] [ 13.947646] The buggy address belongs to the physical page: [ 13.947914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.948241] flags: 0x200000000000000(node=0|zone=2) [ 13.948479] page_type: f5(slab) [ 13.948920] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.949242] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.949558] page dumped because: kasan: bad access detected [ 13.949890] [ 13.949978] Memory state around the buggy address: [ 13.950188] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.950490] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.950898] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.951205] ^ [ 13.951376] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951673] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.952191] ================================================================== [ 13.992142] ================================================================== [ 13.992480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 13.992931] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.993203] [ 13.993319] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.993364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.993377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.993400] Call Trace: [ 13.993417] <TASK> [ 13.993433] dump_stack_lvl+0x73/0xb0 [ 13.993461] print_report+0xd1/0x650 [ 13.993485] ? __virt_addr_valid+0x1db/0x2d0 [ 13.993507] ? kasan_atomics_helper+0x4a02/0x5450 [ 13.993530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.993554] ? kasan_atomics_helper+0x4a02/0x5450 [ 13.993577] kasan_report+0x141/0x180 [ 13.993602] ? kasan_atomics_helper+0x4a02/0x5450 [ 13.993644] __asan_report_load4_noabort+0x18/0x20 [ 13.993666] kasan_atomics_helper+0x4a02/0x5450 [ 13.993691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.993715] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.993814] ? kasan_atomics+0x152/0x310 [ 13.993841] kasan_atomics+0x1dc/0x310 [ 13.993862] ? __pfx_kasan_atomics+0x10/0x10 [ 13.993885] ? __pfx_read_tsc+0x10/0x10 [ 13.993908] ? ktime_get_ts64+0x86/0x230 [ 13.993933] kunit_try_run_case+0x1a5/0x480 [ 13.993955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.993976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.994002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.994028] ? __kthread_parkme+0x82/0x180 [ 13.994050] ? preempt_count_sub+0x50/0x80 [ 13.994075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.994097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.994123] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.994149] kthread+0x337/0x6f0 [ 13.994169] ? trace_preempt_on+0x20/0xc0 [ 13.994193] ? __pfx_kthread+0x10/0x10 [ 13.994215] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.994239] ? calculate_sigpending+0x7b/0xa0 [ 13.994264] ? __pfx_kthread+0x10/0x10 [ 13.994287] ret_from_fork+0x116/0x1d0 [ 13.994307] ? __pfx_kthread+0x10/0x10 [ 13.994329] ret_from_fork_asm+0x1a/0x30 [ 13.994360] </TASK> [ 13.994372] [ 14.002595] Allocated by task 282: [ 14.002858] kasan_save_stack+0x45/0x70 [ 14.003078] kasan_save_track+0x18/0x40 [ 14.003286] kasan_save_alloc_info+0x3b/0x50 [ 14.003501] __kasan_kmalloc+0xb7/0xc0 [ 14.003710] __kmalloc_cache_noprof+0x189/0x420 [ 14.004119] kasan_atomics+0x95/0x310 [ 14.004319] kunit_try_run_case+0x1a5/0x480 [ 14.004482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.004681] kthread+0x337/0x6f0 [ 14.004959] ret_from_fork+0x116/0x1d0 [ 14.005158] ret_from_fork_asm+0x1a/0x30 [ 14.005359] [ 14.005459] The buggy address belongs to the object at ffff888102fa7d80 [ 14.005459] which belongs to the cache kmalloc-64 of size 64 [ 14.006072] The buggy address is located 0 bytes to the right of [ 14.006072] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.006537] [ 14.006623] The buggy address belongs to the physical page: [ 14.006941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.007322] flags: 0x200000000000000(node=0|zone=2) [ 14.007572] page_type: f5(slab) [ 14.007944] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.008240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.008530] page dumped because: kasan: bad access detected [ 14.008726] [ 14.008952] Memory state around the buggy address: [ 14.009185] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.009514] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.009857] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.010185] ^ [ 14.010421] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.010690] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.011113] ================================================================== [ 14.260387] ================================================================== [ 14.260770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.261123] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.261407] [ 14.261518] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.261563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.261578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.261600] Call Trace: [ 14.261625] <TASK> [ 14.261640] dump_stack_lvl+0x73/0xb0 [ 14.261665] print_report+0xd1/0x650 [ 14.261689] ? __virt_addr_valid+0x1db/0x2d0 [ 14.261712] ? kasan_atomics_helper+0x177f/0x5450 [ 14.261736] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.261760] ? kasan_atomics_helper+0x177f/0x5450 [ 14.261784] kasan_report+0x141/0x180 [ 14.261808] ? kasan_atomics_helper+0x177f/0x5450 [ 14.261845] kasan_check_range+0x10c/0x1c0 [ 14.261871] __kasan_check_write+0x18/0x20 [ 14.261893] kasan_atomics_helper+0x177f/0x5450 [ 14.261918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.261942] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.261965] ? kasan_atomics+0x152/0x310 [ 14.261989] kasan_atomics+0x1dc/0x310 [ 14.262010] ? __pfx_kasan_atomics+0x10/0x10 [ 14.262033] ? __pfx_read_tsc+0x10/0x10 [ 14.262056] ? ktime_get_ts64+0x86/0x230 [ 14.262081] kunit_try_run_case+0x1a5/0x480 [ 14.262104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.262125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.262152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.262178] ? __kthread_parkme+0x82/0x180 [ 14.262199] ? preempt_count_sub+0x50/0x80 [ 14.262225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.262248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.262300] kthread+0x337/0x6f0 [ 14.262322] ? trace_preempt_on+0x20/0xc0 [ 14.262347] ? __pfx_kthread+0x10/0x10 [ 14.262370] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.262394] ? calculate_sigpending+0x7b/0xa0 [ 14.262419] ? __pfx_kthread+0x10/0x10 [ 14.262441] ret_from_fork+0x116/0x1d0 [ 14.262462] ? __pfx_kthread+0x10/0x10 [ 14.262484] ret_from_fork_asm+0x1a/0x30 [ 14.262515] </TASK> [ 14.262527] [ 14.269917] Allocated by task 282: [ 14.270105] kasan_save_stack+0x45/0x70 [ 14.270323] kasan_save_track+0x18/0x40 [ 14.270538] kasan_save_alloc_info+0x3b/0x50 [ 14.270917] __kasan_kmalloc+0xb7/0xc0 [ 14.271124] __kmalloc_cache_noprof+0x189/0x420 [ 14.271286] kasan_atomics+0x95/0x310 [ 14.271422] kunit_try_run_case+0x1a5/0x480 [ 14.271573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.271793] kthread+0x337/0x6f0 [ 14.271970] ret_from_fork+0x116/0x1d0 [ 14.272161] ret_from_fork_asm+0x1a/0x30 [ 14.272362] [ 14.272459] The buggy address belongs to the object at ffff888102fa7d80 [ 14.272459] which belongs to the cache kmalloc-64 of size 64 [ 14.272999] The buggy address is located 0 bytes to the right of [ 14.272999] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.273462] [ 14.273539] The buggy address belongs to the physical page: [ 14.273979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.274336] flags: 0x200000000000000(node=0|zone=2) [ 14.274555] page_type: f5(slab) [ 14.274690] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.275234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.275534] page dumped because: kasan: bad access detected [ 14.275792] [ 14.275889] Memory state around the buggy address: [ 14.276055] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.276281] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.276506] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.276837] ^ [ 14.277068] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.277636] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.278012] ================================================================== [ 13.565241] ================================================================== [ 13.565559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.565952] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.566200] [ 13.566286] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.566331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.566345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.566368] Call Trace: [ 13.566384] <TASK> [ 13.566400] dump_stack_lvl+0x73/0xb0 [ 13.566425] print_report+0xd1/0x650 [ 13.566449] ? __virt_addr_valid+0x1db/0x2d0 [ 13.566472] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.566495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.566522] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.566551] kasan_report+0x141/0x180 [ 13.566574] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.566602] kasan_check_range+0x10c/0x1c0 [ 13.566638] __kasan_check_write+0x18/0x20 [ 13.566659] kasan_atomics_helper+0x7c7/0x5450 [ 13.566684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.566709] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.566731] ? kasan_atomics+0x152/0x310 [ 13.566756] kasan_atomics+0x1dc/0x310 [ 13.566777] ? __pfx_kasan_atomics+0x10/0x10 [ 13.566799] ? __pfx_read_tsc+0x10/0x10 [ 13.566821] ? ktime_get_ts64+0x86/0x230 [ 13.566846] kunit_try_run_case+0x1a5/0x480 [ 13.566868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.566889] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.566915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.566941] ? __kthread_parkme+0x82/0x180 [ 13.566963] ? preempt_count_sub+0x50/0x80 [ 13.566987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.567009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.567061] kthread+0x337/0x6f0 [ 13.567082] ? trace_preempt_on+0x20/0xc0 [ 13.567107] ? __pfx_kthread+0x10/0x10 [ 13.567128] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.567153] ? calculate_sigpending+0x7b/0xa0 [ 13.567177] ? __pfx_kthread+0x10/0x10 [ 13.567200] ret_from_fork+0x116/0x1d0 [ 13.567219] ? __pfx_kthread+0x10/0x10 [ 13.567242] ret_from_fork_asm+0x1a/0x30 [ 13.567273] </TASK> [ 13.567342] [ 13.575812] Allocated by task 282: [ 13.576121] kasan_save_stack+0x45/0x70 [ 13.576344] kasan_save_track+0x18/0x40 [ 13.576538] kasan_save_alloc_info+0x3b/0x50 [ 13.576726] __kasan_kmalloc+0xb7/0xc0 [ 13.576950] __kmalloc_cache_noprof+0x189/0x420 [ 13.577286] kasan_atomics+0x95/0x310 [ 13.577547] kunit_try_run_case+0x1a5/0x480 [ 13.577716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.577914] kthread+0x337/0x6f0 [ 13.578441] ret_from_fork+0x116/0x1d0 [ 13.578667] ret_from_fork_asm+0x1a/0x30 [ 13.578931] [ 13.579012] The buggy address belongs to the object at ffff888102fa7d80 [ 13.579012] which belongs to the cache kmalloc-64 of size 64 [ 13.579507] The buggy address is located 0 bytes to the right of [ 13.579507] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.579974] [ 13.580050] The buggy address belongs to the physical page: [ 13.580233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.580494] flags: 0x200000000000000(node=0|zone=2) [ 13.580740] page_type: f5(slab) [ 13.580999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.581391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.581738] page dumped because: kasan: bad access detected [ 13.581938] [ 13.582011] Memory state around the buggy address: [ 13.582176] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.582409] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.583068] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.583404] ^ [ 13.583658] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584106] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584634] ================================================================== [ 13.358516] ================================================================== [ 13.359136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.359637] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.360355] [ 13.360477] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.360657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.360674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.360697] Call Trace: [ 13.360712] <TASK> [ 13.360729] dump_stack_lvl+0x73/0xb0 [ 13.360823] print_report+0xd1/0x650 [ 13.360849] ? __virt_addr_valid+0x1db/0x2d0 [ 13.360983] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.361007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.361050] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.361074] kasan_report+0x141/0x180 [ 13.361098] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.361126] __asan_report_store4_noabort+0x1b/0x30 [ 13.361149] kasan_atomics_helper+0x4b6e/0x5450 [ 13.361174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.361198] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.361221] ? kasan_atomics+0x152/0x310 [ 13.361245] kasan_atomics+0x1dc/0x310 [ 13.361265] ? __pfx_kasan_atomics+0x10/0x10 [ 13.361287] ? __pfx_read_tsc+0x10/0x10 [ 13.361310] ? ktime_get_ts64+0x86/0x230 [ 13.361336] kunit_try_run_case+0x1a5/0x480 [ 13.361359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.361405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.361431] ? __kthread_parkme+0x82/0x180 [ 13.361453] ? preempt_count_sub+0x50/0x80 [ 13.361478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.361526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.361553] kthread+0x337/0x6f0 [ 13.361574] ? trace_preempt_on+0x20/0xc0 [ 13.361600] ? __pfx_kthread+0x10/0x10 [ 13.361634] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.361658] ? calculate_sigpending+0x7b/0xa0 [ 13.361683] ? __pfx_kthread+0x10/0x10 [ 13.361706] ret_from_fork+0x116/0x1d0 [ 13.361726] ? __pfx_kthread+0x10/0x10 [ 13.361894] ret_from_fork_asm+0x1a/0x30 [ 13.361938] </TASK> [ 13.361952] [ 13.372654] Allocated by task 282: [ 13.372906] kasan_save_stack+0x45/0x70 [ 13.373312] kasan_save_track+0x18/0x40 [ 13.373509] kasan_save_alloc_info+0x3b/0x50 [ 13.374037] __kasan_kmalloc+0xb7/0xc0 [ 13.374339] __kmalloc_cache_noprof+0x189/0x420 [ 13.374644] kasan_atomics+0x95/0x310 [ 13.375022] kunit_try_run_case+0x1a5/0x480 [ 13.375198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.375458] kthread+0x337/0x6f0 [ 13.375644] ret_from_fork+0x116/0x1d0 [ 13.376198] ret_from_fork_asm+0x1a/0x30 [ 13.376385] [ 13.376485] The buggy address belongs to the object at ffff888102fa7d80 [ 13.376485] which belongs to the cache kmalloc-64 of size 64 [ 13.377252] The buggy address is located 0 bytes to the right of [ 13.377252] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.378040] [ 13.378166] The buggy address belongs to the physical page: [ 13.378373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.378842] flags: 0x200000000000000(node=0|zone=2) [ 13.379205] page_type: f5(slab) [ 13.379510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.379953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.380343] page dumped because: kasan: bad access detected [ 13.380590] [ 13.380784] Memory state around the buggy address: [ 13.381173] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.381497] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.381991] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.382380] ^ [ 13.382570] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.383099] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.383408] ================================================================== [ 14.672939] ================================================================== [ 14.673599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.674074] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.674865] [ 14.675063] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.675114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.675129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.675151] Call Trace: [ 14.675167] <TASK> [ 14.675184] dump_stack_lvl+0x73/0xb0 [ 14.675212] print_report+0xd1/0x650 [ 14.675236] ? __virt_addr_valid+0x1db/0x2d0 [ 14.675259] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.675282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.675306] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.675330] kasan_report+0x141/0x180 [ 14.675354] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.675382] __asan_report_load8_noabort+0x18/0x20 [ 14.675404] kasan_atomics_helper+0x4fa5/0x5450 [ 14.675429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.675568] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.675596] ? kasan_atomics+0x152/0x310 [ 14.675635] kasan_atomics+0x1dc/0x310 [ 14.675656] ? __pfx_kasan_atomics+0x10/0x10 [ 14.675679] ? __pfx_read_tsc+0x10/0x10 [ 14.675701] ? ktime_get_ts64+0x86/0x230 [ 14.675728] kunit_try_run_case+0x1a5/0x480 [ 14.675750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.675821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.675848] ? __kthread_parkme+0x82/0x180 [ 14.675870] ? preempt_count_sub+0x50/0x80 [ 14.675895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.675943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.675970] kthread+0x337/0x6f0 [ 14.675990] ? trace_preempt_on+0x20/0xc0 [ 14.676014] ? __pfx_kthread+0x10/0x10 [ 14.676036] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.676059] ? calculate_sigpending+0x7b/0xa0 [ 14.676085] ? __pfx_kthread+0x10/0x10 [ 14.676108] ret_from_fork+0x116/0x1d0 [ 14.676127] ? __pfx_kthread+0x10/0x10 [ 14.676149] ret_from_fork_asm+0x1a/0x30 [ 14.676180] </TASK> [ 14.676191] [ 14.686064] Allocated by task 282: [ 14.686361] kasan_save_stack+0x45/0x70 [ 14.686583] kasan_save_track+0x18/0x40 [ 14.686960] kasan_save_alloc_info+0x3b/0x50 [ 14.687238] __kasan_kmalloc+0xb7/0xc0 [ 14.687499] __kmalloc_cache_noprof+0x189/0x420 [ 14.687825] kasan_atomics+0x95/0x310 [ 14.687988] kunit_try_run_case+0x1a5/0x480 [ 14.688206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688443] kthread+0x337/0x6f0 [ 14.688606] ret_from_fork+0x116/0x1d0 [ 14.689063] ret_from_fork_asm+0x1a/0x30 [ 14.689225] [ 14.689454] The buggy address belongs to the object at ffff888102fa7d80 [ 14.689454] which belongs to the cache kmalloc-64 of size 64 [ 14.690011] The buggy address is located 0 bytes to the right of [ 14.690011] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.690458] [ 14.690565] The buggy address belongs to the physical page: [ 14.690839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.691197] flags: 0x200000000000000(node=0|zone=2) [ 14.691400] page_type: f5(slab) [ 14.691526] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.691904] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.692215] page dumped because: kasan: bad access detected [ 14.692417] [ 14.692515] Memory state around the buggy address: [ 14.692749] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.693042] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.693371] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.693659] ^ [ 14.693902] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.694171] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.694498] ================================================================== [ 13.779077] ================================================================== [ 13.779312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 13.779543] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.780208] [ 13.780394] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.780442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.780455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.780477] Call Trace: [ 13.780494] <TASK> [ 13.780511] dump_stack_lvl+0x73/0xb0 [ 13.780538] print_report+0xd1/0x650 [ 13.780562] ? __virt_addr_valid+0x1db/0x2d0 [ 13.780585] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.780621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.780646] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.780669] kasan_report+0x141/0x180 [ 13.780693] ? kasan_atomics_helper+0x4a84/0x5450 [ 13.780721] __asan_report_load4_noabort+0x18/0x20 [ 13.780742] kasan_atomics_helper+0x4a84/0x5450 [ 13.780937] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.780962] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.780985] ? kasan_atomics+0x152/0x310 [ 13.781009] kasan_atomics+0x1dc/0x310 [ 13.781030] ? __pfx_kasan_atomics+0x10/0x10 [ 13.781051] ? __pfx_read_tsc+0x10/0x10 [ 13.781074] ? ktime_get_ts64+0x86/0x230 [ 13.781100] kunit_try_run_case+0x1a5/0x480 [ 13.781122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.781143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.781169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.781203] ? __kthread_parkme+0x82/0x180 [ 13.781225] ? preempt_count_sub+0x50/0x80 [ 13.781249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.781271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.781296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.781322] kthread+0x337/0x6f0 [ 13.781343] ? trace_preempt_on+0x20/0xc0 [ 13.781366] ? __pfx_kthread+0x10/0x10 [ 13.781388] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.781411] ? calculate_sigpending+0x7b/0xa0 [ 13.781436] ? __pfx_kthread+0x10/0x10 [ 13.781458] ret_from_fork+0x116/0x1d0 [ 13.781477] ? __pfx_kthread+0x10/0x10 [ 13.781499] ret_from_fork_asm+0x1a/0x30 [ 13.781531] </TASK> [ 13.781543] [ 13.791060] Allocated by task 282: [ 13.791215] kasan_save_stack+0x45/0x70 [ 13.791370] kasan_save_track+0x18/0x40 [ 13.791512] kasan_save_alloc_info+0x3b/0x50 [ 13.791745] __kasan_kmalloc+0xb7/0xc0 [ 13.791939] __kmalloc_cache_noprof+0x189/0x420 [ 13.792161] kasan_atomics+0x95/0x310 [ 13.792548] kunit_try_run_case+0x1a5/0x480 [ 13.793668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.794165] kthread+0x337/0x6f0 [ 13.794580] ret_from_fork+0x116/0x1d0 [ 13.794877] ret_from_fork_asm+0x1a/0x30 [ 13.795309] [ 13.795428] The buggy address belongs to the object at ffff888102fa7d80 [ 13.795428] which belongs to the cache kmalloc-64 of size 64 [ 13.796462] The buggy address is located 0 bytes to the right of [ 13.796462] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.797757] [ 13.797965] The buggy address belongs to the physical page: [ 13.798399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.799094] flags: 0x200000000000000(node=0|zone=2) [ 13.799459] page_type: f5(slab) [ 13.799653] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.800510] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.801596] page dumped because: kasan: bad access detected [ 13.802073] [ 13.802172] Memory state around the buggy address: [ 13.802383] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.802675] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.803569] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.804288] ^ [ 13.804714] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.805263] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.805777] ================================================================== [ 14.503735] ================================================================== [ 14.504120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.504454] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.504714] [ 14.504804] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.504851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.504865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.504911] Call Trace: [ 14.504929] <TASK> [ 14.504947] dump_stack_lvl+0x73/0xb0 [ 14.504975] print_report+0xd1/0x650 [ 14.504999] ? __virt_addr_valid+0x1db/0x2d0 [ 14.505022] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.505045] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.505071] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.505112] kasan_report+0x141/0x180 [ 14.505136] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.505166] kasan_check_range+0x10c/0x1c0 [ 14.505192] __kasan_check_write+0x18/0x20 [ 14.505213] kasan_atomics_helper+0x1eaa/0x5450 [ 14.505237] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.505260] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.505282] ? kasan_atomics+0x152/0x310 [ 14.505307] kasan_atomics+0x1dc/0x310 [ 14.505327] ? __pfx_kasan_atomics+0x10/0x10 [ 14.505349] ? __pfx_read_tsc+0x10/0x10 [ 14.505370] ? ktime_get_ts64+0x86/0x230 [ 14.505414] kunit_try_run_case+0x1a5/0x480 [ 14.505437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.505458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.505482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.505508] ? __kthread_parkme+0x82/0x180 [ 14.505530] ? preempt_count_sub+0x50/0x80 [ 14.505554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.505576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.505602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.505636] kthread+0x337/0x6f0 [ 14.505656] ? trace_preempt_on+0x20/0xc0 [ 14.505680] ? __pfx_kthread+0x10/0x10 [ 14.505701] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.505725] ? calculate_sigpending+0x7b/0xa0 [ 14.505750] ? __pfx_kthread+0x10/0x10 [ 14.505780] ret_from_fork+0x116/0x1d0 [ 14.505799] ? __pfx_kthread+0x10/0x10 [ 14.505821] ret_from_fork_asm+0x1a/0x30 [ 14.505852] </TASK> [ 14.505862] [ 14.513556] Allocated by task 282: [ 14.513719] kasan_save_stack+0x45/0x70 [ 14.513951] kasan_save_track+0x18/0x40 [ 14.514174] kasan_save_alloc_info+0x3b/0x50 [ 14.514379] __kasan_kmalloc+0xb7/0xc0 [ 14.514518] __kmalloc_cache_noprof+0x189/0x420 [ 14.514691] kasan_atomics+0x95/0x310 [ 14.515023] kunit_try_run_case+0x1a5/0x480 [ 14.515233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.515511] kthread+0x337/0x6f0 [ 14.515692] ret_from_fork+0x116/0x1d0 [ 14.515922] ret_from_fork_asm+0x1a/0x30 [ 14.516126] [ 14.516202] The buggy address belongs to the object at ffff888102fa7d80 [ 14.516202] which belongs to the cache kmalloc-64 of size 64 [ 14.516725] The buggy address is located 0 bytes to the right of [ 14.516725] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.517255] [ 14.517356] The buggy address belongs to the physical page: [ 14.517557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.517922] flags: 0x200000000000000(node=0|zone=2) [ 14.518179] page_type: f5(slab) [ 14.518349] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.518657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.519162] page dumped because: kasan: bad access detected [ 14.519398] [ 14.519471] Memory state around the buggy address: [ 14.519639] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.519864] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.520212] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.520552] ^ [ 14.520803] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.521142] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.521370] ================================================================== [ 13.607975] ================================================================== [ 13.608681] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.609352] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.609871] [ 13.610020] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.610070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.610084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.610108] Call Trace: [ 13.610121] <TASK> [ 13.610138] dump_stack_lvl+0x73/0xb0 [ 13.610165] print_report+0xd1/0x650 [ 13.610190] ? __virt_addr_valid+0x1db/0x2d0 [ 13.610231] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.610255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.610279] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.610304] kasan_report+0x141/0x180 [ 13.610327] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.610355] kasan_check_range+0x10c/0x1c0 [ 13.610381] __kasan_check_write+0x18/0x20 [ 13.610403] kasan_atomics_helper+0x8f9/0x5450 [ 13.610427] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.610452] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.610476] ? kasan_atomics+0x152/0x310 [ 13.610501] kasan_atomics+0x1dc/0x310 [ 13.610520] ? __pfx_kasan_atomics+0x10/0x10 [ 13.610548] ? __pfx_read_tsc+0x10/0x10 [ 13.610571] ? ktime_get_ts64+0x86/0x230 [ 13.610596] kunit_try_run_case+0x1a5/0x480 [ 13.610637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.610660] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.610686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.610712] ? __kthread_parkme+0x82/0x180 [ 13.610734] ? preempt_count_sub+0x50/0x80 [ 13.610980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.611009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.611035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.611061] kthread+0x337/0x6f0 [ 13.611082] ? trace_preempt_on+0x20/0xc0 [ 13.611107] ? __pfx_kthread+0x10/0x10 [ 13.611129] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.611153] ? calculate_sigpending+0x7b/0xa0 [ 13.611178] ? __pfx_kthread+0x10/0x10 [ 13.611201] ret_from_fork+0x116/0x1d0 [ 13.611220] ? __pfx_kthread+0x10/0x10 [ 13.611242] ret_from_fork_asm+0x1a/0x30 [ 13.611273] </TASK> [ 13.611285] [ 13.627171] Allocated by task 282: [ 13.627544] kasan_save_stack+0x45/0x70 [ 13.627993] kasan_save_track+0x18/0x40 [ 13.628528] kasan_save_alloc_info+0x3b/0x50 [ 13.629011] __kasan_kmalloc+0xb7/0xc0 [ 13.629374] __kmalloc_cache_noprof+0x189/0x420 [ 13.629543] kasan_atomics+0x95/0x310 [ 13.629689] kunit_try_run_case+0x1a5/0x480 [ 13.630060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.630595] kthread+0x337/0x6f0 [ 13.631074] ret_from_fork+0x116/0x1d0 [ 13.631538] ret_from_fork_asm+0x1a/0x30 [ 13.632030] [ 13.632221] The buggy address belongs to the object at ffff888102fa7d80 [ 13.632221] which belongs to the cache kmalloc-64 of size 64 [ 13.633396] The buggy address is located 0 bytes to the right of [ 13.633396] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.633870] [ 13.634117] The buggy address belongs to the physical page: [ 13.634663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.635727] flags: 0x200000000000000(node=0|zone=2) [ 13.636330] page_type: f5(slab) [ 13.636646] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.637337] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.637970] page dumped because: kasan: bad access detected [ 13.638157] [ 13.638233] Memory state around the buggy address: [ 13.638398] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.638742] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.639074] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.639348] ^ [ 13.639539] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.640156] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.640402] ================================================================== [ 14.461267] ================================================================== [ 14.461909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.462255] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.462546] [ 14.462675] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.462722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.462736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.462758] Call Trace: [ 14.462776] <TASK> [ 14.462792] dump_stack_lvl+0x73/0xb0 [ 14.462818] print_report+0xd1/0x650 [ 14.462841] ? __virt_addr_valid+0x1db/0x2d0 [ 14.462864] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.462887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.462911] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.462934] kasan_report+0x141/0x180 [ 14.462957] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.462985] kasan_check_range+0x10c/0x1c0 [ 14.463012] __kasan_check_write+0x18/0x20 [ 14.463033] kasan_atomics_helper+0x1d7a/0x5450 [ 14.463057] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.463082] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.463104] ? kasan_atomics+0x152/0x310 [ 14.463129] kasan_atomics+0x1dc/0x310 [ 14.463149] ? __pfx_kasan_atomics+0x10/0x10 [ 14.463171] ? __pfx_read_tsc+0x10/0x10 [ 14.463192] ? ktime_get_ts64+0x86/0x230 [ 14.463219] kunit_try_run_case+0x1a5/0x480 [ 14.463242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.463263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.463288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.463314] ? __kthread_parkme+0x82/0x180 [ 14.463335] ? preempt_count_sub+0x50/0x80 [ 14.463359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.463382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.463408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.463434] kthread+0x337/0x6f0 [ 14.463454] ? trace_preempt_on+0x20/0xc0 [ 14.463478] ? __pfx_kthread+0x10/0x10 [ 14.463499] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.463523] ? calculate_sigpending+0x7b/0xa0 [ 14.463547] ? __pfx_kthread+0x10/0x10 [ 14.463570] ret_from_fork+0x116/0x1d0 [ 14.463589] ? __pfx_kthread+0x10/0x10 [ 14.463621] ret_from_fork_asm+0x1a/0x30 [ 14.463653] </TASK> [ 14.463664] [ 14.471209] Allocated by task 282: [ 14.471377] kasan_save_stack+0x45/0x70 [ 14.471562] kasan_save_track+0x18/0x40 [ 14.471752] kasan_save_alloc_info+0x3b/0x50 [ 14.471933] __kasan_kmalloc+0xb7/0xc0 [ 14.472108] __kmalloc_cache_noprof+0x189/0x420 [ 14.472303] kasan_atomics+0x95/0x310 [ 14.472470] kunit_try_run_case+0x1a5/0x480 [ 14.472911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.474051] kthread+0x337/0x6f0 [ 14.474314] ret_from_fork+0x116/0x1d0 [ 14.474715] ret_from_fork_asm+0x1a/0x30 [ 14.475206] [ 14.475306] The buggy address belongs to the object at ffff888102fa7d80 [ 14.475306] which belongs to the cache kmalloc-64 of size 64 [ 14.475979] The buggy address is located 0 bytes to the right of [ 14.475979] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.476740] [ 14.477002] The buggy address belongs to the physical page: [ 14.477478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.477905] flags: 0x200000000000000(node=0|zone=2) [ 14.478266] page_type: f5(slab) [ 14.478433] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.478761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.479070] page dumped because: kasan: bad access detected [ 14.479296] [ 14.479387] Memory state around the buggy address: [ 14.479591] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.480286] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.480915] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.481353] ^ [ 14.481729] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.482349] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.482822] ================================================================== [ 14.436994] ================================================================== [ 14.437345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.437762] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.438073] [ 14.438185] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.438231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.438244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.438267] Call Trace: [ 14.438281] <TASK> [ 14.438296] dump_stack_lvl+0x73/0xb0 [ 14.438322] print_report+0xd1/0x650 [ 14.438347] ? __virt_addr_valid+0x1db/0x2d0 [ 14.438370] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.438394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.438419] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.438443] kasan_report+0x141/0x180 [ 14.438467] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.439129] kasan_check_range+0x10c/0x1c0 [ 14.439155] __kasan_check_write+0x18/0x20 [ 14.440064] kasan_atomics_helper+0x1ce1/0x5450 [ 14.440092] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.440116] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.440138] ? kasan_atomics+0x152/0x310 [ 14.440163] kasan_atomics+0x1dc/0x310 [ 14.440495] ? __pfx_kasan_atomics+0x10/0x10 [ 14.440518] ? __pfx_read_tsc+0x10/0x10 [ 14.440542] ? ktime_get_ts64+0x86/0x230 [ 14.440568] kunit_try_run_case+0x1a5/0x480 [ 14.440591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.440622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.440648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.440674] ? __kthread_parkme+0x82/0x180 [ 14.440696] ? preempt_count_sub+0x50/0x80 [ 14.440720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.440742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.440787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.440813] kthread+0x337/0x6f0 [ 14.440834] ? trace_preempt_on+0x20/0xc0 [ 14.440857] ? __pfx_kthread+0x10/0x10 [ 14.440879] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.440903] ? calculate_sigpending+0x7b/0xa0 [ 14.440928] ? __pfx_kthread+0x10/0x10 [ 14.440950] ret_from_fork+0x116/0x1d0 [ 14.440969] ? __pfx_kthread+0x10/0x10 [ 14.440991] ret_from_fork_asm+0x1a/0x30 [ 14.441022] </TASK> [ 14.441034] [ 14.450743] Allocated by task 282: [ 14.450902] kasan_save_stack+0x45/0x70 [ 14.451484] kasan_save_track+0x18/0x40 [ 14.451734] kasan_save_alloc_info+0x3b/0x50 [ 14.452066] __kasan_kmalloc+0xb7/0xc0 [ 14.452328] __kmalloc_cache_noprof+0x189/0x420 [ 14.452513] kasan_atomics+0x95/0x310 [ 14.452841] kunit_try_run_case+0x1a5/0x480 [ 14.453128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.453428] kthread+0x337/0x6f0 [ 14.453675] ret_from_fork+0x116/0x1d0 [ 14.453831] ret_from_fork_asm+0x1a/0x30 [ 14.454136] [ 14.454234] The buggy address belongs to the object at ffff888102fa7d80 [ 14.454234] which belongs to the cache kmalloc-64 of size 64 [ 14.454745] The buggy address is located 0 bytes to the right of [ 14.454745] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.455235] [ 14.455336] The buggy address belongs to the physical page: [ 14.455552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.456298] flags: 0x200000000000000(node=0|zone=2) [ 14.456597] page_type: f5(slab) [ 14.456844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.457233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.457629] page dumped because: kasan: bad access detected [ 14.457867] [ 14.457982] Memory state around the buggy address: [ 14.458367] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.458735] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.459117] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.459504] ^ [ 14.459704] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.460134] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.460532] ================================================================== [ 14.613218] ================================================================== [ 14.613551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.614044] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.614390] [ 14.614508] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.614562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.614576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.614599] Call Trace: [ 14.614626] <TASK> [ 14.614642] dump_stack_lvl+0x73/0xb0 [ 14.614670] print_report+0xd1/0x650 [ 14.614694] ? __virt_addr_valid+0x1db/0x2d0 [ 14.614718] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.614748] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.614772] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.614796] kasan_report+0x141/0x180 [ 14.614820] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.614848] kasan_check_range+0x10c/0x1c0 [ 14.614874] __kasan_check_write+0x18/0x20 [ 14.614896] kasan_atomics_helper+0x20c8/0x5450 [ 14.614921] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.614945] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.614968] ? kasan_atomics+0x152/0x310 [ 14.614992] kasan_atomics+0x1dc/0x310 [ 14.615013] ? __pfx_kasan_atomics+0x10/0x10 [ 14.615035] ? __pfx_read_tsc+0x10/0x10 [ 14.615058] ? ktime_get_ts64+0x86/0x230 [ 14.615084] kunit_try_run_case+0x1a5/0x480 [ 14.615106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615127] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.615153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.615180] ? __kthread_parkme+0x82/0x180 [ 14.615202] ? preempt_count_sub+0x50/0x80 [ 14.615227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.615249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.615275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.615303] kthread+0x337/0x6f0 [ 14.615323] ? trace_preempt_on+0x20/0xc0 [ 14.615346] ? __pfx_kthread+0x10/0x10 [ 14.615368] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.615392] ? calculate_sigpending+0x7b/0xa0 [ 14.615416] ? __pfx_kthread+0x10/0x10 [ 14.615439] ret_from_fork+0x116/0x1d0 [ 14.615460] ? __pfx_kthread+0x10/0x10 [ 14.615482] ret_from_fork_asm+0x1a/0x30 [ 14.615513] </TASK> [ 14.615525] [ 14.626864] Allocated by task 282: [ 14.627082] kasan_save_stack+0x45/0x70 [ 14.627297] kasan_save_track+0x18/0x40 [ 14.627496] kasan_save_alloc_info+0x3b/0x50 [ 14.627668] __kasan_kmalloc+0xb7/0xc0 [ 14.627887] __kmalloc_cache_noprof+0x189/0x420 [ 14.628084] kasan_atomics+0x95/0x310 [ 14.628275] kunit_try_run_case+0x1a5/0x480 [ 14.628434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.628627] kthread+0x337/0x6f0 [ 14.628772] ret_from_fork+0x116/0x1d0 [ 14.628972] ret_from_fork_asm+0x1a/0x30 [ 14.629173] [ 14.629271] The buggy address belongs to the object at ffff888102fa7d80 [ 14.629271] which belongs to the cache kmalloc-64 of size 64 [ 14.629734] The buggy address is located 0 bytes to the right of [ 14.629734] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.630315] [ 14.630416] The buggy address belongs to the physical page: [ 14.630681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.631027] flags: 0x200000000000000(node=0|zone=2) [ 14.631250] page_type: f5(slab) [ 14.631418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.631733] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.632058] page dumped because: kasan: bad access detected [ 14.632296] [ 14.632383] Memory state around the buggy address: [ 14.632596] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.632859] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.633141] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.633469] ^ [ 14.633659] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.633911] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.634237] ================================================================== [ 14.419888] ================================================================== [ 14.420147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.420476] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.420789] [ 14.420929] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.420995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.421009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.421031] Call Trace: [ 14.421049] <TASK> [ 14.421066] dump_stack_lvl+0x73/0xb0 [ 14.421094] print_report+0xd1/0x650 [ 14.421117] ? __virt_addr_valid+0x1db/0x2d0 [ 14.421141] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.421163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.421189] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.421215] kasan_report+0x141/0x180 [ 14.421240] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.421269] __asan_report_load8_noabort+0x18/0x20 [ 14.421293] kasan_atomics_helper+0x4f30/0x5450 [ 14.421317] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.421342] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.421365] ? kasan_atomics+0x152/0x310 [ 14.421390] kasan_atomics+0x1dc/0x310 [ 14.421411] ? __pfx_kasan_atomics+0x10/0x10 [ 14.421433] ? __pfx_read_tsc+0x10/0x10 [ 14.421456] ? ktime_get_ts64+0x86/0x230 [ 14.421481] kunit_try_run_case+0x1a5/0x480 [ 14.421504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.421525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.421550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.421576] ? __kthread_parkme+0x82/0x180 [ 14.421597] ? preempt_count_sub+0x50/0x80 [ 14.421634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.421656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.421681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.421707] kthread+0x337/0x6f0 [ 14.421727] ? trace_preempt_on+0x20/0xc0 [ 14.421752] ? __pfx_kthread+0x10/0x10 [ 14.421774] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.421797] ? calculate_sigpending+0x7b/0xa0 [ 14.421822] ? __pfx_kthread+0x10/0x10 [ 14.421845] ret_from_fork+0x116/0x1d0 [ 14.421864] ? __pfx_kthread+0x10/0x10 [ 14.421885] ret_from_fork_asm+0x1a/0x30 [ 14.421918] </TASK> [ 14.421930] [ 14.429041] Allocated by task 282: [ 14.429237] kasan_save_stack+0x45/0x70 [ 14.429406] kasan_save_track+0x18/0x40 [ 14.429588] kasan_save_alloc_info+0x3b/0x50 [ 14.429749] __kasan_kmalloc+0xb7/0xc0 [ 14.429926] __kmalloc_cache_noprof+0x189/0x420 [ 14.430203] kasan_atomics+0x95/0x310 [ 14.430397] kunit_try_run_case+0x1a5/0x480 [ 14.430584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.430873] kthread+0x337/0x6f0 [ 14.431031] ret_from_fork+0x116/0x1d0 [ 14.431203] ret_from_fork_asm+0x1a/0x30 [ 14.431359] [ 14.431447] The buggy address belongs to the object at ffff888102fa7d80 [ 14.431447] which belongs to the cache kmalloc-64 of size 64 [ 14.431949] The buggy address is located 0 bytes to the right of [ 14.431949] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.432447] [ 14.432549] The buggy address belongs to the physical page: [ 14.432801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.433127] flags: 0x200000000000000(node=0|zone=2) [ 14.433339] page_type: f5(slab) [ 14.433487] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.433834] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.434142] page dumped because: kasan: bad access detected [ 14.434362] [ 14.434456] Memory state around the buggy address: [ 14.434639] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.434863] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.435087] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.435352] ^ [ 14.435581] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436093] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436417] ================================================================== [ 13.545711] ================================================================== [ 13.546040] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.546392] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.546706] [ 13.546795] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.546839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.546853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.546874] Call Trace: [ 13.546891] <TASK> [ 13.546907] dump_stack_lvl+0x73/0xb0 [ 13.546991] print_report+0xd1/0x650 [ 13.547015] ? __virt_addr_valid+0x1db/0x2d0 [ 13.547039] ? kasan_atomics_helper+0x72f/0x5450 [ 13.547061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.547086] ? kasan_atomics_helper+0x72f/0x5450 [ 13.547110] kasan_report+0x141/0x180 [ 13.547133] ? kasan_atomics_helper+0x72f/0x5450 [ 13.547162] kasan_check_range+0x10c/0x1c0 [ 13.547187] __kasan_check_write+0x18/0x20 [ 13.547208] kasan_atomics_helper+0x72f/0x5450 [ 13.547232] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.547256] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.547279] ? kasan_atomics+0x152/0x310 [ 13.547303] kasan_atomics+0x1dc/0x310 [ 13.547323] ? __pfx_kasan_atomics+0x10/0x10 [ 13.547345] ? __pfx_read_tsc+0x10/0x10 [ 13.547367] ? ktime_get_ts64+0x86/0x230 [ 13.547393] kunit_try_run_case+0x1a5/0x480 [ 13.547415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.547436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.547461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.547487] ? __kthread_parkme+0x82/0x180 [ 13.547508] ? preempt_count_sub+0x50/0x80 [ 13.547533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.547556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.547581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.547607] kthread+0x337/0x6f0 [ 13.547639] ? trace_preempt_on+0x20/0xc0 [ 13.547662] ? __pfx_kthread+0x10/0x10 [ 13.547685] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.547708] ? calculate_sigpending+0x7b/0xa0 [ 13.547733] ? __pfx_kthread+0x10/0x10 [ 13.547755] ret_from_fork+0x116/0x1d0 [ 13.547775] ? __pfx_kthread+0x10/0x10 [ 13.547797] ret_from_fork_asm+0x1a/0x30 [ 13.547828] </TASK> [ 13.547840] [ 13.556055] Allocated by task 282: [ 13.556214] kasan_save_stack+0x45/0x70 [ 13.556422] kasan_save_track+0x18/0x40 [ 13.556592] kasan_save_alloc_info+0x3b/0x50 [ 13.556874] __kasan_kmalloc+0xb7/0xc0 [ 13.557055] __kmalloc_cache_noprof+0x189/0x420 [ 13.557229] kasan_atomics+0x95/0x310 [ 13.557367] kunit_try_run_case+0x1a5/0x480 [ 13.557518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.557715] kthread+0x337/0x6f0 [ 13.557890] ret_from_fork+0x116/0x1d0 [ 13.558242] ret_from_fork_asm+0x1a/0x30 [ 13.558448] [ 13.558551] The buggy address belongs to the object at ffff888102fa7d80 [ 13.558551] which belongs to the cache kmalloc-64 of size 64 [ 13.559235] The buggy address is located 0 bytes to the right of [ 13.559235] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.560142] [ 