Date
May 30, 2025, 4:14 a.m.
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 148.629027] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 58.154716] ================================================================== [ 58.155397] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 58.155397] [ 58.156075] Use-after-free read at 0x(____ptrval____) (in kfence-#171): [ 58.157398] test_krealloc+0x6fc/0xbe0 [ 58.158087] kunit_try_run_case+0x1a5/0x480 [ 58.158694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.159176] kthread+0x337/0x6f0 [ 58.159541] ret_from_fork+0x116/0x1d0 [ 58.159932] ret_from_fork_asm+0x1a/0x30 [ 58.160331] [ 58.161089] kfence-#171: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 58.161089] [ 58.162130] allocated by task 354 on cpu 0 at 58.153795s (0.008329s ago): [ 58.163079] test_alloc+0x364/0x10f0 [ 58.163485] test_krealloc+0xad/0xbe0 [ 58.164128] kunit_try_run_case+0x1a5/0x480 [ 58.164720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.165361] kthread+0x337/0x6f0 [ 58.165920] ret_from_fork+0x116/0x1d0 [ 58.166652] ret_from_fork_asm+0x1a/0x30 [ 58.167189] [ 58.167459] freed by task 354 on cpu 0 at 58.154090s (0.013364s ago): [ 58.168037] krealloc_noprof+0x108/0x340 [ 58.168442] test_krealloc+0x226/0xbe0 [ 58.168821] kunit_try_run_case+0x1a5/0x480 [ 58.169229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.170262] kthread+0x337/0x6f0 [ 58.170875] ret_from_fork+0x116/0x1d0 [ 58.171276] ret_from_fork_asm+0x1a/0x30 [ 58.171926] [ 58.172414] CPU: 0 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 58.173538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.174070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.175089] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 58.057768] ================================================================== [ 58.058772] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.058772] [ 58.059570] Use-after-free read at 0x(____ptrval____) (in kfence-#170): [ 58.060045] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.060481] kunit_try_run_case+0x1a5/0x480 [ 58.060959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.061620] kthread+0x337/0x6f0 [ 58.062028] ret_from_fork+0x116/0x1d0 [ 58.062526] ret_from_fork_asm+0x1a/0x30 [ 58.062995] [ 58.063199] kfence-#170: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 58.063199] [ 58.064091] allocated by task 352 on cpu 0 at 58.049795s (0.014291s ago): [ 58.064748] test_alloc+0x2a6/0x10f0 [ 58.065209] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 58.065754] kunit_try_run_case+0x1a5/0x480 [ 58.066218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.066803] kthread+0x337/0x6f0 [ 58.067167] ret_from_fork+0x116/0x1d0 [ 58.067544] ret_from_fork_asm+0x1a/0x30 [ 58.068043] [ 58.068331] freed by task 352 on cpu 0 at 58.049914s (0.018412s ago): [ 58.068976] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 58.069460] kunit_try_run_case+0x1a5/0x480 [ 58.069911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.070560] kthread+0x337/0x6f0 [ 58.070879] ret_from_fork+0x116/0x1d0 [ 58.071369] ret_from_fork_asm+0x1a/0x30 [ 58.071854] [ 58.072169] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 58.072955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.073465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.074356] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 33.735794] ================================================================== [ 33.736716] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 33.736716] [ 33.737366] Invalid read at 0x(____ptrval____): [ 33.737708] test_invalid_access+0xf0/0x210 [ 33.738060] kunit_try_run_case+0x1a5/0x480 [ 33.738555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.739053] kthread+0x337/0x6f0 [ 33.739344] ret_from_fork+0x116/0x1d0 [ 33.739627] ret_from_fork_asm+0x1a/0x30 [ 33.739966] [ 33.740186] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 33.741068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.741389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.741964] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 33.506095] ================================================================== [ 33.506680] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.506680] [ 33.507295] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#166): [ 33.509295] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.509793] kunit_try_run_case+0x1a5/0x480 [ 33.510248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.510718] kthread+0x337/0x6f0 [ 33.511118] ret_from_fork+0x116/0x1d0 [ 33.511595] ret_from_fork_asm+0x1a/0x30 [ 33.512025] [ 33.512236] kfence-#166: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 33.512236] [ 33.513045] allocated by task 342 on cpu 1 at 33.505757s (0.007283s ago): [ 33.513652] test_alloc+0x364/0x10f0 [ 33.514089] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 33.514569] kunit_try_run_case+0x1a5/0x480 [ 33.515032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.515437] kthread+0x337/0x6f0 [ 33.515893] ret_from_fork+0x116/0x1d0 [ 33.516307] ret_from_fork_asm+0x1a/0x30 [ 33.516805] [ 33.517001] freed by task 342 on cpu 1 at 33.505965s (0.011030s ago): [ 33.517680] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.518244] kunit_try_run_case+0x1a5/0x480 [ 33.518688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.519214] kthread+0x337/0x6f0 [ 33.519647] ret_from_fork+0x116/0x1d0 [ 33.520013] ret_from_fork_asm+0x1a/0x30 [ 33.520400] [ 33.520731] CPU: 1 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 33.521687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.522111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.522804] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 32.986151] ================================================================== [ 32.986743] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 32.986743] [ 32.987820] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#161): [ 32.988417] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 32.988951] kunit_try_run_case+0x1a5/0x480 [ 32.989292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.989839] kthread+0x337/0x6f0 [ 32.990363] ret_from_fork+0x116/0x1d0 [ 32.990991] ret_from_fork_asm+0x1a/0x30 [ 32.991449] [ 32.991773] kfence-#161: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 32.991773] [ 32.992743] allocated by task 340 on cpu 0 at 32.985824s (0.006914s ago): [ 32.993267] test_alloc+0x364/0x10f0 [ 32.993876] test_kmalloc_aligned_oob_read+0x105/0x560 [ 32.994472] kunit_try_run_case+0x1a5/0x480 [ 32.995020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.995622] kthread+0x337/0x6f0 [ 32.996115] ret_from_fork+0x116/0x1d0 [ 32.996570] ret_from_fork_asm+0x1a/0x30 [ 32.997047] [ 32.997290] CPU: 0 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 32.998988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.999472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.000325] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 28.825906] ================================================================== [ 28.826468] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 28.826468] [ 28.827175] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#121): [ 28.827986] test_corruption+0x216/0x3e0 [ 28.828361] kunit_try_run_case+0x1a5/0x480 [ 28.828833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.829337] kthread+0x337/0x6f0 [ 28.829743] ret_from_fork+0x116/0x1d0 [ 28.830123] ret_from_fork_asm+0x1a/0x30 [ 28.830566] [ 28.830874] kfence-#121: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.830874] [ 28.831597] allocated by task 330 on cpu 0 at 28.825698s (0.005894s ago): [ 28.832254] test_alloc+0x2a6/0x10f0 [ 28.832828] test_corruption+0x1cb/0x3e0 [ 28.833186] kunit_try_run_case+0x1a5/0x480 [ 28.833677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.834199] kthread+0x337/0x6f0 [ 28.834562] ret_from_fork+0x116/0x1d0 [ 28.834931] ret_from_fork_asm+0x1a/0x30 [ 28.835383] [ 28.835575] freed by task 330 on cpu 0 at 28.825809s (0.009760s ago): [ 28.836275] test_corruption+0x216/0x3e0 [ 28.836633] kunit_try_run_case+0x1a5/0x480 [ 28.836987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.837571] kthread+0x337/0x6f0 [ 28.837985] ret_from_fork+0x116/0x1d0 [ 28.838431] ret_from_fork_asm+0x1a/0x30 [ 28.838854] [ 28.839137] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 28.840023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.840341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.841232] ================================================================== [ 28.723245] ================================================================== [ 28.723938] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 28.723938] [ 28.724550] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#120): [ 28.725617] test_corruption+0x131/0x3e0 [ 28.725977] kunit_try_run_case+0x1a5/0x480 [ 28.727125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.727668] kthread+0x337/0x6f0 [ 28.728113] ret_from_fork+0x116/0x1d0 [ 28.728379] ret_from_fork_asm+0x1a/0x30 [ 28.728646] [ 28.728813] kfence-#120: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.728813] [ 28.729327] allocated by task 330 on cpu 0 at 28.723057s (0.006266s ago): [ 28.730131] test_alloc+0x2a6/0x10f0 [ 28.730496] test_corruption+0xe6/0x3e0 [ 28.730890] kunit_try_run_case+0x1a5/0x480 [ 28.731224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.731606] kthread+0x337/0x6f0 [ 28.733643] ret_from_fork+0x116/0x1d0 [ 28.734335] ret_from_fork_asm+0x1a/0x30 [ 28.734722] [ 28.735022] freed by task 330 on cpu 0 at 28.723125s (0.011890s ago): [ 28.735582] test_corruption+0x131/0x3e0 [ 28.736068] kunit_try_run_case+0x1a5/0x480 [ 28.736482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.737052] kthread+0x337/0x6f0 [ 28.737437] ret_from_fork+0x116/0x1d0 [ 28.737868] ret_from_fork_asm+0x1a/0x30 [ 28.738250] [ 28.738535] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 28.739426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.739814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.740583] ================================================================== [ 28.306086] ================================================================== [ 28.306829] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 28.306829] [ 28.307602] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#116): [ 28.309306] test_corruption+0x2d2/0x3e0 [ 28.309684] kunit_try_run_case+0x1a5/0x480 [ 28.310209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.310851] kthread+0x337/0x6f0 [ 28.311256] ret_from_fork+0x116/0x1d0 [ 28.311636] ret_from_fork_asm+0x1a/0x30 [ 28.312098] [ 28.312354] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.312354] [ 28.313082] allocated by task 328 on cpu 1 at 28.305734s (0.007343s ago): [ 28.313731] test_alloc+0x364/0x10f0 [ 28.314088] test_corruption+0xe6/0x3e0 [ 28.314521] kunit_try_run_case+0x1a5/0x480 [ 28.315017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.315515] kthread+0x337/0x6f0 [ 28.315892] ret_from_fork+0x116/0x1d0 [ 28.316235] ret_from_fork_asm+0x1a/0x30 [ 28.316571] [ 28.316836] freed by task 328 on cpu 1 at 28.305875s (0.010956s ago): [ 28.317772] test_corruption+0x2d2/0x3e0 [ 28.318151] kunit_try_run_case+0x1a5/0x480 [ 28.318655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.319077] kthread+0x337/0x6f0 [ 28.319481] ret_from_fork+0x116/0x1d0 [ 28.319968] ret_from_fork_asm+0x1a/0x30 [ 28.320350] [ 28.320661] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 28.321559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.321914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.322695] ================================================================== [ 28.618107] ================================================================== [ 28.618694] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 28.618694] [ 28.619328] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#119): [ 28.620267] test_corruption+0x2df/0x3e0 [ 28.620709] kunit_try_run_case+0x1a5/0x480 [ 28.621100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.621653] kthread+0x337/0x6f0 [ 28.622071] ret_from_fork+0x116/0x1d0 [ 28.622486] ret_from_fork_asm+0x1a/0x30 [ 28.622912] [ 28.623158] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.623158] [ 28.623866] allocated by task 328 on cpu 1 at 28.617756s (0.006104s ago): [ 28.624453] test_alloc+0x364/0x10f0 [ 28.624884] test_corruption+0x1cb/0x3e0 [ 28.625214] kunit_try_run_case+0x1a5/0x480 [ 28.625641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.626251] kthread+0x337/0x6f0 [ 28.626738] ret_from_fork+0x116/0x1d0 [ 28.627100] ret_from_fork_asm+0x1a/0x30 [ 28.627517] [ 28.627826] freed by task 328 on cpu 1 at 28.617906s (0.009915s ago): [ 28.628392] test_corruption+0x2df/0x3e0 [ 28.628937] kunit_try_run_case+0x1a5/0x480 [ 28.629280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.629723] kthread+0x337/0x6f0 [ 28.630230] ret_from_fork+0x116/0x1d0 [ 28.630674] ret_from_fork_asm+0x1a/0x30 [ 28.631077] [ 28.631367] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 28.632340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.632782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.633505] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 27.785844] ================================================================== [ 27.786464] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 27.786464] [ 27.787233] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 27.787843] test_invalid_addr_free+0x1e1/0x260 [ 27.788381] kunit_try_run_case+0x1a5/0x480 [ 27.788900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.789484] kthread+0x337/0x6f0 [ 27.789969] ret_from_fork+0x116/0x1d0 [ 27.790823] ret_from_fork_asm+0x1a/0x30 [ 27.791151] [ 27.791251] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.791251] [ 27.792119] allocated by task 324 on cpu 1 at 27.785636s (0.006478s ago): [ 27.793308] test_alloc+0x364/0x10f0 [ 27.793697] test_invalid_addr_free+0xdb/0x260 [ 27.794185] kunit_try_run_case+0x1a5/0x480 [ 27.794664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.795181] kthread+0x337/0x6f0 [ 27.796036] ret_from_fork+0x116/0x1d0 [ 27.796400] ret_from_fork_asm+0x1a/0x30 [ 27.797180] [ 27.797624] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.798670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.798911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.799959] ================================================================== [ 27.889901] ================================================================== [ 27.890519] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 27.890519] [ 27.891229] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 27.891848] test_invalid_addr_free+0xfb/0x260 [ 27.892216] kunit_try_run_case+0x1a5/0x480 [ 27.892675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.893183] kthread+0x337/0x6f0 [ 27.893485] ret_from_fork+0x116/0x1d0 [ 27.893945] ret_from_fork_asm+0x1a/0x30 [ 27.894402] [ 27.894619] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.894619] [ 27.895360] allocated by task 326 on cpu 1 at 27.889718s (0.005637s ago): [ 27.896085] test_alloc+0x2a6/0x10f0 [ 27.896420] test_invalid_addr_free+0xdb/0x260 [ 27.896994] kunit_try_run_case+0x1a5/0x480 [ 27.897386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.898190] kthread+0x337/0x6f0 [ 27.898566] ret_from_fork+0x116/0x1d0 [ 27.898917] ret_from_fork_asm+0x1a/0x30 [ 27.899247] [ 27.899544] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.900586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.901020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.901634] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 27.681903] ================================================================== [ 27.682523] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 27.682523] [ 27.683194] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 27.683772] test_double_free+0x112/0x260 [ 27.684225] kunit_try_run_case+0x1a5/0x480 [ 27.684618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.685167] kthread+0x337/0x6f0 [ 27.685493] ret_from_fork+0x116/0x1d0 [ 27.685950] ret_from_fork_asm+0x1a/0x30 [ 27.686381] [ 27.686627] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.686627] [ 27.687314] allocated by task 322 on cpu 0 at 27.681659s (0.005650s ago): [ 27.688080] test_alloc+0x2a6/0x10f0 [ 27.688453] test_double_free+0xdb/0x260 [ 27.688783] kunit_try_run_case+0x1a5/0x480 [ 27.689260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.690032] kthread+0x337/0x6f0 [ 27.690351] ret_from_fork+0x116/0x1d0 [ 27.690837] ret_from_fork_asm+0x1a/0x30 [ 27.691171] [ 27.691405] freed by task 322 on cpu 0 at 27.681732s (0.009667s ago): [ 27.692079] test_double_free+0xfa/0x260 [ 27.692516] kunit_try_run_case+0x1a5/0x480 [ 27.692954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.693440] kthread+0x337/0x6f0 [ 27.693914] ret_from_fork+0x116/0x1d0 [ 27.694314] ret_from_fork_asm+0x1a/0x30 [ 27.694667] [ 27.694936] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.695888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.696327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.697150] ================================================================== [ 27.578025] ================================================================== [ 27.578715] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 27.578715] [ 27.579402] Invalid free of 0x(____ptrval____) (in kfence-#109): [ 27.580093] test_double_free+0x1d3/0x260 [ 27.580523] kunit_try_run_case+0x1a5/0x480 [ 27.581079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.581505] kthread+0x337/0x6f0 [ 27.581930] ret_from_fork+0x116/0x1d0 [ 27.582375] ret_from_fork_asm+0x1a/0x30 [ 27.582835] [ 27.583090] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.583090] [ 27.583849] allocated by task 320 on cpu 0 at 27.577677s (0.006167s ago): [ 27.584504] test_alloc+0x364/0x10f0 [ 27.584930] test_double_free+0xdb/0x260 [ 27.585531] kunit_try_run_case+0x1a5/0x480 [ 27.585906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.586427] kthread+0x337/0x6f0 [ 27.586994] ret_from_fork+0x116/0x1d0 [ 27.587359] ret_from_fork_asm+0x1a/0x30 [ 27.587834] [ 27.588069] freed by task 320 on cpu 0 at 27.577760s (0.010303s ago): [ 27.588525] test_double_free+0x1e0/0x260 [ 27.588954] kunit_try_run_case+0x1a5/0x480 [ 27.589435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.589905] kthread+0x337/0x6f0 [ 27.590205] ret_from_fork+0x116/0x1d0 [ 27.590538] ret_from_fork_asm+0x1a/0x30 [ 27.590978] [ 27.591284] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.592543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.593001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.593621] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 27.162052] ================================================================== [ 27.162754] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.162754] [ 27.164067] Use-after-free read at 0x(____ptrval____) (in kfence-#105): [ 27.165193] test_use_after_free_read+0x129/0x270 [ 27.165791] kunit_try_run_case+0x1a5/0x480 [ 27.166416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.167024] kthread+0x337/0x6f0 [ 27.167408] ret_from_fork+0x116/0x1d0 [ 27.168131] ret_from_fork_asm+0x1a/0x30 [ 27.168475] [ 27.169072] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.169072] [ 27.169796] allocated by task 312 on cpu 1 at 27.161731s (0.008060s ago): [ 27.170443] test_alloc+0x364/0x10f0 [ 27.171285] test_use_after_free_read+0xdc/0x270 [ 27.171925] kunit_try_run_case+0x1a5/0x480 [ 27.172496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.173227] kthread+0x337/0x6f0 [ 27.173757] ret_from_fork+0x116/0x1d0 [ 27.174303] ret_from_fork_asm+0x1a/0x30 [ 27.174705] [ 27.175172] freed by task 312 on cpu 1 at 27.161838s (0.013190s ago): [ 27.176054] test_use_after_free_read+0x1e7/0x270 [ 27.176469] kunit_try_run_case+0x1a5/0x480 [ 27.177233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.177655] kthread+0x337/0x6f0 [ 27.177947] ret_from_fork+0x116/0x1d0 [ 27.178264] ret_from_fork_asm+0x1a/0x30 [ 27.178608] [ 27.178846] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.179972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.180417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.181516] ================================================================== [ 27.265768] ================================================================== [ 27.266411] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.266411] [ 27.267136] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 27.267718] test_use_after_free_read+0x129/0x270 [ 27.268310] kunit_try_run_case+0x1a5/0x480 [ 27.268842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.269316] kthread+0x337/0x6f0 [ 27.269616] ret_from_fork+0x116/0x1d0 [ 27.270049] ret_from_fork_asm+0x1a/0x30 [ 27.270491] [ 27.270856] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.270856] [ 27.271590] allocated by task 314 on cpu 0 at 27.265605s (0.005979s ago): [ 27.272195] test_alloc+0x2a6/0x10f0 [ 27.272516] test_use_after_free_read+0xdc/0x270 [ 27.273051] kunit_try_run_case+0x1a5/0x480 [ 27.273452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.273982] kthread+0x337/0x6f0 [ 27.274327] ret_from_fork+0x116/0x1d0 [ 27.274771] ret_from_fork_asm+0x1a/0x30 [ 27.275201] [ 27.275397] freed by task 314 on cpu 0 at 27.265687s (0.009704s ago): [ 27.276061] test_use_after_free_read+0xfb/0x270 [ 27.276648] kunit_try_run_case+0x1a5/0x480 [ 27.277011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.277496] kthread+0x337/0x6f0 [ 27.277932] ret_from_fork+0x116/0x1d0 [ 27.278352] ret_from_fork_asm+0x1a/0x30 [ 27.278981] [ 27.279251] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.280186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.280578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.281303] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 26.953754] ================================================================== [ 26.954369] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 26.954369] [ 26.955006] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 26.955683] test_out_of_bounds_write+0x10d/0x260 [ 26.956172] kunit_try_run_case+0x1a5/0x480 [ 26.956630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.957106] kthread+0x337/0x6f0 [ 26.957499] ret_from_fork+0x116/0x1d0 [ 26.957949] ret_from_fork_asm+0x1a/0x30 [ 26.958350] [ 26.958597] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.958597] [ 26.959232] allocated by task 308 on cpu 0 at 26.953593s (0.005634s ago): [ 26.959974] test_alloc+0x364/0x10f0 [ 26.960333] test_out_of_bounds_write+0xd4/0x260 [ 26.960918] kunit_try_run_case+0x1a5/0x480 [ 26.961283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.961744] kthread+0x337/0x6f0 [ 26.962162] ret_from_fork+0x116/0x1d0 [ 26.962595] ret_from_fork_asm+0x1a/0x30 [ 26.963036] [ 26.963272] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 26.964628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.965040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.965969] ================================================================== [ 27.057825] ================================================================== [ 27.058455] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 27.058455] [ 27.059305] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#104): [ 27.060640] test_out_of_bounds_write+0x10d/0x260 [ 27.061256] kunit_try_run_case+0x1a5/0x480 [ 27.061596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.062129] kthread+0x337/0x6f0 [ 27.062542] ret_from_fork+0x116/0x1d0 [ 27.063353] ret_from_fork_asm+0x1a/0x30 [ 27.063672] [ 27.064273] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.064273] [ 27.065011] allocated by task 310 on cpu 1 at 27.057716s (0.007290s ago): [ 27.066130] test_alloc+0x2a6/0x10f0 [ 27.066714] test_out_of_bounds_write+0xd4/0x260 [ 27.067322] kunit_try_run_case+0x1a5/0x480 [ 27.067968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.068604] kthread+0x337/0x6f0 [ 27.069138] ret_from_fork+0x116/0x1d0 [ 27.069767] ret_from_fork_asm+0x1a/0x30 [ 27.070204] [ 27.070484] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 27.071753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.072306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.073211] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 26.227224] ================================================================== [ 26.227937] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 26.227937] [ 26.229318] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#96): [ 26.230536] test_out_of_bounds_read+0x126/0x4e0 [ 26.231000] kunit_try_run_case+0x1a5/0x480 [ 26.231413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.232443] kthread+0x337/0x6f0 [ 26.233031] ret_from_fork+0x116/0x1d0 [ 26.233562] ret_from_fork_asm+0x1a/0x30 [ 26.234192] [ 26.234961] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.234961] [ 26.236113] allocated by task 304 on cpu 0 at 26.225934s (0.010062s ago): [ 26.237691] test_alloc+0x364/0x10f0 [ 26.238105] test_out_of_bounds_read+0xed/0x4e0 [ 26.238705] kunit_try_run_case+0x1a5/0x480 [ 26.239129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.239596] kthread+0x337/0x6f0 [ 26.239977] ret_from_fork+0x116/0x1d0 [ 26.240344] ret_from_fork_asm+0x1a/0x30 [ 26.241390] [ 26.241666] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 26.242758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.243310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.244236] ================================================================== [ 26.745859] ================================================================== [ 26.746487] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 26.746487] [ 26.747301] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#101): [ 26.748155] test_out_of_bounds_read+0x126/0x4e0 [ 26.748572] kunit_try_run_case+0x1a5/0x480 [ 26.749092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.749577] kthread+0x337/0x6f0 [ 26.750010] ret_from_fork+0x116/0x1d0 [ 26.750415] ret_from_fork_asm+0x1a/0x30 [ 26.750890] [ 26.751124] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.751124] [ 26.751944] allocated by task 306 on cpu 1 at 26.745734s (0.006205s ago): [ 26.752483] test_alloc+0x2a6/0x10f0 [ 26.752955] test_out_of_bounds_read+0xed/0x4e0 [ 26.753446] kunit_try_run_case+0x1a5/0x480 [ 26.754158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.754703] kthread+0x337/0x6f0 [ 26.755021] ret_from_fork+0x116/0x1d0 [ 26.755525] ret_from_fork_asm+0x1a/0x30 [ 26.755983] [ 26.756278] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 26.757205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.757618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.758433] ================================================================== [ 26.330023] ================================================================== [ 26.330626] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 26.330626] [ 26.331416] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#97): [ 26.333041] test_out_of_bounds_read+0x216/0x4e0 [ 26.333483] kunit_try_run_case+0x1a5/0x480 [ 26.334228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.334894] kthread+0x337/0x6f0 [ 26.335290] ret_from_fork+0x116/0x1d0 [ 26.335957] ret_from_fork_asm+0x1a/0x30 [ 26.336531] [ 26.336867] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.336867] [ 26.337222] allocated by task 304 on cpu 0 at 26.329726s (0.007493s ago): [ 26.337470] test_alloc+0x364/0x10f0 [ 26.338636] test_out_of_bounds_read+0x1e2/0x4e0 [ 26.339268] kunit_try_run_case+0x1a5/0x480 [ 26.339869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.340528] kthread+0x337/0x6f0 [ 26.340923] ret_from_fork+0x116/0x1d0 [ 26.341547] ret_from_fork_asm+0x1a/0x30 [ 26.341931] [ 26.342146] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 26.342971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.343251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.343749] ================================================================== [ 26.849906] ================================================================== [ 26.850631] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 26.850631] [ 26.851367] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#102): [ 26.851985] test_out_of_bounds_read+0x216/0x4e0 [ 26.852473] kunit_try_run_case+0x1a5/0x480 [ 26.852916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.853370] kthread+0x337/0x6f0 [ 26.853993] ret_from_fork+0x116/0x1d0 [ 26.854398] ret_from_fork_asm+0x1a/0x30 [ 26.854963] [ 26.855204] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.855204] [ 26.855781] allocated by task 306 on cpu 1 at 26.849800s (0.005976s ago): [ 26.856654] test_alloc+0x2a6/0x10f0 [ 26.857104] test_out_of_bounds_read+0x1e2/0x4e0 [ 26.857558] kunit_try_run_case+0x1a5/0x480 [ 26.858094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.858584] kthread+0x337/0x6f0 [ 26.858975] ret_from_fork+0x116/0x1d0 [ 26.859289] ret_from_fork_asm+0x1a/0x30 [ 26.859828] [ 26.860120] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 26.861269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.861596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.862503] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 25.865559] ================================================================== [ 25.866131] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 25.867093] Write of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.867775] [ 25.868418] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.868898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.868932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.868967] Call Trace: [ 25.868992] <TASK> [ 25.869018] dump_stack_lvl+0x73/0xb0 [ 25.869058] print_report+0xd1/0x650 [ 25.869096] ? __virt_addr_valid+0x1db/0x2d0 [ 25.869130] ? strncpy_from_user+0x2e/0x1d0 [ 25.869160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.869195] ? strncpy_from_user+0x2e/0x1d0 [ 25.869225] kasan_report+0x141/0x180 [ 25.869259] ? strncpy_from_user+0x2e/0x1d0 [ 25.869295] kasan_check_range+0x10c/0x1c0 [ 25.869331] __kasan_check_write+0x18/0x20 [ 25.869361] strncpy_from_user+0x2e/0x1d0 [ 25.869394] copy_user_test_oob+0x760/0x10f0 [ 25.869426] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.869455] ? finish_task_switch.isra.0+0x153/0x700 [ 25.869489] ? __switch_to+0x47/0xf50 [ 25.869527] ? __schedule+0x10cc/0x2b60 [ 25.869620] ? __pfx_read_tsc+0x10/0x10 [ 25.869657] ? ktime_get_ts64+0x86/0x230 [ 25.869693] kunit_try_run_case+0x1a5/0x480 [ 25.869727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.869756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.869794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.869857] ? __kthread_parkme+0x82/0x180 [ 25.869892] ? preempt_count_sub+0x50/0x80 [ 25.869926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.869957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.869996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.870035] kthread+0x337/0x6f0 [ 25.870065] ? trace_preempt_on+0x20/0xc0 [ 25.870098] ? __pfx_kthread+0x10/0x10 [ 25.870129] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.870163] ? calculate_sigpending+0x7b/0xa0 [ 25.870211] ? __pfx_kthread+0x10/0x10 [ 25.870246] ret_from_fork+0x116/0x1d0 [ 25.870273] ? __pfx_kthread+0x10/0x10 [ 25.870303] ret_from_fork_asm+0x1a/0x30 [ 25.870347] </TASK> [ 25.870364] [ 25.891619] Allocated by task 302: [ 25.892389] kasan_save_stack+0x45/0x70 [ 25.893052] kasan_save_track+0x18/0x40 [ 25.893404] kasan_save_alloc_info+0x3b/0x50 [ 25.893877] __kasan_kmalloc+0xb7/0xc0 [ 25.894814] __kmalloc_noprof+0x1c9/0x500 [ 25.895136] kunit_kmalloc_array+0x25/0x60 [ 25.895929] copy_user_test_oob+0xab/0x10f0 [ 25.896273] kunit_try_run_case+0x1a5/0x480 [ 25.896638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.897069] kthread+0x337/0x6f0 [ 25.897353] ret_from_fork+0x116/0x1d0 [ 25.898687] ret_from_fork_asm+0x1a/0x30 [ 25.899033] [ 25.899440] The buggy address belongs to the object at ffff8881022e0700 [ 25.899440] which belongs to the cache kmalloc-128 of size 128 [ 25.900747] The buggy address is located 0 bytes inside of [ 25.900747] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.902375] [ 25.902569] The buggy address belongs to the physical page: [ 25.903250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.903952] flags: 0x200000000000000(node=0|zone=2) [ 25.904150] page_type: f5(slab) [ 25.904297] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.904571] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.904856] page dumped because: kasan: bad access detected [ 25.905052] [ 25.905138] Memory state around the buggy address: [ 25.905311] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.905563] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.905816] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.906326] ^ [ 25.906802] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.907800] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.908862] ================================================================== [ 25.911070] ================================================================== [ 25.911632] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 25.912376] Write of size 1 at addr ffff8881022e0778 by task kunit_try_catch/302 [ 25.913598] [ 25.914287] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.914370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.914418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.914488] Call Trace: [ 25.914548] <TASK> [ 25.914755] dump_stack_lvl+0x73/0xb0 [ 25.914803] print_report+0xd1/0x650 [ 25.914870] ? __virt_addr_valid+0x1db/0x2d0 [ 25.914907] ? strncpy_from_user+0x1a5/0x1d0 [ 25.914940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.914977] ? strncpy_from_user+0x1a5/0x1d0 [ 25.915008] kasan_report+0x141/0x180 [ 25.915041] ? strncpy_from_user+0x1a5/0x1d0 [ 25.915079] __asan_report_store1_noabort+0x1b/0x30 [ 25.915110] strncpy_from_user+0x1a5/0x1d0 [ 25.915144] copy_user_test_oob+0x760/0x10f0 [ 25.915176] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.915204] ? finish_task_switch.isra.0+0x153/0x700 [ 25.915237] ? __switch_to+0x47/0xf50 [ 25.915275] ? __schedule+0x10cc/0x2b60 [ 25.915312] ? __pfx_read_tsc+0x10/0x10 [ 25.915344] ? ktime_get_ts64+0x86/0x230 [ 25.915380] kunit_try_run_case+0x1a5/0x480 [ 25.915411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.915441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.915477] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.915514] ? __kthread_parkme+0x82/0x180 [ 25.915557] ? preempt_count_sub+0x50/0x80 [ 25.915612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.915645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.915684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.915722] kthread+0x337/0x6f0 [ 25.915753] ? trace_preempt_on+0x20/0xc0 [ 25.915789] ? __pfx_kthread+0x10/0x10 [ 25.915839] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.915897] ? calculate_sigpending+0x7b/0xa0 [ 25.915934] ? __pfx_kthread+0x10/0x10 [ 25.915967] ret_from_fork+0x116/0x1d0 [ 25.915996] ? __pfx_kthread+0x10/0x10 [ 25.916061] ret_from_fork_asm+0x1a/0x30 [ 25.916119] </TASK> [ 25.916136] [ 25.932963] Allocated by task 302: [ 25.933440] kasan_save_stack+0x45/0x70 [ 25.934022] kasan_save_track+0x18/0x40 [ 25.934501] kasan_save_alloc_info+0x3b/0x50 [ 25.935086] __kasan_kmalloc+0xb7/0xc0 [ 25.935527] __kmalloc_noprof+0x1c9/0x500 [ 25.936091] kunit_kmalloc_array+0x25/0x60 [ 25.936644] copy_user_test_oob+0xab/0x10f0 [ 25.937136] kunit_try_run_case+0x1a5/0x480 [ 25.937661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.938229] kthread+0x337/0x6f0 [ 25.938719] ret_from_fork+0x116/0x1d0 [ 25.939224] ret_from_fork_asm+0x1a/0x30 [ 25.939780] [ 25.939993] The buggy address belongs to the object at ffff8881022e0700 [ 25.939993] which belongs to the cache kmalloc-128 of size 128 [ 25.941121] The buggy address is located 0 bytes to the right of [ 25.941121] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.942335] [ 25.942615] The buggy address belongs to the physical page: [ 25.943271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.944093] flags: 0x200000000000000(node=0|zone=2) [ 25.944490] page_type: f5(slab) [ 25.944813] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.945497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.946183] page dumped because: kasan: bad access detected [ 25.946693] [ 25.946945] Memory state around the buggy address: [ 25.947372] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.947910] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.948368] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.949017] ^ [ 25.949678] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.951092] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.951595] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 25.674891] ================================================================== [ 25.675589] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 25.676251] Write of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.678902] [ 25.679461] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.679553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.679599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.679665] Call Trace: [ 25.680134] <TASK> [ 25.680172] dump_stack_lvl+0x73/0xb0 [ 25.680217] print_report+0xd1/0x650 [ 25.680256] ? __virt_addr_valid+0x1db/0x2d0 [ 25.680292] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.680322] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.680357] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.680386] kasan_report+0x141/0x180 [ 25.680420] ? copy_user_test_oob+0x3fd/0x10f0 [ 25.680455] kasan_check_range+0x10c/0x1c0 [ 25.680491] __kasan_check_write+0x18/0x20 [ 25.680543] copy_user_test_oob+0x3fd/0x10f0 [ 25.680623] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.680655] ? finish_task_switch.isra.0+0x153/0x700 [ 25.680692] ? __switch_to+0x47/0xf50 [ 25.680732] ? __schedule+0x10cc/0x2b60 [ 25.680768] ? __pfx_read_tsc+0x10/0x10 [ 25.680801] ? ktime_get_ts64+0x86/0x230 [ 25.680862] kunit_try_run_case+0x1a5/0x480 [ 25.680898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.680930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.680967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.681005] ? __kthread_parkme+0x82/0x180 [ 25.681037] ? preempt_count_sub+0x50/0x80 [ 25.681070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.681102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.681138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.681175] kthread+0x337/0x6f0 [ 25.681204] ? trace_preempt_on+0x20/0xc0 [ 25.681238] ? __pfx_kthread+0x10/0x10 [ 25.681272] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.681307] ? calculate_sigpending+0x7b/0xa0 [ 25.681343] ? __pfx_kthread+0x10/0x10 [ 25.681375] ret_from_fork+0x116/0x1d0 [ 25.681400] ? __pfx_kthread+0x10/0x10 [ 25.681431] ret_from_fork_asm+0x1a/0x30 [ 25.681474] </TASK> [ 25.681491] [ 25.703256] Allocated by task 302: [ 25.703746] kasan_save_stack+0x45/0x70 [ 25.704044] kasan_save_track+0x18/0x40 [ 25.704488] kasan_save_alloc_info+0x3b/0x50 [ 25.704863] __kasan_kmalloc+0xb7/0xc0 [ 25.705301] __kmalloc_noprof+0x1c9/0x500 [ 25.705678] kunit_kmalloc_array+0x25/0x60 [ 25.706261] copy_user_test_oob+0xab/0x10f0 [ 25.707365] kunit_try_run_case+0x1a5/0x480 [ 25.707740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.708143] kthread+0x337/0x6f0 [ 25.708770] ret_from_fork+0x116/0x1d0 [ 25.709196] ret_from_fork_asm+0x1a/0x30 [ 25.709606] [ 25.709845] The buggy address belongs to the object at ffff8881022e0700 [ 25.709845] which belongs to the cache kmalloc-128 of size 128 [ 25.710788] The buggy address is located 0 bytes inside of [ 25.710788] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.712394] [ 25.712797] The buggy address belongs to the physical page: [ 25.713377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.714228] flags: 0x200000000000000(node=0|zone=2) [ 25.714877] page_type: f5(slab) [ 25.715357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.716184] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.716767] page dumped because: kasan: bad access detected [ 25.717235] [ 25.717811] Memory state around the buggy address: [ 25.718377] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.719265] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.719973] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.720795] ^ [ 25.721513] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.722124] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.722642] ================================================================== [ 25.724406] ================================================================== [ 25.725118] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 25.727135] Read of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.727665] [ 25.727979] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.728115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.728163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.728206] Call Trace: [ 25.728248] <TASK> [ 25.728272] dump_stack_lvl+0x73/0xb0 [ 25.728322] print_report+0xd1/0x650 [ 25.728393] ? __virt_addr_valid+0x1db/0x2d0 [ 25.728431] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.728461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.728497] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.728528] kasan_report+0x141/0x180 [ 25.728845] ? copy_user_test_oob+0x4aa/0x10f0 [ 25.728896] kasan_check_range+0x10c/0x1c0 [ 25.728935] __kasan_check_read+0x15/0x20 [ 25.728965] copy_user_test_oob+0x4aa/0x10f0 [ 25.728998] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.729026] ? finish_task_switch.isra.0+0x153/0x700 [ 25.729062] ? __switch_to+0x47/0xf50 [ 25.729100] ? __schedule+0x10cc/0x2b60 [ 25.729136] ? __pfx_read_tsc+0x10/0x10 [ 25.729167] ? ktime_get_ts64+0x86/0x230 [ 25.729202] kunit_try_run_case+0x1a5/0x480 [ 25.729232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.729262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.729299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.729335] ? __kthread_parkme+0x82/0x180 [ 25.729365] ? preempt_count_sub+0x50/0x80 [ 25.729397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.729428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.729464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.729502] kthread+0x337/0x6f0 [ 25.729531] ? trace_preempt_on+0x20/0xc0 [ 25.729599] ? __pfx_kthread+0x10/0x10 [ 25.729632] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.729666] ? calculate_sigpending+0x7b/0xa0 [ 25.729702] ? __pfx_kthread+0x10/0x10 [ 25.729733] ret_from_fork+0x116/0x1d0 [ 25.729762] ? __pfx_kthread+0x10/0x10 [ 25.729792] ret_from_fork_asm+0x1a/0x30 [ 25.729859] </TASK> [ 25.729877] [ 25.750131] Allocated by task 302: [ 25.750505] kasan_save_stack+0x45/0x70 [ 25.750889] kasan_save_track+0x18/0x40 [ 25.751216] kasan_save_alloc_info+0x3b/0x50 [ 25.751617] __kasan_kmalloc+0xb7/0xc0 [ 25.752151] __kmalloc_noprof+0x1c9/0x500 [ 25.752590] kunit_kmalloc_array+0x25/0x60 [ 25.753183] copy_user_test_oob+0xab/0x10f0 [ 25.753627] kunit_try_run_case+0x1a5/0x480 [ 25.754100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.754511] kthread+0x337/0x6f0 [ 25.754882] ret_from_fork+0x116/0x1d0 [ 25.755460] ret_from_fork_asm+0x1a/0x30 [ 25.755968] [ 25.756261] The buggy address belongs to the object at ffff8881022e0700 [ 25.756261] which belongs to the cache kmalloc-128 of size 128 [ 25.757424] The buggy address is located 0 bytes inside of [ 25.757424] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.758590] [ 25.758889] The buggy address belongs to the physical page: [ 25.759390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.760047] flags: 0x200000000000000(node=0|zone=2) [ 25.760592] page_type: f5(slab) [ 25.761003] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.761645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.762376] page dumped because: kasan: bad access detected [ 25.763118] [ 25.763327] Memory state around the buggy address: [ 25.763929] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.764543] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.765169] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.765844] ^ [ 25.766529] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.767127] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.767867] ================================================================== [ 25.769147] ================================================================== [ 25.769918] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 25.770541] Write of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.771316] [ 25.771629] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.771761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.771803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.771888] Call Trace: [ 25.771944] <TASK> [ 25.771995] dump_stack_lvl+0x73/0xb0 [ 25.772086] print_report+0xd1/0x650 [ 25.772191] ? __virt_addr_valid+0x1db/0x2d0 [ 25.772303] ? copy_user_test_oob+0x557/0x10f0 [ 25.772358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.772431] ? copy_user_test_oob+0x557/0x10f0 [ 25.772509] kasan_report+0x141/0x180 [ 25.772631] ? copy_user_test_oob+0x557/0x10f0 [ 25.772750] kasan_check_range+0x10c/0x1c0 [ 25.772852] __kasan_check_write+0x18/0x20 [ 25.772935] copy_user_test_oob+0x557/0x10f0 [ 25.773042] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.773149] ? finish_task_switch.isra.0+0x153/0x700 [ 25.773229] ? __switch_to+0x47/0xf50 [ 25.773338] ? __schedule+0x10cc/0x2b60 [ 25.773460] ? __pfx_read_tsc+0x10/0x10 [ 25.773542] ? ktime_get_ts64+0x86/0x230 [ 25.773652] kunit_try_run_case+0x1a5/0x480 [ 25.773786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.773897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.773987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.774076] ? __kthread_parkme+0x82/0x180 [ 25.774159] ? preempt_count_sub+0x50/0x80 [ 25.774257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.774340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.774454] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.774573] kthread+0x337/0x6f0 [ 25.774649] ? trace_preempt_on+0x20/0xc0 [ 25.774735] ? __pfx_kthread+0x10/0x10 [ 25.774813] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.774914] ? calculate_sigpending+0x7b/0xa0 [ 25.775003] ? __pfx_kthread+0x10/0x10 [ 25.775042] ret_from_fork+0x116/0x1d0 [ 25.775071] ? __pfx_kthread+0x10/0x10 [ 25.775102] ret_from_fork_asm+0x1a/0x30 [ 25.775149] </TASK> [ 25.775165] [ 25.794755] Allocated by task 302: [ 25.795450] kasan_save_stack+0x45/0x70 [ 25.796139] kasan_save_track+0x18/0x40 [ 25.796799] kasan_save_alloc_info+0x3b/0x50 [ 25.797327] __kasan_kmalloc+0xb7/0xc0 [ 25.797712] __kmalloc_noprof+0x1c9/0x500 [ 25.798127] kunit_kmalloc_array+0x25/0x60 [ 25.798515] copy_user_test_oob+0xab/0x10f0 [ 25.799485] kunit_try_run_case+0x1a5/0x480 [ 25.800227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.800924] kthread+0x337/0x6f0 [ 25.801463] ret_from_fork+0x116/0x1d0 [ 25.802058] ret_from_fork_asm+0x1a/0x30 [ 25.802407] [ 25.802595] The buggy address belongs to the object at ffff8881022e0700 [ 25.802595] which belongs to the cache kmalloc-128 of size 128 [ 25.803401] The buggy address is located 0 bytes inside of [ 25.803401] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.804935] [ 25.805718] The buggy address belongs to the physical page: [ 25.806340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.807188] flags: 0x200000000000000(node=0|zone=2) [ 25.807768] page_type: f5(slab) [ 25.808273] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.809042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.809884] page dumped because: kasan: bad access detected [ 25.810742] [ 25.810962] Memory state around the buggy address: [ 25.811315] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.813340] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.814408] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.815082] ^ [ 25.815729] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.816475] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.817170] ================================================================== [ 25.820489] ================================================================== [ 25.821591] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 25.823610] Read of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.824210] [ 25.824398] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.824507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.824540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.824599] Call Trace: [ 25.824640] <TASK> [ 25.824681] dump_stack_lvl+0x73/0xb0 [ 25.824747] print_report+0xd1/0x650 [ 25.824807] ? __virt_addr_valid+0x1db/0x2d0 [ 25.824892] ? copy_user_test_oob+0x604/0x10f0 [ 25.824946] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.825006] ? copy_user_test_oob+0x604/0x10f0 [ 25.825081] kasan_report+0x141/0x180 [ 25.825163] ? copy_user_test_oob+0x604/0x10f0 [ 25.825254] kasan_check_range+0x10c/0x1c0 [ 25.825716] __kasan_check_read+0x15/0x20 [ 25.825792] copy_user_test_oob+0x604/0x10f0 [ 25.825884] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.825950] ? finish_task_switch.isra.0+0x153/0x700 [ 25.826011] ? __switch_to+0x47/0xf50 [ 25.826082] ? __schedule+0x10cc/0x2b60 [ 25.827111] ? __pfx_read_tsc+0x10/0x10 [ 25.827180] ? ktime_get_ts64+0x86/0x230 [ 25.827245] kunit_try_run_case+0x1a5/0x480 [ 25.827286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.827318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.827357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.827396] ? __kthread_parkme+0x82/0x180 [ 25.827429] ? preempt_count_sub+0x50/0x80 [ 25.827464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.827496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.827534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.827719] kthread+0x337/0x6f0 [ 25.827760] ? trace_preempt_on+0x20/0xc0 [ 25.827797] ? __pfx_kthread+0x10/0x10 [ 25.827862] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.827904] ? calculate_sigpending+0x7b/0xa0 [ 25.827941] ? __pfx_kthread+0x10/0x10 [ 25.827974] ret_from_fork+0x116/0x1d0 [ 25.828002] ? __pfx_kthread+0x10/0x10 [ 25.828034] ret_from_fork_asm+0x1a/0x30 [ 25.828077] </TASK> [ 25.828096] [ 25.844076] Allocated by task 302: [ 25.844378] kasan_save_stack+0x45/0x70 [ 25.844995] kasan_save_track+0x18/0x40 [ 25.845323] kasan_save_alloc_info+0x3b/0x50 [ 25.845685] __kasan_kmalloc+0xb7/0xc0 [ 25.847044] __kmalloc_noprof+0x1c9/0x500 [ 25.848091] kunit_kmalloc_array+0x25/0x60 [ 25.848499] copy_user_test_oob+0xab/0x10f0 [ 25.849069] kunit_try_run_case+0x1a5/0x480 [ 25.849592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.850175] kthread+0x337/0x6f0 [ 25.850646] ret_from_fork+0x116/0x1d0 [ 25.851101] ret_from_fork_asm+0x1a/0x30 [ 25.851502] [ 25.851918] The buggy address belongs to the object at ffff8881022e0700 [ 25.851918] which belongs to the cache kmalloc-128 of size 128 [ 25.853029] The buggy address is located 0 bytes inside of [ 25.853029] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.854086] [ 25.854354] The buggy address belongs to the physical page: [ 25.855028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.855739] flags: 0x200000000000000(node=0|zone=2) [ 25.856233] page_type: f5(slab) [ 25.856776] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.857420] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.858258] page dumped because: kasan: bad access detected [ 25.858857] [ 25.859069] Memory state around the buggy address: [ 25.859604] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.860133] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.860753] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.861390] ^ [ 25.861963] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.862543] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.863291] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 25.628490] ================================================================== [ 25.629105] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 25.629949] Read of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.631172] [ 25.631605] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.631912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.631937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.631971] Call Trace: [ 25.631996] <TASK> [ 25.632019] dump_stack_lvl+0x73/0xb0 [ 25.632060] print_report+0xd1/0x650 [ 25.632097] ? __virt_addr_valid+0x1db/0x2d0 [ 25.632132] ? _copy_to_user+0x3c/0x70 [ 25.632163] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.632198] ? _copy_to_user+0x3c/0x70 [ 25.632228] kasan_report+0x141/0x180 [ 25.632262] ? _copy_to_user+0x3c/0x70 [ 25.632298] kasan_check_range+0x10c/0x1c0 [ 25.632334] __kasan_check_read+0x15/0x20 [ 25.632362] _copy_to_user+0x3c/0x70 [ 25.632393] copy_user_test_oob+0x364/0x10f0 [ 25.632426] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.632454] ? finish_task_switch.isra.0+0x153/0x700 [ 25.632488] ? __switch_to+0x47/0xf50 [ 25.632526] ? __schedule+0x10cc/0x2b60 [ 25.632604] ? __pfx_read_tsc+0x10/0x10 [ 25.632642] ? ktime_get_ts64+0x86/0x230 [ 25.632681] kunit_try_run_case+0x1a5/0x480 [ 25.632712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.632741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.632779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.632816] ? __kthread_parkme+0x82/0x180 [ 25.632874] ? preempt_count_sub+0x50/0x80 [ 25.632910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.632942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.632980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.633017] kthread+0x337/0x6f0 [ 25.633046] ? trace_preempt_on+0x20/0xc0 [ 25.633082] ? __pfx_kthread+0x10/0x10 [ 25.633114] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.633148] ? calculate_sigpending+0x7b/0xa0 [ 25.633185] ? __pfx_kthread+0x10/0x10 [ 25.633216] ret_from_fork+0x116/0x1d0 [ 25.633243] ? __pfx_kthread+0x10/0x10 [ 25.633272] ret_from_fork_asm+0x1a/0x30 [ 25.633316] </TASK> [ 25.633333] [ 25.650465] Allocated by task 302: [ 25.650807] kasan_save_stack+0x45/0x70 [ 25.651318] kasan_save_track+0x18/0x40 [ 25.651810] kasan_save_alloc_info+0x3b/0x50 [ 25.652310] __kasan_kmalloc+0xb7/0xc0 [ 25.652810] __kmalloc_noprof+0x1c9/0x500 [ 25.653187] kunit_kmalloc_array+0x25/0x60 [ 25.653724] copy_user_test_oob+0xab/0x10f0 [ 25.654194] kunit_try_run_case+0x1a5/0x480 [ 25.654587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.655158] kthread+0x337/0x6f0 [ 25.655632] ret_from_fork+0x116/0x1d0 [ 25.656083] ret_from_fork_asm+0x1a/0x30 [ 25.656515] [ 25.656815] The buggy address belongs to the object at ffff8881022e0700 [ 25.656815] which belongs to the cache kmalloc-128 of size 128 [ 25.657807] The buggy address is located 0 bytes inside of [ 25.657807] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.658920] [ 25.659187] The buggy address belongs to the physical page: [ 25.659720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.660458] flags: 0x200000000000000(node=0|zone=2) [ 25.661004] page_type: f5(slab) [ 25.661371] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.662109] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.662870] page dumped because: kasan: bad access detected [ 25.663373] [ 25.663683] Memory state around the buggy address: [ 25.664141] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.664668] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.665395] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.666114] ^ [ 25.666755] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.667287] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.668027] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 25.575521] ================================================================== [ 25.576650] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 25.577219] Write of size 121 at addr ffff8881022e0700 by task kunit_try_catch/302 [ 25.577727] [ 25.578224] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.578363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.578405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.578471] Call Trace: [ 25.578513] <TASK> [ 25.578616] dump_stack_lvl+0x73/0xb0 [ 25.578712] print_report+0xd1/0x650 [ 25.578798] ? __virt_addr_valid+0x1db/0x2d0 [ 25.578909] ? _copy_from_user+0x32/0x90 [ 25.578993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.579121] ? _copy_from_user+0x32/0x90 [ 25.579202] kasan_report+0x141/0x180 [ 25.579287] ? _copy_from_user+0x32/0x90 [ 25.579345] kasan_check_range+0x10c/0x1c0 [ 25.579387] __kasan_check_write+0x18/0x20 [ 25.579418] _copy_from_user+0x32/0x90 [ 25.579451] copy_user_test_oob+0x2be/0x10f0 [ 25.579486] ? __pfx_copy_user_test_oob+0x10/0x10 [ 25.579516] ? finish_task_switch.isra.0+0x153/0x700 [ 25.579603] ? __switch_to+0x47/0xf50 [ 25.579653] ? __schedule+0x10cc/0x2b60 [ 25.579693] ? __pfx_read_tsc+0x10/0x10 [ 25.579726] ? ktime_get_ts64+0x86/0x230 [ 25.579763] kunit_try_run_case+0x1a5/0x480 [ 25.579797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.579848] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.579893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.579932] ? __kthread_parkme+0x82/0x180 [ 25.579964] ? preempt_count_sub+0x50/0x80 [ 25.579996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.580027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.580067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.580104] kthread+0x337/0x6f0 [ 25.580133] ? trace_preempt_on+0x20/0xc0 [ 25.580169] ? __pfx_kthread+0x10/0x10 [ 25.580200] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.580235] ? calculate_sigpending+0x7b/0xa0 [ 25.580272] ? __pfx_kthread+0x10/0x10 [ 25.580304] ret_from_fork+0x116/0x1d0 [ 25.580330] ? __pfx_kthread+0x10/0x10 [ 25.580361] ret_from_fork_asm+0x1a/0x30 [ 25.580404] </TASK> [ 25.580422] [ 25.601482] Allocated by task 302: [ 25.601940] kasan_save_stack+0x45/0x70 [ 25.602416] kasan_save_track+0x18/0x40 [ 25.602911] kasan_save_alloc_info+0x3b/0x50 [ 25.603382] __kasan_kmalloc+0xb7/0xc0 [ 25.603905] __kmalloc_noprof+0x1c9/0x500 [ 25.604332] kunit_kmalloc_array+0x25/0x60 [ 25.604887] copy_user_test_oob+0xab/0x10f0 [ 25.605304] kunit_try_run_case+0x1a5/0x480 [ 25.605777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.606391] kthread+0x337/0x6f0 [ 25.606807] ret_from_fork+0x116/0x1d0 [ 25.607258] ret_from_fork_asm+0x1a/0x30 [ 25.607738] [ 25.608045] The buggy address belongs to the object at ffff8881022e0700 [ 25.608045] which belongs to the cache kmalloc-128 of size 128 [ 25.608952] The buggy address is located 0 bytes inside of [ 25.608952] allocated 120-byte region [ffff8881022e0700, ffff8881022e0778) [ 25.609965] [ 25.610264] The buggy address belongs to the physical page: [ 25.610846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 25.611430] flags: 0x200000000000000(node=0|zone=2) [ 25.612025] page_type: f5(slab) [ 25.612422] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.613084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.613839] page dumped because: kasan: bad access detected [ 25.614312] [ 25.614628] Memory state around the buggy address: [ 25.615102] ffff8881022e0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.615843] ffff8881022e0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.616474] >ffff8881022e0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.618224] ^ [ 25.619058] ffff8881022e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.619571] ffff8881022e0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.621925] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 25.495695] ================================================================== [ 25.497421] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 25.498131] Write of size 8 at addr ffff888102b56b78 by task kunit_try_catch/298 [ 25.499733] [ 25.500022] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.500148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.500181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.500274] Call Trace: [ 25.500322] <TASK> [ 25.500358] dump_stack_lvl+0x73/0xb0 [ 25.500401] print_report+0xd1/0x650 [ 25.500437] ? __virt_addr_valid+0x1db/0x2d0 [ 25.500474] ? copy_to_kernel_nofault+0x99/0x260 [ 25.500511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.500547] ? copy_to_kernel_nofault+0x99/0x260 [ 25.500611] kasan_report+0x141/0x180 [ 25.500649] ? copy_to_kernel_nofault+0x99/0x260 [ 25.500692] kasan_check_range+0x10c/0x1c0 [ 25.500729] __kasan_check_write+0x18/0x20 [ 25.500758] copy_to_kernel_nofault+0x99/0x260 [ 25.500796] copy_to_kernel_nofault_oob+0x288/0x560 [ 25.500860] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 25.500944] ? finish_task_switch.isra.0+0x153/0x700 [ 25.501025] ? __schedule+0x10cc/0x2b60 [ 25.501106] ? trace_hardirqs_on+0x37/0xe0 [ 25.501171] ? __pfx_read_tsc+0x10/0x10 [ 25.501423] ? ktime_get_ts64+0x86/0x230 [ 25.501465] kunit_try_run_case+0x1a5/0x480 [ 25.501500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.501530] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.501608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.501651] ? __kthread_parkme+0x82/0x180 [ 25.501681] ? preempt_count_sub+0x50/0x80 [ 25.501717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.501749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.501785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.501822] kthread+0x337/0x6f0 [ 25.501884] ? trace_preempt_on+0x20/0xc0 [ 25.501920] ? __pfx_kthread+0x10/0x10 [ 25.501951] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.501986] ? calculate_sigpending+0x7b/0xa0 [ 25.502025] ? __pfx_kthread+0x10/0x10 [ 25.502056] ret_from_fork+0x116/0x1d0 [ 25.502084] ? __pfx_kthread+0x10/0x10 [ 25.502114] ret_from_fork_asm+0x1a/0x30 [ 25.502157] </TASK> [ 25.502188] [ 25.525794] Allocated by task 298: [ 25.526463] kasan_save_stack+0x45/0x70 [ 25.527105] kasan_save_track+0x18/0x40 [ 25.527603] kasan_save_alloc_info+0x3b/0x50 [ 25.527967] __kasan_kmalloc+0xb7/0xc0 [ 25.528977] __kmalloc_cache_noprof+0x189/0x420 [ 25.529598] copy_to_kernel_nofault_oob+0x12f/0x560 [ 25.530326] kunit_try_run_case+0x1a5/0x480 [ 25.530678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.531151] kthread+0x337/0x6f0 [ 25.531597] ret_from_fork+0x116/0x1d0 [ 25.532471] ret_from_fork_asm+0x1a/0x30 [ 25.533072] [ 25.533707] The buggy address belongs to the object at ffff888102b56b00 [ 25.533707] which belongs to the cache kmalloc-128 of size 128 [ 25.534607] The buggy address is located 0 bytes to the right of [ 25.534607] allocated 120-byte region [ffff888102b56b00, ffff888102b56b78) [ 25.536487] [ 25.536698] The buggy address belongs to the physical page: [ 25.537817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 25.538591] flags: 0x200000000000000(node=0|zone=2) [ 25.539043] page_type: f5(slab) [ 25.540006] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.540920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.541948] page dumped because: kasan: bad access detected [ 25.542779] [ 25.542965] Memory state around the buggy address: [ 25.543275] ffff888102b56a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.546142] ffff888102b56a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.546998] >ffff888102b56b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.549644] ^ [ 25.550237] ffff888102b56b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.551022] ffff888102b56c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.551889] ================================================================== [ 25.438996] ================================================================== [ 25.440474] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 25.441731] Read of size 8 at addr ffff888102b56b78 by task kunit_try_catch/298 [ 25.442585] [ 25.443143] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.443910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.443945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.443991] Call Trace: [ 25.444012] <TASK> [ 25.444053] dump_stack_lvl+0x73/0xb0 [ 25.444104] print_report+0xd1/0x650 [ 25.444163] ? __virt_addr_valid+0x1db/0x2d0 [ 25.444318] ? copy_to_kernel_nofault+0x225/0x260 [ 25.444361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.444417] ? copy_to_kernel_nofault+0x225/0x260 [ 25.444458] kasan_report+0x141/0x180 [ 25.444553] ? copy_to_kernel_nofault+0x225/0x260 [ 25.444638] __asan_report_load8_noabort+0x18/0x20 [ 25.444676] copy_to_kernel_nofault+0x225/0x260 [ 25.444716] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 25.444753] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 25.444789] ? finish_task_switch.isra.0+0x153/0x700 [ 25.444826] ? __schedule+0x10cc/0x2b60 [ 25.444892] ? trace_hardirqs_on+0x37/0xe0 [ 25.444940] ? __pfx_read_tsc+0x10/0x10 [ 25.444973] ? ktime_get_ts64+0x86/0x230 [ 25.445010] kunit_try_run_case+0x1a5/0x480 [ 25.445046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.445076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.445114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.445150] ? __kthread_parkme+0x82/0x180 [ 25.445220] ? preempt_count_sub+0x50/0x80 [ 25.445260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.445293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.445331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.445368] kthread+0x337/0x6f0 [ 25.445398] ? trace_preempt_on+0x20/0xc0 [ 25.445430] ? __pfx_kthread+0x10/0x10 [ 25.445462] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.445495] ? calculate_sigpending+0x7b/0xa0 [ 25.445532] ? __pfx_kthread+0x10/0x10 [ 25.445578] ret_from_fork+0x116/0x1d0 [ 25.445621] ? __pfx_kthread+0x10/0x10 [ 25.445654] ret_from_fork_asm+0x1a/0x30 [ 25.445701] </TASK> [ 25.445718] [ 25.471010] Allocated by task 298: [ 25.471886] kasan_save_stack+0x45/0x70 [ 25.472701] kasan_save_track+0x18/0x40 [ 25.473055] kasan_save_alloc_info+0x3b/0x50 [ 25.473592] __kasan_kmalloc+0xb7/0xc0 [ 25.473931] __kmalloc_cache_noprof+0x189/0x420 [ 25.475146] copy_to_kernel_nofault_oob+0x12f/0x560 [ 25.475826] kunit_try_run_case+0x1a5/0x480 [ 25.476504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.476958] kthread+0x337/0x6f0 [ 25.477239] ret_from_fork+0x116/0x1d0 [ 25.477564] ret_from_fork_asm+0x1a/0x30 [ 25.478998] [ 25.479177] The buggy address belongs to the object at ffff888102b56b00 [ 25.479177] which belongs to the cache kmalloc-128 of size 128 [ 25.480562] The buggy address is located 0 bytes to the right of [ 25.480562] allocated 120-byte region [ffff888102b56b00, ffff888102b56b78) [ 25.481960] [ 25.482141] The buggy address belongs to the physical page: [ 25.483264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 25.484171] flags: 0x200000000000000(node=0|zone=2) [ 25.484785] page_type: f5(slab) [ 25.485193] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.486248] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.487249] page dumped because: kasan: bad access detected [ 25.487818] [ 25.488164] Memory state around the buggy address: [ 25.488783] ffff888102b56a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.489815] ffff888102b56a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.490567] >ffff888102b56b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.491500] ^ [ 25.492473] ffff888102b56b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.493254] ffff888102b56c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.494127] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 23.402369] ================================================================== [ 23.403413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 23.404222] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.405268] [ 23.405713] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.405922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.405968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.406018] Call Trace: [ 23.406044] <TASK> [ 23.406063] dump_stack_lvl+0x73/0xb0 [ 23.406101] print_report+0xd1/0x650 [ 23.406135] ? __virt_addr_valid+0x1db/0x2d0 [ 23.406169] ? kasan_atomics_helper+0xde0/0x5450 [ 23.406203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.406250] ? kasan_atomics_helper+0xde0/0x5450 [ 23.406284] kasan_report+0x141/0x180 [ 23.406317] ? kasan_atomics_helper+0xde0/0x5450 [ 23.406356] kasan_check_range+0x10c/0x1c0 [ 23.406392] __kasan_check_write+0x18/0x20 [ 23.406421] kasan_atomics_helper+0xde0/0x5450 [ 23.406454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.406487] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.406517] ? kasan_atomics+0x152/0x310 [ 23.406549] kasan_atomics+0x1dc/0x310 [ 23.406577] ? __pfx_kasan_atomics+0x10/0x10 [ 23.406638] ? __pfx_read_tsc+0x10/0x10 [ 23.406686] ? ktime_get_ts64+0x86/0x230 [ 23.406723] kunit_try_run_case+0x1a5/0x480 [ 23.406755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.406785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.406823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.406861] ? __kthread_parkme+0x82/0x180 [ 23.406916] ? preempt_count_sub+0x50/0x80 [ 23.406955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.406987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.407026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.407065] kthread+0x337/0x6f0 [ 23.407094] ? trace_preempt_on+0x20/0xc0 [ 23.407127] ? __pfx_kthread+0x10/0x10 [ 23.407157] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.407193] ? calculate_sigpending+0x7b/0xa0 [ 23.407229] ? __pfx_kthread+0x10/0x10 [ 23.407260] ret_from_fork+0x116/0x1d0 [ 23.407287] ? __pfx_kthread+0x10/0x10 [ 23.407316] ret_from_fork_asm+0x1a/0x30 [ 23.407359] </TASK> [ 23.407375] [ 23.430649] Allocated by task 282: [ 23.431234] kasan_save_stack+0x45/0x70 [ 23.431525] kasan_save_track+0x18/0x40 [ 23.432288] kasan_save_alloc_info+0x3b/0x50 [ 23.432743] __kasan_kmalloc+0xb7/0xc0 [ 23.433151] __kmalloc_cache_noprof+0x189/0x420 [ 23.433661] kasan_atomics+0x95/0x310 [ 23.434063] kunit_try_run_case+0x1a5/0x480 [ 23.434532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.435059] kthread+0x337/0x6f0 [ 23.435404] ret_from_fork+0x116/0x1d0 [ 23.436366] ret_from_fork_asm+0x1a/0x30 [ 23.436909] [ 23.437084] The buggy address belongs to the object at ffff888102b73d80 [ 23.437084] which belongs to the cache kmalloc-64 of size 64 [ 23.438784] The buggy address is located 0 bytes to the right of [ 23.438784] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.439803] [ 23.440243] The buggy address belongs to the physical page: [ 23.441169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.442026] flags: 0x200000000000000(node=0|zone=2) [ 23.442431] page_type: f5(slab) [ 23.442835] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.443479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.444484] page dumped because: kasan: bad access detected [ 23.445122] [ 23.445371] Memory state around the buggy address: [ 23.446053] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.446751] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.447392] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.448429] ^ [ 23.448820] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.449582] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.450431] ================================================================== [ 23.801567] ================================================================== [ 23.802244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 23.803059] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.803893] [ 23.804137] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.804306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.804348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.804411] Call Trace: [ 23.804462] <TASK> [ 23.804562] dump_stack_lvl+0x73/0xb0 [ 23.804771] print_report+0xd1/0x650 [ 23.804910] ? __virt_addr_valid+0x1db/0x2d0 [ 23.805056] ? kasan_atomics_helper+0x1217/0x5450 [ 23.805138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.805271] ? kasan_atomics_helper+0x1217/0x5450 [ 23.805352] kasan_report+0x141/0x180 [ 23.805436] ? kasan_atomics_helper+0x1217/0x5450 [ 23.805640] kasan_check_range+0x10c/0x1c0 [ 23.805758] __kasan_check_write+0x18/0x20 [ 23.805844] kasan_atomics_helper+0x1217/0x5450 [ 23.805953] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.806039] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.806117] ? kasan_atomics+0x152/0x310 [ 23.806258] kasan_atomics+0x1dc/0x310 [ 23.806424] ? __pfx_kasan_atomics+0x10/0x10 [ 23.806505] ? __pfx_read_tsc+0x10/0x10 [ 23.806668] ? ktime_get_ts64+0x86/0x230 [ 23.806789] kunit_try_run_case+0x1a5/0x480 [ 23.806838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.806889] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.806942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.806984] ? __kthread_parkme+0x82/0x180 [ 23.807016] ? preempt_count_sub+0x50/0x80 [ 23.807052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.807084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.807122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.807160] kthread+0x337/0x6f0 [ 23.807188] ? trace_preempt_on+0x20/0xc0 [ 23.807222] ? __pfx_kthread+0x10/0x10 [ 23.807255] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.807290] ? calculate_sigpending+0x7b/0xa0 [ 23.807326] ? __pfx_kthread+0x10/0x10 [ 23.807359] ret_from_fork+0x116/0x1d0 [ 23.807385] ? __pfx_kthread+0x10/0x10 [ 23.807416] ret_from_fork_asm+0x1a/0x30 [ 23.807458] </TASK> [ 23.807474] [ 23.824648] Allocated by task 282: [ 23.825115] kasan_save_stack+0x45/0x70 [ 23.825601] kasan_save_track+0x18/0x40 [ 23.826072] kasan_save_alloc_info+0x3b/0x50 [ 23.826646] __kasan_kmalloc+0xb7/0xc0 [ 23.827053] __kmalloc_cache_noprof+0x189/0x420 [ 23.827402] kasan_atomics+0x95/0x310 [ 23.827741] kunit_try_run_case+0x1a5/0x480 [ 23.828480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.829199] kthread+0x337/0x6f0 [ 23.829612] ret_from_fork+0x116/0x1d0 [ 23.830163] ret_from_fork_asm+0x1a/0x30 [ 23.830696] [ 23.831015] The buggy address belongs to the object at ffff888102b73d80 [ 23.831015] which belongs to the cache kmalloc-64 of size 64 [ 23.832193] The buggy address is located 0 bytes to the right of [ 23.832193] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.833367] [ 23.833562] The buggy address belongs to the physical page: [ 23.833953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.835051] flags: 0x200000000000000(node=0|zone=2) [ 23.835830] page_type: f5(slab) [ 23.836233] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.837093] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.837566] page dumped because: kasan: bad access detected [ 23.838147] [ 23.838538] Memory state around the buggy address: [ 23.839208] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.840048] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.840729] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.841349] ^ [ 23.841726] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.842785] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.843371] ================================================================== [ 23.315459] ================================================================== [ 23.316511] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 23.317230] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.318002] [ 23.318353] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.318535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.318588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.318701] Call Trace: [ 23.318748] <TASK> [ 23.318855] dump_stack_lvl+0x73/0xb0 [ 23.318989] print_report+0xd1/0x650 [ 23.319074] ? __virt_addr_valid+0x1db/0x2d0 [ 23.319157] ? kasan_atomics_helper+0x4a84/0x5450 [ 23.319324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.319414] ? kasan_atomics_helper+0x4a84/0x5450 [ 23.319551] kasan_report+0x141/0x180 [ 23.319686] ? kasan_atomics_helper+0x4a84/0x5450 [ 23.319771] __asan_report_load4_noabort+0x18/0x20 [ 23.319806] kasan_atomics_helper+0x4a84/0x5450 [ 23.319842] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.319878] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.319940] ? kasan_atomics+0x152/0x310 [ 23.319974] kasan_atomics+0x1dc/0x310 [ 23.320002] ? __pfx_kasan_atomics+0x10/0x10 [ 23.320032] ? __pfx_read_tsc+0x10/0x10 [ 23.320065] ? ktime_get_ts64+0x86/0x230 [ 23.320101] kunit_try_run_case+0x1a5/0x480 [ 23.320133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.320163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.320200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.320238] ? __kthread_parkme+0x82/0x180 [ 23.320270] ? preempt_count_sub+0x50/0x80 [ 23.320304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.320336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.320374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.320410] kthread+0x337/0x6f0 [ 23.320439] ? trace_preempt_on+0x20/0xc0 [ 23.320473] ? __pfx_kthread+0x10/0x10 [ 23.320505] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.320539] ? calculate_sigpending+0x7b/0xa0 [ 23.320576] ? __pfx_kthread+0x10/0x10 [ 23.320613] ret_from_fork+0x116/0x1d0 [ 23.320683] ? __pfx_kthread+0x10/0x10 [ 23.320715] ret_from_fork_asm+0x1a/0x30 [ 23.320762] </TASK> [ 23.320778] [ 23.336422] Allocated by task 282: [ 23.336744] kasan_save_stack+0x45/0x70 [ 23.337254] kasan_save_track+0x18/0x40 [ 23.337830] kasan_save_alloc_info+0x3b/0x50 [ 23.338311] __kasan_kmalloc+0xb7/0xc0 [ 23.338670] __kmalloc_cache_noprof+0x189/0x420 [ 23.339168] kasan_atomics+0x95/0x310 [ 23.339520] kunit_try_run_case+0x1a5/0x480 [ 23.340064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.340665] kthread+0x337/0x6f0 [ 23.341111] ret_from_fork+0x116/0x1d0 [ 23.341501] ret_from_fork_asm+0x1a/0x30 [ 23.342180] [ 23.342410] The buggy address belongs to the object at ffff888102b73d80 [ 23.342410] which belongs to the cache kmalloc-64 of size 64 [ 23.343116] The buggy address is located 0 bytes to the right of [ 23.343116] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.344220] [ 23.344475] The buggy address belongs to the physical page: [ 23.345313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.346042] flags: 0x200000000000000(node=0|zone=2) [ 23.346561] page_type: f5(slab) [ 23.346990] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.347553] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.348235] page dumped because: kasan: bad access detected [ 23.348933] [ 23.349130] Memory state around the buggy address: [ 23.349478] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.350396] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.351156] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.351606] ^ [ 23.352089] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.352869] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.355152] ================================================================== [ 24.592479] ================================================================== [ 24.594369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 24.595074] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.595682] [ 24.595948] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.596082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.596118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.596153] Call Trace: [ 24.596179] <TASK> [ 24.596201] dump_stack_lvl+0x73/0xb0 [ 24.596248] print_report+0xd1/0x650 [ 24.596320] ? __virt_addr_valid+0x1db/0x2d0 [ 24.596359] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.596393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.596428] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.596461] kasan_report+0x141/0x180 [ 24.596495] ? kasan_atomics_helper+0x1a7f/0x5450 [ 24.596533] kasan_check_range+0x10c/0x1c0 [ 24.596569] __kasan_check_write+0x18/0x20 [ 24.596600] kasan_atomics_helper+0x1a7f/0x5450 [ 24.596634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.596667] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.596698] ? kasan_atomics+0x152/0x310 [ 24.596730] kasan_atomics+0x1dc/0x310 [ 24.596758] ? __pfx_kasan_atomics+0x10/0x10 [ 24.596788] ? __pfx_read_tsc+0x10/0x10 [ 24.596821] ? ktime_get_ts64+0x86/0x230 [ 24.596896] kunit_try_run_case+0x1a5/0x480 [ 24.597031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.597137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.597252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.597394] ? __kthread_parkme+0x82/0x180 [ 24.597500] ? preempt_count_sub+0x50/0x80 [ 24.597597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.597641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.597682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.597720] kthread+0x337/0x6f0 [ 24.597749] ? trace_preempt_on+0x20/0xc0 [ 24.597782] ? __pfx_kthread+0x10/0x10 [ 24.597813] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.597847] ? calculate_sigpending+0x7b/0xa0 [ 24.597912] ? __pfx_kthread+0x10/0x10 [ 24.597946] ret_from_fork+0x116/0x1d0 [ 24.597972] ? __pfx_kthread+0x10/0x10 [ 24.598003] ret_from_fork_asm+0x1a/0x30 [ 24.598047] </TASK> [ 24.598063] [ 24.617972] Allocated by task 282: [ 24.618358] kasan_save_stack+0x45/0x70 [ 24.619389] kasan_save_track+0x18/0x40 [ 24.619751] kasan_save_alloc_info+0x3b/0x50 [ 24.620465] __kasan_kmalloc+0xb7/0xc0 [ 24.621247] __kmalloc_cache_noprof+0x189/0x420 [ 24.622128] kasan_atomics+0x95/0x310 [ 24.622747] kunit_try_run_case+0x1a5/0x480 [ 24.623141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.623732] kthread+0x337/0x6f0 [ 24.624122] ret_from_fork+0x116/0x1d0 [ 24.624535] ret_from_fork_asm+0x1a/0x30 [ 24.625314] [ 24.625753] The buggy address belongs to the object at ffff888102b73d80 [ 24.625753] which belongs to the cache kmalloc-64 of size 64 [ 24.626678] The buggy address is located 0 bytes to the right of [ 24.626678] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.627686] [ 24.627902] The buggy address belongs to the physical page: [ 24.628558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.629413] flags: 0x200000000000000(node=0|zone=2) [ 24.630106] page_type: f5(slab) [ 24.630276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.630530] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.630788] page dumped because: kasan: bad access detected [ 24.631461] [ 24.631931] Memory state around the buggy address: [ 24.632661] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.633703] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.634458] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.635354] ^ [ 24.635947] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.636483] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.637306] ================================================================== [ 24.174698] ================================================================== [ 24.176432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 24.177541] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.178635] [ 24.178830] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.178949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.178992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.179142] Call Trace: [ 24.179205] <TASK> [ 24.179260] dump_stack_lvl+0x73/0xb0 [ 24.179409] print_report+0xd1/0x650 [ 24.179528] ? __virt_addr_valid+0x1db/0x2d0 [ 24.179619] ? kasan_atomics_helper+0x151d/0x5450 [ 24.179755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.179885] ? kasan_atomics_helper+0x151d/0x5450 [ 24.179970] kasan_report+0x141/0x180 [ 24.180102] ? kasan_atomics_helper+0x151d/0x5450 [ 24.180229] kasan_check_range+0x10c/0x1c0 [ 24.180319] __kasan_check_write+0x18/0x20 [ 24.180456] kasan_atomics_helper+0x151d/0x5450 [ 24.180639] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.180725] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.180802] ? kasan_atomics+0x152/0x310 [ 24.180904] kasan_atomics+0x1dc/0x310 [ 24.181033] ? __pfx_kasan_atomics+0x10/0x10 [ 24.181140] ? __pfx_read_tsc+0x10/0x10 [ 24.181213] ? ktime_get_ts64+0x86/0x230 [ 24.181258] kunit_try_run_case+0x1a5/0x480 [ 24.181295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.181327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.181367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.181406] ? __kthread_parkme+0x82/0x180 [ 24.181437] ? preempt_count_sub+0x50/0x80 [ 24.181472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.181503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.181541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.181579] kthread+0x337/0x6f0 [ 24.181643] ? trace_preempt_on+0x20/0xc0 [ 24.181683] ? __pfx_kthread+0x10/0x10 [ 24.181715] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.181752] ? calculate_sigpending+0x7b/0xa0 [ 24.181789] ? __pfx_kthread+0x10/0x10 [ 24.181822] ret_from_fork+0x116/0x1d0 [ 24.181850] ? __pfx_kthread+0x10/0x10 [ 24.181918] ret_from_fork_asm+0x1a/0x30 [ 24.181969] </TASK> [ 24.181986] [ 24.198907] Allocated by task 282: [ 24.199922] kasan_save_stack+0x45/0x70 [ 24.200381] kasan_save_track+0x18/0x40 [ 24.201517] kasan_save_alloc_info+0x3b/0x50 [ 24.201880] __kasan_kmalloc+0xb7/0xc0 [ 24.202883] __kmalloc_cache_noprof+0x189/0x420 [ 24.203428] kasan_atomics+0x95/0x310 [ 24.204028] kunit_try_run_case+0x1a5/0x480 [ 24.204510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.205062] kthread+0x337/0x6f0 [ 24.205423] ret_from_fork+0x116/0x1d0 [ 24.205967] ret_from_fork_asm+0x1a/0x30 [ 24.206314] [ 24.206521] The buggy address belongs to the object at ffff888102b73d80 [ 24.206521] which belongs to the cache kmalloc-64 of size 64 [ 24.207560] The buggy address is located 0 bytes to the right of [ 24.207560] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.208496] [ 24.208836] The buggy address belongs to the physical page: [ 24.209379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.210004] flags: 0x200000000000000(node=0|zone=2) [ 24.210555] page_type: f5(slab) [ 24.210985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.211606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.212281] page dumped because: kasan: bad access detected [ 24.212859] [ 24.213072] Memory state around the buggy address: [ 24.213434] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.214165] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.214744] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.215850] ^ [ 24.218160] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.219020] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.219571] ================================================================== [ 24.034557] ================================================================== [ 24.035309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 24.035795] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.038001] [ 24.038772] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.038848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.038892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.038931] Call Trace: [ 24.038961] <TASK> [ 24.039001] dump_stack_lvl+0x73/0xb0 [ 24.039042] print_report+0xd1/0x650 [ 24.039099] ? __virt_addr_valid+0x1db/0x2d0 [ 24.039138] ? kasan_atomics_helper+0x4eae/0x5450 [ 24.039213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.039261] ? kasan_atomics_helper+0x4eae/0x5450 [ 24.039309] kasan_report+0x141/0x180 [ 24.039353] ? kasan_atomics_helper+0x4eae/0x5450 [ 24.039407] __asan_report_load8_noabort+0x18/0x20 [ 24.039452] kasan_atomics_helper+0x4eae/0x5450 [ 24.039495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.039589] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.039668] ? kasan_atomics+0x152/0x310 [ 24.039703] kasan_atomics+0x1dc/0x310 [ 24.039733] ? __pfx_kasan_atomics+0x10/0x10 [ 24.039764] ? __pfx_read_tsc+0x10/0x10 [ 24.039797] ? ktime_get_ts64+0x86/0x230 [ 24.039833] kunit_try_run_case+0x1a5/0x480 [ 24.039885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.039924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.039967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.040005] ? __kthread_parkme+0x82/0x180 [ 24.040036] ? preempt_count_sub+0x50/0x80 [ 24.040071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.040101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.040139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.040177] kthread+0x337/0x6f0 [ 24.040206] ? trace_preempt_on+0x20/0xc0 [ 24.040241] ? __pfx_kthread+0x10/0x10 [ 24.040271] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.040303] ? calculate_sigpending+0x7b/0xa0 [ 24.040339] ? __pfx_kthread+0x10/0x10 [ 24.040371] ret_from_fork+0x116/0x1d0 [ 24.040397] ? __pfx_kthread+0x10/0x10 [ 24.040428] ret_from_fork_asm+0x1a/0x30 [ 24.040471] </TASK> [ 24.040488] [ 24.061000] Allocated by task 282: [ 24.061516] kasan_save_stack+0x45/0x70 [ 24.062317] kasan_save_track+0x18/0x40 [ 24.062627] kasan_save_alloc_info+0x3b/0x50 [ 24.063269] __kasan_kmalloc+0xb7/0xc0 [ 24.064067] __kmalloc_cache_noprof+0x189/0x420 [ 24.064434] kasan_atomics+0x95/0x310 [ 24.065036] kunit_try_run_case+0x1a5/0x480 [ 24.065377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.066276] kthread+0x337/0x6f0 [ 24.066590] ret_from_fork+0x116/0x1d0 [ 24.067170] ret_from_fork_asm+0x1a/0x30 [ 24.067591] [ 24.068128] The buggy address belongs to the object at ffff888102b73d80 [ 24.068128] which belongs to the cache kmalloc-64 of size 64 [ 24.069398] The buggy address is located 0 bytes to the right of [ 24.069398] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.070802] [ 24.071078] The buggy address belongs to the physical page: [ 24.071856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.072533] flags: 0x200000000000000(node=0|zone=2) [ 24.073251] page_type: f5(slab) [ 24.073820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.074458] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.075280] page dumped because: kasan: bad access detected [ 24.076061] [ 24.076441] Memory state around the buggy address: [ 24.077003] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.077812] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.078425] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.079341] ^ [ 24.080032] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.080612] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.081324] ================================================================== [ 23.628143] ================================================================== [ 23.628961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 23.629616] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.630220] [ 23.630471] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.630604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.630648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.630713] Call Trace: [ 23.630771] <TASK> [ 23.630821] dump_stack_lvl+0x73/0xb0 [ 23.630932] print_report+0xd1/0x650 [ 23.631017] ? __virt_addr_valid+0x1db/0x2d0 [ 23.631098] ? kasan_atomics_helper+0x1079/0x5450 [ 23.631177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.631258] ? kasan_atomics_helper+0x1079/0x5450 [ 23.631337] kasan_report+0x141/0x180 [ 23.631412] ? kasan_atomics_helper+0x1079/0x5450 [ 23.631491] kasan_check_range+0x10c/0x1c0 [ 23.631559] __kasan_check_write+0x18/0x20 [ 23.631616] kasan_atomics_helper+0x1079/0x5450 [ 23.631691] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.631762] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.631830] ? kasan_atomics+0x152/0x310 [ 23.631920] kasan_atomics+0x1dc/0x310 [ 23.631985] ? __pfx_kasan_atomics+0x10/0x10 [ 23.632040] ? __pfx_read_tsc+0x10/0x10 [ 23.632101] ? ktime_get_ts64+0x86/0x230 [ 23.632168] kunit_try_run_case+0x1a5/0x480 [ 23.632302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.632384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.632507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.632599] ? __kthread_parkme+0x82/0x180 [ 23.632733] ? preempt_count_sub+0x50/0x80 [ 23.632825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.632929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.633020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.633088] kthread+0x337/0x6f0 [ 23.633155] ? trace_preempt_on+0x20/0xc0 [ 23.633236] ? __pfx_kthread+0x10/0x10 [ 23.633310] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.633394] ? calculate_sigpending+0x7b/0xa0 [ 23.633479] ? __pfx_kthread+0x10/0x10 [ 23.633556] ret_from_fork+0x116/0x1d0 [ 23.633625] ? __pfx_kthread+0x10/0x10 [ 23.633708] ret_from_fork_asm+0x1a/0x30 [ 23.633808] </TASK> [ 23.633850] [ 23.649849] Allocated by task 282: [ 23.650280] kasan_save_stack+0x45/0x70 [ 23.650695] kasan_save_track+0x18/0x40 [ 23.651109] kasan_save_alloc_info+0x3b/0x50 [ 23.651549] __kasan_kmalloc+0xb7/0xc0 [ 23.652016] __kmalloc_cache_noprof+0x189/0x420 [ 23.652425] kasan_atomics+0x95/0x310 [ 23.652999] kunit_try_run_case+0x1a5/0x480 [ 23.653407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.653932] kthread+0x337/0x6f0 [ 23.654333] ret_from_fork+0x116/0x1d0 [ 23.654780] ret_from_fork_asm+0x1a/0x30 [ 23.655182] [ 23.655420] The buggy address belongs to the object at ffff888102b73d80 [ 23.655420] which belongs to the cache kmalloc-64 of size 64 [ 23.656456] The buggy address is located 0 bytes to the right of [ 23.656456] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.658546] [ 23.658839] The buggy address belongs to the physical page: [ 23.659397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.661694] flags: 0x200000000000000(node=0|zone=2) [ 23.662328] page_type: f5(slab) [ 23.662623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.663348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.665108] page dumped because: kasan: bad access detected [ 23.665676] [ 23.665933] Memory state around the buggy address: [ 23.666326] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.667065] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.667672] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.668293] ^ [ 23.668682] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.669295] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.669860] ================================================================== [ 22.448591] ================================================================== [ 22.449178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 22.449655] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.450190] [ 22.450454] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.450577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.450616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.450674] Call Trace: [ 22.450721] <TASK> [ 22.450762] dump_stack_lvl+0x73/0xb0 [ 22.450841] print_report+0xd1/0x650 [ 22.450937] ? __virt_addr_valid+0x1db/0x2d0 [ 22.451017] ? kasan_atomics_helper+0x4ba2/0x5450 [ 22.451092] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.451170] ? kasan_atomics_helper+0x4ba2/0x5450 [ 22.451318] kasan_report+0x141/0x180 [ 22.451430] ? kasan_atomics_helper+0x4ba2/0x5450 [ 22.451519] __asan_report_store4_noabort+0x1b/0x30 [ 22.451595] kasan_atomics_helper+0x4ba2/0x5450 [ 22.451676] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.451751] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.451828] ? kasan_atomics+0x152/0x310 [ 22.451905] kasan_atomics+0x1dc/0x310 [ 22.451997] ? __pfx_kasan_atomics+0x10/0x10 [ 22.452066] ? __pfx_read_tsc+0x10/0x10 [ 22.452137] ? ktime_get_ts64+0x86/0x230 [ 22.452222] kunit_try_run_case+0x1a5/0x480 [ 22.452292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.452362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.452443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.452520] ? __kthread_parkme+0x82/0x180 [ 22.452610] ? preempt_count_sub+0x50/0x80 [ 22.452697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.452834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.453019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.453138] kthread+0x337/0x6f0 [ 22.453210] ? trace_preempt_on+0x20/0xc0 [ 22.453268] ? __pfx_kthread+0x10/0x10 [ 22.453300] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.453334] ? calculate_sigpending+0x7b/0xa0 [ 22.453369] ? __pfx_kthread+0x10/0x10 [ 22.453400] ret_from_fork+0x116/0x1d0 [ 22.453427] ? __pfx_kthread+0x10/0x10 [ 22.453455] ret_from_fork_asm+0x1a/0x30 [ 22.453497] </TASK> [ 22.453511] [ 22.469666] Allocated by task 282: [ 22.470054] kasan_save_stack+0x45/0x70 [ 22.470460] kasan_save_track+0x18/0x40 [ 22.470856] kasan_save_alloc_info+0x3b/0x50 [ 22.471391] __kasan_kmalloc+0xb7/0xc0 [ 22.471710] __kmalloc_cache_noprof+0x189/0x420 [ 22.472289] kasan_atomics+0x95/0x310 [ 22.473044] kunit_try_run_case+0x1a5/0x480 [ 22.473555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.474183] kthread+0x337/0x6f0 [ 22.474674] ret_from_fork+0x116/0x1d0 [ 22.475089] ret_from_fork_asm+0x1a/0x30 [ 22.475415] [ 22.475597] The buggy address belongs to the object at ffff888102b73d80 [ 22.475597] which belongs to the cache kmalloc-64 of size 64 [ 22.476297] The buggy address is located 0 bytes to the right of [ 22.476297] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.477080] [ 22.477439] The buggy address belongs to the physical page: [ 22.477946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.478626] flags: 0x200000000000000(node=0|zone=2) [ 22.479118] page_type: f5(slab) [ 22.479488] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.480644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.481329] page dumped because: kasan: bad access detected [ 22.481892] [ 22.482092] Memory state around the buggy address: [ 22.482717] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.483372] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.484104] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.484874] ^ [ 22.485324] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.486134] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.486825] ================================================================== [ 22.913058] ================================================================== [ 22.914085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 22.914817] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.915464] [ 22.915770] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.915926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.915973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.916072] Call Trace: [ 22.916132] <TASK> [ 22.916186] dump_stack_lvl+0x73/0xb0 [ 22.916314] print_report+0xd1/0x650 [ 22.916395] ? __virt_addr_valid+0x1db/0x2d0 [ 22.916514] ? kasan_atomics_helper+0x72f/0x5450 [ 22.916628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.916737] ? kasan_atomics_helper+0x72f/0x5450 [ 22.916821] kasan_report+0x141/0x180 [ 22.916922] ? kasan_atomics_helper+0x72f/0x5450 [ 22.917017] kasan_check_range+0x10c/0x1c0 [ 22.917104] __kasan_check_write+0x18/0x20 [ 22.917178] kasan_atomics_helper+0x72f/0x5450 [ 22.917240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.917277] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.917311] ? kasan_atomics+0x152/0x310 [ 22.917345] kasan_atomics+0x1dc/0x310 [ 22.917374] ? __pfx_kasan_atomics+0x10/0x10 [ 22.917404] ? __pfx_read_tsc+0x10/0x10 [ 22.917439] ? ktime_get_ts64+0x86/0x230 [ 22.917474] kunit_try_run_case+0x1a5/0x480 [ 22.917506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.917536] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.917573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.917614] ? __kthread_parkme+0x82/0x180 [ 22.917687] ? preempt_count_sub+0x50/0x80 [ 22.917725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.917756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.917794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.917830] kthread+0x337/0x6f0 [ 22.917858] ? trace_preempt_on+0x20/0xc0 [ 22.917893] ? __pfx_kthread+0x10/0x10 [ 22.917952] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.917989] ? calculate_sigpending+0x7b/0xa0 [ 22.918024] ? __pfx_kthread+0x10/0x10 [ 22.918056] ret_from_fork+0x116/0x1d0 [ 22.918086] ? __pfx_kthread+0x10/0x10 [ 22.918117] ret_from_fork_asm+0x1a/0x30 [ 22.918162] </TASK> [ 22.918178] [ 22.933772] Allocated by task 282: [ 22.934199] kasan_save_stack+0x45/0x70 [ 22.934587] kasan_save_track+0x18/0x40 [ 22.934930] kasan_save_alloc_info+0x3b/0x50 [ 22.935273] __kasan_kmalloc+0xb7/0xc0 [ 22.935761] __kmalloc_cache_noprof+0x189/0x420 [ 22.936476] kasan_atomics+0x95/0x310 [ 22.937113] kunit_try_run_case+0x1a5/0x480 [ 22.937470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.938273] kthread+0x337/0x6f0 [ 22.940646] ret_from_fork+0x116/0x1d0 [ 22.941017] ret_from_fork_asm+0x1a/0x30 [ 22.941933] [ 22.943149] The buggy address belongs to the object at ffff888102b73d80 [ 22.943149] which belongs to the cache kmalloc-64 of size 64 [ 22.944750] The buggy address is located 0 bytes to the right of [ 22.944750] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.945835] [ 22.946083] The buggy address belongs to the physical page: [ 22.946868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.947634] flags: 0x200000000000000(node=0|zone=2) [ 22.948243] page_type: f5(slab) [ 22.949005] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.949548] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.950516] page dumped because: kasan: bad access detected [ 22.951479] [ 22.951887] Memory state around the buggy address: [ 22.952277] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.952833] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.953697] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.954281] ^ [ 22.955010] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.955778] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.956522] ================================================================== [ 24.861772] ================================================================== [ 24.862498] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 24.863103] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.863892] [ 24.864189] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.864341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.864415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.864483] Call Trace: [ 24.864539] <TASK> [ 24.864638] dump_stack_lvl+0x73/0xb0 [ 24.864758] print_report+0xd1/0x650 [ 24.864860] ? __virt_addr_valid+0x1db/0x2d0 [ 24.864968] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.865079] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.865160] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.865218] kasan_report+0x141/0x180 [ 24.865296] ? kasan_atomics_helper+0x1e12/0x5450 [ 24.865405] kasan_check_range+0x10c/0x1c0 [ 24.865524] __kasan_check_write+0x18/0x20 [ 24.865650] kasan_atomics_helper+0x1e12/0x5450 [ 24.865738] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.865823] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.865921] ? kasan_atomics+0x152/0x310 [ 24.866005] kasan_atomics+0x1dc/0x310 [ 24.866083] ? __pfx_kasan_atomics+0x10/0x10 [ 24.866162] ? __pfx_read_tsc+0x10/0x10 [ 24.866302] ? ktime_get_ts64+0x86/0x230 [ 24.866397] kunit_try_run_case+0x1a5/0x480 [ 24.866479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.866555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.866688] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.866773] ? __kthread_parkme+0x82/0x180 [ 24.866815] ? preempt_count_sub+0x50/0x80 [ 24.866878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.866916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.866957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.866998] kthread+0x337/0x6f0 [ 24.867030] ? trace_preempt_on+0x20/0xc0 [ 24.867063] ? __pfx_kthread+0x10/0x10 [ 24.867094] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.867129] ? calculate_sigpending+0x7b/0xa0 [ 24.867164] ? __pfx_kthread+0x10/0x10 [ 24.867196] ret_from_fork+0x116/0x1d0 [ 24.867223] ? __pfx_kthread+0x10/0x10 [ 24.867254] ret_from_fork_asm+0x1a/0x30 [ 24.867298] </TASK> [ 24.867314] [ 24.883093] Allocated by task 282: [ 24.883442] kasan_save_stack+0x45/0x70 [ 24.884121] kasan_save_track+0x18/0x40 [ 24.884519] kasan_save_alloc_info+0x3b/0x50 [ 24.884980] __kasan_kmalloc+0xb7/0xc0 [ 24.885489] __kmalloc_cache_noprof+0x189/0x420 [ 24.886035] kasan_atomics+0x95/0x310 [ 24.886495] kunit_try_run_case+0x1a5/0x480 [ 24.887008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.887544] kthread+0x337/0x6f0 [ 24.887997] ret_from_fork+0x116/0x1d0 [ 24.888347] ret_from_fork_asm+0x1a/0x30 [ 24.888722] [ 24.889106] The buggy address belongs to the object at ffff888102b73d80 [ 24.889106] which belongs to the cache kmalloc-64 of size 64 [ 24.890080] The buggy address is located 0 bytes to the right of [ 24.890080] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.891410] [ 24.891678] The buggy address belongs to the physical page: [ 24.892226] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.893124] flags: 0x200000000000000(node=0|zone=2) [ 24.893573] page_type: f5(slab) [ 24.894070] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.894784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.895451] page dumped because: kasan: bad access detected [ 24.896138] [ 24.896371] Memory state around the buggy address: [ 24.896960] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.897423] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.898065] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.898784] ^ [ 24.899238] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.899713] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.900383] ================================================================== [ 23.988261] ================================================================== [ 23.989801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 23.990564] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.991163] [ 23.991426] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.991554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.991579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.992233] Call Trace: [ 23.992274] <TASK> [ 23.992301] dump_stack_lvl+0x73/0xb0 [ 23.992345] print_report+0xd1/0x650 [ 23.992380] ? __virt_addr_valid+0x1db/0x2d0 [ 23.992416] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.992450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.992484] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.992520] kasan_report+0x141/0x180 [ 23.992553] ? kasan_atomics_helper+0x13b5/0x5450 [ 23.992604] kasan_check_range+0x10c/0x1c0 [ 23.992673] __kasan_check_read+0x15/0x20 [ 23.992706] kasan_atomics_helper+0x13b5/0x5450 [ 23.992741] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.992775] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.992806] ? kasan_atomics+0x152/0x310 [ 23.992838] kasan_atomics+0x1dc/0x310 [ 23.992886] ? __pfx_kasan_atomics+0x10/0x10 [ 23.992928] ? __pfx_read_tsc+0x10/0x10 [ 23.992964] ? ktime_get_ts64+0x86/0x230 [ 23.993001] kunit_try_run_case+0x1a5/0x480 [ 23.993033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.993062] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.993102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.993139] ? __kthread_parkme+0x82/0x180 [ 23.993171] ? preempt_count_sub+0x50/0x80 [ 23.993206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.993236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.993274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.993311] kthread+0x337/0x6f0 [ 23.993341] ? trace_preempt_on+0x20/0xc0 [ 23.993373] ? __pfx_kthread+0x10/0x10 [ 23.993404] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.993438] ? calculate_sigpending+0x7b/0xa0 [ 23.993474] ? __pfx_kthread+0x10/0x10 [ 23.993505] ret_from_fork+0x116/0x1d0 [ 23.993532] ? __pfx_kthread+0x10/0x10 [ 23.993561] ret_from_fork_asm+0x1a/0x30 [ 23.993623] </TASK> [ 23.993649] [ 24.013911] Allocated by task 282: [ 24.014443] kasan_save_stack+0x45/0x70 [ 24.014837] kasan_save_track+0x18/0x40 [ 24.015258] kasan_save_alloc_info+0x3b/0x50 [ 24.015688] __kasan_kmalloc+0xb7/0xc0 [ 24.016578] __kmalloc_cache_noprof+0x189/0x420 [ 24.017168] kasan_atomics+0x95/0x310 [ 24.017679] kunit_try_run_case+0x1a5/0x480 [ 24.018213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.018935] kthread+0x337/0x6f0 [ 24.019429] ret_from_fork+0x116/0x1d0 [ 24.019806] ret_from_fork_asm+0x1a/0x30 [ 24.020466] [ 24.020737] The buggy address belongs to the object at ffff888102b73d80 [ 24.020737] which belongs to the cache kmalloc-64 of size 64 [ 24.021601] The buggy address is located 0 bytes to the right of [ 24.021601] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.023101] [ 24.023643] The buggy address belongs to the physical page: [ 24.024249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.025164] flags: 0x200000000000000(node=0|zone=2) [ 24.025710] page_type: f5(slab) [ 24.026094] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.026679] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.027555] page dumped because: kasan: bad access detected [ 24.028226] [ 24.028560] Memory state around the buggy address: [ 24.028924] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.029897] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.030445] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.031183] ^ [ 24.031792] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.032360] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.033094] ================================================================== [ 22.958804] ================================================================== [ 22.960005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 22.960731] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.961251] [ 22.961371] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.961441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.961460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.961493] Call Trace: [ 22.961518] <TASK> [ 22.961541] dump_stack_lvl+0x73/0xb0 [ 22.961582] print_report+0xd1/0x650 [ 22.961646] ? __virt_addr_valid+0x1db/0x2d0 [ 22.961700] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.961734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.961770] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.961803] kasan_report+0x141/0x180 [ 22.961837] ? kasan_atomics_helper+0x7c7/0x5450 [ 22.961875] kasan_check_range+0x10c/0x1c0 [ 22.961957] __kasan_check_write+0x18/0x20 [ 22.962037] kasan_atomics_helper+0x7c7/0x5450 [ 22.962125] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.962192] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.962228] ? kasan_atomics+0x152/0x310 [ 22.962275] kasan_atomics+0x1dc/0x310 [ 22.962306] ? __pfx_kasan_atomics+0x10/0x10 [ 22.962377] ? __pfx_read_tsc+0x10/0x10 [ 22.962416] ? ktime_get_ts64+0x86/0x230 [ 22.962454] kunit_try_run_case+0x1a5/0x480 [ 22.962488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.962519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.962558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.962596] ? __kthread_parkme+0x82/0x180 [ 22.963084] ? preempt_count_sub+0x50/0x80 [ 