13.560259] The buggy address belongs to the physical page: [ 13.560522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.560942] flags: 0x200000000000000(node=0|zone=2) [ 13.561153] page_type: f5(slab) [ 13.561318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.561578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.561872] page dumped because: kasan: bad access detected [ 13.562350] [ 13.562454] Memory state around the buggy address: [ 13.562677] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.563099] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.563375] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.563599] ^ [ 13.563849] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564370] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564830] ================================================================== [ 13.309911] ================================================================== [ 13.310165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.310505] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.311115] [ 13.311390] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.311505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.311519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.311550] Call Trace: [ 13.311563] <TASK> [ 13.311578] dump_stack_lvl+0x73/0xb0 [ 13.311606] print_report+0xd1/0x650 [ 13.311638] ? __virt_addr_valid+0x1db/0x2d0 [ 13.311661] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.311683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.311706] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.311728] kasan_report+0x141/0x180 [ 13.311751] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.311825] __asan_report_store4_noabort+0x1b/0x30 [ 13.311850] kasan_atomics_helper+0x4ba2/0x5450 [ 13.311873] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.311896] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.311918] ? kasan_atomics+0x152/0x310 [ 13.311941] kasan_atomics+0x1dc/0x310 [ 13.311961] ? __pfx_kasan_atomics+0x10/0x10 [ 13.311982] ? __pfx_read_tsc+0x10/0x10 [ 13.312003] ? ktime_get_ts64+0x86/0x230 [ 13.312027] kunit_try_run_case+0x1a5/0x480 [ 13.312050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.312070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.312097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.312123] ? __kthread_parkme+0x82/0x180 [ 13.312144] ? preempt_count_sub+0x50/0x80 [ 13.312168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.312189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.312214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.312239] kthread+0x337/0x6f0 [ 13.312259] ? trace_preempt_on+0x20/0xc0 [ 13.312282] ? __pfx_kthread+0x10/0x10 [ 13.312302] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.312326] ? calculate_sigpending+0x7b/0xa0 [ 13.312349] ? __pfx_kthread+0x10/0x10 [ 13.312371] ret_from_fork+0x116/0x1d0 [ 13.312390] ? __pfx_kthread+0x10/0x10 [ 13.312411] ret_from_fork_asm+0x1a/0x30 [ 13.312442] </TASK> [ 13.312452] [ 13.322112] Allocated by task 282: [ 13.322648] kasan_save_stack+0x45/0x70 [ 13.323104] kasan_save_track+0x18/0x40 [ 13.323290] kasan_save_alloc_info+0x3b/0x50 [ 13.323561] __kasan_kmalloc+0xb7/0xc0 [ 13.323709] __kmalloc_cache_noprof+0x189/0x420 [ 13.323862] kasan_atomics+0x95/0x310 [ 13.324007] kunit_try_run_case+0x1a5/0x480 [ 13.324267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.324785] kthread+0x337/0x6f0 [ 13.324970] ret_from_fork+0x116/0x1d0 [ 13.325162] ret_from_fork_asm+0x1a/0x30 [ 13.325363] [ 13.325446] The buggy address belongs to the object at ffff888102fa7d80 [ 13.325446] which belongs to the cache kmalloc-64 of size 64 [ 13.326345] The buggy address is located 0 bytes to the right of [ 13.326345] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.327041] [ 13.327142] The buggy address belongs to the physical page: [ 13.327579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.328202] flags: 0x200000000000000(node=0|zone=2) [ 13.328401] page_type: f5(slab) [ 13.328574] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.328943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.329326] page dumped because: kasan: bad access detected [ 13.329649] [ 13.329723] Memory state around the buggy address: [ 13.329945] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.330358] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.330856] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.331345] ^ [ 13.331639] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.332083] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.332414] ================================================================== [ 13.383864] ================================================================== [ 13.384115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.384435] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.385362] [ 13.385479] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.385526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.385540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.385563] Call Trace: [ 13.385578] <TASK> [ 13.385716] dump_stack_lvl+0x73/0xb0 [ 13.385749] print_report+0xd1/0x650 [ 13.385791] ? __virt_addr_valid+0x1db/0x2d0 [ 13.385815] ? kasan_atomics_helper+0x3df/0x5450 [ 13.385850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.385874] ? kasan_atomics_helper+0x3df/0x5450 [ 13.385898] kasan_report+0x141/0x180 [ 13.385922] ? kasan_atomics_helper+0x3df/0x5450 [ 13.385949] kasan_check_range+0x10c/0x1c0 [ 13.385974] __kasan_check_read+0x15/0x20 [ 13.385995] kasan_atomics_helper+0x3df/0x5450 [ 13.386020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.386044] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.386067] ? kasan_atomics+0x152/0x310 [ 13.386091] kasan_atomics+0x1dc/0x310 [ 13.386111] ? __pfx_kasan_atomics+0x10/0x10 [ 13.386135] ? __pfx_read_tsc+0x10/0x10 [ 13.386159] ? ktime_get_ts64+0x86/0x230 [ 13.386185] kunit_try_run_case+0x1a5/0x480 [ 13.386207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.386228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.386253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.386279] ? __kthread_parkme+0x82/0x180 [ 13.386300] ? preempt_count_sub+0x50/0x80 [ 13.386326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.386348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.386374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.386400] kthread+0x337/0x6f0 [ 13.386421] ? trace_preempt_on+0x20/0xc0 [ 13.386444] ? __pfx_kthread+0x10/0x10 [ 13.386467] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.386491] ? calculate_sigpending+0x7b/0xa0 [ 13.386515] ? __pfx_kthread+0x10/0x10 [ 13.386551] ret_from_fork+0x116/0x1d0 [ 13.386570] ? __pfx_kthread+0x10/0x10 [ 13.386592] ret_from_fork_asm+0x1a/0x30 [ 13.386634] </TASK> [ 13.386646] [ 13.399745] Allocated by task 282: [ 13.400074] kasan_save_stack+0x45/0x70 [ 13.400439] kasan_save_track+0x18/0x40 [ 13.400649] kasan_save_alloc_info+0x3b/0x50 [ 13.401035] __kasan_kmalloc+0xb7/0xc0 [ 13.401219] __kmalloc_cache_noprof+0x189/0x420 [ 13.401521] kasan_atomics+0x95/0x310 [ 13.401764] kunit_try_run_case+0x1a5/0x480 [ 13.402073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.402500] kthread+0x337/0x6f0 [ 13.402759] ret_from_fork+0x116/0x1d0 [ 13.403079] ret_from_fork_asm+0x1a/0x30 [ 13.403279] [ 13.403454] The buggy address belongs to the object at ffff888102fa7d80 [ 13.403454] which belongs to the cache kmalloc-64 of size 64 [ 13.404206] The buggy address is located 0 bytes to the right of [ 13.404206] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.404762] [ 13.404971] The buggy address belongs to the physical page: [ 13.405363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.405892] flags: 0x200000000000000(node=0|zone=2) [ 13.406220] page_type: f5(slab) [ 13.406523] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.406990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.407530] page dumped because: kasan: bad access detected [ 13.407831] [ 13.407925] Memory state around the buggy address: [ 13.408160] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.408745] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.409194] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.409535] ^ [ 13.409745] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.410424] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.410717] ================================================================== [ 13.641080] ================================================================== [ 13.641413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.641787] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.642207] [ 13.642305] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.642352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.642366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.642388] Call Trace: [ 13.642403] <TASK> [ 13.642420] dump_stack_lvl+0x73/0xb0 [ 13.642448] print_report+0xd1/0x650 [ 13.642471] ? __virt_addr_valid+0x1db/0x2d0 [ 13.642495] ? kasan_atomics_helper+0x992/0x5450 [ 13.642517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.642545] ? kasan_atomics_helper+0x992/0x5450 [ 13.642569] kasan_report+0x141/0x180 [ 13.642592] ? kasan_atomics_helper+0x992/0x5450 [ 13.642630] kasan_check_range+0x10c/0x1c0 [ 13.642656] __kasan_check_write+0x18/0x20 [ 13.642677] kasan_atomics_helper+0x992/0x5450 [ 13.642702] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.642725] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.642748] ? kasan_atomics+0x152/0x310 [ 13.642997] kasan_atomics+0x1dc/0x310 [ 13.643020] ? __pfx_kasan_atomics+0x10/0x10 [ 13.643043] ? __pfx_read_tsc+0x10/0x10 [ 13.643066] ? ktime_get_ts64+0x86/0x230 [ 13.643093] kunit_try_run_case+0x1a5/0x480 [ 13.643115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.643136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.643162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.643188] ? __kthread_parkme+0x82/0x180 [ 13.643210] ? preempt_count_sub+0x50/0x80 [ 13.643236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.643259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.643285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.643311] kthread+0x337/0x6f0 [ 13.643332] ? trace_preempt_on+0x20/0xc0 [ 13.643355] ? __pfx_kthread+0x10/0x10 [ 13.643377] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.643401] ? calculate_sigpending+0x7b/0xa0 [ 13.643426] ? __pfx_kthread+0x10/0x10 [ 13.643449] ret_from_fork+0x116/0x1d0 [ 13.643469] ? __pfx_kthread+0x10/0x10 [ 13.643491] ret_from_fork_asm+0x1a/0x30 [ 13.643522] </TASK> [ 13.643534] [ 13.655715] Allocated by task 282: [ 13.656403] kasan_save_stack+0x45/0x70 [ 13.657049] kasan_save_track+0x18/0x40 [ 13.657548] kasan_save_alloc_info+0x3b/0x50 [ 13.658187] __kasan_kmalloc+0xb7/0xc0 [ 13.658690] __kmalloc_cache_noprof+0x189/0x420 [ 13.659203] kasan_atomics+0x95/0x310 [ 13.659352] kunit_try_run_case+0x1a5/0x480 [ 13.659508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.659710] kthread+0x337/0x6f0 [ 13.660179] ret_from_fork+0x116/0x1d0 [ 13.660568] ret_from_fork_asm+0x1a/0x30 [ 13.661220] [ 13.661394] The buggy address belongs to the object at ffff888102fa7d80 [ 13.661394] which belongs to the cache kmalloc-64 of size 64 [ 13.662530] The buggy address is located 0 bytes to the right of [ 13.662530] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.663652] [ 13.663736] The buggy address belongs to the physical page: [ 13.664336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.665425] flags: 0x200000000000000(node=0|zone=2) [ 13.665619] page_type: f5(slab) [ 13.665748] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.665988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.666235] page dumped because: kasan: bad access detected [ 13.666418] [ 13.666492] Memory state around the buggy address: [ 13.666667] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.667268] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.668011] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.668635] ^ [ 13.669237] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.669941] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.670572] ================================================================== [ 14.341484] ================================================================== [ 14.341944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.342324] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.342723] [ 14.342818] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.342862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.342875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.342897] Call Trace: [ 14.342912] <TASK> [ 14.342926] dump_stack_lvl+0x73/0xb0 [ 14.342951] print_report+0xd1/0x650 [ 14.342974] ? __virt_addr_valid+0x1db/0x2d0 [ 14.342997] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.343020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.343045] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.343068] kasan_report+0x141/0x180 [ 14.343091] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.343119] kasan_check_range+0x10c/0x1c0 [ 14.343145] __kasan_check_write+0x18/0x20 [ 14.343165] kasan_atomics_helper+0x19e3/0x5450 [ 14.343190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.343214] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.343236] ? kasan_atomics+0x152/0x310 [ 14.343260] kasan_atomics+0x1dc/0x310 [ 14.343280] ? __pfx_kasan_atomics+0x10/0x10 [ 14.343302] ? __pfx_read_tsc+0x10/0x10 [ 14.343323] ? ktime_get_ts64+0x86/0x230 [ 14.343349] kunit_try_run_case+0x1a5/0x480 [ 14.343371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.343392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.343417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.343443] ? __kthread_parkme+0x82/0x180 [ 14.343465] ? preempt_count_sub+0x50/0x80 [ 14.343489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.343512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.343539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.343565] kthread+0x337/0x6f0 [ 14.343585] ? trace_preempt_on+0x20/0xc0 [ 14.343622] ? __pfx_kthread+0x10/0x10 [ 14.343645] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.343669] ? calculate_sigpending+0x7b/0xa0 [ 14.343693] ? __pfx_kthread+0x10/0x10 [ 14.343716] ret_from_fork+0x116/0x1d0 [ 14.343737] ? __pfx_kthread+0x10/0x10 [ 14.343760] ret_from_fork_asm+0x1a/0x30 [ 14.343804] </TASK> [ 14.343815] [ 14.351451] Allocated by task 282: [ 14.351622] kasan_save_stack+0x45/0x70 [ 14.351846] kasan_save_track+0x18/0x40 [ 14.351999] kasan_save_alloc_info+0x3b/0x50 [ 14.352212] __kasan_kmalloc+0xb7/0xc0 [ 14.352385] __kmalloc_cache_noprof+0x189/0x420 [ 14.352546] kasan_atomics+0x95/0x310 [ 14.352694] kunit_try_run_case+0x1a5/0x480 [ 14.352845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353029] kthread+0x337/0x6f0 [ 14.353156] ret_from_fork+0x116/0x1d0 [ 14.353296] ret_from_fork_asm+0x1a/0x30 [ 14.353440] [ 14.353516] The buggy address belongs to the object at ffff888102fa7d80 [ 14.353516] which belongs to the cache kmalloc-64 of size 64 [ 14.354189] The buggy address is located 0 bytes to the right of [ 14.354189] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.354777] [ 14.354877] The buggy address belongs to the physical page: [ 14.355134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.355451] flags: 0x200000000000000(node=0|zone=2) [ 14.355628] page_type: f5(slab) [ 14.355752] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.355990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.356223] page dumped because: kasan: bad access detected [ 14.356401] [ 14.356474] Memory state around the buggy address: [ 14.356722] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.357402] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.357742] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.358073] ^ [ 14.358304] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.358657] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.359121] ================================================================== [ 14.088896] ================================================================== [ 14.089336] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.089781] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.090250] [ 14.090435] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.090481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.090494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.090516] Call Trace: [ 14.090538] <TASK> [ 14.090553] dump_stack_lvl+0x73/0xb0 [ 14.090578] print_report+0xd1/0x650 [ 14.090602] ? __virt_addr_valid+0x1db/0x2d0 [ 14.090636] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.090660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.090684] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.090707] kasan_report+0x141/0x180 [ 14.090731] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.090796] kasan_check_range+0x10c/0x1c0 [ 14.090821] __kasan_check_read+0x15/0x20 [ 14.090842] kasan_atomics_helper+0x13b5/0x5450 [ 14.090867] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.090891] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.090913] ? kasan_atomics+0x152/0x310 [ 14.090938] kasan_atomics+0x1dc/0x310 [ 14.090959] ? __pfx_kasan_atomics+0x10/0x10 [ 14.090981] ? __pfx_read_tsc+0x10/0x10 [ 14.091004] ? ktime_get_ts64+0x86/0x230 [ 14.091030] kunit_try_run_case+0x1a5/0x480 [ 14.091053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.091100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.091126] ? __kthread_parkme+0x82/0x180 [ 14.091149] ? preempt_count_sub+0x50/0x80 [ 14.091174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.091221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.091248] kthread+0x337/0x6f0 [ 14.091269] ? trace_preempt_on+0x20/0xc0 [ 14.091292] ? __pfx_kthread+0x10/0x10 [ 14.091314] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.091338] ? calculate_sigpending+0x7b/0xa0 [ 14.091363] ? __pfx_kthread+0x10/0x10 [ 14.091386] ret_from_fork+0x116/0x1d0 [ 14.091406] ? __pfx_kthread+0x10/0x10 [ 14.091428] ret_from_fork_asm+0x1a/0x30 [ 14.091459] </TASK> [ 14.091470] [ 14.099412] Allocated by task 282: [ 14.099646] kasan_save_stack+0x45/0x70 [ 14.099989] kasan_save_track+0x18/0x40 [ 14.100192] kasan_save_alloc_info+0x3b/0x50 [ 14.100408] __kasan_kmalloc+0xb7/0xc0 [ 14.100618] __kmalloc_cache_noprof+0x189/0x420 [ 14.100842] kasan_atomics+0x95/0x310 [ 14.101002] kunit_try_run_case+0x1a5/0x480 [ 14.101188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.101446] kthread+0x337/0x6f0 [ 14.101628] ret_from_fork+0x116/0x1d0 [ 14.101869] ret_from_fork_asm+0x1a/0x30 [ 14.102036] [ 14.102139] The buggy address belongs to the object at ffff888102fa7d80 [ 14.102139] which belongs to the cache kmalloc-64 of size 64 [ 14.102622] The buggy address is located 0 bytes to the right of [ 14.102622] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.103017] [ 14.103094] The buggy address belongs to the physical page: [ 14.103274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.103527] flags: 0x200000000000000(node=0|zone=2) [ 14.103815] page_type: f5(slab) [ 14.103991] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.104342] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.104690] page dumped because: kasan: bad access detected [ 14.104970] [ 14.105146] Memory state around the buggy address: [ 14.105424] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.105942] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.106521] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.106804] ^ [ 14.107032] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107422] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107656] ================================================================== [ 13.695228] ================================================================== [ 13.695512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 13.695856] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.696209] [ 13.696302] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.696350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.696364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.696385] Call Trace: [ 13.696400] <TASK> [ 13.696417] dump_stack_lvl+0x73/0xb0 [ 13.696443] print_report+0xd1/0x650 [ 13.696468] ? __virt_addr_valid+0x1db/0x2d0 [ 13.696492] ? kasan_atomics_helper+0xac7/0x5450 [ 13.696515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.696539] ? kasan_atomics_helper+0xac7/0x5450 [ 13.696563] kasan_report+0x141/0x180 [ 13.696587] ? kasan_atomics_helper+0xac7/0x5450 [ 13.696627] kasan_check_range+0x10c/0x1c0 [ 13.696653] __kasan_check_write+0x18/0x20 [ 13.696674] kasan_atomics_helper+0xac7/0x5450 [ 13.696698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.696723] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.696745] ? kasan_atomics+0x152/0x310 [ 13.696770] kasan_atomics+0x1dc/0x310 [ 13.696790] ? __pfx_kasan_atomics+0x10/0x10 [ 13.696811] ? __pfx_read_tsc+0x10/0x10 [ 13.696834] ? ktime_get_ts64+0x86/0x230 [ 13.696860] kunit_try_run_case+0x1a5/0x480 [ 13.696881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.696902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.696928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.696954] ? __kthread_parkme+0x82/0x180 [ 13.696976] ? preempt_count_sub+0x50/0x80 [ 13.697000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.697023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.697048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.697075] kthread+0x337/0x6f0 [ 13.697096] ? trace_preempt_on+0x20/0xc0 [ 13.697119] ? __pfx_kthread+0x10/0x10 [ 13.697141] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.697164] ? calculate_sigpending+0x7b/0xa0 [ 13.697189] ? __pfx_kthread+0x10/0x10 [ 13.697229] ret_from_fork+0x116/0x1d0 [ 13.697249] ? __pfx_kthread+0x10/0x10 [ 13.697271] ret_from_fork_asm+0x1a/0x30 [ 13.697303] </TASK> [ 13.697314] [ 13.705814] Allocated by task 282: [ 13.705998] kasan_save_stack+0x45/0x70 [ 13.706176] kasan_save_track+0x18/0x40 [ 13.706321] kasan_save_alloc_info+0x3b/0x50 [ 13.706474] __kasan_kmalloc+0xb7/0xc0 [ 13.706686] __kmalloc_cache_noprof+0x189/0x420 [ 13.706915] kasan_atomics+0x95/0x310 [ 13.707242] kunit_try_run_case+0x1a5/0x480 [ 13.707553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.707750] kthread+0x337/0x6f0 [ 13.707878] ret_from_fork+0x116/0x1d0 [ 13.708074] ret_from_fork_asm+0x1a/0x30 [ 13.708429] [ 13.708845] The buggy address belongs to the object at ffff888102fa7d80 [ 13.708845] which belongs to the cache kmalloc-64 of size 64 [ 13.709386] The buggy address is located 0 bytes to the right of [ 13.709386] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.710020] [ 13.710114] The buggy address belongs to the physical page: [ 13.710354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.710680] flags: 0x200000000000000(node=0|zone=2) [ 13.710975] page_type: f5(slab) [ 13.711099] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.711340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.711574] page dumped because: kasan: bad access detected [ 13.711836] [ 13.711936] Memory state around the buggy address: [ 13.712165] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.712490] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.713081] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.713313] ^ [ 13.713484] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.713950] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.714277] ================================================================== [ 13.806445] ================================================================== [ 13.806985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 13.807601] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.808437] [ 13.808843] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.808900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.808915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.808938] Call Trace: [ 13.808954] <TASK> [ 13.808970] dump_stack_lvl+0x73/0xb0 [ 13.809046] print_report+0xd1/0x650 [ 13.809071] ? __virt_addr_valid+0x1db/0x2d0 [ 13.809095] ? kasan_atomics_helper+0xd47/0x5450 [ 13.809117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.809141] ? kasan_atomics_helper+0xd47/0x5450 [ 13.809164] kasan_report+0x141/0x180 [ 13.809188] ? kasan_atomics_helper+0xd47/0x5450 [ 13.809216] kasan_check_range+0x10c/0x1c0 [ 13.809241] __kasan_check_write+0x18/0x20 [ 13.809263] kasan_atomics_helper+0xd47/0x5450 [ 13.809287] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.809311] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.809333] ? kasan_atomics+0x152/0x310 [ 13.809357] kasan_atomics+0x1dc/0x310 [ 13.809377] ? __pfx_kasan_atomics+0x10/0x10 [ 13.809398] ? __pfx_read_tsc+0x10/0x10 [ 13.809420] ? ktime_get_ts64+0x86/0x230 [ 13.809445] kunit_try_run_case+0x1a5/0x480 [ 13.809468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.809488] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.809513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.809540] ? __kthread_parkme+0x82/0x180 [ 13.809560] ? preempt_count_sub+0x50/0x80 [ 13.809586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.809619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.809645] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.809671] kthread+0x337/0x6f0 [ 13.809692] ? trace_preempt_on+0x20/0xc0 [ 13.809714] ? __pfx_kthread+0x10/0x10 [ 13.809736] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.809767] ? calculate_sigpending+0x7b/0xa0 [ 13.809791] ? __pfx_kthread+0x10/0x10 [ 13.809832] ret_from_fork+0x116/0x1d0 [ 13.809854] ? __pfx_kthread+0x10/0x10 [ 13.809879] ret_from_fork_asm+0x1a/0x30 [ 13.809911] </TASK> [ 13.809923] [ 13.820288] Allocated by task 282: [ 13.820436] kasan_save_stack+0x45/0x70 [ 13.820661] kasan_save_track+0x18/0x40 [ 13.820862] kasan_save_alloc_info+0x3b/0x50 [ 13.821078] __kasan_kmalloc+0xb7/0xc0 [ 13.821453] __kmalloc_cache_noprof+0x189/0x420 [ 13.821706] kasan_atomics+0x95/0x310 [ 13.822012] kunit_try_run_case+0x1a5/0x480 [ 13.822173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822443] kthread+0x337/0x6f0 [ 13.822642] ret_from_fork+0x116/0x1d0 [ 13.822932] ret_from_fork_asm+0x1a/0x30 [ 13.823102] [ 13.823206] The buggy address belongs to the object at ffff888102fa7d80 [ 13.823206] which belongs to the cache kmalloc-64 of size 64 [ 13.823707] The buggy address is located 0 bytes to the right of [ 13.823707] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.824391] [ 13.824497] The buggy address belongs to the physical page: [ 13.824708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.824960] flags: 0x200000000000000(node=0|zone=2) [ 13.825204] page_type: f5(slab) [ 13.825533] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.825890] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.826275] page dumped because: kasan: bad access detected [ 13.826455] [ 13.826529] Memory state around the buggy address: [ 13.827018] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.827368] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.827709] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.828085] ^ [ 13.828294] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.828585] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.828920] ================================================================== [ 13.332906] ================================================================== [ 13.333146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.333470] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.334430] [ 13.334530] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.334668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.334681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.334703] Call Trace: [ 13.334718] <TASK> [ 13.334734] dump_stack_lvl+0x73/0xb0 [ 13.334776] print_report+0xd1/0x650 [ 13.334799] ? __virt_addr_valid+0x1db/0x2d0 [ 13.334823] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.334846] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.334870] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.334893] kasan_report+0x141/0x180 [ 13.334917] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.335016] __asan_report_load4_noabort+0x18/0x20 [ 13.335041] kasan_atomics_helper+0x4b88/0x5450 [ 13.335064] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.335087] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.335109] ? kasan_atomics+0x152/0x310 [ 13.335132] kasan_atomics+0x1dc/0x310 [ 13.335151] ? __pfx_kasan_atomics+0x10/0x10 [ 13.335172] ? __pfx_read_tsc+0x10/0x10 [ 13.335194] ? ktime_get_ts64+0x86/0x230 [ 13.335218] kunit_try_run_case+0x1a5/0x480 [ 13.335239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.335259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.335283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.335308] ? __kthread_parkme+0x82/0x180 [ 13.335328] ? preempt_count_sub+0x50/0x80 [ 13.335352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.335373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.335398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.335423] kthread+0x337/0x6f0 [ 13.335442] ? trace_preempt_on+0x20/0xc0 [ 13.335467] ? __pfx_kthread+0x10/0x10 [ 13.335488] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.335512] ? calculate_sigpending+0x7b/0xa0 [ 13.335537] ? __pfx_kthread+0x10/0x10 [ 13.335559] ret_from_fork+0x116/0x1d0 [ 13.335577] ? __pfx_kthread+0x10/0x10 [ 13.335598] ret_from_fork_asm+0x1a/0x30 [ 13.335640] </TASK> [ 13.335650] [ 13.346804] Allocated by task 282: [ 13.347057] kasan_save_stack+0x45/0x70 [ 13.347363] kasan_save_track+0x18/0x40 [ 13.347644] kasan_save_alloc_info+0x3b/0x50 [ 13.347981] __kasan_kmalloc+0xb7/0xc0 [ 13.348140] __kmalloc_cache_noprof+0x189/0x420 [ 13.348372] kasan_atomics+0x95/0x310 [ 13.348541] kunit_try_run_case+0x1a5/0x480 [ 13.348760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.349383] kthread+0x337/0x6f0 [ 13.349564] ret_from_fork+0x116/0x1d0 [ 13.349745] ret_from_fork_asm+0x1a/0x30 [ 13.350228] [ 13.350310] The buggy address belongs to the object at ffff888102fa7d80 [ 13.350310] which belongs to the cache kmalloc-64 of size 64 [ 13.351012] The buggy address is located 0 bytes to the right of [ 13.351012] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.351731] [ 13.352013] The buggy address belongs to the physical page: [ 13.352228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.352600] flags: 0x200000000000000(node=0|zone=2) [ 13.352870] page_type: f5(slab) [ 13.353018] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.353359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.354218] page dumped because: kasan: bad access detected [ 13.354575] [ 13.354693] Memory state around the buggy address: [ 13.355142] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.355463] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.355988] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.356407] ^ [ 13.356734] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.357226] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.357544] ================================================================== [ 14.395344] ================================================================== [ 14.395627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.396168] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.396453] [ 14.396566] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.396618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.396631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.396653] Call Trace: [ 14.396667] <TASK> [ 14.396682] dump_stack_lvl+0x73/0xb0 [ 14.396707] print_report+0xd1/0x650 [ 14.396731] ? __virt_addr_valid+0x1db/0x2d0 [ 14.396754] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.396788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.396812] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.396836] kasan_report+0x141/0x180 [ 14.396860] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.396888] kasan_check_range+0x10c/0x1c0 [ 14.396914] __kasan_check_write+0x18/0x20 [ 14.396936] kasan_atomics_helper+0x1c18/0x5450 [ 14.396960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.396985] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.397008] ? kasan_atomics+0x152/0x310 [ 14.397033] kasan_atomics+0x1dc/0x310 [ 14.397057] ? __pfx_kasan_atomics+0x10/0x10 [ 14.397081] ? __pfx_read_tsc+0x10/0x10 [ 14.397105] ? ktime_get_ts64+0x86/0x230 [ 14.397131] kunit_try_run_case+0x1a5/0x480 [ 14.397153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.397201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.397228] ? __kthread_parkme+0x82/0x180 [ 14.397250] ? preempt_count_sub+0x50/0x80 [ 14.397275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.397326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.397352] kthread+0x337/0x6f0 [ 14.397372] ? trace_preempt_on+0x20/0xc0 [ 14.397396] ? __pfx_kthread+0x10/0x10 [ 14.397419] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.397442] ? calculate_sigpending+0x7b/0xa0 [ 14.397467] ? __pfx_kthread+0x10/0x10 [ 14.397491] ret_from_fork+0x116/0x1d0 [ 14.397511] ? __pfx_kthread+0x10/0x10 [ 14.397533] ret_from_fork_asm+0x1a/0x30 [ 14.397565] </TASK> [ 14.397576] [ 14.407592] Allocated by task 282: [ 14.408021] kasan_save_stack+0x45/0x70 [ 14.408281] kasan_save_track+0x18/0x40 [ 14.408589] kasan_save_alloc_info+0x3b/0x50 [ 14.409066] __kasan_kmalloc+0xb7/0xc0 [ 14.409268] __kmalloc_cache_noprof+0x189/0x420 [ 14.409467] kasan_atomics+0x95/0x310 [ 14.409653] kunit_try_run_case+0x1a5/0x480 [ 14.410038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.410458] kthread+0x337/0x6f0 [ 14.410771] ret_from_fork+0x116/0x1d0 [ 14.411191] ret_from_fork_asm+0x1a/0x30 [ 14.411415] [ 14.411512] The buggy address belongs to the object at ffff888102fa7d80 [ 14.411512] which belongs to the cache kmalloc-64 of size 64 [ 14.412337] The buggy address is located 0 bytes to the right of [ 14.412337] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.413119] [ 14.413223] The buggy address belongs to the physical page: [ 14.413464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.414060] flags: 0x200000000000000(node=0|zone=2) [ 14.414332] page_type: f5(slab) [ 14.414740] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.415222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.415676] page dumped because: kasan: bad access detected [ 14.416104] [ 14.416331] Memory state around the buggy address: [ 14.416679] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.417151] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.417458] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.417749] ^ [ 14.418238] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.418735] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419246] ================================================================== [ 14.483352] ================================================================== [ 14.483631] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.483994] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.484306] [ 14.484427] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.484474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.484488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.484510] Call Trace: [ 14.484525] <TASK> [ 14.484541] dump_stack_lvl+0x73/0xb0 [ 14.484567] print_report+0xd1/0x650 [ 14.484591] ? __virt_addr_valid+0x1db/0x2d0 [ 14.484625] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.484648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.484673] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.484696] kasan_report+0x141/0x180 [ 14.484719] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.484747] kasan_check_range+0x10c/0x1c0 [ 14.484772] __kasan_check_write+0x18/0x20 [ 14.484793] kasan_atomics_helper+0x1e12/0x5450 [ 14.484818] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.484844] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.484866] ? kasan_atomics+0x152/0x310 [ 14.484891] kasan_atomics+0x1dc/0x310 [ 14.484911] ? __pfx_kasan_atomics+0x10/0x10 [ 14.484934] ? __pfx_read_tsc+0x10/0x10 [ 14.484955] ? ktime_get_ts64+0x86/0x230 [ 14.484981] kunit_try_run_case+0x1a5/0x480 [ 14.485002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.485023] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.485048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.485074] ? __kthread_parkme+0x82/0x180 [ 14.485096] ? preempt_count_sub+0x50/0x80 [ 14.485121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.485143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.485169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.485196] kthread+0x337/0x6f0 [ 14.485216] ? trace_preempt_on+0x20/0xc0 [ 14.485240] ? __pfx_kthread+0x10/0x10 [ 14.485261] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.485285] ? calculate_sigpending+0x7b/0xa0 [ 14.485309] ? __pfx_kthread+0x10/0x10 [ 14.485332] ret_from_fork+0x116/0x1d0 [ 14.485351] ? __pfx_kthread+0x10/0x10 [ 14.485373] ret_from_fork_asm+0x1a/0x30 [ 14.485403] </TASK> [ 14.485414] [ 14.494864] Allocated by task 282: [ 14.495061] kasan_save_stack+0x45/0x70 [ 14.495273] kasan_save_track+0x18/0x40 [ 14.495473] kasan_save_alloc_info+0x3b/0x50 [ 14.495648] __kasan_kmalloc+0xb7/0xc0 [ 14.495798] __kmalloc_cache_noprof+0x189/0x420 [ 14.496044] kasan_atomics+0x95/0x310 [ 14.496233] kunit_try_run_case+0x1a5/0x480 [ 14.496430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.496625] kthread+0x337/0x6f0 [ 14.496750] ret_from_fork+0x116/0x1d0 [ 14.496942] ret_from_fork_asm+0x1a/0x30 [ 14.497225] [ 14.497324] The buggy address belongs to the object at ffff888102fa7d80 [ 14.497324] which belongs to the cache kmalloc-64 of size 64 [ 14.497803] The buggy address is located 0 bytes to the right of [ 14.497803] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.498711] [ 14.498833] The buggy address belongs to the physical page: [ 14.499096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.499531] flags: 0x200000000000000(node=0|zone=2) [ 14.499827] page_type: f5(slab) [ 14.500042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.500366] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.500735] page dumped because: kasan: bad access detected [ 14.501019] [ 14.501090] Memory state around the buggy address: [ 14.501249] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.501572] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.501921] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.502184] ^ [ 14.502345] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.502617] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.503150] ================================================================== [ 13.910397] ================================================================== [ 13.910913] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 13.911237] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.911525] [ 13.911655] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.911703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.911717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.911917] Call Trace: [ 13.911940] <TASK> [ 13.911957] dump_stack_lvl+0x73/0xb0 [ 13.911986] print_report+0xd1/0x650 [ 13.912010] ? __virt_addr_valid+0x1db/0x2d0 [ 13.912033] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.912056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.912080] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.912104] kasan_report+0x141/0x180 [ 13.912128] ? kasan_atomics_helper+0x4a36/0x5450 [ 13.912156] __asan_report_load4_noabort+0x18/0x20 [ 13.912179] kasan_atomics_helper+0x4a36/0x5450 [ 13.912203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.912228] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.912250] ? kasan_atomics+0x152/0x310 [ 13.912275] kasan_atomics+0x1dc/0x310 [ 13.912295] ? __pfx_kasan_atomics+0x10/0x10 [ 13.912317] ? __pfx_read_tsc+0x10/0x10 [ 13.912339] ? ktime_get_ts64+0x86/0x230 [ 13.912365] kunit_try_run_case+0x1a5/0x480 [ 13.912387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.912434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.912461] ? __kthread_parkme+0x82/0x180 [ 13.912483] ? preempt_count_sub+0x50/0x80 [ 13.912507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.912531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.912556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.912583] kthread+0x337/0x6f0 [ 13.912604] ? trace_preempt_on+0x20/0xc0 [ 13.912645] ? __pfx_kthread+0x10/0x10 [ 13.912667] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.912691] ? calculate_sigpending+0x7b/0xa0 [ 13.912717] ? __pfx_kthread+0x10/0x10 [ 13.912838] ret_from_fork+0x116/0x1d0 [ 13.912864] ? __pfx_kthread+0x10/0x10 [ 13.912886] ret_from_fork_asm+0x1a/0x30 [ 13.912919] </TASK> [ 13.912931] [ 13.921508] Allocated by task 282: [ 13.921713] kasan_save_stack+0x45/0x70 [ 13.922001] kasan_save_track+0x18/0x40 [ 13.922207] kasan_save_alloc_info+0x3b/0x50 [ 13.922373] __kasan_kmalloc+0xb7/0xc0 [ 13.922585] __kmalloc_cache_noprof+0x189/0x420 [ 13.922949] kasan_atomics+0x95/0x310 [ 13.923150] kunit_try_run_case+0x1a5/0x480 [ 13.923365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.923597] kthread+0x337/0x6f0 [ 13.924031] ret_from_fork+0x116/0x1d0 [ 13.924235] ret_from_fork_asm+0x1a/0x30 [ 13.924457] [ 13.924544] The buggy address belongs to the object at ffff888102fa7d80 [ 13.924544] which belongs to the cache kmalloc-64 of size 64 [ 13.925220] The buggy address is located 0 bytes to the right of [ 13.925220] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.925851] [ 13.925982] The buggy address belongs to the physical page: [ 13.926269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.926569] flags: 0x200000000000000(node=0|zone=2) [ 13.926964] page_type: f5(slab) [ 13.927162] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.927396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.927973] page dumped because: kasan: bad access detected [ 13.928233] [ 13.928307] Memory state around the buggy address: [ 13.928501] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.928826] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.929111] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.929879] ^ [ 13.930108] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.930329] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.930550] ================================================================== [ 13.436926] ================================================================== [ 13.437264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.438264] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.438556] [ 13.438661] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.438707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.438721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.438744] Call Trace: [ 13.439119] <TASK> [ 13.439140] dump_stack_lvl+0x73/0xb0 [ 13.439172] print_report+0xd1/0x650 [ 13.439196] ? __virt_addr_valid+0x1db/0x2d0 [ 13.439220] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.439243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.439268] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.439290] kasan_report+0x141/0x180 [ 13.439315] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.439342] kasan_check_range+0x10c/0x1c0 [ 13.439367] __kasan_check_write+0x18/0x20 [ 13.439389] kasan_atomics_helper+0x4a0/0x5450 [ 13.439413] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.439439] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.439461] ? kasan_atomics+0x152/0x310 [ 13.439485] kasan_atomics+0x1dc/0x310 [ 13.439506] ? __pfx_kasan_atomics+0x10/0x10 [ 13.439528] ? __pfx_read_tsc+0x10/0x10 [ 13.439550] ? ktime_get_ts64+0x86/0x230 [ 13.439575] kunit_try_run_case+0x1a5/0x480 [ 13.439598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.439633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.439660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.439686] ? __kthread_parkme+0x82/0x180 [ 13.439709] ? preempt_count_sub+0x50/0x80 [ 13.439734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.439830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.439860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.439887] kthread+0x337/0x6f0 [ 13.439908] ? trace_preempt_on+0x20/0xc0 [ 13.439933] ? __pfx_kthread+0x10/0x10 [ 13.439955] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.439979] ? calculate_sigpending+0x7b/0xa0 [ 13.440004] ? __pfx_kthread+0x10/0x10 [ 13.440027] ret_from_fork+0x116/0x1d0 [ 13.440047] ? __pfx_kthread+0x10/0x10 [ 13.440069] ret_from_fork_asm+0x1a/0x30 [ 13.440101] </TASK> [ 13.440114] [ 13.451451] Allocated by task 282: [ 13.451842] kasan_save_stack+0x45/0x70 [ 13.452214] kasan_save_track+0x18/0x40 [ 13.452408] kasan_save_alloc_info+0x3b/0x50 [ 13.452627] __kasan_kmalloc+0xb7/0xc0 [ 13.453031] __kmalloc_cache_noprof+0x189/0x420 [ 13.453257] kasan_atomics+0x95/0x310 [ 13.453568] kunit_try_run_case+0x1a5/0x480 [ 13.453793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.454370] kthread+0x337/0x6f0 [ 13.454551] ret_from_fork+0x116/0x1d0 [ 13.454955] ret_from_fork_asm+0x1a/0x30 [ 13.455313] [ 13.455422] The buggy address belongs to the object at ffff888102fa7d80 [ 13.455422] which belongs to the cache kmalloc-64 of size 64 [ 13.456225] The buggy address is located 0 bytes to the right of [ 13.456225] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.457014] [ 13.457109] The buggy address belongs to the physical page: [ 13.457359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.457833] flags: 0x200000000000000(node=0|zone=2) [ 13.458055] page_type: f5(slab) [ 13.458274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.458995] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.459337] page dumped because: kasan: bad access detected [ 13.459581] [ 13.459678] Memory state around the buggy address: [ 13.460190] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.460560] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.461029] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.461409] ^ [ 13.461621] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.462295] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.462574] ================================================================== [ 13.463407] ================================================================== [ 13.463812] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.464122] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.464428] [ 13.464534] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.464580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.464593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.464627] Call Trace: [ 13.464643] <TASK> [ 13.464659] dump_stack_lvl+0x73/0xb0 [ 13.464685] print_report+0xd1/0x650 [ 13.464707] ? __virt_addr_valid+0x1db/0x2d0 [ 13.464731] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.464820] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.464847] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.464871] kasan_report+0x141/0x180 [ 13.464895] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.464931] __asan_report_store4_noabort+0x1b/0x30 [ 13.464953] kasan_atomics_helper+0x4b3a/0x5450 [ 13.464977] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.465002] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.465025] ? kasan_atomics+0x152/0x310 [ 13.465048] kasan_atomics+0x1dc/0x310 [ 13.465069] ? __pfx_kasan_atomics+0x10/0x10 [ 13.465090] ? __pfx_read_tsc+0x10/0x10 [ 13.465113] ? ktime_get_ts64+0x86/0x230 [ 13.465139] kunit_try_run_case+0x1a5/0x480 [ 13.465163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.465184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.465209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.465236] ? __kthread_parkme+0x82/0x180 [ 13.465257] ? preempt_count_sub+0x50/0x80 [ 13.465282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.465305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.465329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.465356] kthread+0x337/0x6f0 [ 13.465377] ? trace_preempt_on+0x20/0xc0 [ 13.465401] ? __pfx_kthread+0x10/0x10 [ 13.465423] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.465447] ? calculate_sigpending+0x7b/0xa0 [ 13.465472] ? __pfx_kthread+0x10/0x10 [ 13.465495] ret_from_fork+0x116/0x1d0 [ 13.465514] ? __pfx_kthread+0x10/0x10 [ 13.465536] ret_from_fork_asm+0x1a/0x30 [ 13.465568] </TASK> [ 13.465581] [ 13.473872] Allocated by task 282: [ 13.474063] kasan_save_stack+0x45/0x70 [ 13.474273] kasan_save_track+0x18/0x40 [ 13.474464] kasan_save_alloc_info+0x3b/0x50 [ 13.474634] __kasan_kmalloc+0xb7/0xc0 [ 13.475066] __kmalloc_cache_noprof+0x189/0x420 [ 13.475315] kasan_atomics+0x95/0x310 [ 13.475507] kunit_try_run_case+0x1a5/0x480 [ 13.475679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.475863] kthread+0x337/0x6f0 [ 13.476026] ret_from_fork+0x116/0x1d0 [ 13.476319] ret_from_fork_asm+0x1a/0x30 [ 13.476646] [ 13.476727] The buggy address belongs to the object at ffff888102fa7d80 [ 13.476727] which belongs to the cache kmalloc-64 of size 64 [ 13.477384] The buggy address is located 0 bytes to the right of [ 13.477384] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.477790] [ 13.477928] The buggy address belongs to the physical page: [ 13.478200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.478574] flags: 0x200000000000000(node=0|zone=2) [ 13.479061] page_type: f5(slab) [ 13.479330] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.479680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.480016] page dumped because: kasan: bad access detected [ 13.480340] [ 13.480420] Memory state around the buggy address: [ 13.480645] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.480965] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.481210] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.481532] ^ [ 13.481739] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.482142] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.482484] ================================================================== [ 13.829487] ================================================================== [ 13.830044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 13.830372] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.830660] [ 13.830943] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.830996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.831010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.831033] Call Trace: [ 13.831051] <TASK> [ 13.831069] dump_stack_lvl+0x73/0xb0 [ 13.831097] print_report+0xd1/0x650 [ 13.831120] ? __virt_addr_valid+0x1db/0x2d0 [ 13.831143] ? kasan_atomics_helper+0xde0/0x5450 [ 13.831167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.831192] ? kasan_atomics_helper+0xde0/0x5450 [ 13.831216] kasan_report+0x141/0x180 [ 13.831241] ? kasan_atomics_helper+0xde0/0x5450 [ 13.831269] kasan_check_range+0x10c/0x1c0 [ 13.831294] __kasan_check_write+0x18/0x20 [ 13.831316] kasan_atomics_helper+0xde0/0x5450 [ 13.831340] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.831364] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.831388] ? kasan_atomics+0x152/0x310 [ 13.831412] kasan_atomics+0x1dc/0x310 [ 13.831432] ? __pfx_kasan_atomics+0x10/0x10 [ 13.831455] ? __pfx_read_tsc+0x10/0x10 [ 13.831477] ? ktime_get_ts64+0x86/0x230 [ 13.831503] kunit_try_run_case+0x1a5/0x480 [ 13.831525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.831546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.831572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.831598] ? __kthread_parkme+0x82/0x180 [ 13.831636] ? preempt_count_sub+0x50/0x80 [ 13.831661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.831684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.831709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.831736] kthread+0x337/0x6f0 [ 13.831827] ? trace_preempt_on+0x20/0xc0 [ 13.831854] ? __pfx_kthread+0x10/0x10 [ 13.831877] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.831900] ? calculate_sigpending+0x7b/0xa0 [ 13.831925] ? __pfx_kthread+0x10/0x10 [ 13.831949] ret_from_fork+0x116/0x1d0 [ 13.831968] ? __pfx_kthread+0x10/0x10 [ 13.831990] ret_from_fork_asm+0x1a/0x30 [ 13.832022] </TASK> [ 13.832033] [ 13.840824] Allocated by task 282: [ 13.840968] kasan_save_stack+0x45/0x70 [ 13.841289] kasan_save_track+0x18/0x40 [ 13.841629] kasan_save_alloc_info+0x3b/0x50 [ 13.841880] __kasan_kmalloc+0xb7/0xc0 [ 13.842047] __kmalloc_cache_noprof+0x189/0x420 [ 13.842249] kasan_atomics+0x95/0x310 [ 13.842394] kunit_try_run_case+0x1a5/0x480 [ 13.842619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.843064] kthread+0x337/0x6f0 [ 13.843246] ret_from_fork+0x116/0x1d0 [ 13.843442] ret_from_fork_asm+0x1a/0x30 [ 13.843627] [ 13.843727] The buggy address belongs to the object at ffff888102fa7d80 [ 13.843727] which belongs to the cache kmalloc-64 of size 64 [ 13.844199] The buggy address is located 0 bytes to the right of [ 13.844199] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.844597] [ 13.844706] The buggy address belongs to the physical page: [ 13.845028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.845401] flags: 0x200000000000000(node=0|zone=2) [ 13.845590] page_type: f5(slab) [ 13.845729] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.846373] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.846749] page dumped because: kasan: bad access detected [ 13.847162] [ 13.847249] Memory state around the buggy address: [ 13.847449] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.847688] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.847983] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.848305] ^ [ 13.848543] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.849033] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.849445] ================================================================== [ 14.011563] ================================================================== [ 14.012089] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.012389] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.012711] [ 14.012944] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.012993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.013007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.013027] Call Trace: [ 14.013043] <TASK> [ 14.013058] dump_stack_lvl+0x73/0xb0 [ 14.013085] print_report+0xd1/0x650 [ 14.013109] ? __virt_addr_valid+0x1db/0x2d0 [ 14.013132] ? kasan_atomics_helper+0x1217/0x5450 [ 14.013155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.013180] ? kasan_atomics_helper+0x1217/0x5450 [ 14.013204] kasan_report+0x141/0x180 [ 14.013228] ? kasan_atomics_helper+0x1217/0x5450 [ 14.013256] kasan_check_range+0x10c/0x1c0 [ 14.013281] __kasan_check_write+0x18/0x20 [ 14.013302] kasan_atomics_helper+0x1217/0x5450 [ 14.013327] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.013351] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.013374] ? kasan_atomics+0x152/0x310 [ 14.013398] kasan_atomics+0x1dc/0x310 [ 14.013419] ? __pfx_kasan_atomics+0x10/0x10 [ 14.013441] ? __pfx_read_tsc+0x10/0x10 [ 14.013463] ? ktime_get_ts64+0x86/0x230 [ 14.013488] kunit_try_run_case+0x1a5/0x480 [ 14.013512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.013559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.013585] ? __kthread_parkme+0x82/0x180 [ 14.013620] ? preempt_count_sub+0x50/0x80 [ 14.013645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.013667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.013693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.013719] kthread+0x337/0x6f0 [ 14.013815] ? trace_preempt_on+0x20/0xc0 [ 14.013843] ? __pfx_kthread+0x10/0x10 [ 14.013866] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.013891] ? calculate_sigpending+0x7b/0xa0 [ 14.013916] ? __pfx_kthread+0x10/0x10 [ 14.013940] ret_from_fork+0x116/0x1d0 [ 14.013960] ? __pfx_kthread+0x10/0x10 [ 14.013982] ret_from_fork_asm+0x1a/0x30 [ 14.014014] </TASK> [ 14.014026] [ 14.022412] Allocated by task 282: [ 14.022592] kasan_save_stack+0x45/0x70 [ 14.022914] kasan_save_track+0x18/0x40 [ 14.023098] kasan_save_alloc_info+0x3b/0x50 [ 14.023285] __kasan_kmalloc+0xb7/0xc0 [ 14.023477] __kmalloc_cache_noprof+0x189/0x420 [ 14.023680] kasan_atomics+0x95/0x310 [ 14.024073] kunit_try_run_case+0x1a5/0x480 [ 14.024294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024527] kthread+0x337/0x6f0 [ 14.024669] ret_from_fork+0x116/0x1d0 [ 14.024996] ret_from_fork_asm+0x1a/0x30 [ 14.025183] [ 14.025279] The buggy address belongs to the object at ffff888102fa7d80 [ 14.025279] which belongs to the cache kmalloc-64 of size 64 [ 14.025855] The buggy address is located 0 bytes to the right of [ 14.025855] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.026291] [ 14.026369] The buggy address belongs to the physical page: [ 14.026555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.027032] flags: 0x200000000000000(node=0|zone=2) [ 14.027278] page_type: f5(slab) [ 14.027451] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.027980] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.028304] page dumped because: kasan: bad access detected [ 14.028507] [ 14.028581] Memory state around the buggy address: [ 14.028802] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.029136] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.029468] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.029948] ^ [ 14.030177] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030450] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.030877] ================================================================== [ 14.186517] ================================================================== [ 14.186910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.187253] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.187542] [ 14.187673] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.187719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.187732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.187755] Call Trace: [ 14.187771] <TASK> [ 14.187787] dump_stack_lvl+0x73/0xb0 [ 14.187815] print_report+0xd1/0x650 [ 14.187838] ? __virt_addr_valid+0x1db/0x2d0 [ 14.187862] ? kasan_atomics_helper+0x151d/0x5450 [ 14.187885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.187910] ? kasan_atomics_helper+0x151d/0x5450 [ 14.187933] kasan_report+0x141/0x180 [ 14.187957] ? kasan_atomics_helper+0x151d/0x5450 [ 14.187985] kasan_check_range+0x10c/0x1c0 [ 14.188011] __kasan_check_write+0x18/0x20 [ 14.188033] kasan_atomics_helper+0x151d/0x5450 [ 14.188058] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.188082] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.188105] ? kasan_atomics+0x152/0x310 [ 14.188129] kasan_atomics+0x1dc/0x310 [ 14.188149] ? __pfx_kasan_atomics+0x10/0x10 [ 14.188171] ? __pfx_read_tsc+0x10/0x10 [ 14.188194] ? ktime_get_ts64+0x86/0x230 [ 14.188220] kunit_try_run_case+0x1a5/0x480 [ 14.188242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.188263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.188290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.188316] ? __kthread_parkme+0x82/0x180 [ 14.188338] ? preempt_count_sub+0x50/0x80 [ 14.188362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.188384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.188409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.188434] kthread+0x337/0x6f0 [ 14.188455] ? trace_preempt_on+0x20/0xc0 [ 14.188479] ? __pfx_kthread+0x10/0x10 [ 14.188501] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.188524] ? calculate_sigpending+0x7b/0xa0 [ 14.188549] ? __pfx_kthread+0x10/0x10 [ 14.188572] ret_from_fork+0x116/0x1d0 [ 14.188592] ? __pfx_kthread+0x10/0x10 [ 14.188622] ret_from_fork_asm+0x1a/0x30 [ 14.188654] </TASK> [ 14.188665] [ 14.196091] Allocated by task 282: [ 14.196226] kasan_save_stack+0x45/0x70 [ 14.196376] kasan_save_track+0x18/0x40 [ 14.196640] kasan_save_alloc_info+0x3b/0x50 [ 14.196859] __kasan_kmalloc+0xb7/0xc0 [ 14.197069] __kmalloc_cache_noprof+0x189/0x420 [ 14.197274] kasan_atomics+0x95/0x310 [ 14.197410] kunit_try_run_case+0x1a5/0x480 [ 14.197561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.197763] kthread+0x337/0x6f0 [ 14.197947] ret_from_fork+0x116/0x1d0 [ 14.198143] ret_from_fork_asm+0x1a/0x30 [ 14.198345] [ 14.198446] The buggy address belongs to the object at ffff888102fa7d80 [ 14.198446] which belongs to the cache kmalloc-64 of size 64 [ 14.199233] The buggy address is located 0 bytes to the right of [ 14.199233] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.199721] [ 14.199868] The buggy address belongs to the physical page: [ 14.200078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.200377] flags: 0x200000000000000(node=0|zone=2) [ 14.200546] page_type: f5(slab) [ 14.200731] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.201306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.201573] page dumped because: kasan: bad access detected [ 14.201762] [ 14.201836] Memory state around the buggy address: [ 14.201998] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.202410] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.202745] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.203418] ^ [ 14.203659] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.203921] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.204149] ================================================================== [ 14.241992] ================================================================== [ 14.242436] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.242987] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.243328] [ 14.243423] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.243471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.243485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.243508] Call Trace: [ 14.243525] <TASK> [ 14.243542] dump_stack_lvl+0x73/0xb0 [ 14.243568] print_report+0xd1/0x650 [ 14.243592] ? __virt_addr_valid+0x1db/0x2d0 [ 14.243627] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.243651] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.243676] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.243701] kasan_report+0x141/0x180 [ 14.243725] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.243754] kasan_check_range+0x10c/0x1c0 [ 14.243791] __kasan_check_write+0x18/0x20 [ 14.243813] kasan_atomics_helper+0x16e7/0x5450 [ 14.243839] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.243864] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.243887] ? kasan_atomics+0x152/0x310 [ 14.243912] kasan_atomics+0x1dc/0x310 [ 14.243934] ? __pfx_kasan_atomics+0x10/0x10 [ 14.243956] ? __pfx_read_tsc+0x10/0x10 [ 14.243979] ? ktime_get_ts64+0x86/0x230 [ 14.244006] kunit_try_run_case+0x1a5/0x480 [ 14.244030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.244052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.244078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.244104] ? __kthread_parkme+0x82/0x180 [ 14.244127] ? preempt_count_sub+0x50/0x80 [ 14.244153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.244176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.244203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.244229] kthread+0x337/0x6f0 [ 14.244251] ? trace_preempt_on+0x20/0xc0 [ 14.244276] ? __pfx_kthread+0x10/0x10 [ 14.244299] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.244323] ? calculate_sigpending+0x7b/0xa0 [ 14.244349] ? __pfx_kthread+0x10/0x10 [ 14.244372] ret_from_fork+0x116/0x1d0 [ 14.244393] ? __pfx_kthread+0x10/0x10 [ 14.244416] ret_from_fork_asm+0x1a/0x30 [ 14.244449] </TASK> [ 14.244460] [ 14.252054] Allocated by task 282: [ 14.252246] kasan_save_stack+0x45/0x70 [ 14.252441] kasan_save_track+0x18/0x40 [ 14.252650] kasan_save_alloc_info+0x3b/0x50 [ 14.252866] __kasan_kmalloc+0xb7/0xc0 [ 14.253050] __kmalloc_cache_noprof+0x189/0x420 [ 14.253279] kasan_atomics+0x95/0x310 [ 14.253454] kunit_try_run_case+0x1a5/0x480 [ 14.253629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.253854] kthread+0x337/0x6f0 [ 14.254031] ret_from_fork+0x116/0x1d0 [ 14.254224] ret_from_fork_asm+0x1a/0x30 [ 14.254436] [ 14.254539] The buggy address belongs to the object at ffff888102fa7d80 [ 14.254539] which belongs to the cache kmalloc-64 of size 64 [ 14.255044] The buggy address is located 0 bytes to the right of [ 14.255044] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.255533] [ 14.255640] The buggy address belongs to the physical page: [ 14.255890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.256143] flags: 0x200000000000000(node=0|zone=2) [ 14.256313] page_type: f5(slab) [ 14.256440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.256724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.257210] page dumped because: kasan: bad access detected [ 14.257468] [ 14.257570] Memory state around the buggy address: [ 14.257877] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.258105] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.258329] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.258556] ^ [ 14.258930] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.259264] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.259595] ================================================================== [ 14.540641] ================================================================== [ 14.541104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.541438] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.541708] [ 14.541860] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.541907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.541921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.541942] Call Trace: [ 14.541959] <TASK> [ 14.541976] dump_stack_lvl+0x73/0xb0 [ 14.542001] print_report+0xd1/0x650 [ 14.542024] ? __virt_addr_valid+0x1db/0x2d0 [ 14.542048] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.542071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.542097] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.542122] kasan_report+0x141/0x180 [ 14.542146] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.542175] __asan_report_load8_noabort+0x18/0x20 [ 14.542198] kasan_atomics_helper+0x4f71/0x5450 [ 14.542223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.542250] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.542274] ? kasan_atomics+0x152/0x310 [ 14.542299] kasan_atomics+0x1dc/0x310 [ 14.542320] ? __pfx_kasan_atomics+0x10/0x10 [ 14.542363] ? __pfx_read_tsc+0x10/0x10 [ 14.542387] ? ktime_get_ts64+0x86/0x230 [ 14.542413] kunit_try_run_case+0x1a5/0x480 [ 14.542436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.542457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.542483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.542510] ? __kthread_parkme+0x82/0x180 [ 14.542536] ? preempt_count_sub+0x50/0x80 [ 14.542561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.542584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.542619] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.542645] kthread+0x337/0x6f0 [ 14.542666] ? trace_preempt_on+0x20/0xc0 [ 14.542689] ? __pfx_kthread+0x10/0x10 [ 14.542711] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.542734] ? calculate_sigpending+0x7b/0xa0 [ 14.542759] ? __pfx_kthread+0x10/0x10 [ 14.542781] ret_from_fork+0x116/0x1d0 [ 14.542801] ? __pfx_kthread+0x10/0x10 [ 14.542823] ret_from_fork_asm+0x1a/0x30 [ 14.542855] </TASK> [ 14.542866] [ 14.550529] Allocated by task 282: [ 14.550744] kasan_save_stack+0x45/0x70 [ 14.550949] kasan_save_track+0x18/0x40 [ 14.551239] kasan_save_alloc_info+0x3b/0x50 [ 14.551438] __kasan_kmalloc+0xb7/0xc0 [ 14.551578] __kmalloc_cache_noprof+0x189/0x420 [ 14.551745] kasan_atomics+0x95/0x310 [ 14.551946] kunit_try_run_case+0x1a5/0x480 [ 14.552180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.552443] kthread+0x337/0x6f0 [ 14.552644] ret_from_fork+0x116/0x1d0 [ 14.552849] ret_from_fork_asm+0x1a/0x30 [ 14.553026] [ 14.553146] The buggy address belongs to the object at ffff888102fa7d80 [ 14.553146] which belongs to the cache kmalloc-64 of size 64 [ 14.553551] The buggy address is located 0 bytes to the right of [ 14.553551] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.554031] [ 14.554130] The buggy address belongs to the physical page: [ 14.554387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.554941] flags: 0x200000000000000(node=0|zone=2) [ 14.555113] page_type: f5(slab) [ 14.555265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.555624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.556086] page dumped because: kasan: bad access detected [ 14.556341] [ 14.556438] Memory state around the buggy address: [ 14.556656] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.556962] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.557187] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.557507] ^ [ 14.557769] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558047] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558293] ================================================================== [ 13.285451] ================================================================== [ 13.286079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.286730] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.287967] [ 13.288073] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.288124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.288137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.288160] Call Trace: [ 13.288174] <TASK> [ 13.288190] dump_stack_lvl+0x73/0xb0 [ 13.288221] print_report+0xd1/0x650 [ 13.288244] ? __virt_addr_valid+0x1db/0x2d0 [ 13.288268] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.288290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.288313] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.288336] kasan_report+0x141/0x180 [ 13.288358] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.288385] __asan_report_load4_noabort+0x18/0x20 [ 13.288406] kasan_atomics_helper+0x4bbc/0x5450 [ 13.288429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.288452] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.288474] ? kasan_atomics+0x152/0x310 [ 13.288497] kasan_atomics+0x1dc/0x310 [ 13.288516] ? __pfx_kasan_atomics+0x10/0x10 [ 13.288537] ? __pfx_read_tsc+0x10/0x10 [ 13.288559] ? ktime_get_ts64+0x86/0x230 [ 13.288585] kunit_try_run_case+0x1a5/0x480 [ 13.288607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.288643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.288668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.288693] ? __kthread_parkme+0x82/0x180 [ 13.288713] ? preempt_count_sub+0x50/0x80 [ 13.288737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.288758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.288783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.288810] kthread+0x337/0x6f0 [ 13.288831] ? trace_preempt_on+0x20/0xc0 [ 13.288854] ? __pfx_kthread+0x10/0x10 [ 13.288875] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.288898] ? calculate_sigpending+0x7b/0xa0 [ 13.288922] ? __pfx_kthread+0x10/0x10 [ 13.288945] ret_from_fork+0x116/0x1d0 [ 13.289026] ? __pfx_kthread+0x10/0x10 [ 13.289047] ret_from_fork_asm+0x1a/0x30 [ 13.289091] </TASK> [ 13.289103] [ 13.298996] Allocated by task 282: [ 13.299329] kasan_save_stack+0x45/0x70 [ 13.299550] kasan_save_track+0x18/0x40 [ 13.299916] kasan_save_alloc_info+0x3b/0x50 [ 13.300246] __kasan_kmalloc+0xb7/0xc0 [ 13.300431] __kmalloc_cache_noprof+0x189/0x420 [ 13.300666] kasan_atomics+0x95/0x310 [ 13.300986] kunit_try_run_case+0x1a5/0x480 [ 13.301264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.301795] kthread+0x337/0x6f0 [ 13.302065] ret_from_fork+0x116/0x1d0 [ 13.302244] ret_from_fork_asm+0x1a/0x30 [ 13.302447] [ 13.302672] The buggy address belongs to the object at ffff888102fa7d80 [ 13.302672] which belongs to the cache kmalloc-64 of size 64 [ 13.303359] The buggy address is located 0 bytes to the right of [ 13.303359] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.304231] [ 13.304328] The buggy address belongs to the physical page: [ 13.304584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.305017] flags: 0x200000000000000(node=0|zone=2) [ 13.305237] page_type: f5(slab) [ 13.305409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.305953] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.306384] page dumped because: kasan: bad access detected [ 13.306840] [ 13.306940] Memory state around the buggy address: [ 13.307163] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.307546] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.308072] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.308434] ^ [ 13.308705] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309050] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309383] ================================================================== [ 14.359606] ================================================================== [ 14.359953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.360260] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.360522] [ 14.360622] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.360668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.360681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.360703] Call Trace: [ 14.360718] <TASK> [ 14.360733] dump_stack_lvl+0x73/0xb0 [ 14.360759] print_report+0xd1/0x650 [ 14.360782] ? __virt_addr_valid+0x1db/0x2d0 [ 14.360820] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.360843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.360868] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.360892] kasan_report+0x141/0x180 [ 14.360916] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.360944] kasan_check_range+0x10c/0x1c0 [ 14.360969] __kasan_check_write+0x18/0x20 [ 14.360990] kasan_atomics_helper+0x1a7f/0x5450 [ 14.361015] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.361038] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.361061] ? kasan_atomics+0x152/0x310 [ 14.361085] kasan_atomics+0x1dc/0x310 [ 14.361105] ? __pfx_kasan_atomics+0x10/0x10 [ 14.361127] ? __pfx_read_tsc+0x10/0x10 [ 14.361149] ? ktime_get_ts64+0x86/0x230 [ 14.361176] kunit_try_run_case+0x1a5/0x480 [ 14.361198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361219] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.361244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.361270] ? __kthread_parkme+0x82/0x180 [ 14.361291] ? preempt_count_sub+0x50/0x80 [ 14.361315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.361337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.361362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.361388] kthread+0x337/0x6f0 [ 14.361409] ? trace_preempt_on+0x20/0xc0 [ 14.361434] ? __pfx_kthread+0x10/0x10 [ 14.361456] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.361479] ? calculate_sigpending+0x7b/0xa0 [ 14.361504] ? __pfx_kthread+0x10/0x10 [ 14.361526] ret_from_fork+0x116/0x1d0 [ 14.361546] ? __pfx_kthread+0x10/0x10 [ 14.361567] ret_from_fork_asm+0x1a/0x30 [ 14.361598] </TASK> [ 14.361619] [ 14.369399] Allocated by task 282: [ 14.369586] kasan_save_stack+0x45/0x70 [ 14.369823] kasan_save_track+0x18/0x40 [ 14.370029] kasan_save_alloc_info+0x3b/0x50 [ 14.370242] __kasan_kmalloc+0xb7/0xc0 [ 14.370426] __kmalloc_cache_noprof+0x189/0x420 [ 14.370652] kasan_atomics+0x95/0x310 [ 14.370854] kunit_try_run_case+0x1a5/0x480 [ 14.371045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.371281] kthread+0x337/0x6f0 [ 14.371433] ret_from_fork+0x116/0x1d0 [ 14.371602] ret_from_fork_asm+0x1a/0x30 [ 14.371760] [ 14.371873] The buggy address belongs to the object at ffff888102fa7d80 [ 14.371873] which belongs to the cache kmalloc-64 of size 64 [ 14.372382] The buggy address is located 0 bytes to the right of [ 14.372382] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.372950] [ 14.373038] The buggy address belongs to the physical page: [ 14.373240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.373587] flags: 0x200000000000000(node=0|zone=2) [ 14.373768] page_type: f5(slab) [ 14.373944] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.374283] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.374525] page dumped because: kasan: bad access detected [ 14.374799] [ 14.374897] Memory state around the buggy address: [ 14.375126] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.375388] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.375622] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.376033] ^ [ 14.376260] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.376585] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.376914] ================================================================== [ 14.521775] ================================================================== [ 14.522130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.522798] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.523138] [ 14.523224] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.523270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.523283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.523306] Call Trace: [ 14.523321] <TASK> [ 14.523337] dump_stack_lvl+0x73/0xb0 [ 14.523363] print_report+0xd1/0x650 [ 14.523388] ? __virt_addr_valid+0x1db/0x2d0 [ 14.523412] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.523458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.523484] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.523508] kasan_report+0x141/0x180 [ 14.523532] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.523583] kasan_check_range+0x10c/0x1c0 [ 14.523620] __kasan_check_write+0x18/0x20 [ 14.523642] kasan_atomics_helper+0x1f43/0x5450 [ 14.523667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.523692] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.523714] ? kasan_atomics+0x152/0x310 [ 14.523738] kasan_atomics+0x1dc/0x310 [ 14.523758] ? __pfx_kasan_atomics+0x10/0x10 [ 14.523795] ? __pfx_read_tsc+0x10/0x10 [ 14.523817] ? ktime_get_ts64+0x86/0x230 [ 14.523844] kunit_try_run_case+0x1a5/0x480 [ 14.523866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.523887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.523913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.523939] ? __kthread_parkme+0x82/0x180 [ 14.523961] ? preempt_count_sub+0x50/0x80 [ 14.523985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.524007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.524059] kthread+0x337/0x6f0 [ 14.524079] ? trace_preempt_on+0x20/0xc0 [ 14.524103] ? __pfx_kthread+0x10/0x10 [ 14.524125] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.524149] ? calculate_sigpending+0x7b/0xa0 [ 14.524174] ? __pfx_kthread+0x10/0x10 [ 14.524211] ret_from_fork+0x116/0x1d0 [ 14.524231] ? __pfx_kthread+0x10/0x10 [ 14.524253] ret_from_fork_asm+0x1a/0x30 [ 14.524284] </TASK> [ 14.524295] [ 14.532094] Allocated by task 282: [ 14.532281] kasan_save_stack+0x45/0x70 [ 14.532498] kasan_save_track+0x18/0x40 [ 14.532732] kasan_save_alloc_info+0x3b/0x50 [ 14.532958] __kasan_kmalloc+0xb7/0xc0 [ 14.533099] __kmalloc_cache_noprof+0x189/0x420 [ 14.533343] kasan_atomics+0x95/0x310 [ 14.533530] kunit_try_run_case+0x1a5/0x480 [ 14.533734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.534079] kthread+0x337/0x6f0 [ 14.534207] ret_from_fork+0x116/0x1d0 [ 14.534345] ret_from_fork_asm+0x1a/0x30 [ 14.534489] [ 14.534569] The buggy address belongs to the object at ffff888102fa7d80 [ 14.534569] which belongs to the cache kmalloc-64 of size 64 [ 14.535123] The buggy address is located 0 bytes to the right of [ 14.535123] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.535992] [ 14.536067] The buggy address belongs to the physical page: [ 14.536247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.536577] flags: 0x200000000000000(node=0|zone=2) [ 14.536880] page_type: f5(slab) [ 14.537075] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.537427] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.537758] page dumped because: kasan: bad access detected [ 14.537938] [ 14.538012] Memory state around the buggy address: [ 14.538241] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.538663] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.538987] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.539211] ^ [ 14.539400] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.539745] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.540105] ================================================================== [ 14.653261] ================================================================== [ 14.653620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.654117] Write of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.654413] [ 14.654525] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.654574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.654588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.654621] Call Trace: [ 14.654636] <TASK> [ 14.654652] dump_stack_lvl+0x73/0xb0 [ 14.654677] print_report+0xd1/0x650 [ 14.654701] ? __virt_addr_valid+0x1db/0x2d0 [ 14.654725] ? kasan_atomics_helper+0x218a/0x5450 [ 14.654748] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.654794] ? kasan_atomics_helper+0x218a/0x5450 [ 14.654818] kasan_report+0x141/0x180 [ 14.654841] ? kasan_atomics_helper+0x218a/0x5450 [ 14.654869] kasan_check_range+0x10c/0x1c0 [ 14.654895] __kasan_check_write+0x18/0x20 [ 14.654916] kasan_atomics_helper+0x218a/0x5450 [ 14.654941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.654965] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.654988] ? kasan_atomics+0x152/0x310 [ 14.655012] kasan_atomics+0x1dc/0x310 [ 14.655032] ? __pfx_kasan_atomics+0x10/0x10 [ 14.655055] ? __pfx_read_tsc+0x10/0x10 [ 14.655077] ? ktime_get_ts64+0x86/0x230 [ 14.655102] kunit_try_run_case+0x1a5/0x480 [ 14.655124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.655170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.655198] ? __kthread_parkme+0x82/0x180 [ 14.655219] ? preempt_count_sub+0x50/0x80 [ 14.655244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.655292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.655318] kthread+0x337/0x6f0 [ 14.655339] ? trace_preempt_on+0x20/0xc0 [ 14.655362] ? __pfx_kthread+0x10/0x10 [ 14.655384] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.655409] ? calculate_sigpending+0x7b/0xa0 [ 14.655434] ? __pfx_kthread+0x10/0x10 [ 14.655457] ret_from_fork+0x116/0x1d0 [ 14.655476] ? __pfx_kthread+0x10/0x10 [ 14.655497] ret_from_fork_asm+0x1a/0x30 [ 14.655529] </TASK> [ 14.655540] [ 14.662992] Allocated by task 282: [ 14.663133] kasan_save_stack+0x45/0x70 [ 14.663339] kasan_save_track+0x18/0x40 [ 14.663535] kasan_save_alloc_info+0x3b/0x50 [ 14.663775] __kasan_kmalloc+0xb7/0xc0 [ 14.663917] __kmalloc_cache_noprof+0x189/0x420 [ 14.664125] kasan_atomics+0x95/0x310 [ 14.664313] kunit_try_run_case+0x1a5/0x480 [ 14.664522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.664786] kthread+0x337/0x6f0 [ 14.664916] ret_from_fork+0x116/0x1d0 [ 14.665103] ret_from_fork_asm+0x1a/0x30 [ 14.665305] [ 14.665404] The buggy address belongs to the object at ffff888102fa7d80 [ 14.665404] which belongs to the cache kmalloc-64 of size 64 [ 14.665945] The buggy address is located 0 bytes to the right of [ 14.665945] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.666382] [ 14.666457] The buggy address belongs to the physical page: [ 14.667371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.667693] flags: 0x200000000000000(node=0|zone=2) [ 14.667935] page_type: f5(slab) [ 14.668075] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.668400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.668721] page dumped because: kasan: bad access detected [ 14.668953] [ 14.669040] Memory state around the buggy address: [ 14.669246] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.669541] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.670719] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.671151] ^ [ 14.671466] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.671873] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.672152] ================================================================== [ 13.714755] ================================================================== [ 13.715119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 13.715427] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.715732] [ 13.715891] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.715936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.715950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.715971] Call Trace: [ 13.715987] <TASK> [ 13.716002] dump_stack_lvl+0x73/0xb0 [ 13.716027] print_report+0xd1/0x650 [ 13.716051] ? __virt_addr_valid+0x1db/0x2d0 [ 13.716073] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.716096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.716121] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.716144] kasan_report+0x141/0x180 [ 13.716168] ? kasan_atomics_helper+0xb6a/0x5450 [ 13.716196] kasan_check_range+0x10c/0x1c0 [ 13.716221] __kasan_check_write+0x18/0x20 [ 13.716242] kasan_atomics_helper+0xb6a/0x5450 [ 13.716266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.716290] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.716313] ? kasan_atomics+0x152/0x310 [ 13.716336] kasan_atomics+0x1dc/0x310 [ 13.716356] ? __pfx_kasan_atomics+0x10/0x10 [ 13.716379] ? __pfx_read_tsc+0x10/0x10 [ 13.716401] ? ktime_get_ts64+0x86/0x230 [ 13.716426] kunit_try_run_case+0x1a5/0x480 [ 13.716448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.716471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.716497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.716523] ? __kthread_parkme+0x82/0x180 [ 13.716544] ? preempt_count_sub+0x50/0x80 [ 13.716580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.716603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.717217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.717243] kthread+0x337/0x6f0 [ 13.717263] ? trace_preempt_on+0x20/0xc0 [ 13.717287] ? __pfx_kthread+0x10/0x10 [ 13.717309] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.717333] ? calculate_sigpending+0x7b/0xa0 [ 13.717377] ? __pfx_kthread+0x10/0x10 [ 13.717399] ret_from_fork+0x116/0x1d0 [ 13.717419] ? __pfx_kthread+0x10/0x10 [ 13.717440] ret_from_fork_asm+0x1a/0x30 [ 13.717472] </TASK> [ 13.717483] [ 13.727042] Allocated by task 282: [ 13.727188] kasan_save_stack+0x45/0x70 [ 13.727347] kasan_save_track+0x18/0x40 [ 13.727490] kasan_save_alloc_info+0x3b/0x50 [ 13.727706] __kasan_kmalloc+0xb7/0xc0 [ 13.728047] __kmalloc_cache_noprof+0x189/0x420 [ 13.728505] kasan_atomics+0x95/0x310 [ 13.729142] kunit_try_run_case+0x1a5/0x480 [ 13.729634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.730169] kthread+0x337/0x6f0 [ 13.730645] ret_from_fork+0x116/0x1d0 [ 13.731148] ret_from_fork_asm+0x1a/0x30 [ 13.731577] [ 13.731781] The buggy address belongs to the object at ffff888102fa7d80 [ 13.731781] which belongs to the cache kmalloc-64 of size 64 [ 13.733218] The buggy address is located 0 bytes to the right of [ 13.733218] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.734493] [ 13.734680] The buggy address belongs to the physical page: [ 13.735317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.736227] flags: 0x200000000000000(node=0|zone=2) [ 13.736928] page_type: f5(slab) [ 13.737253] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.737991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.738818] page dumped because: kasan: bad access detected [ 13.739390] [ 13.739556] Memory state around the buggy address: [ 13.740084] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.740731] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.741340] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.741570] ^ [ 13.742075] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742807] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.743471] ================================================================== [ 13.871054] ================================================================== [ 13.871340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 13.871670] Write of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.872261] [ 13.872354] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.872401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.872415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.872436] Call Trace: [ 13.872454] <TASK> [ 13.872471] dump_stack_lvl+0x73/0xb0 [ 13.872496] print_report+0xd1/0x650 [ 13.872519] ? __virt_addr_valid+0x1db/0x2d0 [ 13.872543] ? kasan_atomics_helper+0xf10/0x5450 [ 13.872566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.872589] ? kasan_atomics_helper+0xf10/0x5450 [ 13.872627] kasan_report+0x141/0x180 [ 13.872651] ? kasan_atomics_helper+0xf10/0x5450 [ 13.872679] kasan_check_range+0x10c/0x1c0 [ 13.872705] __kasan_check_write+0x18/0x20 [ 13.872726] kasan_atomics_helper+0xf10/0x5450 [ 13.872751] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.872793] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.872816] ? kasan_atomics+0x152/0x310 [ 13.872841] kasan_atomics+0x1dc/0x310 [ 13.872861] ? __pfx_kasan_atomics+0x10/0x10 [ 13.872883] ? __pfx_read_tsc+0x10/0x10 [ 13.872906] ? ktime_get_ts64+0x86/0x230 [ 13.872930] kunit_try_run_case+0x1a5/0x480 [ 13.872953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.872974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.873000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.873025] ? __kthread_parkme+0x82/0x180 [ 13.873047] ? preempt_count_sub+0x50/0x80 [ 13.873071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.873093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.873119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.873146] kthread+0x337/0x6f0 [ 13.873166] ? trace_preempt_on+0x20/0xc0 [ 13.873190] ? __pfx_kthread+0x10/0x10 [ 13.873213] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.873236] ? calculate_sigpending+0x7b/0xa0 [ 13.873260] ? __pfx_kthread+0x10/0x10 [ 13.873282] ret_from_fork+0x116/0x1d0 [ 13.873302] ? __pfx_kthread+0x10/0x10 [ 13.873323] ret_from_fork_asm+0x1a/0x30 [ 13.873355] </TASK> [ 13.873367] [ 13.881686] Allocated by task 282: [ 13.881858] kasan_save_stack+0x45/0x70 [ 13.882010] kasan_save_track+0x18/0x40 [ 13.882151] kasan_save_alloc_info+0x3b/0x50 [ 13.882303] __kasan_kmalloc+0xb7/0xc0 [ 13.882822] __kmalloc_cache_noprof+0x189/0x420 [ 13.883060] kasan_atomics+0x95/0x310 [ 13.883248] kunit_try_run_case+0x1a5/0x480 [ 13.883462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.883733] kthread+0x337/0x6f0 [ 13.884075] ret_from_fork+0x116/0x1d0 [ 13.884272] ret_from_fork_asm+0x1a/0x30 [ 13.884418] [ 13.884495] The buggy address belongs to the object at ffff888102fa7d80 [ 13.884495] which belongs to the cache kmalloc-64 of size 64 [ 13.884938] The buggy address is located 0 bytes to the right of [ 13.884938] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.885778] [ 13.885882] The buggy address belongs to the physical page: [ 13.886066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.886314] flags: 0x200000000000000(node=0|zone=2) [ 13.886539] page_type: f5(slab) [ 13.886707] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.886996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.887303] page dumped because: kasan: bad access detected [ 13.887525] [ 13.887891] Memory state around the buggy address: [ 13.888132] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.888435] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.888850] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.889159] ^ [ 13.889356] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.889586] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.889936] ================================================================== [ 14.634889] ================================================================== [ 14.635441] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.636442] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.636972] [ 14.637094] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.637141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.637155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.637177] Call Trace: [ 14.637194] <TASK> [ 14.637210] dump_stack_lvl+0x73/0xb0 [ 14.637237] print_report+0xd1/0x650 [ 14.637260] ? __virt_addr_valid+0x1db/0x2d0 [ 14.637283] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.637307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.637332] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.637356] kasan_report+0x141/0x180 [ 14.637380] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.637409] __asan_report_load8_noabort+0x18/0x20 [ 14.637431] kasan_atomics_helper+0x4fb2/0x5450 [ 14.637455] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.637480] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.637503] ? kasan_atomics+0x152/0x310 [ 14.637527] kasan_atomics+0x1dc/0x310 [ 14.637548] ? __pfx_kasan_atomics+0x10/0x10 [ 14.637570] ? __pfx_read_tsc+0x10/0x10 [ 14.637593] ? ktime_get_ts64+0x86/0x230 [ 14.637632] kunit_try_run_case+0x1a5/0x480 [ 14.637655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.637702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.637729] ? __kthread_parkme+0x82/0x180 [ 14.637751] ? preempt_count_sub+0x50/0x80 [ 14.637798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.637822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.637848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.637874] kthread+0x337/0x6f0 [ 14.637894] ? trace_preempt_on+0x20/0xc0 [ 14.637919] ? __pfx_kthread+0x10/0x10 [ 14.637941] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.637965] ? calculate_sigpending+0x7b/0xa0 [ 14.637990] ? __pfx_kthread+0x10/0x10 [ 14.638012] ret_from_fork+0x116/0x1d0 [ 14.638032] ? __pfx_kthread+0x10/0x10 [ 14.638053] ret_from_fork_asm+0x1a/0x30 [ 14.638084] </TASK> [ 14.638095] [ 14.645451] Allocated by task 282: [ 14.645623] kasan_save_stack+0x45/0x70 [ 14.645849] kasan_save_track+0x18/0x40 [ 14.646010] kasan_save_alloc_info+0x3b/0x50 [ 14.646163] __kasan_kmalloc+0xb7/0xc0 [ 14.646312] __kmalloc_cache_noprof+0x189/0x420 [ 14.646552] kasan_atomics+0x95/0x310 [ 14.646751] kunit_try_run_case+0x1a5/0x480 [ 14.646950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647134] kthread+0x337/0x6f0 [ 14.647305] ret_from_fork+0x116/0x1d0 [ 14.647497] ret_from_fork_asm+0x1a/0x30 [ 14.647711] [ 14.647842] The buggy address belongs to the object at ffff888102fa7d80 [ 14.647842] which belongs to the cache kmalloc-64 of size 64 [ 14.648329] The buggy address is located 0 bytes to the right of [ 14.648329] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.648870] [ 14.648964] The buggy address belongs to the physical page: [ 14.649215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.649534] flags: 0x200000000000000(node=0|zone=2) [ 14.649714] page_type: f5(slab) [ 14.649862] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.650103] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.650418] page dumped because: kasan: bad access detected [ 14.650690] [ 14.650814] Memory state around the buggy address: [ 14.651041] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.651305] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.651531] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.651779] ^ [ 14.652016] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.652350] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.652699] ================================================================== [ 13.952588] ================================================================== [ 13.953064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 13.953385] Read of size 4 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 13.953662] [ 13.953863] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.953910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.953923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.953945] Call Trace: [ 13.953961] <TASK> [ 13.953978] dump_stack_lvl+0x73/0xb0 [ 13.954004] print_report+0xd1/0x650 [ 13.954028] ? __virt_addr_valid+0x1db/0x2d0 [ 13.954051] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.954074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.954098] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.954122] kasan_report+0x141/0x180 [ 13.954145] ? kasan_atomics_helper+0x4a1c/0x5450 [ 13.954174] __asan_report_load4_noabort+0x18/0x20 [ 13.954196] kasan_atomics_helper+0x4a1c/0x5450 [ 13.954220] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.954245] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.954268] ? kasan_atomics+0x152/0x310 [ 13.954292] kasan_atomics+0x1dc/0x310 [ 13.954312] ? __pfx_kasan_atomics+0x10/0x10 [ 13.954334] ? __pfx_read_tsc+0x10/0x10 [ 13.954356] ? ktime_get_ts64+0x86/0x230 [ 13.954382] kunit_try_run_case+0x1a5/0x480 [ 13.954404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.954425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.954451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.954476] ? __kthread_parkme+0x82/0x180 [ 13.954498] ? preempt_count_sub+0x50/0x80 [ 13.954523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.954552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.954578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.954603] kthread+0x337/0x6f0 [ 13.954635] ? trace_preempt_on+0x20/0xc0 [ 13.954659] ? __pfx_kthread+0x10/0x10 [ 13.954681] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.954704] ? calculate_sigpending+0x7b/0xa0 [ 13.954729] ? __pfx_kthread+0x10/0x10 [ 13.954853] ret_from_fork+0x116/0x1d0 [ 13.954874] ? __pfx_kthread+0x10/0x10 [ 13.954896] ret_from_fork_asm+0x1a/0x30 [ 13.954929] </TASK> [ 13.954941] [ 13.963142] Allocated by task 282: [ 13.963335] kasan_save_stack+0x45/0x70 [ 13.963535] kasan_save_track+0x18/0x40 [ 13.963719] kasan_save_alloc_info+0x3b/0x50 [ 13.964108] __kasan_kmalloc+0xb7/0xc0 [ 13.964279] __kmalloc_cache_noprof+0x189/0x420 [ 13.964506] kasan_atomics+0x95/0x310 [ 13.964663] kunit_try_run_case+0x1a5/0x480 [ 13.964926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.965201] kthread+0x337/0x6f0 [ 13.965381] ret_from_fork+0x116/0x1d0 [ 13.965573] ret_from_fork_asm+0x1a/0x30 [ 13.965837] [ 13.965917] The buggy address belongs to the object at ffff888102fa7d80 [ 13.965917] which belongs to the