22.963137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.963172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.963213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.963252] kthread+0x337/0x6f0 [ 22.963282] ? trace_preempt_on+0x20/0xc0 [ 22.963317] ? __pfx_kthread+0x10/0x10 [ 22.963348] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.963384] ? calculate_sigpending+0x7b/0xa0 [ 22.963420] ? __pfx_kthread+0x10/0x10 [ 22.963451] ret_from_fork+0x116/0x1d0 [ 22.963477] ? __pfx_kthread+0x10/0x10 [ 22.963507] ret_from_fork_asm+0x1a/0x30 [ 22.963550] </TASK> [ 22.963566] [ 22.978085] Allocated by task 282: [ 22.978488] kasan_save_stack+0x45/0x70 [ 22.978920] kasan_save_track+0x18/0x40 [ 22.979353] kasan_save_alloc_info+0x3b/0x50 [ 22.979781] __kasan_kmalloc+0xb7/0xc0 [ 22.980217] __kmalloc_cache_noprof+0x189/0x420 [ 22.980701] kasan_atomics+0x95/0x310 [ 22.981110] kunit_try_run_case+0x1a5/0x480 [ 22.981552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.982077] kthread+0x337/0x6f0 [ 22.982430] ret_from_fork+0x116/0x1d0 [ 22.982835] ret_from_fork_asm+0x1a/0x30 [ 22.983285] [ 22.983527] The buggy address belongs to the object at ffff888102b73d80 [ 22.983527] which belongs to the cache kmalloc-64 of size 64 [ 22.984420] The buggy address is located 0 bytes to the right of [ 22.984420] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.985465] [ 22.985747] The buggy address belongs to the physical page: [ 22.986183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.986954] flags: 0x200000000000000(node=0|zone=2) [ 22.987406] page_type: f5(slab) [ 22.987781] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.988348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.989068] page dumped because: kasan: bad access detected [ 22.989456] [ 22.989693] Memory state around the buggy address: [ 22.990079] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.990548] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.991121] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.991838] ^ [ 22.992354] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.993114] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.993821] ================================================================== [ 23.546183] ================================================================== [ 23.546899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 23.547826] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.548839] [ 23.549353] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.549779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.549803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.549838] Call Trace: [ 23.549865] <TASK> [ 23.549913] dump_stack_lvl+0x73/0xb0 [ 23.549959] print_report+0xd1/0x650 [ 23.549995] ? __virt_addr_valid+0x1db/0x2d0 [ 23.550030] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.550062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.550096] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.550129] kasan_report+0x141/0x180 [ 23.550162] ? kasan_atomics_helper+0xfa9/0x5450 [ 23.550201] kasan_check_range+0x10c/0x1c0 [ 23.550251] __kasan_check_write+0x18/0x20 [ 23.550280] kasan_atomics_helper+0xfa9/0x5450 [ 23.550314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.550348] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.550378] ? kasan_atomics+0x152/0x310 [ 23.550410] kasan_atomics+0x1dc/0x310 [ 23.550439] ? __pfx_kasan_atomics+0x10/0x10 [ 23.550470] ? __pfx_read_tsc+0x10/0x10 [ 23.550503] ? ktime_get_ts64+0x86/0x230 [ 23.550539] kunit_try_run_case+0x1a5/0x480 [ 23.550571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.550606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.550679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.550719] ? __kthread_parkme+0x82/0x180 [ 23.550751] ? preempt_count_sub+0x50/0x80 [ 23.550785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.550817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.550853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.550916] kthread+0x337/0x6f0 [ 23.550949] ? trace_preempt_on+0x20/0xc0 [ 23.550985] ? __pfx_kthread+0x10/0x10 [ 23.551016] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.551053] ? calculate_sigpending+0x7b/0xa0 [ 23.551089] ? __pfx_kthread+0x10/0x10 [ 23.551122] ret_from_fork+0x116/0x1d0 [ 23.551149] ? __pfx_kthread+0x10/0x10 [ 23.551181] ret_from_fork_asm+0x1a/0x30 [ 23.551224] </TASK> [ 23.551240] [ 23.569844] Allocated by task 282: [ 23.570272] kasan_save_stack+0x45/0x70 [ 23.570755] kasan_save_track+0x18/0x40 [ 23.571152] kasan_save_alloc_info+0x3b/0x50 [ 23.571519] __kasan_kmalloc+0xb7/0xc0 [ 23.572045] __kmalloc_cache_noprof+0x189/0x420 [ 23.572779] kasan_atomics+0x95/0x310 [ 23.573110] kunit_try_run_case+0x1a5/0x480 [ 23.573449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.574288] kthread+0x337/0x6f0 [ 23.574702] ret_from_fork+0x116/0x1d0 [ 23.575194] ret_from_fork_asm+0x1a/0x30 [ 23.575658] [ 23.575944] The buggy address belongs to the object at ffff888102b73d80 [ 23.575944] which belongs to the cache kmalloc-64 of size 64 [ 23.576970] The buggy address is located 0 bytes to the right of [ 23.576970] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.578045] [ 23.578279] The buggy address belongs to the physical page: [ 23.578821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.579566] flags: 0x200000000000000(node=0|zone=2) [ 23.580011] page_type: f5(slab) [ 23.580306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.581127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.581835] page dumped because: kasan: bad access detected [ 23.582310] [ 23.582590] Memory state around the buggy address: [ 23.583108] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.583708] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.584228] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.584830] ^ [ 23.585470] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.586078] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.586538] ================================================================== [ 23.093801] ================================================================== [ 23.095065] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 23.096011] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.096612] [ 23.097387] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.097489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.097516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.097551] Call Trace: [ 23.097577] <TASK> [ 23.097599] dump_stack_lvl+0x73/0xb0 [ 23.097667] print_report+0xd1/0x650 [ 23.097704] ? __virt_addr_valid+0x1db/0x2d0 [ 23.097740] ? kasan_atomics_helper+0x992/0x5450 [ 23.097772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.097807] ? kasan_atomics_helper+0x992/0x5450 [ 23.097839] kasan_report+0x141/0x180 [ 23.097873] ? kasan_atomics_helper+0x992/0x5450 [ 23.097940] kasan_check_range+0x10c/0x1c0 [ 23.097981] __kasan_check_write+0x18/0x20 [ 23.098011] kasan_atomics_helper+0x992/0x5450 [ 23.098046] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.098080] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.098112] ? kasan_atomics+0x152/0x310 [ 23.098143] kasan_atomics+0x1dc/0x310 [ 23.098171] ? __pfx_kasan_atomics+0x10/0x10 [ 23.098201] ? __pfx_read_tsc+0x10/0x10 [ 23.098251] ? ktime_get_ts64+0x86/0x230 [ 23.098288] kunit_try_run_case+0x1a5/0x480 [ 23.098321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.098351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.098390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.098872] ? __kthread_parkme+0x82/0x180 [ 23.098937] ? preempt_count_sub+0x50/0x80 [ 23.098976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.099009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.099047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.099085] kthread+0x337/0x6f0 [ 23.099114] ? trace_preempt_on+0x20/0xc0 [ 23.099148] ? __pfx_kthread+0x10/0x10 [ 23.099205] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.099246] ? calculate_sigpending+0x7b/0xa0 [ 23.099286] ? __pfx_kthread+0x10/0x10 [ 23.099318] ret_from_fork+0x116/0x1d0 [ 23.099346] ? __pfx_kthread+0x10/0x10 [ 23.099377] ret_from_fork_asm+0x1a/0x30 [ 23.099421] </TASK> [ 23.099437] [ 23.120099] Allocated by task 282: [ 23.120375] kasan_save_stack+0x45/0x70 [ 23.121030] kasan_save_track+0x18/0x40 [ 23.121622] kasan_save_alloc_info+0x3b/0x50 [ 23.122315] __kasan_kmalloc+0xb7/0xc0 [ 23.122597] __kmalloc_cache_noprof+0x189/0x420 [ 23.123239] kasan_atomics+0x95/0x310 [ 23.123643] kunit_try_run_case+0x1a5/0x480 [ 23.124374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.125083] kthread+0x337/0x6f0 [ 23.125377] ret_from_fork+0x116/0x1d0 [ 23.126026] ret_from_fork_asm+0x1a/0x30 [ 23.126835] [ 23.127026] The buggy address belongs to the object at ffff888102b73d80 [ 23.127026] which belongs to the cache kmalloc-64 of size 64 [ 23.128313] The buggy address is located 0 bytes to the right of [ 23.128313] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.129377] [ 23.130006] The buggy address belongs to the physical page: [ 23.130688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.131478] flags: 0x200000000000000(node=0|zone=2) [ 23.132155] page_type: f5(slab) [ 23.132683] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.133303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.134333] page dumped because: kasan: bad access detected [ 23.134753] [ 23.135032] Memory state around the buggy address: [ 23.135930] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.136690] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.137447] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.138213] ^ [ 23.138826] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.139681] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.140322] ================================================================== [ 24.773484] ================================================================== [ 24.774292] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 24.775019] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.775782] [ 24.776600] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.776739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.776778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.776814] Call Trace: [ 24.776840] <TASK> [ 24.776904] dump_stack_lvl+0x73/0xb0 [ 24.776957] print_report+0xd1/0x650 [ 24.776994] ? __virt_addr_valid+0x1db/0x2d0 [ 24.777029] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.777062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.777095] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.777128] kasan_report+0x141/0x180 [ 24.777160] ? kasan_atomics_helper+0x1ce1/0x5450 [ 24.777200] kasan_check_range+0x10c/0x1c0 [ 24.777236] __kasan_check_write+0x18/0x20 [ 24.777265] kasan_atomics_helper+0x1ce1/0x5450 [ 24.777299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.777333] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.777364] ? kasan_atomics+0x152/0x310 [ 24.777396] kasan_atomics+0x1dc/0x310 [ 24.777424] ? __pfx_kasan_atomics+0x10/0x10 [ 24.777457] ? __pfx_read_tsc+0x10/0x10 [ 24.777490] ? ktime_get_ts64+0x86/0x230 [ 24.777527] kunit_try_run_case+0x1a5/0x480 [ 24.777558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.777985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.778036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.778076] ? __kthread_parkme+0x82/0x180 [ 24.778109] ? preempt_count_sub+0x50/0x80 [ 24.778144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.778177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.778225] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.778265] kthread+0x337/0x6f0 [ 24.778294] ? trace_preempt_on+0x20/0xc0 [ 24.778328] ? __pfx_kthread+0x10/0x10 [ 24.778359] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.778393] ? calculate_sigpending+0x7b/0xa0 [ 24.778429] ? __pfx_kthread+0x10/0x10 [ 24.778463] ret_from_fork+0x116/0x1d0 [ 24.778490] ? __pfx_kthread+0x10/0x10 [ 24.778520] ret_from_fork_asm+0x1a/0x30 [ 24.778564] </TASK> [ 24.778593] [ 24.798834] Allocated by task 282: [ 24.799149] kasan_save_stack+0x45/0x70 [ 24.799974] kasan_save_track+0x18/0x40 [ 24.800314] kasan_save_alloc_info+0x3b/0x50 [ 24.801307] __kasan_kmalloc+0xb7/0xc0 [ 24.801648] __kmalloc_cache_noprof+0x189/0x420 [ 24.802329] kasan_atomics+0x95/0x310 [ 24.803023] kunit_try_run_case+0x1a5/0x480 [ 24.803380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.804051] kthread+0x337/0x6f0 [ 24.804879] ret_from_fork+0x116/0x1d0 [ 24.805242] ret_from_fork_asm+0x1a/0x30 [ 24.805898] [ 24.806072] The buggy address belongs to the object at ffff888102b73d80 [ 24.806072] which belongs to the cache kmalloc-64 of size 64 [ 24.807618] The buggy address is located 0 bytes to the right of [ 24.807618] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.808609] [ 24.808864] The buggy address belongs to the physical page: [ 24.809332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.810323] flags: 0x200000000000000(node=0|zone=2) [ 24.810993] page_type: f5(slab) [ 24.811257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.812581] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.813312] page dumped because: kasan: bad access detected [ 24.814262] [ 24.814639] Memory state around the buggy address: [ 24.815084] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.815671] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.816257] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.816881] ^ [ 24.817258] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.817880] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.819150] ================================================================== [ 24.946016] ================================================================== [ 24.946506] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 24.947111] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.947992] [ 24.948279] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.948395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.948417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.948449] Call Trace: [ 24.948475] <TASK> [ 24.948498] dump_stack_lvl+0x73/0xb0 [ 24.948541] print_report+0xd1/0x650 [ 24.948597] ? __virt_addr_valid+0x1db/0x2d0 [ 24.948645] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.948679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.948712] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.948745] kasan_report+0x141/0x180 [ 24.948778] ? kasan_atomics_helper+0x1f43/0x5450 [ 24.948817] kasan_check_range+0x10c/0x1c0 [ 24.948886] __kasan_check_write+0x18/0x20 [ 24.948968] kasan_atomics_helper+0x1f43/0x5450 [ 24.949095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.949185] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.949268] ? kasan_atomics+0x152/0x310 [ 24.949353] kasan_atomics+0x1dc/0x310 [ 24.949473] ? __pfx_kasan_atomics+0x10/0x10 [ 24.949559] ? __pfx_read_tsc+0x10/0x10 [ 24.949829] ? ktime_get_ts64+0x86/0x230 [ 24.949945] kunit_try_run_case+0x1a5/0x480 [ 24.949997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.950033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.950074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.950113] ? __kthread_parkme+0x82/0x180 [ 24.950145] ? preempt_count_sub+0x50/0x80 [ 24.950180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.950227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.950268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.950306] kthread+0x337/0x6f0 [ 24.950335] ? trace_preempt_on+0x20/0xc0 [ 24.950369] ? __pfx_kthread+0x10/0x10 [ 24.950398] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.950432] ? calculate_sigpending+0x7b/0xa0 [ 24.950468] ? __pfx_kthread+0x10/0x10 [ 24.950498] ret_from_fork+0x116/0x1d0 [ 24.950524] ? __pfx_kthread+0x10/0x10 [ 24.950555] ret_from_fork_asm+0x1a/0x30 [ 24.950793] </TASK> [ 24.951230] [ 24.971978] Allocated by task 282: [ 24.972380] kasan_save_stack+0x45/0x70 [ 24.972840] kasan_save_track+0x18/0x40 [ 24.973310] kasan_save_alloc_info+0x3b/0x50 [ 24.973981] __kasan_kmalloc+0xb7/0xc0 [ 24.974301] __kmalloc_cache_noprof+0x189/0x420 [ 24.975620] kasan_atomics+0x95/0x310 [ 24.975955] kunit_try_run_case+0x1a5/0x480 [ 24.976501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.977371] kthread+0x337/0x6f0 [ 24.978063] ret_from_fork+0x116/0x1d0 [ 24.978417] ret_from_fork_asm+0x1a/0x30 [ 24.979115] [ 24.979322] The buggy address belongs to the object at ffff888102b73d80 [ 24.979322] which belongs to the cache kmalloc-64 of size 64 [ 24.980672] The buggy address is located 0 bytes to the right of [ 24.980672] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.981614] [ 24.982252] The buggy address belongs to the physical page: [ 24.982865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.983741] flags: 0x200000000000000(node=0|zone=2) [ 24.984380] page_type: f5(slab) [ 24.984923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.985683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.986323] page dumped because: kasan: bad access detected [ 24.986943] [ 24.987331] Memory state around the buggy address: [ 24.987919] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.988560] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.988829] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.989584] ^ [ 24.990477] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.991273] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.991816] ================================================================== [ 24.363973] ================================================================== [ 24.364690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 24.365522] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.366311] [ 24.366623] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.366757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.366801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.366891] Call Trace: [ 24.366953] <TASK> [ 24.367052] dump_stack_lvl+0x73/0xb0 [ 24.367159] print_report+0xd1/0x650 [ 24.367329] ? __virt_addr_valid+0x1db/0x2d0 [ 24.367487] ? kasan_atomics_helper+0x177f/0x5450 [ 24.367572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.367694] ? kasan_atomics_helper+0x177f/0x5450 [ 24.367776] kasan_report+0x141/0x180 [ 24.367878] ? kasan_atomics_helper+0x177f/0x5450 [ 24.368007] kasan_check_range+0x10c/0x1c0 [ 24.368103] __kasan_check_write+0x18/0x20 [ 24.368215] kasan_atomics_helper+0x177f/0x5450 [ 24.368303] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.368469] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.368550] ? kasan_atomics+0x152/0x310 [ 24.368755] kasan_atomics+0x1dc/0x310 [ 24.368832] ? __pfx_kasan_atomics+0x10/0x10 [ 24.368903] ? __pfx_read_tsc+0x10/0x10 [ 24.368945] ? ktime_get_ts64+0x86/0x230 [ 24.368983] kunit_try_run_case+0x1a5/0x480 [ 24.369015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.369046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.369086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.369125] ? __kthread_parkme+0x82/0x180 [ 24.369155] ? preempt_count_sub+0x50/0x80 [ 24.369190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.369221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.369259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.369296] kthread+0x337/0x6f0 [ 24.369325] ? trace_preempt_on+0x20/0xc0 [ 24.369360] ? __pfx_kthread+0x10/0x10 [ 24.369391] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.369424] ? calculate_sigpending+0x7b/0xa0 [ 24.369460] ? __pfx_kthread+0x10/0x10 [ 24.369492] ret_from_fork+0x116/0x1d0 [ 24.369519] ? __pfx_kthread+0x10/0x10 [ 24.369548] ret_from_fork_asm+0x1a/0x30 [ 24.369628] </TASK> [ 24.369652] [ 24.386703] Allocated by task 282: [ 24.387269] kasan_save_stack+0x45/0x70 [ 24.387739] kasan_save_track+0x18/0x40 [ 24.388277] kasan_save_alloc_info+0x3b/0x50 [ 24.388773] __kasan_kmalloc+0xb7/0xc0 [ 24.389339] __kmalloc_cache_noprof+0x189/0x420 [ 24.389693] kasan_atomics+0x95/0x310 [ 24.390378] kunit_try_run_case+0x1a5/0x480 [ 24.391031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.391773] kthread+0x337/0x6f0 [ 24.392103] ret_from_fork+0x116/0x1d0 [ 24.392520] ret_from_fork_asm+0x1a/0x30 [ 24.393112] [ 24.393364] The buggy address belongs to the object at ffff888102b73d80 [ 24.393364] which belongs to the cache kmalloc-64 of size 64 [ 24.394606] The buggy address is located 0 bytes to the right of [ 24.394606] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.395760] [ 24.396025] The buggy address belongs to the physical page: [ 24.396614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.397459] flags: 0x200000000000000(node=0|zone=2) [ 24.398088] page_type: f5(slab) [ 24.398500] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.399309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.400107] page dumped because: kasan: bad access detected [ 24.400610] [ 24.400943] Memory state around the buggy address: [ 24.401520] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.402325] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.403032] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.403743] ^ [ 24.404303] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.405003] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.405744] ================================================================== [ 25.361694] ================================================================== [ 25.362159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 25.364304] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.365053] [ 25.365361] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.365877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.365902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.365936] Call Trace: [ 25.365962] <TASK> [ 25.365985] dump_stack_lvl+0x73/0xb0 [ 25.366025] print_report+0xd1/0x650 [ 25.366058] ? __virt_addr_valid+0x1db/0x2d0 [ 25.366093] ? kasan_atomics_helper+0x5115/0x5450 [ 25.366127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.366162] ? kasan_atomics_helper+0x5115/0x5450 [ 25.366195] kasan_report+0x141/0x180 [ 25.366240] ? kasan_atomics_helper+0x5115/0x5450 [ 25.366279] __asan_report_load8_noabort+0x18/0x20 [ 25.366310] kasan_atomics_helper+0x5115/0x5450 [ 25.366344] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.366378] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.366408] ? kasan_atomics+0x152/0x310 [ 25.366440] kasan_atomics+0x1dc/0x310 [ 25.366467] ? __pfx_kasan_atomics+0x10/0x10 [ 25.366497] ? __pfx_read_tsc+0x10/0x10 [ 25.366530] ? ktime_get_ts64+0x86/0x230 [ 25.366610] kunit_try_run_case+0x1a5/0x480 [ 25.366648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.366680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.366718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.366756] ? __kthread_parkme+0x82/0x180 [ 25.366787] ? preempt_count_sub+0x50/0x80 [ 25.366822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.366879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.366919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.366958] kthread+0x337/0x6f0 [ 25.366988] ? trace_preempt_on+0x20/0xc0 [ 25.367023] ? __pfx_kthread+0x10/0x10 [ 25.367055] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.367090] ? calculate_sigpending+0x7b/0xa0 [ 25.367126] ? __pfx_kthread+0x10/0x10 [ 25.367158] ret_from_fork+0x116/0x1d0 [ 25.367186] ? __pfx_kthread+0x10/0x10 [ 25.367216] ret_from_fork_asm+0x1a/0x30 [ 25.367259] </TASK> [ 25.367274] [ 25.384376] Allocated by task 282: [ 25.384873] kasan_save_stack+0x45/0x70 [ 25.385282] kasan_save_track+0x18/0x40 [ 25.385663] kasan_save_alloc_info+0x3b/0x50 [ 25.386095] __kasan_kmalloc+0xb7/0xc0 [ 25.386706] __kmalloc_cache_noprof+0x189/0x420 [ 25.387256] kasan_atomics+0x95/0x310 [ 25.387759] kunit_try_run_case+0x1a5/0x480 [ 25.388232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.388938] kthread+0x337/0x6f0 [ 25.389330] ret_from_fork+0x116/0x1d0 [ 25.389911] ret_from_fork_asm+0x1a/0x30 [ 25.390306] [ 25.390662] The buggy address belongs to the object at ffff888102b73d80 [ 25.390662] which belongs to the cache kmalloc-64 of size 64 [ 25.391787] The buggy address is located 0 bytes to the right of [ 25.391787] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.392806] [ 25.393058] The buggy address belongs to the physical page: [ 25.393783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.394669] flags: 0x200000000000000(node=0|zone=2) [ 25.395140] page_type: f5(slab) [ 25.395696] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.396415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.397176] page dumped because: kasan: bad access detected [ 25.397856] [ 25.398105] Memory state around the buggy address: [ 25.398704] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.399432] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.400156] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.400860] ^ [ 25.401357] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.402070] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.402795] ================================================================== [ 23.189871] ================================================================== [ 23.190694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 23.191201] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.191849] [ 23.192175] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.192308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.192352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.192416] Call Trace: [ 23.192472] <TASK> [ 23.192523] dump_stack_lvl+0x73/0xb0 [ 23.192597] print_report+0xd1/0x650 [ 23.192668] ? __virt_addr_valid+0x1db/0x2d0 [ 23.192732] ? kasan_atomics_helper+0xac7/0x5450 [ 23.192790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.192856] ? kasan_atomics_helper+0xac7/0x5450 [ 23.192941] kasan_report+0x141/0x180 [ 23.193146] ? kasan_atomics_helper+0xac7/0x5450 [ 23.193287] kasan_check_range+0x10c/0x1c0 [ 23.193418] __kasan_check_write+0x18/0x20 [ 23.193520] kasan_atomics_helper+0xac7/0x5450 [ 23.193631] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.193719] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.193795] ? kasan_atomics+0x152/0x310 [ 23.193879] kasan_atomics+0x1dc/0x310 [ 23.193976] ? __pfx_kasan_atomics+0x10/0x10 [ 23.194059] ? __pfx_read_tsc+0x10/0x10 [ 23.194138] ? ktime_get_ts64+0x86/0x230 [ 23.194255] kunit_try_run_case+0x1a5/0x480 [ 23.194364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.194441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.194523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.194607] ? __kthread_parkme+0x82/0x180 [ 23.194680] ? preempt_count_sub+0x50/0x80 [ 23.194719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.194750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.194788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.194827] kthread+0x337/0x6f0 [ 23.194856] ? trace_preempt_on+0x20/0xc0 [ 23.194913] ? __pfx_kthread+0x10/0x10 [ 23.194950] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.194985] ? calculate_sigpending+0x7b/0xa0 [ 23.195021] ? __pfx_kthread+0x10/0x10 [ 23.195053] ret_from_fork+0x116/0x1d0 [ 23.195081] ? __pfx_kthread+0x10/0x10 [ 23.195112] ret_from_fork_asm+0x1a/0x30 [ 23.195156] </TASK> [ 23.195172] [ 23.210807] Allocated by task 282: [ 23.211227] kasan_save_stack+0x45/0x70 [ 23.211662] kasan_save_track+0x18/0x40 [ 23.212154] kasan_save_alloc_info+0x3b/0x50 [ 23.212589] __kasan_kmalloc+0xb7/0xc0 [ 23.213061] __kmalloc_cache_noprof+0x189/0x420 [ 23.213571] kasan_atomics+0x95/0x310 [ 23.214023] kunit_try_run_case+0x1a5/0x480 [ 23.214456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.215138] kthread+0x337/0x6f0 [ 23.215512] ret_from_fork+0x116/0x1d0 [ 23.215954] ret_from_fork_asm+0x1a/0x30 [ 23.216290] [ 23.216483] The buggy address belongs to the object at ffff888102b73d80 [ 23.216483] which belongs to the cache kmalloc-64 of size 64 [ 23.217349] The buggy address is located 0 bytes to the right of [ 23.217349] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.218743] [ 23.218959] The buggy address belongs to the physical page: [ 23.219338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.219930] flags: 0x200000000000000(node=0|zone=2) [ 23.220417] page_type: f5(slab) [ 23.220696] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.221385] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.222135] page dumped because: kasan: bad access detected [ 23.222663] [ 23.222944] Memory state around the buggy address: [ 23.223396] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.224051] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.224680] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.225371] ^ [ 23.225948] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.226565] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.227247] ================================================================== [ 22.815420] ================================================================== [ 22.817216] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 22.818059] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.819238] [ 22.819692] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.819994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.820036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.820073] Call Trace: [ 22.820099] <TASK> [ 22.820122] dump_stack_lvl+0x73/0xb0 [ 22.820163] print_report+0xd1/0x650 [ 22.820197] ? __virt_addr_valid+0x1db/0x2d0 [ 22.820231] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.820263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.820296] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.820330] kasan_report+0x141/0x180 [ 22.820363] ? kasan_atomics_helper+0x5fe/0x5450 [ 22.820401] kasan_check_range+0x10c/0x1c0 [ 22.820437] __kasan_check_write+0x18/0x20 [ 22.820466] kasan_atomics_helper+0x5fe/0x5450 [ 22.820500] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.820534] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.820566] ? kasan_atomics+0x152/0x310 [ 22.820601] kasan_atomics+0x1dc/0x310 [ 22.820651] ? __pfx_kasan_atomics+0x10/0x10 [ 22.820696] ? __pfx_read_tsc+0x10/0x10 [ 22.820732] ? ktime_get_ts64+0x86/0x230 [ 22.820769] kunit_try_run_case+0x1a5/0x480 [ 22.820801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.820830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.820868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.820930] ? __kthread_parkme+0x82/0x180 [ 22.820970] ? preempt_count_sub+0x50/0x80 [ 22.821005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.821038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.821076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.821113] kthread+0x337/0x6f0 [ 22.821142] ? trace_preempt_on+0x20/0xc0 [ 22.821175] ? __pfx_kthread+0x10/0x10 [ 22.821205] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.821240] ? calculate_sigpending+0x7b/0xa0 [ 22.821275] ? __pfx_kthread+0x10/0x10 [ 22.821306] ret_from_fork+0x116/0x1d0 [ 22.821333] ? __pfx_kthread+0x10/0x10 [ 22.821363] ret_from_fork_asm+0x1a/0x30 [ 22.821407] </TASK> [ 22.821422] [ 22.838285] Allocated by task 282: [ 22.838710] kasan_save_stack+0x45/0x70 [ 22.839160] kasan_save_track+0x18/0x40 [ 22.839572] kasan_save_alloc_info+0x3b/0x50 [ 22.840111] __kasan_kmalloc+0xb7/0xc0 [ 22.840585] __kmalloc_cache_noprof+0x189/0x420 [ 22.841129] kasan_atomics+0x95/0x310 [ 22.841509] kunit_try_run_case+0x1a5/0x480 [ 22.842076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.842503] kthread+0x337/0x6f0 [ 22.842876] ret_from_fork+0x116/0x1d0 [ 22.843452] ret_from_fork_asm+0x1a/0x30 [ 22.844006] [ 22.844223] The buggy address belongs to the object at ffff888102b73d80 [ 22.844223] which belongs to the cache kmalloc-64 of size 64 [ 22.845158] The buggy address is located 0 bytes to the right of [ 22.845158] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.846261] [ 22.846460] The buggy address belongs to the physical page: [ 22.846953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.847698] flags: 0x200000000000000(node=0|zone=2) [ 22.848525] page_type: f5(slab) [ 22.848876] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.849489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.850475] page dumped because: kasan: bad access detected [ 22.851393] [ 22.851584] Memory state around the buggy address: [ 22.851943] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.853847] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.854843] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.855454] ^ [ 22.855854] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.856494] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.857304] ================================================================== [ 23.273814] ================================================================== [ 23.274933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 23.275997] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.276538] [ 23.277052] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.277189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.277253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.277349] Call Trace: [ 23.277407] <TASK> [ 23.277458] dump_stack_lvl+0x73/0xb0 [ 23.277518] print_report+0xd1/0x650 [ 23.277554] ? __virt_addr_valid+0x1db/0x2d0 [ 23.277589] ? kasan_atomics_helper+0xc70/0x5450 [ 23.277671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.277711] ? kasan_atomics_helper+0xc70/0x5450 [ 23.277745] kasan_report+0x141/0x180 [ 23.277783] ? kasan_atomics_helper+0xc70/0x5450 [ 23.277821] kasan_check_range+0x10c/0x1c0 [ 23.277857] __kasan_check_write+0x18/0x20 [ 23.277909] kasan_atomics_helper+0xc70/0x5450 [ 23.277951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.277986] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.278018] ? kasan_atomics+0x152/0x310 [ 23.278050] kasan_atomics+0x1dc/0x310 [ 23.278078] ? __pfx_kasan_atomics+0x10/0x10 [ 23.278109] ? __pfx_read_tsc+0x10/0x10 [ 23.278143] ? ktime_get_ts64+0x86/0x230 [ 23.278178] kunit_try_run_case+0x1a5/0x480 [ 23.278209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.278249] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.278288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.278324] ? __kthread_parkme+0x82/0x180 [ 23.278355] ? preempt_count_sub+0x50/0x80 [ 23.278389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.278419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.278456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.278493] kthread+0x337/0x6f0 [ 23.278521] ? trace_preempt_on+0x20/0xc0 [ 23.278554] ? __pfx_kthread+0x10/0x10 [ 23.278584] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.278639] ? calculate_sigpending+0x7b/0xa0 [ 23.278687] ? __pfx_kthread+0x10/0x10 [ 23.278720] ret_from_fork+0x116/0x1d0 [ 23.278748] ? __pfx_kthread+0x10/0x10 [ 23.278777] ret_from_fork_asm+0x1a/0x30 [ 23.278821] </TASK> [ 23.278838] [ 23.294463] Allocated by task 282: [ 23.294758] kasan_save_stack+0x45/0x70 [ 23.295254] kasan_save_track+0x18/0x40 [ 23.295689] kasan_save_alloc_info+0x3b/0x50 [ 23.296186] __kasan_kmalloc+0xb7/0xc0 [ 23.296854] __kmalloc_cache_noprof+0x189/0x420 [ 23.297339] kasan_atomics+0x95/0x310 [ 23.297661] kunit_try_run_case+0x1a5/0x480 [ 23.298107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.298700] kthread+0x337/0x6f0 [ 23.299138] ret_from_fork+0x116/0x1d0 [ 23.299570] ret_from_fork_asm+0x1a/0x30 [ 23.300064] [ 23.300259] The buggy address belongs to the object at ffff888102b73d80 [ 23.300259] which belongs to the cache kmalloc-64 of size 64 [ 23.301159] The buggy address is located 0 bytes to the right of [ 23.301159] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.303250] [ 23.303450] The buggy address belongs to the physical page: [ 23.304016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.304758] flags: 0x200000000000000(node=0|zone=2) [ 23.305296] page_type: f5(slab) [ 23.305690] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.306240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.306745] page dumped because: kasan: bad access detected [ 23.307971] [ 23.308221] Memory state around the buggy address: [ 23.308619] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.310640] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.311291] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.311869] ^ [ 23.312388] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.313176] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.313849] ================================================================== [ 23.754774] ================================================================== [ 23.756234] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 23.757063] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.758268] [ 23.758504] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.758636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.758671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.758706] Call Trace: [ 23.758730] <TASK> [ 23.758753] dump_stack_lvl+0x73/0xb0 [ 23.758820] print_report+0xd1/0x650 [ 23.758870] ? __virt_addr_valid+0x1db/0x2d0 [ 23.758969] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.759049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.759102] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.759136] kasan_report+0x141/0x180 [ 23.759170] ? kasan_atomics_helper+0x4a02/0x5450 [ 23.759210] __asan_report_load4_noabort+0x18/0x20 [ 23.759241] kasan_atomics_helper+0x4a02/0x5450 [ 23.759274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.759308] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.759339] ? kasan_atomics+0x152/0x310 [ 23.759370] kasan_atomics+0x1dc/0x310 [ 23.759398] ? __pfx_kasan_atomics+0x10/0x10 [ 23.759428] ? __pfx_read_tsc+0x10/0x10 [ 23.759460] ? ktime_get_ts64+0x86/0x230 [ 23.759498] kunit_try_run_case+0x1a5/0x480 [ 23.759528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.759558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.759605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.759669] ? __kthread_parkme+0x82/0x180 [ 23.759701] ? preempt_count_sub+0x50/0x80 [ 23.759736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.759768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.759806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.759845] kthread+0x337/0x6f0 [ 23.760049] ? trace_preempt_on+0x20/0xc0 [ 23.760100] ? __pfx_kthread+0x10/0x10 [ 23.760134] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.760170] ? calculate_sigpending+0x7b/0xa0 [ 23.760205] ? __pfx_kthread+0x10/0x10 [ 23.760239] ret_from_fork+0x116/0x1d0 [ 23.760267] ? __pfx_kthread+0x10/0x10 [ 23.760299] ret_from_fork_asm+0x1a/0x30 [ 23.760344] </TASK> [ 23.760360] [ 23.780863] Allocated by task 282: [ 23.781219] kasan_save_stack+0x45/0x70 [ 23.781665] kasan_save_track+0x18/0x40 [ 23.782484] kasan_save_alloc_info+0x3b/0x50 [ 23.783206] __kasan_kmalloc+0xb7/0xc0 [ 23.783588] __kmalloc_cache_noprof+0x189/0x420 [ 23.784315] kasan_atomics+0x95/0x310 [ 23.784933] kunit_try_run_case+0x1a5/0x480 [ 23.785493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.786172] kthread+0x337/0x6f0 [ 23.786585] ret_from_fork+0x116/0x1d0 [ 23.787295] ret_from_fork_asm+0x1a/0x30 [ 23.787927] [ 23.788327] The buggy address belongs to the object at ffff888102b73d80 [ 23.788327] which belongs to the cache kmalloc-64 of size 64 [ 23.789518] The buggy address is located 0 bytes to the right of [ 23.789518] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.790581] [ 23.790792] The buggy address belongs to the physical page: [ 23.791440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.792205] flags: 0x200000000000000(node=0|zone=2) [ 23.792643] page_type: f5(slab) [ 23.793179] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.793919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.794793] page dumped because: kasan: bad access detected [ 23.795373] [ 23.795650] Memory state around the buggy address: [ 23.796156] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.796939] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.797649] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.798292] ^ [ 23.798817] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.799498] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.800193] ================================================================== [ 24.128965] ================================================================== [ 24.129569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 24.130347] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.130987] [ 24.131198] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.131368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.131443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.131514] Call Trace: [ 24.131574] <TASK> [ 24.131690] dump_stack_lvl+0x73/0xb0 [ 24.131814] print_report+0xd1/0x650 [ 24.131914] ? __virt_addr_valid+0x1db/0x2d0 [ 24.132024] ? kasan_atomics_helper+0x50d4/0x5450 [ 24.132133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.132214] ? kasan_atomics_helper+0x50d4/0x5450 [ 24.132276] kasan_report+0x141/0x180 [ 24.132332] ? kasan_atomics_helper+0x50d4/0x5450 [ 24.132419] __asan_report_store8_noabort+0x1b/0x30 [ 24.132527] kasan_atomics_helper+0x50d4/0x5450 [ 24.132680] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.132765] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.132892] ? kasan_atomics+0x152/0x310 [ 24.132983] kasan_atomics+0x1dc/0x310 [ 24.133055] ? __pfx_kasan_atomics+0x10/0x10 [ 24.133090] ? __pfx_read_tsc+0x10/0x10 [ 24.133125] ? ktime_get_ts64+0x86/0x230 [ 24.133161] kunit_try_run_case+0x1a5/0x480 [ 24.133195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.133225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.133266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.133304] ? __kthread_parkme+0x82/0x180 [ 24.133335] ? preempt_count_sub+0x50/0x80 [ 24.133370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.133400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.133437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.133474] kthread+0x337/0x6f0 [ 24.133504] ? trace_preempt_on+0x20/0xc0 [ 24.133537] ? __pfx_kthread+0x10/0x10 [ 24.133568] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.133655] ? calculate_sigpending+0x7b/0xa0 [ 24.133696] ? __pfx_kthread+0x10/0x10 [ 24.133729] ret_from_fork+0x116/0x1d0 [ 24.133757] ? __pfx_kthread+0x10/0x10 [ 24.133788] ret_from_fork_asm+0x1a/0x30 [ 24.133833] </TASK> [ 24.133850] [ 24.155266] Allocated by task 282: [ 24.155637] kasan_save_stack+0x45/0x70 [ 24.155983] kasan_save_track+0x18/0x40 [ 24.156293] kasan_save_alloc_info+0x3b/0x50 [ 24.157197] __kasan_kmalloc+0xb7/0xc0 [ 24.157641] __kmalloc_cache_noprof+0x189/0x420 [ 24.158401] kasan_atomics+0x95/0x310 [ 24.158769] kunit_try_run_case+0x1a5/0x480 [ 24.159266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.159878] kthread+0x337/0x6f0 [ 24.160216] ret_from_fork+0x116/0x1d0 [ 24.160610] ret_from_fork_asm+0x1a/0x30 [ 24.161254] [ 24.161493] The buggy address belongs to the object at ffff888102b73d80 [ 24.161493] which belongs to the cache kmalloc-64 of size 64 [ 24.162371] The buggy address is located 0 bytes to the right of [ 24.162371] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.163448] [ 24.163840] The buggy address belongs to the physical page: [ 24.164660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.165469] flags: 0x200000000000000(node=0|zone=2) [ 24.165967] page_type: f5(slab) [ 24.166469] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.167574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.168174] page dumped because: kasan: bad access detected [ 24.168631] [ 24.169380] Memory state around the buggy address: [ 24.169804] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.170533] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.171333] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.171919] ^ [ 24.172368] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.173058] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.173558] ================================================================== [ 24.639345] ================================================================== [ 24.639950] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 24.640493] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.641745] [ 24.642424] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.642593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.642640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.642674] Call Trace: [ 24.642693] <TASK> [ 24.642715] dump_stack_lvl+0x73/0xb0 [ 24.642752] print_report+0xd1/0x650 [ 24.642785] ? __virt_addr_valid+0x1db/0x2d0 [ 24.642820] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.642880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.642919] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.642954] kasan_report+0x141/0x180 [ 24.642988] ? kasan_atomics_helper+0x1b22/0x5450 [ 24.643028] kasan_check_range+0x10c/0x1c0 [ 24.643064] __kasan_check_write+0x18/0x20 [ 24.643094] kasan_atomics_helper+0x1b22/0x5450 [ 24.643128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.643163] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.643193] ? kasan_atomics+0x152/0x310 [ 24.643225] kasan_atomics+0x1dc/0x310 [ 24.643255] ? __pfx_kasan_atomics+0x10/0x10 [ 24.643284] ? __pfx_read_tsc+0x10/0x10 [ 24.643317] ? ktime_get_ts64+0x86/0x230 [ 24.643353] kunit_try_run_case+0x1a5/0x480 [ 24.643384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.643413] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.643450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.643487] ? __kthread_parkme+0x82/0x180 [ 24.643516] ? preempt_count_sub+0x50/0x80 [ 24.643550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.643591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.643650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.643689] kthread+0x337/0x6f0 [ 24.643718] ? trace_preempt_on+0x20/0xc0 [ 24.643752] ? __pfx_kthread+0x10/0x10 [ 24.643783] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.643818] ? calculate_sigpending+0x7b/0xa0 [ 24.643875] ? __pfx_kthread+0x10/0x10 [ 24.643914] ret_from_fork+0x116/0x1d0 [ 24.643942] ? __pfx_kthread+0x10/0x10 [ 24.643974] ret_from_fork_asm+0x1a/0x30 [ 24.644018] </TASK> [ 24.644033] [ 24.663441] Allocated by task 282: [ 24.664315] kasan_save_stack+0x45/0x70 [ 24.664633] kasan_save_track+0x18/0x40 [ 24.665048] kasan_save_alloc_info+0x3b/0x50 [ 24.665437] __kasan_kmalloc+0xb7/0xc0 [ 24.666412] __kmalloc_cache_noprof+0x189/0x420 [ 24.666708] kasan_atomics+0x95/0x310 [ 24.667565] kunit_try_run_case+0x1a5/0x480 [ 24.668259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.668469] kthread+0x337/0x6f0 [ 24.668777] ret_from_fork+0x116/0x1d0 [ 24.669505] ret_from_fork_asm+0x1a/0x30 [ 24.670181] [ 24.670475] The buggy address belongs to the object at ffff888102b73d80 [ 24.670475] which belongs to the cache kmalloc-64 of size 64 [ 24.671897] The buggy address is located 0 bytes to the right of [ 24.671897] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.673059] [ 24.673243] The buggy address belongs to the physical page: [ 24.673644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.674228] flags: 0x200000000000000(node=0|zone=2) [ 24.674617] page_type: f5(slab) [ 24.674957] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.675453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.676220] page dumped because: kasan: bad access detected [ 24.676593] [ 24.676795] Memory state around the buggy address: [ 24.677177] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.677893] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.678488] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.679299] ^ [ 24.679887] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.680402] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.681128] ================================================================== [ 22.580797] ================================================================== [ 22.582384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 22.582873] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.583546] [ 22.583775] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.583903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.584007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.584100] Call Trace: [ 22.584156] <TASK> [ 22.584206] dump_stack_lvl+0x73/0xb0 [ 22.584294] print_report+0xd1/0x650 [ 22.584396] ? __virt_addr_valid+0x1db/0x2d0 [ 22.584511] ? kasan_atomics_helper+0x3df/0x5450 [ 22.584593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.584724] ? kasan_atomics_helper+0x3df/0x5450 [ 22.584804] kasan_report+0x141/0x180 [ 22.584887] ? kasan_atomics_helper+0x3df/0x5450 [ 22.584978] kasan_check_range+0x10c/0x1c0 [ 22.585017] __kasan_check_read+0x15/0x20 [ 22.585047] kasan_atomics_helper+0x3df/0x5450 [ 22.585081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.585115] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.585147] ? kasan_atomics+0x152/0x310 [ 22.585178] kasan_atomics+0x1dc/0x310 [ 22.585206] ? __pfx_kasan_atomics+0x10/0x10 [ 22.585236] ? __pfx_read_tsc+0x10/0x10 [ 22.585270] ? ktime_get_ts64+0x86/0x230 [ 22.585305] kunit_try_run_case+0x1a5/0x480 [ 22.585337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.585365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.585403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.585440] ? __kthread_parkme+0x82/0x180 [ 22.585470] ? preempt_count_sub+0x50/0x80 [ 22.585505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.585535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.585571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.585609] kthread+0x337/0x6f0 [ 22.585688] ? trace_preempt_on+0x20/0xc0 [ 22.585726] ? __pfx_kthread+0x10/0x10 [ 22.585757] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.585792] ? calculate_sigpending+0x7b/0xa0 [ 22.585827] ? __pfx_kthread+0x10/0x10 [ 22.585859] ret_from_fork+0x116/0x1d0 [ 22.585886] ? __pfx_kthread+0x10/0x10 [ 22.585943] ret_from_fork_asm+0x1a/0x30 [ 22.585991] </TASK> [ 22.586007] [ 22.601348] Allocated by task 282: [ 22.601703] kasan_save_stack+0x45/0x70 [ 22.602204] kasan_save_track+0x18/0x40 [ 22.602575] kasan_save_alloc_info+0x3b/0x50 [ 22.603111] __kasan_kmalloc+0xb7/0xc0 [ 22.603495] __kmalloc_cache_noprof+0x189/0x420 [ 22.604196] kasan_atomics+0x95/0x310 [ 22.604507] kunit_try_run_case+0x1a5/0x480 [ 22.604843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.605429] kthread+0x337/0x6f0 [ 22.605942] ret_from_fork+0x116/0x1d0 [ 22.606415] ret_from_fork_asm+0x1a/0x30 [ 22.606843] [ 22.607235] The buggy address belongs to the object at ffff888102b73d80 [ 22.607235] which belongs to the cache kmalloc-64 of size 64 [ 22.607966] The buggy address is located 0 bytes to the right of [ 22.607966] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.608693] [ 22.608961] The buggy address belongs to the physical page: [ 22.609803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.610572] flags: 0x200000000000000(node=0|zone=2) [ 22.611106] page_type: f5(slab) [ 22.611399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.611882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.612562] page dumped because: kasan: bad access detected [ 22.613161] [ 22.614680] Memory state around the buggy address: [ 22.615182] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.617346] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.617742] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.618153] ^ [ 22.618504] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.618904] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.621858] ================================================================== [ 23.356026] ================================================================== [ 23.356447] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 23.356725] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.357422] [ 23.357999] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.358135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.358176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.358250] Call Trace: [ 23.358304] <TASK> [ 23.358342] dump_stack_lvl+0x73/0xb0 [ 23.358385] print_report+0xd1/0x650 [ 23.358420] ? __virt_addr_valid+0x1db/0x2d0 [ 23.358455] ? kasan_atomics_helper+0xd47/0x5450 [ 23.358537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.358601] ? kasan_atomics_helper+0xd47/0x5450 [ 23.358683] kasan_report+0x141/0x180 [ 23.358769] ? kasan_atomics_helper+0xd47/0x5450 [ 23.358863] kasan_check_range+0x10c/0x1c0 [ 23.359070] __kasan_check_write+0x18/0x20 [ 23.359151] kasan_atomics_helper+0xd47/0x5450 [ 23.359235] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.359316] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.359393] ? kasan_atomics+0x152/0x310 [ 23.359474] kasan_atomics+0x1dc/0x310 [ 23.359549] ? __pfx_kasan_atomics+0x10/0x10 [ 23.359665] ? __pfx_read_tsc+0x10/0x10 [ 23.359746] ? ktime_get_ts64+0x86/0x230 [ 23.359868] kunit_try_run_case+0x1a5/0x480 [ 23.359970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.360084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.360219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.360372] ? __kthread_parkme+0x82/0x180 [ 23.360460] ? preempt_count_sub+0x50/0x80 [ 23.360693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.360782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.360873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.360979] kthread+0x337/0x6f0 [ 23.361055] ? trace_preempt_on+0x20/0xc0 [ 23.361135] ? __pfx_kthread+0x10/0x10 [ 23.361212] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.361258] ? calculate_sigpending+0x7b/0xa0 [ 23.361296] ? __pfx_kthread+0x10/0x10 [ 23.361329] ret_from_fork+0x116/0x1d0 [ 23.361357] ? __pfx_kthread+0x10/0x10 [ 23.361388] ret_from_fork_asm+0x1a/0x30 [ 23.361434] </TASK> [ 23.361449] [ 23.379096] Allocated by task 282: [ 23.379469] kasan_save_stack+0x45/0x70 [ 23.379802] kasan_save_track+0x18/0x40 [ 23.380302] kasan_save_alloc_info+0x3b/0x50 [ 23.380863] __kasan_kmalloc+0xb7/0xc0 [ 23.381361] __kmalloc_cache_noprof+0x189/0x420 [ 23.381911] kasan_atomics+0x95/0x310 [ 23.382340] kunit_try_run_case+0x1a5/0x480 [ 23.382739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.383354] kthread+0x337/0x6f0 [ 23.383786] ret_from_fork+0x116/0x1d0 [ 23.384178] ret_from_fork_asm+0x1a/0x30 [ 23.384576] [ 23.384945] The buggy address belongs to the object at ffff888102b73d80 [ 23.384945] which belongs to the cache kmalloc-64 of size 64 [ 23.386454] The buggy address is located 0 bytes to the right of [ 23.386454] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.389196] [ 23.389459] The buggy address belongs to the physical page: [ 23.390251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.391597] flags: 0x200000000000000(node=0|zone=2) [ 23.392086] page_type: f5(slab) [ 23.392419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.393583] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.394412] page dumped because: kasan: bad access detected [ 23.395194] [ 23.395584] Memory state around the buggy address: [ 23.395971] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.396799] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.397575] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.398340] ^ [ 23.398731] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.399532] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.400311] ================================================================== [ 