cache kmalloc-64 of size 64 [ 13.966395] The buggy address is located 0 bytes to the right of [ 13.966395] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 13.967077] [ 13.967180] The buggy address belongs to the physical page: [ 13.967363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 13.967682] flags: 0x200000000000000(node=0|zone=2) [ 13.968097] page_type: f5(slab) [ 13.968275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.968569] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.969035] page dumped because: kasan: bad access detected [ 13.969257] [ 13.969356] Memory state around the buggy address: [ 13.969586] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.969941] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970242] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.970570] ^ [ 13.970900] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971195] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971489] ================================================================== [ 14.108023] ================================================================== [ 14.108263] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.108875] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.109207] [ 14.109318] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.109363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.109376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.109398] Call Trace: [ 14.109413] <TASK> [ 14.109430] dump_stack_lvl+0x73/0xb0 [ 14.109457] print_report+0xd1/0x650 [ 14.109480] ? __virt_addr_valid+0x1db/0x2d0 [ 14.109503] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.109526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.109551] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.109574] kasan_report+0x141/0x180 [ 14.109598] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.109639] __asan_report_load8_noabort+0x18/0x20 [ 14.109660] kasan_atomics_helper+0x4eae/0x5450 [ 14.109685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.109710] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.109732] ? kasan_atomics+0x152/0x310 [ 14.109763] kasan_atomics+0x1dc/0x310 [ 14.109783] ? __pfx_kasan_atomics+0x10/0x10 [ 14.109806] ? __pfx_read_tsc+0x10/0x10 [ 14.109828] ? ktime_get_ts64+0x86/0x230 [ 14.109854] kunit_try_run_case+0x1a5/0x480 [ 14.109877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.109898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.109925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.109950] ? __kthread_parkme+0x82/0x180 [ 14.109972] ? preempt_count_sub+0x50/0x80 [ 14.109997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.110019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.110045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.110071] kthread+0x337/0x6f0 [ 14.110091] ? trace_preempt_on+0x20/0xc0 [ 14.110116] ? __pfx_kthread+0x10/0x10 [ 14.110138] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.110162] ? calculate_sigpending+0x7b/0xa0 [ 14.110186] ? __pfx_kthread+0x10/0x10 [ 14.110210] ret_from_fork+0x116/0x1d0 [ 14.110229] ? __pfx_kthread+0x10/0x10 [ 14.110251] ret_from_fork_asm+0x1a/0x30 [ 14.110283] </TASK> [ 14.110294] [ 14.118338] Allocated by task 282: [ 14.118475] kasan_save_stack+0x45/0x70 [ 14.118650] kasan_save_track+0x18/0x40 [ 14.118886] kasan_save_alloc_info+0x3b/0x50 [ 14.119110] __kasan_kmalloc+0xb7/0xc0 [ 14.119306] __kmalloc_cache_noprof+0x189/0x420 [ 14.119528] kasan_atomics+0x95/0x310 [ 14.119849] kunit_try_run_case+0x1a5/0x480 [ 14.120036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120223] kthread+0x337/0x6f0 [ 14.120411] ret_from_fork+0x116/0x1d0 [ 14.120646] ret_from_fork_asm+0x1a/0x30 [ 14.120940] [ 14.121041] The buggy address belongs to the object at ffff888102fa7d80 [ 14.121041] which belongs to the cache kmalloc-64 of size 64 [ 14.121511] The buggy address is located 0 bytes to the right of [ 14.121511] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.122029] [ 14.122132] The buggy address belongs to the physical page: [ 14.122349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.122747] flags: 0x200000000000000(node=0|zone=2) [ 14.122976] page_type: f5(slab) [ 14.123153] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.123483] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.123861] page dumped because: kasan: bad access detected [ 14.124047] [ 14.124121] Memory state around the buggy address: [ 14.124284] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.124691] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.125150] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.125401] ^ [ 14.125565] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.125940] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.126262] ================================================================== [ 14.712855] ================================================================== [ 14.713225] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 14.713536] Read of size 8 at addr ffff888102fa7db0 by task kunit_try_catch/282 [ 14.713901] [ 14.714016] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 14.714060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.714075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.714098] Call Trace: [ 14.714114] <TASK> [ 14.714130] dump_stack_lvl+0x73/0xb0 [ 14.714156] print_report+0xd1/0x650 [ 14.714179] ? __virt_addr_valid+0x1db/0x2d0 [ 14.714202] ? kasan_atomics_helper+0x5115/0x5450 [ 14.714226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.714250] ? kasan_atomics_helper+0x5115/0x5450 [ 14.714273] kasan_report+0x141/0x180 [ 14.714297] ? kasan_atomics_helper+0x5115/0x5450 [ 14.714325] __asan_report_load8_noabort+0x18/0x20 [ 14.714347] kasan_atomics_helper+0x5115/0x5450 [ 14.714372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.714395] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.714418] ? kasan_atomics+0x152/0x310 [ 14.714442] kasan_atomics+0x1dc/0x310 [ 14.714463] ? __pfx_kasan_atomics+0x10/0x10 [ 14.714485] ? __pfx_read_tsc+0x10/0x10 [ 14.714507] ? ktime_get_ts64+0x86/0x230 [ 14.714539] kunit_try_run_case+0x1a5/0x480 [ 14.714562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.714583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.714619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.714646] ? __kthread_parkme+0x82/0x180 [ 14.714668] ? preempt_count_sub+0x50/0x80 [ 14.714693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.714715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.714741] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.714788] kthread+0x337/0x6f0 [ 14.714809] ? trace_preempt_on+0x20/0xc0 [ 14.714833] ? __pfx_kthread+0x10/0x10 [ 14.714856] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.714880] ? calculate_sigpending+0x7b/0xa0 [ 14.714905] ? __pfx_kthread+0x10/0x10 [ 14.714928] ret_from_fork+0x116/0x1d0 [ 14.714948] ? __pfx_kthread+0x10/0x10 [ 14.714971] ret_from_fork_asm+0x1a/0x30 [ 14.715001] </TASK> [ 14.715013] [ 14.722089] Allocated by task 282: [ 14.722272] kasan_save_stack+0x45/0x70 [ 14.722476] kasan_save_track+0x18/0x40 [ 14.722696] kasan_save_alloc_info+0x3b/0x50 [ 14.722939] __kasan_kmalloc+0xb7/0xc0 [ 14.723132] __kmalloc_cache_noprof+0x189/0x420 [ 14.723350] kasan_atomics+0x95/0x310 [ 14.723514] kunit_try_run_case+0x1a5/0x480 [ 14.723721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.723986] kthread+0x337/0x6f0 [ 14.724141] ret_from_fork+0x116/0x1d0 [ 14.724288] ret_from_fork_asm+0x1a/0x30 [ 14.724490] [ 14.724588] The buggy address belongs to the object at ffff888102fa7d80 [ 14.724588] which belongs to the cache kmalloc-64 of size 64 [ 14.725087] The buggy address is located 0 bytes to the right of [ 14.725087] allocated 48-byte region [ffff888102fa7d80, ffff888102fa7db0) [ 14.725594] [ 14.725693] The buggy address belongs to the physical page: [ 14.725955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa7 [ 14.726262] flags: 0x200000000000000(node=0|zone=2) [ 14.726462] page_type: f5(slab) [ 14.726590] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.726975] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.727270] page dumped because: kasan: bad access detected [ 14.727464] [ 14.727563] Memory state around the buggy address: [ 14.727826] ffff888102fa7c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.728140] ffff888102fa7d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.728416] >ffff888102fa7d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.728700] ^ [ 14.728932] ffff888102fa7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729224] ffff888102fa7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.729513] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
Automatically assigned
[ 13.143577] ================================================================== [ 13.144063] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.144398] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.144647] [ 13.144803] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.144849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.144861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.144882] Call Trace: [ 13.144896] <TASK> [ 13.144911] dump_stack_lvl+0x73/0xb0 [ 13.144935] print_report+0xd1/0x650 [ 13.144957] ? __virt_addr_valid+0x1db/0x2d0 [ 13.144980] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.145004] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.145027] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.145051] kasan_report+0x141/0x180 [ 13.145074] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.145104] kasan_check_range+0x10c/0x1c0 [ 13.145128] __kasan_check_write+0x18/0x20 [ 13.145148] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.145172] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.145201] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.145221] ? trace_hardirqs_on+0x37/0xe0 [ 13.145242] ? kasan_bitops_generic+0x92/0x1c0 [ 13.145267] kasan_bitops_generic+0x121/0x1c0 [ 13.145288] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.145310] ? __pfx_read_tsc+0x10/0x10 [ 13.145330] ? ktime_get_ts64+0x86/0x230 [ 13.145354] kunit_try_run_case+0x1a5/0x480 [ 13.145375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.145419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.145444] ? __kthread_parkme+0x82/0x180 [ 13.145465] ? preempt_count_sub+0x50/0x80 [ 13.145488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.145534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.145560] kthread+0x337/0x6f0 [ 13.145579] ? trace_preempt_on+0x20/0xc0 [ 13.145601] ? __pfx_kthread+0x10/0x10 [ 13.145634] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.145657] ? calculate_sigpending+0x7b/0xa0 [ 13.145681] ? __pfx_kthread+0x10/0x10 [ 13.145703] ret_from_fork+0x116/0x1d0 [ 13.145721] ? __pfx_kthread+0x10/0x10 [ 13.145742] ret_from_fork_asm+0x1a/0x30 [ 13.146014] </TASK> [ 13.146025] [ 13.155012] Allocated by task 278: [ 13.155296] kasan_save_stack+0x45/0x70 [ 13.155663] kasan_save_track+0x18/0x40 [ 13.156305] kasan_save_alloc_info+0x3b/0x50 [ 13.156626] __kasan_kmalloc+0xb7/0xc0 [ 13.157562] __kmalloc_cache_noprof+0x189/0x420 [ 13.158787] kasan_bitops_generic+0x92/0x1c0 [ 13.159061] kunit_try_run_case+0x1a5/0x480 [ 13.159251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.159507] kthread+0x337/0x6f0 [ 13.159705] ret_from_fork+0x116/0x1d0 [ 13.159876] ret_from_fork_asm+0x1a/0x30 [ 13.160099] [ 13.160175] The buggy address belongs to the object at ffff888102856080 [ 13.160175] which belongs to the cache kmalloc-16 of size 16 [ 13.160696] The buggy address is located 8 bytes inside of [ 13.160696] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.161652] [ 13.161758] The buggy address belongs to the physical page: [ 13.161985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.162565] flags: 0x200000000000000(node=0|zone=2) [ 13.162863] page_type: f5(slab) [ 13.162994] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.163474] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.164440] page dumped because: kasan: bad access detected [ 13.164706] [ 13.165149] Memory state around the buggy address: [ 13.165387] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.165897] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.166327] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.166988] ^ [ 13.167189] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.167465] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.168060] ================================================================== [ 13.082386] ================================================================== [ 13.082798] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.083219] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.083562] [ 13.083684] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.083729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.083742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.083764] Call Trace: [ 13.083780] <TASK> [ 13.083796] dump_stack_lvl+0x73/0xb0 [ 13.083820] print_report+0xd1/0x650 [ 13.084020] ? __virt_addr_valid+0x1db/0x2d0 [ 13.084047] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.084073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.084096] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.084121] kasan_report+0x141/0x180 [ 13.084146] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.084175] kasan_check_range+0x10c/0x1c0 [ 13.084199] __kasan_check_write+0x18/0x20 [ 13.084220] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.084244] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.084274] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.084295] ? trace_hardirqs_on+0x37/0xe0 [ 13.084318] ? kasan_bitops_generic+0x92/0x1c0 [ 13.084342] kasan_bitops_generic+0x121/0x1c0 [ 13.084363] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.084385] ? __pfx_read_tsc+0x10/0x10 [ 13.084406] ? ktime_get_ts64+0x86/0x230 [ 13.084430] kunit_try_run_case+0x1a5/0x480 [ 13.084451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.084471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.084496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.084520] ? __kthread_parkme+0x82/0x180 [ 13.084542] ? preempt_count_sub+0x50/0x80 [ 13.084565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.084587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.084625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.084650] kthread+0x337/0x6f0 [ 13.084671] ? trace_preempt_on+0x20/0xc0 [ 13.084694] ? __pfx_kthread+0x10/0x10 [ 13.084715] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.084738] ? calculate_sigpending+0x7b/0xa0 [ 13.084828] ? __pfx_kthread+0x10/0x10 [ 13.084851] ret_from_fork+0x116/0x1d0 [ 13.084870] ? __pfx_kthread+0x10/0x10 [ 13.084891] ret_from_fork_asm+0x1a/0x30 [ 13.084922] </TASK> [ 13.084934] [ 13.094110] Allocated by task 278: [ 13.094291] kasan_save_stack+0x45/0x70 [ 13.094473] kasan_save_track+0x18/0x40 [ 13.094682] kasan_save_alloc_info+0x3b/0x50 [ 13.094837] __kasan_kmalloc+0xb7/0xc0 [ 13.094976] __kmalloc_cache_noprof+0x189/0x420 [ 13.095133] kasan_bitops_generic+0x92/0x1c0 [ 13.095350] kunit_try_run_case+0x1a5/0x480 [ 13.095641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.095912] kthread+0x337/0x6f0 [ 13.096294] ret_from_fork+0x116/0x1d0 [ 13.096464] ret_from_fork_asm+0x1a/0x30 [ 13.096622] [ 13.096696] The buggy address belongs to the object at ffff888102856080 [ 13.096696] which belongs to the cache kmalloc-16 of size 16 [ 13.097307] The buggy address is located 8 bytes inside of [ 13.097307] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.098076] [ 13.098171] The buggy address belongs to the physical page: [ 13.098404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.098675] flags: 0x200000000000000(node=0|zone=2) [ 13.098843] page_type: f5(slab) [ 13.099059] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.099412] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.099767] page dumped because: kasan: bad access detected [ 13.100030] [ 13.100131] Memory state around the buggy address: [ 13.100359] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.100653] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.101035] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.101299] ^ [ 13.101434] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.101725] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.102240] ================================================================== [ 13.197388] ================================================================== [ 13.197696] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.198588] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.199080] [ 13.199179] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.199224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.199237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.199257] Call Trace: [ 13.199273] <TASK> [ 13.199289] dump_stack_lvl+0x73/0xb0 [ 13.199316] print_report+0xd1/0x650 [ 13.199339] ? __virt_addr_valid+0x1db/0x2d0 [ 13.199669] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.199695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.199719] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.199743] kasan_report+0x141/0x180 [ 13.199785] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.199814] kasan_check_range+0x10c/0x1c0 [ 13.199838] __kasan_check_write+0x18/0x20 [ 13.199858] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.199882] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.199912] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.199934] ? trace_hardirqs_on+0x37/0xe0 [ 13.199955] ? kasan_bitops_generic+0x92/0x1c0 [ 13.199980] kasan_bitops_generic+0x121/0x1c0 [ 13.200001] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.200024] ? __pfx_read_tsc+0x10/0x10 [ 13.200046] ? ktime_get_ts64+0x86/0x230 [ 13.200074] kunit_try_run_case+0x1a5/0x480 [ 13.200096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.200117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.200143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.200169] ? __kthread_parkme+0x82/0x180 [ 13.200191] ? preempt_count_sub+0x50/0x80 [ 13.200215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.200239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.200264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.200290] kthread+0x337/0x6f0 [ 13.200312] ? trace_preempt_on+0x20/0xc0 [ 13.200335] ? __pfx_kthread+0x10/0x10 [ 13.200356] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.200378] ? calculate_sigpending+0x7b/0xa0 [ 13.200403] ? __pfx_kthread+0x10/0x10 [ 13.200425] ret_from_fork+0x116/0x1d0 [ 13.200443] ? __pfx_kthread+0x10/0x10 [ 13.200464] ret_from_fork_asm+0x1a/0x30 [ 13.200494] </TASK> [ 13.200506] [ 13.212719] Allocated by task 278: [ 13.213084] kasan_save_stack+0x45/0x70 [ 13.213300] kasan_save_track+0x18/0x40 [ 13.213487] kasan_save_alloc_info+0x3b/0x50 [ 13.213696] __kasan_kmalloc+0xb7/0xc0 [ 13.214295] __kmalloc_cache_noprof+0x189/0x420 [ 13.214493] kasan_bitops_generic+0x92/0x1c0 [ 13.214734] kunit_try_run_case+0x1a5/0x480 [ 13.215293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.215646] kthread+0x337/0x6f0 [ 13.215785] ret_from_fork+0x116/0x1d0 [ 13.216194] ret_from_fork_asm+0x1a/0x30 [ 13.216399] [ 13.216674] The buggy address belongs to the object at ffff888102856080 [ 13.216674] which belongs to the cache kmalloc-16 of size 16 [ 13.217516] The buggy address is located 8 bytes inside of [ 13.217516] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.218406] [ 13.218492] The buggy address belongs to the physical page: [ 13.218908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.219461] flags: 0x200000000000000(node=0|zone=2) [ 13.219705] page_type: f5(slab) [ 13.220103] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.220428] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.221007] page dumped because: kasan: bad access detected [ 13.221260] [ 13.221342] Memory state around the buggy address: [ 13.221572] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.222094] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.222424] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.222747] ^ [ 13.223286] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.223578] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.224249] ================================================================== [ 13.224960] ================================================================== [ 13.225259] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.225584] Read of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.226037] [ 13.226144] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.226190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.226202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.226224] Call Trace: [ 13.226237] <TASK> [ 13.226254] dump_stack_lvl+0x73/0xb0 [ 13.226280] print_report+0xd1/0x650 [ 13.226303] ? __virt_addr_valid+0x1db/0x2d0 [ 13.226326] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.226350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.226372] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.226397] kasan_report+0x141/0x180 [ 13.226419] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.226449] kasan_check_range+0x10c/0x1c0 [ 13.226473] __kasan_check_read+0x15/0x20 [ 13.226493] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.226517] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.226554] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.226788] ? trace_hardirqs_on+0x37/0xe0 [ 13.226830] ? kasan_bitops_generic+0x92/0x1c0 [ 13.226868] kasan_bitops_generic+0x121/0x1c0 [ 13.226890] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.226913] ? __pfx_read_tsc+0x10/0x10 [ 13.226933] ? ktime_get_ts64+0x86/0x230 [ 13.226957] kunit_try_run_case+0x1a5/0x480 [ 13.226979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.226999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.227024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.227049] ? __kthread_parkme+0x82/0x180 [ 13.227071] ? preempt_count_sub+0x50/0x80 [ 13.227094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.227116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.227140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.227165] kthread+0x337/0x6f0 [ 13.227185] ? trace_preempt_on+0x20/0xc0 [ 13.227207] ? __pfx_kthread+0x10/0x10 [ 13.227228] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.227251] ? calculate_sigpending+0x7b/0xa0 [ 13.227276] ? __pfx_kthread+0x10/0x10 [ 13.227298] ret_from_fork+0x116/0x1d0 [ 13.227317] ? __pfx_kthread+0x10/0x10 [ 13.227338] ret_from_fork_asm+0x1a/0x30 [ 13.227368] </TASK> [ 13.227379] [ 13.240540] Allocated by task 278: [ 13.240727] kasan_save_stack+0x45/0x70 [ 13.241080] kasan_save_track+0x18/0x40 [ 13.241292] kasan_save_alloc_info+0x3b/0x50 [ 13.241514] __kasan_kmalloc+0xb7/0xc0 [ 13.241773] __kmalloc_cache_noprof+0x189/0x420 [ 13.241989] kasan_bitops_generic+0x92/0x1c0 [ 13.242191] kunit_try_run_case+0x1a5/0x480 [ 13.242379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.242660] kthread+0x337/0x6f0 [ 13.242812] ret_from_fork+0x116/0x1d0 [ 13.243442] ret_from_fork_asm+0x1a/0x30 [ 13.243696] [ 13.243807] The buggy address belongs to the object at ffff888102856080 [ 13.243807] which belongs to the cache kmalloc-16 of size 16 [ 13.244526] The buggy address is located 8 bytes inside of [ 13.244526] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.245337] [ 13.245642] The buggy address belongs to the physical page: [ 13.245911] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.246380] flags: 0x200000000000000(node=0|zone=2) [ 13.246721] page_type: f5(slab) [ 13.247108] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.247526] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.247835] page dumped because: kasan: bad access detected [ 13.248294] [ 13.248400] Memory state around the buggy address: [ 13.248994] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.249298] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.249627] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.250305] ^ [ 13.250474] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.251020] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.251463] ================================================================== [ 13.169011] ================================================================== [ 13.169404] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.169999] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.170603] [ 13.170906] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.170957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.170970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.170991] Call Trace: [ 13.171006] <TASK> [ 13.171036] dump_stack_lvl+0x73/0xb0 [ 13.171063] print_report+0xd1/0x650 [ 13.171086] ? __virt_addr_valid+0x1db/0x2d0 [ 13.171109] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.171133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.171156] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.171180] kasan_report+0x141/0x180 [ 13.171203] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.171232] kasan_check_range+0x10c/0x1c0 [ 13.171256] __kasan_check_write+0x18/0x20 [ 13.171276] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.171300] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.171329] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.171349] ? trace_hardirqs_on+0x37/0xe0 [ 13.171371] ? kasan_bitops_generic+0x92/0x1c0 [ 13.171395] kasan_bitops_generic+0x121/0x1c0 [ 13.171417] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.171439] ? __pfx_read_tsc+0x10/0x10 [ 13.171461] ? ktime_get_ts64+0x86/0x230 [ 13.171485] kunit_try_run_case+0x1a5/0x480 [ 13.171508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.171528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.171553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.171577] ? __kthread_parkme+0x82/0x180 [ 13.171599] ? preempt_count_sub+0x50/0x80 [ 13.171637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.171658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.171683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.171708] kthread+0x337/0x6f0 [ 13.171727] ? trace_preempt_on+0x20/0xc0 [ 13.171749] ? __pfx_kthread+0x10/0x10 [ 13.171780] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.171813] ? calculate_sigpending+0x7b/0xa0 [ 13.171837] ? __pfx_kthread+0x10/0x10 [ 13.171859] ret_from_fork+0x116/0x1d0 [ 13.171878] ? __pfx_kthread+0x10/0x10 [ 13.171899] ret_from_fork_asm+0x1a/0x30 [ 13.171929] </TASK> [ 13.171940] [ 13.185346] Allocated by task 278: [ 13.185535] kasan_save_stack+0x45/0x70 [ 13.185965] kasan_save_track+0x18/0x40 [ 13.186174] kasan_save_alloc_info+0x3b/0x50 [ 13.186384] __kasan_kmalloc+0xb7/0xc0 [ 13.186579] __kmalloc_cache_noprof+0x189/0x420 [ 13.186807] kasan_bitops_generic+0x92/0x1c0 [ 13.187007] kunit_try_run_case+0x1a5/0x480 [ 13.187221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.187472] kthread+0x337/0x6f0 [ 13.188244] ret_from_fork+0x116/0x1d0 [ 13.188427] ret_from_fork_asm+0x1a/0x30 [ 13.188921] [ 13.189028] The buggy address belongs to the object at ffff888102856080 [ 13.189028] which belongs to the cache kmalloc-16 of size 16 [ 13.189784] The buggy address is located 8 bytes inside of [ 13.189784] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.190577] [ 13.190681] The buggy address belongs to the physical page: [ 13.191175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.191633] flags: 0x200000000000000(node=0|zone=2) [ 13.192072] page_type: f5(slab) [ 13.192246] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.192949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.193390] page dumped because: kasan: bad access detected [ 13.193649] [ 13.193833] Memory state around the buggy address: [ 13.194075] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.194626] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.195080] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.195404] ^ [ 13.195560] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.196295] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.196560] ================================================================== [ 13.122840] ================================================================== [ 13.123180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.123575] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.124025] [ 13.124139] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.124185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.124197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.124218] Call Trace: [ 13.124234] <TASK> [ 13.124248] dump_stack_lvl+0x73/0xb0 [ 13.124273] print_report+0xd1/0x650 [ 13.124296] ? __virt_addr_valid+0x1db/0x2d0 [ 13.124318] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.124342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.124365] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.124389] kasan_report+0x141/0x180 [ 13.124412] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.124440] kasan_check_range+0x10c/0x1c0 [ 13.124464] __kasan_check_write+0x18/0x20 [ 13.124484] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.124509] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.124538] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.124558] ? trace_hardirqs_on+0x37/0xe0 [ 13.124579] ? kasan_bitops_generic+0x92/0x1c0 [ 13.124604] kasan_bitops_generic+0x121/0x1c0 [ 13.124635] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.124656] ? __pfx_read_tsc+0x10/0x10 [ 13.124677] ? ktime_get_ts64+0x86/0x230 [ 13.124701] kunit_try_run_case+0x1a5/0x480 [ 13.124722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.124742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.124767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.124791] ? __kthread_parkme+0x82/0x180 [ 13.124811] ? preempt_count_sub+0x50/0x80 [ 13.124835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.124857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.124882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.124907] kthread+0x337/0x6f0 [ 13.124927] ? trace_preempt_on+0x20/0xc0 [ 13.124949] ? __pfx_kthread+0x10/0x10 [ 13.124990] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.125012] ? calculate_sigpending+0x7b/0xa0 [ 13.125036] ? __pfx_kthread+0x10/0x10 [ 13.125058] ret_from_fork+0x116/0x1d0 [ 13.125077] ? __pfx_kthread+0x10/0x10 [ 13.125098] ret_from_fork_asm+0x1a/0x30 [ 13.125128] </TASK> [ 13.125138] [ 13.133798] Allocated by task 278: [ 13.133935] kasan_save_stack+0x45/0x70 [ 13.134085] kasan_save_track+0x18/0x40 [ 13.134229] kasan_save_alloc_info+0x3b/0x50 [ 13.134441] __kasan_kmalloc+0xb7/0xc0 [ 13.134755] __kmalloc_cache_noprof+0x189/0x420 [ 13.135220] kasan_bitops_generic+0x92/0x1c0 [ 13.135467] kunit_try_run_case+0x1a5/0x480 [ 13.135696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.136125] kthread+0x337/0x6f0 [ 13.136288] ret_from_fork+0x116/0x1d0 [ 13.136464] ret_from_fork_asm+0x1a/0x30 [ 13.136678] [ 13.136769] The buggy address belongs to the object at ffff888102856080 [ 13.136769] which belongs to the cache kmalloc-16 of size 16 [ 13.137247] The buggy address is located 8 bytes inside of [ 13.137247] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.137912] [ 13.138006] The buggy address belongs to the physical page: [ 13.138220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.138468] flags: 0x200000000000000(node=0|zone=2) [ 13.138654] page_type: f5(slab) [ 13.138782] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.139380] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.139757] page dumped because: kasan: bad access detected [ 13.140799] [ 13.140918] Memory state around the buggy address: [ 13.141151] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.141463] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.141770] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.142176] ^ [ 13.142364] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.142676] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.143144] ================================================================== [ 13.252413] ================================================================== [ 13.253047] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.253716] Read of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.254128] [ 13.254247] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.254293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.254306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.254326] Call Trace: [ 13.254338] <TASK> [ 13.254353] dump_stack_lvl+0x73/0xb0 [ 13.254380] print_report+0xd1/0x650 [ 13.254402] ? __virt_addr_valid+0x1db/0x2d0 [ 13.254425] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.254451] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.254476] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.254500] kasan_report+0x141/0x180 [ 13.254524] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.254557] __asan_report_load8_noabort+0x18/0x20 [ 13.254579] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.254603] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.254644] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.254665] ? trace_hardirqs_on+0x37/0xe0 [ 13.254881] ? kasan_bitops_generic+0x92/0x1c0 [ 13.254910] kasan_bitops_generic+0x121/0x1c0 [ 13.254931] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.254953] ? __pfx_read_tsc+0x10/0x10 [ 13.254975] ? ktime_get_ts64+0x86/0x230 [ 13.254998] kunit_try_run_case+0x1a5/0x480 [ 13.255020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.255040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.255065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.255090] ? __kthread_parkme+0x82/0x180 [ 13.255111] ? preempt_count_sub+0x50/0x80 [ 13.255135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.255156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.255181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.255206] kthread+0x337/0x6f0 [ 13.255225] ? trace_preempt_on+0x20/0xc0 [ 13.255248] ? __pfx_kthread+0x10/0x10 [ 13.255269] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.255292] ? calculate_sigpending+0x7b/0xa0 [ 13.255317] ? __pfx_kthread+0x10/0x10 [ 13.255339] ret_from_fork+0x116/0x1d0 [ 13.255359] ? __pfx_kthread+0x10/0x10 [ 13.255380] ret_from_fork_asm+0x1a/0x30 [ 13.255410] </TASK> [ 13.255421] [ 13.267543] Allocated by task 278: [ 13.268014] kasan_save_stack+0x45/0x70 [ 13.268302] kasan_save_track+0x18/0x40 [ 13.268546] kasan_save_alloc_info+0x3b/0x50 [ 13.269062] __kasan_kmalloc+0xb7/0xc0 [ 13.269269] __kmalloc_cache_noprof+0x189/0x420 [ 13.269451] kasan_bitops_generic+0x92/0x1c0 [ 13.269678] kunit_try_run_case+0x1a5/0x480 [ 13.269885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.270424] kthread+0x337/0x6f0 [ 13.270599] ret_from_fork+0x116/0x1d0 [ 13.270981] ret_from_fork_asm+0x1a/0x30 [ 13.271162] [ 13.271262] The buggy address belongs to the object at ffff888102856080 [ 13.271262] which belongs to the cache kmalloc-16 of size 16 [ 13.271754] The buggy address is located 8 bytes inside of [ 13.271754] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.272236] [ 13.272311] The buggy address belongs to the physical page: [ 13.272559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.273450] flags: 0x200000000000000(node=0|zone=2) [ 13.273645] page_type: f5(slab) [ 13.273778] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.274017] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.274255] page dumped because: kasan: bad access detected [ 13.274429] [ 13.274500] Memory state around the buggy address: [ 13.274672] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.274890] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.275103] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.275317] ^ [ 13.275443] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.275789] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.276040] ================================================================== [ 13.060804] ================================================================== [ 13.061509] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.061919] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.062242] [ 13.062329] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.062373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.062386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.062407] Call Trace: [ 13.062421] <TASK> [ 13.062436] dump_stack_lvl+0x73/0xb0 [ 13.062754] print_report+0xd1/0x650 [ 13.062781] ? __virt_addr_valid+0x1db/0x2d0 [ 13.062805] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.062828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.062997] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.063027] kasan_report+0x141/0x180 [ 13.063050] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.063080] kasan_check_range+0x10c/0x1c0 [ 13.063104] __kasan_check_write+0x18/0x20 [ 13.063125] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.063149] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.063179] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.063200] ? trace_hardirqs_on+0x37/0xe0 [ 13.063223] ? kasan_bitops_generic+0x92/0x1c0 [ 13.063247] kasan_bitops_generic+0x121/0x1c0 [ 13.063268] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.063290] ? __pfx_read_tsc+0x10/0x10 [ 13.063311] ? ktime_get_ts64+0x86/0x230 [ 13.063335] kunit_try_run_case+0x1a5/0x480 [ 13.063357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.063378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.063403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.063428] ? __kthread_parkme+0x82/0x180 [ 13.063449] ? preempt_count_sub+0x50/0x80 [ 13.063472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.063494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.063518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.063543] kthread+0x337/0x6f0 [ 13.063563] ? trace_preempt_on+0x20/0xc0 [ 13.063585] ? __pfx_kthread+0x10/0x10 [ 13.063606] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.063643] ? calculate_sigpending+0x7b/0xa0 [ 13.063675] ? __pfx_kthread+0x10/0x10 [ 13.063697] ret_from_fork+0x116/0x1d0 [ 13.063716] ? __pfx_kthread+0x10/0x10 [ 13.063737] ret_from_fork_asm+0x1a/0x30 [ 13.063778] </TASK> [ 13.063789] [ 13.073453] Allocated by task 278: [ 13.073640] kasan_save_stack+0x45/0x70 [ 13.073895] kasan_save_track+0x18/0x40 [ 13.074097] kasan_save_alloc_info+0x3b/0x50 [ 13.074292] __kasan_kmalloc+0xb7/0xc0 [ 13.074479] __kmalloc_cache_noprof+0x189/0x420 [ 13.074690] kasan_bitops_generic+0x92/0x1c0 [ 13.074901] kunit_try_run_case+0x1a5/0x480 [ 13.075204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.075448] kthread+0x337/0x6f0 [ 13.075599] ret_from_fork+0x116/0x1d0 [ 13.075795] ret_from_fork_asm+0x1a/0x30 [ 13.076164] [ 13.076267] The buggy address belongs to the object at ffff888102856080 [ 13.076267] which belongs to the cache kmalloc-16 of size 16 [ 13.076814] The buggy address is located 8 bytes inside of [ 13.076814] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.077265] [ 13.077339] The buggy address belongs to the physical page: [ 13.077599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.078002] flags: 0x200000000000000(node=0|zone=2) [ 13.078200] page_type: f5(slab) [ 13.078372] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.078722] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.079124] page dumped because: kasan: bad access detected [ 13.079309] [ 13.079381] Memory state around the buggy address: [ 13.079541] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.079875] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.080585] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.080983] ^ [ 13.081149] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.081375] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.081597] ================================================================== [ 13.102736] ================================================================== [ 13.103019] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.103318] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.103661] [ 13.103770] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.103868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.103882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.103903] Call Trace: [ 13.103916] <TASK> [ 13.103941] dump_stack_lvl+0x73/0xb0 [ 13.103968] print_report+0xd1/0x650 [ 13.103990] ? __virt_addr_valid+0x1db/0x2d0 [ 13.104013] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.104038] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.104060] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.104084] kasan_report+0x141/0x180 [ 13.104106] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.104135] kasan_check_range+0x10c/0x1c0 [ 13.104160] __kasan_check_write+0x18/0x20 [ 13.104181] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.104206] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.104235] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.104256] ? trace_hardirqs_on+0x37/0xe0 [ 13.104278] ? kasan_bitops_generic+0x92/0x1c0 [ 13.104302] kasan_bitops_generic+0x121/0x1c0 [ 13.104323] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.104346] ? __pfx_read_tsc+0x10/0x10 [ 13.104367] ? ktime_get_ts64+0x86/0x230 [ 13.104391] kunit_try_run_case+0x1a5/0x480 [ 13.104412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.104433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.104458] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.104483] ? __kthread_parkme+0x82/0x180 [ 13.104504] ? preempt_count_sub+0x50/0x80 [ 13.104527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.104549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.104574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.104599] kthread+0x337/0x6f0 [ 13.104631] ? trace_preempt_on+0x20/0xc0 [ 13.104653] ? __pfx_kthread+0x10/0x10 [ 13.104674] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.104697] ? calculate_sigpending+0x7b/0xa0 [ 13.104720] ? __pfx_kthread+0x10/0x10 [ 13.104743] ret_from_fork+0x116/0x1d0 [ 13.104809] ? __pfx_kthread+0x10/0x10 [ 13.104831] ret_from_fork_asm+0x1a/0x30 [ 13.104861] </TASK> [ 13.104872] [ 13.113782] Allocated by task 278: [ 13.113978] kasan_save_stack+0x45/0x70 [ 13.114184] kasan_save_track+0x18/0x40 [ 13.114689] kasan_save_alloc_info+0x3b/0x50 [ 13.114969] __kasan_kmalloc+0xb7/0xc0 [ 13.115158] __kmalloc_cache_noprof+0x189/0x420 [ 13.115348] kasan_bitops_generic+0x92/0x1c0 [ 13.115504] kunit_try_run_case+0x1a5/0x480 [ 13.115733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.116015] kthread+0x337/0x6f0 [ 13.116175] ret_from_fork+0x116/0x1d0 [ 13.116335] ret_from_fork_asm+0x1a/0x30 [ 13.116539] [ 13.116639] The buggy address belongs to the object at ffff888102856080 [ 13.116639] which belongs to the cache kmalloc-16 of size 16 [ 13.117150] The buggy address is located 8 bytes inside of [ 13.117150] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.117554] [ 13.117638] The buggy address belongs to the physical page: [ 13.117817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.118125] flags: 0x200000000000000(node=0|zone=2) [ 13.118359] page_type: f5(slab) [ 13.118527] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.119417] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.119675] page dumped because: kasan: bad access detected [ 13.120140] [ 13.120238] Memory state around the buggy address: [ 13.120468] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.120865] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.121161] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.121452] ^ [ 13.121628] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.122147] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.122379] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
Automatically assigned