22.538899] ================================================================== [ 22.539529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 22.540330] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.541074] [ 22.541431] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.541599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.541646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.541711] Call Trace: [ 22.541820] <TASK> [ 22.541902] dump_stack_lvl+0x73/0xb0 [ 22.542008] print_report+0xd1/0x650 [ 22.542146] ? __virt_addr_valid+0x1db/0x2d0 [ 22.542273] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.542345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.542384] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.542421] kasan_report+0x141/0x180 [ 22.542456] ? kasan_atomics_helper+0x4b6e/0x5450 [ 22.542495] __asan_report_store4_noabort+0x1b/0x30 [ 22.542527] kasan_atomics_helper+0x4b6e/0x5450 [ 22.542562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.542596] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.542633] ? kasan_atomics+0x152/0x310 [ 22.542708] kasan_atomics+0x1dc/0x310 [ 22.542738] ? __pfx_kasan_atomics+0x10/0x10 [ 22.542768] ? __pfx_read_tsc+0x10/0x10 [ 22.542802] ? ktime_get_ts64+0x86/0x230 [ 22.542837] kunit_try_run_case+0x1a5/0x480 [ 22.542869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.542897] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.542965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.543005] ? __kthread_parkme+0x82/0x180 [ 22.543037] ? preempt_count_sub+0x50/0x80 [ 22.543072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.543103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.543139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.543177] kthread+0x337/0x6f0 [ 22.543206] ? trace_preempt_on+0x20/0xc0 [ 22.543239] ? __pfx_kthread+0x10/0x10 [ 22.543269] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.543304] ? calculate_sigpending+0x7b/0xa0 [ 22.543340] ? __pfx_kthread+0x10/0x10 [ 22.543372] ret_from_fork+0x116/0x1d0 [ 22.543398] ? __pfx_kthread+0x10/0x10 [ 22.543429] ret_from_fork_asm+0x1a/0x30 [ 22.543471] </TASK> [ 22.543487] [ 22.562175] Allocated by task 282: [ 22.562557] kasan_save_stack+0x45/0x70 [ 22.563100] kasan_save_track+0x18/0x40 [ 22.563580] kasan_save_alloc_info+0x3b/0x50 [ 22.564150] __kasan_kmalloc+0xb7/0xc0 [ 22.564581] __kmalloc_cache_noprof+0x189/0x420 [ 22.565152] kasan_atomics+0x95/0x310 [ 22.565567] kunit_try_run_case+0x1a5/0x480 [ 22.566061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.566608] kthread+0x337/0x6f0 [ 22.567055] ret_from_fork+0x116/0x1d0 [ 22.567410] ret_from_fork_asm+0x1a/0x30 [ 22.567982] [ 22.568251] The buggy address belongs to the object at ffff888102b73d80 [ 22.568251] which belongs to the cache kmalloc-64 of size 64 [ 22.569249] The buggy address is located 0 bytes to the right of [ 22.569249] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.570326] [ 22.570587] The buggy address belongs to the physical page: [ 22.571149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.571882] flags: 0x200000000000000(node=0|zone=2) [ 22.572345] page_type: f5(slab) [ 22.572788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.573525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.574249] page dumped because: kasan: bad access detected [ 22.574845] [ 22.575152] Memory state around the buggy address: [ 22.575564] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.576191] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.576803] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.577435] ^ [ 22.577987] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.578611] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.579288] ================================================================== [ 23.671174] ================================================================== [ 23.671629] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 23.673150] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.673791] [ 23.674053] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.674186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.674246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.674312] Call Trace: [ 23.674368] <TASK> [ 23.674421] dump_stack_lvl+0x73/0xb0 [ 23.674507] print_report+0xd1/0x650 [ 23.674580] ? __virt_addr_valid+0x1db/0x2d0 [ 23.674652] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.674717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.674785] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.674851] kasan_report+0x141/0x180 [ 23.674950] ? kasan_atomics_helper+0x4a1c/0x5450 [ 23.675027] __asan_report_load4_noabort+0x18/0x20 [ 23.675118] kasan_atomics_helper+0x4a1c/0x5450 [ 23.675208] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.675290] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.675374] ? kasan_atomics+0x152/0x310 [ 23.675461] kasan_atomics+0x1dc/0x310 [ 23.675541] ? __pfx_kasan_atomics+0x10/0x10 [ 23.675618] ? __pfx_read_tsc+0x10/0x10 [ 23.675699] ? ktime_get_ts64+0x86/0x230 [ 23.675790] kunit_try_run_case+0x1a5/0x480 [ 23.675890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.675959] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.676035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.676075] ? __kthread_parkme+0x82/0x180 [ 23.676108] ? preempt_count_sub+0x50/0x80 [ 23.676144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.676176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.676212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.676249] kthread+0x337/0x6f0 [ 23.676279] ? trace_preempt_on+0x20/0xc0 [ 23.676311] ? __pfx_kthread+0x10/0x10 [ 23.676342] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.676377] ? calculate_sigpending+0x7b/0xa0 [ 23.676413] ? __pfx_kthread+0x10/0x10 [ 23.676444] ret_from_fork+0x116/0x1d0 [ 23.676471] ? __pfx_kthread+0x10/0x10 [ 23.676502] ret_from_fork_asm+0x1a/0x30 [ 23.676544] </TASK> [ 23.676561] [ 23.689200] Allocated by task 282: [ 23.689540] kasan_save_stack+0x45/0x70 [ 23.693230] kasan_save_track+0x18/0x40 [ 23.694680] kasan_save_alloc_info+0x3b/0x50 [ 23.696026] __kasan_kmalloc+0xb7/0xc0 [ 23.696386] __kmalloc_cache_noprof+0x189/0x420 [ 23.697730] kasan_atomics+0x95/0x310 [ 23.698502] kunit_try_run_case+0x1a5/0x480 [ 23.698976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.699495] kthread+0x337/0x6f0 [ 23.700326] ret_from_fork+0x116/0x1d0 [ 23.701241] ret_from_fork_asm+0x1a/0x30 [ 23.701649] [ 23.701920] The buggy address belongs to the object at ffff888102b73d80 [ 23.701920] which belongs to the cache kmalloc-64 of size 64 [ 23.702857] The buggy address is located 0 bytes to the right of [ 23.702857] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.703862] [ 23.704125] The buggy address belongs to the physical page: [ 23.704545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.705262] flags: 0x200000000000000(node=0|zone=2) [ 23.705785] page_type: f5(slab) [ 23.706207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.706853] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.707486] page dumped because: kasan: bad access detected [ 23.708069] [ 23.708282] Memory state around the buggy address: [ 23.708788] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.709431] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.710096] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.710706] ^ [ 23.711148] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.711818] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.712389] ================================================================== [ 24.548299] ================================================================== [ 24.548939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 24.549790] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.550309] [ 24.550578] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.550746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.550797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.550875] Call Trace: [ 24.550932] <TASK> [ 24.550979] dump_stack_lvl+0x73/0xb0 [ 24.551054] print_report+0xd1/0x650 [ 24.551130] ? __virt_addr_valid+0x1db/0x2d0 [ 24.551204] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.551272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.551369] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.551493] kasan_report+0x141/0x180 [ 24.551581] ? kasan_atomics_helper+0x19e3/0x5450 [ 24.551693] kasan_check_range+0x10c/0x1c0 [ 24.551778] __kasan_check_write+0x18/0x20 [ 24.551871] kasan_atomics_helper+0x19e3/0x5450 [ 24.551958] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.552043] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.552126] ? kasan_atomics+0x152/0x310 [ 24.552205] kasan_atomics+0x1dc/0x310 [ 24.552256] ? __pfx_kasan_atomics+0x10/0x10 [ 24.552327] ? __pfx_read_tsc+0x10/0x10 [ 24.552405] ? ktime_get_ts64+0x86/0x230 [ 24.552492] kunit_try_run_case+0x1a5/0x480 [ 24.552572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.552651] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.552736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.552817] ? __kthread_parkme+0x82/0x180 [ 24.552920] ? preempt_count_sub+0x50/0x80 [ 24.553006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.553087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.553180] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.553266] kthread+0x337/0x6f0 [ 24.553337] ? trace_preempt_on+0x20/0xc0 [ 24.553419] ? __pfx_kthread+0x10/0x10 [ 24.553491] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.553568] ? calculate_sigpending+0x7b/0xa0 [ 24.553674] ? __pfx_kthread+0x10/0x10 [ 24.553750] ret_from_fork+0x116/0x1d0 [ 24.553820] ? __pfx_kthread+0x10/0x10 [ 24.553914] ret_from_fork_asm+0x1a/0x30 [ 24.553971] </TASK> [ 24.553991] [ 24.570797] Allocated by task 282: [ 24.571137] kasan_save_stack+0x45/0x70 [ 24.571474] kasan_save_track+0x18/0x40 [ 24.571806] kasan_save_alloc_info+0x3b/0x50 [ 24.572143] __kasan_kmalloc+0xb7/0xc0 [ 24.572423] __kmalloc_cache_noprof+0x189/0x420 [ 24.572738] kasan_atomics+0x95/0x310 [ 24.574421] kunit_try_run_case+0x1a5/0x480 [ 24.575191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.575772] kthread+0x337/0x6f0 [ 24.576174] ret_from_fork+0x116/0x1d0 [ 24.576339] ret_from_fork_asm+0x1a/0x30 [ 24.576505] [ 24.576685] The buggy address belongs to the object at ffff888102b73d80 [ 24.576685] which belongs to the cache kmalloc-64 of size 64 [ 24.578711] The buggy address is located 0 bytes to the right of [ 24.578711] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.579932] [ 24.580221] The buggy address belongs to the physical page: [ 24.580995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.581895] flags: 0x200000000000000(node=0|zone=2) [ 24.582335] page_type: f5(slab) [ 24.582975] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.584144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.584845] page dumped because: kasan: bad access detected [ 24.585317] [ 24.585534] Memory state around the buggy address: [ 24.586287] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.587163] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.587987] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.588573] ^ [ 24.589429] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.590069] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.590881] ================================================================== [ 22.488153] ================================================================== [ 22.489159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 22.489811] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.490632] [ 22.490973] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.491089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.491126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.491179] Call Trace: [ 22.491226] <TASK> [ 22.491264] dump_stack_lvl+0x73/0xb0 [ 22.491336] print_report+0xd1/0x650 [ 22.491410] ? __virt_addr_valid+0x1db/0x2d0 [ 22.491491] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.491567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.491644] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.491721] kasan_report+0x141/0x180 [ 22.491802] ? kasan_atomics_helper+0x4b88/0x5450 [ 22.491892] __asan_report_load4_noabort+0x18/0x20 [ 22.492067] kasan_atomics_helper+0x4b88/0x5450 [ 22.492158] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.492233] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.492305] ? kasan_atomics+0x152/0x310 [ 22.492381] kasan_atomics+0x1dc/0x310 [ 22.492456] ? __pfx_kasan_atomics+0x10/0x10 [ 22.492528] ? __pfx_read_tsc+0x10/0x10 [ 22.492599] ? ktime_get_ts64+0x86/0x230 [ 22.492685] kunit_try_run_case+0x1a5/0x480 [ 22.492764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.492830] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.492929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.493019] ? __kthread_parkme+0x82/0x180 [ 22.493097] ? preempt_count_sub+0x50/0x80 [ 22.493179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.493255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.493425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.493516] kthread+0x337/0x6f0 [ 22.493644] ? trace_preempt_on+0x20/0xc0 [ 22.493751] ? __pfx_kthread+0x10/0x10 [ 22.493828] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.493904] ? calculate_sigpending+0x7b/0xa0 [ 22.494005] ? __pfx_kthread+0x10/0x10 [ 22.494081] ret_from_fork+0x116/0x1d0 [ 22.494146] ? __pfx_kthread+0x10/0x10 [ 22.494219] ret_from_fork_asm+0x1a/0x30 [ 22.494327] </TASK> [ 22.494424] [ 22.516521] Allocated by task 282: [ 22.517283] kasan_save_stack+0x45/0x70 [ 22.518174] kasan_save_track+0x18/0x40 [ 22.518542] kasan_save_alloc_info+0x3b/0x50 [ 22.519009] __kasan_kmalloc+0xb7/0xc0 [ 22.520033] __kmalloc_cache_noprof+0x189/0x420 [ 22.520401] kasan_atomics+0x95/0x310 [ 22.521062] kunit_try_run_case+0x1a5/0x480 [ 22.521409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.522330] kthread+0x337/0x6f0 [ 22.522605] ret_from_fork+0x116/0x1d0 [ 22.523450] ret_from_fork_asm+0x1a/0x30 [ 22.524121] [ 22.524340] The buggy address belongs to the object at ffff888102b73d80 [ 22.524340] which belongs to the cache kmalloc-64 of size 64 [ 22.525467] The buggy address is located 0 bytes to the right of [ 22.525467] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.526701] [ 22.526870] The buggy address belongs to the physical page: [ 22.527213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.527887] flags: 0x200000000000000(node=0|zone=2) [ 22.528521] page_type: f5(slab) [ 22.528986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.529717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.530259] page dumped because: kasan: bad access detected [ 22.530855] [ 22.531228] Memory state around the buggy address: [ 22.531803] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.532523] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.533081] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.533858] ^ [ 22.534370] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.535141] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.535818] ================================================================== [ 23.713902] ================================================================== [ 23.714482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 23.716009] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.716758] [ 23.717047] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.717181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.717226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.717290] Call Trace: [ 23.717344] <TASK> [ 23.717392] dump_stack_lvl+0x73/0xb0 [ 23.717479] print_report+0xd1/0x650 [ 23.717566] ? __virt_addr_valid+0x1db/0x2d0 [ 23.717698] ? kasan_atomics_helper+0x1148/0x5450 [ 23.717779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.717865] ? kasan_atomics_helper+0x1148/0x5450 [ 23.717969] kasan_report+0x141/0x180 [ 23.718055] ? kasan_atomics_helper+0x1148/0x5450 [ 23.718143] kasan_check_range+0x10c/0x1c0 [ 23.718233] __kasan_check_write+0x18/0x20 [ 23.718302] kasan_atomics_helper+0x1148/0x5450 [ 23.718343] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.718380] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.718412] ? kasan_atomics+0x152/0x310 [ 23.718445] kasan_atomics+0x1dc/0x310 [ 23.718473] ? __pfx_kasan_atomics+0x10/0x10 [ 23.718503] ? __pfx_read_tsc+0x10/0x10 [ 23.718536] ? ktime_get_ts64+0x86/0x230 [ 23.718572] kunit_try_run_case+0x1a5/0x480 [ 23.718648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.718686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.718725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.718762] ? __kthread_parkme+0x82/0x180 [ 23.718793] ? preempt_count_sub+0x50/0x80 [ 23.718828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.718857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.718921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.718960] kthread+0x337/0x6f0 [ 23.718990] ? trace_preempt_on+0x20/0xc0 [ 23.719022] ? __pfx_kthread+0x10/0x10 [ 23.719053] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.719087] ? calculate_sigpending+0x7b/0xa0 [ 23.719122] ? __pfx_kthread+0x10/0x10 [ 23.719153] ret_from_fork+0x116/0x1d0 [ 23.719179] ? __pfx_kthread+0x10/0x10 [ 23.719210] ret_from_fork_asm+0x1a/0x30 [ 23.719253] </TASK> [ 23.719268] [ 23.733814] Allocated by task 282: [ 23.734208] kasan_save_stack+0x45/0x70 [ 23.734640] kasan_save_track+0x18/0x40 [ 23.735091] kasan_save_alloc_info+0x3b/0x50 [ 23.735537] __kasan_kmalloc+0xb7/0xc0 [ 23.736009] __kmalloc_cache_noprof+0x189/0x420 [ 23.736419] kasan_atomics+0x95/0x310 [ 23.736871] kunit_try_run_case+0x1a5/0x480 [ 23.737228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.737637] kthread+0x337/0x6f0 [ 23.738218] ret_from_fork+0x116/0x1d0 [ 23.738652] ret_from_fork_asm+0x1a/0x30 [ 23.739223] [ 23.739492] The buggy address belongs to the object at ffff888102b73d80 [ 23.739492] which belongs to the cache kmalloc-64 of size 64 [ 23.740674] The buggy address is located 0 bytes to the right of [ 23.740674] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.741616] [ 23.741810] The buggy address belongs to the physical page: [ 23.742196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.742940] flags: 0x200000000000000(node=0|zone=2) [ 23.743496] page_type: f5(slab) [ 23.743959] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.744629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.746656] page dumped because: kasan: bad access detected [ 23.748041] [ 23.748266] Memory state around the buggy address: [ 23.748708] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.749562] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.750492] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.751258] ^ [ 23.751859] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.752623] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.753228] ================================================================== [ 24.407452] ================================================================== [ 24.408079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 24.408961] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.409455] [ 24.409764] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.409899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.409939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.409996] Call Trace: [ 24.410048] <TASK> [ 24.410098] dump_stack_lvl+0x73/0xb0 [ 24.410172] print_report+0xd1/0x650 [ 24.410263] ? __virt_addr_valid+0x1db/0x2d0 [ 24.410343] ? kasan_atomics_helper+0x1818/0x5450 [ 24.410490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.410607] ? kasan_atomics_helper+0x1818/0x5450 [ 24.410735] kasan_report+0x141/0x180 [ 24.410839] ? kasan_atomics_helper+0x1818/0x5450 [ 24.410944] kasan_check_range+0x10c/0x1c0 [ 24.411063] __kasan_check_write+0x18/0x20 [ 24.411138] kasan_atomics_helper+0x1818/0x5450 [ 24.411224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.411312] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.411391] ? kasan_atomics+0x152/0x310 [ 24.411472] kasan_atomics+0x1dc/0x310 [ 24.411546] ? __pfx_kasan_atomics+0x10/0x10 [ 24.411638] ? __pfx_read_tsc+0x10/0x10 [ 24.411716] ? ktime_get_ts64+0x86/0x230 [ 24.411803] kunit_try_run_case+0x1a5/0x480 [ 24.411902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.411975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.412040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.412116] ? __kthread_parkme+0x82/0x180 [ 24.412192] ? preempt_count_sub+0x50/0x80 [ 24.412280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.412362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.412450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.412538] kthread+0x337/0x6f0 [ 24.412639] ? trace_preempt_on+0x20/0xc0 [ 24.412804] ? __pfx_kthread+0x10/0x10 [ 24.412906] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.413040] ? calculate_sigpending+0x7b/0xa0 [ 24.413158] ? __pfx_kthread+0x10/0x10 [ 24.413239] ret_from_fork+0x116/0x1d0 [ 24.413370] ? __pfx_kthread+0x10/0x10 [ 24.413481] ret_from_fork_asm+0x1a/0x30 [ 24.413614] </TASK> [ 24.413679] [ 24.430945] Allocated by task 282: [ 24.431534] kasan_save_stack+0x45/0x70 [ 24.432005] kasan_save_track+0x18/0x40 [ 24.432514] kasan_save_alloc_info+0x3b/0x50 [ 24.433143] __kasan_kmalloc+0xb7/0xc0 [ 24.433598] __kmalloc_cache_noprof+0x189/0x420 [ 24.434036] kasan_atomics+0x95/0x310 [ 24.434560] kunit_try_run_case+0x1a5/0x480 [ 24.435066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.435674] kthread+0x337/0x6f0 [ 24.436248] ret_from_fork+0x116/0x1d0 [ 24.436685] ret_from_fork_asm+0x1a/0x30 [ 24.437135] [ 24.437544] The buggy address belongs to the object at ffff888102b73d80 [ 24.437544] which belongs to the cache kmalloc-64 of size 64 [ 24.438566] The buggy address is located 0 bytes to the right of [ 24.438566] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.439842] [ 24.440227] The buggy address belongs to the physical page: [ 24.440926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.441427] flags: 0x200000000000000(node=0|zone=2) [ 24.441902] page_type: f5(slab) [ 24.442305] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.443209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.444083] page dumped because: kasan: bad access detected [ 24.444711] [ 24.444958] Memory state around the buggy address: [ 24.445538] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.446105] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.446571] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.447264] ^ [ 24.448103] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.448923] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.449371] ================================================================== [ 23.142046] ================================================================== [ 23.143254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 23.143518] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.143763] [ 23.143874] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.144003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.144045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.144106] Call Trace: [ 23.144163] <TASK> [ 23.144210] dump_stack_lvl+0x73/0xb0 [ 23.144300] print_report+0xd1/0x650 [ 23.144382] ? __virt_addr_valid+0x1db/0x2d0 [ 23.144464] ? kasan_atomics_helper+0xa2b/0x5450 [ 23.144630] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.144717] ? kasan_atomics_helper+0xa2b/0x5450 [ 23.144793] kasan_report+0x141/0x180 [ 23.144875] ? kasan_atomics_helper+0xa2b/0x5450 [ 23.144988] kasan_check_range+0x10c/0x1c0 [ 23.145070] __kasan_check_write+0x18/0x20 [ 23.145147] kasan_atomics_helper+0xa2b/0x5450 [ 23.145276] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.145429] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.145545] ? kasan_atomics+0x152/0x310 [ 23.145627] kasan_atomics+0x1dc/0x310 [ 23.145705] ? __pfx_kasan_atomics+0x10/0x10 [ 23.145771] ? __pfx_read_tsc+0x10/0x10 [ 23.145811] ? ktime_get_ts64+0x86/0x230 [ 23.145850] kunit_try_run_case+0x1a5/0x480 [ 23.145882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.145957] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.146025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.146099] ? __kthread_parkme+0x82/0x180 [ 23.146161] ? preempt_count_sub+0x50/0x80 [ 23.146241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.146313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.146386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.146485] kthread+0x337/0x6f0 [ 23.146549] ? trace_preempt_on+0x20/0xc0 [ 23.146654] ? __pfx_kthread+0x10/0x10 [ 23.146727] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.146796] ? calculate_sigpending+0x7b/0xa0 [ 23.146860] ? __pfx_kthread+0x10/0x10 [ 23.146948] ret_from_fork+0x116/0x1d0 [ 23.147013] ? __pfx_kthread+0x10/0x10 [ 23.147081] ret_from_fork_asm+0x1a/0x30 [ 23.147175] </TASK> [ 23.147212] [ 23.169818] Allocated by task 282: [ 23.170195] kasan_save_stack+0x45/0x70 [ 23.170879] kasan_save_track+0x18/0x40 [ 23.171423] kasan_save_alloc_info+0x3b/0x50 [ 23.171916] __kasan_kmalloc+0xb7/0xc0 [ 23.172513] __kmalloc_cache_noprof+0x189/0x420 [ 23.172873] kasan_atomics+0x95/0x310 [ 23.173385] kunit_try_run_case+0x1a5/0x480 [ 23.173830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.174530] kthread+0x337/0x6f0 [ 23.174917] ret_from_fork+0x116/0x1d0 [ 23.175383] ret_from_fork_asm+0x1a/0x30 [ 23.176015] [ 23.176212] The buggy address belongs to the object at ffff888102b73d80 [ 23.176212] which belongs to the cache kmalloc-64 of size 64 [ 23.177363] The buggy address is located 0 bytes to the right of [ 23.177363] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.178523] [ 23.178876] The buggy address belongs to the physical page: [ 23.179516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.180366] flags: 0x200000000000000(node=0|zone=2) [ 23.180746] page_type: f5(slab) [ 23.181149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.182375] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.182993] page dumped because: kasan: bad access detected [ 23.183520] [ 23.183837] Memory state around the buggy address: [ 23.184304] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.185074] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.185786] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.186420] ^ [ 23.187038] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.187733] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.188319] ================================================================== [ 25.042527] ================================================================== [ 25.043817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 25.044728] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.045416] [ 25.045795] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.045961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.046056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.046153] Call Trace: [ 25.046223] <TASK> [ 25.046276] dump_stack_lvl+0x73/0xb0 [ 25.046366] print_report+0xd1/0x650 [ 25.046448] ? __virt_addr_valid+0x1db/0x2d0 [ 25.046530] ? kasan_atomics_helper+0x2006/0x5450 [ 25.046628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.046713] ? kasan_atomics_helper+0x2006/0x5450 [ 25.046902] kasan_report+0x141/0x180 [ 25.046980] ? kasan_atomics_helper+0x2006/0x5450 [ 25.047030] kasan_check_range+0x10c/0x1c0 [ 25.047069] __kasan_check_write+0x18/0x20 [ 25.047100] kasan_atomics_helper+0x2006/0x5450 [ 25.047134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.047169] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.047201] ? kasan_atomics+0x152/0x310 [ 25.047235] kasan_atomics+0x1dc/0x310 [ 25.047263] ? __pfx_kasan_atomics+0x10/0x10 [ 25.047293] ? __pfx_read_tsc+0x10/0x10 [ 25.047326] ? ktime_get_ts64+0x86/0x230 [ 25.047362] kunit_try_run_case+0x1a5/0x480 [ 25.047393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.047424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.047461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.047500] ? __kthread_parkme+0x82/0x180 [ 25.047531] ? preempt_count_sub+0x50/0x80 [ 25.047579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.047636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.047677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.047714] kthread+0x337/0x6f0 [ 25.047743] ? trace_preempt_on+0x20/0xc0 [ 25.047778] ? __pfx_kthread+0x10/0x10 [ 25.047809] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.047870] ? calculate_sigpending+0x7b/0xa0 [ 25.047910] ? __pfx_kthread+0x10/0x10 [ 25.047941] ret_from_fork+0x116/0x1d0 [ 25.047968] ? __pfx_kthread+0x10/0x10 [ 25.047998] ret_from_fork_asm+0x1a/0x30 [ 25.048042] </TASK> [ 25.048059] [ 25.065599] Allocated by task 282: [ 25.066003] kasan_save_stack+0x45/0x70 [ 25.066428] kasan_save_track+0x18/0x40 [ 25.066937] kasan_save_alloc_info+0x3b/0x50 [ 25.067377] __kasan_kmalloc+0xb7/0xc0 [ 25.067886] __kmalloc_cache_noprof+0x189/0x420 [ 25.068325] kasan_atomics+0x95/0x310 [ 25.068798] kunit_try_run_case+0x1a5/0x480 [ 25.069292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.069910] kthread+0x337/0x6f0 [ 25.070306] ret_from_fork+0x116/0x1d0 [ 25.070828] ret_from_fork_asm+0x1a/0x30 [ 25.071231] [ 25.071492] The buggy address belongs to the object at ffff888102b73d80 [ 25.071492] which belongs to the cache kmalloc-64 of size 64 [ 25.072498] The buggy address is located 0 bytes to the right of [ 25.072498] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.073615] [ 25.073812] The buggy address belongs to the physical page: [ 25.074378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.075100] flags: 0x200000000000000(node=0|zone=2) [ 25.075580] page_type: f5(slab) [ 25.075952] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.076736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.077379] page dumped because: kasan: bad access detected [ 25.077952] [ 25.078186] Memory state around the buggy address: [ 25.078725] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.080047] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.080918] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.081411] ^ [ 25.082298] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.083112] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.083960] ================================================================== [ 22.858616] ================================================================== [ 22.859173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 22.859813] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.861368] [ 22.861653] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.861787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.861833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.861896] Call Trace: [ 22.861972] <TASK> [ 22.862022] dump_stack_lvl+0x73/0xb0 [ 22.862108] print_report+0xd1/0x650 [ 22.862188] ? __virt_addr_valid+0x1db/0x2d0 [ 22.862275] ? kasan_atomics_helper+0x697/0x5450 [ 22.862353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.862436] ? kasan_atomics_helper+0x697/0x5450 [ 22.862558] kasan_report+0x141/0x180 [ 22.862647] ? kasan_atomics_helper+0x697/0x5450 [ 22.862776] kasan_check_range+0x10c/0x1c0 [ 22.862865] __kasan_check_write+0x18/0x20 [ 22.862960] kasan_atomics_helper+0x697/0x5450 [ 22.863081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.863169] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.863254] ? kasan_atomics+0x152/0x310 [ 22.863338] kasan_atomics+0x1dc/0x310 [ 22.863415] ? __pfx_kasan_atomics+0x10/0x10 [ 22.863496] ? __pfx_read_tsc+0x10/0x10 [ 22.863615] ? ktime_get_ts64+0x86/0x230 [ 22.863742] kunit_try_run_case+0x1a5/0x480 [ 22.863829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.863925] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.864059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.864149] ? __kthread_parkme+0x82/0x180 [ 22.864233] ? preempt_count_sub+0x50/0x80 [ 22.864362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.864450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.864524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.864565] kthread+0x337/0x6f0 [ 22.864595] ? trace_preempt_on+0x20/0xc0 [ 22.864650] ? __pfx_kthread+0x10/0x10 [ 22.864722] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.864761] ? calculate_sigpending+0x7b/0xa0 [ 22.864798] ? __pfx_kthread+0x10/0x10 [ 22.864830] ret_from_fork+0x116/0x1d0 [ 22.864857] ? __pfx_kthread+0x10/0x10 [ 22.864888] ret_from_fork_asm+0x1a/0x30 [ 22.864962] </TASK> [ 22.864978] [ 22.884741] Allocated by task 282: [ 22.886212] kasan_save_stack+0x45/0x70 [ 22.887858] kasan_save_track+0x18/0x40 [ 22.889763] kasan_save_alloc_info+0x3b/0x50 [ 22.891478] __kasan_kmalloc+0xb7/0xc0 [ 22.892429] __kmalloc_cache_noprof+0x189/0x420 [ 22.893590] kasan_atomics+0x95/0x310 [ 22.894887] kunit_try_run_case+0x1a5/0x480 [ 22.895953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.896741] kthread+0x337/0x6f0 [ 22.897053] ret_from_fork+0x116/0x1d0 [ 22.897368] ret_from_fork_asm+0x1a/0x30 [ 22.898097] [ 22.898571] The buggy address belongs to the object at ffff888102b73d80 [ 22.898571] which belongs to the cache kmalloc-64 of size 64 [ 22.899960] The buggy address is located 0 bytes to the right of [ 22.899960] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.901477] [ 22.901676] The buggy address belongs to the physical page: [ 22.902223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.903166] flags: 0x200000000000000(node=0|zone=2) [ 22.903557] page_type: f5(slab) [ 22.904655] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.905267] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.906137] page dumped because: kasan: bad access detected [ 22.906778] [ 22.907058] Memory state around the buggy address: [ 22.907500] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.908066] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.908682] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.909314] ^ [ 22.909816] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.910421] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.911072] ================================================================== [ 23.844529] ================================================================== [ 23.845253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 23.846171] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.846647] [ 23.846893] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.847009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.847043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.847098] Call Trace: [ 23.847145] <TASK> [ 23.847215] dump_stack_lvl+0x73/0xb0 [ 23.847285] print_report+0xd1/0x650 [ 23.847355] ? __virt_addr_valid+0x1db/0x2d0 [ 23.847435] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.847626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.847762] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.847928] kasan_report+0x141/0x180 [ 23.848017] ? kasan_atomics_helper+0x49e8/0x5450 [ 23.848116] __asan_report_load4_noabort+0x18/0x20 [ 23.848194] kasan_atomics_helper+0x49e8/0x5450 [ 23.848276] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.848360] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.848489] ? kasan_atomics+0x152/0x310 [ 23.848607] kasan_atomics+0x1dc/0x310 [ 23.848683] ? __pfx_kasan_atomics+0x10/0x10 [ 23.848765] ? __pfx_read_tsc+0x10/0x10 [ 23.848908] ? ktime_get_ts64+0x86/0x230 [ 23.849018] kunit_try_run_case+0x1a5/0x480 [ 23.849103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.849230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.849346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.849429] ? __kthread_parkme+0x82/0x180 [ 23.849497] ? preempt_count_sub+0x50/0x80 [ 23.849576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.849656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.849782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.849892] kthread+0x337/0x6f0 [ 23.849979] ? trace_preempt_on+0x20/0xc0 [ 23.850060] ? __pfx_kthread+0x10/0x10 [ 23.850195] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.850318] ? calculate_sigpending+0x7b/0xa0 [ 23.850401] ? __pfx_kthread+0x10/0x10 [ 23.850536] ret_from_fork+0x116/0x1d0 [ 23.850693] ? __pfx_kthread+0x10/0x10 [ 23.850858] ret_from_fork_asm+0x1a/0x30 [ 23.851122] </TASK> [ 23.851165] [ 23.869936] Allocated by task 282: [ 23.870346] kasan_save_stack+0x45/0x70 [ 23.871727] kasan_save_track+0x18/0x40 [ 23.872064] kasan_save_alloc_info+0x3b/0x50 [ 23.872613] __kasan_kmalloc+0xb7/0xc0 [ 23.873203] __kmalloc_cache_noprof+0x189/0x420 [ 23.873890] kasan_atomics+0x95/0x310 [ 23.874407] kunit_try_run_case+0x1a5/0x480 [ 23.875115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.875542] kthread+0x337/0x6f0 [ 23.876347] ret_from_fork+0x116/0x1d0 [ 23.876926] ret_from_fork_asm+0x1a/0x30 [ 23.877639] [ 23.878155] The buggy address belongs to the object at ffff888102b73d80 [ 23.878155] which belongs to the cache kmalloc-64 of size 64 [ 23.879309] The buggy address is located 0 bytes to the right of [ 23.879309] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.880749] [ 23.881099] The buggy address belongs to the physical page: [ 23.881461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.882362] flags: 0x200000000000000(node=0|zone=2) [ 23.882990] page_type: f5(slab) [ 23.883406] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.884245] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.885056] page dumped because: kasan: bad access detected [ 23.885471] [ 23.885788] Memory state around the buggy address: [ 23.886698] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.887301] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.887922] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.888805] ^ [ 23.889385] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.890206] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.891037] ================================================================== [ 24.451151] ================================================================== [ 24.452296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 24.453066] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.453654] [ 24.453997] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.454109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.454155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.454233] Call Trace: [ 24.454277] <TASK> [ 24.454329] dump_stack_lvl+0x73/0xb0 [ 24.454415] print_report+0xd1/0x650 [ 24.454496] ? __virt_addr_valid+0x1db/0x2d0 [ 24.454666] ? kasan_atomics_helper+0x18b1/0x5450 [ 24.454768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.454905] ? kasan_atomics_helper+0x18b1/0x5450 [ 24.455036] kasan_report+0x141/0x180 [ 24.455128] ? kasan_atomics_helper+0x18b1/0x5450 [ 24.455301] kasan_check_range+0x10c/0x1c0 [ 24.455398] __kasan_check_write+0x18/0x20 [ 24.455526] kasan_atomics_helper+0x18b1/0x5450 [ 24.455641] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.455724] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.455800] ? kasan_atomics+0x152/0x310 [ 24.455956] kasan_atomics+0x1dc/0x310 [ 24.456063] ? __pfx_kasan_atomics+0x10/0x10 [ 24.456175] ? __pfx_read_tsc+0x10/0x10 [ 24.456300] ? ktime_get_ts64+0x86/0x230 [ 24.456419] kunit_try_run_case+0x1a5/0x480 [ 24.456584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.456666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.456753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.456923] ? __kthread_parkme+0x82/0x180 [ 24.457032] ? preempt_count_sub+0x50/0x80 [ 24.457197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.457362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.457485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.457601] kthread+0x337/0x6f0 [ 24.457659] ? trace_preempt_on+0x20/0xc0 [ 24.457697] ? __pfx_kthread+0x10/0x10 [ 24.457728] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.457764] ? calculate_sigpending+0x7b/0xa0 [ 24.457801] ? __pfx_kthread+0x10/0x10 [ 24.457833] ret_from_fork+0x116/0x1d0 [ 24.457884] ? __pfx_kthread+0x10/0x10 [ 24.457920] ret_from_fork_asm+0x1a/0x30 [ 24.457966] </TASK> [ 24.457981] [ 24.475102] Allocated by task 282: [ 24.475568] kasan_save_stack+0x45/0x70 [ 24.476161] kasan_save_track+0x18/0x40 [ 24.476594] kasan_save_alloc_info+0x3b/0x50 [ 24.477153] __kasan_kmalloc+0xb7/0xc0 [ 24.477723] __kmalloc_cache_noprof+0x189/0x420 [ 24.478258] kasan_atomics+0x95/0x310 [ 24.478700] kunit_try_run_case+0x1a5/0x480 [ 24.479256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.479887] kthread+0x337/0x6f0 [ 24.480203] ret_from_fork+0x116/0x1d0 [ 24.480974] ret_from_fork_asm+0x1a/0x30 [ 24.484490] [ 24.484701] The buggy address belongs to the object at ffff888102b73d80 [ 24.484701] which belongs to the cache kmalloc-64 of size 64 [ 24.487667] The buggy address is located 0 bytes to the right of [ 24.487667] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.489510] [ 24.492106] The buggy address belongs to the physical page: [ 24.492363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.493169] flags: 0x200000000000000(node=0|zone=2) [ 24.493499] page_type: f5(slab) [ 24.493761] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.494189] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.494761] page dumped because: kasan: bad access detected [ 24.495298] [ 24.495530] Memory state around the buggy address: [ 24.496009] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.496613] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.497370] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.498075] ^ [ 24.498416] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.498839] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.499321] ================================================================== [ 23.228609] ================================================================== [ 23.230133] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 23.230712] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.231424] [ 23.231655] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.231787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.231852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.231949] Call Trace: [ 23.232004] <TASK> [ 23.232048] dump_stack_lvl+0x73/0xb0 [ 23.232152] print_report+0xd1/0x650 [ 23.232264] ? __virt_addr_valid+0x1db/0x2d0 [ 23.232352] ? kasan_atomics_helper+0xb6a/0x5450 [ 23.232454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.232571] ? kasan_atomics_helper+0xb6a/0x5450 [ 23.232656] kasan_report+0x141/0x180 [ 23.232739] ? kasan_atomics_helper+0xb6a/0x5450 [ 23.232884] kasan_check_range+0x10c/0x1c0 [ 23.232990] __kasan_check_write+0x18/0x20 [ 23.233071] kasan_atomics_helper+0xb6a/0x5450 [ 23.233206] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.233294] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.233376] ? kasan_atomics+0x152/0x310 [ 23.233458] kasan_atomics+0x1dc/0x310 [ 23.233536] ? __pfx_kasan_atomics+0x10/0x10 [ 23.233659] ? __pfx_read_tsc+0x10/0x10 [ 23.233740] ? ktime_get_ts64+0x86/0x230 [ 23.233827] kunit_try_run_case+0x1a5/0x480 [ 23.233922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.234000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.234087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.234171] ? __kthread_parkme+0x82/0x180 [ 23.234257] ? preempt_count_sub+0x50/0x80 [ 23.234322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.234398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.234504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.234626] kthread+0x337/0x6f0 [ 23.234708] ? trace_preempt_on+0x20/0xc0 [ 23.234794] ? __pfx_kthread+0x10/0x10 [ 23.234872] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.234977] ? calculate_sigpending+0x7b/0xa0 [ 23.235055] ? __pfx_kthread+0x10/0x10 [ 23.235137] ret_from_fork+0x116/0x1d0 [ 23.235211] ? __pfx_kthread+0x10/0x10 [ 23.235304] ret_from_fork_asm+0x1a/0x30 [ 23.235436] </TASK> [ 23.235479] [ 23.251482] Allocated by task 282: [ 23.252108] kasan_save_stack+0x45/0x70 [ 23.252570] kasan_save_track+0x18/0x40 [ 23.253177] kasan_save_alloc_info+0x3b/0x50 [ 23.255469] __kasan_kmalloc+0xb7/0xc0 [ 23.256537] __kmalloc_cache_noprof+0x189/0x420 [ 23.257542] kasan_atomics+0x95/0x310 [ 23.257959] kunit_try_run_case+0x1a5/0x480 [ 23.258519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.259126] kthread+0x337/0x6f0 [ 23.259593] ret_from_fork+0x116/0x1d0 [ 23.260001] ret_from_fork_asm+0x1a/0x30 [ 23.260424] [ 23.260657] The buggy address belongs to the object at ffff888102b73d80 [ 23.260657] which belongs to the cache kmalloc-64 of size 64 [ 23.261533] The buggy address is located 0 bytes to the right of [ 23.261533] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.262483] [ 23.262683] The buggy address belongs to the physical page: [ 23.263134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.263928] flags: 0x200000000000000(node=0|zone=2) [ 23.264411] page_type: f5(slab) [ 23.264966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.265647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.266249] page dumped because: kasan: bad access detected [ 23.266621] [ 23.266974] Memory state around the buggy address: [ 23.267436] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.268198] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.268834] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.269334] ^ [ 23.270086] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.270690] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.271491] ================================================================== [ 22.408758] ================================================================== [ 22.409850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 22.410680] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.411777] [ 22.412016] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.412145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.412185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.412248] Call Trace: [ 22.412290] <TASK> [ 22.412358] dump_stack_lvl+0x73/0xb0 [ 22.412478] print_report+0xd1/0x650 [ 22.412604] ? __virt_addr_valid+0x1db/0x2d0 [ 22.412691] ? kasan_atomics_helper+0x4bbc/0x5450 [ 22.412763] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.412833] ? kasan_atomics_helper+0x4bbc/0x5450 [ 22.412905] kasan_report+0x141/0x180 [ 22.413002] ? kasan_atomics_helper+0x4bbc/0x5450 [ 22.413111] __asan_report_load4_noabort+0x18/0x20 [ 22.413150] kasan_atomics_helper+0x4bbc/0x5450 [ 22.413186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.413238] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.413297] ? kasan_atomics+0x152/0x310 [ 22.413333] kasan_atomics+0x1dc/0x310 [ 22.413360] ? __pfx_kasan_atomics+0x10/0x10 [ 22.413392] ? __pfx_read_tsc+0x10/0x10 [ 22.413423] ? ktime_get_ts64+0x86/0x230 [ 22.413459] kunit_try_run_case+0x1a5/0x480 [ 22.413489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.413516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.413553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.413589] ? __kthread_parkme+0x82/0x180 [ 22.413617] ? preempt_count_sub+0x50/0x80 [ 22.413692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.413727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.413766] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.413802] kthread+0x337/0x6f0 [ 22.413829] ? trace_preempt_on+0x20/0xc0 [ 22.413864] ? __pfx_kthread+0x10/0x10 [ 22.413893] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.413954] ? calculate_sigpending+0x7b/0xa0 [ 22.413993] ? __pfx_kthread+0x10/0x10 [ 22.414024] ret_from_fork+0x116/0x1d0 [ 22.414050] ? __pfx_kthread+0x10/0x10 [ 22.414078] ret_from_fork_asm+0x1a/0x30 [ 22.414122] </TASK> [ 22.414140] [ 22.429321] Allocated by task 282: [ 22.429774] kasan_save_stack+0x45/0x70 [ 22.430215] kasan_save_track+0x18/0x40 [ 22.430536] kasan_save_alloc_info+0x3b/0x50 [ 22.431229] __kasan_kmalloc+0xb7/0xc0 [ 22.431685] __kmalloc_cache_noprof+0x189/0x420 [ 22.432303] kasan_atomics+0x95/0x310 [ 22.432698] kunit_try_run_case+0x1a5/0x480 [ 22.433175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.433728] kthread+0x337/0x6f0 [ 22.434103] ret_from_fork+0x116/0x1d0 [ 22.434431] ret_from_fork_asm+0x1a/0x30 [ 22.434840] [ 22.435100] The buggy address belongs to the object at ffff888102b73d80 [ 22.435100] which belongs to the cache kmalloc-64 of size 64 [ 22.436154] The buggy address is located 0 bytes to the right of [ 22.436154] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.437440] [ 22.437680] The buggy address belongs to the physical page: [ 22.438164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.438828] flags: 0x200000000000000(node=0|zone=2) [ 22.439332] page_type: f5(slab) [ 22.439626] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.440347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.441355] page dumped because: kasan: bad access detected [ 22.441897] [ 22.442104] Memory state around the buggy address: [ 22.442453] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.443032] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.443647] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.444771] ^ [ 22.445434] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.446197] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.446902] ================================================================== [ 22.769148] ================================================================== [ 22.769852] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 22.771301] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.772082] [ 22.772372] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.772544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.772620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.772704] Call Trace: [ 22.772763] <TASK> [ 22.772823] dump_stack_lvl+0x73/0xb0 [ 22.772977] print_report+0xd1/0x650 [ 22.773064] ? __virt_addr_valid+0x1db/0x2d0 [ 22.773153] ? kasan_atomics_helper+0x565/0x5450 [ 22.773229] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.773313] ? kasan_atomics_helper+0x565/0x5450 [ 22.773394] kasan_report+0x141/0x180 [ 22.773477] ? kasan_atomics_helper+0x565/0x5450 [ 22.773607] kasan_check_range+0x10c/0x1c0 [ 22.773717] __kasan_check_write+0x18/0x20 [ 22.773836] kasan_atomics_helper+0x565/0x5450 [ 22.773942] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.774032] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.774112] ? kasan_atomics+0x152/0x310 [ 22.774182] kasan_atomics+0x1dc/0x310 [ 22.774215] ? __pfx_kasan_atomics+0x10/0x10 [ 22.774260] ? __pfx_read_tsc+0x10/0x10 [ 22.774295] ? ktime_get_ts64+0x86/0x230 [ 22.774333] kunit_try_run_case+0x1a5/0x480 [ 22.774368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.774398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.774439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.774478] ? __kthread_parkme+0x82/0x180 [ 22.774510] ? preempt_count_sub+0x50/0x80 [ 22.774546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.774578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.774614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.774687] kthread+0x337/0x6f0 [ 22.774718] ? trace_preempt_on+0x20/0xc0 [ 22.774752] ? __pfx_kthread+0x10/0x10 [ 22.774784] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.774818] ? calculate_sigpending+0x7b/0xa0 [ 22.774854] ? __pfx_kthread+0x10/0x10 [ 22.774885] ret_from_fork+0x116/0x1d0 [ 22.774942] ? __pfx_kthread+0x10/0x10 [ 22.774976] ret_from_fork_asm+0x1a/0x30 [ 22.775022] </TASK> [ 22.775038] [ 22.791123] Allocated by task 282: [ 22.791566] kasan_save_stack+0x45/0x70 [ 22.792462] kasan_save_track+0x18/0x40 [ 22.794374] kasan_save_alloc_info+0x3b/0x50 [ 22.795799] __kasan_kmalloc+0xb7/0xc0 [ 22.796142] __kmalloc_cache_noprof+0x189/0x420 [ 22.796455] kasan_atomics+0x95/0x310 [ 22.796611] kunit_try_run_case+0x1a5/0x480 [ 22.798029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.798841] kthread+0x337/0x6f0 [ 22.799215] ret_from_fork+0x116/0x1d0 [ 22.799531] ret_from_fork_asm+0x1a/0x30 [ 22.800466] [ 22.801025] The buggy address belongs to the object at ffff888102b73d80 [ 22.801025] which belongs to the cache kmalloc-64 of size 64 [ 22.802115] The buggy address is located 0 bytes to the right of [ 22.802115] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.804137] [ 22.804376] The buggy address belongs to the physical page: [ 22.805154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.806004] flags: 0x200000000000000(node=0|zone=2) [ 22.806599] page_type: f5(slab) [ 22.807254] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.807878] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.808723] page dumped because: kasan: bad access detected [ 22.809204] [ 22.809417] Memory state around the buggy address: [ 22.810298] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.810812] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.811531] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.812280] ^ [ 22.812927] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.813667] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.814212] ================================================================== [ 23.893827] ================================================================== [ 23.894566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 23.895375] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.896589] [ 23.897262] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.897394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.897745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.897782] Call Trace: [ 23.897806] <TASK> [ 23.897830] dump_stack_lvl+0x73/0xb0 [ 23.897898] print_report+0xd1/0x650 [ 23.897938] ? __virt_addr_valid+0x1db/0x2d0 [ 23.897974] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.898008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.898042] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.898076] kasan_report+0x141/0x180 [ 23.898109] ? kasan_atomics_helper+0x12e6/0x5450 [ 23.898149] kasan_check_range+0x10c/0x1c0 [ 23.898211] __kasan_check_write+0x18/0x20 [ 23.898257] kasan_atomics_helper+0x12e6/0x5450 [ 23.898291] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.898324] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.898356] ? kasan_atomics+0x152/0x310 [ 23.898387] kasan_atomics+0x1dc/0x310 [ 23.898415] ? __pfx_kasan_atomics+0x10/0x10 [ 23.898444] ? __pfx_read_tsc+0x10/0x10 [ 23.898477] ? ktime_get_ts64+0x86/0x230 [ 23.898513] kunit_try_run_case+0x1a5/0x480 [ 23.898544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.898573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.898649] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.898689] ? __kthread_parkme+0x82/0x180 [ 23.898722] ? preempt_count_sub+0x50/0x80 [ 23.898756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.898788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.898824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.898860] kthread+0x337/0x6f0 [ 23.898918] ? trace_preempt_on+0x20/0xc0 [ 23.898954] ? __pfx_kthread+0x10/0x10 [ 23.898984] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.899019] ? calculate_sigpending+0x7b/0xa0 [ 23.899055] ? __pfx_kthread+0x10/0x10 [ 23.899087] ret_from_fork+0x116/0x1d0 [ 23.899113] ? __pfx_kthread+0x10/0x10 [ 23.899144] ret_from_fork_asm+0x1a/0x30 [ 23.899189] </TASK> [ 23.899205] [ 23.916520] Allocated