[ 13.008965] ================================================================== [ 13.009286] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.009641] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.009870] [ 13.009978] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.010207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.010220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.010241] Call Trace: [ 13.010255] <TASK> [ 13.010269] dump_stack_lvl+0x73/0xb0 [ 13.010295] print_report+0xd1/0x650 [ 13.010319] ? __virt_addr_valid+0x1db/0x2d0 [ 13.010341] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.010390] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010417] kasan_report+0x141/0x180 [ 13.010440] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010470] kasan_check_range+0x10c/0x1c0 [ 13.010494] __kasan_check_write+0x18/0x20 [ 13.010515] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010548] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.010575] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.010597] ? trace_hardirqs_on+0x37/0xe0 [ 13.010631] ? kasan_bitops_generic+0x92/0x1c0 [ 13.010655] kasan_bitops_generic+0x116/0x1c0 [ 13.010676] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.010697] ? __pfx_read_tsc+0x10/0x10 [ 13.010718] ? ktime_get_ts64+0x86/0x230 [ 13.010742] kunit_try_run_case+0x1a5/0x480 [ 13.010762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.010783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.010874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.010904] ? __kthread_parkme+0x82/0x180 [ 13.010925] ? preempt_count_sub+0x50/0x80 [ 13.010948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.010970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.010995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.011020] kthread+0x337/0x6f0 [ 13.011040] ? trace_preempt_on+0x20/0xc0 [ 13.011063] ? __pfx_kthread+0x10/0x10 [ 13.011084] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.011107] ? calculate_sigpending+0x7b/0xa0 [ 13.011131] ? __pfx_kthread+0x10/0x10 [ 13.011153] ret_from_fork+0x116/0x1d0 [ 13.011171] ? __pfx_kthread+0x10/0x10 [ 13.011192] ret_from_fork_asm+0x1a/0x30 [ 13.011222] </TASK> [ 13.011232] [ 13.022593] Allocated by task 278: [ 13.022906] kasan_save_stack+0x45/0x70 [ 13.023266] kasan_save_track+0x18/0x40 [ 13.023551] kasan_save_alloc_info+0x3b/0x50 [ 13.023730] __kasan_kmalloc+0xb7/0xc0 [ 13.024110] __kmalloc_cache_noprof+0x189/0x420 [ 13.024474] kasan_bitops_generic+0x92/0x1c0 [ 13.024799] kunit_try_run_case+0x1a5/0x480 [ 13.025062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.025435] kthread+0x337/0x6f0 [ 13.025623] ret_from_fork+0x116/0x1d0 [ 13.026182] ret_from_fork_asm+0x1a/0x30 [ 13.026346] [ 13.026450] The buggy address belongs to the object at ffff888102856080 [ 13.026450] which belongs to the cache kmalloc-16 of size 16 [ 13.027240] The buggy address is located 8 bytes inside of [ 13.027240] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.027986] [ 13.028162] The buggy address belongs to the physical page: [ 13.028405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.028939] flags: 0x200000000000000(node=0|zone=2) [ 13.029174] page_type: f5(slab) [ 13.029343] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.029698] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.030442] page dumped because: kasan: bad access detected [ 13.030919] [ 13.031030] Memory state around the buggy address: [ 13.031381] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031701] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.032231] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.032572] ^ [ 13.032761] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033308] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033599] ================================================================== [ 12.900181] ================================================================== [ 12.900500] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.900880] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.901193] [ 12.901307] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.901354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.901367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.901388] Call Trace: [ 12.901405] <TASK> [ 12.901421] dump_stack_lvl+0x73/0xb0 [ 12.901445] print_report+0xd1/0x650 [ 12.901468] ? __virt_addr_valid+0x1db/0x2d0 [ 12.901491] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.901541] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901567] kasan_report+0x141/0x180 [ 12.901590] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901632] kasan_check_range+0x10c/0x1c0 [ 12.901657] __kasan_check_write+0x18/0x20 [ 12.901677] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901703] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.901731] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.901752] ? trace_hardirqs_on+0x37/0xe0 [ 12.901775] ? kasan_bitops_generic+0x92/0x1c0 [ 12.901798] kasan_bitops_generic+0x116/0x1c0 [ 12.901819] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.901840] ? __pfx_read_tsc+0x10/0x10 [ 12.901861] ? ktime_get_ts64+0x86/0x230 [ 12.901885] kunit_try_run_case+0x1a5/0x480 [ 12.901907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.901927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.901951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.902034] ? __kthread_parkme+0x82/0x180 [ 12.902058] ? preempt_count_sub+0x50/0x80 [ 12.902082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.902104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.902128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.902153] kthread+0x337/0x6f0 [ 12.902173] ? trace_preempt_on+0x20/0xc0 [ 12.902194] ? __pfx_kthread+0x10/0x10 [ 12.902216] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.902238] ? calculate_sigpending+0x7b/0xa0 [ 12.902263] ? __pfx_kthread+0x10/0x10 [ 12.902284] ret_from_fork+0x116/0x1d0 [ 12.902303] ? __pfx_kthread+0x10/0x10 [ 12.902324] ret_from_fork_asm+0x1a/0x30 [ 12.902355] </TASK> [ 12.902365] [ 12.911221] Allocated by task 278: [ 12.911450] kasan_save_stack+0x45/0x70 [ 12.911617] kasan_save_track+0x18/0x40 [ 12.912044] kasan_save_alloc_info+0x3b/0x50 [ 12.912281] __kasan_kmalloc+0xb7/0xc0 [ 12.912469] __kmalloc_cache_noprof+0x189/0x420 [ 12.912675] kasan_bitops_generic+0x92/0x1c0 [ 12.912951] kunit_try_run_case+0x1a5/0x480 [ 12.913143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.913400] kthread+0x337/0x6f0 [ 12.913528] ret_from_fork+0x116/0x1d0 [ 12.913707] ret_from_fork_asm+0x1a/0x30 [ 12.913907] [ 12.914003] The buggy address belongs to the object at ffff888102856080 [ 12.914003] which belongs to the cache kmalloc-16 of size 16 [ 12.914538] The buggy address is located 8 bytes inside of [ 12.914538] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.915042] [ 12.915120] The buggy address belongs to the physical page: [ 12.915298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.915681] flags: 0x200000000000000(node=0|zone=2) [ 12.915923] page_type: f5(slab) [ 12.916093] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.916371] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.916606] page dumped because: kasan: bad access detected [ 12.917044] [ 12.917206] Memory state around the buggy address: [ 12.917443] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.917874] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.918214] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.918435] ^ [ 12.918618] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.919022] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.919347] ================================================================== [ 12.985006] ================================================================== [ 12.985342] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.985728] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.986005] [ 12.986090] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.986220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.986237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.986259] Call Trace: [ 12.986275] <TASK> [ 12.986290] dump_stack_lvl+0x73/0xb0 [ 12.986315] print_report+0xd1/0x650 [ 12.986337] ? __virt_addr_valid+0x1db/0x2d0 [ 12.986360] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.986409] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986435] kasan_report+0x141/0x180 [ 12.986457] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986490] kasan_check_range+0x10c/0x1c0 [ 12.986513] __kasan_check_write+0x18/0x20 [ 12.986539] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986566] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.986593] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.986627] ? trace_hardirqs_on+0x37/0xe0 [ 12.986649] ? kasan_bitops_generic+0x92/0x1c0 [ 12.986673] kasan_bitops_generic+0x116/0x1c0 [ 12.986694] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.986717] ? __pfx_read_tsc+0x10/0x10 [ 12.986737] ? ktime_get_ts64+0x86/0x230 [ 12.986761] kunit_try_run_case+0x1a5/0x480 [ 12.986782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.986802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.986827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.986851] ? __kthread_parkme+0x82/0x180 [ 12.986872] ? preempt_count_sub+0x50/0x80 [ 12.986896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.986917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.986941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.987028] kthread+0x337/0x6f0 [ 12.987050] ? trace_preempt_on+0x20/0xc0 [ 12.987072] ? __pfx_kthread+0x10/0x10 [ 12.987093] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.987116] ? calculate_sigpending+0x7b/0xa0 [ 12.987141] ? __pfx_kthread+0x10/0x10 [ 12.987163] ret_from_fork+0x116/0x1d0 [ 12.987181] ? __pfx_kthread+0x10/0x10 [ 12.987201] ret_from_fork_asm+0x1a/0x30 [ 12.987232] </TASK> [ 12.987242] [ 12.999279] Allocated by task 278: [ 12.999463] kasan_save_stack+0x45/0x70 [ 12.999831] kasan_save_track+0x18/0x40 [ 13.000038] kasan_save_alloc_info+0x3b/0x50 [ 13.000241] __kasan_kmalloc+0xb7/0xc0 [ 13.000423] __kmalloc_cache_noprof+0x189/0x420 [ 13.000643] kasan_bitops_generic+0x92/0x1c0 [ 13.001005] kunit_try_run_case+0x1a5/0x480 [ 13.001179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.001402] kthread+0x337/0x6f0 [ 13.001582] ret_from_fork+0x116/0x1d0 [ 13.001770] ret_from_fork_asm+0x1a/0x30 [ 13.002110] [ 13.002219] The buggy address belongs to the object at ffff888102856080 [ 13.002219] which belongs to the cache kmalloc-16 of size 16 [ 13.002683] The buggy address is located 8 bytes inside of [ 13.002683] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.003306] [ 13.003461] The buggy address belongs to the physical page: [ 13.003893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.004163] flags: 0x200000000000000(node=0|zone=2) [ 13.004592] page_type: f5(slab) [ 13.004758] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.005219] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.005495] page dumped because: kasan: bad access detected [ 13.006023] [ 13.006117] Memory state around the buggy address: [ 13.006583] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.006989] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.007232] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.007537] ^ [ 13.007728] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008196] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008472] ================================================================== [ 13.034406] ================================================================== [ 13.034735] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.035152] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.036065] [ 13.036177] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.036225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.036238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.036259] Call Trace: [ 13.036278] <TASK> [ 13.036294] dump_stack_lvl+0x73/0xb0 [ 13.036472] print_report+0xd1/0x650 [ 13.036496] ? __virt_addr_valid+0x1db/0x2d0 [ 13.036519] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.036568] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036595] kasan_report+0x141/0x180 [ 13.036632] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036663] kasan_check_range+0x10c/0x1c0 [ 13.036688] __kasan_check_write+0x18/0x20 [ 13.036708] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036734] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.036831] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.036853] ? trace_hardirqs_on+0x37/0xe0 [ 13.036874] ? kasan_bitops_generic+0x92/0x1c0 [ 13.036899] kasan_bitops_generic+0x116/0x1c0 [ 13.036920] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.036941] ? __pfx_read_tsc+0x10/0x10 [ 13.036962] ? ktime_get_ts64+0x86/0x230 [ 13.036990] kunit_try_run_case+0x1a5/0x480 [ 13.037012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.037057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.037082] ? __kthread_parkme+0x82/0x180 [ 13.037103] ? preempt_count_sub+0x50/0x80 [ 13.037126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.037197] kthread+0x337/0x6f0 [ 13.037216] ? trace_preempt_on+0x20/0xc0 [ 13.037238] ? __pfx_kthread+0x10/0x10 [ 13.037260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.037282] ? calculate_sigpending+0x7b/0xa0 [ 13.037306] ? __pfx_kthread+0x10/0x10 [ 13.037328] ret_from_fork+0x116/0x1d0 [ 13.037347] ? __pfx_kthread+0x10/0x10 [ 13.037369] ret_from_fork_asm+0x1a/0x30 [ 13.037399] </TASK> [ 13.037410] [ 13.049315] Allocated by task 278: [ 13.049568] kasan_save_stack+0x45/0x70 [ 13.049990] kasan_save_track+0x18/0x40 [ 13.050201] kasan_save_alloc_info+0x3b/0x50 [ 13.050370] __kasan_kmalloc+0xb7/0xc0 [ 13.050575] __kmalloc_cache_noprof+0x189/0x420 [ 13.051123] kasan_bitops_generic+0x92/0x1c0 [ 13.051406] kunit_try_run_case+0x1a5/0x480 [ 13.051683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052067] kthread+0x337/0x6f0 [ 13.052249] ret_from_fork+0x116/0x1d0 [ 13.052428] ret_from_fork_asm+0x1a/0x30 [ 13.052593] [ 13.052702] The buggy address belongs to the object at ffff888102856080 [ 13.052702] which belongs to the cache kmalloc-16 of size 16 [ 13.053587] The buggy address is located 8 bytes inside of [ 13.053587] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.054171] [ 13.054600] The buggy address belongs to the physical page: [ 13.054836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.055404] flags: 0x200000000000000(node=0|zone=2) [ 13.055715] page_type: f5(slab) [ 13.055952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.056493] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.056971] page dumped because: kasan: bad access detected [ 13.057225] [ 13.057304] Memory state around the buggy address: [ 13.057518] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.058245] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.058544] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.059038] ^ [ 13.059198] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.059627] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.060067] ================================================================== [ 12.940295] ================================================================== [ 12.940653] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.941238] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.941564] [ 12.941676] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.941723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.941757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.941778] Call Trace: [ 12.941792] <TASK> [ 12.941807] dump_stack_lvl+0x73/0xb0 [ 12.941917] print_report+0xd1/0x650 [ 12.941942] ? __virt_addr_valid+0x1db/0x2d0 [ 12.942071] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.942121] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942165] kasan_report+0x141/0x180 [ 12.942188] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942218] kasan_check_range+0x10c/0x1c0 [ 12.942243] __kasan_check_write+0x18/0x20 [ 12.942263] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942291] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.942318] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.942340] ? trace_hardirqs_on+0x37/0xe0 [ 12.942361] ? kasan_bitops_generic+0x92/0x1c0 [ 12.942385] kasan_bitops_generic+0x116/0x1c0 [ 12.942425] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.942447] ? __pfx_read_tsc+0x10/0x10 [ 12.942468] ? ktime_get_ts64+0x86/0x230 [ 12.942492] kunit_try_run_case+0x1a5/0x480 [ 12.942513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.942564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.942589] ? __kthread_parkme+0x82/0x180 [ 12.942621] ? preempt_count_sub+0x50/0x80 [ 12.942644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.942689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.942714] kthread+0x337/0x6f0 [ 12.942733] ? trace_preempt_on+0x20/0xc0 [ 12.942816] ? __pfx_kthread+0x10/0x10 [ 12.942838] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.942862] ? calculate_sigpending+0x7b/0xa0 [ 12.942884] ? __pfx_kthread+0x10/0x10 [ 12.942907] ret_from_fork+0x116/0x1d0 [ 12.942925] ? __pfx_kthread+0x10/0x10 [ 12.942947] ret_from_fork_asm+0x1a/0x30 [ 12.942977] </TASK> [ 12.942987] [ 12.955239] Allocated by task 278: [ 12.955505] kasan_save_stack+0x45/0x70 [ 12.955703] kasan_save_track+0x18/0x40 [ 12.956151] kasan_save_alloc_info+0x3b/0x50 [ 12.956404] __kasan_kmalloc+0xb7/0xc0 [ 12.956599] __kmalloc_cache_noprof+0x189/0x420 [ 12.957079] kasan_bitops_generic+0x92/0x1c0 [ 12.957381] kunit_try_run_case+0x1a5/0x480 [ 12.957558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.958192] kthread+0x337/0x6f0 [ 12.958359] ret_from_fork+0x116/0x1d0 [ 12.958559] ret_from_fork_asm+0x1a/0x30 [ 12.958752] [ 12.958863] The buggy address belongs to the object at ffff888102856080 [ 12.958863] which belongs to the cache kmalloc-16 of size 16 [ 12.959337] The buggy address is located 8 bytes inside of [ 12.959337] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.959957] [ 12.960070] The buggy address belongs to the physical page: [ 12.960288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.960604] flags: 0x200000000000000(node=0|zone=2) [ 12.960910] page_type: f5(slab) [ 12.961074] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.961511] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.961875] page dumped because: kasan: bad access detected [ 12.962085] [ 12.962183] Memory state around the buggy address: [ 12.962402] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.962682] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.963101] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.963386] ^ [ 12.963555] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.963830] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.964149] ================================================================== [ 12.919835] ================================================================== [ 12.920104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.920444] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.920911] [ 12.921396] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.921443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.921456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.921476] Call Trace: [ 12.921487] <TASK> [ 12.921500] dump_stack_lvl+0x73/0xb0 [ 12.921526] print_report+0xd1/0x650 [ 12.921548] ? __virt_addr_valid+0x1db/0x2d0 [ 12.921571] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.921636] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921663] kasan_report+0x141/0x180 [ 12.921686] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921717] kasan_check_range+0x10c/0x1c0 [ 12.921742] __kasan_check_write+0x18/0x20 [ 12.921775] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921802] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.921829] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.921850] ? trace_hardirqs_on+0x37/0xe0 [ 12.921872] ? kasan_bitops_generic+0x92/0x1c0 [ 12.921897] kasan_bitops_generic+0x116/0x1c0 [ 12.921919] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.921941] ? __pfx_read_tsc+0x10/0x10 [ 12.921962] ? ktime_get_ts64+0x86/0x230 [ 12.921986] kunit_try_run_case+0x1a5/0x480 [ 12.922007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.922027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.922051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.922076] ? __kthread_parkme+0x82/0x180 [ 12.922095] ? preempt_count_sub+0x50/0x80 [ 12.922118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.922140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.922165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.922190] kthread+0x337/0x6f0 [ 12.922209] ? trace_preempt_on+0x20/0xc0 [ 12.922231] ? __pfx_kthread+0x10/0x10 [ 12.922252] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.922275] ? calculate_sigpending+0x7b/0xa0 [ 12.922298] ? __pfx_kthread+0x10/0x10 [ 12.922320] ret_from_fork+0x116/0x1d0 [ 12.922338] ? __pfx_kthread+0x10/0x10 [ 12.922360] ret_from_fork_asm+0x1a/0x30 [ 12.922389] </TASK> [ 12.922399] [ 12.931091] Allocated by task 278: [ 12.931247] kasan_save_stack+0x45/0x70 [ 12.931431] kasan_save_track+0x18/0x40 [ 12.931572] kasan_save_alloc_info+0x3b/0x50 [ 12.931930] __kasan_kmalloc+0xb7/0xc0 [ 12.932201] __kmalloc_cache_noprof+0x189/0x420 [ 12.932428] kasan_bitops_generic+0x92/0x1c0 [ 12.932654] kunit_try_run_case+0x1a5/0x480 [ 12.932972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.933211] kthread+0x337/0x6f0 [ 12.933390] ret_from_fork+0x116/0x1d0 [ 12.933562] ret_from_fork_asm+0x1a/0x30 [ 12.933773] [ 12.933855] The buggy address belongs to the object at ffff888102856080 [ 12.933855] which belongs to the cache kmalloc-16 of size 16 [ 12.934218] The buggy address is located 8 bytes inside of [ 12.934218] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.934686] [ 12.934780] The buggy address belongs to the physical page: [ 12.935034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.935485] flags: 0x200000000000000(node=0|zone=2) [ 12.935951] page_type: f5(slab) [ 12.936122] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.936449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.936770] page dumped because: kasan: bad access detected [ 12.937024] [ 12.937216] Memory state around the buggy address: [ 12.937383] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.937685] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.938195] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.938410] ^ [ 12.938544] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.939119] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.939535] ================================================================== [ 12.879714] ================================================================== [ 12.880366] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.880745] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.881305] [ 12.881420] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.881467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.881480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.881502] Call Trace: [ 12.881514] <TASK> [ 12.881529] dump_stack_lvl+0x73/0xb0 [ 12.881556] print_report+0xd1/0x650 [ 12.881579] ? __virt_addr_valid+0x1db/0x2d0 [ 12.881602] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.881665] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881691] kasan_report+0x141/0x180 [ 12.881714] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881746] kasan_check_range+0x10c/0x1c0 [ 12.881770] __kasan_check_write+0x18/0x20 [ 12.881856] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881882] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.881909] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.881932] ? trace_hardirqs_on+0x37/0xe0 [ 12.881954] ? kasan_bitops_generic+0x92/0x1c0 [ 12.881977] kasan_bitops_generic+0x116/0x1c0 [ 12.881998] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.882019] ? __pfx_read_tsc+0x10/0x10 [ 12.882040] ? ktime_get_ts64+0x86/0x230 [ 12.882064] kunit_try_run_case+0x1a5/0x480 [ 12.882086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.882106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.882130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.882155] ? __kthread_parkme+0x82/0x180 [ 12.882175] ? preempt_count_sub+0x50/0x80 [ 12.882199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.882220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.882244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.882269] kthread+0x337/0x6f0 [ 12.882288] ? trace_preempt_on+0x20/0xc0 [ 12.882311] ? __pfx_kthread+0x10/0x10 [ 12.882332] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.882355] ? calculate_sigpending+0x7b/0xa0 [ 12.882379] ? __pfx_kthread+0x10/0x10 [ 12.882400] ret_from_fork+0x116/0x1d0 [ 12.882419] ? __pfx_kthread+0x10/0x10 [ 12.882440] ret_from_fork_asm+0x1a/0x30 [ 12.882470] </TASK> [ 12.882481] [ 12.891243] Allocated by task 278: [ 12.891418] kasan_save_stack+0x45/0x70 [ 12.891571] kasan_save_track+0x18/0x40 [ 12.891726] kasan_save_alloc_info+0x3b/0x50 [ 12.892108] __kasan_kmalloc+0xb7/0xc0 [ 12.892320] __kmalloc_cache_noprof+0x189/0x420 [ 12.892542] kasan_bitops_generic+0x92/0x1c0 [ 12.892774] kunit_try_run_case+0x1a5/0x480 [ 12.892962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.893291] kthread+0x337/0x6f0 [ 12.893421] ret_from_fork+0x116/0x1d0 [ 12.893628] ret_from_fork_asm+0x1a/0x30 [ 12.893927] [ 12.894022] The buggy address belongs to the object at ffff888102856080 [ 12.894022] which belongs to the cache kmalloc-16 of size 16 [ 12.894472] The buggy address is located 8 bytes inside of [ 12.894472] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.895150] [ 12.895262] The buggy address belongs to the physical page: [ 12.895465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.895728] flags: 0x200000000000000(node=0|zone=2) [ 12.895899] page_type: f5(slab) [ 12.896062] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.896408] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.897073] page dumped because: kasan: bad access detected [ 12.897265] [ 12.897338] Memory state around the buggy address: [ 12.897500] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.897943] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.898281] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.898626] ^ [ 12.898899] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.899236] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.899532] ================================================================== [ 12.964513] ================================================================== [ 12.965100] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.965406] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.965755] [ 12.965917] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.965962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.965975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.965996] Call Trace: [ 12.966012] <TASK> [ 12.966025] dump_stack_lvl+0x73/0xb0 [ 12.966051] print_report+0xd1/0x650 [ 12.966073] ? __virt_addr_valid+0x1db/0x2d0 [ 12.966096] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.966145] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966172] kasan_report+0x141/0x180 [ 12.966195] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966226] kasan_check_range+0x10c/0x1c0 [ 12.966250] __kasan_check_write+0x18/0x20 [ 12.966270] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966296] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.966323] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.966345] ? trace_hardirqs_on+0x37/0xe0 [ 12.966365] ? kasan_bitops_generic+0x92/0x1c0 [ 12.966390] kasan_bitops_generic+0x116/0x1c0 [ 12.966410] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.966431] ? __pfx_read_tsc+0x10/0x10 [ 12.966452] ? ktime_get_ts64+0x86/0x230 [ 12.966476] kunit_try_run_case+0x1a5/0x480 [ 12.966497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.966517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.966547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.966573] ? __kthread_parkme+0x82/0x180 [ 12.966594] ? preempt_count_sub+0x50/0x80 [ 12.966628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.966650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.966675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.966700] kthread+0x337/0x6f0 [ 12.966719] ? trace_preempt_on+0x20/0xc0 [ 12.966742] ? __pfx_kthread+0x10/0x10 [ 12.966762] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.966785] ? calculate_sigpending+0x7b/0xa0 [ 12.966809] ? __pfx_kthread+0x10/0x10 [ 12.966830] ret_from_fork+0x116/0x1d0 [ 12.966850] ? __pfx_kthread+0x10/0x10 [ 12.966871] ret_from_fork_asm+0x1a/0x30 [ 12.966901] </TASK> [ 12.966912] [ 12.975493] Allocated by task 278: [ 12.975745] kasan_save_stack+0x45/0x70 [ 12.976142] kasan_save_track+0x18/0x40 [ 12.976323] kasan_save_alloc_info+0x3b/0x50 [ 12.976515] __kasan_kmalloc+0xb7/0xc0 [ 12.976712] __kmalloc_cache_noprof+0x189/0x420 [ 12.976968] kasan_bitops_generic+0x92/0x1c0 [ 12.977120] kunit_try_run_case+0x1a5/0x480 [ 12.977383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.977872] kthread+0x337/0x6f0 [ 12.978004] ret_from_fork+0x116/0x1d0 [ 12.978146] ret_from_fork_asm+0x1a/0x30 [ 12.978347] [ 12.978446] The buggy address belongs to the object at ffff888102856080 [ 12.978446] which belongs to the cache kmalloc-16 of size 16 [ 12.979076] The buggy address is located 8 bytes inside of [ 12.979076] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.979489] [ 12.979562] The buggy address belongs to the physical page: [ 12.979753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.980098] flags: 0x200000000000000(node=0|zone=2) [ 12.980334] page_type: f5(slab) [ 12.980801] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.981463] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.981719] page dumped because: kasan: bad access detected [ 12.982099] [ 12.982203] Memory state around the buggy address: [ 12.982543] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.982930] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.983186] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.983447] ^ [ 12.983634] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984369] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984629] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
Automatically assigned
[ 12.856423] ================================================================== [ 12.856808] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 12.857155] Read of size 1 at addr ffff888102fab010 by task kunit_try_catch/276 [ 12.857416] [ 12.857528] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.857574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.857587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.857620] Call Trace: [ 12.857635] <TASK> [ 12.857650] dump_stack_lvl+0x73/0xb0 [ 12.857674] print_report+0xd1/0x650 [ 12.857697] ? __virt_addr_valid+0x1db/0x2d0 [ 12.857720] ? strnlen+0x73/0x80 [ 12.857739] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.857762] ? strnlen+0x73/0x80 [ 12.857843] kasan_report+0x141/0x180 [ 12.857867] ? strnlen+0x73/0x80 [ 12.857891] __asan_report_load1_noabort+0x18/0x20 [ 12.857912] strnlen+0x73/0x80 [ 12.857933] kasan_strings+0x615/0xe80 [ 12.857953] ? trace_hardirqs_on+0x37/0xe0 [ 12.857975] ? __pfx_kasan_strings+0x10/0x10 [ 12.857996] ? finish_task_switch.isra.0+0x153/0x700 [ 12.858018] ? __switch_to+0x47/0xf50 [ 12.858043] ? __schedule+0x10cc/0x2b60 [ 12.858066] ? __pfx_read_tsc+0x10/0x10 [ 12.858086] ? ktime_get_ts64+0x86/0x230 [ 12.858111] kunit_try_run_case+0x1a5/0x480 [ 12.858131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.858151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.858175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.858200] ? __kthread_parkme+0x82/0x180 [ 12.858219] ? preempt_count_sub+0x50/0x80 [ 12.858242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.858263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.858287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.858311] kthread+0x337/0x6f0 [ 12.858330] ? trace_preempt_on+0x20/0xc0 [ 12.858352] ? __pfx_kthread+0x10/0x10 [ 12.858373] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.858395] ? calculate_sigpending+0x7b/0xa0 [ 12.858418] ? __pfx_kthread+0x10/0x10 [ 12.858439] ret_from_fork+0x116/0x1d0 [ 12.858458] ? __pfx_kthread+0x10/0x10 [ 12.858479] ret_from_fork_asm+0x1a/0x30 [ 12.858510] </TASK> [ 12.858520] [ 12.866520] Allocated by task 276: [ 12.866828] kasan_save_stack+0x45/0x70 [ 12.867015] kasan_save_track+0x18/0x40 [ 12.867158] kasan_save_alloc_info+0x3b/0x50 [ 12.867311] __kasan_kmalloc+0xb7/0xc0 [ 12.867449] __kmalloc_cache_noprof+0x189/0x420 [ 12.867623] kasan_strings+0xc0/0xe80 [ 12.867800] kunit_try_run_case+0x1a5/0x480 [ 12.868122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868376] kthread+0x337/0x6f0 [ 12.868543] ret_from_fork+0x116/0x1d0 [ 12.868730] ret_from_fork_asm+0x1a/0x30 [ 12.869043] [ 12.869143] Freed by task 276: [ 12.869277] kasan_save_stack+0x45/0x70 [ 12.869466] kasan_save_track+0x18/0x40 [ 12.869652] kasan_save_free_info+0x3f/0x60 [ 12.870009] __kasan_slab_free+0x56/0x70 [ 12.870187] kfree+0x222/0x3f0 [ 12.870309] kasan_strings+0x2aa/0xe80 [ 12.870451] kunit_try_run_case+0x1a5/0x480 [ 12.870620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.870804] kthread+0x337/0x6f0 [ 12.870960] ret_from_fork+0x116/0x1d0 [ 12.871322] ret_from_fork_asm+0x1a/0x30 [ 12.871534] [ 12.871642] The buggy address belongs to the object at ffff888102fab000 [ 12.871642] which belongs to the cache kmalloc-32 of size 32 [ 12.872378] The buggy address is located 16 bytes inside of [ 12.872378] freed 32-byte region [ffff888102fab000, ffff888102fab020) [ 12.873023] [ 12.873102] The buggy address belongs to the physical page: [ 12.873282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fab [ 12.873588] flags: 0x200000000000000(node=0|zone=2) [ 12.873977] page_type: f5(slab) [ 12.874152] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.874498] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.874989] page dumped because: kasan: bad access detected [ 12.875248] [ 12.875345] Memory state around the buggy address: [ 12.875537] ffff888102faaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.875895] ffff888102faaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.876182] >ffff888102fab000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.876466] ^ [ 12.876658] ffff888102fab080: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.876934] ffff888102fab100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.877158] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
Automatically assigned
[ 12.831323] ================================================================== [ 12.831755] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 12.832248] Read of size 1 at addr ffff888102fab010 by task kunit_try_catch/276 [ 12.832963] [ 12.833093] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.833143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.833156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.833178] Call Trace: [ 12.833195] <TASK> [ 12.833210] dump_stack_lvl+0x73/0xb0 [ 12.833237] print_report+0xd1/0x650 [ 12.833260] ? __virt_addr_valid+0x1db/0x2d0 [ 12.833282] ? strlen+0x8f/0xb0 [ 12.833300] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.833323] ? strlen+0x8f/0xb0 [ 12.833343] kasan_report+0x141/0x180 [ 12.833366] ? strlen+0x8f/0xb0 [ 12.833390] __asan_report_load1_noabort+0x18/0x20 [ 12.833411] strlen+0x8f/0xb0 [ 12.833431] kasan_strings+0x57b/0xe80 [ 12.833451] ? trace_hardirqs_on+0x37/0xe0 [ 12.833474] ? __pfx_kasan_strings+0x10/0x10 [ 12.833494] ? finish_task_switch.isra.0+0x153/0x700 [ 12.833539] ? __switch_to+0x47/0xf50 [ 12.833564] ? __schedule+0x10cc/0x2b60 [ 12.833587] ? __pfx_read_tsc+0x10/0x10 [ 12.833620] ? ktime_get_ts64+0x86/0x230 [ 12.833645] kunit_try_run_case+0x1a5/0x480 [ 12.833668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.833688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.833713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.833738] ? __kthread_parkme+0x82/0x180 [ 12.833759] ? preempt_count_sub+0x50/0x80 [ 12.833782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.833889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.833915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.833941] kthread+0x337/0x6f0 [ 12.833962] ? trace_preempt_on+0x20/0xc0 [ 12.833985] ? __pfx_kthread+0x10/0x10 [ 12.834006] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.834029] ? calculate_sigpending+0x7b/0xa0 [ 12.834052] ? __pfx_kthread+0x10/0x10 [ 12.834074] ret_from_fork+0x116/0x1d0 [ 12.834093] ? __pfx_kthread+0x10/0x10 [ 12.834115] ret_from_fork_asm+0x1a/0x30 [ 12.834145] </TASK> [ 12.834155] [ 12.845442] Allocated by task 276: [ 12.845624] kasan_save_stack+0x45/0x70 [ 12.845781] kasan_save_track+0x18/0x40 [ 12.845959] kasan_save_alloc_info+0x3b/0x50 [ 12.846194] __kasan_kmalloc+0xb7/0xc0 [ 12.846364] __kmalloc_cache_noprof+0x189/0x420 [ 12.846556] kasan_strings+0xc0/0xe80 [ 12.846756] kunit_try_run_case+0x1a5/0x480 [ 12.847104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.847303] kthread+0x337/0x6f0 [ 12.847469] ret_from_fork+0x116/0x1d0 [ 12.847671] ret_from_fork_asm+0x1a/0x30 [ 12.847859] [ 12.848134] Freed by task 276: [ 12.848320] kasan_save_stack+0x45/0x70 [ 12.848495] kasan_save_track+0x18/0x40 [ 12.848685] kasan_save_free_info+0x3f/0x60 [ 12.848960] __kasan_slab_free+0x56/0x70 [ 12.849175] kfree+0x222/0x3f0 [ 12.849296] kasan_strings+0x2aa/0xe80 [ 12.849432] kunit_try_run_case+0x1a5/0x480 [ 12.849626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.849895] kthread+0x337/0x6f0 [ 12.850050] ret_from_fork+0x116/0x1d0 [ 12.850185] ret_from_fork_asm+0x1a/0x30 [ 12.850347] [ 12.850443] The buggy address belongs to the object at ffff888102fab000 [ 12.850443] which belongs to the cache kmalloc-32 of size 32 [ 12.851009] The buggy address is located 16 bytes inside of [ 12.851009] freed 32-byte region [ffff888102fab000, ffff888102fab020) [ 12.851403] [ 12.851531] The buggy address belongs to the physical page: [ 12.851858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fab [ 12.852273] flags: 0x200000000000000(node=0|zone=2) [ 12.852442] page_type: f5(slab) [ 12.852623] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.853113] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.853515] page dumped because: kasan: bad access detected [ 12.853729] [ 12.853870] Memory state around the buggy address: [ 12.854093] ffff888102faaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.854372] ffff888102faaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.854713] >ffff888102fab000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.855057] ^ [ 12.855214] ffff888102fab080: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.855514] ffff888102fab100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.856002] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
Automatically assigned
[ 12.806563] ================================================================== [ 12.807184] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 12.807548] Read of size 1 at addr ffff888102fab010 by task kunit_try_catch/276 [ 12.808012] [ 12.808148] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.808228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.808241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.808262] Call Trace: [ 12.808276] <TASK> [ 12.808290] dump_stack_lvl+0x73/0xb0 [ 12.808317] print_report+0xd1/0x650 [ 12.808339] ? __virt_addr_valid+0x1db/0x2d0 [ 12.808362] ? kasan_strings+0xcbc/0xe80 [ 12.808415] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.808439] ? kasan_strings+0xcbc/0xe80 [ 12.808462] kasan_report+0x141/0x180 [ 12.808484] ? kasan_strings+0xcbc/0xe80 [ 12.808510] __asan_report_load1_noabort+0x18/0x20 [ 12.808561] kasan_strings+0xcbc/0xe80 [ 12.808581] ? trace_hardirqs_on+0x37/0xe0 [ 12.808603] ? __pfx_kasan_strings+0x10/0x10 [ 12.808636] ? finish_task_switch.isra.0+0x153/0x700 [ 12.808659] ? __switch_to+0x47/0xf50 [ 12.808714] ? __schedule+0x10cc/0x2b60 [ 12.808740] ? __pfx_read_tsc+0x10/0x10 [ 12.808761] ? ktime_get_ts64+0x86/0x230 [ 12.808807] kunit_try_run_case+0x1a5/0x480 [ 12.808830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.808924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.808950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.808975] ? __kthread_parkme+0x82/0x180 [ 12.808995] ? preempt_count_sub+0x50/0x80 [ 12.809019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.809041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.809065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.809121] kthread+0x337/0x6f0 [ 12.809164] ? trace_preempt_on+0x20/0xc0 [ 12.809187] ? __pfx_kthread+0x10/0x10 [ 12.809210] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.809233] ? calculate_sigpending+0x7b/0xa0 [ 12.809258] ? __pfx_kthread+0x10/0x10 [ 12.809280] ret_from_fork+0x116/0x1d0 [ 12.809299] ? __pfx_kthread+0x10/0x10 [ 12.809320] ret_from_fork_asm+0x1a/0x30 [ 12.809350] </TASK> [ 12.809360] [ 12.818382] Allocated by task 276: [ 12.818521] kasan_save_stack+0x45/0x70 [ 12.818691] kasan_save_track+0x18/0x40 [ 12.818873] kasan_save_alloc_info+0x3b/0x50 [ 12.819083] __kasan_kmalloc+0xb7/0xc0 [ 12.819412] __kmalloc_cache_noprof+0x189/0x420 [ 12.819816] kasan_strings+0xc0/0xe80 [ 12.820047] kunit_try_run_case+0x1a5/0x480 [ 12.820285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.820544] kthread+0x337/0x6f0 [ 12.820726] ret_from_fork+0x116/0x1d0 [ 12.820966] ret_from_fork_asm+0x1a/0x30 [ 12.821109] [ 12.821209] Freed by task 276: [ 12.821370] kasan_save_stack+0x45/0x70 [ 12.821568] kasan_save_track+0x18/0x40 [ 12.821938] kasan_save_free_info+0x3f/0x60 [ 12.822311] __kasan_slab_free+0x56/0x70 [ 12.822541] kfree+0x222/0x3f0 [ 12.822739] kasan_strings+0x2aa/0xe80 [ 12.823011] kunit_try_run_case+0x1a5/0x480 [ 12.823198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.823403] kthread+0x337/0x6f0 [ 12.823571] ret_from_fork+0x116/0x1d0 [ 12.823838] ret_from_fork_asm+0x1a/0x30 [ 12.824046] [ 12.824142] The buggy address belongs to the object at ffff888102fab000 [ 12.824142] which belongs to the cache kmalloc-32 of size 32 [ 12.824650] The buggy address is located 16 bytes inside of [ 12.824650] freed 32-byte region [ffff888102fab000, ffff888102fab020) [ 12.825136] [ 12.825234] The buggy address belongs to the physical page: [ 12.825618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fab [ 12.826258] flags: 0x200000000000000(node=0|zone=2) [ 12.826490] page_type: f5(slab) [ 12.826690] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.827280] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.827659] page dumped because: kasan: bad access detected [ 12.827960] [ 12.828100] Memory state around the buggy address: [ 12.828332] ffff888102faaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828575] ffff888102faaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.829054] >ffff888102fab000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.829437] ^ [ 12.829681] ffff888102fab080: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.830209] ffff888102fab100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.830485] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
Automatically assigned
[ 12.782023] ================================================================== [ 12.783111] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 12.783415] Read of size 1 at addr ffff888102fab010 by task kunit_try_catch/276 [ 12.783743] [ 12.784117] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.784171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.784184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.784205] Call Trace: [ 12.784218] <TASK> [ 12.784233] dump_stack_lvl+0x73/0xb0 [ 12.784260] print_report+0xd1/0x650 [ 12.784284] ? __virt_addr_valid+0x1db/0x2d0 [ 12.784307] ? strcmp+0xb0/0xc0 [ 12.784326] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.784348] ? strcmp+0xb0/0xc0 [ 12.784406] kasan_report+0x141/0x180 [ 12.784430] ? strcmp+0xb0/0xc0 [ 12.784453] __asan_report_load1_noabort+0x18/0x20 [ 12.784473] strcmp+0xb0/0xc0 [ 12.784494] kasan_strings+0x431/0xe80 [ 12.784514] ? trace_hardirqs_on+0x37/0xe0 [ 12.784566] ? __pfx_kasan_strings+0x10/0x10 [ 12.784587] ? finish_task_switch.isra.0+0x153/0x700 [ 12.784621] ? __switch_to+0x47/0xf50 [ 12.784647] ? __schedule+0x10cc/0x2b60 [ 12.784672] ? __pfx_read_tsc+0x10/0x10 [ 12.784694] ? ktime_get_ts64+0x86/0x230 [ 12.784719] kunit_try_run_case+0x1a5/0x480 [ 12.784741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.784823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.784849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.784875] ? __kthread_parkme+0x82/0x180 [ 12.784896] ? preempt_count_sub+0x50/0x80 [ 12.784918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.784939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.784963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.784988] kthread+0x337/0x6f0 [ 12.785008] ? trace_preempt_on+0x20/0xc0 [ 12.785030] ? __pfx_kthread+0x10/0x10 [ 12.785051] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.785074] ? calculate_sigpending+0x7b/0xa0 [ 12.785098] ? __pfx_kthread+0x10/0x10 [ 12.785120] ret_from_fork+0x116/0x1d0 [ 12.785138] ? __pfx_kthread+0x10/0x10 [ 12.785159] ret_from_fork_asm+0x1a/0x30 [ 12.785189] </TASK> [ 12.785200] [ 12.793948] Allocated by task 276: [ 12.794156] kasan_save_stack+0x45/0x70 [ 12.794384] kasan_save_track+0x18/0x40 [ 12.794583] kasan_save_alloc_info+0x3b/0x50 [ 12.794832] __kasan_kmalloc+0xb7/0xc0 [ 12.795117] __kmalloc_cache_noprof+0x189/0x420 [ 12.795371] kasan_strings+0xc0/0xe80 [ 12.795559] kunit_try_run_case+0x1a5/0x480 [ 12.795891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.796169] kthread+0x337/0x6f0 [ 12.796374] ret_from_fork+0x116/0x1d0 [ 12.796580] ret_from_fork_asm+0x1a/0x30 [ 12.796849] [ 12.796943] Freed by task 276: [ 12.797067] kasan_save_stack+0x45/0x70 [ 12.797206] kasan_save_track+0x18/0x40 [ 12.797341] kasan_save_free_info+0x3f/0x60 [ 12.797550] __kasan_slab_free+0x56/0x70 [ 12.797754] kfree+0x222/0x3f0 [ 12.797960] kasan_strings+0x2aa/0xe80 [ 12.798098] kunit_try_run_case+0x1a5/0x480 [ 12.798242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.798424] kthread+0x337/0x6f0 [ 12.798602] ret_from_fork+0x116/0x1d0 [ 12.798836] ret_from_fork_asm+0x1a/0x30 [ 12.799062] [ 12.799162] The buggy address belongs to the object at ffff888102fab000 [ 12.799162] which belongs to the cache kmalloc-32 of size 32 [ 12.800027] The buggy address is located 16 bytes inside of [ 12.800027] freed 32-byte region [ffff888102fab000, ffff888102fab020) [ 12.800526] [ 12.800602] The buggy address belongs to the physical page: [ 12.800906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fab [ 12.801706] flags: 0x200000000000000(node=0|zone=2) [ 12.802028] page_type: f5(slab) [ 12.802203] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.802477] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.802886] page dumped because: kasan: bad access detected [ 12.803290] [ 12.803389] Memory state around the buggy address: [ 12.803730] ffff888102faaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804040] ffff888102faaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.804561] >ffff888102fab000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.804979] ^ [ 12.805222] ffff888102fab080: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.805559] ffff888102fab100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.805964] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
Automatically assigned
[ 12.745330] ================================================================== [ 12.746563] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 12.747499] Read of size 1 at addr ffff888102fa3ed8 by task kunit_try_catch/274 [ 12.748704] [ 12.749058] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.749141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.749156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.749178] Call Trace: [ 12.749192] <TASK> [ 12.749208] dump_stack_lvl+0x73/0xb0 [ 12.749235] print_report+0xd1/0x650 [ 12.749261] ? __virt_addr_valid+0x1db/0x2d0 [ 12.749284] ? memcmp+0x1b4/0x1d0 [ 12.749303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.749328] ? memcmp+0x1b4/0x1d0 [ 12.749349] kasan_report+0x141/0x180 [ 12.749371] ? memcmp+0x1b4/0x1d0 [ 12.749396] __asan_report_load1_noabort+0x18/0x20 [ 12.749417] memcmp+0x1b4/0x1d0 [ 12.749438] kasan_memcmp+0x18f/0x390 [ 12.749459] ? trace_hardirqs_on+0x37/0xe0 [ 12.749483] ? __pfx_kasan_memcmp+0x10/0x10 [ 12.749504] ? finish_task_switch.isra.0+0x153/0x700 [ 12.749527] ? __switch_to+0x47/0xf50 [ 12.749555] ? __pfx_read_tsc+0x10/0x10 [ 12.749577] ? ktime_get_ts64+0x86/0x230 [ 12.749602] kunit_try_run_case+0x1a5/0x480 [ 12.749639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.749659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.749685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.749710] ? __kthread_parkme+0x82/0x180 [ 12.749730] ? preempt_count_sub+0x50/0x80 [ 12.749835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.749860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.749886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.749911] kthread+0x337/0x6f0 [ 12.749931] ? trace_preempt_on+0x20/0xc0 [ 12.749953] ? __pfx_kthread+0x10/0x10 [ 12.749974] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.749998] ? calculate_sigpending+0x7b/0xa0 [ 12.750023] ? __pfx_kthread+0x10/0x10 [ 12.750044] ret_from_fork+0x116/0x1d0 [ 12.750063] ? __pfx_kthread+0x10/0x10 [ 12.750084] ret_from_fork_asm+0x1a/0x30 [ 12.750116] </TASK> [ 12.750126] [ 12.760522] Allocated by task 274: [ 12.760726] kasan_save_stack+0x45/0x70 [ 12.761132] kasan_save_track+0x18/0x40 [ 12.761337] kasan_save_alloc_info+0x3b/0x50 [ 12.761526] __kasan_kmalloc+0xb7/0xc0 [ 12.761733] __kmalloc_cache_noprof+0x189/0x420 [ 12.762431] kasan_memcmp+0xb7/0x390 [ 12.762707] kunit_try_run_case+0x1a5/0x480 [ 12.763206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.763620] kthread+0x337/0x6f0 [ 12.764065] ret_from_fork+0x116/0x1d0 [ 12.764274] ret_from_fork_asm+0x1a/0x30 [ 12.764580] [ 12.764699] The buggy address belongs to the object at ffff888102fa3ec0 [ 12.764699] which belongs to the cache kmalloc-32 of size 32 [ 12.765593] The buggy address is located 0 bytes to the right of [ 12.765593] allocated 24-byte region [ffff888102fa3ec0, ffff888102fa3ed8) [ 12.766341] [ 12.766429] The buggy address belongs to the physical page: [ 12.766707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa3 [ 12.767272] flags: 0x200000000000000(node=0|zone=2) [ 12.767521] page_type: f5(slab) [ 12.767747] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.768194] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.768820] page dumped because: kasan: bad access detected [ 12.769302] [ 12.769382] Memory state around the buggy address: [ 12.769544] ffff888102fa3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.769790] ffff888102fa3e00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.770569] >ffff888102fa3e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.770914] ^ [ 12.771407] ffff888102fa3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.771719] ffff888102fa3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.772382] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
Automatically assigned
[ 12.717799] ================================================================== [ 12.718297] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 12.718695] Read of size 1 at addr ffff888103a97c4a by task kunit_try_catch/270 [ 12.719013] [ 12.719279] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.719341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.719355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.719389] Call Trace: [ 12.719401] <TASK> [ 12.719415] dump_stack_lvl+0x73/0xb0 [ 12.719442] print_report+0xd1/0x650 [ 12.719465] ? __virt_addr_valid+0x1db/0x2d0 [ 12.719498] ? kasan_alloca_oob_right+0x329/0x390 [ 12.719522] ? kasan_addr_to_slab+0x11/0xa0 [ 12.719553] ? kasan_alloca_oob_right+0x329/0x390 [ 12.719578] kasan_report+0x141/0x180 [ 12.719602] ? kasan_alloca_oob_right+0x329/0x390 [ 12.719641] __asan_report_load1_noabort+0x18/0x20 [ 12.719671] kasan_alloca_oob_right+0x329/0x390 [ 12.719696] ? finish_task_switch.isra.0+0x153/0x700 [ 12.719719] ? __ww_mutex_lock.constprop.0+0xc5e/0x1e90 [ 12.719752] ? trace_hardirqs_on+0x37/0xe0 [ 12.719785] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 12.719812] ? __schedule+0x10cc/0x2b60 [ 12.719836] ? __pfx_read_tsc+0x10/0x10 [ 12.719856] ? ktime_get_ts64+0x86/0x230 [ 12.719880] kunit_try_run_case+0x1a5/0x480 [ 12.719902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.719922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.719946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.719971] ? __kthread_parkme+0x82/0x180 [ 12.720046] ? preempt_count_sub+0x50/0x80 [ 12.720082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.720104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.720143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.720168] kthread+0x337/0x6f0 [ 12.720188] ? trace_preempt_on+0x20/0xc0 [ 12.720210] ? __pfx_kthread+0x10/0x10 [ 12.720231] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.720254] ? calculate_sigpending+0x7b/0xa0 [ 12.720277] ? __pfx_kthread+0x10/0x10 [ 12.720299] ret_from_fork+0x116/0x1d0 [ 12.720317] ? __pfx_kthread+0x10/0x10 [ 12.720338] ret_from_fork_asm+0x1a/0x30 [ 12.720368] </TASK> [ 12.720379] [ 12.730177] The buggy address belongs to stack of task kunit_try_catch/270 [ 12.730483] [ 12.730577] The buggy address belongs to the physical page: [ 12.731258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a97 [ 12.731711] flags: 0x200000000000000(node=0|zone=2) [ 12.732010] raw: 0200000000000000 ffffea00040ea5c8 ffffea00040ea5c8 0000000000000000 [ 12.732320] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.732636] page dumped because: kasan: bad access detected [ 12.733389] [ 12.733496] Memory state around the buggy address: [ 12.734414] ffff888103a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.734966] ffff888103a97b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.735507] >ffff888103a97c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.736114] ^ [ 12.736578] ffff888103a97c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.737222] ffff888103a97d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.737681] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
Automatically assigned
[ 12.698546] ================================================================== [ 12.699167] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 12.699533] Read of size 1 at addr ffff888103a9fc3f by task kunit_try_catch/268 [ 12.699906] [ 12.700132] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.700193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.700206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.700239] Call Trace: [ 12.700252] <TASK> [ 12.700268] dump_stack_lvl+0x73/0xb0 [ 12.700295] print_report+0xd1/0x650 [ 12.700318] ? __virt_addr_valid+0x1db/0x2d0 [ 12.700350] ? kasan_alloca_oob_left+0x320/0x380 [ 12.700373] ? kasan_addr_to_slab+0x11/0xa0 [ 12.700395] ? kasan_alloca_oob_left+0x320/0x380 [ 12.700431] kasan_report+0x141/0x180 [ 12.700454] ? kasan_alloca_oob_left+0x320/0x380 [ 12.700482] __asan_report_load1_noabort+0x18/0x20 [ 12.700503] kasan_alloca_oob_left+0x320/0x380 [ 12.700525] ? __kasan_check_write+0x18/0x20 [ 12.700545] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.700569] ? finish_task_switch.isra.0+0x153/0x700 [ 12.700593] ? __ww_mutex_lock.constprop.0+0xc5e/0x1e90 [ 12.700626] ? trace_hardirqs_on+0x37/0xe0 [ 12.700650] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 12.700677] ? __schedule+0x10cc/0x2b60 [ 12.700710] ? __pfx_read_tsc+0x10/0x10 [ 12.700731] ? ktime_get_ts64+0x86/0x230 [ 12.700756] kunit_try_run_case+0x1a5/0x480 [ 12.700790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.700811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.700835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.700917] ? __kthread_parkme+0x82/0x180 [ 12.700938] ? preempt_count_sub+0x50/0x80 [ 12.700962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.700983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.701008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.701033] kthread+0x337/0x6f0 [ 12.701052] ? trace_preempt_on+0x20/0xc0 [ 12.701074] ? __pfx_kthread+0x10/0x10 [ 12.701095] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.701117] ? calculate_sigpending+0x7b/0xa0 [ 12.701141] ? __pfx_kthread+0x10/0x10 [ 12.701163] ret_from_fork+0x116/0x1d0 [ 12.701182] ? __pfx_kthread+0x10/0x10 [ 12.701202] ret_from_fork_asm+0x1a/0x30 [ 12.701233] </TASK> [ 12.701243] [ 12.710184] The buggy address belongs to stack of task kunit_try_catch/268 [ 12.710517] [ 12.710630] The buggy address belongs to the physical page: [ 12.710890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a9f [ 12.711237] flags: 0x200000000000000(node=0|zone=2) [ 12.711526] raw: 0200000000000000 ffffea00040ea7c8 ffffea00040ea7c8 0000000000000000 [ 12.711984] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.712307] page dumped because: kasan: bad access detected [ 12.712569] [ 12.712665] Memory state around the buggy address: [ 12.712985] ffff888103a9fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.713314] ffff888103a9fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.713624] >ffff888103a9fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 12.714061] ^ [ 12.714313] ffff888103a9fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 12.714623] ffff888103a9fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.714948] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
Automatically assigned
[ 12.667198] ================================================================== [ 12.668652] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 12.669323] Read of size 1 at addr ffff888103a3fd02 by task kunit_try_catch/266 [ 12.670009] [ 12.670294] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.670343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.670355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.670377] Call Trace: [ 12.670389] <TASK> [ 12.670404] dump_stack_lvl+0x73/0xb0 [ 12.670430] print_report+0xd1/0x650 [ 12.670453] ? __virt_addr_valid+0x1db/0x2d0 [ 12.670476] ? kasan_stack_oob+0x2b5/0x300 [ 12.670496] ? kasan_addr_to_slab+0x11/0xa0 [ 12.670517] ? kasan_stack_oob+0x2b5/0x300 [ 12.670544] kasan_report+0x141/0x180 [ 12.670567] ? kasan_stack_oob+0x2b5/0x300 [ 12.670594] __asan_report_load1_noabort+0x18/0x20 [ 12.670626] kasan_stack_oob+0x2b5/0x300 [ 12.670647] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.670667] ? finish_task_switch.isra.0+0x153/0x700 [ 12.670690] ? __switch_to+0x47/0xf50 [ 12.670717] ? __schedule+0x10cc/0x2b60 [ 12.670741] ? __pfx_read_tsc+0x10/0x10 [ 12.670906] ? ktime_get_ts64+0x86/0x230 [ 12.670932] kunit_try_run_case+0x1a5/0x480 [ 12.670956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.670977] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.671002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.671027] ? __kthread_parkme+0x82/0x180 [ 12.671049] ? preempt_count_sub+0x50/0x80 [ 12.671072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.671093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.671118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.671144] kthread+0x337/0x6f0 [ 12.671165] ? trace_preempt_on+0x20/0xc0 [ 12.671189] ? __pfx_kthread+0x10/0x10 [ 12.671210] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.671233] ? calculate_sigpending+0x7b/0xa0 [ 12.671257] ? __pfx_kthread+0x10/0x10 [ 12.671279] ret_from_fork+0x116/0x1d0 [ 12.671297] ? __pfx_kthread+0x10/0x10 [ 12.671318] ret_from_fork_asm+0x1a/0x30 [ 12.671350] </TASK> [ 12.671360] [ 12.684698] The buggy address belongs to stack of task kunit_try_catch/266 [ 12.685711] and is located at offset 138 in frame: [ 12.686267] kasan_stack_oob+0x0/0x300 [ 12.686816] [ 12.687211] This frame has 4 objects: [ 12.687678] [48, 49) '__assertion' [ 12.687703] [64, 72) 'array' [ 12.688105] [96, 112) '__assertion' [ 12.688538] [128, 138) 'stack_array' [ 12.688825] [ 12.689333] The buggy address belongs to the physical page: [ 12.689520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a3f [ 12.689881] flags: 0x200000000000000(node=0|zone=2) [ 12.690434] raw: 0200000000000000 ffffea00040e8fc8 ffffea00040e8fc8 0000000000000000 [ 12.691343] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.692124] page dumped because: kasan: bad access detected [ 12.692635] [ 12.692797] Memory state around the buggy address: [ 12.693188] ffff888103a3fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.693418] ffff888103a3fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 12.693653] >ffff888103a3fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 12.694070] ^ [ 12.694232] ffff888103a3fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 12.694553] ffff888103a3fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.695094] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper: Failure
Automatically assigned
[ 12.608664] ================================================================== [ 12.609446] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.610139] Free of addr ffff888102a8c001 by task kunit_try_catch/260 [ 12.610427] [ 12.610627] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.610678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.610691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.610713] Call Trace: [ 12.610727] <TASK> [ 12.610742] dump_stack_lvl+0x73/0xb0 [ 12.610770] print_report+0xd1/0x650 [ 12.610792] ? __virt_addr_valid+0x1db/0x2d0 [ 12.610815] ? kasan_addr_to_slab+0x11/0xa0 [ 12.610835] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.610862] kasan_report_invalid_free+0x10a/0x130 [ 12.610887] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.610970] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.610995] __kasan_mempool_poison_object+0x102/0x1d0 [ 12.611102] mempool_free+0x2ec/0x380 [ 12.611128] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.611153] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.611179] ? update_load_avg+0x1be/0x21b0 [ 12.611202] ? update_load_avg+0x1be/0x21b0 [ 12.611225] ? update_curr+0x80/0x810 [ 12.611250] ? finish_task_switch.isra.0+0x153/0x700 [ 12.611276] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 12.611303] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.611330] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.611350] ? __pfx_mempool_kfree+0x10/0x10 [ 12.611371] ? __pfx_read_tsc+0x10/0x10 [ 12.611392] ? ktime_get_ts64+0x86/0x230 [ 12.611416] kunit_try_run_case+0x1a5/0x480 [ 12.611437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.611457] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.611482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.611507] ? __kthread_parkme+0x82/0x180 [ 12.611528] ? preempt_count_sub+0x50/0x80 [ 12.611551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.611571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.611595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.611631] kthread+0x337/0x6f0 [ 12.611650] ? trace_preempt_on+0x20/0xc0 [ 12.611673] ? __pfx_kthread+0x10/0x10 [ 12.611694] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.611717] ? calculate_sigpending+0x7b/0xa0 [ 12.611741] ? __pfx_kthread+0x10/0x10 [ 12.611762] ret_from_fork+0x116/0x1d0 [ 12.611780] ? __pfx_kthread+0x10/0x10 [ 12.611801] ret_from_fork_asm+0x1a/0x30 [ 12.611831] </TASK> [ 12.611841] [ 12.625021] The buggy address belongs to the physical page: [ 12.625297] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a8c [ 12.625737] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.626245] flags: 0x200000000000040(head|node=0|zone=2) [ 12.626625] page_type: f8(unknown) [ 12.626825] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.627232] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.627589] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.628182] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.628575] head: 0200000000000002 ffffea00040aa301 00000000ffffffff 00000000ffffffff [ 12.628978] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.629473] page dumped because: kasan: bad access detected [ 12.629698] [ 12.629920] Memory state around the buggy address: [ 12.630220] ffff888102a8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.630566] ffff888102a8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.631114] >ffff888102a8c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.631451] ^ [ 12.631626] ffff888102a8c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.632168] ffff888102a8c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.632510] ================================================================== [ 12.576995] ================================================================== [ 12.577914] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.578184] Free of addr ffff8881028b1801 by task kunit_try_catch/258 [ 12.578392] [ 12.578480] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.578525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.578541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.578562] Call Trace: [ 12.578573] <TASK> [ 12.578588] dump_stack_lvl+0x73/0xb0 [ 12.578623] print_report+0xd1/0x650 [ 12.578934] ? __virt_addr_valid+0x1db/0x2d0 [ 12.578965] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.578990] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.579017] kasan_report_invalid_free+0x10a/0x130 [ 12.579043] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.579232] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.579262] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.579289] check_slab_allocation+0x11f/0x130 [ 12.579313] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.579338] mempool_free+0x2ec/0x380 [ 12.579361] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.579386] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.579415] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.579437] ? finish_task_switch.isra.0+0x153/0x700 [ 12.579463] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.579487] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.579514] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.579532] ? __pfx_mempool_kfree+0x10/0x10 [ 12.579555] ? __pfx_read_tsc+0x10/0x10 [ 12.579575] ? ktime_get_ts64+0x86/0x230 [ 12.579598] kunit_try_run_case+0x1a5/0x480 [ 12.579632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.579652] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.579675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.579700] ? __kthread_parkme+0x82/0x180 [ 12.579721] ? preempt_count_sub+0x50/0x80 [ 12.579744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.579778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.579804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.579831] kthread+0x337/0x6f0 [ 12.579851] ? trace_preempt_on+0x20/0xc0 [ 12.579874] ? __pfx_kthread+0x10/0x10 [ 12.579895] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.579918] ? calculate_sigpending+0x7b/0xa0 [ 12.579943] ? __pfx_kthread+0x10/0x10 [ 12.579965] ret_from_fork+0x116/0x1d0 [ 12.579983] ? __pfx_kthread+0x10/0x10 [ 12.580003] ret_from_fork_asm+0x1a/0x30 [ 12.580034] </TASK> [ 12.580046] [ 12.593719] Allocated by task 258: [ 12.594090] kasan_save_stack+0x45/0x70 [ 12.594250] kasan_save_track+0x18/0x40 [ 12.594455] kasan_save_alloc_info+0x3b/0x50 [ 12.594688] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.595053] remove_element+0x11e/0x190 [ 12.595792] mempool_alloc_preallocated+0x4d/0x90 [ 12.595965] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 12.596156] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.596331] kunit_try_run_case+0x1a5/0x480 [ 12.596482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.596678] kthread+0x337/0x6f0 [ 12.596807] ret_from_fork+0x116/0x1d0 [ 12.597034] ret_from_fork_asm+0x1a/0x30 [ 12.597229] [ 12.597465] The buggy address belongs to the object at ffff8881028b1800 [ 12.597465] which belongs to the cache kmalloc-128 of size 128 [ 12.598315] The buggy address is located 1 bytes inside of [ 12.598315] 128-byte region [ffff8881028b1800, ffff8881028b1880) [ 12.599055] [ 12.599234] The buggy address belongs to the physical page: [ 12.599700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b1 [ 12.600230] flags: 0x200000000000000(node=0|zone=2) [ 12.600407] page_type: f5(slab) [ 12.600533] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.600872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.601182] page dumped because: kasan: bad access detected [ 12.601406] [ 12.601494] Memory state around the buggy address: [ 12.601715] ffff8881028b1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.602430] ffff8881028b1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.602717] >ffff8881028b1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.603261] ^ [ 12.603595] ffff8881028b1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.603994] ffff8881028b1900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.604455] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure
Automatically assigned
[ 12.555980] ================================================================== [ 12.556552] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.556933] Free of addr ffff888102a8c000 by task kunit_try_catch/256 [ 12.557218] [ 12.557351] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.557413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.557426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.557449] Call Trace: [ 12.557463] <TASK> [ 12.557479] dump_stack_lvl+0x73/0xb0 [ 12.557538] print_report+0xd1/0x650 [ 12.557562] ? __virt_addr_valid+0x1db/0x2d0 [ 12.557598] ? kasan_addr_to_slab+0x11/0xa0 [ 12.557628] ? mempool_double_free_helper+0x184/0x370 [ 12.557655] kasan_report_invalid_free+0x10a/0x130 [ 12.557679] ? mempool_double_free_helper+0x184/0x370 [ 12.557705] ? mempool_double_free_helper+0x184/0x370 [ 12.557729] __kasan_mempool_poison_pages+0x115/0x130 [ 12.557767] mempool_free+0x290/0x380 [ 12.557792] mempool_double_free_helper+0x184/0x370 [ 12.557817] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.557851] ? update_load_avg+0x1be/0x21b0 [ 12.557876] ? update_load_avg+0x1be/0x21b0 [ 12.557897] ? update_curr+0x80/0x810 [ 12.557920] ? finish_task_switch.isra.0+0x153/0x700 [ 12.557977] mempool_page_alloc_double_free+0xe8/0x140 [ 12.558003] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 12.558043] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.558064] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.558087] ? __pfx_read_tsc+0x10/0x10 [ 12.558108] ? ktime_get_ts64+0x86/0x230 [ 12.558132] kunit_try_run_case+0x1a5/0x480 [ 12.558155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.558175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.558201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.558225] ? __kthread_parkme+0x82/0x180 [ 12.558246] ? preempt_count_sub+0x50/0x80 [ 12.558269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.558291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.558315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.558340] kthread+0x337/0x6f0 [ 12.558359] ? trace_preempt_on+0x20/0xc0 [ 12.558382] ? __pfx_kthread+0x10/0x10 [ 12.558403] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.558426] ? calculate_sigpending+0x7b/0xa0 [ 12.558450] ? __pfx_kthread+0x10/0x10 [ 12.558472] ret_from_fork+0x116/0x1d0 [ 12.558491] ? __pfx_kthread+0x10/0x10 [ 12.558511] ret_from_fork_asm+0x1a/0x30 [ 12.558548] </TASK> [ 12.558558] [ 12.569138] The buggy address belongs to the physical page: [ 12.569392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a8c [ 12.569815] flags: 0x200000000000000(node=0|zone=2) [ 12.570295] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.570683] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.571213] page dumped because: kasan: bad access detected [ 12.571396] [ 12.571468] Memory state around the buggy address: [ 12.571714] ffff888102a8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.572089] ffff888102a8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.572500] >ffff888102a8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.572997] ^ [ 12.573205] ffff888102a8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.573478] ffff888102a8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.573937] ================================================================== [ 12.526514] ================================================================== [ 12.527221] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.527473] Free of addr ffff8881039d8000 by task kunit_try_catch/254 [ 12.528085] [ 12.528253] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.528305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.528319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.528340] Call Trace: [ 12.528354] <TASK> [ 12.528369] dump_stack_lvl+0x73/0xb0 [ 12.528399] print_report+0xd1/0x650 [ 12.528423] ? __virt_addr_valid+0x1db/0x2d0 [ 12.528447] ? kasan_addr_to_slab+0x11/0xa0 [ 12.528469] ? mempool_double_free_helper+0x184/0x370 [ 12.528494] kasan_report_invalid_free+0x10a/0x130 [ 12.528520] ? mempool_double_free_helper+0x184/0x370 [ 12.528548] ? mempool_double_free_helper+0x184/0x370 [ 12.528571] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.528596] mempool_free+0x2ec/0x380 [ 12.528632] mempool_double_free_helper+0x184/0x370 [ 12.528657] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.528683] ? __kasan_check_write+0x18/0x20 [ 12.528703] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.528726] ? finish_task_switch.isra.0+0x153/0x700 [ 12.529126] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.529167] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.529198] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.529220] ? __pfx_mempool_kfree+0x10/0x10 [ 12.529243] ? __pfx_read_tsc+0x10/0x10 [ 12.529266] ? ktime_get_ts64+0x86/0x230 [ 12.529293] kunit_try_run_case+0x1a5/0x480 [ 12.529316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.529336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.529362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.529386] ? __kthread_parkme+0x82/0x180 [ 12.529407] ? preempt_count_sub+0x50/0x80 [ 12.529431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.529453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.529478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.529503] kthread+0x337/0x6f0 [ 12.529523] ? trace_preempt_on+0x20/0xc0 [ 12.529546] ? __pfx_kthread+0x10/0x10 [ 12.529568] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.529591] ? calculate_sigpending+0x7b/0xa0 [ 12.529630] ? __pfx_kthread+0x10/0x10 [ 12.529653] ret_from_fork+0x116/0x1d0 [ 12.529672] ? __pfx_kthread+0x10/0x10 [ 12.529693] ret_from_fork_asm+0x1a/0x30 [ 12.529724] </TASK> [ 12.529735] [ 12.545858] The buggy address belongs to the physical page: [ 12.546078] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 12.546422] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.546998] flags: 0x200000000000040(head|node=0|zone=2) [ 12.547256] page_type: f8(unknown) [ 12.547414] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.547692] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.548203] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.549012] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.549389] head: 0200000000000002 ffffea00040e7601 00000000ffffffff 00000000ffffffff [ 12.549743] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.550180] page dumped because: kasan: bad access detected [ 12.550413] [ 12.550527] Memory state around the buggy address: [ 12.550750] ffff8881039d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.551139] ffff8881039d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.551699] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.552273] ^ [ 12.552494] ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.552819] ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.553134] ================================================================== [ 12.493418] ================================================================== [ 12.494246] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.494497] Free of addr ffff8881028b1400 by task kunit_try_catch/252 [ 12.494716] [ 12.494811] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.494858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.494870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.494893] Call Trace: [ 12.494904] <TASK> [ 12.494920] dump_stack_lvl+0x73/0xb0 [ 12.494947] print_report+0xd1/0x650 [ 12.494969] ? __virt_addr_valid+0x1db/0x2d0 [ 12.494993] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.495015] ? mempool_double_free_helper+0x184/0x370 [ 12.495041] kasan_report_invalid_free+0x10a/0x130 [ 12.495066] ? mempool_double_free_helper+0x184/0x370 [ 12.495133] ? mempool_double_free_helper+0x184/0x370 [ 12.495156] ? mempool_double_free_helper+0x184/0x370 [ 12.495191] check_slab_allocation+0x101/0x130 [ 12.495213] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.495237] mempool_free+0x2ec/0x380 [ 12.495261] mempool_double_free_helper+0x184/0x370 [ 12.495285] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.495310] ? __kasan_check_write+0x18/0x20 [ 12.495330] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.495353] ? finish_task_switch.isra.0+0x153/0x700 [ 12.495379] mempool_kmalloc_double_free+0xed/0x140 [ 12.495403] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.495430] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.495470] ? __pfx_mempool_kfree+0x10/0x10 [ 12.495492] ? __pfx_read_tsc+0x10/0x10 [ 12.495514] ? ktime_get_ts64+0x86/0x230 [ 12.495561] kunit_try_run_case+0x1a5/0x480 [ 12.495583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.495622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.495647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.495673] ? __kthread_parkme+0x82/0x180 [ 12.495693] ? preempt_count_sub+0x50/0x80 [ 12.495717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.495738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.495798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.495823] kthread+0x337/0x6f0 [ 12.495843] ? trace_preempt_on+0x20/0xc0 [ 12.495866] ? __pfx_kthread+0x10/0x10 [ 12.495889] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.495914] ? calculate_sigpending+0x7b/0xa0 [ 12.495940] ? __pfx_kthread+0x10/0x10 [ 12.495963] ret_from_fork+0x116/0x1d0 [ 12.495982] ? __pfx_kthread+0x10/0x10 [ 12.496002] ret_from_fork_asm+0x1a/0x30 [ 12.496034] </TASK> [ 12.496044] [ 12.507665] Allocated by task 252: [ 12.507943] kasan_save_stack+0x45/0x70 [ 12.508153] kasan_save_track+0x18/0x40 [ 12.508352] kasan_save_alloc_info+0x3b/0x50 [ 12.508575] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.509113] remove_element+0x11e/0x190 [ 12.509271] mempool_alloc_preallocated+0x4d/0x90 [ 12.509577] mempool_double_free_helper+0x8a/0x370 [ 12.509835] mempool_kmalloc_double_free+0xed/0x140 [ 12.510213] kunit_try_run_case+0x1a5/0x480 [ 12.510419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.510738] kthread+0x337/0x6f0 [ 12.510868] ret_from_fork+0x116/0x1d0 [ 12.511144] ret_from_fork_asm+0x1a/0x30 [ 12.511510] [ 12.511617] Freed by task 252: [ 12.511845] kasan_save_stack+0x45/0x70 [ 12.512091] kasan_save_track+0x18/0x40 [ 12.512326] kasan_save_free_info+0x3f/0x60 [ 12.512537] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.512787] mempool_free+0x2ec/0x380 [ 12.512979] mempool_double_free_helper+0x109/0x370 [ 12.513170] mempool_kmalloc_double_free+0xed/0x140 [ 12.513466] kunit_try_run_case+0x1a5/0x480 [ 12.513632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.514118] kthread+0x337/0x6f0 [ 12.514308] ret_from_fork+0x116/0x1d0 [ 12.514513] ret_from_fork_asm+0x1a/0x30 [ 12.514855] [ 12.515105] The buggy address belongs to the object at ffff8881028b1400 [ 12.515105] which belongs to the cache kmalloc-128 of size 128 [ 12.515954] The buggy address is located 0 bytes inside of [ 12.515954] 128-byte region [ffff8881028b1400, ffff8881028b1480) [ 12.516683] [ 12.516770] The buggy address belongs to the physical page: [ 12.517305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b1 [ 12.517678] flags: 0x200000000000000(node=0|zone=2) [ 12.518127] page_type: f5(slab) [ 12.518405] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.518978] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.519432] page dumped because: kasan: bad access detected [ 12.519839] [ 12.519957] Memory state around the buggy address: [ 12.520390] ffff8881028b1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.520744] ffff8881028b1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.521237] >ffff8881028b1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.521545] ^ [ 12.521706] ffff8881028b1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.522308] ffff8881028b1500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.522597] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 12.390368] ================================================================== [ 12.391023] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.391259] Read of size 1 at addr ffff888102a88000 by task kunit_try_catch/246 [ 12.391490] [ 12.391581] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.391641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.391654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.391676] Call Trace: [ 12.391688] <TASK> [ 12.391703] dump_stack_lvl+0x73/0xb0 [ 12.391727] print_report+0xd1/0x650 [ 12.391806] ? __virt_addr_valid+0x1db/0x2d0 [ 12.391831] ? mempool_uaf_helper+0x392/0x400 [ 12.391854] ? kasan_addr_to_slab+0x11/0xa0 [ 12.391875] ? mempool_uaf_helper+0x392/0x400 [ 12.391898] kasan_report+0x141/0x180 [ 12.391920] ? mempool_uaf_helper+0x392/0x400 [ 12.391948] __asan_report_load1_noabort+0x18/0x20 [ 12.391968] mempool_uaf_helper+0x392/0x400 [ 12.391991] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.392017] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.392039] ? finish_task_switch.isra.0+0x153/0x700 [ 12.392065] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.392089] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.392116] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.392136] ? __pfx_mempool_kfree+0x10/0x10 [ 12.392157] ? __pfx_read_tsc+0x10/0x10 [ 12.392178] ? ktime_get_ts64+0x86/0x230 [ 12.392201] kunit_try_run_case+0x1a5/0x480 [ 12.392222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.392242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.392267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.392291] ? __kthread_parkme+0x82/0x180 [ 12.392311] ? preempt_count_sub+0x50/0x80 [ 12.392334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.392355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.392379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.392404] kthread+0x337/0x6f0 [ 12.392423] ? trace_preempt_on+0x20/0xc0 [ 12.392446] ? __pfx_kthread+0x10/0x10 [ 12.392466] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.392488] ? calculate_sigpending+0x7b/0xa0 [ 12.392513] ? __pfx_kthread+0x10/0x10 [ 12.392535] ret_from_fork+0x116/0x1d0 [ 12.392555] ? __pfx_kthread+0x10/0x10 [ 12.392576] ret_from_fork_asm+0x1a/0x30 [ 12.392607] </TASK> [ 12.392628] [ 12.409047] The buggy address belongs to the physical page: [ 12.409683] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a88 [ 12.410434] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.410685] flags: 0x200000000000040(head|node=0|zone=2) [ 12.411272] page_type: f8(unknown) [ 12.411632] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.412413] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.413217] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.413466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.413724] head: 0200000000000002 ffffea00040aa201 00000000ffffffff 00000000ffffffff [ 12.414511] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.415371] page dumped because: kasan: bad access detected [ 12.415936] [ 12.416143] Memory state around the buggy address: [ 12.416591] ffff888102a87f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.417344] ffff888102a87f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.417877] >ffff888102a88000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.418280] ^ [ 12.418405] ffff888102a88080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.418657] ffff888102a88100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.419469] ================================================================== [ 12.467167] ================================================================== [ 12.467577] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.468168] Read of size 1 at addr ffff8881039d8000 by task kunit_try_catch/250 [ 12.468541] [ 12.468650] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.468702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.468715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.468737] Call Trace: [ 12.468762] <TASK> [ 12.468780] dump_stack_lvl+0x73/0xb0 [ 12.468809] print_report+0xd1/0x650 [ 12.468833] ? __virt_addr_valid+0x1db/0x2d0 [ 12.468858] ? mempool_uaf_helper+0x392/0x400 [ 12.468881] ? kasan_addr_to_slab+0x11/0xa0 [ 12.468902] ? mempool_uaf_helper+0x392/0x400 [ 12.468926] kasan_report+0x141/0x180 [ 12.468948] ? mempool_uaf_helper+0x392/0x400 [ 12.468976] __asan_report_load1_noabort+0x18/0x20 [ 12.469010] mempool_uaf_helper+0x392/0x400 [ 12.469034] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.469057] ? __kasan_check_write+0x18/0x20 [ 12.469078] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.469101] ? irqentry_exit+0x2a/0x60 [ 12.469120] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.469150] mempool_page_alloc_uaf+0xed/0x140 [ 12.469174] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.469200] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.469223] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.469245] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.469271] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.469298] kunit_try_run_case+0x1a5/0x480 [ 12.469322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.469342] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.469367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.469392] ? __kthread_parkme+0x82/0x180 [ 12.469414] ? preempt_count_sub+0x50/0x80 [ 12.469439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.469460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.469485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.469510] kthread+0x337/0x6f0 [ 12.469530] ? trace_preempt_on+0x20/0xc0 [ 12.469554] ? __pfx_kthread+0x10/0x10 [ 12.469575] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.469598] ? calculate_sigpending+0x7b/0xa0 [ 12.469631] ? __pfx_kthread+0x10/0x10 [ 12.469653] ret_from_fork+0x116/0x1d0 [ 12.469672] ? __pfx_kthread+0x10/0x10 [ 12.469693] ret_from_fork_asm+0x1a/0x30 [ 12.469724] </TASK> [ 12.469736] [ 12.483647] The buggy address belongs to the physical page: [ 12.484670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d8 [ 12.485108] flags: 0x200000000000000(node=0|zone=2) [ 12.485334] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.485663] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.486542] page dumped because: kasan: bad access detected [ 12.487377] [ 12.487670] Memory state around the buggy address: [ 12.487940] ffff8881039d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.488549] ffff8881039d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.488867] >ffff8881039d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.489153] ^ [ 12.489279] ffff8881039d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.489675] ffff8881039d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.489997] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 12.425457] ================================================================== [ 12.426331] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.426582] Read of size 1 at addr ffff8881028b4240 by task kunit_try_catch/248 [ 12.426837] [ 12.427056] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.427107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.427120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.427143] Call Trace: [ 12.427154] <TASK> [ 12.427170] dump_stack_lvl+0x73/0xb0 [ 12.427198] print_report+0xd1/0x650 [ 12.427220] ? __virt_addr_valid+0x1db/0x2d0 [ 12.427243] ? mempool_uaf_helper+0x392/0x400 [ 12.427266] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.427289] ? mempool_uaf_helper+0x392/0x400 [ 12.427313] kasan_report+0x141/0x180 [ 12.427335] ? mempool_uaf_helper+0x392/0x400 [ 12.427363] __asan_report_load1_noabort+0x18/0x20 [ 12.427384] mempool_uaf_helper+0x392/0x400 [ 12.427407] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.427433] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.427455] ? finish_task_switch.isra.0+0x153/0x700 [ 12.427482] mempool_slab_uaf+0xea/0x140 [ 12.427501] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.427523] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.427543] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.427565] ? __pfx_read_tsc+0x10/0x10 [ 12.427587] ? ktime_get_ts64+0x86/0x230 [ 12.427623] kunit_try_run_case+0x1a5/0x480 [ 12.427645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.427664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.427689] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.427713] ? __kthread_parkme+0x82/0x180 [ 12.427734] ? preempt_count_sub+0x50/0x80 [ 12.427805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.427828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.427853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.427878] kthread+0x337/0x6f0 [ 12.427898] ? trace_preempt_on+0x20/0xc0 [ 12.427920] ? __pfx_kthread+0x10/0x10 [ 12.427941] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.428161] ? calculate_sigpending+0x7b/0xa0 [ 12.428194] ? __pfx_kthread+0x10/0x10 [ 12.428216] ret_from_fork+0x116/0x1d0 [ 12.428235] ? __pfx_kthread+0x10/0x10 [ 12.428256] ret_from_fork_asm+0x1a/0x30 [ 12.428287] </TASK> [ 12.428298] [ 12.443951] Allocated by task 248: [ 12.444295] kasan_save_stack+0x45/0x70 [ 12.444701] kasan_save_track+0x18/0x40 [ 12.445170] kasan_save_alloc_info+0x3b/0x50 [ 12.445480] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.445680] remove_element+0x11e/0x190 [ 12.446032] mempool_alloc_preallocated+0x4d/0x90 [ 12.446485] mempool_uaf_helper+0x96/0x400 [ 12.446892] mempool_slab_uaf+0xea/0x140 [ 12.447352] kunit_try_run_case+0x1a5/0x480 [ 12.447917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.448123] kthread+0x337/0x6f0 [ 12.448250] ret_from_fork+0x116/0x1d0 [ 12.448387] ret_from_fork_asm+0x1a/0x30 [ 12.448531] [ 12.448603] Freed by task 248: [ 12.448739] kasan_save_stack+0x45/0x70 [ 12.448894] kasan_save_track+0x18/0x40 [ 12.449136] kasan_save_free_info+0x3f/0x60 [ 12.449335] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.449553] mempool_free+0x2ec/0x380 [ 12.449758] mempool_uaf_helper+0x11a/0x400 [ 12.449997] mempool_slab_uaf+0xea/0x140 [ 12.450195] kunit_try_run_case+0x1a5/0x480 [ 12.450344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.450590] kthread+0x337/0x6f0 [ 12.450836] ret_from_fork+0x116/0x1d0 [ 12.451318] ret_from_fork_asm+0x1a/0x30 [ 12.451509] [ 12.451629] The buggy address belongs to the object at ffff8881028b4240 [ 12.451629] which belongs to the cache test_cache of size 123 [ 12.452476] The buggy address is located 0 bytes inside of [ 12.452476] freed 123-byte region [ffff8881028b4240, ffff8881028b42bb) [ 12.452999] [ 12.453248] The buggy address belongs to the physical page: [ 12.453499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b4 [ 12.454091] flags: 0x200000000000000(node=0|zone=2) [ 12.454423] page_type: f5(slab) [ 12.454561] raw: 0200000000000000 ffff8881028a7500 dead000000000122 0000000000000000 [ 12.455154] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.455645] page dumped because: kasan: bad access detected [ 12.456102] [ 12.456209] Memory state around the buggy address: [ 12.456625] ffff8881028b4100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.457241] ffff8881028b4180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.457564] >ffff8881028b4200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.458085] ^ [ 12.458398] ffff8881028b4280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.458832] ffff8881028b4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.459411] ================================================================== [ 12.355807] ================================================================== [ 12.356482] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.356745] Read of size 1 at addr ffff8881028b1000 by task kunit_try_catch/244 [ 12.357426] [ 12.357861] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.357915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.357929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.357951] Call Trace: [ 12.357964] <TASK> [ 12.357980] dump_stack_lvl+0x73/0xb0 [ 12.358010] print_report+0xd1/0x650 [ 12.358033] ? __virt_addr_valid+0x1db/0x2d0 [ 12.358057] ? mempool_uaf_helper+0x392/0x400 [ 12.358079] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.358330] ? mempool_uaf_helper+0x392/0x400 [ 12.358356] kasan_report+0x141/0x180 [ 12.358380] ? mempool_uaf_helper+0x392/0x400 [ 12.358408] __asan_report_load1_noabort+0x18/0x20 [ 12.358429] mempool_uaf_helper+0x392/0x400 [ 12.358461] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.358485] ? __kasan_check_write+0x18/0x20 [ 12.358506] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.358531] ? finish_task_switch.isra.0+0x153/0x700 [ 12.358566] mempool_kmalloc_uaf+0xef/0x140 [ 12.358592] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.358628] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.358648] ? __pfx_mempool_kfree+0x10/0x10 [ 12.358672] ? __pfx_read_tsc+0x10/0x10 [ 12.358694] ? ktime_get_ts64+0x86/0x230 [ 12.358722] kunit_try_run_case+0x1a5/0x480 [ 12.358747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.358796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.358838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.358874] ? __kthread_parkme+0x82/0x180 [ 12.358895] ? preempt_count_sub+0x50/0x80 [ 12.358917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.358939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.358964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.358989] kthread+0x337/0x6f0 [ 12.359009] ? trace_preempt_on+0x20/0xc0 [ 12.359033] ? __pfx_kthread+0x10/0x10 [ 12.359053] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.359075] ? calculate_sigpending+0x7b/0xa0 [ 12.359100] ? __pfx_kthread+0x10/0x10 [ 12.359121] ret_from_fork+0x116/0x1d0 [ 12.359139] ? __pfx_kthread+0x10/0x10 [ 12.359160] ret_from_fork_asm+0x1a/0x30 [ 12.359191] </TASK> [ 12.359202] [ 12.374406] Allocated by task 244: [ 12.374574] kasan_save_stack+0x45/0x70 [ 12.374776] kasan_save_track+0x18/0x40 [ 12.374917] kasan_save_alloc_info+0x3b/0x50 [ 12.375099] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.375394] remove_element+0x11e/0x190 [ 12.375592] mempool_alloc_preallocated+0x4d/0x90 [ 12.375783] mempool_uaf_helper+0x96/0x400 [ 12.375977] mempool_kmalloc_uaf+0xef/0x140 [ 12.376123] kunit_try_run_case+0x1a5/0x480 [ 12.376307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.376557] kthread+0x337/0x6f0 [ 12.376731] ret_from_fork+0x116/0x1d0 [ 12.377181] ret_from_fork_asm+0x1a/0x30 [ 12.377426] [ 12.377523] Freed by task 244: [ 12.377698] kasan_save_stack+0x45/0x70 [ 12.378005] kasan_save_track+0x18/0x40 [ 12.378165] kasan_save_free_info+0x3f/0x60 [ 12.378313] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.378569] mempool_free+0x2ec/0x380 [ 12.378766] mempool_uaf_helper+0x11a/0x400 [ 12.379123] mempool_kmalloc_uaf+0xef/0x140 [ 12.379351] kunit_try_run_case+0x1a5/0x480 [ 12.379546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.379842] kthread+0x337/0x6f0 [ 12.380013] ret_from_fork+0x116/0x1d0 [ 12.380227] ret_from_fork_asm+0x1a/0x30 [ 12.380427] [ 12.380502] The buggy address belongs to the object at ffff8881028b1000 [ 12.380502] which belongs to the cache kmalloc-128 of size 128 [ 12.381297] The buggy address is located 0 bytes inside of [ 12.381297] freed 128-byte region [ffff8881028b1000, ffff8881028b1080) [ 12.381919] [ 12.381999] The buggy address belongs to the physical page: [ 12.382312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028b1 [ 12.382686] flags: 0x200000000000000(node=0|zone=2) [ 12.383108] page_type: f5(slab) [ 12.383236] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.383660] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.384251] page dumped because: kasan: bad access detected [ 12.384510] [ 12.384616] Memory state around the buggy address: [ 12.385049] ffff8881028b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.385372] ffff8881028b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.385711] >ffff8881028b1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.385992] ^ [ 12.386111] ffff8881028b1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.386420] ffff8881028b1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.386856] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper: Failure
Automatically assigned