by task 282: [ 23.916901] kasan_save_stack+0x45/0x70 [ 23.917738] kasan_save_track+0x18/0x40 [ 23.918295] kasan_save_alloc_info+0x3b/0x50 [ 23.918765] __kasan_kmalloc+0xb7/0xc0 [ 23.919376] __kmalloc_cache_noprof+0x189/0x420 [ 23.919932] kasan_atomics+0x95/0x310 [ 23.920323] kunit_try_run_case+0x1a5/0x480 [ 23.921006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.921826] kthread+0x337/0x6f0 [ 23.922217] ret_from_fork+0x116/0x1d0 [ 23.922646] ret_from_fork_asm+0x1a/0x30 [ 23.923275] [ 23.923525] The buggy address belongs to the object at ffff888102b73d80 [ 23.923525] which belongs to the cache kmalloc-64 of size 64 [ 23.924937] The buggy address is located 0 bytes to the right of [ 23.924937] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.926121] [ 23.926362] The buggy address belongs to the physical page: [ 23.927026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.927838] flags: 0x200000000000000(node=0|zone=2) [ 23.928361] page_type: f5(slab) [ 23.928710] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.929289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.929837] page dumped because: kasan: bad access detected [ 23.930427] [ 23.930782] Memory state around the buggy address: [ 23.931151] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.931994] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.932773] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.933319] ^ [ 23.933987] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.934713] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.935434] ================================================================== [ 23.451773] ================================================================== [ 23.453430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 23.455094] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.455914] [ 23.456680] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.456753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.456775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.456809] Call Trace: [ 23.456835] <TASK> [ 23.456858] dump_stack_lvl+0x73/0xb0 [ 23.456925] print_report+0xd1/0x650 [ 23.456963] ? __virt_addr_valid+0x1db/0x2d0 [ 23.456996] ? kasan_atomics_helper+0xe78/0x5450 [ 23.457030] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.457063] ? kasan_atomics_helper+0xe78/0x5450 [ 23.457094] kasan_report+0x141/0x180 [ 23.457128] ? kasan_atomics_helper+0xe78/0x5450 [ 23.457166] kasan_check_range+0x10c/0x1c0 [ 23.457201] __kasan_check_write+0x18/0x20 [ 23.457231] kasan_atomics_helper+0xe78/0x5450 [ 23.457265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.457300] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.457330] ? kasan_atomics+0x152/0x310 [ 23.457361] kasan_atomics+0x1dc/0x310 [ 23.457389] ? __pfx_kasan_atomics+0x10/0x10 [ 23.457419] ? __pfx_read_tsc+0x10/0x10 [ 23.457451] ? ktime_get_ts64+0x86/0x230 [ 23.457487] kunit_try_run_case+0x1a5/0x480 [ 23.457517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.457546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.457584] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.457648] ? __kthread_parkme+0x82/0x180 [ 23.457687] ? preempt_count_sub+0x50/0x80 [ 23.457723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.457755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.457793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.457831] kthread+0x337/0x6f0 [ 23.457859] ? trace_preempt_on+0x20/0xc0 [ 23.457919] ? __pfx_kthread+0x10/0x10 [ 23.457954] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.457990] ? calculate_sigpending+0x7b/0xa0 [ 23.458026] ? __pfx_kthread+0x10/0x10 [ 23.458057] ret_from_fork+0x116/0x1d0 [ 23.458086] ? __pfx_kthread+0x10/0x10 [ 23.458117] ret_from_fork_asm+0x1a/0x30 [ 23.458161] </TASK> [ 23.458177] [ 23.477679] Allocated by task 282: [ 23.478278] kasan_save_stack+0x45/0x70 [ 23.478695] kasan_save_track+0x18/0x40 [ 23.479592] kasan_save_alloc_info+0x3b/0x50 [ 23.480189] __kasan_kmalloc+0xb7/0xc0 [ 23.480608] __kmalloc_cache_noprof+0x189/0x420 [ 23.481358] kasan_atomics+0x95/0x310 [ 23.481985] kunit_try_run_case+0x1a5/0x480 [ 23.482570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.483021] kthread+0x337/0x6f0 [ 23.483401] ret_from_fork+0x116/0x1d0 [ 23.484188] ret_from_fork_asm+0x1a/0x30 [ 23.484492] [ 23.484722] The buggy address belongs to the object at ffff888102b73d80 [ 23.484722] which belongs to the cache kmalloc-64 of size 64 [ 23.486188] The buggy address is located 0 bytes to the right of [ 23.486188] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.487591] [ 23.487805] The buggy address belongs to the physical page: [ 23.488616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.489462] flags: 0x200000000000000(node=0|zone=2) [ 23.489985] page_type: f5(slab) [ 23.490256] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.491212] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.492026] page dumped because: kasan: bad access detected [ 23.492593] [ 23.492854] Memory state around the buggy address: [ 23.493469] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.494329] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.494907] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.495516] ^ [ 23.496258] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.496969] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.497807] ================================================================== [ 25.085165] ================================================================== [ 25.086871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 25.087488] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.088095] [ 25.088358] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.088462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.088483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.088515] Call Trace: [ 25.088538] <TASK> [ 25.088569] dump_stack_lvl+0x73/0xb0 [ 25.089393] print_report+0xd1/0x650 [ 25.089431] ? __virt_addr_valid+0x1db/0x2d0 [ 25.089470] ? kasan_atomics_helper+0x4f98/0x5450 [ 25.089504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.089537] ? kasan_atomics_helper+0x4f98/0x5450 [ 25.089590] kasan_report+0x141/0x180 [ 25.089640] ? kasan_atomics_helper+0x4f98/0x5450 [ 25.089680] __asan_report_load8_noabort+0x18/0x20 [ 25.089711] kasan_atomics_helper+0x4f98/0x5450 [ 25.089744] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.089779] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.089811] ? kasan_atomics+0x152/0x310 [ 25.089867] kasan_atomics+0x1dc/0x310 [ 25.089901] ? __pfx_kasan_atomics+0x10/0x10 [ 25.089932] ? __pfx_read_tsc+0x10/0x10 [ 25.089963] ? ktime_get_ts64+0x86/0x230 [ 25.090000] kunit_try_run_case+0x1a5/0x480 [ 25.090032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.090061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.090099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.090136] ? __kthread_parkme+0x82/0x180 [ 25.090168] ? preempt_count_sub+0x50/0x80 [ 25.090201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.090243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.090281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.090318] kthread+0x337/0x6f0 [ 25.090346] ? trace_preempt_on+0x20/0xc0 [ 25.090380] ? __pfx_kthread+0x10/0x10 [ 25.090410] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.090444] ? calculate_sigpending+0x7b/0xa0 [ 25.090480] ? __pfx_kthread+0x10/0x10 [ 25.090510] ret_from_fork+0x116/0x1d0 [ 25.090536] ? __pfx_kthread+0x10/0x10 [ 25.090584] ret_from_fork_asm+0x1a/0x30 [ 25.090641] </TASK> [ 25.090657] [ 25.107918] Allocated by task 282: [ 25.108280] kasan_save_stack+0x45/0x70 [ 25.108785] kasan_save_track+0x18/0x40 [ 25.109139] kasan_save_alloc_info+0x3b/0x50 [ 25.109647] __kasan_kmalloc+0xb7/0xc0 [ 25.111612] __kmalloc_cache_noprof+0x189/0x420 [ 25.111990] kasan_atomics+0x95/0x310 [ 25.112531] kunit_try_run_case+0x1a5/0x480 [ 25.113252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.114040] kthread+0x337/0x6f0 [ 25.114572] ret_from_fork+0x116/0x1d0 [ 25.115167] ret_from_fork_asm+0x1a/0x30 [ 25.115599] [ 25.116094] The buggy address belongs to the object at ffff888102b73d80 [ 25.116094] which belongs to the cache kmalloc-64 of size 64 [ 25.117236] The buggy address is located 0 bytes to the right of [ 25.117236] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.118836] [ 25.119184] The buggy address belongs to the physical page: [ 25.119445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.120523] flags: 0x200000000000000(node=0|zone=2) [ 25.121255] page_type: f5(slab) [ 25.121604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.122566] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.123377] page dumped because: kasan: bad access detected [ 25.123859] [ 25.124419] Memory state around the buggy address: [ 25.124930] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.125519] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.126459] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.127235] ^ [ 25.127890] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.128695] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.129258] ================================================================== [ 23.044749] ================================================================== [ 23.045501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 23.046347] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.047922] [ 23.048117] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.048187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.048207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.048241] Call Trace: [ 23.048265] <TASK> [ 23.048288] dump_stack_lvl+0x73/0xb0 [ 23.048328] print_report+0xd1/0x650 [ 23.048363] ? __virt_addr_valid+0x1db/0x2d0 [ 23.048398] ? kasan_atomics_helper+0x8f9/0x5450 [ 23.048431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.048465] ? kasan_atomics_helper+0x8f9/0x5450 [ 23.048498] kasan_report+0x141/0x180 [ 23.048531] ? kasan_atomics_helper+0x8f9/0x5450 [ 23.048569] kasan_check_range+0x10c/0x1c0 [ 23.048605] __kasan_check_write+0x18/0x20 [ 23.048666] kasan_atomics_helper+0x8f9/0x5450 [ 23.048706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.048740] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.048772] ? kasan_atomics+0x152/0x310 [ 23.048806] kasan_atomics+0x1dc/0x310 [ 23.048834] ? __pfx_kasan_atomics+0x10/0x10 [ 23.048864] ? __pfx_read_tsc+0x10/0x10 [ 23.048919] ? ktime_get_ts64+0x86/0x230 [ 23.048960] kunit_try_run_case+0x1a5/0x480 [ 23.048994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.049026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.049064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.049102] ? __kthread_parkme+0x82/0x180 [ 23.049133] ? preempt_count_sub+0x50/0x80 [ 23.049168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.049199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.049236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.049274] kthread+0x337/0x6f0 [ 23.049303] ? trace_preempt_on+0x20/0xc0 [ 23.049337] ? __pfx_kthread+0x10/0x10 [ 23.049369] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.049404] ? calculate_sigpending+0x7b/0xa0 [ 23.049440] ? __pfx_kthread+0x10/0x10 [ 23.049472] ret_from_fork+0x116/0x1d0 [ 23.049499] ? __pfx_kthread+0x10/0x10 [ 23.049529] ret_from_fork_asm+0x1a/0x30 [ 23.049573] </TASK> [ 23.049590] [ 23.070192] Allocated by task 282: [ 23.070494] kasan_save_stack+0x45/0x70 [ 23.071742] kasan_save_track+0x18/0x40 [ 23.072332] kasan_save_alloc_info+0x3b/0x50 [ 23.073047] __kasan_kmalloc+0xb7/0xc0 [ 23.073885] __kmalloc_cache_noprof+0x189/0x420 [ 23.074359] kasan_atomics+0x95/0x310 [ 23.074817] kunit_try_run_case+0x1a5/0x480 [ 23.075272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.076016] kthread+0x337/0x6f0 [ 23.076370] ret_from_fork+0x116/0x1d0 [ 23.077171] ret_from_fork_asm+0x1a/0x30 [ 23.078145] [ 23.078810] The buggy address belongs to the object at ffff888102b73d80 [ 23.078810] which belongs to the cache kmalloc-64 of size 64 [ 23.079831] The buggy address is located 0 bytes to the right of [ 23.079831] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.081058] [ 23.081309] The buggy address belongs to the physical page: [ 23.081867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.082864] flags: 0x200000000000000(node=0|zone=2) [ 23.083415] page_type: f5(slab) [ 23.084172] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.085330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.086280] page dumped because: kasan: bad access detected [ 23.086875] [ 23.087044] Memory state around the buggy address: [ 23.087512] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.088198] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.089212] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.089834] ^ [ 23.090293] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.090880] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.092008] ================================================================== [ 23.587816] ================================================================== [ 23.588863] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 23.589668] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.590420] [ 23.590623] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.590734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.590775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.590839] Call Trace: [ 23.590909] <TASK> [ 23.590966] dump_stack_lvl+0x73/0xb0 [ 23.591049] print_report+0xd1/0x650 [ 23.591130] ? __virt_addr_valid+0x1db/0x2d0 [ 23.591207] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.591280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.591361] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.591440] kasan_report+0x141/0x180 [ 23.591567] ? kasan_atomics_helper+0x4a36/0x5450 [ 23.591687] __asan_report_load4_noabort+0x18/0x20 [ 23.591771] kasan_atomics_helper+0x4a36/0x5450 [ 23.591856] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.592002] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.592082] ? kasan_atomics+0x152/0x310 [ 23.592165] kasan_atomics+0x1dc/0x310 [ 23.592281] ? __pfx_kasan_atomics+0x10/0x10 [ 23.592368] ? __pfx_read_tsc+0x10/0x10 [ 23.592445] ? ktime_get_ts64+0x86/0x230 [ 23.592531] kunit_try_run_case+0x1a5/0x480 [ 23.592657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.592733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.592816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.592924] ? __kthread_parkme+0x82/0x180 [ 23.593049] ? preempt_count_sub+0x50/0x80 [ 23.593144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.593225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.593347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.593443] kthread+0x337/0x6f0 [ 23.593518] ? trace_preempt_on+0x20/0xc0 [ 23.593603] ? __pfx_kthread+0x10/0x10 [ 23.593738] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.593827] ? calculate_sigpending+0x7b/0xa0 [ 23.593934] ? __pfx_kthread+0x10/0x10 [ 23.594054] ret_from_fork+0x116/0x1d0 [ 23.594135] ? __pfx_kthread+0x10/0x10 [ 23.594214] ret_from_fork_asm+0x1a/0x30 [ 23.594311] </TASK> [ 23.594331] [ 23.609505] Allocated by task 282: [ 23.609936] kasan_save_stack+0x45/0x70 [ 23.610287] kasan_save_track+0x18/0x40 [ 23.610659] kasan_save_alloc_info+0x3b/0x50 [ 23.611157] __kasan_kmalloc+0xb7/0xc0 [ 23.611584] __kmalloc_cache_noprof+0x189/0x420 [ 23.612362] kasan_atomics+0x95/0x310 [ 23.612871] kunit_try_run_case+0x1a5/0x480 [ 23.613354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.613854] kthread+0x337/0x6f0 [ 23.614323] ret_from_fork+0x116/0x1d0 [ 23.614798] ret_from_fork_asm+0x1a/0x30 [ 23.615273] [ 23.615501] The buggy address belongs to the object at ffff888102b73d80 [ 23.615501] which belongs to the cache kmalloc-64 of size 64 [ 23.616460] The buggy address is located 0 bytes to the right of [ 23.616460] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.617315] [ 23.617512] The buggy address belongs to the physical page: [ 23.618432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.619200] flags: 0x200000000000000(node=0|zone=2) [ 23.619569] page_type: f5(slab) [ 23.619868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.620612] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.621280] page dumped because: kasan: bad access detected [ 23.622070] [ 23.622358] Memory state around the buggy address: [ 23.622975] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.623460] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.624101] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.624907] ^ [ 23.625348] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.626105] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.626691] ================================================================== [ 25.177801] ================================================================== [ 25.178578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 25.179329] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.179988] [ 25.180281] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.180456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.180525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.180591] Call Trace: [ 25.180642] <TASK> [ 25.180692] dump_stack_lvl+0x73/0xb0 [ 25.180768] print_report+0xd1/0x650 [ 25.180825] ? __virt_addr_valid+0x1db/0x2d0 [ 25.180926] ? kasan_atomics_helper+0x4fb2/0x5450 [ 25.181007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.181090] ? kasan_atomics_helper+0x4fb2/0x5450 [ 25.181170] kasan_report+0x141/0x180 [ 25.181255] ? kasan_atomics_helper+0x4fb2/0x5450 [ 25.181344] __asan_report_load8_noabort+0x18/0x20 [ 25.181423] kasan_atomics_helper+0x4fb2/0x5450 [ 25.181506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.181605] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.181730] ? kasan_atomics+0x152/0x310 [ 25.181816] kasan_atomics+0x1dc/0x310 [ 25.181911] ? __pfx_kasan_atomics+0x10/0x10 [ 25.181990] ? __pfx_read_tsc+0x10/0x10 [ 25.182064] ? ktime_get_ts64+0x86/0x230 [ 25.182147] kunit_try_run_case+0x1a5/0x480 [ 25.182234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.182311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.182367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.182408] ? __kthread_parkme+0x82/0x180 [ 25.182441] ? preempt_count_sub+0x50/0x80 [ 25.182475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.182506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.182545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.182621] kthread+0x337/0x6f0 [ 25.182655] ? trace_preempt_on+0x20/0xc0 [ 25.182690] ? __pfx_kthread+0x10/0x10 [ 25.182721] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.182757] ? calculate_sigpending+0x7b/0xa0 [ 25.182793] ? __pfx_kthread+0x10/0x10 [ 25.182826] ret_from_fork+0x116/0x1d0 [ 25.182880] ? __pfx_kthread+0x10/0x10 [ 25.182912] ret_from_fork_asm+0x1a/0x30 [ 25.182957] </TASK> [ 25.182974] [ 25.197824] Allocated by task 282: [ 25.198263] kasan_save_stack+0x45/0x70 [ 25.198908] kasan_save_track+0x18/0x40 [ 25.199242] kasan_save_alloc_info+0x3b/0x50 [ 25.199582] __kasan_kmalloc+0xb7/0xc0 [ 25.200006] __kmalloc_cache_noprof+0x189/0x420 [ 25.200773] kasan_atomics+0x95/0x310 [ 25.201230] kunit_try_run_case+0x1a5/0x480 [ 25.201785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.202369] kthread+0x337/0x6f0 [ 25.202874] ret_from_fork+0x116/0x1d0 [ 25.203334] ret_from_fork_asm+0x1a/0x30 [ 25.203674] [ 25.204913] The buggy address belongs to the object at ffff888102b73d80 [ 25.204913] which belongs to the cache kmalloc-64 of size 64 [ 25.206913] The buggy address is located 0 bytes to the right of [ 25.206913] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.207914] [ 25.208168] The buggy address belongs to the physical page: [ 25.208643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.209339] flags: 0x200000000000000(node=0|zone=2) [ 25.209867] page_type: f5(slab) [ 25.210265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.210987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.211720] page dumped because: kasan: bad access detected [ 25.212216] [ 25.212493] Memory state around the buggy address: [ 25.212953] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.213654] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.214293] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.214945] ^ [ 25.215439] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.216088] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.216794] ================================================================== [ 24.321036] ================================================================== [ 24.322073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 24.322936] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.323911] [ 24.324196] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.324289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.324333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.324399] Call Trace: [ 24.324453] <TASK> [ 24.324481] dump_stack_lvl+0x73/0xb0 [ 24.324525] print_report+0xd1/0x650 [ 24.324560] ? __virt_addr_valid+0x1db/0x2d0 [ 24.324890] ? kasan_atomics_helper+0x16e7/0x5450 [ 24.324939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.324978] ? kasan_atomics_helper+0x16e7/0x5450 [ 24.325011] kasan_report+0x141/0x180 [ 24.325046] ? kasan_atomics_helper+0x16e7/0x5450 [ 24.325085] kasan_check_range+0x10c/0x1c0 [ 24.325123] __kasan_check_write+0x18/0x20 [ 24.325154] kasan_atomics_helper+0x16e7/0x5450 [ 24.325187] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.325221] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.325255] ? kasan_atomics+0x152/0x310 [ 24.325288] kasan_atomics+0x1dc/0x310 [ 24.325316] ? __pfx_kasan_atomics+0x10/0x10 [ 24.325345] ? __pfx_read_tsc+0x10/0x10 [ 24.325378] ? ktime_get_ts64+0x86/0x230 [ 24.325413] kunit_try_run_case+0x1a5/0x480 [ 24.325445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.325474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.325511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.325548] ? __kthread_parkme+0x82/0x180 [ 24.325584] ? preempt_count_sub+0x50/0x80 [ 24.325658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.325691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.325730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.325768] kthread+0x337/0x6f0 [ 24.325797] ? trace_preempt_on+0x20/0xc0 [ 24.325831] ? __pfx_kthread+0x10/0x10 [ 24.325885] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.325925] ? calculate_sigpending+0x7b/0xa0 [ 24.325962] ? __pfx_kthread+0x10/0x10 [ 24.325995] ret_from_fork+0x116/0x1d0 [ 24.326023] ? __pfx_kthread+0x10/0x10 [ 24.326055] ret_from_fork_asm+0x1a/0x30 [ 24.326099] </TASK> [ 24.326116] [ 24.344072] Allocated by task 282: [ 24.344447] kasan_save_stack+0x45/0x70 [ 24.344963] kasan_save_track+0x18/0x40 [ 24.345446] kasan_save_alloc_info+0x3b/0x50 [ 24.345964] __kasan_kmalloc+0xb7/0xc0 [ 24.346432] __kmalloc_cache_noprof+0x189/0x420 [ 24.347009] kasan_atomics+0x95/0x310 [ 24.347461] kunit_try_run_case+0x1a5/0x480 [ 24.348016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.348410] kthread+0x337/0x6f0 [ 24.348752] ret_from_fork+0x116/0x1d0 [ 24.349157] ret_from_fork_asm+0x1a/0x30 [ 24.349771] [ 24.350144] The buggy address belongs to the object at ffff888102b73d80 [ 24.350144] which belongs to the cache kmalloc-64 of size 64 [ 24.351413] The buggy address is located 0 bytes to the right of [ 24.351413] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.352657] [ 24.352851] The buggy address belongs to the physical page: [ 24.353248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.354240] flags: 0x200000000000000(node=0|zone=2) [ 24.354886] page_type: f5(slab) [ 24.355275] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.356102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.356918] page dumped because: kasan: bad access detected [ 24.357490] [ 24.357770] Memory state around the buggy address: [ 24.358347] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.359089] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.359635] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.360403] ^ [ 24.360917] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.361655] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.362331] ================================================================== [ 23.938150] ================================================================== [ 23.938953] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 23.939585] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.940282] [ 23.940667] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.940995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.941044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.941112] Call Trace: [ 23.941169] <TASK> [ 23.941224] dump_stack_lvl+0x73/0xb0 [ 23.941312] print_report+0xd1/0x650 [ 23.941393] ? __virt_addr_valid+0x1db/0x2d0 [ 23.941468] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.941506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.941544] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.941580] kasan_report+0x141/0x180 [ 23.941655] ? kasan_atomics_helper+0x49ce/0x5450 [ 23.941702] __asan_report_load4_noabort+0x18/0x20 [ 23.941734] kasan_atomics_helper+0x49ce/0x5450 [ 23.941769] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.941806] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.941837] ? kasan_atomics+0x152/0x310 [ 23.941892] kasan_atomics+0x1dc/0x310 [ 23.941930] ? __pfx_kasan_atomics+0x10/0x10 [ 23.941962] ? __pfx_read_tsc+0x10/0x10 [ 23.941996] ? ktime_get_ts64+0x86/0x230 [ 23.942034] kunit_try_run_case+0x1a5/0x480 [ 23.942066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.942095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.942134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.942173] ? __kthread_parkme+0x82/0x180 [ 23.942204] ? preempt_count_sub+0x50/0x80 [ 23.942253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.942286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.942324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.942362] kthread+0x337/0x6f0 [ 23.942390] ? trace_preempt_on+0x20/0xc0 [ 23.942424] ? __pfx_kthread+0x10/0x10 [ 23.942454] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.942488] ? calculate_sigpending+0x7b/0xa0 [ 23.942524] ? __pfx_kthread+0x10/0x10 [ 23.942555] ret_from_fork+0x116/0x1d0 [ 23.942581] ? __pfx_kthread+0x10/0x10 [ 23.942645] ret_from_fork_asm+0x1a/0x30 [ 23.942695] </TASK> [ 23.942712] [ 23.966588] Allocated by task 282: [ 23.967718] kasan_save_stack+0x45/0x70 [ 23.968136] kasan_save_track+0x18/0x40 [ 23.968745] kasan_save_alloc_info+0x3b/0x50 [ 23.969176] __kasan_kmalloc+0xb7/0xc0 [ 23.969561] __kmalloc_cache_noprof+0x189/0x420 [ 23.970307] kasan_atomics+0x95/0x310 [ 23.970937] kunit_try_run_case+0x1a5/0x480 [ 23.971515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.972003] kthread+0x337/0x6f0 [ 23.972348] ret_from_fork+0x116/0x1d0 [ 23.973110] ret_from_fork_asm+0x1a/0x30 [ 23.973601] [ 23.973865] The buggy address belongs to the object at ffff888102b73d80 [ 23.973865] which belongs to the cache kmalloc-64 of size 64 [ 23.974954] The buggy address is located 0 bytes to the right of [ 23.974954] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.976335] [ 23.976746] The buggy address belongs to the physical page: [ 23.977375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.978310] flags: 0x200000000000000(node=0|zone=2) [ 23.978926] page_type: f5(slab) [ 23.979288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.980127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.980912] page dumped because: kasan: bad access detected [ 23.981557] [ 23.981811] Memory state around the buggy address: [ 23.982594] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.983226] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.983998] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.984499] ^ [ 23.985300] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.985888] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.986608] ================================================================== [ 24.083007] ================================================================== [ 24.083515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 24.085761] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.087022] [ 24.087828] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.088201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.088257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.088301] Call Trace: [ 24.088329] <TASK> [ 24.088354] dump_stack_lvl+0x73/0xb0 [ 24.088397] print_report+0xd1/0x650 [ 24.088431] ? __virt_addr_valid+0x1db/0x2d0 [ 24.088465] ? kasan_atomics_helper+0x1467/0x5450 [ 24.088497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.088530] ? kasan_atomics_helper+0x1467/0x5450 [ 24.088563] kasan_report+0x141/0x180 [ 24.088655] ? kasan_atomics_helper+0x1467/0x5450 [ 24.088701] kasan_check_range+0x10c/0x1c0 [ 24.088738] __kasan_check_write+0x18/0x20 [ 24.088768] kasan_atomics_helper+0x1467/0x5450 [ 24.088802] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.088837] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.088891] ? kasan_atomics+0x152/0x310 [ 24.088930] kasan_atomics+0x1dc/0x310 [ 24.088958] ? __pfx_kasan_atomics+0x10/0x10 [ 24.088989] ? __pfx_read_tsc+0x10/0x10 [ 24.089022] ? ktime_get_ts64+0x86/0x230 [ 24.089061] kunit_try_run_case+0x1a5/0x480 [ 24.089092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.089121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.089159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.089197] ? __kthread_parkme+0x82/0x180 [ 24.089227] ? preempt_count_sub+0x50/0x80 [ 24.089262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.089293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.089331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.089368] kthread+0x337/0x6f0 [ 24.089397] ? trace_preempt_on+0x20/0xc0 [ 24.089431] ? __pfx_kthread+0x10/0x10 [ 24.089462] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.089497] ? calculate_sigpending+0x7b/0xa0 [ 24.089533] ? __pfx_kthread+0x10/0x10 [ 24.089565] ret_from_fork+0x116/0x1d0 [ 24.089601] ? __pfx_kthread+0x10/0x10 [ 24.089657] ret_from_fork_asm+0x1a/0x30 [ 24.089704] </TASK> [ 24.089721] [ 24.110066] Allocated by task 282: [ 24.110423] kasan_save_stack+0x45/0x70 [ 24.110933] kasan_save_track+0x18/0x40 [ 24.111551] kasan_save_alloc_info+0x3b/0x50 [ 24.112210] __kasan_kmalloc+0xb7/0xc0 [ 24.112534] __kmalloc_cache_noprof+0x189/0x420 [ 24.113093] kasan_atomics+0x95/0x310 [ 24.113613] kunit_try_run_case+0x1a5/0x480 [ 24.114160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.114922] kthread+0x337/0x6f0 [ 24.115212] ret_from_fork+0x116/0x1d0 [ 24.115514] ret_from_fork_asm+0x1a/0x30 [ 24.116103] [ 24.116263] The buggy address belongs to the object at ffff888102b73d80 [ 24.116263] which belongs to the cache kmalloc-64 of size 64 [ 24.117310] The buggy address is located 0 bytes to the right of [ 24.117310] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.118320] [ 24.118575] The buggy address belongs to the physical page: [ 24.119124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.119702] flags: 0x200000000000000(node=0|zone=2) [ 24.120295] page_type: f5(slab) [ 24.120792] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.121519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.122270] page dumped because: kasan: bad access detected [ 24.122797] [ 24.123054] Memory state around the buggy address: [ 24.123395] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.124125] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.124897] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.125520] ^ [ 24.126065] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.126819] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.127433] ================================================================== [ 24.501123] ================================================================== [ 24.502270] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 24.503022] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.504224] [ 24.504487] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.504612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.504732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.504967] Call Trace: [ 24.505204] <TASK> [ 24.505415] dump_stack_lvl+0x73/0xb0 [ 24.505584] print_report+0xd1/0x650 [ 24.505671] ? __virt_addr_valid+0x1db/0x2d0 [ 24.505752] ? kasan_atomics_helper+0x194a/0x5450 [ 24.505828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.505931] ? kasan_atomics_helper+0x194a/0x5450 [ 24.506011] kasan_report+0x141/0x180 [ 24.506091] ? kasan_atomics_helper+0x194a/0x5450 [ 24.506182] kasan_check_range+0x10c/0x1c0 [ 24.506279] __kasan_check_write+0x18/0x20 [ 24.506354] kasan_atomics_helper+0x194a/0x5450 [ 24.506436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.506516] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.506590] ? kasan_atomics+0x152/0x310 [ 24.506669] kasan_atomics+0x1dc/0x310 [ 24.506738] ? __pfx_kasan_atomics+0x10/0x10 [ 24.506811] ? __pfx_read_tsc+0x10/0x10 [ 24.506958] ? ktime_get_ts64+0x86/0x230 [ 24.507047] kunit_try_run_case+0x1a5/0x480 [ 24.507130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.507205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.507294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.507416] ? __kthread_parkme+0x82/0x180 [ 24.507498] ? preempt_count_sub+0x50/0x80 [ 24.507583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.507847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.507979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.508068] kthread+0x337/0x6f0 [ 24.508142] ? trace_preempt_on+0x20/0xc0 [ 24.508212] ? __pfx_kthread+0x10/0x10 [ 24.508248] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.508284] ? calculate_sigpending+0x7b/0xa0 [ 24.508320] ? __pfx_kthread+0x10/0x10 [ 24.508353] ret_from_fork+0x116/0x1d0 [ 24.508380] ? __pfx_kthread+0x10/0x10 [ 24.508412] ret_from_fork_asm+0x1a/0x30 [ 24.508457] </TASK> [ 24.508475] [ 24.529431] Allocated by task 282: [ 24.529812] kasan_save_stack+0x45/0x70 [ 24.530472] kasan_save_track+0x18/0x40 [ 24.530905] kasan_save_alloc_info+0x3b/0x50 [ 24.531952] __kasan_kmalloc+0xb7/0xc0 [ 24.532295] __kmalloc_cache_noprof+0x189/0x420 [ 24.532714] kasan_atomics+0x95/0x310 [ 24.533374] kunit_try_run_case+0x1a5/0x480 [ 24.533944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.534457] kthread+0x337/0x6f0 [ 24.535073] ret_from_fork+0x116/0x1d0 [ 24.535441] ret_from_fork_asm+0x1a/0x30 [ 24.535805] [ 24.536069] The buggy address belongs to the object at ffff888102b73d80 [ 24.536069] which belongs to the cache kmalloc-64 of size 64 [ 24.537041] The buggy address is located 0 bytes to the right of [ 24.537041] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.537985] [ 24.538226] The buggy address belongs to the physical page: [ 24.538663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.539377] flags: 0x200000000000000(node=0|zone=2) [ 24.539918] page_type: f5(slab) [ 24.540252] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.540773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.541434] page dumped because: kasan: bad access detected [ 24.542087] [ 24.542291] Memory state around the buggy address: [ 24.542640] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.543327] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.544300] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.545017] ^ [ 24.545366] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.546375] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.546971] ================================================================== [ 25.266144] ================================================================== [ 25.267117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 25.267938] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.268533] [ 25.268812] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.268961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.269009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.269071] Call Trace: [ 25.269126] <TASK> [ 25.269177] dump_stack_lvl+0x73/0xb0 [ 25.269232] print_report+0xd1/0x650 [ 25.269283] ? __virt_addr_valid+0x1db/0x2d0 [ 25.269324] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.269394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.269434] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.269470] kasan_report+0x141/0x180 [ 25.269504] ? kasan_atomics_helper+0x4fa5/0x5450 [ 25.269543] __asan_report_load8_noabort+0x18/0x20 [ 25.269910] kasan_atomics_helper+0x4fa5/0x5450 [ 25.270000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.270051] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.270086] ? kasan_atomics+0x152/0x310 [ 25.270119] kasan_atomics+0x1dc/0x310 [ 25.270146] ? __pfx_kasan_atomics+0x10/0x10 [ 25.270177] ? __pfx_read_tsc+0x10/0x10 [ 25.270225] ? ktime_get_ts64+0x86/0x230 [ 25.270264] kunit_try_run_case+0x1a5/0x480 [ 25.270296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.270326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.270364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.270402] ? __kthread_parkme+0x82/0x180 [ 25.270432] ? preempt_count_sub+0x50/0x80 [ 25.270467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.270498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.270536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.270620] kthread+0x337/0x6f0 [ 25.270656] ? trace_preempt_on+0x20/0xc0 [ 25.270691] ? __pfx_kthread+0x10/0x10 [ 25.270722] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.270757] ? calculate_sigpending+0x7b/0xa0 [ 25.270792] ? __pfx_kthread+0x10/0x10 [ 25.270825] ret_from_fork+0x116/0x1d0 [ 25.270880] ? __pfx_kthread+0x10/0x10 [ 25.270918] ret_from_fork_asm+0x1a/0x30 [ 25.270962] </TASK> [ 25.270980] [ 25.294226] Allocated by task 282: [ 25.295147] kasan_save_stack+0x45/0x70 [ 25.295593] kasan_save_track+0x18/0x40 [ 25.296027] kasan_save_alloc_info+0x3b/0x50 [ 25.296451] __kasan_kmalloc+0xb7/0xc0 [ 25.296831] __kmalloc_cache_noprof+0x189/0x420 [ 25.297866] kasan_atomics+0x95/0x310 [ 25.298198] kunit_try_run_case+0x1a5/0x480 [ 25.298546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.299609] kthread+0x337/0x6f0 [ 25.300095] ret_from_fork+0x116/0x1d0 [ 25.300635] ret_from_fork_asm+0x1a/0x30 [ 25.300948] [ 25.301190] The buggy address belongs to the object at ffff888102b73d80 [ 25.301190] which belongs to the cache kmalloc-64 of size 64 [ 25.302699] The buggy address is located 0 bytes to the right of [ 25.302699] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.303900] [ 25.304143] The buggy address belongs to the physical page: [ 25.304596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.305251] flags: 0x200000000000000(node=0|zone=2) [ 25.305653] page_type: f5(slab) [ 25.306615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.307467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.308154] page dumped because: kasan: bad access detected [ 25.308716] [ 25.308957] Memory state around the buggy address: [ 25.309566] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.310178] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.310778] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.311330] ^ [ 25.311788] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.312788] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.313487] ================================================================== [ 24.721732] ================================================================== [ 24.722970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 24.723681] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.724284] [ 24.724516] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.724644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.724687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.724750] Call Trace: [ 24.724801] <TASK> [ 24.724863] dump_stack_lvl+0x73/0xb0 [ 24.724952] print_report+0xd1/0x650 [ 24.725033] ? __virt_addr_valid+0x1db/0x2d0 [ 24.725112] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.725191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.725272] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.725354] kasan_report+0x141/0x180 [ 24.725437] ? kasan_atomics_helper+0x4f30/0x5450 [ 24.725526] __asan_report_load8_noabort+0x18/0x20 [ 24.725655] kasan_atomics_helper+0x4f30/0x5450 [ 24.725748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.725834] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.726782] ? kasan_atomics+0x152/0x310 [ 24.726896] kasan_atomics+0x1dc/0x310 [ 24.726978] ? __pfx_kasan_atomics+0x10/0x10 [ 24.727061] ? __pfx_read_tsc+0x10/0x10 [ 24.727137] ? ktime_get_ts64+0x86/0x230 [ 24.727225] kunit_try_run_case+0x1a5/0x480 [ 24.727268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.727300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.727338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.727377] ? __kthread_parkme+0x82/0x180 [ 24.727409] ? preempt_count_sub+0x50/0x80 [ 24.727444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.727476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.727512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.727549] kthread+0x337/0x6f0 [ 24.728030] ? trace_preempt_on+0x20/0xc0 [ 24.728150] ? __pfx_kthread+0x10/0x10 [ 24.728220] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.728260] ? calculate_sigpending+0x7b/0xa0 [ 24.728298] ? __pfx_kthread+0x10/0x10 [ 24.728331] ret_from_fork+0x116/0x1d0 [ 24.728359] ? __pfx_kthread+0x10/0x10 [ 24.728391] ret_from_fork_asm+0x1a/0x30 [ 24.728436] </TASK> [ 24.728451] [ 24.748215] Allocated by task 282: [ 24.748485] kasan_save_stack+0x45/0x70 [ 24.748795] kasan_save_track+0x18/0x40 [ 24.749344] kasan_save_alloc_info+0x3b/0x50 [ 24.751394] __kasan_kmalloc+0xb7/0xc0 [ 24.752142] __kmalloc_cache_noprof+0x189/0x420 [ 24.753151] kasan_atomics+0x95/0x310 [ 24.754002] kunit_try_run_case+0x1a5/0x480 [ 24.754335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.755925] kthread+0x337/0x6f0 [ 24.756758] ret_from_fork+0x116/0x1d0 [ 24.757813] ret_from_fork_asm+0x1a/0x30 [ 24.758749] [ 24.759324] The buggy address belongs to the object at ffff888102b73d80 [ 24.759324] which belongs to the cache kmalloc-64 of size 64 [ 24.761132] The buggy address is located 0 bytes to the right of [ 24.761132] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.762387] [ 24.762677] The buggy address belongs to the physical page: [ 24.763319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.764062] flags: 0x200000000000000(node=0|zone=2) [ 24.764642] page_type: f5(slab) [ 24.765094] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.765868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.766601] page dumped because: kasan: bad access detected [ 24.767147] [ 24.767468] Memory state around the buggy address: [ 24.768070] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.768758] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.769418] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.770123] ^ [ 24.770517] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.771068] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.771575] ================================================================== [ 25.218640] ================================================================== [ 25.219201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 25.220901] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.221502] [ 25.221981] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.222348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.222397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.222479] Call Trace: [ 25.222532] <TASK> [ 25.222584] dump_stack_lvl+0x73/0xb0 [ 25.222671] print_report+0xd1/0x650 [ 25.222752] ? __virt_addr_valid+0x1db/0x2d0 [ 25.222883] ? kasan_atomics_helper+0x218a/0x5450 [ 25.222922] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.222959] ? kasan_atomics_helper+0x218a/0x5450 [ 25.222994] kasan_report+0x141/0x180 [ 25.223028] ? kasan_atomics_helper+0x218a/0x5450 [ 25.223067] kasan_check_range+0x10c/0x1c0 [ 25.223104] __kasan_check_write+0x18/0x20 [ 25.223133] kasan_atomics_helper+0x218a/0x5450 [ 25.223168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.223203] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.223235] ? kasan_atomics+0x152/0x310 [ 25.223267] kasan_atomics+0x1dc/0x310 [ 25.223293] ? __pfx_kasan_atomics+0x10/0x10 [ 25.223324] ? __pfx_read_tsc+0x10/0x10 [ 25.223356] ? ktime_get_ts64+0x86/0x230 [ 25.223392] kunit_try_run_case+0x1a5/0x480 [ 25.223423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.223453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.223491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.223528] ? __kthread_parkme+0x82/0x180 [ 25.223565] ? preempt_count_sub+0x50/0x80 [ 25.223711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.223746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.223787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.223825] kthread+0x337/0x6f0 [ 25.223888] ? trace_preempt_on+0x20/0xc0 [ 25.223925] ? __pfx_kthread+0x10/0x10 [ 25.223957] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.223993] ? calculate_sigpending+0x7b/0xa0 [ 25.224029] ? __pfx_kthread+0x10/0x10 [ 25.224061] ret_from_fork+0x116/0x1d0 [ 25.224088] ? __pfx_kthread+0x10/0x10 [ 25.224120] ret_from_fork_asm+0x1a/0x30 [ 25.224164] </TASK> [ 25.224180] [ 25.244281] Allocated by task 282: [ 25.244624] kasan_save_stack+0x45/0x70 [ 25.244966] kasan_save_track+0x18/0x40 [ 25.245284] kasan_save_alloc_info+0x3b/0x50 [ 25.245634] __kasan_kmalloc+0xb7/0xc0 [ 25.246732] __kmalloc_cache_noprof+0x189/0x420 [ 25.247441] kasan_atomics+0x95/0x310 [ 25.248269] kunit_try_run_case+0x1a5/0x480 [ 25.249008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.249517] kthread+0x337/0x6f0 [ 25.250150] ret_from_fork+0x116/0x1d0 [ 25.250507] ret_from_fork_asm+0x1a/0x30 [ 25.250895] [ 25.251094] The buggy address belongs to the object at ffff888102b73d80 [ 25.251094] which belongs to the cache kmalloc-64 of size 64 [ 25.252122] The buggy address is located 0 bytes to the right of [ 25.252122] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.253200] [ 25.253412] The buggy address belongs to the physical page: [ 25.254999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.255597] flags: 0x200000000000000(node=0|zone=2) [ 25.255985] page_type: f5(slab) [ 25.256259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.257777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.258424] page dumped because: kasan: bad access detected [ 25.259337] [ 25.259537] Memory state around the buggy address: [ 25.260314] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.261114] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.261997] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.262729] ^ [ 25.263302] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.263974] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.264533] ================================================================== [ 22.622745] ================================================================== [ 22.625708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 22.626251] Read of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.628100] [ 22.628364] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.628483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.628520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.628574] Call Trace: [ 22.628622] <TASK> [ 22.628671] dump_stack_lvl+0x73/0xb0 [ 22.628739] print_report+0xd1/0x650 [ 22.628801] ? __virt_addr_valid+0x1db/0x2d0 [ 22.628873] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.628955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.629014] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.629066] kasan_report+0x141/0x180 [ 22.629122] ? kasan_atomics_helper+0x4b54/0x5450 [ 22.629185] __asan_report_load4_noabort+0x18/0x20 [ 22.629238] kasan_atomics_helper+0x4b54/0x5450 [ 22.629308] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.629367] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.629422] ? kasan_atomics+0x152/0x310 [ 22.629481] kasan_atomics+0x1dc/0x310 [ 22.629529] ? __pfx_kasan_atomics+0x10/0x10 [ 22.629583] ? __pfx_read_tsc+0x10/0x10 [ 22.629637] ? ktime_get_ts64+0x86/0x230 [ 22.629699] kunit_try_run_case+0x1a5/0x480 [ 22.629753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.629803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.629881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.630694] ? __kthread_parkme+0x82/0x180 [ 22.630758] ? preempt_count_sub+0x50/0x80 [ 22.630851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.630960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.631043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.631086] kthread+0x337/0x6f0 [ 22.631121] ? trace_preempt_on+0x20/0xc0 [ 22.631156] ? __pfx_kthread+0x10/0x10 [ 22.631187] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.631223] ? calculate_sigpending+0x7b/0xa0 [ 22.631260] ? __pfx_kthread+0x10/0x10 [ 22.631291] ret_from_fork+0x116/0x1d0 [ 22.631317] ? __pfx_kthread+0x10/0x10 [ 22.631349] ret_from_fork_asm+0x1a/0x30 [ 22.631406] </TASK> [ 22.631437] [ 22.651591] Allocated by task 282: [ 22.652009] kasan_save_stack+0x45/0x70 [ 22.652350] kasan_save_track+0x18/0x40 [ 22.652803] kasan_save_alloc_info+0x3b/0x50 [ 22.653305] __kasan_kmalloc+0xb7/0xc0 [ 22.653713] __kmalloc_cache_noprof+0x189/0x420 [ 22.654152] kasan_atomics+0x95/0x310 [ 22.654524] kunit_try_run_case+0x1a5/0x480 [ 22.655050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.655591] kthread+0x337/0x6f0 [ 22.655894] ret_from_fork+0x116/0x1d0 [ 22.656343] ret_from_fork_asm+0x1a/0x30 [ 22.657146] [ 22.657626] The buggy address belongs to the object at ffff888102b73d80 [ 22.657626] which belongs to the cache kmalloc-64 of size 64 [ 22.659421] The buggy address is located 0 bytes to the right of [ 22.659421] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.660699] [ 22.661157] The buggy address belongs to the physical page: [ 22.661614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.662390] flags: 0x200000000000000(node=0|zone=2) [ 22.662989] page_type: f5(slab) [ 22.663481] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.664919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.665685] page dumped because: kasan: bad access detected [ 22.666443] [ 22.666898] Memory state around the buggy address: [ 22.667366] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.667976] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.668592] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.669292] ^ [ 22.669690] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.670303] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.671058] ================================================================== [ 23.499914] ================================================================== [ 23.500443] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 23.501312] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 23.502202] [ 23.502448] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.502576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.502623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.502687] Call Trace: [ 23.503194] <TASK> [ 23.503225] dump_stack_lvl+0x73/0xb0 [ 23.503268] print_report+0xd1/0x650 [ 23.503305] ? __virt_addr_valid+0x1db/0x2d0 [ 23.503340] ? kasan_atomics_helper+0xf10/0x5450 [ 23.503372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.503408] ? kasan_atomics_helper+0xf10/0x5450 [ 23.503442] kasan_report+0x141/0x180 [ 23.503476] ? kasan_atomics_helper+0xf10/0x5450 [ 23.503514] kasan_check_range+0x10c/0x1c0 [ 23.503550] __kasan_check_write+0x18/0x20 [ 23.503579] kasan_atomics_helper+0xf10/0x5450 [ 23.503628] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.503682] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.503714] ? kasan_atomics+0x152/0x310 [ 23.503747] kasan_atomics+0x1dc/0x310 [ 23.503777] ? __pfx_kasan_atomics+0x10/0x10 [ 23.503806] ? __pfx_read_tsc+0x10/0x10 [ 23.503839] ? ktime_get_ts64+0x86/0x230 [ 23.503876] kunit_try_run_case+0x1a5/0x480 [ 23.503937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.503970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.504010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.504048] ? __kthread_parkme+0x82/0x180 [ 23.504078] ? preempt_count_sub+0x50/0x80 [ 23.504113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.504144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.504181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.504218] kthread+0x337/0x6f0 [ 23.504247] ? trace_preempt_on+0x20/0xc0 [ 23.504281] ? __pfx_kthread+0x10/0x10 [ 23.504312] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.504346] ? calculate_sigpending+0x7b/0xa0 [ 23.504381] ? __pfx_kthread+0x10/0x10 [ 23.504412] ret_from_fork+0x116/0x1d0 [ 23.504441] ? __pfx_kthread+0x10/0x10 [ 23.504470] ret_from_fork_asm+0x1a/0x30 [ 23.504514] </TASK> [ 23.504530] [ 23.524505] Allocated by task 282: [ 23.524870] kasan_save_stack+0x45/0x70 [ 23.525311] kasan_save_track+0x18/0x40 [ 23.526104] kasan_save_alloc_info+0x3b/0x50 [ 23.526472] __kasan_kmalloc+0xb7/0xc0 [ 23.526904] __kmalloc_cache_noprof+0x189/0x420 [ 23.527583] kasan_atomics+0x95/0x310 [ 23.528106] kunit_try_run_case+0x1a5/0x480 [ 23.528533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.529260] kthread+0x337/0x6f0 [ 23.529645] ret_from_fork+0x116/0x1d0 [ 23.530040] ret_from_fork_asm+0x1a/0x30 [ 23.530431] [ 23.530654] The buggy address belongs to the object at ffff888102b73d80 [ 23.530654] which belongs to the cache kmalloc-64 of size 64 [ 23.532076] The buggy address is located 0 bytes to the right of [ 23.532076] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.533297] [ 23.533819] The buggy address belongs to the physical page: [ 23.534316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.535243] flags: 0x200000000000000(node=0|zone=2) [ 23.535898] page_type: f5(slab) [ 23.536223] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.537297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.538147] page dumped because: kasan: bad access detected [ 23.538814] [ 23.539220] Memory state around the buggy address: [ 23.539821] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.540567] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.541356] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.542197] ^ [ 23.542615] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.543421] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.544181] ================================================================== [ 24.682625] ================================================================== [ 24.683114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 24.683917] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.684495] [ 24.684723] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.684893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.684936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.685194] Call Trace: [ 24.685246] <TASK> [ 24.685288] dump_stack_lvl+0x73/0xb0 [ 24.685367] print_report+0xd1/0x650 [ 24.685444] ? __virt_addr_valid+0x1db/0x2d0 [ 24.685514] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.685592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.685677] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.685761] kasan_report+0x141/0x180 [ 24.685844] ? kasan_atomics_helper+0x1c18/0x5450 [ 24.686022] kasan_check_range+0x10c/0x1c0 [ 24.686116] __kasan_check_write+0x18/0x20 [ 24.686273] kasan_atomics_helper+0x1c18/0x5450 [ 24.686368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.686451] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.686531] ? kasan_atomics+0x152/0x310 [ 24.686615] kasan_atomics+0x1dc/0x310 [ 24.686693] ? __pfx_kasan_atomics+0x10/0x10 [ 24.686771] ? __pfx_read_tsc+0x10/0x10 [ 24.686892] ? ktime_get_ts64+0x86/0x230 [ 24.687053] kunit_try_run_case+0x1a5/0x480 [ 24.687140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.687196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.687238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.687278] ? __kthread_parkme+0x82/0x180 [ 24.687310] ? preempt_count_sub+0x50/0x80 [ 24.687345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.687376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.687415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.687454] kthread+0x337/0x6f0 [ 24.687485] ? trace_preempt_on+0x20/0xc0 [ 24.687518] ? __pfx_kthread+0x10/0x10 [ 24.687549] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.687623] ? calculate_sigpending+0x7b/0xa0 [ 24.687665] ? __pfx_kthread+0x10/0x10 [ 24.687698] ret_from_fork+0x116/0x1d0 [ 24.687727] ? __pfx_kthread+0x10/0x10 [ 24.687757] ret_from_fork_asm+0x1a/0x30 [ 24.687801] </TASK> [ 24.687818] [ 24.703810] Allocated by task 282: [ 24.704205] kasan_save_stack+0x45/0x70 [ 24.704536] kasan_save_track+0x18/0x40 [ 24.704881] kasan_save_alloc_info+0x3b/0x50 [ 24.705566] __kasan_kmalloc+0xb7/0xc0 [ 24.706007] __kmalloc_cache_noprof+0x189/0x420 [ 24.706501] kasan_atomics+0x95/0x310 [ 24.706916] kunit_try_run_case+0x1a5/0x480 [ 24.707362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.707998] kthread+0x337/0x6f0 [ 24.708426] ret_from_fork+0x116/0x1d0 [ 24.709037] ret_from_fork_asm+0x1a/0x30 [ 24.709381] [ 24.709579] The buggy address belongs to the object at ffff888102b73d80 [ 24.709579] which belongs to the cache kmalloc-64 of size 64 [ 24.710541] The buggy address is located 0 bytes to the right of [ 24.710541] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.711658] [ 24.711934] The buggy address belongs to the physical page: [ 24.712362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.713295] flags: 0x200000000000000(node=0|zone=2) [ 24.713730] page_type: f5(slab) [ 24.714170] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.715063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.715707] page dumped because: kasan: bad access detected [ 24.716126] [ 24.716318] Memory state around the buggy address: [ 24.716676] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.717402] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.718335] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.719043] ^ [ 24.719395] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.720009] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.720678] ================================================================== [ 24.821169] ================================================================== [ 24.821905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 24.822667] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.823720] [ 24.824047] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.824382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.824407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.824441] Call Trace: [ 24.824465] <TASK> [ 24.824487] dump_stack_lvl+0x73/0xb0 [ 24.824526] print_report+0xd1/0x650 [ 24.824565] ? __virt_addr_valid+0x1db/0x2d0 [ 24.824648] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.824684] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.824719] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.824753] kasan_report+0x141/0x180 [ 24.824788] ? kasan_atomics_helper+0x1d7a/0x5450 [ 24.824827] kasan_check_range+0x10c/0x1c0 [ 24.824891] __kasan_check_write+0x18/0x20 [ 24.824925] kasan_atomics_helper+0x1d7a/0x5450 [ 24.824960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.824994] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.825026] ? kasan_atomics+0x152/0x310 [ 24.825059] kasan_atomics+0x1dc/0x310 [ 24.825086] ? __pfx_kasan_atomics+0x10/0x10 [ 24.825116] ? __pfx_read_tsc+0x10/0x10 [ 24.825150] ? ktime_get_ts64+0x86/0x230 [ 24.825186] kunit_try_run_case+0x1a5/0x480 [ 24.825217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.825246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.825284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.825321] ? __kthread_parkme+0x82/0x180 [ 24.825351] ? preempt_count_sub+0x50/0x80 [ 24.825385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.825416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.825453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.825491] kthread+0x337/0x6f0 [ 24.825519] ? trace_preempt_on+0x20/0xc0 [ 24.825552] ? __pfx_kthread+0x10/0x10 [ 24.825621] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.825658] ? calculate_sigpending+0x7b/0xa0 [ 24.825694] ? __pfx_kthread+0x10/0x10 [ 24.825727] ret_from_fork+0x116/0x1d0 [ 24.825753] ? __pfx_kthread+0x10/0x10 [ 24.825784] ret_from_fork_asm+0x1a/0x30 [ 24.825827] </TASK> [ 24.825844] [ 24.842707] Allocated by task 282: [ 24.843216] kasan_save_stack+0x45/0x70 [ 24.843558] kasan_save_track+0x18/0x40 [ 24.844306] kasan_save_alloc_info+0x3b/0x50 [ 24.844820] __kasan_kmalloc+0xb7/0xc0 [ 24.845271] __kmalloc_cache_noprof+0x189/0x420 [ 24.845808] kasan_atomics+0x95/0x310 [ 24.846405] kunit_try_run_case+0x1a5/0x480 [ 24.847291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.847742] kthread+0x337/0x6f0 [ 24.848180] ret_from_fork+0x116/0x1d0 [ 24.848635] ret_from_fork_asm+0x1a/0x30 [ 24.849076] [ 24.849324] The buggy address belongs to the object at ffff888102b73d80 [ 24.849324] which belongs to the cache kmalloc-64 of size 64 [ 24.850408] The buggy address is located 0 bytes to the right of [ 24.850408] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.851466] [ 24.851678] The buggy address belongs to the physical page: [ 24.852168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.852913] flags: 0x200000000000000(node=0|zone=2) [ 24.853451] page_type: f5(slab) [ 24.853919] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.854825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.855514] page dumped because: kasan: bad access detected [ 24.856037] [ 24.856304] Memory state around the buggy address: [ 24.856877] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.857495] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.858149] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.858673] ^ [ 24.859212] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.859958] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.860551] ================================================================== [ 22.995284] ================================================================== [ 22.995869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 22.996466] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.999506] [ 23.000173] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 23.000308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.000351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.000415] Call Trace: [ 23.000469] <TASK> [ 23.000518] dump_stack_lvl+0x73/0xb0 [ 23.000602] print_report+0xd1/0x650 [ 23.000685] ? __virt_addr_valid+0x1db/0x2d0 [ 23.000767] ? kasan_atomics_helper+0x860/0x5450 [ 23.000842] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.000936] ? kasan_atomics_helper+0x860/0x5450 [ 23.001015] kasan_report+0x141/0x180 [ 23.001095] ? kasan_atomics_helper+0x860/0x5450 [ 23.001184] kasan_check_range+0x10c/0x1c0 [ 23.001240] __kasan_check_write+0x18/0x20 [ 23.001272] kasan_atomics_helper+0x860/0x5450 [ 23.001306] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.001340] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.001371] ? kasan_atomics+0x152/0x310 [ 23.001404] kasan_atomics+0x1dc/0x310 [ 23.001435] ? __pfx_kasan_atomics+0x10/0x10 [ 23.001471] ? __pfx_read_tsc+0x10/0x10 [ 23.001505] ? ktime_get_ts64+0x86/0x230 [ 23.001542] kunit_try_run_case+0x1a5/0x480 [ 23.001573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.001602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.001682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.001723] ? __kthread_parkme+0x82/0x180 [ 23.001755] ? preempt_count_sub+0x50/0x80 [ 23.001791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.001822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.001861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.001969] kthread+0x337/0x6f0 [ 23.002010] ? trace_preempt_on+0x20/0xc0 [ 23.002046] ? __pfx_kthread+0x10/0x10 [ 23.002077] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.002113] ? calculate_sigpending+0x7b/0xa0 [ 23.002149] ? __pfx_kthread+0x10/0x10 [ 23.002180] ret_from_fork+0x116/0x1d0 [ 23.002207] ? __pfx_kthread+0x10/0x10 [ 23.002251] ret_from_fork_asm+0x1a/0x30 [ 23.002297] </TASK> [ 23.002314] [ 23.022422] Allocated by task 282: [ 23.023040] kasan_save_stack+0x45/0x70 [ 23.023437] kasan_save_track+0x18/0x40 [ 23.024075] kasan_save_alloc_info+0x3b/0x50 [ 23.024542] __kasan_kmalloc+0xb7/0xc0 [ 23.025135] __kmalloc_cache_noprof+0x189/0x420 [ 23.025941] kasan_atomics+0x95/0x310 [ 23.026450] kunit_try_run_case+0x1a5/0x480 [ 23.027075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.027559] kthread+0x337/0x6f0 [ 23.027908] ret_from_fork+0x116/0x1d0 [ 23.028323] ret_from_fork_asm+0x1a/0x30 [ 23.028874] [ 23.029407] The buggy address belongs to the object at ffff888102b73d80 [ 23.029407] which belongs to the cache kmalloc-64 of size 64 [ 23.030805] The buggy address is located 0 bytes to the right of [ 23.030805] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 23.031720] [ 23.031986] The buggy address belongs to the physical page: [ 23.032427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 23.033196] flags: 0x200000000000000(node=0|zone=2) [ 23.033959] page_type: f5(slab) [ 23.034247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.035992] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.036719] page dumped because: kasan: bad access detected [ 23.037350] [ 23.037798] Memory state around the buggy address: [ 23.038136] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.038770] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.039733] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.040481] ^ [ 23.040996] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.041694] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.042281] ================================================================== [ 24.220801] ================================================================== [ 24.222131] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 24.224038] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.226063] [ 24.226324] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.226435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.226468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.226519] Call Trace: [ 24.226564] <TASK> [ 24.226606] dump_stack_lvl+0x73/0xb0 [ 24.226677] print_report+0xd1/0x650 [ 24.226733] ? __virt_addr_valid+0x1db/0x2d0 [ 24.226791] ? kasan_atomics_helper+0x15b6/0x5450 [ 24.226847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.226950] ? kasan_atomics_helper+0x15b6/0x5450 [ 24.227008] kasan_report+0x141/0x180 [ 24.227065] ? kasan_atomics_helper+0x15b6/0x5450 [ 24.227132] kasan_check_range+0x10c/0x1c0 [ 24.227190] __kasan_check_write+0x18/0x20 [ 24.227255] kasan_atomics_helper+0x15b6/0x5450 [ 24.227339] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.227425] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.227549] ? kasan_atomics+0x152/0x310 [ 24.227689] kasan_atomics+0x1dc/0x310 [ 24.227767] ? __pfx_kasan_atomics+0x10/0x10 [ 24.227845] ? __pfx_read_tsc+0x10/0x10 [ 24.227960] ? ktime_get_ts64+0x86/0x230 [ 24.228038] kunit_try_run_case+0x1a5/0x480 [ 24.228106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.228174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.228246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.228319] ? __kthread_parkme+0x82/0x180 [ 24.228378] ? preempt_count_sub+0x50/0x80 [ 24.228442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.228500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.228978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.229046] kthread+0x337/0x6f0 [ 24.229100] ? trace_preempt_on+0x20/0xc0 [ 24.229159] ? __pfx_kthread+0x10/0x10 [ 24.229213] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.229270] ? calculate_sigpending+0x7b/0xa0 [ 24.229333] ? __pfx_kthread+0x10/0x10 [ 24.229402] ret_from_fork+0x116/0x1d0 [ 24.229450] ? __pfx_kthread+0x10/0x10 [ 24.229500] ret_from_fork_asm+0x1a/0x30 [ 24.229571] </TASK> [ 24.229618] [ 24.250561] Allocated by task 282: [ 24.250920] kasan_save_stack+0x45/0x70 [ 24.251348] kasan_save_track+0x18/0x40 [ 24.251814] kasan_save_alloc_info+0x3b/0x50 [ 24.252402] __kasan_kmalloc+0xb7/0xc0 [ 24.252981] __kmalloc_cache_noprof+0x189/0x420 [ 24.253347] kasan_atomics+0x95/0x310 [ 24.253681] kunit_try_run_case+0x1a5/0x480 [ 24.254036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.254454] kthread+0x337/0x6f0 [ 24.255475] ret_from_fork+0x116/0x1d0 [ 24.256065] ret_from_fork_asm+0x1a/0x30 [ 24.256397] [ 24.256618] The buggy address belongs to the object at ffff888102b73d80 [ 24.256618] which belongs to the cache kmalloc-64 of size 64 [ 24.258190] The buggy address is located 0 bytes to the right of [ 24.258190] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.259773] [ 24.259967] The buggy address belongs to the physical page: [ 24.260367] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.261717] flags: 0x200000000000000(node=0|zone=2) [ 24.262256] page_type: f5(slab) [ 24.262617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.263243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.264178] page dumped because: kasan: bad access detected [ 24.264916] [ 24.265253] Memory state around the buggy address: [ 24.265578] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.266556] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.267141] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.268075] ^ [ 24.268470] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.269348] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.270121] ================================================================== [ 24.992795] ================================================================== [ 24.994496] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 24.995263] Read of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.996196] [ 24.996318] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.996383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.996402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.996435] Call Trace: [ 24.996459] <TASK> [ 24.996483] dump_stack_lvl+0x73/0xb0 [ 24.996522] print_report+0xd1/0x650 [ 24.996554] ? __virt_addr_valid+0x1db/0x2d0 [ 24.997164] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.997227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.997267] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.997303] kasan_report+0x141/0x180 [ 24.997338] ? kasan_atomics_helper+0x4f71/0x5450 [ 24.997378] __asan_report_load8_noabort+0x18/0x20 [ 24.997409] kasan_atomics_helper+0x4f71/0x5450 [ 24.997443] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.997477] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.997509] ? kasan_atomics+0x152/0x310 [ 24.997543] kasan_atomics+0x1dc/0x310 [ 24.997578] ? __pfx_kasan_atomics+0x10/0x10 [ 24.997652] ? __pfx_read_tsc+0x10/0x10 [ 24.997688] ? ktime_get_ts64+0x86/0x230 [ 24.997728] kunit_try_run_case+0x1a5/0x480 [ 24.997762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.997793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.997831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.997921] ? __kthread_parkme+0x82/0x180 [ 24.997964] ? preempt_count_sub+0x50/0x80 [ 24.997999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.998030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.998067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.998105] kthread+0x337/0x6f0 [ 24.998135] ? trace_preempt_on+0x20/0xc0 [ 24.998169] ? __pfx_kthread+0x10/0x10 [ 24.998200] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.998249] ? calculate_sigpending+0x7b/0xa0 [ 24.998286] ? __pfx_kthread+0x10/0x10 [ 24.998318] ret_from_fork+0x116/0x1d0 [ 24.998345] ? __pfx_kthread+0x10/0x10 [ 24.998376] ret_from_fork_asm+0x1a/0x30 [ 24.998420] </TASK> [ 24.998437] [ 25.023730] Allocated by task 282: [ 25.025067] kasan_save_stack+0x45/0x70 [ 25.025480] kasan_save_track+0x18/0x40 [ 25.026014] kasan_save_alloc_info+0x3b/0x50 [ 25.026194] __kasan_kmalloc+0xb7/0xc0 [ 25.026364] __kmalloc_cache_noprof+0x189/0x420 [ 25.026535] kasan_atomics+0x95/0x310 [ 25.026718] kunit_try_run_case+0x1a5/0x480 [ 25.027227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.028889] kthread+0x337/0x6f0 [ 25.029500] ret_from_fork+0x116/0x1d0 [ 25.030128] ret_from_fork_asm+0x1a/0x30 [ 25.030509] [ 25.030756] The buggy address belongs to the object at ffff888102b73d80 [ 25.030756] which belongs to the cache kmalloc-64 of size 64 [ 25.031281] The buggy address is located 0 bytes to the right of [ 25.031281] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.031804] [ 25.032026] The buggy address belongs to the physical page: [ 25.032540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.033326] flags: 0x200000000000000(node=0|zone=2) [ 25.033694] page_type: f5(slab) [ 25.034050] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.034858] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.035564] page dumped because: kasan: bad access detected [ 25.036134] [ 25.036324] Memory state around the buggy address: [ 25.036688] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.037578] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.038305] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.039047] ^ [ 25.039661] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.040238] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.040956] ================================================================== [ 25.131025] ================================================================== [ 25.132004] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 25.132784] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.133589] [ 25.134329] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.134642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.134668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.134701] Call Trace: [ 25.134726] <TASK> [ 25.134745] dump_stack_lvl+0x73/0xb0 [ 25.134786] print_report+0xd1/0x650 [ 25.134821] ? __virt_addr_valid+0x1db/0x2d0 [ 25.134886] ? kasan_atomics_helper+0x20c8/0x5450 [ 25.134921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.134956] ? kasan_atomics_helper+0x20c8/0x5450 [ 25.134988] kasan_report+0x141/0x180 [ 25.135021] ? kasan_atomics_helper+0x20c8/0x5450 [ 25.135060] kasan_check_range+0x10c/0x1c0 [ 25.135098] __kasan_check_write+0x18/0x20 [ 25.135127] kasan_atomics_helper+0x20c8/0x5450 [ 25.135161] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.135194] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.135225] ? kasan_atomics+0x152/0x310 [ 25.135257] kasan_atomics+0x1dc/0x310 [ 25.135284] ? __pfx_kasan_atomics+0x10/0x10 [ 25.135314] ? __pfx_read_tsc+0x10/0x10 [ 25.135346] ? ktime_get_ts64+0x86/0x230 [ 25.135381] kunit_try_run_case+0x1a5/0x480 [ 25.135412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.135441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.135479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.135517] ? __kthread_parkme+0x82/0x180 [ 25.135547] ? preempt_count_sub+0x50/0x80 [ 25.135620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.135656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.135694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.135731] kthread+0x337/0x6f0 [ 25.135760] ? trace_preempt_on+0x20/0xc0 [ 25.135794] ? __pfx_kthread+0x10/0x10 [ 25.135824] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.135885] ? calculate_sigpending+0x7b/0xa0 [ 25.135924] ? __pfx_kthread+0x10/0x10 [ 25.135956] ret_from_fork+0x116/0x1d0 [ 25.135982] ? __pfx_kthread+0x10/0x10 [ 25.136012] ret_from_fork_asm+0x1a/0x30 [ 25.136056] </TASK> [ 25.136072] [ 25.158005] Allocated by task 282: [ 25.158157] kasan_save_stack+0x45/0x70 [ 25.158339] kasan_save_track+0x18/0x40 [ 25.158501] kasan_save_alloc_info+0x3b/0x50 [ 25.159195] __kasan_kmalloc+0xb7/0xc0 [ 25.160005] __kmalloc_cache_noprof+0x189/0x420 [ 25.160388] kasan_atomics+0x95/0x310 [ 25.160729] kunit_try_run_case+0x1a5/0x480 [ 25.161270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.161978] kthread+0x337/0x6f0 [ 25.162257] ret_from_fork+0x116/0x1d0 [ 25.163359] ret_from_fork_asm+0x1a/0x30 [ 25.163808] [ 25.164366] The buggy address belongs to the object at ffff888102b73d80 [ 25.164366] which belongs to the cache kmalloc-64 of size 64 [ 25.165521] The buggy address is located 0 bytes to the right of [ 25.165521] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.166958] [ 25.167204] The buggy address belongs to the physical page: [ 25.167728] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.168601] flags: 0x200000000000000(node=0|zone=2) [ 25.169262] page_type: f5(slab) [ 25.169795] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.170618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.171406] page dumped because: kasan: bad access detected [ 25.172074] [ 25.172434] Memory state around the buggy address: [ 25.173066] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.173894] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.174491] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.175173] ^ [ 25.175634] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.176210] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.176771] ================================================================== [ 25.315055] ================================================================== [ 25.316107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 25.317068] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 25.318258] [ 25.318447] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 25.318516] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.318535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.319070] Call Trace: [ 25.319105] <TASK> [ 25.319131] dump_stack_lvl+0x73/0xb0 [ 25.319174] print_report+0xd1/0x650 [ 25.319209] ? __virt_addr_valid+0x1db/0x2d0 [ 25.319245] ? kasan_atomics_helper+0x224c/0x5450 [ 25.319278] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.319312] ? kasan_atomics_helper+0x224c/0x5450 [ 25.319344] kasan_report+0x141/0x180 [ 25.319378] ? kasan_atomics_helper+0x224c/0x5450 [ 25.319416] kasan_check_range+0x10c/0x1c0 [ 25.319452] __kasan_check_write+0x18/0x20 [ 25.319481] kasan_atomics_helper+0x224c/0x5450 [ 25.319515] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.319550] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.319630] ? kasan_atomics+0x152/0x310 [ 25.319665] kasan_atomics+0x1dc/0x310 [ 25.319694] ? __pfx_kasan_atomics+0x10/0x10 [ 25.319724] ? __pfx_read_tsc+0x10/0x10 [ 25.319759] ? ktime_get_ts64+0x86/0x230 [ 25.319795] kunit_try_run_case+0x1a5/0x480 [ 25.319826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.319886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.319927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.319966] ? __kthread_parkme+0x82/0x180 [ 25.319999] ? preempt_count_sub+0x50/0x80 [ 25.320034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.320066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.320103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.320141] kthread+0x337/0x6f0 [ 25.320170] ? trace_preempt_on+0x20/0xc0 [ 25.320203] ? __pfx_kthread+0x10/0x10 [ 25.320234] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.320268] ? calculate_sigpending+0x7b/0xa0 [ 25.320304] ? __pfx_kthread+0x10/0x10 [ 25.320335] ret_from_fork+0x116/0x1d0 [ 25.320363] ? __pfx_kthread+0x10/0x10 [ 25.320393] ret_from_fork_asm+0x1a/0x30 [ 25.320435] </TASK> [ 25.320451] [ 25.340148] Allocated by task 282: [ 25.340910] kasan_save_stack+0x45/0x70 [ 25.341411] kasan_save_track+0x18/0x40 [ 25.342385] kasan_save_alloc_info+0x3b/0x50 [ 25.342800] __kasan_kmalloc+0xb7/0xc0 [ 25.343402] __kmalloc_cache_noprof+0x189/0x420 [ 25.344068] kasan_atomics+0x95/0x310 [ 25.344370] kunit_try_run_case+0x1a5/0x480 [ 25.345217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.345584] kthread+0x337/0x6f0 [ 25.346304] ret_from_fork+0x116/0x1d0 [ 25.346866] ret_from_fork_asm+0x1a/0x30 [ 25.347553] [ 25.348069] The buggy address belongs to the object at ffff888102b73d80 [ 25.348069] which belongs to the cache kmalloc-64 of size 64 [ 25.349062] The buggy address is located 0 bytes to the right of [ 25.349062] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 25.350498] [ 25.351033] The buggy address belongs to the physical page: [ 25.351443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 25.352542] flags: 0x200000000000000(node=0|zone=2) [ 25.353091] page_type: f5(slab) [ 25.353454] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.354250] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.354811] page dumped because: kasan: bad access detected [ 25.355345] [ 25.355653] Memory state around the buggy address: [ 25.356111] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.357062] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.358045] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.358565] ^ [ 25.359175] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.359710] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.360551] ================================================================== [ 22.720534] ================================================================== [ 22.721528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 22.722669] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.723602] [ 22.724217] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.724342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.724386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.724449] Call Trace: [ 22.724501] <TASK> [ 22.724784] dump_stack_lvl+0x73/0xb0 [ 22.724857] print_report+0xd1/0x650 [ 22.724896] ? __virt_addr_valid+0x1db/0x2d0 [ 22.724962] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.724997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.725032] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.725064] kasan_report+0x141/0x180 [ 22.725098] ? kasan_atomics_helper+0x4b3a/0x5450 [ 22.725138] __asan_report_store4_noabort+0x1b/0x30 [ 22.725439] kasan_atomics_helper+0x4b3a/0x5450 [ 22.725487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.725523] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.725556] ? kasan_atomics+0x152/0x310 [ 22.725589] kasan_atomics+0x1dc/0x310 [ 22.725619] ? __pfx_kasan_atomics+0x10/0x10 [ 22.725684] ? __pfx_read_tsc+0x10/0x10 [ 22.725719] ? ktime_get_ts64+0x86/0x230 [ 22.725756] kunit_try_run_case+0x1a5/0x480 [ 22.725787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.725816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.725854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.725891] ? __kthread_parkme+0x82/0x180 [ 22.725950] ? preempt_count_sub+0x50/0x80 [ 22.725989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.726022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.726059] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.726096] kthread+0x337/0x6f0 [ 22.726125] ? trace_preempt_on+0x20/0xc0 [ 22.726159] ? __pfx_kthread+0x10/0x10 [ 22.726191] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.726225] ? calculate_sigpending+0x7b/0xa0 [ 22.726273] ? __pfx_kthread+0x10/0x10 [ 22.726305] ret_from_fork+0x116/0x1d0 [ 22.726331] ? __pfx_kthread+0x10/0x10 [ 22.726363] ret_from_fork_asm+0x1a/0x30 [ 22.726405] </TASK> [ 22.726421] [ 22.748257] Allocated by task 282: [ 22.748522] kasan_save_stack+0x45/0x70 [ 22.749341] kasan_save_track+0x18/0x40 [ 22.749964] kasan_save_alloc_info+0x3b/0x50 [ 22.750310] __kasan_kmalloc+0xb7/0xc0 [ 22.750626] __kmalloc_cache_noprof+0x189/0x420 [ 22.751660] kasan_atomics+0x95/0x310 [ 22.752219] kunit_try_run_case+0x1a5/0x480 [ 22.752865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.753477] kthread+0x337/0x6f0 [ 22.754052] ret_from_fork+0x116/0x1d0 [ 22.754437] ret_from_fork_asm+0x1a/0x30 [ 22.755046] [ 22.755289] The buggy address belongs to the object at ffff888102b73d80 [ 22.755289] which belongs to the cache kmalloc-64 of size 64 [ 22.756660] The buggy address is located 0 bytes to the right of [ 22.756660] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.757987] [ 22.758546] The buggy address belongs to the physical page: [ 22.759245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.759974] flags: 0x200000000000000(node=0|zone=2) [ 22.760352] page_type: f5(slab) [ 22.760621] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.761810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.762484] page dumped because: kasan: bad access detected [ 22.763076] [ 22.763297] Memory state around the buggy address: [ 22.763793] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.764423] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.765182] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.765868] ^ [ 22.766377] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.767079] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.767773] ================================================================== [ 24.901905] ================================================================== [ 24.902384] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 24.903190] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.903742] [ 24.904155] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.904314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.904359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.904422] Call Trace: [ 24.904497] <TASK> [ 24.904576] dump_stack_lvl+0x73/0xb0 [ 24.904663] print_report+0xd1/0x650 [ 24.904746] ? __virt_addr_valid+0x1db/0x2d0 [ 24.904882] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.904967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.905056] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.905159] kasan_report+0x141/0x180 [ 24.905271] ? kasan_atomics_helper+0x1eaa/0x5450 [ 24.905367] kasan_check_range+0x10c/0x1c0 [ 24.905476] __kasan_check_write+0x18/0x20 [ 24.905584] kasan_atomics_helper+0x1eaa/0x5450 [ 24.905698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.905784] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.905917] ? kasan_atomics+0x152/0x310 [ 24.906002] kasan_atomics+0x1dc/0x310 [ 24.906069] ? __pfx_kasan_atomics+0x10/0x10 [ 24.906111] ? __pfx_read_tsc+0x10/0x10 [ 24.906147] ? ktime_get_ts64+0x86/0x230 [ 24.906226] kunit_try_run_case+0x1a5/0x480 [ 24.906288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.906360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.906448] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.906538] ? __kthread_parkme+0x82/0x180 [ 24.906649] ? preempt_count_sub+0x50/0x80 [ 24.906770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.906869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.906959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.907073] kthread+0x337/0x6f0 [ 24.907181] ? trace_preempt_on+0x20/0xc0 [ 24.907264] ? __pfx_kthread+0x10/0x10 [ 24.907362] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.907476] ? calculate_sigpending+0x7b/0xa0 [ 24.907562] ? __pfx_kthread+0x10/0x10 [ 24.907687] ret_from_fork+0x116/0x1d0 [ 24.907792] ? __pfx_kthread+0x10/0x10 [ 24.907892] ret_from_fork_asm+0x1a/0x30 [ 24.908013] </TASK> [ 24.908058] [ 24.923369] Allocated by task 282: [ 24.923813] kasan_save_stack+0x45/0x70 [ 24.924729] kasan_save_track+0x18/0x40 [ 24.925282] kasan_save_alloc_info+0x3b/0x50 [ 24.925687] __kasan_kmalloc+0xb7/0xc0 [ 24.926954] __kmalloc_cache_noprof+0x189/0x420 [ 24.928191] kasan_atomics+0x95/0x310 [ 24.928509] kunit_try_run_case+0x1a5/0x480 [ 24.928879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.929279] kthread+0x337/0x6f0 [ 24.929776] ret_from_fork+0x116/0x1d0 [ 24.930313] ret_from_fork_asm+0x1a/0x30 [ 24.930892] [ 24.931187] The buggy address belongs to the object at ffff888102b73d80 [ 24.931187] which belongs to the cache kmalloc-64 of size 64 [ 24.932526] The buggy address is located 0 bytes to the right of [ 24.932526] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.933873] [ 24.934139] The buggy address belongs to the physical page: [ 24.934773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.935485] flags: 0x200000000000000(node=0|zone=2) [ 24.936042] page_type: f5(slab) [ 24.936509] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.937329] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.938090] page dumped because: kasan: bad access detected [ 24.938763] [ 24.939043] Memory state around the buggy address: [ 24.939666] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.940369] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.941163] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.941896] ^ [ 24.942464] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.943303] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.944198] ================================================================== [ 22.672112] ================================================================== [ 22.672638] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 22.675049] Write of size 4 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 22.675596] [ 22.676175] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.676265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.676287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.676324] Call Trace: [ 22.676346] <TASK> [ 22.676367] dump_stack_lvl+0x73/0xb0 [ 22.676406] print_report+0xd1/0x650 [ 22.676440] ? __virt_addr_valid+0x1db/0x2d0 [ 22.676474] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.676506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.676538] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.676571] kasan_report+0x141/0x180 [ 22.676603] ? kasan_atomics_helper+0x4a0/0x5450 [ 22.676684] kasan_check_range+0x10c/0x1c0 [ 22.676731] __kasan_check_write+0x18/0x20 [ 22.676762] kasan_atomics_helper+0x4a0/0x5450 [ 22.676796] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.676829] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.676861] ? kasan_atomics+0x152/0x310 [ 22.676892] kasan_atomics+0x1dc/0x310 [ 22.676950] ? __pfx_kasan_atomics+0x10/0x10 [ 22.676983] ? __pfx_read_tsc+0x10/0x10 [ 22.677016] ? ktime_get_ts64+0x86/0x230 [ 22.677051] kunit_try_run_case+0x1a5/0x480 [ 22.677083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.677113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.677149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.677187] ? __kthread_parkme+0x82/0x180 [ 22.677217] ? preempt_count_sub+0x50/0x80 [ 22.677250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.677281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.677317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.677354] kthread+0x337/0x6f0 [ 22.677382] ? trace_preempt_on+0x20/0xc0 [ 22.677415] ? __pfx_kthread+0x10/0x10 [ 22.677445] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.677479] ? calculate_sigpending+0x7b/0xa0 [ 22.677514] ? __pfx_kthread+0x10/0x10 [ 22.677545] ret_from_fork+0x116/0x1d0 [ 22.677570] ? __pfx_kthread+0x10/0x10 [ 22.677601] ret_from_fork_asm+0x1a/0x30 [ 22.677667] </TASK> [ 22.677686] [ 22.697461] Allocated by task 282: [ 22.698052] kasan_save_stack+0x45/0x70 [ 22.698654] kasan_save_track+0x18/0x40 [ 22.699493] kasan_save_alloc_info+0x3b/0x50 [ 22.700264] __kasan_kmalloc+0xb7/0xc0 [ 22.700687] __kmalloc_cache_noprof+0x189/0x420 [ 22.701437] kasan_atomics+0x95/0x310 [ 22.701983] kunit_try_run_case+0x1a5/0x480 [ 22.702397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.703137] kthread+0x337/0x6f0 [ 22.703666] ret_from_fork+0x116/0x1d0 [ 22.704245] ret_from_fork_asm+0x1a/0x30 [ 22.704837] [ 22.705033] The buggy address belongs to the object at ffff888102b73d80 [ 22.705033] which belongs to the cache kmalloc-64 of size 64 [ 22.706739] The buggy address is located 0 bytes to the right of [ 22.706739] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 22.707800] [ 22.708269] The buggy address belongs to the physical page: [ 22.708747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 22.709326] flags: 0x200000000000000(node=0|zone=2) [ 22.710129] page_type: f5(slab) [ 22.711191] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.711712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.712327] page dumped because: kasan: bad access detected [ 22.713063] [ 22.713464] Memory state around the buggy address: [ 22.714098] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.714974] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.715495] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.716519] ^ [ 22.717085] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.717616] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.718523] ================================================================== [ 24.271782] ================================================================== [ 24.273412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 24.273985] Write of size 8 at addr ffff888102b73db0 by task kunit_try_catch/282 [ 24.274554] [ 24.274841] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 24.275935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.275958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.275990] Call Trace: [ 24.276017] <TASK> [ 24.276042] dump_stack_lvl+0x73/0xb0 [ 24.276083] print_report+0xd1/0x650 [ 24.276118] ? __virt_addr_valid+0x1db/0x2d0 [ 24.276152] ? kasan_atomics_helper+0x164f/0x5450 [ 24.276504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.276550] ? kasan_atomics_helper+0x164f/0x5450 [ 24.276597] kasan_report+0x141/0x180 [ 24.276667] ? kasan_atomics_helper+0x164f/0x5450 [ 24.276710] kasan_check_range+0x10c/0x1c0 [ 24.276747] __kasan_check_write+0x18/0x20 [ 24.276778] kasan_atomics_helper+0x164f/0x5450 [ 24.276813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.276846] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.276906] ? kasan_atomics+0x152/0x310 [ 24.276940] kasan_atomics+0x1dc/0x310 [ 24.276971] ? __pfx_kasan_atomics+0x10/0x10 [ 24.277002] ? __pfx_read_tsc+0x10/0x10 [ 24.277037] ? ktime_get_ts64+0x86/0x230 [ 24.277073] kunit_try_run_case+0x1a5/0x480 [ 24.277105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.277136] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.277174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.277211] ? __kthread_parkme+0x82/0x180 [ 24.277243] ? preempt_count_sub+0x50/0x80 [ 24.277277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.277308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.277346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.277383] kthread+0x337/0x6f0 [ 24.277413] ? trace_preempt_on+0x20/0xc0 [ 24.277447] ? __pfx_kthread+0x10/0x10 [ 24.277478] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.277513] ? calculate_sigpending+0x7b/0xa0 [ 24.277549] ? __pfx_kthread+0x10/0x10 [ 24.277581] ret_from_fork+0x116/0x1d0 [ 24.277643] ? __pfx_kthread+0x10/0x10 [ 24.277679] ret_from_fork_asm+0x1a/0x30 [ 24.277724] </TASK> [ 24.277741] [ 24.297139] Allocated by task 282: [ 24.297949] kasan_save_stack+0x45/0x70 [ 24.298722] kasan_save_track+0x18/0x40 [ 24.299433] kasan_save_alloc_info+0x3b/0x50 [ 24.300310] __kasan_kmalloc+0xb7/0xc0 [ 24.301277] __kmalloc_cache_noprof+0x189/0x420 [ 24.302001] kasan_atomics+0x95/0x310 [ 24.302322] kunit_try_run_case+0x1a5/0x480 [ 24.302646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.303385] kthread+0x337/0x6f0 [ 24.304027] ret_from_fork+0x116/0x1d0 [ 24.304815] ret_from_fork_asm+0x1a/0x30 [ 24.305544] [ 24.305934] The buggy address belongs to the object at ffff888102b73d80 [ 24.305934] which belongs to the cache kmalloc-64 of size 64 [ 24.307309] The buggy address is located 0 bytes to the right of [ 24.307309] allocated 48-byte region [ffff888102b73d80, ffff888102b73db0) [ 24.308427] [ 24.308833] The buggy address belongs to the physical page: [ 24.309465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b73 [ 24.310401] flags: 0x200000000000000(node=0|zone=2) [ 24.311209] page_type: f5(slab) [ 24.311596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.312247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.313377] page dumped because: kasan: bad access detected [ 24.313783] [ 24.314040] Memory state around the buggy address: [ 24.314697] ffff888102b73c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.315454] ffff888102b73d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.316159] >ffff888102b73d80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.316846] ^ [ 24.317298] ffff888102b73e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.318188] ffff888102b73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.318888] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.973512] ================================================================== [ 21.973988] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.974735] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.975647] [ 21.975913] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.976061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.976100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.976162] Call Trace: [ 21.976211] <TASK> [ 21.976256] dump_stack_lvl+0x73/0xb0 [ 21.976338] print_report+0xd1/0x650 [ 21.976417] ? __virt_addr_valid+0x1db/0x2d0 [ 21.976498] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.976580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.976650] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.977102] kasan_report+0x141/0x180 [ 21.977161] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.977334] kasan_check_range+0x10c/0x1c0 [ 21.977400] __kasan_check_write+0x18/0x20 [ 21.977472] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 21.977553] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.977668] kasan_bitops_generic+0x121/0x1c0 [ 21.977745] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.977827] ? __pfx_read_tsc+0x10/0x10 [ 21.977905] ? ktime_get_ts64+0x86/0x230 [ 21.978017] kunit_try_run_case+0x1a5/0x480 [ 21.978100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.978171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.978260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.978350] ? __kthread_parkme+0x82/0x180 [ 21.978429] ? preempt_count_sub+0x50/0x80 [ 21.978509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.978585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.978666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.978755] kthread+0x337/0x6f0 [ 21.978833] ? trace_preempt_on+0x20/0xc0 [ 21.978914] ? __pfx_kthread+0x10/0x10 [ 21.979141] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.979322] ? calculate_sigpending+0x7b/0xa0 [ 21.979409] ? __pfx_kthread+0x10/0x10 [ 21.979487] ret_from_fork+0x116/0x1d0 [ 21.979532] ? __pfx_kthread+0x10/0x10 [ 21.979567] ret_from_fork_asm+0x1a/0x30 [ 21.979612] </TASK> [ 21.979628] [ 21.999039] Allocated by task 278: [ 21.999771] kasan_save_stack+0x45/0x70 [ 22.000510] kasan_save_track+0x18/0x40 [ 22.000982] kasan_save_alloc_info+0x3b/0x50 [ 22.001594] __kasan_kmalloc+0xb7/0xc0 [ 22.002112] __kmalloc_cache_noprof+0x189/0x420 [ 22.002718] kasan_bitops_generic+0x92/0x1c0 [ 22.003498] kunit_try_run_case+0x1a5/0x480 [ 22.003945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.004778] kthread+0x337/0x6f0 [ 22.005314] ret_from_fork+0x116/0x1d0 [ 22.005730] ret_from_fork_asm+0x1a/0x30 [ 22.006379] [ 22.006585] The buggy address belongs to the object at ffff888100fa0f20 [ 22.006585] which belongs to the cache kmalloc-16 of size 16 [ 22.007559] The buggy address is located 8 bytes inside of [ 22.007559] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.008605] [ 22.009568] The buggy address belongs to the physical page: [ 22.010530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.011282] flags: 0x200000000000000(node=0|zone=2) [ 22.011648] page_type: f5(slab) [ 22.012214] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.012918] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.014085] page dumped because: kasan: bad access detected [ 22.014626] [ 22.015075] Memory state around the buggy address: [ 22.015537] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.016521] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.017207] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.018028] ^ [ 22.018453] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.019971] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.020563] ================================================================== [ 22.290474] ================================================================== [ 22.291107] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.293365] Read of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.293951] [ 22.294423] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.294887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.294908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.294969] Call Trace: [ 22.294991] <TASK> [ 22.295012] dump_stack_lvl+0x73/0xb0 [ 22.295054] print_report+0xd1/0x650 [ 22.295088] ? __virt_addr_valid+0x1db/0x2d0 [ 22.295123] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.295158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.295278] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.295318] kasan_report+0x141/0x180 [ 22.295352] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.295392] kasan_check_range+0x10c/0x1c0 [ 22.295427] __kasan_check_read+0x15/0x20 [ 22.295454] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 22.295488] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.295539] kasan_bitops_generic+0x121/0x1c0 [ 22.295567] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.295596] ? __pfx_read_tsc+0x10/0x10 [ 22.295628] ? ktime_get_ts64+0x86/0x230 [ 22.295693] kunit_try_run_case+0x1a5/0x480 [ 22.295726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.295754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.295791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.295825] ? __kthread_parkme+0x82/0x180 [ 22.295856] ? preempt_count_sub+0x50/0x80 [ 22.295890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.295942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.295984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.296021] kthread+0x337/0x6f0 [ 22.296049] ? trace_preempt_on+0x20/0xc0 [ 22.296082] ? __pfx_kthread+0x10/0x10 [ 22.296113] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.296147] ? calculate_sigpending+0x7b/0xa0 [ 22.296410] ? __pfx_kthread+0x10/0x10 [ 22.296449] ret_from_fork+0x116/0x1d0 [ 22.296479] ? __pfx_kthread+0x10/0x10 [ 22.296509] ret_from_fork_asm+0x1a/0x30 [ 22.296594] </TASK> [ 22.296611] [ 22.318139] Allocated by task 278: [ 22.318611] kasan_save_stack+0x45/0x70 [ 22.319790] kasan_save_track+0x18/0x40 [ 22.320277] kasan_save_alloc_info+0x3b/0x50 [ 22.320894] __kasan_kmalloc+0xb7/0xc0 [ 22.321271] __kmalloc_cache_noprof+0x189/0x420 [ 22.321953] kasan_bitops_generic+0x92/0x1c0 [ 22.322563] kunit_try_run_case+0x1a5/0x480 [ 22.323068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.323866] kthread+0x337/0x6f0 [ 22.324185] ret_from_fork+0x116/0x1d0 [ 22.324499] ret_from_fork_asm+0x1a/0x30 [ 22.325548] [ 22.325793] The buggy address belongs to the object at ffff888100fa0f20 [ 22.325793] which belongs to the cache kmalloc-16 of size 16 [ 22.326828] The buggy address is located 8 bytes inside of [ 22.326828] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.328297] [ 22.328720] The buggy address belongs to the physical page: [ 22.329527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.331046] flags: 0x200000000000000(node=0|zone=2) [ 22.331952] page_type: f5(slab) [ 22.332631] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.332943] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.333522] page dumped because: kasan: bad access detected [ 22.334745] [ 22.335605] Memory state around the buggy address: [ 22.336069] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.337105] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.337975] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.339261] ^ [ 22.339621] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.340566] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.341369] ================================================================== [ 21.929574] ================================================================== [ 21.930833] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.931812] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.932911] [ 21.933171] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.933305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.933342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.933406] Call Trace: [ 21.933427] <TASK> [ 21.933453] dump_stack_lvl+0x73/0xb0 [ 21.933525] print_report+0xd1/0x650 [ 21.933563] ? __virt_addr_valid+0x1db/0x2d0 [ 21.933597] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.933631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.934114] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.934169] kasan_report+0x141/0x180 [ 21.934338] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.934382] kasan_check_range+0x10c/0x1c0 [ 21.934421] __kasan_check_write+0x18/0x20 [ 21.934450] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 21.934485] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.934537] kasan_bitops_generic+0x121/0x1c0 [ 21.934565] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.934595] ? __pfx_read_tsc+0x10/0x10 [ 21.934628] ? ktime_get_ts64+0x86/0x230 [ 21.934697] kunit_try_run_case+0x1a5/0x480 [ 21.934734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.934763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.934801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.934836] ? __kthread_parkme+0x82/0x180 [ 21.934866] ? preempt_count_sub+0x50/0x80 [ 21.934899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.934953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.934996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.935034] kthread+0x337/0x6f0 [ 21.935061] ? trace_preempt_on+0x20/0xc0 [ 21.935094] ? __pfx_kthread+0x10/0x10 [ 21.935123] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.935155] ? calculate_sigpending+0x7b/0xa0 [ 21.935219] ? __pfx_kthread+0x10/0x10 [ 21.935251] ret_from_fork+0x116/0x1d0 [ 21.935279] ? __pfx_kthread+0x10/0x10 [ 21.935309] ret_from_fork_asm+0x1a/0x30 [ 21.935351] </TASK> [ 21.935368] [ 21.953480] Allocated by task 278: [ 21.953870] kasan_save_stack+0x45/0x70 [ 21.954348] kasan_save_track+0x18/0x40 [ 21.954771] kasan_save_alloc_info+0x3b/0x50 [ 21.955242] __kasan_kmalloc+0xb7/0xc0 [ 21.956036] __kmalloc_cache_noprof+0x189/0x420 [ 21.956430] kasan_bitops_generic+0x92/0x1c0 [ 21.956768] kunit_try_run_case+0x1a5/0x480 [ 21.957605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.958156] kthread+0x337/0x6f0 [ 21.958659] ret_from_fork+0x116/0x1d0 [ 21.959007] ret_from_fork_asm+0x1a/0x30 [ 21.959554] [ 21.960221] The buggy address belongs to the object at ffff888100fa0f20 [ 21.960221] which belongs to the cache kmalloc-16 of size 16 [ 21.961075] The buggy address is located 8 bytes inside of [ 21.961075] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.961911] [ 21.962187] The buggy address belongs to the physical page: [ 21.962702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.963402] flags: 0x200000000000000(node=0|zone=2) [ 21.964578] page_type: f5(slab) [ 21.965012] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.965606] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.966104] page dumped because: kasan: bad access detected [ 21.966532] [ 21.967003] Memory state around the buggy address: [ 21.967455] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.968098] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.969412] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.970371] ^ [ 21.970815] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.971408] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.972150] ================================================================== [ 22.022179] ================================================================== [ 22.023040] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.024174] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.024807] [ 22.025179] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.025310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.025349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.025409] Call Trace: [ 22.025462] <TASK> [ 22.025516] dump_stack_lvl+0x73/0xb0 [ 22.025599] print_report+0xd1/0x650 [ 22.025780] ? __virt_addr_valid+0x1db/0x2d0 [ 22.025866] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.025970] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.026083] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.026173] kasan_report+0x141/0x180 [ 22.026364] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.026458] kasan_check_range+0x10c/0x1c0 [ 22.026541] __kasan_check_write+0x18/0x20 [ 22.026614] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 22.026714] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.026829] kasan_bitops_generic+0x121/0x1c0 [ 22.026907] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.027003] ? __pfx_read_tsc+0x10/0x10 [ 22.027084] ? ktime_get_ts64+0x86/0x230 [ 22.027171] kunit_try_run_case+0x1a5/0x480 [ 22.027510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.027543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.027582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.027618] ? __kthread_parkme+0x82/0x180 [ 22.027665] ? preempt_count_sub+0x50/0x80 [ 22.027720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.027752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.027789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.027825] kthread+0x337/0x6f0 [ 22.027854] ? trace_preempt_on+0x20/0xc0 [ 22.027887] ? __pfx_kthread+0x10/0x10 [ 22.027918] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.027984] ? calculate_sigpending+0x7b/0xa0 [ 22.028022] ? __pfx_kthread+0x10/0x10 [ 22.028052] ret_from_fork+0x116/0x1d0 [ 22.028078] ? __pfx_kthread+0x10/0x10 [ 22.028107] ret_from_fork_asm+0x1a/0x30 [ 22.028150] </TASK> [ 22.028171] [ 22.044449] Allocated by task 278: [ 22.044802] kasan_save_stack+0x45/0x70 [ 22.045278] kasan_save_track+0x18/0x40 [ 22.045768] kasan_save_alloc_info+0x3b/0x50 [ 22.046258] __kasan_kmalloc+0xb7/0xc0 [ 22.046672] __kmalloc_cache_noprof+0x189/0x420 [ 22.047667] kasan_bitops_generic+0x92/0x1c0 [ 22.048101] kunit_try_run_case+0x1a5/0x480 [ 22.048624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.049059] kthread+0x337/0x6f0 [ 22.049488] ret_from_fork+0x116/0x1d0 [ 22.049899] ret_from_fork_asm+0x1a/0x30 [ 22.050683] [ 22.050953] The buggy address belongs to the object at ffff888100fa0f20 [ 22.050953] which