[ 12.320206] ================================================================== [ 12.320726] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.322131] Read of size 1 at addr ffff888102fa62bb by task kunit_try_catch/242 [ 12.322744] [ 12.323092] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.323148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.323162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.323192] Call Trace: [ 12.323206] <TASK> [ 12.323222] dump_stack_lvl+0x73/0xb0 [ 12.323252] print_report+0xd1/0x650 [ 12.323275] ? __virt_addr_valid+0x1db/0x2d0 [ 12.323299] ? mempool_oob_right_helper+0x318/0x380 [ 12.323323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.323345] ? mempool_oob_right_helper+0x318/0x380 [ 12.323369] kasan_report+0x141/0x180 [ 12.323392] ? mempool_oob_right_helper+0x318/0x380 [ 12.323421] __asan_report_load1_noabort+0x18/0x20 [ 12.323443] mempool_oob_right_helper+0x318/0x380 [ 12.323468] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.323492] ? update_load_avg+0x1be/0x21b0 [ 12.323520] ? finish_task_switch.isra.0+0x153/0x700 [ 12.323547] mempool_slab_oob_right+0xed/0x140 [ 12.323568] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.323591] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.323621] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.323645] ? __pfx_read_tsc+0x10/0x10 [ 12.323667] ? ktime_get_ts64+0x86/0x230 [ 12.323691] kunit_try_run_case+0x1a5/0x480 [ 12.323713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.323759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.323822] ? __kthread_parkme+0x82/0x180 [ 12.323845] ? preempt_count_sub+0x50/0x80 [ 12.323869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.323892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.323919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.323954] kthread+0x337/0x6f0 [ 12.323975] ? trace_preempt_on+0x20/0xc0 [ 12.324000] ? __pfx_kthread+0x10/0x10 [ 12.324032] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.324056] ? calculate_sigpending+0x7b/0xa0 [ 12.324080] ? __pfx_kthread+0x10/0x10 [ 12.324103] ret_from_fork+0x116/0x1d0 [ 12.324123] ? __pfx_kthread+0x10/0x10 [ 12.324144] ret_from_fork_asm+0x1a/0x30 [ 12.324175] </TASK> [ 12.324186] [ 12.337267] Allocated by task 242: [ 12.337460] kasan_save_stack+0x45/0x70 [ 12.337669] kasan_save_track+0x18/0x40 [ 12.337907] kasan_save_alloc_info+0x3b/0x50 [ 12.338112] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.338348] remove_element+0x11e/0x190 [ 12.338525] mempool_alloc_preallocated+0x4d/0x90 [ 12.339163] mempool_oob_right_helper+0x8a/0x380 [ 12.339543] mempool_slab_oob_right+0xed/0x140 [ 12.339980] kunit_try_run_case+0x1a5/0x480 [ 12.340271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.340664] kthread+0x337/0x6f0 [ 12.341021] ret_from_fork+0x116/0x1d0 [ 12.341209] ret_from_fork_asm+0x1a/0x30 [ 12.341396] [ 12.341490] The buggy address belongs to the object at ffff888102fa6240 [ 12.341490] which belongs to the cache test_cache of size 123 [ 12.342664] The buggy address is located 0 bytes to the right of [ 12.342664] allocated 123-byte region [ffff888102fa6240, ffff888102fa62bb) [ 12.343380] [ 12.343481] The buggy address belongs to the physical page: [ 12.343714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa6 [ 12.344384] flags: 0x200000000000000(node=0|zone=2) [ 12.344603] page_type: f5(slab) [ 12.344742] raw: 0200000000000000 ffff8881011dadc0 dead000000000122 0000000000000000 [ 12.345223] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.345552] page dumped because: kasan: bad access detected [ 12.345823] [ 12.345906] Memory state around the buggy address: [ 12.346381] ffff888102fa6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.346688] ffff888102fa6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.346998] >ffff888102fa6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.347409] ^ [ 12.347648] ffff888102fa6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.348031] ffff888102fa6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.348462] ================================================================== [ 12.264731] ================================================================== [ 12.265652] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.266139] Read of size 1 at addr ffff888102f96573 by task kunit_try_catch/238 [ 12.266453] [ 12.266589] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.266654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.266667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.266691] Call Trace: [ 12.266714] <TASK> [ 12.266735] dump_stack_lvl+0x73/0xb0 [ 12.266801] print_report+0xd1/0x650 [ 12.267061] ? __virt_addr_valid+0x1db/0x2d0 [ 12.267096] ? mempool_oob_right_helper+0x318/0x380 [ 12.267128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.267152] ? mempool_oob_right_helper+0x318/0x380 [ 12.267178] kasan_report+0x141/0x180 [ 12.267201] ? mempool_oob_right_helper+0x318/0x380 [ 12.267230] __asan_report_load1_noabort+0x18/0x20 [ 12.267252] mempool_oob_right_helper+0x318/0x380 [ 12.267278] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.267305] ? __kasan_check_write+0x18/0x20 [ 12.267327] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.267355] ? finish_task_switch.isra.0+0x153/0x700 [ 12.267385] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.267411] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.267440] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.267462] ? __pfx_mempool_kfree+0x10/0x10 [ 12.267484] ? __pfx_read_tsc+0x10/0x10 [ 12.267507] ? ktime_get_ts64+0x86/0x230 [ 12.267534] kunit_try_run_case+0x1a5/0x480 [ 12.267558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.267578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.267605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.267642] ? __kthread_parkme+0x82/0x180 [ 12.267665] ? preempt_count_sub+0x50/0x80 [ 12.267688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.267709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.267734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.267825] kthread+0x337/0x6f0 [ 12.267848] ? trace_preempt_on+0x20/0xc0 [ 12.267873] ? __pfx_kthread+0x10/0x10 [ 12.267895] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.267918] ? calculate_sigpending+0x7b/0xa0 [ 12.267942] ? __pfx_kthread+0x10/0x10 [ 12.267964] ret_from_fork+0x116/0x1d0 [ 12.267983] ? __pfx_kthread+0x10/0x10 [ 12.268003] ret_from_fork_asm+0x1a/0x30 [ 12.268035] </TASK> [ 12.268048] [ 12.278557] Allocated by task 238: [ 12.279009] kasan_save_stack+0x45/0x70 [ 12.279273] kasan_save_track+0x18/0x40 [ 12.279600] kasan_save_alloc_info+0x3b/0x50 [ 12.279867] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.280318] remove_element+0x11e/0x190 [ 12.280521] mempool_alloc_preallocated+0x4d/0x90 [ 12.280748] mempool_oob_right_helper+0x8a/0x380 [ 12.281139] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.281414] kunit_try_run_case+0x1a5/0x480 [ 12.281685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.282156] kthread+0x337/0x6f0 [ 12.282329] ret_from_fork+0x116/0x1d0 [ 12.282484] ret_from_fork_asm+0x1a/0x30 [ 12.282709] [ 12.282807] The buggy address belongs to the object at ffff888102f96500 [ 12.282807] which belongs to the cache kmalloc-128 of size 128 [ 12.283281] The buggy address is located 0 bytes to the right of [ 12.283281] allocated 115-byte region [ffff888102f96500, ffff888102f96573) [ 12.284248] [ 12.284354] The buggy address belongs to the physical page: [ 12.284565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f96 [ 12.285237] flags: 0x200000000000000(node=0|zone=2) [ 12.285562] page_type: f5(slab) [ 12.285909] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.286312] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.286720] page dumped because: kasan: bad access detected [ 12.287156] [ 12.287258] Memory state around the buggy address: [ 12.287570] ffff888102f96400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.288057] ffff888102f96480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.288445] >ffff888102f96500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.288723] ^ [ 12.289168] ffff888102f96580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.289545] ffff888102f96600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.289926] ================================================================== [ 12.293071] ================================================================== [ 12.293604] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.293981] Read of size 1 at addr ffff888102a8a001 by task kunit_try_catch/240 [ 12.294371] [ 12.294698] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.294751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.294978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.295007] Call Trace: [ 12.295021] <TASK> [ 12.295038] dump_stack_lvl+0x73/0xb0 [ 12.295069] print_report+0xd1/0x650 [ 12.295091] ? __virt_addr_valid+0x1db/0x2d0 [ 12.295116] ? mempool_oob_right_helper+0x318/0x380 [ 12.295139] ? kasan_addr_to_slab+0x11/0xa0 [ 12.295160] ? mempool_oob_right_helper+0x318/0x380 [ 12.295185] kasan_report+0x141/0x180 [ 12.295208] ? mempool_oob_right_helper+0x318/0x380 [ 12.295236] __asan_report_load1_noabort+0x18/0x20 [ 12.295258] mempool_oob_right_helper+0x318/0x380 [ 12.295283] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.295308] ? __kasan_check_write+0x18/0x20 [ 12.295328] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.295350] ? finish_task_switch.isra.0+0x153/0x700 [ 12.295377] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.295402] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.295429] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.295450] ? __pfx_mempool_kfree+0x10/0x10 [ 12.295471] ? __pfx_read_tsc+0x10/0x10 [ 12.295492] ? ktime_get_ts64+0x86/0x230 [ 12.295517] kunit_try_run_case+0x1a5/0x480 [ 12.295539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.295559] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.295584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.295620] ? __kthread_parkme+0x82/0x180 [ 12.295641] ? preempt_count_sub+0x50/0x80 [ 12.295663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.295685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.295728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.295752] kthread+0x337/0x6f0 [ 12.295772] ? trace_preempt_on+0x20/0xc0 [ 12.295795] ? __pfx_kthread+0x10/0x10 [ 12.295834] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.295856] ? calculate_sigpending+0x7b/0xa0 [ 12.295889] ? __pfx_kthread+0x10/0x10 [ 12.295911] ret_from_fork+0x116/0x1d0 [ 12.295929] ? __pfx_kthread+0x10/0x10 [ 12.295950] ret_from_fork_asm+0x1a/0x30 [ 12.295981] </TASK> [ 12.295993] [ 12.307030] The buggy address belongs to the physical page: [ 12.307239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a88 [ 12.307590] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.308004] flags: 0x200000000000040(head|node=0|zone=2) [ 12.308410] page_type: f8(unknown) [ 12.308695] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.309036] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.309573] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.310085] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.310397] head: 0200000000000002 ffffea00040aa201 00000000ffffffff 00000000ffffffff [ 12.311076] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.311402] page dumped because: kasan: bad access detected [ 12.311786] [ 12.312076] Memory state around the buggy address: [ 12.312279] ffff888102a89f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.312590] ffff888102a89f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.313179] >ffff888102a8a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.313490] ^ [ 12.313989] ffff888102a8a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.314374] ffff888102a8a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.314836] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
Automatically assigned
[ 11.694872] ================================================================== [ 11.695288] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 11.695550] Read of size 1 at addr ffff8881011dab40 by task kunit_try_catch/232 [ 11.696190] [ 11.696297] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.696349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.696361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.696384] Call Trace: [ 11.696397] <TASK> [ 11.696415] dump_stack_lvl+0x73/0xb0 [ 11.696444] print_report+0xd1/0x650 [ 11.696468] ? __virt_addr_valid+0x1db/0x2d0 [ 11.696492] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.696546] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.696571] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.696593] kasan_report+0x141/0x180 [ 11.696627] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.696651] ? kmem_cache_double_destroy+0x1bf/0x380 [ 11.696673] __kasan_check_byte+0x3d/0x50 [ 11.696716] kmem_cache_destroy+0x25/0x1d0 [ 11.696740] kmem_cache_double_destroy+0x1bf/0x380 [ 11.696762] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 11.696783] ? finish_task_switch.isra.0+0x153/0x700 [ 11.696805] ? __switch_to+0x47/0xf50 [ 11.696835] ? __pfx_read_tsc+0x10/0x10 [ 11.696856] ? ktime_get_ts64+0x86/0x230 [ 11.696882] kunit_try_run_case+0x1a5/0x480 [ 11.696907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.696927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.696953] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.696978] ? __kthread_parkme+0x82/0x180 [ 11.697031] ? preempt_count_sub+0x50/0x80 [ 11.697054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.697076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.697100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.697125] kthread+0x337/0x6f0 [ 11.697145] ? trace_preempt_on+0x20/0xc0 [ 11.697169] ? __pfx_kthread+0x10/0x10 [ 11.697190] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.697213] ? calculate_sigpending+0x7b/0xa0 [ 11.697237] ? __pfx_kthread+0x10/0x10 [ 11.697259] ret_from_fork+0x116/0x1d0 [ 11.697278] ? __pfx_kthread+0x10/0x10 [ 11.697299] ret_from_fork_asm+0x1a/0x30 [ 11.697330] </TASK> [ 11.697342] [ 11.711428] Allocated by task 232: [ 11.712107] kasan_save_stack+0x45/0x70 [ 11.712665] kasan_save_track+0x18/0x40 [ 11.713212] kasan_save_alloc_info+0x3b/0x50 [ 11.713379] __kasan_slab_alloc+0x91/0xa0 [ 11.713522] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.713698] __kmem_cache_create_args+0x169/0x240 [ 11.713861] kmem_cache_double_destroy+0xd5/0x380 [ 11.714301] kunit_try_run_case+0x1a5/0x480 [ 11.714464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.714720] kthread+0x337/0x6f0 [ 11.714961] ret_from_fork+0x116/0x1d0 [ 11.715182] ret_from_fork_asm+0x1a/0x30 [ 11.715361] [ 11.715458] Freed by task 232: [ 11.715650] kasan_save_stack+0x45/0x70 [ 11.716011] kasan_save_track+0x18/0x40 [ 11.716251] kasan_save_free_info+0x3f/0x60 [ 11.716461] __kasan_slab_free+0x56/0x70 [ 11.716675] kmem_cache_free+0x249/0x420 [ 11.716899] slab_kmem_cache_release+0x2e/0x40 [ 11.717048] kmem_cache_release+0x16/0x20 [ 11.717563] kobject_put+0x181/0x450 [ 11.717769] sysfs_slab_release+0x16/0x20 [ 11.718342] kmem_cache_destroy+0xf0/0x1d0 [ 11.718566] kmem_cache_double_destroy+0x14e/0x380 [ 11.718968] kunit_try_run_case+0x1a5/0x480 [ 11.719249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.719483] kthread+0x337/0x6f0 [ 11.719644] ret_from_fork+0x116/0x1d0 [ 11.720035] ret_from_fork_asm+0x1a/0x30 [ 11.720356] [ 11.720593] The buggy address belongs to the object at ffff8881011dab40 [ 11.720593] which belongs to the cache kmem_cache of size 208 [ 11.721332] The buggy address is located 0 bytes inside of [ 11.721332] freed 208-byte region [ffff8881011dab40, ffff8881011dac10) [ 11.722302] [ 11.722413] The buggy address belongs to the physical page: [ 11.722929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1011da [ 11.723281] flags: 0x200000000000000(node=0|zone=2) [ 11.723504] page_type: f5(slab) [ 11.723671] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 11.724538] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 11.725360] page dumped because: kasan: bad access detected [ 11.725636] [ 11.725731] Memory state around the buggy address: [ 11.726271] ffff8881011daa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.726733] ffff8881011daa80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 11.727242] >ffff8881011dab00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 11.727513] ^ [ 11.727725] ffff8881011dab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.728243] ffff8881011dac00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.728557] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf: Failure
Automatically assigned
[ 11.640101] ================================================================== [ 11.640682] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.641097] Read of size 1 at addr ffff8881028ad000 by task kunit_try_catch/230 [ 11.641525] [ 11.641640] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.641689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.641701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.641724] Call Trace: [ 11.641738] <TASK> [ 11.641755] dump_stack_lvl+0x73/0xb0 [ 11.641895] print_report+0xd1/0x650 [ 11.641925] ? __virt_addr_valid+0x1db/0x2d0 [ 11.641950] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.641973] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.641996] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.642019] kasan_report+0x141/0x180 [ 11.642041] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.642069] __asan_report_load1_noabort+0x18/0x20 [ 11.642089] kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.642113] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 11.642135] ? finish_task_switch.isra.0+0x153/0x700 [ 11.642158] ? __switch_to+0x47/0xf50 [ 11.642187] ? __pfx_read_tsc+0x10/0x10 [ 11.642208] ? ktime_get_ts64+0x86/0x230 [ 11.642234] kunit_try_run_case+0x1a5/0x480 [ 11.642256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.642276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.642322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.642347] ? __kthread_parkme+0x82/0x180 [ 11.642367] ? preempt_count_sub+0x50/0x80 [ 11.642390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.642410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.642433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.642457] kthread+0x337/0x6f0 [ 11.642476] ? trace_preempt_on+0x20/0xc0 [ 11.642500] ? __pfx_kthread+0x10/0x10 [ 11.642520] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.642546] ? calculate_sigpending+0x7b/0xa0 [ 11.642571] ? __pfx_kthread+0x10/0x10 [ 11.642592] ret_from_fork+0x116/0x1d0 [ 11.642619] ? __pfx_kthread+0x10/0x10 [ 11.642641] ret_from_fork_asm+0x1a/0x30 [ 11.642673] </TASK> [ 11.642685] [ 11.653023] Allocated by task 230: [ 11.653310] kasan_save_stack+0x45/0x70 [ 11.653523] kasan_save_track+0x18/0x40 [ 11.653714] kasan_save_alloc_info+0x3b/0x50 [ 11.654146] __kasan_slab_alloc+0x91/0xa0 [ 11.654463] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.654851] kmem_cache_rcu_uaf+0x155/0x510 [ 11.655181] kunit_try_run_case+0x1a5/0x480 [ 11.655381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.655624] kthread+0x337/0x6f0 [ 11.655987] ret_from_fork+0x116/0x1d0 [ 11.656284] ret_from_fork_asm+0x1a/0x30 [ 11.656577] [ 11.656815] Freed by task 0: [ 11.657099] kasan_save_stack+0x45/0x70 [ 11.657303] kasan_save_track+0x18/0x40 [ 11.657488] kasan_save_free_info+0x3f/0x60 [ 11.657685] __kasan_slab_free+0x56/0x70 [ 11.658634] slab_free_after_rcu_debug+0xe4/0x310 [ 11.658945] rcu_core+0x66f/0x1c40 [ 11.659362] rcu_core_si+0x12/0x20 [ 11.659558] handle_softirqs+0x209/0x730 [ 11.659919] __irq_exit_rcu+0xc9/0x110 [ 11.660160] irq_exit_rcu+0x12/0x20 [ 11.660343] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.660559] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.661008] [ 11.661274] Last potentially related work creation: [ 11.661574] kasan_save_stack+0x45/0x70 [ 11.662007] kasan_record_aux_stack+0xb2/0xc0 [ 11.662220] kmem_cache_free+0x131/0x420 [ 11.662403] kmem_cache_rcu_uaf+0x194/0x510 [ 11.662595] kunit_try_run_case+0x1a5/0x480 [ 11.663062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.663387] kthread+0x337/0x6f0 [ 11.663824] ret_from_fork+0x116/0x1d0 [ 11.664144] ret_from_fork_asm+0x1a/0x30 [ 11.664345] [ 11.664436] The buggy address belongs to the object at ffff8881028ad000 [ 11.664436] which belongs to the cache test_cache of size 200 [ 11.665406] The buggy address is located 0 bytes inside of [ 11.665406] freed 200-byte region [ffff8881028ad000, ffff8881028ad0c8) [ 11.666262] [ 11.666505] The buggy address belongs to the physical page: [ 11.667131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ad [ 11.667484] flags: 0x200000000000000(node=0|zone=2) [ 11.667717] page_type: f5(slab) [ 11.668168] raw: 0200000000000000 ffff8881028a7280 dead000000000122 0000000000000000 [ 11.668500] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.669183] page dumped because: kasan: bad access detected [ 11.669510] [ 11.669620] Memory state around the buggy address: [ 11.669950] ffff8881028acf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.670249] ffff8881028acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.670542] >ffff8881028ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.671271] ^ [ 11.671456] ffff8881028ad080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.672046] ffff8881028ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.672359] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
Automatically assigned
[ 11.576581] ================================================================== [ 11.577410] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 11.578093] Free of addr ffff888102fa0001 by task kunit_try_catch/228 [ 11.578865] [ 11.579163] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.579215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.579228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.579259] Call Trace: [ 11.579271] <TASK> [ 11.579288] dump_stack_lvl+0x73/0xb0 [ 11.579316] print_report+0xd1/0x650 [ 11.579339] ? __virt_addr_valid+0x1db/0x2d0 [ 11.579363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.579384] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.579406] kasan_report_invalid_free+0x10a/0x130 [ 11.579430] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.579453] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.579473] check_slab_allocation+0x11f/0x130 [ 11.579495] __kasan_slab_pre_free+0x28/0x40 [ 11.579516] kmem_cache_free+0xed/0x420 [ 11.579537] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.579558] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.579582] kmem_cache_invalid_free+0x1d8/0x460 [ 11.579602] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 11.579637] ? finish_task_switch.isra.0+0x153/0x700 [ 11.579659] ? __switch_to+0x47/0xf50 [ 11.579687] ? __pfx_read_tsc+0x10/0x10 [ 11.579709] ? ktime_get_ts64+0x86/0x230 [ 11.579733] kunit_try_run_case+0x1a5/0x480 [ 11.579783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.579803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.579870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.579894] ? __kthread_parkme+0x82/0x180 [ 11.579915] ? preempt_count_sub+0x50/0x80 [ 11.579938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.580099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.580185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.580211] kthread+0x337/0x6f0 [ 11.580230] ? trace_preempt_on+0x20/0xc0 [ 11.580255] ? __pfx_kthread+0x10/0x10 [ 11.580275] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.580297] ? calculate_sigpending+0x7b/0xa0 [ 11.580321] ? __pfx_kthread+0x10/0x10 [ 11.580343] ret_from_fork+0x116/0x1d0 [ 11.580361] ? __pfx_kthread+0x10/0x10 [ 11.580381] ret_from_fork_asm+0x1a/0x30 [ 11.580412] </TASK> [ 11.580422] [ 11.594162] Allocated by task 228: [ 11.594350] kasan_save_stack+0x45/0x70 [ 11.594563] kasan_save_track+0x18/0x40 [ 11.594852] kasan_save_alloc_info+0x3b/0x50 [ 11.595097] __kasan_slab_alloc+0x91/0xa0 [ 11.595242] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.595471] kmem_cache_invalid_free+0x157/0x460 [ 11.595772] kunit_try_run_case+0x1a5/0x480 [ 11.596146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.596395] kthread+0x337/0x6f0 [ 11.596562] ret_from_fork+0x116/0x1d0 [ 11.596808] ret_from_fork_asm+0x1a/0x30 [ 11.597244] [ 11.597372] The buggy address belongs to the object at ffff888102fa0000 [ 11.597372] which belongs to the cache test_cache of size 200 [ 11.598056] The buggy address is located 1 bytes inside of [ 11.598056] 200-byte region [ffff888102fa0000, ffff888102fa00c8) [ 11.598618] [ 11.598761] The buggy address belongs to the physical page: [ 11.599147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fa0 [ 11.599564] flags: 0x200000000000000(node=0|zone=2) [ 11.599963] page_type: f5(slab) [ 11.600125] raw: 0200000000000000 ffff8881011daa00 dead000000000122 0000000000000000 [ 11.600536] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.600920] page dumped because: kasan: bad access detected [ 11.601229] [ 11.601571] Memory state around the buggy address: [ 11.601958] ffff888102f9ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.602247] ffff888102f9ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.602597] >ffff888102fa0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.602959] ^ [ 11.603126] ffff888102fa0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.603481] ffff888102fa0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603847] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
Automatically assigned
[ 11.543588] ================================================================== [ 11.544570] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 11.544827] Free of addr ffff8881028ab000 by task kunit_try_catch/226 [ 11.545035] [ 11.545135] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.545185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.545199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.545220] Call Trace: [ 11.545234] <TASK> [ 11.545252] dump_stack_lvl+0x73/0xb0 [ 11.545281] print_report+0xd1/0x650 [ 11.545305] ? __virt_addr_valid+0x1db/0x2d0 [ 11.545330] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.545351] ? kmem_cache_double_free+0x1e5/0x480 [ 11.545373] kasan_report_invalid_free+0x10a/0x130 [ 11.545398] ? kmem_cache_double_free+0x1e5/0x480 [ 11.545421] ? kmem_cache_double_free+0x1e5/0x480 [ 11.545442] check_slab_allocation+0x101/0x130 [ 11.545464] __kasan_slab_pre_free+0x28/0x40 [ 11.545485] kmem_cache_free+0xed/0x420 [ 11.545506] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.545526] ? kmem_cache_double_free+0x1e5/0x480 [ 11.545550] kmem_cache_double_free+0x1e5/0x480 [ 11.545570] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 11.545590] ? finish_task_switch.isra.0+0x153/0x700 [ 11.545625] ? __switch_to+0x47/0xf50 [ 11.545653] ? __pfx_read_tsc+0x10/0x10 [ 11.545674] ? ktime_get_ts64+0x86/0x230 [ 11.545700] kunit_try_run_case+0x1a5/0x480 [ 11.545722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.545741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.545767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.545791] ? __kthread_parkme+0x82/0x180 [ 11.545811] ? preempt_count_sub+0x50/0x80 [ 11.545833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.545854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.545877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.545901] kthread+0x337/0x6f0 [ 11.545920] ? trace_preempt_on+0x20/0xc0 [ 11.545943] ? __pfx_kthread+0x10/0x10 [ 11.545963] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.545985] ? calculate_sigpending+0x7b/0xa0 [ 11.546009] ? __pfx_kthread+0x10/0x10 [ 11.546030] ret_from_fork+0x116/0x1d0 [ 11.546047] ? __pfx_kthread+0x10/0x10 [ 11.546068] ret_from_fork_asm+0x1a/0x30 [ 11.546098] </TASK> [ 11.546109] [ 11.558691] Allocated by task 226: [ 11.558857] kasan_save_stack+0x45/0x70 [ 11.559038] kasan_save_track+0x18/0x40 [ 11.559270] kasan_save_alloc_info+0x3b/0x50 [ 11.559511] __kasan_slab_alloc+0x91/0xa0 [ 11.559727] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.559972] kmem_cache_double_free+0x14f/0x480 [ 11.560215] kunit_try_run_case+0x1a5/0x480 [ 11.560429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.560707] kthread+0x337/0x6f0 [ 11.560926] ret_from_fork+0x116/0x1d0 [ 11.561138] ret_from_fork_asm+0x1a/0x30 [ 11.561368] [ 11.561459] Freed by task 226: [ 11.561652] kasan_save_stack+0x45/0x70 [ 11.561914] kasan_save_track+0x18/0x40 [ 11.562121] kasan_save_free_info+0x3f/0x60 [ 11.562350] __kasan_slab_free+0x56/0x70 [ 11.562541] kmem_cache_free+0x249/0x420 [ 11.562811] kmem_cache_double_free+0x16a/0x480 [ 11.563031] kunit_try_run_case+0x1a5/0x480 [ 11.563258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.563558] kthread+0x337/0x6f0 [ 11.563719] ret_from_fork+0x116/0x1d0 [ 11.563960] ret_from_fork_asm+0x1a/0x30 [ 11.564182] [ 11.564271] The buggy address belongs to the object at ffff8881028ab000 [ 11.564271] which belongs to the cache test_cache of size 200 [ 11.564839] The buggy address is located 0 bytes inside of [ 11.564839] 200-byte region [ffff8881028ab000, ffff8881028ab0c8) [ 11.565344] [ 11.565434] The buggy address belongs to the physical page: [ 11.565712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028ab [ 11.566041] flags: 0x200000000000000(node=0|zone=2) [ 11.566210] page_type: f5(slab) [ 11.566368] raw: 0200000000000000 ffff8881028a7140 dead000000000122 0000000000000000 [ 11.566792] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.567130] page dumped because: kasan: bad access detected [ 11.567309] [ 11.567379] Memory state around the buggy address: [ 11.567558] ffff8881028aaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.568005] ffff8881028aaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.568379] >ffff8881028ab000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.568686] ^ [ 11.568832] ffff8881028ab080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.569193] ffff8881028ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.569545] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
Automatically assigned
[ 11.498377] ================================================================== [ 11.499327] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.499564] Read of size 1 at addr ffff8881028a90c8 by task kunit_try_catch/224 [ 11.500069] [ 11.500294] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 11.500367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.500408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.500440] Call Trace: [ 11.500452] <TASK> [ 11.500468] dump_stack_lvl+0x73/0xb0 [ 11.500496] print_report+0xd1/0x650 [ 11.500519] ? __virt_addr_valid+0x1db/0x2d0 [ 11.500541] ? kmem_cache_oob+0x402/0x530 [ 11.500559] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.500581] ? kmem_cache_oob+0x402/0x530 [ 11.500600] kasan_report+0x141/0x180 [ 11.500634] ? kmem_cache_oob+0x402/0x530 [ 11.500657] __asan_report_load1_noabort+0x18/0x20 [ 11.500678] kmem_cache_oob+0x402/0x530 [ 11.500696] ? trace_hardirqs_on+0x37/0xe0 [ 11.500719] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.500744] ? finish_task_switch.isra.0+0x153/0x700 [ 11.500765] ? __switch_to+0x47/0xf50 [ 11.500793] ? __pfx_read_tsc+0x10/0x10 [ 11.500814] ? ktime_get_ts64+0x86/0x230 [ 11.500838] kunit_try_run_case+0x1a5/0x480 [ 11.500859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.500878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.500902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.500926] ? __kthread_parkme+0x82/0x180 [ 11.500946] ? preempt_count_sub+0x50/0x80 [ 11.500968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.500989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.501013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.501036] kthread+0x337/0x6f0 [ 11.501055] ? trace_preempt_on+0x20/0xc0 [ 11.501077] ? __pfx_kthread+0x10/0x10 [ 11.501097] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.501119] ? calculate_sigpending+0x7b/0xa0 [ 11.501143] ? __pfx_kthread+0x10/0x10 [ 11.501186] ret_from_fork+0x116/0x1d0 [ 11.501204] ? __pfx_kthread+0x10/0x10 [ 11.501230] ret_from_fork_asm+0x1a/0x30 [ 11.501260] </TASK> [ 11.501271] [ 11.515555] Allocated by task 224: [ 11.515972] kasan_save_stack+0x45/0x70 [ 11.516458] kasan_save_track+0x18/0x40 [ 11.516605] kasan_save_alloc_info+0x3b/0x50 [ 11.517082] __kasan_slab_alloc+0x91/0xa0 [ 11.517523] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.517935] kmem_cache_oob+0x157/0x530 [ 11.518153] kunit_try_run_case+0x1a5/0x480 [ 11.518532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.518963] kthread+0x337/0x6f0 [ 11.519097] ret_from_fork+0x116/0x1d0 [ 11.519231] ret_from_fork_asm+0x1a/0x30 [ 11.519372] [ 11.519446] The buggy address belongs to the object at ffff8881028a9000 [ 11.519446] which belongs to the cache test_cache of size 200 [ 11.519994] The buggy address is located 0 bytes to the right of [ 11.519994] allocated 200-byte region [ffff8881028a9000, ffff8881028a90c8) [ 11.520886] [ 11.521172] The buggy address belongs to the physical page: [ 11.521450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028a9 [ 11.521877] flags: 0x200000000000000(node=0|zone=2) [ 11.522215] page_type: f5(slab) [ 11.522430] raw: 0200000000000000 ffff8881028a7000 dead000000000122 0000000000000000 [ 11.522794] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.523308] page dumped because: kasan: bad access detected [ 11.523486] [ 11.523557] Memory state around the buggy address: [ 11.524042] ffff8881028a8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.525010] ffff8881028a9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.525742] >ffff8881028a9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.526247] ^ [ 11.526434] ffff8881028a9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.526677] ffff8881028a9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.527283] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf: Failure
Automatically assigned
[ 10.471661] ================================================================== [ 10.472432] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.472685] Read of size 1 at addr ffff8881039d0000 by task kunit_try_catch/171 [ 10.473011] [ 10.473134] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.473182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.473195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.473216] Call Trace: [ 10.473228] <TASK> [ 10.473244] dump_stack_lvl+0x73/0xb0 [ 10.473271] print_report+0xd1/0x650 [ 10.473294] ? __virt_addr_valid+0x1db/0x2d0 [ 10.473317] ? page_alloc_uaf+0x356/0x3d0 [ 10.473338] ? kasan_addr_to_slab+0x11/0xa0 [ 10.473359] ? page_alloc_uaf+0x356/0x3d0 [ 10.473453] kasan_report+0x141/0x180 [ 10.473495] ? page_alloc_uaf+0x356/0x3d0 [ 10.473523] __asan_report_load1_noabort+0x18/0x20 [ 10.473543] page_alloc_uaf+0x356/0x3d0 [ 10.473565] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.473588] ? __schedule+0x10cc/0x2b60 [ 10.473623] ? __pfx_read_tsc+0x10/0x10 [ 10.473645] ? ktime_get_ts64+0x86/0x230 [ 10.473669] kunit_try_run_case+0x1a5/0x480 [ 10.473692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.473711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.473736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.473761] ? __kthread_parkme+0x82/0x180 [ 10.473782] ? preempt_count_sub+0x50/0x80 [ 10.473805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.473826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.473869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.473893] kthread+0x337/0x6f0 [ 10.473912] ? trace_preempt_on+0x20/0xc0 [ 10.473935] ? __pfx_kthread+0x10/0x10 [ 10.473956] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.474023] ? calculate_sigpending+0x7b/0xa0 [ 10.474048] ? __pfx_kthread+0x10/0x10 [ 10.474089] ret_from_fork+0x116/0x1d0 [ 10.474107] ? __pfx_kthread+0x10/0x10 [ 10.474128] ret_from_fork_asm+0x1a/0x30 [ 10.474159] </TASK> [ 10.474170] [ 10.482041] The buggy address belongs to the physical page: [ 10.482573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039d0 [ 10.483529] flags: 0x200000000000000(node=0|zone=2) [ 10.483783] page_type: f0(buddy) [ 10.483979] raw: 0200000000000000 ffff88817fffc460 ffff88817fffc460 0000000000000000 [ 10.484372] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 10.485409] page dumped because: kasan: bad access detected [ 10.485694] [ 10.485840] Memory state around the buggy address: [ 10.486168] ffff8881039cff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.486497] ffff8881039cff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.486794] >ffff8881039d0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.487208] ^ [ 10.487376] ffff8881039d0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.487707] ffff8881039d0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.487976] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
Automatically assigned
[ 10.447341] ================================================================== [ 10.447849] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.448099] Free of addr ffff888102a70001 by task kunit_try_catch/167 [ 10.448372] [ 10.448483] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.448526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.448538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.448560] Call Trace: [ 10.448573] <TASK> [ 10.448589] dump_stack_lvl+0x73/0xb0 [ 10.448628] print_report+0xd1/0x650 [ 10.448650] ? __virt_addr_valid+0x1db/0x2d0 [ 10.448674] ? kasan_addr_to_slab+0x11/0xa0 [ 10.448694] ? kfree+0x274/0x3f0 [ 10.448712] kasan_report_invalid_free+0x10a/0x130 [ 10.448736] ? kfree+0x274/0x3f0 [ 10.448755] ? kfree+0x274/0x3f0 [ 10.448772] __kasan_kfree_large+0x86/0xd0 [ 10.448793] free_large_kmalloc+0x4b/0x110 [ 10.448817] kfree+0x274/0x3f0 [ 10.448838] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.448861] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.448884] ? __schedule+0x10cc/0x2b60 [ 10.448907] ? __pfx_read_tsc+0x10/0x10 [ 10.448928] ? ktime_get_ts64+0x86/0x230 [ 10.448952] kunit_try_run_case+0x1a5/0x480 [ 10.448974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.448992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.449016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.449039] ? __kthread_parkme+0x82/0x180 [ 10.449059] ? preempt_count_sub+0x50/0x80 [ 10.449082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.449102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.449125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.449149] kthread+0x337/0x6f0 [ 10.449167] ? trace_preempt_on+0x20/0xc0 [ 10.449190] ? __pfx_kthread+0x10/0x10 [ 10.449210] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.449231] ? calculate_sigpending+0x7b/0xa0 [ 10.449254] ? __pfx_kthread+0x10/0x10 [ 10.449275] ret_from_fork+0x116/0x1d0 [ 10.449292] ? __pfx_kthread+0x10/0x10 [ 10.449312] ret_from_fork_asm+0x1a/0x30 [ 10.449342] </TASK> [ 10.449351] [ 10.458682] The buggy address belongs to the physical page: [ 10.459023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a70 [ 10.459359] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.459876] flags: 0x200000000000040(head|node=0|zone=2) [ 10.460082] page_type: f8(unknown) [ 10.460221] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.460587] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.460935] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.461432] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.461848] head: 0200000000000002 ffffea00040a9c01 00000000ffffffff 00000000ffffffff [ 10.462145] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.462484] page dumped because: kasan: bad access detected [ 10.462901] [ 10.463005] Memory state around the buggy address: [ 10.463197] ffff888102a6ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.463519] ffff888102a6ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.463748] >ffff888102a70000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.463979] ^ [ 10.464316] ffff888102a70080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.464749] ffff888102a70100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.465558] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf: Failure
Automatically assigned
[ 10.423366] ================================================================== [ 10.424112] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.424439] Read of size 1 at addr ffff8881024c0000 by task kunit_try_catch/165 [ 10.424792] [ 10.424892] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.424937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.424949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.424968] Call Trace: [ 10.424980] <TASK> [ 10.424996] dump_stack_lvl+0x73/0xb0 [ 10.425021] print_report+0xd1/0x650 [ 10.425044] ? __virt_addr_valid+0x1db/0x2d0 [ 10.425067] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.425087] ? kasan_addr_to_slab+0x11/0xa0 [ 10.425108] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.425129] kasan_report+0x141/0x180 [ 10.425151] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.425177] __asan_report_load1_noabort+0x18/0x20 [ 10.425197] kmalloc_large_uaf+0x2f1/0x340 [ 10.425265] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.425299] ? __schedule+0x10cc/0x2b60 [ 10.425323] ? __pfx_read_tsc+0x10/0x10 [ 10.425343] ? ktime_get_ts64+0x86/0x230 [ 10.425368] kunit_try_run_case+0x1a5/0x480 [ 10.425389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.425408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.425431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.425455] ? __kthread_parkme+0x82/0x180 [ 10.425475] ? preempt_count_sub+0x50/0x80 [ 10.425498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.425518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.425542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.425566] kthread+0x337/0x6f0 [ 10.425585] ? trace_preempt_on+0x20/0xc0 [ 10.425618] ? __pfx_kthread+0x10/0x10 [ 10.425639] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.425660] ? calculate_sigpending+0x7b/0xa0 [ 10.425684] ? __pfx_kthread+0x10/0x10 [ 10.425705] ret_from_fork+0x116/0x1d0 [ 10.425723] ? __pfx_kthread+0x10/0x10 [ 10.425743] ret_from_fork_asm+0x1a/0x30 [ 10.425773] </TASK> [ 10.425796] [ 10.437208] The buggy address belongs to the physical page: [ 10.437735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024c0 [ 10.438539] flags: 0x200000000000000(node=0|zone=2) [ 10.439169] raw: 0200000000000000 ffff888154639f80 ffff888154639f80 0000000000000000 [ 10.439929] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.440432] page dumped because: kasan: bad access detected [ 10.440622] [ 10.440696] Memory state around the buggy address: [ 10.440972] ffff8881024bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.441754] ffff8881024bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.442531] >ffff8881024c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.443268] ^ [ 10.443646] ffff8881024c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.444191] ffff8881024c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.444420] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
Automatically assigned
[ 10.395796] ================================================================== [ 10.396712] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.396975] Write of size 1 at addr ffff8881024c200a by task kunit_try_catch/163 [ 10.397209] [ 10.397300] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.397345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.397357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.397377] Call Trace: [ 10.397389] <TASK> [ 10.397405] dump_stack_lvl+0x73/0xb0 [ 10.397429] print_report+0xd1/0x650 [ 10.397451] ? __virt_addr_valid+0x1db/0x2d0 [ 10.397474] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.397496] ? kasan_addr_to_slab+0x11/0xa0 [ 10.397516] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.397538] kasan_report+0x141/0x180 [ 10.397560] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.397587] __asan_report_store1_noabort+0x1b/0x30 [ 10.397618] kmalloc_large_oob_right+0x2e9/0x330 [ 10.397640] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.397664] ? __schedule+0x10cc/0x2b60 [ 10.397686] ? __pfx_read_tsc+0x10/0x10 [ 10.397707] ? ktime_get_ts64+0x86/0x230 [ 10.397730] kunit_try_run_case+0x1a5/0x480 [ 10.397752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.397771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.397795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.397819] ? __kthread_parkme+0x82/0x180 [ 10.397839] ? preempt_count_sub+0x50/0x80 [ 10.397862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.397882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.397905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.397929] kthread+0x337/0x6f0 [ 10.397948] ? trace_preempt_on+0x20/0xc0 [ 10.397970] ? __pfx_kthread+0x10/0x10 [ 10.397991] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.398013] ? calculate_sigpending+0x7b/0xa0 [ 10.398036] ? __pfx_kthread+0x10/0x10 [ 10.398057] ret_from_fork+0x116/0x1d0 [ 10.398075] ? __pfx_kthread+0x10/0x10 [ 10.398095] ret_from_fork_asm+0x1a/0x30 [ 10.398125] </TASK> [ 10.398134] [ 10.411918] The buggy address belongs to the physical page: [ 10.412390] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024c0 [ 10.412785] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.413127] flags: 0x200000000000040(head|node=0|zone=2) [ 10.413401] page_type: f8(unknown) [ 10.413582] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.413941] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.414271] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.414824] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.415098] head: 0200000000000002 ffffea0004093001 00000000ffffffff 00000000ffffffff [ 10.415445] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.415998] page dumped because: kasan: bad access detected [ 10.416253] [ 10.416371] Memory state around the buggy address: [ 10.416597] ffff8881024c1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.417036] ffff8881024c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.417372] >ffff8881024c2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.417722] ^ [ 10.417947] ffff8881024c2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.418269] ffff8881024c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.418595] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right: Failure
Automatically assigned
[ 10.364321] ================================================================== [ 10.365512] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.366702] Write of size 1 at addr ffff888102ab5f00 by task kunit_try_catch/161 [ 10.367260] [ 10.367377] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.367692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.367706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.367728] Call Trace: [ 10.367742] <TASK> [ 10.367759] dump_stack_lvl+0x73/0xb0 [ 10.367789] print_report+0xd1/0x650 [ 10.367812] ? __virt_addr_valid+0x1db/0x2d0 [ 10.367836] ? kmalloc_big_oob_right+0x316/0x370 [ 10.367858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.367880] ? kmalloc_big_oob_right+0x316/0x370 [ 10.367903] kasan_report+0x141/0x180 [ 10.367925] ? kmalloc_big_oob_right+0x316/0x370 [ 10.367952] __asan_report_store1_noabort+0x1b/0x30 [ 10.367972] kmalloc_big_oob_right+0x316/0x370 [ 10.367995] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.368018] ? __schedule+0x10cc/0x2b60 [ 10.368042] ? __pfx_read_tsc+0x10/0x10 [ 10.368063] ? ktime_get_ts64+0x86/0x230 [ 10.368087] kunit_try_run_case+0x1a5/0x480 [ 10.368109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.368128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.368152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.368176] ? __kthread_parkme+0x82/0x180 [ 10.368196] ? preempt_count_sub+0x50/0x80 [ 10.368220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.368240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.368264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.368289] kthread+0x337/0x6f0 [ 10.368308] ? trace_preempt_on+0x20/0xc0 [ 10.368331] ? __pfx_kthread+0x10/0x10 [ 10.368351] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.368373] ? calculate_sigpending+0x7b/0xa0 [ 10.368396] ? __pfx_kthread+0x10/0x10 [ 10.368418] ret_from_fork+0x116/0x1d0 [ 10.368435] ? __pfx_kthread+0x10/0x10 [ 10.368455] ret_from_fork_asm+0x1a/0x30 [ 10.368486] </TASK> [ 10.368497] [ 10.376964] Allocated by task 161: [ 10.377311] kasan_save_stack+0x45/0x70 [ 10.378286] kasan_save_track+0x18/0x40 [ 10.378453] kasan_save_alloc_info+0x3b/0x50 [ 10.378979] __kasan_kmalloc+0xb7/0xc0 [ 10.379289] __kmalloc_cache_noprof+0x189/0x420 [ 10.379663] kmalloc_big_oob_right+0xa9/0x370 [ 10.379998] kunit_try_run_case+0x1a5/0x480 [ 10.380326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.380733] kthread+0x337/0x6f0 [ 10.381148] ret_from_fork+0x116/0x1d0 [ 10.381310] ret_from_fork_asm+0x1a/0x30 [ 10.381759] [ 10.381872] The buggy address belongs to the object at ffff888102ab4000 [ 10.381872] which belongs to the cache kmalloc-8k of size 8192 [ 10.383105] The buggy address is located 0 bytes to the right of [ 10.383105] allocated 7936-byte region [ffff888102ab4000, ffff888102ab5f00) [ 10.383738] [ 10.383994] The buggy address belongs to the physical page: [ 10.384213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab0 [ 10.384544] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.385251] flags: 0x200000000000040(head|node=0|zone=2) [ 10.385475] page_type: f5(slab) [ 10.386198] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.386570] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.387114] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.387607] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.388130] head: 0200000000000003 ffffea00040aac01 00000000ffffffff 00000000ffffffff [ 10.388605] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.389131] page dumped because: kasan: bad access detected [ 10.389515] [ 10.389632] Memory state around the buggy address: [ 10.389915] ffff888102ab5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.390188] ffff888102ab5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.390525] >ffff888102ab5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.391232] ^ [ 10.391399] ffff888102ab5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.392151] ffff888102ab6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.392481] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right: Failure
Automatically assigned
[ 10.317376] ================================================================== [ 10.318502] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.318794] Write of size 1 at addr ffff888102896878 by task kunit_try_catch/159 [ 10.319027] [ 10.319119] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.319164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.319177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.319197] Call Trace: [ 10.319209] <TASK> [ 10.319224] dump_stack_lvl+0x73/0xb0 [ 10.319249] print_report+0xd1/0x650 [ 10.319271] ? __virt_addr_valid+0x1db/0x2d0 [ 10.319293] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.319317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.319339] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.319364] kasan_report+0x141/0x180 [ 10.319386] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.319416] __asan_report_store1_noabort+0x1b/0x30 [ 10.319436] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.319462] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.319489] ? __schedule+0x10cc/0x2b60 [ 10.319511] ? __pfx_read_tsc+0x10/0x10 [ 10.319532] ? ktime_get_ts64+0x86/0x230 [ 10.319555] kunit_try_run_case+0x1a5/0x480 [ 10.319576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.319595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.319629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.319653] ? __kthread_parkme+0x82/0x180 [ 10.319673] ? preempt_count_sub+0x50/0x80 [ 10.319696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.319717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.319740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.319764] kthread+0x337/0x6f0 [ 10.319783] ? trace_preempt_on+0x20/0xc0 [ 10.319805] ? __pfx_kthread+0x10/0x10 [ 10.319826] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.319848] ? calculate_sigpending+0x7b/0xa0 [ 10.319911] ? __pfx_kthread+0x10/0x10 [ 10.319944] ret_from_fork+0x116/0x1d0 [ 10.319962] ? __pfx_kthread+0x10/0x10 [ 10.319983] ret_from_fork_asm+0x1a/0x30 [ 10.320013] </TASK> [ 10.320023] [ 10.331532] Allocated by task 159: [ 10.331723] kasan_save_stack+0x45/0x70 [ 10.331920] kasan_save_track+0x18/0x40 [ 10.332118] kasan_save_alloc_info+0x3b/0x50 [ 10.332362] __kasan_kmalloc+0xb7/0xc0 [ 10.332559] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.332886] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.333204] kunit_try_run_case+0x1a5/0x480 [ 10.333398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.333655] kthread+0x337/0x6f0 [ 10.333940] ret_from_fork+0x116/0x1d0 [ 10.334154] ret_from_fork_asm+0x1a/0x30 [ 10.334325] [ 10.334444] The buggy address belongs to the object at ffff888102896800 [ 10.334444] which belongs to the cache kmalloc-128 of size 128 [ 10.335026] The buggy address is located 0 bytes to the right of [ 10.335026] allocated 120-byte region [ffff888102896800, ffff888102896878) [ 10.335507] [ 10.335581] The buggy address belongs to the physical page: [ 10.336361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102896 [ 10.336722] flags: 0x200000000000000(node=0|zone=2) [ 10.336991] page_type: f5(slab) [ 10.337119] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.337457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.337875] page dumped because: kasan: bad access detected [ 10.338142] [ 10.338241] Memory state around the buggy address: [ 10.338424] ffff888102896700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.338745] ffff888102896780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.339091] >ffff888102896800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.339406] ^ [ 10.339706] ffff888102896880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.339996] ffff888102896900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.340310] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
Automatically assigned
[ 10.280748] ================================================================== [ 10.281386] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.281658] Read of size 1 at addr ffff88810294f000 by task kunit_try_catch/157 [ 10.281895] [ 10.282154] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.282203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.282215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.282236] Call Trace: [ 10.282250] <TASK> [ 10.282267] dump_stack_lvl+0x73/0xb0 [ 10.282295] print_report+0xd1/0x650 [ 10.282329] ? __virt_addr_valid+0x1db/0x2d0 [ 10.282353] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.282376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.282410] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.282434] kasan_report+0x141/0x180 [ 10.282456] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.282484] __asan_report_load1_noabort+0x18/0x20 [ 10.282504] kmalloc_node_oob_right+0x369/0x3c0 [ 10.282541] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.282566] ? __schedule+0x10cc/0x2b60 [ 10.282600] ? __pfx_read_tsc+0x10/0x10 [ 10.282631] ? ktime_get_ts64+0x86/0x230 [ 10.282655] kunit_try_run_case+0x1a5/0x480 [ 10.282677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.282697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.282729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.282753] ? __kthread_parkme+0x82/0x180 [ 10.282774] ? preempt_count_sub+0x50/0x80 [ 10.282936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.282965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.283002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.283027] kthread+0x337/0x6f0 [ 10.283046] ? trace_preempt_on+0x20/0xc0 [ 10.283069] ? __pfx_kthread+0x10/0x10 [ 10.283089] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.283111] ? calculate_sigpending+0x7b/0xa0 [ 10.283135] ? __pfx_kthread+0x10/0x10 [ 10.283156] ret_from_fork+0x116/0x1d0 [ 10.283174] ? __pfx_kthread+0x10/0x10 [ 10.283194] ret_from_fork_asm+0x1a/0x30 [ 10.283224] </TASK> [ 10.283235] [ 10.298030] Allocated by task 157: [ 10.298317] kasan_save_stack+0x45/0x70 [ 10.298475] kasan_save_track+0x18/0x40 [ 10.298628] kasan_save_alloc_info+0x3b/0x50 [ 10.298784] __kasan_kmalloc+0xb7/0xc0 [ 10.299295] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.299886] kmalloc_node_oob_right+0xab/0x3c0 [ 10.300401] kunit_try_run_case+0x1a5/0x480 [ 10.300860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.301494] kthread+0x337/0x6f0 [ 10.301921] ret_from_fork+0x116/0x1d0 [ 10.302352] ret_from_fork_asm+0x1a/0x30 [ 10.302795] [ 10.302970] The buggy address belongs to the object at ffff88810294e000 [ 10.302970] which belongs to the cache kmalloc-4k of size 4096 [ 10.304262] The buggy address is located 0 bytes to the right of [ 10.304262] allocated 4096-byte region [ffff88810294e000, ffff88810294f000) [ 10.304659] [ 10.304735] The buggy address belongs to the physical page: [ 10.305400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102948 [ 10.306593] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.307260] flags: 0x200000000000040(head|node=0|zone=2) [ 10.307693] page_type: f5(slab) [ 10.308025] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.308712] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.309211] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.309456] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.309707] head: 0200000000000003 ffffea00040a5201 00000000ffffffff 00000000ffffffff [ 10.310548] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.311407] page dumped because: kasan: bad access detected [ 10.311948] [ 10.312180] Memory state around the buggy address: [ 10.312716] ffff88810294ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.313464] ffff88810294ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.314082] >ffff88810294f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.314308] ^ [ 10.314431] ffff88810294f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.314678] ffff88810294f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.315059] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
Automatically assigned
[ 10.255229] ================================================================== [ 10.256871] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.257104] Read of size 1 at addr ffff888101c55f3f by task kunit_try_catch/155 [ 10.257326] [ 10.257412] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.257456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.257469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.257490] Call Trace: [ 10.257501] <TASK> [ 10.257516] dump_stack_lvl+0x73/0xb0 [ 10.257541] print_report+0xd1/0x650 [ 10.257563] ? __virt_addr_valid+0x1db/0x2d0 [ 10.257585] ? kmalloc_oob_left+0x361/0x3c0 [ 10.257605] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.257643] ? kmalloc_oob_left+0x361/0x3c0 [ 10.257665] kasan_report+0x141/0x180 [ 10.257687] ? kmalloc_oob_left+0x361/0x3c0 [ 10.257713] __asan_report_load1_noabort+0x18/0x20 [ 10.257733] kmalloc_oob_left+0x361/0x3c0 [ 10.257756] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.257778] ? __schedule+0x10cc/0x2b60 [ 10.257801] ? __pfx_read_tsc+0x10/0x10 [ 10.257821] ? ktime_get_ts64+0x86/0x230 [ 10.257844] kunit_try_run_case+0x1a5/0x480 [ 10.257866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.257885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.257908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.257999] ? __kthread_parkme+0x82/0x180 [ 10.258019] ? preempt_count_sub+0x50/0x80 [ 10.258042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.258062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.258086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.258110] kthread+0x337/0x6f0 [ 10.258129] ? trace_preempt_on+0x20/0xc0 [ 10.258151] ? __pfx_kthread+0x10/0x10 [ 10.258172] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.258194] ? calculate_sigpending+0x7b/0xa0 [ 10.258217] ? __pfx_kthread+0x10/0x10 [ 10.258238] ret_from_fork+0x116/0x1d0 [ 10.258256] ? __pfx_kthread+0x10/0x10 [ 10.258276] ret_from_fork_asm+0x1a/0x30 [ 10.258305] </TASK> [ 10.258315] [ 10.267156] Allocated by task 1: [ 10.267296] kasan_save_stack+0x45/0x70 [ 10.267505] kasan_save_track+0x18/0x40 [ 10.267819] kasan_save_alloc_info+0x3b/0x50 [ 10.268089] __kasan_kmalloc+0xb7/0xc0 [ 10.268269] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.268462] kvasprintf+0xc5/0x150 [ 10.268682] __kthread_create_on_node+0x18b/0x3a0 [ 10.269035] kthread_create_on_node+0xab/0xe0 [ 10.269262] create_worker+0x3e5/0x7b0 [ 10.269458] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.269694] apply_wqattrs_prepare+0x332/0xd20 [ 10.270102] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.270363] alloc_workqueue+0xcc7/0x1ad0 [ 10.270573] latency_fsnotify_init+0x1b/0x50 [ 10.270764] do_one_initcall+0xd8/0x370 [ 10.270920] kernel_init_freeable+0x420/0x6f0 [ 10.271139] kernel_init+0x23/0x1e0 [ 10.271321] ret_from_fork+0x116/0x1d0 [ 10.271483] ret_from_fork_asm+0x1a/0x30 [ 10.271864] [ 10.271962] The buggy address belongs to the object at ffff888101c55f20 [ 10.271962] which belongs to the cache kmalloc-16 of size 16 [ 10.272448] The buggy address is located 18 bytes to the right of [ 10.272448] allocated 13-byte region [ffff888101c55f20, ffff888101c55f2d) [ 10.273015] [ 10.273138] The buggy address belongs to the physical page: [ 10.273441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c55 [ 10.273927] flags: 0x200000000000000(node=0|zone=2) [ 10.274189] page_type: f5(slab) [ 10.274354] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.274726] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.275251] page dumped because: kasan: bad access detected [ 10.275498] [ 10.275571] Memory state around the buggy address: [ 10.275877] ffff888101c55e00: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 10.276243] ffff888101c55e80: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 10.276520] >ffff888101c55f00: 00 06 fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 10.276929] ^ [ 10.277200] ffff888101c55f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.277521] ffff888101c56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.277918] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
Automatically assigned
[ 10.233448] ================================================================== [ 10.233769] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.234095] Read of size 1 at addr ffff888102f85f80 by task kunit_try_catch/153 [ 10.234598] [ 10.234725] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.234838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.234850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.234872] Call Trace: [ 10.234887] <TASK> [ 10.234926] dump_stack_lvl+0x73/0xb0 [ 10.234952] print_report+0xd1/0x650 [ 10.234974] ? __virt_addr_valid+0x1db/0x2d0 [ 10.234995] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.235033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.235055] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.235076] kasan_report+0x141/0x180 [ 10.235099] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.235125] __asan_report_load1_noabort+0x18/0x20 [ 10.235146] kmalloc_oob_right+0x68a/0x7f0 [ 10.235168] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.235191] ? __schedule+0x10cc/0x2b60 [ 10.235213] ? __pfx_read_tsc+0x10/0x10 [ 10.235235] ? ktime_get_ts64+0x86/0x230 [ 10.235259] kunit_try_run_case+0x1a5/0x480 [ 10.235296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.235316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.235339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.235363] ? __kthread_parkme+0x82/0x180 [ 10.235384] ? preempt_count_sub+0x50/0x80 [ 10.235406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.235427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.235466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.235490] kthread+0x337/0x6f0 [ 10.235509] ? trace_preempt_on+0x20/0xc0 [ 10.235532] ? __pfx_kthread+0x10/0x10 [ 10.235552] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.235574] ? calculate_sigpending+0x7b/0xa0 [ 10.235597] ? __pfx_kthread+0x10/0x10 [ 10.235630] ret_from_fork+0x116/0x1d0 [ 10.235648] ? __pfx_kthread+0x10/0x10 [ 10.235668] ret_from_fork_asm+0x1a/0x30 [ 10.235698] </TASK> [ 10.235707] [ 10.243635] Allocated by task 153: [ 10.244034] kasan_save_stack+0x45/0x70 [ 10.244251] kasan_save_track+0x18/0x40 [ 10.244474] kasan_save_alloc_info+0x3b/0x50 [ 10.244666] __kasan_kmalloc+0xb7/0xc0 [ 10.244890] __kmalloc_cache_noprof+0x189/0x420 [ 10.245048] kmalloc_oob_right+0xa9/0x7f0 [ 10.245189] kunit_try_run_case+0x1a5/0x480 [ 10.245363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.245630] kthread+0x337/0x6f0 [ 10.245810] ret_from_fork+0x116/0x1d0 [ 10.246000] ret_from_fork_asm+0x1a/0x30 [ 10.246203] [ 10.246301] The buggy address belongs to the object at ffff888102f85f00 [ 10.246301] which belongs to the cache kmalloc-128 of size 128 [ 10.246936] The buggy address is located 13 bytes to the right of [ 10.246936] allocated 115-byte region [ffff888102f85f00, ffff888102f85f73) [ 10.247329] [ 10.247403] The buggy address belongs to the physical page: [ 10.247582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f85 [ 10.248051] flags: 0x200000000000000(node=0|zone=2) [ 10.248345] page_type: f5(slab) [ 10.248536] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.249031] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.249379] page dumped because: kasan: bad access detected [ 10.249649] [ 10.249976] Memory state around the buggy address: [ 10.250201] ffff888102f85e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.250520] ffff888102f85f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.250846] >ffff888102f85f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.251099] ^ [ 10.251265] ffff888102f86000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.251605] ffff888102f86080: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 10.252024] ================================================================== [ 10.209465] ================================================================== [ 10.209873] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.210260] Write of size 1 at addr ffff888102f85f78 by task kunit_try_catch/153 [ 10.210552] [ 10.210723] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.210767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.210780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.210800] Call Trace: [ 10.210813] <TASK> [ 10.210850] dump_stack_lvl+0x73/0xb0 [ 10.210876] print_report+0xd1/0x650 [ 10.210898] ? __virt_addr_valid+0x1db/0x2d0 [ 10.210938] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.210959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.210996] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.211019] kasan_report+0x141/0x180 [ 10.211056] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.211083] __asan_report_store1_noabort+0x1b/0x30 [ 10.211103] kmalloc_oob_right+0x6bd/0x7f0 [ 10.211125] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.211149] ? __schedule+0x10cc/0x2b60 [ 10.211172] ? __pfx_read_tsc+0x10/0x10 [ 10.211193] ? ktime_get_ts64+0x86/0x230 [ 10.211216] kunit_try_run_case+0x1a5/0x480 [ 10.211236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.211256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.211279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.211303] ? __kthread_parkme+0x82/0x180 [ 10.211322] ? preempt_count_sub+0x50/0x80 [ 10.211346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.211366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.211390] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.211414] kthread+0x337/0x6f0 [ 10.211432] ? trace_preempt_on+0x20/0xc0 [ 10.211473] ? __pfx_kthread+0x10/0x10 [ 10.211493] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.211515] ? calculate_sigpending+0x7b/0xa0 [ 10.211552] ? __pfx_kthread+0x10/0x10 [ 10.211573] ret_from_fork+0x116/0x1d0 [ 10.211591] ? __pfx_kthread+0x10/0x10 [ 10.211621] ret_from_fork_asm+0x1a/0x30 [ 10.211651] </TASK> [ 10.211661] [ 10.222368] Allocated by task 153: [ 10.222555] kasan_save_stack+0x45/0x70 [ 10.222843] kasan_save_track+0x18/0x40 [ 10.223152] kasan_save_alloc_info+0x3b/0x50 [ 10.223499] __kasan_kmalloc+0xb7/0xc0 [ 10.223964] __kmalloc_cache_noprof+0x189/0x420 [ 10.224204] kmalloc_oob_right+0xa9/0x7f0 [ 10.224521] kunit_try_run_case+0x1a5/0x480 [ 10.224924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.225161] kthread+0x337/0x6f0 [ 10.225337] ret_from_fork+0x116/0x1d0 [ 10.225510] ret_from_fork_asm+0x1a/0x30 [ 10.225723] [ 10.226322] The buggy address belongs to the object at ffff888102f85f00 [ 10.226322] which belongs to the cache kmalloc-128 of size 128 [ 10.226875] The buggy address is located 5 bytes to the right of [ 10.226875] allocated 115-byte region [ffff888102f85f00, ffff888102f85f73) [ 10.227571] [ 10.227679] The buggy address belongs to the physical page: [ 10.227994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f85 [ 10.228395] flags: 0x200000000000000(node=0|zone=2) [ 10.228677] page_type: f5(slab) [ 10.228849] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.229243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.229581] page dumped because: kasan: bad access detected [ 10.229825] [ 10.229922] Memory state around the buggy address: [ 10.230220] ffff888102f85e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.230565] ffff888102f85e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.230902] >ffff888102f85f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.231169] ^ [ 10.231854] ffff888102f85f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.232175] ffff888102f86000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.232476] ================================================================== [ 10.178938] ================================================================== [ 10.179922] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.181137] Write of size 1 at addr ffff888102f85f73 by task kunit_try_catch/153 [ 10.182038] [ 10.183155] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 10.183503] Tainted: [N]=TEST [ 10.183533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.183759] Call Trace: [ 10.183826] <TASK> [ 10.183968] dump_stack_lvl+0x73/0xb0 [ 10.184052] print_report+0xd1/0x650 [ 10.184082] ? __virt_addr_valid+0x1db/0x2d0 [ 10.184107] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.184128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.184151] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.184173] kasan_report+0x141/0x180 [ 10.184197] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.184224] __asan_report_store1_noabort+0x1b/0x30 [ 10.184245] kmalloc_oob_right+0x6f0/0x7f0 [ 10.184267] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.184290] ? __schedule+0x10cc/0x2b60 [ 10.184315] ? __pfx_read_tsc+0x10/0x10 [ 10.184337] ? ktime_get_ts64+0x86/0x230 [ 10.184362] kunit_try_run_case+0x1a5/0x480 [ 10.184386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.184405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.184431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.184455] ? __kthread_parkme+0x82/0x180 [ 10.184477] ? preempt_count_sub+0x50/0x80 [ 10.184501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.184522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.184546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.184570] kthread+0x337/0x6f0 [ 10.184589] ? trace_preempt_on+0x20/0xc0 [ 10.184627] ? __pfx_kthread+0x10/0x10 [ 10.184647] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.184669] ? calculate_sigpending+0x7b/0xa0 [ 10.184694] ? __pfx_kthread+0x10/0x10 [ 10.184716] ret_from_fork+0x116/0x1d0 [ 10.184734] ? __pfx_kthread+0x10/0x10 [ 10.184769] ret_from_fork_asm+0x1a/0x30 [ 10.184825] </TASK> [ 10.184891] [ 10.194556] Allocated by task 153: [ 10.195136] kasan_save_stack+0x45/0x70 [ 10.195349] kasan_save_track+0x18/0x40 [ 10.195537] kasan_save_alloc_info+0x3b/0x50 [ 10.195742] __kasan_kmalloc+0xb7/0xc0 [ 10.196060] __kmalloc_cache_noprof+0x189/0x420 [ 10.196258] kmalloc_oob_right+0xa9/0x7f0 [ 10.196469] kunit_try_run_case+0x1a5/0x480 [ 10.196665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.196927] kthread+0x337/0x6f0 [ 10.197125] ret_from_fork+0x116/0x1d0 [ 10.197798] ret_from_fork_asm+0x1a/0x30 [ 10.197983] [ 10.198108] The buggy address belongs to the object at ffff888102f85f00 [ 10.198108] which belongs to the cache kmalloc-128 of size 128 [ 10.199121] The buggy address is located 0 bytes to the right of [ 10.199121] allocated 115-byte region [ffff888102f85f00, ffff888102f85f73) [ 10.199672] [ 10.200068] The buggy address belongs to the physical page: [ 10.200677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f85 [ 10.201506] flags: 0x200000000000000(node=0|zone=2) [ 10.202448] page_type: f5(slab) [ 10.203274] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.203627] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.204325] page dumped because: kasan: bad access detected [ 10.204737] [ 10.205037] Memory state around the buggy address: [ 10.205838] ffff888102f85e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.206285] ffff888102f85e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.206635] >ffff888102f85f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.206958] ^ [ 10.207311] ffff888102f85f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.207597] ffff888102f86000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.208263] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale: Failure
Automatically assigned
------------[ cut here ]------------ [ 151.338104] WARNING: CPU: 0 PID: 2817 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 151.338550] Modules linked in: [ 151.338777] CPU: 0 UID: 0 PID: 2817 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 151.339615] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.340026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.340352] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 151.340724] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.341527] RSP: 0000:ffff8881016ffc78 EFLAGS: 00010286 [ 151.341975] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 151.342298] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8903cb9c [ 151.342685] RBP: ffff8881016ffca0 R08: 0000000000000000 R09: ffffed10216c2b80 [ 151.343099] R10: ffff88810b615c07 R11: 0000000000000000 R12: ffffffff8903cb88 [ 151.343409] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881016ffd38 [ 151.343702] FS: 0000000000000000(0000) GS:ffff8881c965b000(0000) knlGS:0000000000000000 [ 151.344309] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.344569] CR2: 00007ffff7ffd000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 151.344883] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069402 [ 151.345272] DR3: ffffffff8b069403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.345566] Call Trace: [ 151.345723] <TASK> [ 151.345844] drm_test_rect_calc_vscale+0x108/0x270 [ 151.346175] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 151.346614] ? __schedule+0x10cc/0x2b60 [ 151.346988] ? __pfx_read_tsc+0x10/0x10 [ 151.347225] ? ktime_get_ts64+0x86/0x230 [ 151.347435] kunit_try_run_case+0x1a5/0x480 [ 151.347647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.348017] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.348210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.348481] ? __kthread_parkme+0x82/0x180 [ 151.348698] ? preempt_count_sub+0x50/0x80 [ 151.348896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.349254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.349526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.349845] kthread+0x337/0x6f0 [ 151.350036] ? trace_preempt_on+0x20/0xc0 [ 151.350196] ? __pfx_kthread+0x10/0x10 [ 151.350568] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.350952] ? calculate_sigpending+0x7b/0xa0 [ 151.351172] ? __pfx_kthread+0x10/0x10 [ 151.351366] ret_from_fork+0x116/0x1d0 [ 151.351551] ? __pfx_kthread+0x10/0x10 [ 151.351762] ret_from_fork_asm+0x1a/0x30 [ 151.352098] </TASK> [ 151.352251] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 151.356101] WARNING: CPU: 1 PID: 2819 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 151.356526] Modules linked in: [ 151.356728] CPU: 1 UID: 0 PID: 2819 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 151.357262] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.357599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.358182] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 151.358444] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.360508] RSP: 0000:ffff8881013d7c78 EFLAGS: 00010286 [ 151.360771] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 151.361237] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff8903cbd4 [ 151.361536] RBP: ffff8881013d7ca0 R08: 0000000000000000 R09: ffffed10216c2bc0 [ 151.362049] R10: ffff88810b615e07 R11: 0000000000000000 R12: ffffffff8903cbc0 [ 151.362364] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881013d7d38 [ 151.362729] FS: 0000000000000000(0000) GS:ffff8881c975b000(0000) knlGS:0000000000000000 [ 151.363438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.363719] CR2: 00007ffff7ffe000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 151.364081] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069403 [ 151.364388] DR3: ffffffff8b069405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.364679] Call Trace: [ 151.364914] <TASK> [ 151.365056] drm_test_rect_calc_vscale+0x108/0x270 [ 151.365295] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 151.365544] ? __schedule+0x10cc/0x2b60 [ 151.365781] ? __pfx_read_tsc+0x10/0x10 [ 151.366022] ? ktime_get_ts64+0x86/0x230 [ 151.366296] kunit_try_run_case+0x1a5/0x480 [ 151.366733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.367005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.367249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.367494] ? __kthread_parkme+0x82/0x180 [ 151.367654] ? preempt_count_sub+0x50/0x80 [ 151.367981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.368319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.368566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.368908] kthread+0x337/0x6f0 [ 151.369137] ? trace_preempt_on+0x20/0xc0 [ 151.369324] ? __pfx_kthread+0x10/0x10 [ 151.369539] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.369741] ? calculate_sigpending+0x7b/0xa0 [ 151.370258] ? __pfx_kthread+0x10/0x10 [ 151.370443] ret_from_fork+0x116/0x1d0 [ 151.370658] ? __pfx_kthread+0x10/0x10 [ 151.371165] ret_from_fork_asm+0x1a/0x30 [ 151.371370] </TASK> [ 151.371518] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale: Failure
Automatically assigned
------------[ cut here ]------------ [ 151.311341] WARNING: CPU: 1 PID: 2807 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 151.311766] Modules linked in: [ 151.311956] CPU: 1 UID: 0 PID: 2807 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 151.312403] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.312655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.313007] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 151.313239] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b ad 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.314979] RSP: 0000:ffff888102177c78 EFLAGS: 00010286 [ 151.315304] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 151.315991] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8903cbd8 [ 151.316522] RBP: ffff888102177ca0 R08: 0000000000000000 R09: ffffed10216c2a80 [ 151.317045] R10: ffff88810b615407 R11: 0000000000000000 R12: ffffffff8903cbc0 [ 151.317504] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102177d38 [ 151.318324] FS: 0000000000000000(0000) GS:ffff8881c975b000(0000) knlGS:0000000000000000 [ 151.318908] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.319324] CR2: 00007ffff7ffe000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 151.319982] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069403 [ 151.320284] DR3: ffffffff8b069405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.320592] Call Trace: [ 151.320701] <TASK> [ 151.320802] drm_test_rect_calc_hscale+0x108/0x270 [ 151.321109] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 151.321317] ? __schedule+0x10cc/0x2b60 [ 151.321517] ? __pfx_read_tsc+0x10/0x10 [ 151.321711] ? ktime_get_ts64+0x86/0x230 [ 151.321881] kunit_try_run_case+0x1a5/0x480 [ 151.322300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.322510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.322728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.322963] ? __kthread_parkme+0x82/0x180 [ 151.323214] ? preempt_count_sub+0x50/0x80 [ 151.323376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.323622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.324008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.324283] kthread+0x337/0x6f0 [ 151.324457] ? trace_preempt_on+0x20/0xc0 [ 151.324621] ? __pfx_kthread+0x10/0x10 [ 151.324941] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.325170] ? calculate_sigpending+0x7b/0xa0 [ 151.325398] ? __pfx_kthread+0x10/0x10 [ 151.325558] ret_from_fork+0x116/0x1d0 [ 151.325935] ? __pfx_kthread+0x10/0x10 [ 151.326131] ret_from_fork_asm+0x1a/0x30 [ 151.326352] </TASK> [ 151.326448] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 151.286354] WARNING: CPU: 1 PID: 2805 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 151.287804] Modules linked in: [ 151.288289] CPU: 1 UID: 0 PID: 2805 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 151.289150] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 151.289342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.289627] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 151.290089] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b ad 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 151.291422] RSP: 0000:ffff888100ea7c78 EFLAGS: 00010286 [ 151.292194] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 151.292623] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff8903cba0 [ 151.293549] RBP: ffff888100ea7ca0 R08: 0000000000000000 R09: ffffed10216c2a40 [ 151.294018] R10: ffff88810b615207 R11: 0000000000000000 R12: ffffffff8903cb88 [ 151.294799] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888100ea7d38 [ 151.295273] FS: 0000000000000000(0000) GS:ffff8881c975b000(0000) knlGS:0000000000000000 [ 151.295521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.295718] CR2: 00007ffff7ffe000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 151.296687] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069403 [ 151.297561] DR3: ffffffff8b069405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 151.298555] Call Trace: [ 151.299077] <TASK> [ 151.299442] drm_test_rect_calc_hscale+0x108/0x270 [ 151.300092] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 151.300292] ? __schedule+0x10cc/0x2b60 [ 151.300453] ? __pfx_read_tsc+0x10/0x10 [ 151.300617] ? ktime_get_ts64+0x86/0x230 [ 151.301063] kunit_try_run_case+0x1a5/0x480 [ 151.301498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.301898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 151.302352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 151.302620] ? __kthread_parkme+0x82/0x180 [ 151.303103] ? preempt_count_sub+0x50/0x80 [ 151.303503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 151.303953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 151.304212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 151.304468] kthread+0x337/0x6f0 [ 151.304640] ? trace_preempt_on+0x20/0xc0 [ 151.305151] ? __pfx_kthread+0x10/0x10 [ 151.305539] ? _raw_spin_unlock_irq+0x47/0x80 [ 151.306038] ? calculate_sigpending+0x7b/0xa0 [ 151.306451] ? __pfx_kthread+0x10/0x10 [ 151.306666] ret_from_fork+0x116/0x1d0 [ 151.307096] ? __pfx_kthread+0x10/0x10 [ 151.307499] ret_from_fork_asm+0x1a/0x30 [ 151.307720] </TASK> [ 151.308049] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count: Failure
Automatically assigned
------------[ cut here ]------------ [ 150.683114] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 150.683217] WARNING: CPU: 0 PID: 2622 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 150.684222] Modules linked in: [ 150.684443] CPU: 0 UID: 0 PID: 2622 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 150.685265] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.685551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.686105] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 150.686338] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 4d 27 80 00 48 c7 c1 80 1a ff 88 4c 89 f2 48 c7 c7 40 17 ff 88 48 89 c6 e8 a4 ce 73 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 150.687191] RSP: 0000:ffff888103547d18 EFLAGS: 00010286 [ 150.687449] RAX: 0000000000000000 RBX: ffff888107149400 RCX: 1ffffffff13a4cec [ 150.687852] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 150.688149] RBP: ffff888103547d48 R08: 0000000000000000 R09: fffffbfff13a4cec [ 150.688475] R10: 0000000000000003 R11: 0000000000039d98 R12: ffff888103122800 [ 150.688847] R13: ffff8881071494f8 R14: ffff88810b5f8480 R15: ffff8881003c7b40 [ 150.689286] FS: 0000000000000000(0000) GS:ffff8881c965b000(0000) knlGS:0000000000000000 [ 150.689633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.689892] CR2: 00007ffff7ffd000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 150.690366] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069402 [ 150.690952] DR3: ffffffff8b069403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.691262] Call Trace: [ 150.691398] <TASK> [ 150.691535] ? trace_preempt_on+0x20/0xc0 [ 150.691764] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 150.692047] drm_gem_shmem_free_wrapper+0x12/0x20 [ 150.692382] __kunit_action_free+0x57/0x70 [ 150.692731] kunit_remove_resource+0x133/0x200 [ 150.693157] ? preempt_count_sub+0x50/0x80 [ 150.693371] kunit_cleanup+0x7a/0x120 [ 150.693553] kunit_try_run_case_cleanup+0xbd/0xf0 [ 150.693912] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 150.694162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.694393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.694683] kthread+0x337/0x6f0 [ 150.694959] ? trace_preempt_on+0x20/0xc0 [ 150.695142] ? __pfx_kthread+0x10/0x10 [ 150.695406] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.695654] ? calculate_sigpending+0x7b/0xa0 [ 150.695860] ? __pfx_kthread+0x10/0x10 [ 150.696136] ret_from_fork+0x116/0x1d0 [ 150.696317] ? __pfx_kthread+0x10/0x10 [ 150.696504] ret_from_fork_asm+0x1a/0x30 [ 150.696722] </TASK> [ 150.697012] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init: Failure
Automatically assigned
------------[ cut here ]------------ [ 150.548256] WARNING: CPU: 1 PID: 2603 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 150.548590] Modules linked in: [ 150.548789] CPU: 1 UID: 0 PID: 2603 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 150.549990] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.550499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.551251] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 150.551444] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 150.552182] RSP: 0000:ffff8881033e7b30 EFLAGS: 00010246 [ 150.552780] RAX: dffffc0000000000 RBX: ffff8881033e7c28 RCX: 0000000000000000 [ 150.553426] RDX: 1ffff1102067cf8e RSI: ffff8881033e7c28 RDI: ffff8881033e7c70 [ 150.554009] RBP: ffff8881033e7b70 R08: ffff888102bdb000 R09: ffffffff88fe1da0 [ 150.554462] R10: 0000000000000003 R11: 00000000f29c376b R12: ffff888102bdb000 [ 150.554704] R13: ffff8881003c7ae8 R14: ffff8881033e7ba8 R15: 0000000000000000 [ 150.555292] FS: 0000000000000000(0000) GS:ffff8881c975b000(0000) knlGS:0000000000000000 [ 150.556214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.556634] CR2: 00007ffff7ffe000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 150.557111] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069403 [ 150.557600] DR3: ffffffff8b069405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.557873] Call Trace: [ 150.558260] <TASK> [ 150.558478] ? add_dr+0xc1/0x1d0 [ 150.558914] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 150.559394] ? add_dr+0x148/0x1d0 [ 150.559528] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 150.559822] ? __drmm_add_action+0x1a4/0x280 [ 150.560238] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.560755] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.561313] ? __drmm_add_action_or_reset+0x22/0x50 [ 150.561501] ? __schedule+0x10cc/0x2b60 [ 150.561665] ? __pfx_read_tsc+0x10/0x10 [ 150.562101] ? ktime_get_ts64+0x86/0x230 [ 150.562487] kunit_try_run_case+0x1a5/0x480 [ 150.562957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.563513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 150.564048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 150.564232] ? __kthread_parkme+0x82/0x180 [ 150.564383] ? preempt_count_sub+0x50/0x80 [ 150.564533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.564715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.565059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.565365] kthread+0x337/0x6f0 [ 150.565534] ? trace_preempt_on+0x20/0xc0 [ 150.565732] ? __pfx_kthread+0x10/0x10 [ 150.566016] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.566190] ? calculate_sigpending+0x7b/0xa0 [ 150.566401] ? __pfx_kthread+0x10/0x10 [ 150.566619] ret_from_fork+0x116/0x1d0 [ 150.566816] ? __pfx_kthread+0x10/0x10 [ 150.567134] ret_from_fork_asm+0x1a/0x30 [ 150.567346] </TASK> [ 150.567473] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head: Failure
Automatically assigned
------------[ cut here ]------------ [ 150.511223] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 150.511368] WARNING: CPU: 0 PID: 2599 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 150.512479] Modules linked in: [ 150.513059] CPU: 0 UID: 0 PID: 2599 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 150.514487] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 150.516245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 150.517419] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 150.517636] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 7b 41 87 00 48 c7 c1 60 cd fd 88 4c 89 fa 48 c7 c7 c0 cd fd 88 48 89 c6 e8 d2 e8 7a fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 150.519119] RSP: 0000:ffff888103127b68 EFLAGS: 00010282 [ 150.519667] RAX: 0000000000000000 RBX: ffff888103127c40 RCX: 1ffffffff13a4cec [ 150.520414] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 150.520659] RBP: ffff888103127b90 R08: 0000000000000000 R09: fffffbfff13a4cec [ 150.521315] R10: 0000000000000003 R11: 0000000000038368 R12: ffff888103127c18 [ 150.522047] R13: ffff888102cc4800 R14: ffff888102de7000 R15: ffff88810b51d800 [ 150.522665] FS: 0000000000000000(0000) GS:ffff8881c965b000(0000) knlGS:0000000000000000 [ 150.523419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 150.523925] CR2: 00007ffff7ffd000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 150.524162] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069402 [ 150.524379] DR3: ffffffff8b069403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 150.524606] Call Trace: [ 150.524828] <TASK> [ 150.525019] drm_test_framebuffer_free+0x1ab/0x610 [ 150.525247] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 150.525502] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.525882] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 150.526201] ? __drmm_add_action_or_reset+0x22/0x50 [ 150.526490] ? __schedule+0x10cc/0x2b60 [ 150.526663] ? __pfx_read_tsc+0x10/0x10 [ 150.527118] ? ktime_get_ts64+0x86/0x230 [ 150.527369] kunit_try_run_case+0x1a5/0x480 [ 150.527539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.527850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 150.528101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 150.528473] ? __kthread_parkme+0x82/0x180 [ 150.528816] ? preempt_count_sub+0x50/0x80 [ 150.529119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 150.529382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 150.529568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 150.530033] kthread+0x337/0x6f0 [ 150.530228] ? trace_preempt_on+0x20/0xc0 [ 150.530430] ? __pfx_kthread+0x10/0x10 [ 150.530671] ? _raw_spin_unlock_irq+0x47/0x80 [ 150.531091] ? calculate_sigpending+0x7b/0xa0 [ 150.531399] ? __pfx_kthread+0x10/0x10 [ 150.531687] ret_from_fork+0x116/0x1d0 [ 150.531993] ? __pfx_kthread+0x10/0x10 [ 150.532182] ret_from_fork_asm+0x1a/0x30 [ 150.532341] </TASK> [ 150.532470] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register: Failure
Automatically assigned
------------[ cut here ]------------ [ 149.321317] WARNING: CPU: 0 PID: 2037 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 149.321848] Modules linked in: [ 149.322071] CPU: 0 UID: 0 PID: 2037 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 149.322496] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 149.322772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 149.323120] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 149.323531] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 52 f3 25 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 40 f3 25 02 48 89 df e8 68 [ 149.324365] RSP: 0000:ffff88810c3afc90 EFLAGS: 00010246 [ 149.324624] RAX: dffffc0000000000 RBX: ffff88810c30c000 RCX: 0000000000000000 [ 149.324982] RDX: 1ffff11021861832 RSI: ffffffff86243cb8 RDI: ffff88810c30c190 [ 149.325281] RBP: ffff88810c3afca0 R08: 1ffff11020078f69 R09: ffffed1021875f65 [ 149.325532] R10: 0000000000000003 R11: ffffffff857882d8 R12: 0000000000000000 [ 149.325843] R13: ffff88810c3afd38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 149.326178] FS: 0000000000000000(0000) GS:ffff8881c965b000(0000) knlGS:0000000000000000 [ 149.326587] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.326859] CR2: 00007ffff7ffd000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 149.327105] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069402 [ 149.327622] DR3: ffffffff8b069403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 149.327911] Call Trace: [ 149.329917] <TASK> [ 149.330054] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 149.330373] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 149.330707] ? __schedule+0x10cc/0x2b60 [ 149.331098] ? __pfx_read_tsc+0x10/0x10 [ 149.331291] ? ktime_get_ts64+0x86/0x230 [ 149.331488] kunit_try_run_case+0x1a5/0x480 [ 149.331707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.331974] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 149.332184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 149.332474] ? __kthread_parkme+0x82/0x180 [ 149.332664] ? preempt_count_sub+0x50/0x80 [ 149.332936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.333098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 149.333470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 149.334004] kthread+0x337/0x6f0 [ 149.334217] ? trace_preempt_on+0x20/0xc0 [ 149.334393] ? __pfx_kthread+0x10/0x10 [ 149.334606] ? _raw_spin_unlock_irq+0x47/0x80 [ 149.334924] ? calculate_sigpending+0x7b/0xa0 [ 149.335133] ? __pfx_kthread+0x10/0x10 [ 149.335275] ret_from_fork+0x116/0x1d0 [ 149.335470] ? __pfx_kthread+0x10/0x10 [ 149.335677] ret_from_fork_asm+0x1a/0x30 [ 149.335874] </TASK> [ 149.336095] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 149.240559] WARNING: CPU: 1 PID: 2029 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 149.241136] Modules linked in: [ 149.241385] CPU: 1 UID: 0 PID: 2029 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 149.242175] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 149.242702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 149.243496] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 149.243720] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 52 f3 25 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 40 f3 25 02 48 89 df e8 68 [ 149.245541] RSP: 0000:ffff88810c06fc90 EFLAGS: 00010246 [ 149.245791] RAX: dffffc0000000000 RBX: ffff888101170000 RCX: 0000000000000000 [ 149.246398] RDX: 1ffff1102022e032 RSI: ffffffff86243cb8 RDI: ffff888101170190 [ 149.247073] RBP: ffff88810c06fca0 R08: 1ffff11020078f69 R09: ffffed102180df65 [ 149.247404] R10: 0000000000000003 R11: ffffffff857882d8 R12: 0000000000000000 [ 149.247630] R13: ffff88810c06fd38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 149.248073] FS: 0000000000000000(0000) GS:ffff8881c975b000(0000) knlGS:0000000000000000 [ 149.248745] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.249341] CR2: 00007ffff7ffe000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 149.250228] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069403 [ 149.250670] DR3: ffffffff8b069405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 149.251240] Call Trace: [ 149.251424] <TASK> [ 149.251530] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 149.251884] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 149.252537] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 149.253260] kunit_try_run_case+0x1a5/0x480 [ 149.253661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.253907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 149.254093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 149.254267] ? __kthread_parkme+0x82/0x180 [ 149.254418] ? preempt_count_sub+0x50/0x80 [ 149.254591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.254824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 149.255298] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 149.255915] kthread+0x337/0x6f0 [ 149.256237] ? trace_preempt_on+0x20/0xc0 [ 149.256622] ? __pfx_kthread+0x10/0x10 [ 149.257029] ? _raw_spin_unlock_irq+0x47/0x80 [ 149.257426] ? calculate_sigpending+0x7b/0xa0 [ 149.257924] ? __pfx_kthread+0x10/0x10 [ 149.258325] ret_from_fork+0x116/0x1d0 [ 149.258763] ? __pfx_kthread+0x10/0x10 [ 149.259166] ret_from_fork_asm+0x1a/0x30 [ 149.259563] </TASK> [ 149.259840] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10: Failure
Automatically assigned
------------[ cut here ]------------ [ 111.305927] WARNING: CPU: 0 PID: 721 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 111.306197] Modules linked in: [ 111.306354] CPU: 0 UID: 0 PID: 721 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 111.306731] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 111.306922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.307192] RIP: 0010:intlog10+0x2a/0x40 [ 111.307343] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 87 96 86 02 90 <0f> 0b 90 31 c0 e9 7c 96 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 111.309221] RSP: 0000:ffff88810a33fcb0 EFLAGS: 00010246 [ 111.309718] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11021467fb4 [ 111.310499] RDX: 1ffffffff11d3df4 RSI: 1ffff11021467fb3 RDI: 0000000000000000 [ 111.311268] RBP: ffff88810a33fd60 R08: 0000000000000000 R09: ffffed1020726fc0 [ 111.311939] R10: ffff888103937e07 R11: 0000000000000000 R12: 1ffff11021467f97 [ 111.312647] R13: ffffffff88e9efa0 R14: 0000000000000000 R15: ffff88810a33fd38 [ 111.313439] FS: 0000000000000000(0000) GS:ffff8881c965b000(0000) knlGS:0000000000000000 [ 111.314247] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.314920] CR2: ffff888153f1afe0 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 111.315561] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069402 [ 111.316428] DR3: ffffffff8b069403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 111.317214] Call Trace: [ 111.317515] <TASK> [ 111.317804] ? intlog10_test+0xf2/0x220 [ 111.318267] ? __pfx_intlog10_test+0x10/0x10 [ 111.318696] ? __schedule+0x10cc/0x2b60 [ 111.319180] ? __pfx_read_tsc+0x10/0x10 [ 111.319558] ? ktime_get_ts64+0x86/0x230 [ 111.320058] kunit_try_run_case+0x1a5/0x480 [ 111.320468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.320947] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 111.321177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 111.321350] ? __kthread_parkme+0x82/0x180 [ 111.321499] ? preempt_count_sub+0x50/0x80 [ 111.321667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.321900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 111.322142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 111.322364] kthread+0x337/0x6f0 [ 111.322551] ? trace_preempt_on+0x20/0xc0 [ 111.322845] ? __pfx_kthread+0x10/0x10 [ 111.323035] ? _raw_spin_unlock_irq+0x47/0x80 [ 111.323198] ? calculate_sigpending+0x7b/0xa0 [ 111.323571] ? __pfx_kthread+0x10/0x10 [ 111.323887] ret_from_fork+0x116/0x1d0 [ 111.324074] ? __pfx_kthread+0x10/0x10 [ 111.324278] ret_from_fork_asm+0x1a/0x30 [ 111.324471] </TASK> [ 111.324613] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2: Failure
Automatically assigned
------------[ cut here ]------------ [ 111.268166] WARNING: CPU: 1 PID: 703 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 111.269119] Modules linked in: [ 111.269341] CPU: 1 UID: 0 PID: 703 Comm: kunit_try_catch Tainted: G B D N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 111.269860] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 111.270484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.271143] RIP: 0010:intlog2+0xdf/0x110 [ 111.271516] Code: e9 88 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 cf 2c 52 ff 8b 45 e4 eb [ 111.272520] RSP: 0000:ffff8881047e7cb0 EFLAGS: 00010246 [ 111.273043] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff110208fcfb4 [ 111.273481] RDX: 1ffffffff11d3e48 RSI: 1ffff110208fcfb3 RDI: 0000000000000000 [ 111.273958] RBP: ffff8881047e7d60 R08: 0000000000000000 R09: ffffed1020726e80 [ 111.274466] R10: ffff888103937407 R11: 0000000000000000 R12: 1ffff110208fcf97 [ 111.274759] R13: ffffffff88e9f240 R14: 0000000000000000 R15: ffff8881047e7d38 [ 111.275383] FS: 0000000000000000(0000) GS:ffff8881c975b000(0000) knlGS:0000000000000000 [ 111.276115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.276377] CR2: dffffc0000000000 CR3: 000000015b8bc000 CR4: 00000000000006f0 [ 111.276642] DR0: ffffffff8b069400 DR1: ffffffff8b069401 DR2: ffffffff8b069403 [ 111.277071] DR3: ffffffff8b069405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 111.277639] Call Trace: [ 111.277759] <TASK> [ 111.277875] ? intlog2_test+0xf2/0x220 [ 111.278234] ? __pfx_intlog2_test+0x10/0x10 [ 111.278437] ? __schedule+0x10cc/0x2b60 [ 111.278662] ? __pfx_read_tsc+0x10/0x10 [ 111.278913] ? ktime_get_ts64+0x86/0x230 [ 111.279246] kunit_try_run_case+0x1a5/0x480 [ 111.279468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.279637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 111.279902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 111.280128] ? __kthread_parkme+0x82/0x180 [ 111.280854] ? preempt_count_sub+0x50/0x80 [ 111.281164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.281409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 111.281676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 111.282253] kthread+0x337/0x6f0 [ 111.282439] ? trace_preempt_on+0x20/0xc0 [ 111.282651] ? __pfx_kthread+0x10/0x10 [ 111.282959] ? _raw_spin_unlock_irq+0x47/0x80 [ 111.283291] ? calculate_sigpending+0x7b/0xa0 [ 111.283488] ? __pfx_kthread+0x10/0x10 [ 111.283715] ret_from_fork+0x116/0x1d0 [ 111.283913] ? __pfx_kthread+0x10/0x10 [ 111.284103] ret_from_fork_asm+0x1a/0x30 [ 111.284360] </TASK> [ 111.284712] ---[ end trace 0000000000000000 ]---
Failure - kunit - lib_ratelimit_lib_ratelimit
KNOWN ISSUE - kunit/lib_ratelimit_lib_ratelimit: Failure
Automatically assigned
<8>[ 267.009003] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_lib_ratelimit RESULT=fail>
Failure - kunit - lib_ratelimit_test_ratelimit_smoke
(no logs available)