belongs to the cache kmalloc-16 of size 16 [ 22.053643] The buggy address is located 8 bytes inside of [ 22.053643] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.055695] [ 22.055940] The buggy address belongs to the physical page: [ 22.057361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.058071] flags: 0x200000000000000(node=0|zone=2) [ 22.058807] page_type: f5(slab) [ 22.059135] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.059758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.060361] page dumped because: kasan: bad access detected [ 22.060801] [ 22.061507] Memory state around the buggy address: [ 22.061913] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.062855] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.063604] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.064164] ^ [ 22.065005] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.066131] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.066900] ================================================================== [ 22.342896] ================================================================== [ 22.343509] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.345480] Read of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.345908] [ 22.346147] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.346273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.346312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.346368] Call Trace: [ 22.346411] <TASK> [ 22.346452] dump_stack_lvl+0x73/0xb0 [ 22.346517] print_report+0xd1/0x650 [ 22.346585] ? __virt_addr_valid+0x1db/0x2d0 [ 22.346650] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.346714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.346775] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.346839] kasan_report+0x141/0x180 [ 22.346897] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.347004] __asan_report_load8_noabort+0x18/0x20 [ 22.347084] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 22.347168] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.347280] kasan_bitops_generic+0x121/0x1c0 [ 22.347360] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.347441] ? __pfx_read_tsc+0x10/0x10 [ 22.347518] ? ktime_get_ts64+0x86/0x230 [ 22.347605] kunit_try_run_case+0x1a5/0x480 [ 22.347681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.347753] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.347842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.348810] ? __kthread_parkme+0x82/0x180 [ 22.348894] ? preempt_count_sub+0x50/0x80 [ 22.348992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.349057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.349124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.349309] kthread+0x337/0x6f0 [ 22.349385] ? trace_preempt_on+0x20/0xc0 [ 22.349456] ? __pfx_kthread+0x10/0x10 [ 22.349524] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.349592] ? calculate_sigpending+0x7b/0xa0 [ 22.349664] ? __pfx_kthread+0x10/0x10 [ 22.349729] ret_from_fork+0x116/0x1d0 [ 22.349787] ? __pfx_kthread+0x10/0x10 [ 22.349852] ret_from_fork_asm+0x1a/0x30 [ 22.349960] </TASK> [ 22.350000] [ 22.374196] Allocated by task 278: [ 22.375019] kasan_save_stack+0x45/0x70 [ 22.375832] kasan_save_track+0x18/0x40 [ 22.376424] kasan_save_alloc_info+0x3b/0x50 [ 22.377038] __kasan_kmalloc+0xb7/0xc0 [ 22.378559] __kmalloc_cache_noprof+0x189/0x420 [ 22.379123] kasan_bitops_generic+0x92/0x1c0 [ 22.379451] kunit_try_run_case+0x1a5/0x480 [ 22.379974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.380517] kthread+0x337/0x6f0 [ 22.381045] ret_from_fork+0x116/0x1d0 [ 22.381602] ret_from_fork_asm+0x1a/0x30 [ 22.382548] [ 22.382794] The buggy address belongs to the object at ffff888100fa0f20 [ 22.382794] which belongs to the cache kmalloc-16 of size 16 [ 22.384669] The buggy address is located 8 bytes inside of [ 22.384669] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.386010] [ 22.386385] The buggy address belongs to the physical page: [ 22.386952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.387620] flags: 0x200000000000000(node=0|zone=2) [ 22.388627] page_type: f5(slab) [ 22.389096] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.390156] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.390937] page dumped because: kasan: bad access detected [ 22.391338] [ 22.391574] Memory state around the buggy address: [ 22.392018] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.393275] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.394032] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.394874] ^ [ 22.395356] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.396169] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.397130] ================================================================== [ 22.067776] ================================================================== [ 22.068831] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.069657] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.070285] [ 22.070527] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.070660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.070699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.070760] Call Trace: [ 22.070811] <TASK> [ 22.070861] dump_stack_lvl+0x73/0xb0 [ 22.071107] print_report+0xd1/0x650 [ 22.071294] ? __virt_addr_valid+0x1db/0x2d0 [ 22.071380] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.071469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.071556] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.071645] kasan_report+0x141/0x180 [ 22.071723] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.071815] kasan_check_range+0x10c/0x1c0 [ 22.071902] __kasan_check_write+0x18/0x20 [ 22.071999] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 22.072084] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.072191] kasan_bitops_generic+0x121/0x1c0 [ 22.072272] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.072345] ? __pfx_read_tsc+0x10/0x10 [ 22.072422] ? ktime_get_ts64+0x86/0x230 [ 22.072505] kunit_try_run_case+0x1a5/0x480 [ 22.072582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.072614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.072961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.073049] ? __kthread_parkme+0x82/0x180 [ 22.073088] ? preempt_count_sub+0x50/0x80 [ 22.073123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.073152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.073191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.073225] kthread+0x337/0x6f0 [ 22.073253] ? trace_preempt_on+0x20/0xc0 [ 22.073285] ? __pfx_kthread+0x10/0x10 [ 22.073314] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.073347] ? calculate_sigpending+0x7b/0xa0 [ 22.073383] ? __pfx_kthread+0x10/0x10 [ 22.073413] ret_from_fork+0x116/0x1d0 [ 22.073439] ? __pfx_kthread+0x10/0x10 [ 22.073469] ret_from_fork_asm+0x1a/0x30 [ 22.073513] </TASK> [ 22.073528] [ 22.101032] Allocated by task 278: [ 22.101406] kasan_save_stack+0x45/0x70 [ 22.102572] kasan_save_track+0x18/0x40 [ 22.103072] kasan_save_alloc_info+0x3b/0x50 [ 22.103989] __kasan_kmalloc+0xb7/0xc0 [ 22.104283] __kmalloc_cache_noprof+0x189/0x420 [ 22.105231] kasan_bitops_generic+0x92/0x1c0 [ 22.106145] kunit_try_run_case+0x1a5/0x480 [ 22.106597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.107495] kthread+0x337/0x6f0 [ 22.108120] ret_from_fork+0x116/0x1d0 [ 22.108704] ret_from_fork_asm+0x1a/0x30 [ 22.109054] [ 22.109295] The buggy address belongs to the object at ffff888100fa0f20 [ 22.109295] which belongs to the cache kmalloc-16 of size 16 [ 22.111077] The buggy address is located 8 bytes inside of [ 22.111077] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.111986] [ 22.112086] The buggy address belongs to the physical page: [ 22.113051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.114080] flags: 0x200000000000000(node=0|zone=2) [ 22.115008] page_type: f5(slab) [ 22.115616] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.116198] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.116741] page dumped because: kasan: bad access detected [ 22.117723] [ 22.118440] Memory state around the buggy address: [ 22.118822] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.119782] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.120912] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.121841] ^ [ 22.122846] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.124100] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.125016] ================================================================== [ 22.235617] ================================================================== [ 22.236683] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.238515] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.239692] [ 22.239876] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.239992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.240033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.240092] Call Trace: [ 22.240146] <TASK> [ 22.240284] dump_stack_lvl+0x73/0xb0 [ 22.240376] print_report+0xd1/0x650 [ 22.240414] ? __virt_addr_valid+0x1db/0x2d0 [ 22.240487] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.240532] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.240565] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.240600] kasan_report+0x141/0x180 [ 22.240640] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.240887] kasan_check_range+0x10c/0x1c0 [ 22.240953] __kasan_check_write+0x18/0x20 [ 22.240986] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 22.241020] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.241072] kasan_bitops_generic+0x121/0x1c0 [ 22.241101] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.241131] ? __pfx_read_tsc+0x10/0x10 [ 22.241161] ? ktime_get_ts64+0x86/0x230 [ 22.241422] kunit_try_run_case+0x1a5/0x480 [ 22.241460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.241491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.241527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.241564] ? __kthread_parkme+0x82/0x180 [ 22.241593] ? preempt_count_sub+0x50/0x80 [ 22.241627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.241689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.241729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.241765] kthread+0x337/0x6f0 [ 22.241810] ? trace_preempt_on+0x20/0xc0 [ 22.241843] ? __pfx_kthread+0x10/0x10 [ 22.241871] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.241905] ? calculate_sigpending+0x7b/0xa0 [ 22.241969] ? __pfx_kthread+0x10/0x10 [ 22.242001] ret_from_fork+0x116/0x1d0 [ 22.242027] ? __pfx_kthread+0x10/0x10 [ 22.242056] ret_from_fork_asm+0x1a/0x30 [ 22.242097] </TASK> [ 22.242113] [ 22.264819] Allocated by task 278: [ 22.265816] kasan_save_stack+0x45/0x70 [ 22.266177] kasan_save_track+0x18/0x40 [ 22.266831] kasan_save_alloc_info+0x3b/0x50 [ 22.267730] __kasan_kmalloc+0xb7/0xc0 [ 22.268065] __kmalloc_cache_noprof+0x189/0x420 [ 22.268973] kasan_bitops_generic+0x92/0x1c0 [ 22.269391] kunit_try_run_case+0x1a5/0x480 [ 22.269860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.270356] kthread+0x337/0x6f0 [ 22.271468] ret_from_fork+0x116/0x1d0 [ 22.271833] ret_from_fork_asm+0x1a/0x30 [ 22.272426] [ 22.272629] The buggy address belongs to the object at ffff888100fa0f20 [ 22.272629] which belongs to the cache kmalloc-16 of size 16 [ 22.274282] The buggy address is located 8 bytes inside of [ 22.274282] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.276549] [ 22.276806] The buggy address belongs to the physical page: [ 22.277360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.278274] flags: 0x200000000000000(node=0|zone=2) [ 22.279761] page_type: f5(slab) [ 22.280153] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.281317] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.282110] page dumped because: kasan: bad access detected [ 22.282757] [ 22.283013] Memory state around the buggy address: [ 22.284199] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.284900] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.285897] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.287036] ^ [ 22.287596] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.288652] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.289388] ================================================================== [ 22.180046] ================================================================== [ 22.181117] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 22.182183] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.183042] [ 22.183509] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.183672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.183742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.183804] Call Trace: [ 22.183856] <TASK> [ 22.183909] dump_stack_lvl+0x73/0xb0 [ 22.184011] print_report+0xd1/0x650 [ 22.184089] ? __virt_addr_valid+0x1db/0x2d0 [ 22.184168] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 22.184249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.184325] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 22.184607] kasan_report+0x141/0x180 [ 22.184697] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 22.185042] kasan_check_range+0x10c/0x1c0 [ 22.185138] __kasan_check_write+0x18/0x20 [ 22.185278] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 22.185335] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.185388] kasan_bitops_generic+0x121/0x1c0 [ 22.185417] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.185449] ? __pfx_read_tsc+0x10/0x10 [ 22.185483] ? ktime_get_ts64+0x86/0x230 [ 22.185518] kunit_try_run_case+0x1a5/0x480 [ 22.185550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.185578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.185613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.185685] ? __kthread_parkme+0x82/0x180 [ 22.185721] ? preempt_count_sub+0x50/0x80 [ 22.185755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.185784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.185821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.185858] kthread+0x337/0x6f0 [ 22.185885] ? trace_preempt_on+0x20/0xc0 [ 22.185941] ? __pfx_kthread+0x10/0x10 [ 22.185975] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.186010] ? calculate_sigpending+0x7b/0xa0 [ 22.186047] ? __pfx_kthread+0x10/0x10 [ 22.186077] ret_from_fork+0x116/0x1d0 [ 22.186104] ? __pfx_kthread+0x10/0x10 [ 22.186135] ret_from_fork_asm+0x1a/0x30 [ 22.186195] </TASK> [ 22.186235] [ 22.210202] Allocated by task 278: [ 22.210840] kasan_save_stack+0x45/0x70 [ 22.211553] kasan_save_track+0x18/0x40 [ 22.212080] kasan_save_alloc_info+0x3b/0x50 [ 22.212822] __kasan_kmalloc+0xb7/0xc0 [ 22.213051] __kmalloc_cache_noprof+0x189/0x420 [ 22.213577] kasan_bitops_generic+0x92/0x1c0 [ 22.214345] kunit_try_run_case+0x1a5/0x480 [ 22.214569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.215728] kthread+0x337/0x6f0 [ 22.216051] ret_from_fork+0x116/0x1d0 [ 22.216727] ret_from_fork_asm+0x1a/0x30 [ 22.217135] [ 22.217954] The buggy address belongs to the object at ffff888100fa0f20 [ 22.217954] which belongs to the cache kmalloc-16 of size 16 [ 22.219540] The buggy address is located 8 bytes inside of [ 22.219540] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.221070] [ 22.221500] The buggy address belongs to the physical page: [ 22.222149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.223121] flags: 0x200000000000000(node=0|zone=2) [ 22.223997] page_type: f5(slab) [ 22.224832] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.225549] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.226665] page dumped because: kasan: bad access detected [ 22.227381] [ 22.227976] Memory state around the buggy address: [ 22.228371] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.229964] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.230515] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.231087] ^ [ 22.231987] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.232839] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.233903] ================================================================== [ 22.126024] ================================================================== [ 22.127772] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.128836] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 22.129912] [ 22.130149] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 22.131001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.131023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.131055] Call Trace: [ 22.131078] <TASK> [ 22.131102] dump_stack_lvl+0x73/0xb0 [ 22.131141] print_report+0xd1/0x650 [ 22.131195] ? __virt_addr_valid+0x1db/0x2d0 [ 22.131245] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.131281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.131315] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.131348] kasan_report+0x141/0x180 [ 22.131379] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.131418] kasan_check_range+0x10c/0x1c0 [ 22.131452] __kasan_check_write+0x18/0x20 [ 22.131480] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 22.131514] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 22.131563] kasan_bitops_generic+0x121/0x1c0 [ 22.131591] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.131620] ? __pfx_read_tsc+0x10/0x10 [ 22.131757] ? ktime_get_ts64+0x86/0x230 [ 22.131803] kunit_try_run_case+0x1a5/0x480 [ 22.131837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.131866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.131901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.131964] ? __kthread_parkme+0x82/0x180 [ 22.131998] ? preempt_count_sub+0x50/0x80 [ 22.132031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.132061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.132096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.132132] kthread+0x337/0x6f0 [ 22.132166] ? trace_preempt_on+0x20/0xc0 [ 22.132314] ? __pfx_kthread+0x10/0x10 [ 22.132346] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.132381] ? calculate_sigpending+0x7b/0xa0 [ 22.132417] ? __pfx_kthread+0x10/0x10 [ 22.132447] ret_from_fork+0x116/0x1d0 [ 22.132474] ? __pfx_kthread+0x10/0x10 [ 22.132506] ret_from_fork_asm+0x1a/0x30 [ 22.132549] </TASK> [ 22.132565] [ 22.155962] Allocated by task 278: [ 22.157036] kasan_save_stack+0x45/0x70 [ 22.157675] kasan_save_track+0x18/0x40 [ 22.158458] kasan_save_alloc_info+0x3b/0x50 [ 22.159050] __kasan_kmalloc+0xb7/0xc0 [ 22.159602] __kmalloc_cache_noprof+0x189/0x420 [ 22.160262] kasan_bitops_generic+0x92/0x1c0 [ 22.161074] kunit_try_run_case+0x1a5/0x480 [ 22.161630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.162878] kthread+0x337/0x6f0 [ 22.163565] ret_from_fork+0x116/0x1d0 [ 22.163907] ret_from_fork_asm+0x1a/0x30 [ 22.164463] [ 22.165029] The buggy address belongs to the object at ffff888100fa0f20 [ 22.165029] which belongs to the cache kmalloc-16 of size 16 [ 22.165993] The buggy address is located 8 bytes inside of [ 22.165993] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 22.167177] [ 22.167426] The buggy address belongs to the physical page: [ 22.167855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 22.168474] flags: 0x200000000000000(node=0|zone=2) [ 22.170030] page_type: f5(slab) [ 22.170737] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.171608] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.172844] page dumped because: kasan: bad access detected [ 22.173504] [ 22.173736] Memory state around the buggy address: [ 22.174709] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.175759] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 22.176462] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 22.177228] ^ [ 22.177664] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.178312] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 22.178968] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.550845] ================================================================== [ 21.551663] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.552141] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.553625] [ 21.553819] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.553922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.553986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.554035] Call Trace: [ 21.554072] <TASK> [ 21.554109] dump_stack_lvl+0x73/0xb0 [ 21.554168] print_report+0xd1/0x650 [ 21.554221] ? __virt_addr_valid+0x1db/0x2d0 [ 21.554286] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.554346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.554398] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.554458] kasan_report+0x141/0x180 [ 21.554510] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.554576] kasan_check_range+0x10c/0x1c0 [ 21.554633] __kasan_check_write+0x18/0x20 [ 21.554683] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 21.554745] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.554806] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.554853] ? trace_hardirqs_on+0x37/0xe0 [ 21.554904] ? kasan_bitops_generic+0x92/0x1c0 [ 21.557131] kasan_bitops_generic+0x116/0x1c0 [ 21.558068] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.558145] ? __pfx_read_tsc+0x10/0x10 [ 21.558215] ? ktime_get_ts64+0x86/0x230 [ 21.558332] kunit_try_run_case+0x1a5/0x480 [ 21.558422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.558990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.559072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.559270] ? __kthread_parkme+0x82/0x180 [ 21.559336] ? preempt_count_sub+0x50/0x80 [ 21.559401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.559450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.559511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.559577] kthread+0x337/0x6f0 [ 21.559632] ? trace_preempt_on+0x20/0xc0 [ 21.559725] ? __pfx_kthread+0x10/0x10 [ 21.559777] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.559830] ? calculate_sigpending+0x7b/0xa0 [ 21.559883] ? __pfx_kthread+0x10/0x10 [ 21.559930] ret_from_fork+0x116/0x1d0 [ 21.559995] ? __pfx_kthread+0x10/0x10 [ 21.560042] ret_from_fork_asm+0x1a/0x30 [ 21.560111] </TASK> [ 21.560136] [ 21.575789] Allocated by task 278: [ 21.576051] kasan_save_stack+0x45/0x70 [ 21.576444] kasan_save_track+0x18/0x40 [ 21.576792] kasan_save_alloc_info+0x3b/0x50 [ 21.577233] __kasan_kmalloc+0xb7/0xc0 [ 21.577618] __kmalloc_cache_noprof+0x189/0x420 [ 21.578282] kasan_bitops_generic+0x92/0x1c0 [ 21.578627] kunit_try_run_case+0x1a5/0x480 [ 21.579061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.579680] kthread+0x337/0x6f0 [ 21.579914] ret_from_fork+0x116/0x1d0 [ 21.580282] ret_from_fork_asm+0x1a/0x30 [ 21.580719] [ 21.580864] The buggy address belongs to the object at ffff888100fa0f20 [ 21.580864] which belongs to the cache kmalloc-16 of size 16 [ 21.581537] The buggy address is located 8 bytes inside of [ 21.581537] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.582482] [ 21.582728] The buggy address belongs to the physical page: [ 21.583626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.584334] flags: 0x200000000000000(node=0|zone=2) [ 21.584623] page_type: f5(slab) [ 21.584858] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.585253] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.585623] page dumped because: kasan: bad access detected [ 21.585908] [ 21.586263] Memory state around the buggy address: [ 21.586534] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.587016] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.587879] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.588794] ^ [ 21.589387] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.589784] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.590587] ================================================================== [ 21.703694] ================================================================== [ 21.704666] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.705221] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.706959] [ 21.707228] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.707363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.707405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.707464] Call Trace: [ 21.707493] <TASK> [ 21.707516] dump_stack_lvl+0x73/0xb0 [ 21.707556] print_report+0xd1/0x650 [ 21.707628] ? __virt_addr_valid+0x1db/0x2d0 [ 21.707988] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.708084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.708130] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.708199] kasan_report+0x141/0x180 [ 21.708289] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.708363] kasan_check_range+0x10c/0x1c0 [ 21.708398] __kasan_check_write+0x18/0x20 [ 21.708427] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 21.708465] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.708503] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.708532] ? trace_hardirqs_on+0x37/0xe0 [ 21.708565] ? kasan_bitops_generic+0x92/0x1c0 [ 21.708598] kasan_bitops_generic+0x116/0x1c0 [ 21.708625] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.708670] ? __pfx_read_tsc+0x10/0x10 [ 21.708719] ? ktime_get_ts64+0x86/0x230 [ 21.708754] kunit_try_run_case+0x1a5/0x480 [ 21.708786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.708813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.708849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.708885] ? __kthread_parkme+0x82/0x180 [ 21.708914] ? preempt_count_sub+0x50/0x80 [ 21.708977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.709010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.709047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.709082] kthread+0x337/0x6f0 [ 21.709111] ? trace_preempt_on+0x20/0xc0 [ 21.709141] ? __pfx_kthread+0x10/0x10 [ 21.709189] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.709268] ? calculate_sigpending+0x7b/0xa0 [ 21.709317] ? __pfx_kthread+0x10/0x10 [ 21.709347] ret_from_fork+0x116/0x1d0 [ 21.709373] ? __pfx_kthread+0x10/0x10 [ 21.709402] ret_from_fork_asm+0x1a/0x30 [ 21.709447] </TASK> [ 21.709463] [ 21.735880] Allocated by task 278: [ 21.736979] kasan_save_stack+0x45/0x70 [ 21.737327] kasan_save_track+0x18/0x40 [ 21.737641] kasan_save_alloc_info+0x3b/0x50 [ 21.737844] __kasan_kmalloc+0xb7/0xc0 [ 21.738025] __kmalloc_cache_noprof+0x189/0x420 [ 21.738283] kasan_bitops_generic+0x92/0x1c0 [ 21.740103] kunit_try_run_case+0x1a5/0x480 [ 21.740892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.741305] kthread+0x337/0x6f0 [ 21.742065] ret_from_fork+0x116/0x1d0 [ 21.742905] ret_from_fork_asm+0x1a/0x30 [ 21.743326] [ 21.743943] The buggy address belongs to the object at ffff888100fa0f20 [ 21.743943] which belongs to the cache kmalloc-16 of size 16 [ 21.745242] The buggy address is located 8 bytes inside of [ 21.745242] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.746235] [ 21.746491] The buggy address belongs to the physical page: [ 21.747801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.748748] flags: 0x200000000000000(node=0|zone=2) [ 21.749707] page_type: f5(slab) [ 21.750106] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.751107] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.752182] page dumped because: kasan: bad access detected [ 21.752953] [ 21.753764] Memory state around the buggy address: [ 21.754176] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.754791] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.755642] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.756437] ^ [ 21.756644] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.756916] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.757423] ================================================================== [ 21.759893] ================================================================== [ 21.760511] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.761519] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.762721] [ 21.762912] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.763002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.763022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.763055] Call Trace: [ 21.763076] <TASK> [ 21.763097] dump_stack_lvl+0x73/0xb0 [ 21.763135] print_report+0xd1/0x650 [ 21.763182] ? __virt_addr_valid+0x1db/0x2d0 [ 21.763237] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.763279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.763311] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.763349] kasan_report+0x141/0x180 [ 21.763381] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.763425] kasan_check_range+0x10c/0x1c0 [ 21.763459] __kasan_check_write+0x18/0x20 [ 21.763487] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 21.763526] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.763566] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.763594] ? trace_hardirqs_on+0x37/0xe0 [ 21.763626] ? kasan_bitops_generic+0x92/0x1c0 [ 21.763677] kasan_bitops_generic+0x116/0x1c0 [ 21.763721] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.763753] ? __pfx_read_tsc+0x10/0x10 [ 21.763785] ? ktime_get_ts64+0x86/0x230 [ 21.763820] kunit_try_run_case+0x1a5/0x480 [ 21.763851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.763877] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.763913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.764004] ? __kthread_parkme+0x82/0x180 [ 21.764078] ? preempt_count_sub+0x50/0x80 [ 21.764630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.764695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.764736] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.764772] kthread+0x337/0x6f0 [ 21.764801] ? trace_preempt_on+0x20/0xc0 [ 21.764831] ? __pfx_kthread+0x10/0x10 [ 21.764861] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.764894] ? calculate_sigpending+0x7b/0xa0 [ 21.764953] ? __pfx_kthread+0x10/0x10 [ 21.764986] ret_from_fork+0x116/0x1d0 [ 21.765011] ? __pfx_kthread+0x10/0x10 [ 21.765042] ret_from_fork_asm+0x1a/0x30 [ 21.765087] </TASK> [ 21.765102] [ 21.789767] Allocated by task 278: [ 21.791051] kasan_save_stack+0x45/0x70 [ 21.791540] kasan_save_track+0x18/0x40 [ 21.791874] kasan_save_alloc_info+0x3b/0x50 [ 21.793070] __kasan_kmalloc+0xb7/0xc0 [ 21.793795] __kmalloc_cache_noprof+0x189/0x420 [ 21.794171] kasan_bitops_generic+0x92/0x1c0 [ 21.794908] kunit_try_run_case+0x1a5/0x480 [ 21.795788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.796396] kthread+0x337/0x6f0 [ 21.796689] ret_from_fork+0x116/0x1d0 [ 21.797022] ret_from_fork_asm+0x1a/0x30 [ 21.797703] [ 21.797873] The buggy address belongs to the object at ffff888100fa0f20 [ 21.797873] which belongs to the cache kmalloc-16 of size 16 [ 21.799609] The buggy address is located 8 bytes inside of [ 21.799609] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.800603] [ 21.801008] The buggy address belongs to the physical page: [ 21.801828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.802893] flags: 0x200000000000000(node=0|zone=2) [ 21.803235] page_type: f5(slab) [ 21.803956] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.804530] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.805622] page dumped because: kasan: bad access detected [ 21.806010] [ 21.806347] Memory state around the buggy address: [ 21.807081] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.807898] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.808504] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.809990] ^ [ 21.812032] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.812981] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.813634] ================================================================== [ 21.814593] ================================================================== [ 21.816142] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.818423] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.819045] [ 21.819385] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.819496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.819530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.819584] Call Trace: [ 21.819625] <TASK> [ 21.819707] dump_stack_lvl+0x73/0xb0 [ 21.819786] print_report+0xd1/0x650 [ 21.819859] ? __virt_addr_valid+0x1db/0x2d0 [ 21.819966] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.820059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.820143] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.820248] kasan_report+0x141/0x180 [ 21.820332] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.820430] kasan_check_range+0x10c/0x1c0 [ 21.820517] __kasan_check_write+0x18/0x20 [ 21.820581] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 21.820654] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.820737] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.820815] ? trace_hardirqs_on+0x37/0xe0 [ 21.820894] ? kasan_bitops_generic+0x92/0x1c0 [ 21.821782] kasan_bitops_generic+0x116/0x1c0 [ 21.821839] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.821895] ? __pfx_read_tsc+0x10/0x10 [ 21.821984] ? ktime_get_ts64+0x86/0x230 [ 21.822049] kunit_try_run_case+0x1a5/0x480 [ 21.822104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.822297] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.822392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.822474] ? __kthread_parkme+0x82/0x180 [ 21.822534] ? preempt_count_sub+0x50/0x80 [ 21.822614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.822880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.822972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.823043] kthread+0x337/0x6f0 [ 21.823099] ? trace_preempt_on+0x20/0xc0 [ 21.823283] ? __pfx_kthread+0x10/0x10 [ 21.823349] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.823405] ? calculate_sigpending+0x7b/0xa0 [ 21.823460] ? __pfx_kthread+0x10/0x10 [ 21.823515] ret_from_fork+0x116/0x1d0 [ 21.823569] ? __pfx_kthread+0x10/0x10 [ 21.823621] ret_from_fork_asm+0x1a/0x30 [ 21.823738] </TASK> [ 21.823767] [ 21.847346] Allocated by task 278: [ 21.847740] kasan_save_stack+0x45/0x70 [ 21.848199] kasan_save_track+0x18/0x40 [ 21.848604] kasan_save_alloc_info+0x3b/0x50 [ 21.849351] __kasan_kmalloc+0xb7/0xc0 [ 21.850077] __kmalloc_cache_noprof+0x189/0x420 [ 21.850693] kasan_bitops_generic+0x92/0x1c0 [ 21.851302] kunit_try_run_case+0x1a5/0x480 [ 21.852116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.853153] kthread+0x337/0x6f0 [ 21.853805] ret_from_fork+0x116/0x1d0 [ 21.854193] ret_from_fork_asm+0x1a/0x30 [ 21.854920] [ 21.855701] The buggy address belongs to the object at ffff888100fa0f20 [ 21.855701] which belongs to the cache kmalloc-16 of size 16 [ 21.856718] The buggy address is located 8 bytes inside of [ 21.856718] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.858453] [ 21.858666] The buggy address belongs to the physical page: [ 21.859362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.860706] flags: 0x200000000000000(node=0|zone=2) [ 21.861152] page_type: f5(slab) [ 21.861948] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.862901] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.863496] page dumped because: kasan: bad access detected [ 21.863994] [ 21.864227] Memory state around the buggy address: [ 21.864675] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.866008] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.866804] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.867542] ^ [ 21.868322] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.869036] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.870160] ================================================================== [ 21.647917] ================================================================== [ 21.648636] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.649785] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.650634] [ 21.650923] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.651079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.651120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.651220] Call Trace: [ 21.651278] <TASK> [ 21.651330] dump_stack_lvl+0x73/0xb0 [ 21.651422] print_report+0xd1/0x650 [ 21.651506] ? __virt_addr_valid+0x1db/0x2d0 [ 21.651874] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.651920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.652007] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.652096] kasan_report+0x141/0x180 [ 21.652221] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.652322] kasan_check_range+0x10c/0x1c0 [ 21.652411] __kasan_check_write+0x18/0x20 [ 21.652609] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 21.652717] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.652792] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.652824] ? trace_hardirqs_on+0x37/0xe0 [ 21.652857] ? kasan_bitops_generic+0x92/0x1c0 [ 21.652893] kasan_bitops_generic+0x116/0x1c0 [ 21.652924] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.652986] ? __pfx_read_tsc+0x10/0x10 [ 21.653019] ? ktime_get_ts64+0x86/0x230 [ 21.653055] kunit_try_run_case+0x1a5/0x480 [ 21.653088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.653117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.653154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.653268] ? __kthread_parkme+0x82/0x180 [ 21.653315] ? preempt_count_sub+0x50/0x80 [ 21.653350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.653380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.653416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.653452] kthread+0x337/0x6f0 [ 21.653479] ? trace_preempt_on+0x20/0xc0 [ 21.653511] ? __pfx_kthread+0x10/0x10 [ 21.653539] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.653572] ? calculate_sigpending+0x7b/0xa0 [ 21.653606] ? __pfx_kthread+0x10/0x10 [ 21.653636] ret_from_fork+0x116/0x1d0 [ 21.653706] ? __pfx_kthread+0x10/0x10 [ 21.653743] ret_from_fork_asm+0x1a/0x30 [ 21.653785] </TASK> [ 21.653800] [ 21.679431] Allocated by task 278: [ 21.679721] kasan_save_stack+0x45/0x70 [ 21.680584] kasan_save_track+0x18/0x40 [ 21.681147] kasan_save_alloc_info+0x3b/0x50 [ 21.681861] __kasan_kmalloc+0xb7/0xc0 [ 21.682732] __kmalloc_cache_noprof+0x189/0x420 [ 21.683110] kasan_bitops_generic+0x92/0x1c0 [ 21.684289] kunit_try_run_case+0x1a5/0x480 [ 21.684632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.685084] kthread+0x337/0x6f0 [ 21.685962] ret_from_fork+0x116/0x1d0 [ 21.686970] ret_from_fork_asm+0x1a/0x30 [ 21.687292] [ 21.687424] The buggy address belongs to the object at ffff888100fa0f20 [ 21.687424] which belongs to the cache kmalloc-16 of size 16 [ 21.688795] The buggy address is located 8 bytes inside of [ 21.688795] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.689520] [ 21.689780] The buggy address belongs to the physical page: [ 21.691137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.692058] flags: 0x200000000000000(node=0|zone=2) [ 21.692753] page_type: f5(slab) [ 21.693786] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.694559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.695431] page dumped because: kasan: bad access detected [ 21.696281] [ 21.696614] Memory state around the buggy address: [ 21.697590] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.698731] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.699240] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.700197] ^ [ 21.700656] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.701652] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.702870] ================================================================== [ 21.496179] ================================================================== [ 21.497586] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.498482] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.499173] [ 21.499612] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.499750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.499794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.499860] Call Trace: [ 21.499903] <TASK> [ 21.499976] dump_stack_lvl+0x73/0xb0 [ 21.500067] print_report+0xd1/0x650 [ 21.500320] ? __virt_addr_valid+0x1db/0x2d0 [ 21.500414] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.500498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.500572] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.500615] kasan_report+0x141/0x180 [ 21.500651] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.500737] kasan_check_range+0x10c/0x1c0 [ 21.500773] __kasan_check_write+0x18/0x20 [ 21.500801] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 21.500838] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.500879] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.500911] ? trace_hardirqs_on+0x37/0xe0 [ 21.500970] ? kasan_bitops_generic+0x92/0x1c0 [ 21.501005] kasan_bitops_generic+0x116/0x1c0 [ 21.501034] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.501064] ? __pfx_read_tsc+0x10/0x10 [ 21.501098] ? ktime_get_ts64+0x86/0x230 [ 21.501133] kunit_try_run_case+0x1a5/0x480 [ 21.501166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.501232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.501323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.501409] ? __kthread_parkme+0x82/0x180 [ 21.501481] ? preempt_count_sub+0x50/0x80 [ 21.501518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.501547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.501583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.501619] kthread+0x337/0x6f0 [ 21.501645] ? trace_preempt_on+0x20/0xc0 [ 21.501706] ? __pfx_kthread+0x10/0x10 [ 21.501739] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.501773] ? calculate_sigpending+0x7b/0xa0 [ 21.501808] ? __pfx_kthread+0x10/0x10 [ 21.501837] ret_from_fork+0x116/0x1d0 [ 21.501863] ? __pfx_kthread+0x10/0x10 [ 21.501891] ret_from_fork_asm+0x1a/0x30 [ 21.501957] </TASK> [ 21.501977] [ 21.524347] Allocated by task 278: [ 21.524868] kasan_save_stack+0x45/0x70 [ 21.525733] kasan_save_track+0x18/0x40 [ 21.526675] kasan_save_alloc_info+0x3b/0x50 [ 21.527481] __kasan_kmalloc+0xb7/0xc0 [ 21.528115] __kmalloc_cache_noprof+0x189/0x420 [ 21.529163] kasan_bitops_generic+0x92/0x1c0 [ 21.529561] kunit_try_run_case+0x1a5/0x480 [ 21.530029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.530485] kthread+0x337/0x6f0 [ 21.531570] ret_from_fork+0x116/0x1d0 [ 21.531820] ret_from_fork_asm+0x1a/0x30 [ 21.532057] [ 21.532151] The buggy address belongs to the object at ffff888100fa0f20 [ 21.532151] which belongs to the cache kmalloc-16 of size 16 [ 21.534406] The buggy address is located 8 bytes inside of [ 21.534406] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.536021] [ 21.536417] The buggy address belongs to the physical page: [ 21.536959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.538025] flags: 0x200000000000000(node=0|zone=2) [ 21.538376] page_type: f5(slab) [ 21.539168] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.539808] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.541374] page dumped because: kasan: bad access detected [ 21.541730] [ 21.541896] Memory state around the buggy address: [ 21.542774] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.544567] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.545383] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.546197] ^ [ 21.547467] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.549533] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.549993] ================================================================== [ 21.592096] ================================================================== [ 21.592792] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.595702] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.597107] [ 21.597416] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.597529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.597556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.597599] Call Trace: [ 21.597634] <TASK> [ 21.597673] dump_stack_lvl+0x73/0xb0 [ 21.597763] print_report+0xd1/0x650 [ 21.597820] ? __virt_addr_valid+0x1db/0x2d0 [ 21.597881] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.597955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.598009] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.598075] kasan_report+0x141/0x180 [ 21.599510] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.599619] kasan_check_range+0x10c/0x1c0 [ 21.599722] __kasan_check_write+0x18/0x20 [ 21.599801] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 21.599890] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.600034] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.600113] ? trace_hardirqs_on+0x37/0xe0 [ 21.600215] ? kasan_bitops_generic+0x92/0x1c0 [ 21.600301] kasan_bitops_generic+0x116/0x1c0 [ 21.600379] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.600452] ? __pfx_read_tsc+0x10/0x10 [ 21.600542] ? ktime_get_ts64+0x86/0x230 [ 21.600626] kunit_try_run_case+0x1a5/0x480 [ 21.600718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.600787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.600867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.601277] ? __kthread_parkme+0x82/0x180 [ 21.601361] ? preempt_count_sub+0x50/0x80 [ 21.601445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.601524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.601611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.601739] kthread+0x337/0x6f0 [ 21.601816] ? trace_preempt_on+0x20/0xc0 [ 21.601877] ? __pfx_kthread+0x10/0x10 [ 21.601969] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.602028] ? calculate_sigpending+0x7b/0xa0 [ 21.602079] ? __pfx_kthread+0x10/0x10 [ 21.602127] ret_from_fork+0x116/0x1d0 [ 21.602298] ? __pfx_kthread+0x10/0x10 [ 21.602363] ret_from_fork_asm+0x1a/0x30 [ 21.602431] </TASK> [ 21.602456] [ 21.626611] Allocated by task 278: [ 21.627147] kasan_save_stack+0x45/0x70 [ 21.627741] kasan_save_track+0x18/0x40 [ 21.628102] kasan_save_alloc_info+0x3b/0x50 [ 21.628555] __kasan_kmalloc+0xb7/0xc0 [ 21.629560] __kmalloc_cache_noprof+0x189/0x420 [ 21.630066] kasan_bitops_generic+0x92/0x1c0 [ 21.630649] kunit_try_run_case+0x1a5/0x480 [ 21.631100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.631650] kthread+0x337/0x6f0 [ 21.632074] ret_from_fork+0x116/0x1d0 [ 21.632719] ret_from_fork_asm+0x1a/0x30 [ 21.633098] [ 21.633453] The buggy address belongs to the object at ffff888100fa0f20 [ 21.633453] which belongs to the cache kmalloc-16 of size 16 [ 21.634923] The buggy address is located 8 bytes inside of [ 21.634923] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.636086] [ 21.636309] The buggy address belongs to the physical page: [ 21.637032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.637697] flags: 0x200000000000000(node=0|zone=2) [ 21.638086] page_type: f5(slab) [ 21.638571] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.639736] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.640648] page dumped because: kasan: bad access detected [ 21.641138] [ 21.641369] Memory state around the buggy address: [ 21.641893] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.642601] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.643284] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.644484] ^ [ 21.645000] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.645578] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.646370] ================================================================== [ 21.871847] ================================================================== [ 21.873266] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.874301] Write of size 8 at addr ffff888100fa0f28 by task kunit_try_catch/278 [ 21.875801] [ 21.876042] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.876579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.876602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.876634] Call Trace: [ 21.876674] <TASK> [ 21.876707] dump_stack_lvl+0x73/0xb0 [ 21.876749] print_report+0xd1/0x650 [ 21.876784] ? __virt_addr_valid+0x1db/0x2d0 [ 21.876817] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.876855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.876887] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.876949] kasan_report+0x141/0x180 [ 21.876987] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.877033] kasan_check_range+0x10c/0x1c0 [ 21.877067] __kasan_check_write+0x18/0x20 [ 21.877095] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 21.877135] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.877410] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.877456] ? trace_hardirqs_on+0x37/0xe0 [ 21.877494] ? kasan_bitops_generic+0x92/0x1c0 [ 21.877528] kasan_bitops_generic+0x116/0x1c0 [ 21.877558] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.877590] ? __pfx_read_tsc+0x10/0x10 [ 21.877622] ? ktime_get_ts64+0x86/0x230 [ 21.877681] kunit_try_run_case+0x1a5/0x480 [ 21.877725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.877754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.877791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.877827] ? __kthread_parkme+0x82/0x180 [ 21.877857] ? preempt_count_sub+0x50/0x80 [ 21.877890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.877921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.878011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.878052] kthread+0x337/0x6f0 [ 21.878082] ? trace_preempt_on+0x20/0xc0 [ 21.878115] ? __pfx_kthread+0x10/0x10 [ 21.878144] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.878219] ? calculate_sigpending+0x7b/0xa0 [ 21.878272] ? __pfx_kthread+0x10/0x10 [ 21.878305] ret_from_fork+0x116/0x1d0 [ 21.878332] ? __pfx_kthread+0x10/0x10 [ 21.878362] ret_from_fork_asm+0x1a/0x30 [ 21.878407] </TASK> [ 21.878422] [ 21.904650] Allocated by task 278: [ 21.905576] kasan_save_stack+0x45/0x70 [ 21.905987] kasan_save_track+0x18/0x40 [ 21.906402] kasan_save_alloc_info+0x3b/0x50 [ 21.907577] __kasan_kmalloc+0xb7/0xc0 [ 21.908162] __kmalloc_cache_noprof+0x189/0x420 [ 21.909052] kasan_bitops_generic+0x92/0x1c0 [ 21.910132] kunit_try_run_case+0x1a5/0x480 [ 21.910585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.911286] kthread+0x337/0x6f0 [ 21.911995] ret_from_fork+0x116/0x1d0 [ 21.912330] ret_from_fork_asm+0x1a/0x30 [ 21.912749] [ 21.913536] The buggy address belongs to the object at ffff888100fa0f20 [ 21.913536] which belongs to the cache kmalloc-16 of size 16 [ 21.914693] The buggy address is located 8 bytes inside of [ 21.914693] allocated 9-byte region [ffff888100fa0f20, ffff888100fa0f29) [ 21.916341] [ 21.916505] The buggy address belongs to the physical page: [ 21.916869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 21.918017] flags: 0x200000000000000(node=0|zone=2) [ 21.918813] page_type: f5(slab) [ 21.919209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.920367] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.920967] page dumped because: kasan: bad access detected [ 21.921725] [ 21.922017] Memory state around the buggy address: [ 21.922782] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.923389] ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.923957] >ffff888100fa0f00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 21.924474] ^ [ 21.925133] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.925974] ffff888100fa1000: fa fb fb fb fb fb fb fc fc fc fc fa fb fb fb fb [ 21.926722] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 21.442285] ================================================================== [ 21.443331] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 21.443971] Read of size 1 at addr ffff888102b74c50 by task kunit_try_catch/276 [ 21.444698] [ 21.445085] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.445212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.445254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.445370] Call Trace: [ 21.445477] <TASK> [ 21.445531] dump_stack_lvl+0x73/0xb0 [ 21.445644] print_report+0xd1/0x650 [ 21.445772] ? __virt_addr_valid+0x1db/0x2d0 [ 21.445899] ? strnlen+0x73/0x80 [ 21.445988] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.446067] ? strnlen+0x73/0x80 [ 21.446126] kasan_report+0x141/0x180 [ 21.446162] ? strnlen+0x73/0x80 [ 21.446195] __asan_report_load1_noabort+0x18/0x20 [ 21.446226] strnlen+0x73/0x80 [ 21.446268] kasan_strings+0x615/0xe80 [ 21.446299] ? trace_hardirqs_on+0x37/0xe0 [ 21.446333] ? __pfx_kasan_strings+0x10/0x10 [ 21.446365] ? __kasan_check_write+0x18/0x20 [ 21.446393] ? queued_spin_lock_slowpath+0x116/0xb40 [ 21.446431] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 21.446467] ? __pfx_read_tsc+0x10/0x10 [ 21.446500] ? ktime_get_ts64+0x86/0x230 [ 21.446533] kunit_try_run_case+0x1a5/0x480 [ 21.446563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.446591] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 21.446625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.446691] ? __kthread_parkme+0x82/0x180 [ 21.446735] ? preempt_count_sub+0x50/0x80 [ 21.446770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.446800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.446835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.446872] kthread+0x337/0x6f0 [ 21.446900] ? trace_preempt_on+0x20/0xc0 [ 21.446933] ? __pfx_kthread+0x10/0x10 [ 21.446989] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.447024] ? calculate_sigpending+0x7b/0xa0 [ 21.447058] ? __pfx_kthread+0x10/0x10 [ 21.447087] ret_from_fork+0x116/0x1d0 [ 21.447112] ? __pfx_kthread+0x10/0x10 [ 21.447141] ret_from_fork_asm+0x1a/0x30 [ 21.447184] </TASK> [ 21.447199] [ 21.463531] Allocated by task 276: [ 21.463859] kasan_save_stack+0x45/0x70 [ 21.464410] kasan_save_track+0x18/0x40 [ 21.465126] kasan_save_alloc_info+0x3b/0x50 [ 21.465573] __kasan_kmalloc+0xb7/0xc0 [ 21.466014] __kmalloc_cache_noprof+0x189/0x420 [ 21.467757] kasan_strings+0xc0/0xe80 [ 21.468400] kunit_try_run_case+0x1a5/0x480 [ 21.469638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.470446] kthread+0x337/0x6f0 [ 21.471109] ret_from_fork+0x116/0x1d0 [ 21.471645] ret_from_fork_asm+0x1a/0x30 [ 21.472255] [ 21.472422] Freed by task 276: [ 21.473093] kasan_save_stack+0x45/0x70 [ 21.473457] kasan_save_track+0x18/0x40 [ 21.474213] kasan_save_free_info+0x3f/0x60 [ 21.474590] __kasan_slab_free+0x56/0x70 [ 21.475493] kfree+0x222/0x3f0 [ 21.476106] kasan_strings+0x2aa/0xe80 [ 21.476447] kunit_try_run_case+0x1a5/0x480 [ 21.477075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.477551] kthread+0x337/0x6f0 [ 21.477881] ret_from_fork+0x116/0x1d0 [ 21.478407] ret_from_fork_asm+0x1a/0x30 [ 21.479030] [ 21.479244] The buggy address belongs to the object at ffff888102b74c40 [ 21.479244] which belongs to the cache kmalloc-32 of size 32 [ 21.480315] The buggy address is located 16 bytes inside of [ 21.480315] freed 32-byte region [ffff888102b74c40, ffff888102b74c60) [ 21.481328] [ 21.481517] The buggy address belongs to the physical page: [ 21.482143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 21.482829] flags: 0x200000000000000(node=0|zone=2) [ 21.483351] page_type: f5(slab) [ 21.483705] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.484251] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.485003] page dumped because: kasan: bad access detected [ 21.485523] [ 21.485809] Memory state around the buggy address: [ 21.486254] ffff888102b74b00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.486969] ffff888102b74b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.487645] >ffff888102b74c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.488275] ^ [ 21.488840] ffff888102b74c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.489504] ffff888102b74d00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.490132] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 21.395113] ================================================================== [ 21.395880] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 21.396430] Read of size 1 at addr ffff888102b74c50 by task kunit_try_catch/276 [ 21.397194] [ 21.397528] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.397696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.397800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.397871] Call Trace: [ 21.397924] <TASK> [ 21.397986] dump_stack_lvl+0x73/0xb0 [ 21.398118] print_report+0xd1/0x650 [ 21.398208] ? __virt_addr_valid+0x1db/0x2d0 [ 21.398299] ? strlen+0x8f/0xb0 [ 21.398371] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.398448] ? strlen+0x8f/0xb0 [ 21.398504] kasan_report+0x141/0x180 [ 21.398541] ? strlen+0x8f/0xb0 [ 21.398574] __asan_report_load1_noabort+0x18/0x20 [ 21.398605] strlen+0x8f/0xb0 [ 21.398751] kasan_strings+0x57b/0xe80 [ 21.398834] ? trace_hardirqs_on+0x37/0xe0 [ 21.398916] ? __pfx_kasan_strings+0x10/0x10 [ 21.399009] ? __kasan_check_write+0x18/0x20 [ 21.399083] ? queued_spin_lock_slowpath+0x116/0xb40 [ 21.399237] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 21.399322] ? __pfx_read_tsc+0x10/0x10 [ 21.399402] ? ktime_get_ts64+0x86/0x230 [ 21.399484] kunit_try_run_case+0x1a5/0x480 [ 21.399527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.399557] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 21.399592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.399628] ? __kthread_parkme+0x82/0x180 [ 21.399685] ? preempt_count_sub+0x50/0x80 [ 21.399738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.399768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.399803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.399838] kthread+0x337/0x6f0 [ 21.399865] ? trace_preempt_on+0x20/0xc0 [ 21.399899] ? __pfx_kthread+0x10/0x10 [ 21.399928] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.400053] ? calculate_sigpending+0x7b/0xa0 [ 21.400137] ? __pfx_kthread+0x10/0x10 [ 21.400196] ret_from_fork+0x116/0x1d0 [ 21.400223] ? __pfx_kthread+0x10/0x10 [ 21.400253] ret_from_fork_asm+0x1a/0x30 [ 21.400297] </TASK> [ 21.400312] [ 21.416187] Allocated by task 276: [ 21.416787] kasan_save_stack+0x45/0x70 [ 21.417231] kasan_save_track+0x18/0x40 [ 21.417859] kasan_save_alloc_info+0x3b/0x50 [ 21.418443] __kasan_kmalloc+0xb7/0xc0 [ 21.418933] __kmalloc_cache_noprof+0x189/0x420 [ 21.419428] kasan_strings+0xc0/0xe80 [ 21.420033] kunit_try_run_case+0x1a5/0x480 [ 21.420504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.421174] kthread+0x337/0x6f0 [ 21.421630] ret_from_fork+0x116/0x1d0 [ 21.422186] ret_from_fork_asm+0x1a/0x30 [ 21.422651] [ 21.423026] Freed by task 276: [ 21.423325] kasan_save_stack+0x45/0x70 [ 21.423643] kasan_save_track+0x18/0x40 [ 21.424024] kasan_save_free_info+0x3f/0x60 [ 21.424461] __kasan_slab_free+0x56/0x70 [ 21.425019] kfree+0x222/0x3f0 [ 21.425415] kasan_strings+0x2aa/0xe80 [ 21.426020] kunit_try_run_case+0x1a5/0x480 [ 21.426479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.427158] kthread+0x337/0x6f0 [ 21.427448] ret_from_fork+0x116/0x1d0 [ 21.427818] ret_from_fork_asm+0x1a/0x30 [ 21.428314] [ 21.428575] The buggy address belongs to the object at ffff888102b74c40 [ 21.428575] which belongs to the cache kmalloc-32 of size 32 [ 21.429627] The buggy address is located 16 bytes inside of [ 21.429627] freed 32-byte region [ffff888102b74c40, ffff888102b74c60) [ 21.430787] [ 21.431117] The buggy address belongs to the physical page: [ 21.431637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 21.432400] flags: 0x200000000000000(node=0|zone=2) [ 21.433638] page_type: f5(slab) [ 21.434157] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.435101] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.435586] page dumped because: kasan: bad access detected [ 21.436177] [ 21.436442] Memory state around the buggy address: [ 21.437004] ffff888102b74b00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.437770] ffff888102b74b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.438456] >ffff888102b74c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.439132] ^ [ 21.439733] ffff888102b74c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.440410] ffff888102b74d00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.441116] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 21.345109] ================================================================== [ 21.345789] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 21.346343] Read of size 1 at addr ffff888102b74c50 by task kunit_try_catch/276 [ 21.348071] [ 21.348339] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.348535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.348581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.348643] Call Trace: [ 21.348693] <TASK> [ 21.348805] dump_stack_lvl+0x73/0xb0 [ 21.348922] print_report+0xd1/0x650 [ 21.348992] ? __virt_addr_valid+0x1db/0x2d0 [ 21.349029] ? kasan_strings+0xcbc/0xe80 [ 21.349061] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.349095] ? kasan_strings+0xcbc/0xe80 [ 21.349126] kasan_report+0x141/0x180 [ 21.349159] ? kasan_strings+0xcbc/0xe80 [ 21.349195] __asan_report_load1_noabort+0x18/0x20 [ 21.349225] kasan_strings+0xcbc/0xe80 [ 21.349253] ? trace_hardirqs_on+0x37/0xe0 [ 21.349285] ? __pfx_kasan_strings+0x10/0x10 [ 21.349318] ? __kasan_check_write+0x18/0x20 [ 21.349344] ? queued_spin_lock_slowpath+0x116/0xb40 [ 21.349381] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 21.349419] ? __pfx_read_tsc+0x10/0x10 [ 21.349450] ? ktime_get_ts64+0x86/0x230 [ 21.349483] kunit_try_run_case+0x1a5/0x480 [ 21.349513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.349539] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 21.349574] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.349609] ? __kthread_parkme+0x82/0x180 [ 21.349638] ? preempt_count_sub+0x50/0x80 [ 21.349693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.349732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.349771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.349807] kthread+0x337/0x6f0 [ 21.349835] ? trace_preempt_on+0x20/0xc0 [ 21.349869] ? __pfx_kthread+0x10/0x10 [ 21.349898] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.349932] ? calculate_sigpending+0x7b/0xa0 [ 21.349991] ? __pfx_kthread+0x10/0x10 [ 21.350023] ret_from_fork+0x116/0x1d0 [ 21.350048] ? __pfx_kthread+0x10/0x10 [ 21.350078] ret_from_fork_asm+0x1a/0x30 [ 21.350119] </TASK> [ 21.350134] [ 21.369863] Allocated by task 276: [ 21.370370] kasan_save_stack+0x45/0x70 [ 21.370860] kasan_save_track+0x18/0x40 [ 21.371290] kasan_save_alloc_info+0x3b/0x50 [ 21.371885] __kasan_kmalloc+0xb7/0xc0 [ 21.372335] __kmalloc_cache_noprof+0x189/0x420 [ 21.372891] kasan_strings+0xc0/0xe80 [ 21.373310] kunit_try_run_case+0x1a5/0x480 [ 21.373756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.374296] kthread+0x337/0x6f0 [ 21.374648] ret_from_fork+0x116/0x1d0 [ 21.375158] ret_from_fork_asm+0x1a/0x30 [ 21.375646] [ 21.375978] Freed by task 276: [ 21.376243] kasan_save_stack+0x45/0x70 [ 21.376560] kasan_save_track+0x18/0x40 [ 21.376983] kasan_save_free_info+0x3f/0x60 [ 21.377598] __kasan_slab_free+0x56/0x70 [ 21.378177] kfree+0x222/0x3f0 [ 21.378553] kasan_strings+0x2aa/0xe80 [ 21.379160] kunit_try_run_case+0x1a5/0x480 [ 21.379631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.380254] kthread+0x337/0x6f0 [ 21.380759] ret_from_fork+0x116/0x1d0 [ 21.381202] ret_from_fork_asm+0x1a/0x30 [ 21.381741] [ 21.381986] The buggy address belongs to the object at ffff888102b74c40 [ 21.381986] which belongs to the cache kmalloc-32 of size 32 [ 21.383166] The buggy address is located 16 bytes inside of [ 21.383166] freed 32-byte region [ffff888102b74c40, ffff888102b74c60) [ 21.384186] [ 21.384376] The buggy address belongs to the physical page: [ 21.384842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 21.385749] flags: 0x200000000000000(node=0|zone=2) [ 21.386320] page_type: f5(slab) [ 21.386759] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.387498] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.388174] page dumped because: kasan: bad access detected [ 21.388778] [ 21.389088] Memory state around the buggy address: [ 21.389579] ffff888102b74b00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.390363] ffff888102b74b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.391087] >ffff888102b74c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.391764] ^ [ 21.392368] ffff888102b74c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.393079] ffff888102b74d00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.393783] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.293668] ================================================================== [ 21.295621] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 21.296363] Read of size 1 at addr ffff888102b74c50 by task kunit_try_catch/276 [ 21.297003] [ 21.297277] CPU: 0 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.297417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.297458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.297522] Call Trace: [ 21.297552] <TASK> [ 21.297584] dump_stack_lvl+0x73/0xb0 [ 21.297636] print_report+0xd1/0x650 [ 21.297693] ? __virt_addr_valid+0x1db/0x2d0 [ 21.297766] ? strcmp+0xb0/0xc0 [ 21.297818] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.297854] ? strcmp+0xb0/0xc0 [ 21.297901] kasan_report+0x141/0x180 [ 21.297994] ? strcmp+0xb0/0xc0 [ 21.298086] __asan_report_load1_noabort+0x18/0x20 [ 21.298161] strcmp+0xb0/0xc0 [ 21.298231] kasan_strings+0x431/0xe80 [ 21.298307] ? trace_hardirqs_on+0x37/0xe0 [ 21.298385] ? __pfx_kasan_strings+0x10/0x10 [ 21.298459] ? __kasan_check_write+0x18/0x20 [ 21.298521] ? queued_spin_lock_slowpath+0x116/0xb40 [ 21.298568] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 21.298608] ? __pfx_read_tsc+0x10/0x10 [ 21.298639] ? ktime_get_ts64+0x86/0x230 [ 21.298698] kunit_try_run_case+0x1a5/0x480 [ 21.298740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.298770] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 21.298806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.298843] ? __kthread_parkme+0x82/0x180 [ 21.298873] ? preempt_count_sub+0x50/0x80 [ 21.298906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.298935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.298996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.299034] kthread+0x337/0x6f0 [ 21.299062] ? trace_preempt_on+0x20/0xc0 [ 21.299093] ? __pfx_kthread+0x10/0x10 [ 21.299122] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.299154] ? calculate_sigpending+0x7b/0xa0 [ 21.299189] ? __pfx_kthread+0x10/0x10 [ 21.299219] ret_from_fork+0x116/0x1d0 [ 21.299246] ? __pfx_kthread+0x10/0x10 [ 21.299275] ret_from_fork_asm+0x1a/0x30 [ 21.299317] </TASK> [ 21.299331] [ 21.318004] Allocated by task 276: [ 21.318636] kasan_save_stack+0x45/0x70 [ 21.319314] kasan_save_track+0x18/0x40 [ 21.319750] kasan_save_alloc_info+0x3b/0x50 [ 21.320296] __kasan_kmalloc+0xb7/0xc0 [ 21.320718] __kmalloc_cache_noprof+0x189/0x420 [ 21.321145] kasan_strings+0xc0/0xe80 [ 21.321558] kunit_try_run_case+0x1a5/0x480 [ 21.322065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.322622] kthread+0x337/0x6f0 [ 21.323440] ret_from_fork+0x116/0x1d0 [ 21.323773] ret_from_fork_asm+0x1a/0x30 [ 21.324503] [ 21.324707] Freed by task 276: [ 21.325315] kasan_save_stack+0x45/0x70 [ 21.325740] kasan_save_track+0x18/0x40 [ 21.326439] kasan_save_free_info+0x3f/0x60 [ 21.327018] __kasan_slab_free+0x56/0x70 [ 21.327440] kfree+0x222/0x3f0 [ 21.328175] kasan_strings+0x2aa/0xe80 [ 21.328494] kunit_try_run_case+0x1a5/0x480 [ 21.329026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.329728] kthread+0x337/0x6f0 [ 21.330177] ret_from_fork+0x116/0x1d0 [ 21.330661] ret_from_fork_asm+0x1a/0x30 [ 21.331027] [ 21.331584] The buggy address belongs to the object at ffff888102b74c40 [ 21.331584] which belongs to the cache kmalloc-32 of size 32 [ 21.333331] The buggy address is located 16 bytes inside of [ 21.333331] freed 32-byte region [ffff888102b74c40, ffff888102b74c60) [ 21.334347] [ 21.334583] The buggy address belongs to the physical page: [ 21.335512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 21.336288] flags: 0x200000000000000(node=0|zone=2) [ 21.337190] page_type: f5(slab) [ 21.337508] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.338556] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.338963] page dumped because: kasan: bad access detected [ 21.339175] [ 21.339263] Memory state around the buggy address: [ 21.339434] ffff888102b74b00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.339687] ffff888102b74b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.339936] >ffff888102b74c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.340396] ^ [ 21.341551] ffff888102b74c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.342507] ffff888102b74d00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 21.343350] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 21.224823] ================================================================== [ 21.226128] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 21.227172] Read of size 1 at addr ffff888102b71d98 by task kunit_try_catch/274 [ 21.227988] [ 21.228655] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.228908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.228953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.229012] Call Trace: [ 21.229034] <TASK> [ 21.229058] dump_stack_lvl+0x73/0xb0 [ 21.229098] print_report+0xd1/0x650 [ 21.229134] ? __virt_addr_valid+0x1db/0x2d0 [ 21.229167] ? memcmp+0x1b4/0x1d0 [ 21.229195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.229245] ? memcmp+0x1b4/0x1d0 [ 21.229361] kasan_report+0x141/0x180 [ 21.229398] ? memcmp+0x1b4/0x1d0 [ 21.229434] __asan_report_load1_noabort+0x18/0x20 [ 21.229464] memcmp+0x1b4/0x1d0 [ 21.229494] kasan_memcmp+0x18f/0x390 [ 21.229523] ? trace_hardirqs_on+0x37/0xe0 [ 21.229556] ? __pfx_kasan_memcmp+0x10/0x10 [ 21.229586] ? finish_task_switch.isra.0+0x153/0x700 [ 21.229618] ? __switch_to+0x47/0xf50 [ 21.229661] ? __pfx_read_tsc+0x10/0x10 [ 21.229716] ? ktime_get_ts64+0x86/0x230 [ 21.229755] kunit_try_run_case+0x1a5/0x480 [ 21.229787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.229816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.229852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.229887] ? __kthread_parkme+0x82/0x180 [ 21.229916] ? preempt_count_sub+0x50/0x80 [ 21.229973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.230005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.230043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.230079] kthread+0x337/0x6f0 [ 21.230106] ? trace_preempt_on+0x20/0xc0 [ 21.230138] ? __pfx_kthread+0x10/0x10 [ 21.230178] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.230326] ? calculate_sigpending+0x7b/0xa0 [ 21.230364] ? __pfx_kthread+0x10/0x10 [ 21.230395] ret_from_fork+0x116/0x1d0 [ 21.230423] ? __pfx_kthread+0x10/0x10 [ 21.230453] ret_from_fork_asm+0x1a/0x30 [ 21.230495] </TASK> [ 21.230510] [ 21.252034] Allocated by task 274: [ 21.253098] kasan_save_stack+0x45/0x70 [ 21.253834] kasan_save_track+0x18/0x40 [ 21.254141] kasan_save_alloc_info+0x3b/0x50 [ 21.255168] __kasan_kmalloc+0xb7/0xc0 [ 21.256029] __kmalloc_cache_noprof+0x189/0x420 [ 21.256508] kasan_memcmp+0xb7/0x390 [ 21.257029] kunit_try_run_case+0x1a5/0x480 [ 21.258188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.259064] kthread+0x337/0x6f0 [ 21.260071] ret_from_fork+0x116/0x1d0 [ 21.260514] ret_from_fork_asm+0x1a/0x30 [ 21.260976] [ 21.261652] The buggy address belongs to the object at ffff888102b71d80 [ 21.261652] which belongs to the cache kmalloc-32 of size 32 [ 21.263010] The buggy address is located 0 bytes to the right of [ 21.263010] allocated 24-byte region [ffff888102b71d80, ffff888102b71d98) [ 21.265017] [ 21.265220] The buggy address belongs to the physical page: [ 21.265993] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b71 [ 21.266415] flags: 0x200000000000000(node=0|zone=2) [ 21.266604] page_type: f5(slab) [ 21.267051] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 21.268295] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.269011] page dumped because: kasan: bad access detected [ 21.269816] [ 21.270002] Memory state around the buggy address: [ 21.270647] ffff888102b71c80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.271533] ffff888102b71d00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.272239] >ffff888102b71d80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.273076] ^ [ 21.273401] ffff888102b71e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.274763] ffff888102b71e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.275693] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.177373] ================================================================== [ 21.178475] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 21.179575] Read of size 1 at addr ffff888103bc7c4a by task kunit_try_catch/270 [ 21.180914] [ 21.181485] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.181624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.181691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.181772] Call Trace: [ 21.181811] <TASK> [ 21.181861] dump_stack_lvl+0x73/0xb0 [ 21.181923] print_report+0xd1/0x650 [ 21.181983] ? __virt_addr_valid+0x1db/0x2d0 [ 21.182022] ? kasan_alloca_oob_right+0x329/0x390 [ 21.182056] ? kasan_addr_to_slab+0x11/0xa0 [ 21.182088] ? kasan_alloca_oob_right+0x329/0x390 [ 21.182122] kasan_report+0x141/0x180 [ 21.182154] ? kasan_alloca_oob_right+0x329/0x390 [ 21.182195] __asan_report_load1_noabort+0x18/0x20 [ 21.182224] kasan_alloca_oob_right+0x329/0x390 [ 21.182269] ? __kasan_check_write+0x18/0x20 [ 21.182299] ? __pfx_sched_clock_cpu+0x10/0x10 [ 21.182330] ? finish_task_switch.isra.0+0x153/0x700 [ 21.182362] ? __mutex_unlock_slowpath.isra.0+0x30e/0x310 [ 21.182395] ? trace_hardirqs_on+0x37/0xe0 [ 21.182435] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 21.182550] ? __schedule+0x10cc/0x2b60 [ 21.182602] ? __pfx_read_tsc+0x10/0x10 [ 21.182635] ? ktime_get_ts64+0x86/0x230 [ 21.182676] kunit_try_run_case+0x1a5/0x480 [ 21.182742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.182772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.182807] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.182845] ? __kthread_parkme+0x82/0x180 [ 21.182872] ? preempt_count_sub+0x50/0x80 [ 21.182904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.182933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.182995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.183033] kthread+0x337/0x6f0 [ 21.183062] ? trace_preempt_on+0x20/0xc0 [ 21.183093] ? __pfx_kthread+0x10/0x10 [ 21.183121] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.183154] ? calculate_sigpending+0x7b/0xa0 [ 21.183224] ? __pfx_kthread+0x10/0x10 [ 21.183308] ret_from_fork+0x116/0x1d0 [ 21.183349] ? __pfx_kthread+0x10/0x10 [ 21.183381] ret_from_fork_asm+0x1a/0x30 [ 21.183424] </TASK> [ 21.183439] [ 21.200184] The buggy address belongs to stack of task kunit_try_catch/270 [ 21.201019] [ 21.201215] The buggy address belongs to the physical page: [ 21.201888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bc7 [ 21.202888] flags: 0x200000000000000(node=0|zone=2) [ 21.203298] raw: 0200000000000000 ffffea00040ef1c8 ffffea00040ef1c8 0000000000000000 [ 21.203776] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.204377] page dumped because: kasan: bad access detected [ 21.205215] [ 21.205454] Memory state around the buggy address: [ 21.205930] ffff888103bc7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.206860] ffff888103bc7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.207338] >ffff888103bc7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.207776] ^ [ 21.209696] ffff888103bc7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 21.211873] ffff888103bc7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.212400] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 21.129729] ================================================================== [ 21.131095] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 21.131885] Read of size 1 at addr ffff888103bffc3f by task kunit_try_catch/268 [ 21.133314] [ 21.133573] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.133707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.133750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.133808] Call Trace: [ 21.133829] <TASK> [ 21.133853] dump_stack_lvl+0x73/0xb0 [ 21.133894] print_report+0xd1/0x650 [ 21.133927] ? __virt_addr_valid+0x1db/0x2d0 [ 21.134014] ? kasan_alloca_oob_left+0x320/0x380 [ 21.134051] ? kasan_addr_to_slab+0x11/0xa0 [ 21.134082] ? kasan_alloca_oob_left+0x320/0x380 [ 21.134114] kasan_report+0x141/0x180 [ 21.134148] ? kasan_alloca_oob_left+0x320/0x380 [ 21.134288] __asan_report_load1_noabort+0x18/0x20 [ 21.134378] kasan_alloca_oob_left+0x320/0x380 [ 21.134445] ? finish_task_switch.isra.0+0x153/0x700 [ 21.134486] ? __mutex_unlock_slowpath.isra.0+0x30e/0x310 [ 21.134521] ? trace_hardirqs_on+0x37/0xe0 [ 21.134559] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 21.134596] ? __schedule+0x10cc/0x2b60 [ 21.134630] ? __pfx_read_tsc+0x10/0x10 [ 21.134662] ? ktime_get_ts64+0x86/0x230 [ 21.134723] kunit_try_run_case+0x1a5/0x480 [ 21.134759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.134787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.134824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.134860] ? __kthread_parkme+0x82/0x180 [ 21.134889] ? preempt_count_sub+0x50/0x80 [ 21.134922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.134981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.135067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.135141] kthread+0x337/0x6f0 [ 21.135193] ? trace_preempt_on+0x20/0xc0 [ 21.135270] ? __pfx_kthread+0x10/0x10 [ 21.135346] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.135425] ? calculate_sigpending+0x7b/0xa0 [ 21.135506] ? __pfx_kthread+0x10/0x10 [ 21.135568] ret_from_fork+0x116/0x1d0 [ 21.135597] ? __pfx_kthread+0x10/0x10 [ 21.135627] ret_from_fork_asm+0x1a/0x30 [ 21.135672] </TASK> [ 21.135688] [ 21.159588] The buggy address belongs to stack of task kunit_try_catch/268 [ 21.160669] [ 21.161327] The buggy address belongs to the physical page: [ 21.162319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bff [ 21.162898] flags: 0x200000000000000(node=0|zone=2) [ 21.163651] raw: 0200000000000000 ffffea00040effc8 ffffea00040effc8 0000000000000000 [ 21.164860] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.166009] page dumped because: kasan: bad access detected [ 21.166478] [ 21.166936] Memory state around the buggy address: [ 21.167289] ffff888103bffb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.168245] ffff888103bffb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.169337] >ffff888103bffc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.169925] ^ [ 21.171021] ffff888103bffc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 21.171409] ffff888103bffd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.171653] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 21.076854] ================================================================== [ 21.078514] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 21.079659] Read of size 1 at addr ffff888103bdfd02 by task kunit_try_catch/266 [ 21.080178] [ 21.081235] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.081346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.081368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.081401] Call Trace: [ 21.081420] <TASK> [ 21.081441] dump_stack_lvl+0x73/0xb0 [ 21.081481] print_report+0xd1/0x650 [ 21.081515] ? __virt_addr_valid+0x1db/0x2d0 [ 21.081550] ? kasan_stack_oob+0x2b5/0x300 [ 21.081578] ? kasan_addr_to_slab+0x11/0xa0 [ 21.081608] ? kasan_stack_oob+0x2b5/0x300 [ 21.081637] kasan_report+0x141/0x180 [ 21.081676] ? kasan_stack_oob+0x2b5/0x300 [ 21.081746] __asan_report_load1_noabort+0x18/0x20 [ 21.081780] kasan_stack_oob+0x2b5/0x300 [ 21.081810] ? __pfx_kasan_stack_oob+0x10/0x10 [ 21.081839] ? finish_task_switch.isra.0+0x153/0x700 [ 21.081872] ? __switch_to+0x47/0xf50 [ 21.081908] ? __schedule+0x10cc/0x2b60 [ 21.081941] ? __pfx_read_tsc+0x10/0x10 [ 21.082000] ? ktime_get_ts64+0x86/0x230 [ 21.082036] kunit_try_run_case+0x1a5/0x480 [ 21.082069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.082097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.082133] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.082178] ? __kthread_parkme+0x82/0x180 [ 21.082288] ? preempt_count_sub+0x50/0x80 [ 21.082343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.082376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.082414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.082451] kthread+0x337/0x6f0 [ 21.082478] ? trace_preempt_on+0x20/0xc0 [ 21.082511] ? __pfx_kthread+0x10/0x10 [ 21.082540] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.082573] ? calculate_sigpending+0x7b/0xa0 [ 21.082609] ? __pfx_kthread+0x10/0x10 [ 21.082639] ret_from_fork+0x116/0x1d0 [ 21.082664] ? __pfx_kthread+0x10/0x10 [ 21.082721] ret_from_fork_asm+0x1a/0x30 [ 21.082767] </TASK> [ 21.082782] [ 21.106391] The buggy address belongs to stack of task kunit_try_catch/266 [ 21.107318] and is located at offset 138 in frame: [ 21.107740] kasan_stack_oob+0x0/0x300 [ 21.108792] [ 21.109046] This frame has 4 objects: [ 21.110310] [48, 49) '__assertion' [ 21.110352] [64, 72) 'array' [ 21.110650] [96, 112) '__assertion' [ 21.111073] [128, 138) 'stack_array' [ 21.112005] [ 21.113072] The buggy address belongs to the physical page: [ 21.113721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103bdf [ 21.114353] flags: 0x200000000000000(node=0|zone=2) [ 21.114779] raw: 0200000000000000 ffffea00040ef7c8 ffffea00040ef7c8 0000000000000000 [ 21.115377] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 21.116645] page dumped because: kasan: bad access detected [ 21.117063] [ 21.117558] Memory state around the buggy address: [ 21.118554] ffff888103bdfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.119401] ffff888103bdfc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 21.119971] >ffff888103bdfd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 21.120579] ^ [ 21.121086] ffff888103bdfd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 21.122037] ffff888103bdfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.122901] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 21.025069] ================================================================== [ 21.027009] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 21.028071] Read of size 1 at addr ffffffff8bc7ae4d by task kunit_try_catch/262 [ 21.028966] [ 21.029650] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 21.029783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.029815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.029876] Call Trace: [ 21.029899] <TASK> [ 21.029922] dump_stack_lvl+0x73/0xb0 [ 21.030001] print_report+0xd1/0x650 [ 21.030081] ? __virt_addr_valid+0x1db/0x2d0 [ 21.030159] ? kasan_global_oob_right+0x286/0x2d0 [ 21.030307] ? kasan_addr_to_slab+0x11/0xa0 [ 21.030343] ? kasan_global_oob_right+0x286/0x2d0 [ 21.030376] kasan_report+0x141/0x180 [ 21.030410] ? kasan_global_oob_right+0x286/0x2d0 [ 21.030449] __asan_report_load1_noabort+0x18/0x20 [ 21.030479] kasan_global_oob_right+0x286/0x2d0 [ 21.030510] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 21.030544] ? __schedule+0x10cc/0x2b60 [ 21.030580] ? __pfx_read_tsc+0x10/0x10 [ 21.030610] ? ktime_get_ts64+0x86/0x230 [ 21.030644] kunit_try_run_case+0x1a5/0x480 [ 21.030686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.030734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.030771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.030808] ? __kthread_parkme+0x82/0x180 [ 21.030838] ? preempt_count_sub+0x50/0x80 [ 21.030869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.030898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.030932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.031001] kthread+0x337/0x6f0 [ 21.031033] ? trace_preempt_on+0x20/0xc0 [ 21.031068] ? __pfx_kthread+0x10/0x10 [ 21.031097] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.031130] ? calculate_sigpending+0x7b/0xa0 [ 21.031173] ? __pfx_kthread+0x10/0x10 [ 21.031241] ret_from_fork+0x116/0x1d0 [ 21.031269] ? __pfx_kthread+0x10/0x10 [ 21.031300] ret_from_fork_asm+0x1a/0x30 [ 21.031342] </TASK> [ 21.031357] [ 21.052471] The buggy address belongs to the variable: [ 21.053533] global_array+0xd/0x40 [ 21.054078] [ 21.054606] The buggy address belongs to the physical page: [ 21.055382] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x125a7a [ 21.056648] flags: 0x200000000002000(reserved|node=0|zone=2) [ 21.057291] raw: 0200000000002000 ffffea0004969e88 ffffea0004969e88 0000000000000000 [ 21.058390] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.059700] page dumped because: kasan: bad access detected [ 21.060148] [ 21.060463] Memory state around the buggy address: [ 21.061403] ffffffff8bc7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.062394] ffffffff8bc7ad80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.063137] >ffffffff8bc7ae00: 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 [ 21.064061] ^ [ 21.064794] ffffffff8bc7ae80: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 21.065631] ffffffff8bc7af00: 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 21.066715] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.907018] ================================================================== [ 20.907740] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.909728] Free of addr ffff888102b56701 by task kunit_try_catch/258 [ 20.910344] [ 20.910868] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.911285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.911327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.911363] Call Trace: [ 20.911381] <TASK> [ 20.911404] dump_stack_lvl+0x73/0xb0 [ 20.911446] print_report+0xd1/0x650 [ 20.911480] ? __virt_addr_valid+0x1db/0x2d0 [ 20.911515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.911549] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.911588] kasan_report_invalid_free+0x10a/0x130 [ 20.911624] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.911664] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.911729] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.911767] check_slab_allocation+0x11f/0x130 [ 20.911800] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.911836] mempool_free+0x2ec/0x380 [ 20.911870] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.911908] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.911966] ? __kasan_check_write+0x18/0x20 [ 20.912006] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.912040] ? finish_task_switch.isra.0+0x153/0x700 [ 20.912079] mempool_kmalloc_invalid_free+0xed/0x140 [ 20.912115] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 20.912154] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.912235] ? __pfx_mempool_kfree+0x10/0x10 [ 20.912304] ? __pfx_read_tsc+0x10/0x10 [ 20.912339] ? ktime_get_ts64+0x86/0x230 [ 20.912374] kunit_try_run_case+0x1a5/0x480 [ 20.912409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.912437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.912475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.912511] ? __kthread_parkme+0x82/0x180 [ 20.912541] ? preempt_count_sub+0x50/0x80 [ 20.912573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.912601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.912637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.912680] kthread+0x337/0x6f0 [ 20.912731] ? trace_preempt_on+0x20/0xc0 [ 20.912767] ? __pfx_kthread+0x10/0x10 [ 20.912797] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.912829] ? calculate_sigpending+0x7b/0xa0 [ 20.912864] ? __pfx_kthread+0x10/0x10 [ 20.912894] ret_from_fork+0x116/0x1d0 [ 20.912920] ? __pfx_kthread+0x10/0x10 [ 20.912969] ret_from_fork_asm+0x1a/0x30 [ 20.913019] </TASK> [ 20.913035] [ 20.940637] Allocated by task 258: [ 20.941280] kasan_save_stack+0x45/0x70 [ 20.941649] kasan_save_track+0x18/0x40 [ 20.942629] kasan_save_alloc_info+0x3b/0x50 [ 20.943169] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.943836] remove_element+0x11e/0x190 [ 20.944441] mempool_alloc_preallocated+0x4d/0x90 [ 20.945541] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 20.946214] mempool_kmalloc_invalid_free+0xed/0x140 [ 20.947093] kunit_try_run_case+0x1a5/0x480 [ 20.947518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.948311] kthread+0x337/0x6f0 [ 20.948641] ret_from_fork+0x116/0x1d0 [ 20.949669] ret_from_fork_asm+0x1a/0x30 [ 20.950356] [ 20.950600] The buggy address belongs to the object at ffff888102b56700 [ 20.950600] which belongs to the cache kmalloc-128 of size 128 [ 20.952020] The buggy address is located 1 bytes inside of [ 20.952020] 128-byte region [ffff888102b56700, ffff888102b56780) [ 20.953719] [ 20.954300] The buggy address belongs to the physical page: [ 20.954729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 20.955998] flags: 0x200000000000000(node=0|zone=2) [ 20.956413] page_type: f5(slab) [ 20.956790] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.957775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.958521] page dumped because: kasan: bad access detected [ 20.959536] [ 20.959715] Memory state around the buggy address: [ 20.960759] ffff888102b56600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.961408] ffff888102b56680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.962025] >ffff888102b56700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.963020] ^ [ 20.963885] ffff888102b56780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.964411] ffff888102b56800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.965406] ================================================================== [ 20.971892] ================================================================== [ 20.972517] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.973572] Free of addr ffff888103c28001 by task kunit_try_catch/260 [ 20.974734] [ 20.975125] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.975238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.975277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.975340] Call Trace: [ 20.975381] <TASK> [ 20.975418] dump_stack_lvl+0x73/0xb0 [ 20.975474] print_report+0xd1/0x650 [ 20.975539] ? __virt_addr_valid+0x1db/0x2d0 [ 20.975579] ? kasan_addr_to_slab+0x11/0xa0 [ 20.975609] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.975648] kasan_report_invalid_free+0x10a/0x130 [ 20.975684] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.975755] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.975796] __kasan_mempool_poison_object+0x102/0x1d0 [ 20.975833] mempool_free+0x2ec/0x380 [ 20.975866] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 20.975904] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.975945] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.976041] ? finish_task_switch.isra.0+0x153/0x700 [ 20.976127] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 20.976212] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 20.976282] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.976312] ? __pfx_mempool_kfree+0x10/0x10 [ 20.976341] ? __pfx_read_tsc+0x10/0x10 [ 20.976374] ? ktime_get_ts64+0x86/0x230 [ 20.976406] kunit_try_run_case+0x1a5/0x480 [ 20.976436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.976464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.976500] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.976536] ? __kthread_parkme+0x82/0x180 [ 20.976565] ? preempt_count_sub+0x50/0x80 [ 20.976595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.976625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.976659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.976725] kthread+0x337/0x6f0 [ 20.976758] ? trace_preempt_on+0x20/0xc0 [ 20.976790] ? __pfx_kthread+0x10/0x10 [ 20.976820] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.976853] ? calculate_sigpending+0x7b/0xa0 [ 20.976887] ? __pfx_kthread+0x10/0x10 [ 20.976919] ret_from_fork+0x116/0x1d0 [ 20.976944] ? __pfx_kthread+0x10/0x10 [ 20.976998] ret_from_fork_asm+0x1a/0x30 [ 20.977041] </TASK> [ 20.977058] [ 20.995831] The buggy address belongs to the physical page: [ 20.996355] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c28 [ 20.997074] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.997813] flags: 0x200000000000040(head|node=0|zone=2) [ 20.998379] page_type: f8(unknown) [ 20.998837] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.999570] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.000296] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.000861] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.001745] head: 0200000000000002 ffffea00040f0a01 00000000ffffffff 00000000ffffffff [ 21.002528] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.003252] page dumped because: kasan: bad access detected [ 21.003691] [ 21.003927] Memory state around the buggy address: [ 21.004404] ffff888103c27f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.005141] ffff888103c27f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.005827] >ffff888103c28000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.006465] ^ [ 21.006869] ffff888103c28080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.007507] ffff888103c28100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.008089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.805171] ================================================================== [ 20.806675] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.807043] Free of addr ffff888103c28000 by task kunit_try_catch/254 [ 20.807649] [ 20.808979] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.809060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.809100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.809151] Call Trace: [ 20.809182] <TASK> [ 20.809224] dump_stack_lvl+0x73/0xb0 [ 20.809269] print_report+0xd1/0x650 [ 20.809304] ? __virt_addr_valid+0x1db/0x2d0 [ 20.809339] ? kasan_addr_to_slab+0x11/0xa0 [ 20.809369] ? mempool_double_free_helper+0x184/0x370 [ 20.809404] kasan_report_invalid_free+0x10a/0x130 [ 20.809440] ? mempool_double_free_helper+0x184/0x370 [ 20.809479] ? mempool_double_free_helper+0x184/0x370 [ 20.809513] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 20.809549] mempool_free+0x2ec/0x380 [ 20.809583] mempool_double_free_helper+0x184/0x370 [ 20.809619] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.809654] ? __kasan_check_write+0x18/0x20 [ 20.809899] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.809948] ? finish_task_switch.isra.0+0x153/0x700 [ 20.810012] mempool_kmalloc_large_double_free+0xed/0x140 [ 20.810053] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 20.810094] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.810120] ? __pfx_mempool_kfree+0x10/0x10 [ 20.810150] ? __pfx_read_tsc+0x10/0x10 [ 20.810274] ? ktime_get_ts64+0x86/0x230 [ 20.810321] kunit_try_run_case+0x1a5/0x480 [ 20.810355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.810384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.810420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.810456] ? __kthread_parkme+0x82/0x180 [ 20.810487] ? preempt_count_sub+0x50/0x80 [ 20.810520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.810548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.810584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.810619] kthread+0x337/0x6f0 [ 20.810646] ? trace_preempt_on+0x20/0xc0 [ 20.810696] ? __pfx_kthread+0x10/0x10 [ 20.810741] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.810774] ? calculate_sigpending+0x7b/0xa0 [ 20.810812] ? __pfx_kthread+0x10/0x10 [ 20.810841] ret_from_fork+0x116/0x1d0 [ 20.810868] ? __pfx_kthread+0x10/0x10 [ 20.810896] ret_from_fork_asm+0x1a/0x30 [ 20.810939] </TASK> [ 20.810978] [ 20.834558] The buggy address belongs to the physical page: [ 20.835040] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c28 [ 20.835838] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.836927] flags: 0x200000000000040(head|node=0|zone=2) [ 20.837682] page_type: f8(unknown) [ 20.838163] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.839690] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.841314] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.842045] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.843031] head: 0200000000000002 ffffea00040f0a01 00000000ffffffff 00000000ffffffff [ 20.843924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.844617] page dumped because: kasan: bad access detected [ 20.845361] [ 20.845540] Memory state around the buggy address: [ 20.846438] ffff888103c27f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.847359] ffff888103c27f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.847993] >ffff888103c28000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.848807] ^ [ 20.849064] ffff888103c28080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.850337] ffff888103c28100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.851044] ================================================================== [ 20.857232] ================================================================== [ 20.858124] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.859185] Free of addr ffff888103c60000 by task kunit_try_catch/256 [ 20.859902] [ 20.860253] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.860388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.860464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.860645] Call Trace: [ 20.860692] <TASK> [ 20.860743] dump_stack_lvl+0x73/0xb0 [ 20.860822] print_report+0xd1/0x650 [ 20.860899] ? __virt_addr_valid+0x1db/0x2d0 [ 20.860999] ? kasan_addr_to_slab+0x11/0xa0 [ 20.861070] ? mempool_double_free_helper+0x184/0x370 [ 20.861266] kasan_report_invalid_free+0x10a/0x130 [ 20.861361] ? mempool_double_free_helper+0x184/0x370 [ 20.861452] ? mempool_double_free_helper+0x184/0x370 [ 20.861511] __kasan_mempool_poison_pages+0x115/0x130 [ 20.861552] mempool_free+0x290/0x380 [ 20.861586] mempool_double_free_helper+0x184/0x370 [ 20.861624] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.861661] ? __kasan_check_write+0x18/0x20 [ 20.861726] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.861763] ? finish_task_switch.isra.0+0x153/0x700 [ 20.861800] mempool_page_alloc_double_free+0xe8/0x140 [ 20.861839] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.861880] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.861907] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.861938] ? __pfx_read_tsc+0x10/0x10 [ 20.861997] ? ktime_get_ts64+0x86/0x230 [ 20.862033] kunit_try_run_case+0x1a5/0x480 [ 20.862067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.862095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.862129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.862175] ? __kthread_parkme+0x82/0x180 [ 20.862304] ? preempt_count_sub+0x50/0x80 [ 20.862339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.862369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.862407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.862443] kthread+0x337/0x6f0 [ 20.862471] ? trace_preempt_on+0x20/0xc0 [ 20.862503] ? __pfx_kthread+0x10/0x10 [ 20.862532] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.862565] ? calculate_sigpending+0x7b/0xa0 [ 20.862601] ? __pfx_kthread+0x10/0x10 [ 20.862632] ret_from_fork+0x116/0x1d0 [ 20.862657] ? __pfx_kthread+0x10/0x10 [ 20.862699] ret_from_fork_asm+0x1a/0x30 [ 20.862759] </TASK> [ 20.862775] [ 20.890004] The buggy address belongs to the physical page: [ 20.891118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c60 [ 20.892403] flags: 0x200000000000000(node=0|zone=2) [ 20.892809] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.894010] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.894632] page dumped because: kasan: bad access detected [ 20.895131] [ 20.895349] Memory state around the buggy address: [ 20.895787] ffff888103c5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.897210] ffff888103c5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.897798] >ffff888103c60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.898669] ^ [ 20.898993] ffff888103c60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.899981] ffff888103c60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.900991] ================================================================== [ 20.731068] ================================================================== [ 20.731918] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 20.732793] Free of addr ffff8881022e0500 by task kunit_try_catch/252 [ 20.734376] [ 20.735236] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.735310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.735329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.735363] Call Trace: [ 20.735383] <TASK> [ 20.735408] dump_stack_lvl+0x73/0xb0 [ 20.735450] print_report+0xd1/0x650 [ 20.735482] ? __virt_addr_valid+0x1db/0x2d0 [ 20.735518] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.735551] ? mempool_double_free_helper+0x184/0x370 [ 20.735587] kasan_report_invalid_free+0x10a/0x130 [ 20.735622] ? mempool_double_free_helper+0x184/0x370 [ 20.735660] ? mempool_double_free_helper+0x184/0x370 [ 20.735721] ? mempool_double_free_helper+0x184/0x370 [ 20.735760] check_slab_allocation+0x101/0x130 [ 20.735796] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.735832] mempool_free+0x2ec/0x380 [ 20.735866] mempool_double_free_helper+0x184/0x370 [ 20.735902] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.735940] ? __kasan_check_write+0x18/0x20 [ 20.736029] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.736130] ? finish_task_switch.isra.0+0x153/0x700 [ 20.736239] mempool_kmalloc_double_free+0xed/0x140 [ 20.736280] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 20.736319] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.736346] ? __pfx_mempool_kfree+0x10/0x10 [ 20.736377] ? __pfx_read_tsc+0x10/0x10 [ 20.736408] ? ktime_get_ts64+0x86/0x230 [ 20.736442] kunit_try_run_case+0x1a5/0x480 [ 20.736474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.736502] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.736539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.736575] ? __kthread_parkme+0x82/0x180 [ 20.736605] ? preempt_count_sub+0x50/0x80 [ 20.736635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.736663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.736726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.736765] kthread+0x337/0x6f0 [ 20.736795] ? trace_preempt_on+0x20/0xc0 [ 20.736828] ? __pfx_kthread+0x10/0x10 [ 20.736857] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.736891] ? calculate_sigpending+0x7b/0xa0 [ 20.736926] ? __pfx_kthread+0x10/0x10 [ 20.736985] ret_from_fork+0x116/0x1d0 [ 20.737027] ? __pfx_kthread+0x10/0x10 [ 20.737059] ret_from_fork_asm+0x1a/0x30 [ 20.737104] </TASK> [ 20.737119] [ 20.765233] Allocated by task 252: [ 20.766107] kasan_save_stack+0x45/0x70 [ 20.766791] kasan_save_track+0x18/0x40 [ 20.767465] kasan_save_alloc_info+0x3b/0x50 [ 20.767818] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.768949] remove_element+0x11e/0x190 [ 20.769695] mempool_alloc_preallocated+0x4d/0x90 [ 20.770105] mempool_double_free_helper+0x8a/0x370 [ 20.771021] mempool_kmalloc_double_free+0xed/0x140 [ 20.771604] kunit_try_run_case+0x1a5/0x480 [ 20.772074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.773234] kthread+0x337/0x6f0 [ 20.773531] ret_from_fork+0x116/0x1d0 [ 20.774346] ret_from_fork_asm+0x1a/0x30 [ 20.774674] [ 20.775306] Freed by task 252: [ 20.775605] kasan_save_stack+0x45/0x70 [ 20.776500] kasan_save_track+0x18/0x40 [ 20.776768] kasan_save_free_info+0x3f/0x60 [ 20.777587] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.778636] mempool_free+0x2ec/0x380 [ 20.779359] mempool_double_free_helper+0x109/0x370 [ 20.779982] mempool_kmalloc_double_free+0xed/0x140 [ 20.780666] kunit_try_run_case+0x1a5/0x480 [ 20.781117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.782026] kthread+0x337/0x6f0 [ 20.782993] ret_from_fork+0x116/0x1d0 [ 20.783393] ret_from_fork_asm+0x1a/0x30 [ 20.783571] [ 20.783660] The buggy address belongs to the object at ffff8881022e0500 [ 20.783660] which belongs to the cache kmalloc-128 of size 128 [ 20.784108] The buggy address is located 0 bytes inside of [ 20.784108] 128-byte region [ffff8881022e0500, ffff8881022e0580) [ 20.785835] [ 20.786342] The buggy address belongs to the physical page: [ 20.787155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 20.788406] flags: 0x200000000000000(node=0|zone=2) [ 20.789089] page_type: f5(slab) [ 20.789567] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.790479] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.791591] page dumped because: kasan: bad access detected [ 20.792248] [ 20.792672] Memory state around the buggy address: [ 20.793164] ffff8881022e0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.794498] ffff8881022e0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.795280] >ffff8881022e0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.795909] ^ [ 20.796278] ffff8881022e0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.797424] ffff8881022e0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.797893] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.561778] ================================================================== [ 20.563111] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.563645] Read of size 1 at addr ffff888103c60000 by task kunit_try_catch/246 [ 20.564249] [ 20.564518] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.564651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.564689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.564751] Call Trace: [ 20.564793] <TASK> [ 20.564845] dump_stack_lvl+0x73/0xb0 [ 20.564930] print_report+0xd1/0x650 [ 20.565338] ? __virt_addr_valid+0x1db/0x2d0 [ 20.565416] ? mempool_uaf_helper+0x392/0x400 [ 20.565452] ? kasan_addr_to_slab+0x11/0xa0 [ 20.565484] ? mempool_uaf_helper+0x392/0x400 [ 20.565517] kasan_report+0x141/0x180 [ 20.565550] ? mempool_uaf_helper+0x392/0x400 [ 20.565590] __asan_report_load1_noabort+0x18/0x20 [ 20.565619] mempool_uaf_helper+0x392/0x400 [ 20.565653] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.565738] ? update_load_avg+0x1be/0x21b0 [ 20.565782] ? dequeue_entities+0x27e/0x1740 [ 20.565820] ? finish_task_switch.isra.0+0x153/0x700 [ 20.565857] mempool_kmalloc_large_uaf+0xef/0x140 [ 20.565893] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 20.565930] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.565988] ? __pfx_mempool_kfree+0x10/0x10 [ 20.566022] ? __pfx_read_tsc+0x10/0x10 [ 20.566053] ? ktime_get_ts64+0x86/0x230 [ 20.566087] kunit_try_run_case+0x1a5/0x480 [ 20.566117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.566145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.566234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.566318] ? __kthread_parkme+0x82/0x180 [ 20.566350] ? preempt_count_sub+0x50/0x80 [ 20.566382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.566413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.566449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.566484] kthread+0x337/0x6f0 [ 20.566512] ? trace_preempt_on+0x20/0xc0 [ 20.566544] ? __pfx_kthread+0x10/0x10 [ 20.566573] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.566606] ? calculate_sigpending+0x7b/0xa0 [ 20.566640] ? __pfx_kthread+0x10/0x10 [ 20.566670] ret_from_fork+0x116/0x1d0 [ 20.566741] ? __pfx_kthread+0x10/0x10 [ 20.566773] ret_from_fork_asm+0x1a/0x30 [ 20.566817] </TASK> [ 20.566831] [ 20.591551] The buggy address belongs to the physical page: [ 20.592871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c60 [ 20.593611] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.594531] flags: 0x200000000000040(head|node=0|zone=2) [ 20.595226] page_type: f8(unknown) [ 20.595415] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.595667] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.597250] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.598608] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.599014] head: 0200000000000002 ffffea00040f1801 00000000ffffffff 00000000ffffffff [ 20.599414] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.600353] page dumped because: kasan: bad access detected [ 20.601125] [ 20.601291] Memory state around the buggy address: [ 20.601602] ffff888103c5ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.602040] ffff888103c5ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.602467] >ffff888103c60000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.602882] ^ [ 20.603171] ffff888103c60080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.604982] ffff888103c60100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.605753] ================================================================== [ 20.679094] ================================================================== [ 20.679946] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.680629] Read of size 1 at addr ffff888103c28000 by task kunit_try_catch/250 [ 20.681674] [ 20.682214] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.682361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.682402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.682465] Call Trace: [ 20.682510] <TASK> [ 20.682563] dump_stack_lvl+0x73/0xb0 [ 20.682658] print_report+0xd1/0x650 [ 20.682846] ? __virt_addr_valid+0x1db/0x2d0 [ 20.682933] ? mempool_uaf_helper+0x392/0x400 [ 20.683029] ? kasan_addr_to_slab+0x11/0xa0 [ 20.683102] ? mempool_uaf_helper+0x392/0x400 [ 20.683178] kasan_report+0x141/0x180 [ 20.683308] ? mempool_uaf_helper+0x392/0x400 [ 20.683363] __asan_report_load1_noabort+0x18/0x20 [ 20.683398] mempool_uaf_helper+0x392/0x400 [ 20.683433] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.683470] ? __kasan_check_write+0x18/0x20 [ 20.683501] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.683534] ? finish_task_switch.isra.0+0x153/0x700 [ 20.683572] mempool_page_alloc_uaf+0xed/0x140 [ 20.683607] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 20.683646] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.683702] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.683752] ? __pfx_read_tsc+0x10/0x10 [ 20.683786] ? ktime_get_ts64+0x86/0x230 [ 20.683820] kunit_try_run_case+0x1a5/0x480 [ 20.683852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.683880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.683915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.683952] ? __kthread_parkme+0x82/0x180 [ 20.684009] ? preempt_count_sub+0x50/0x80 [ 20.684045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.684075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.684111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.684147] kthread+0x337/0x6f0 [ 20.684226] ? trace_preempt_on+0x20/0xc0 [ 20.684317] ? __pfx_kthread+0x10/0x10 [ 20.684391] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.684468] ? calculate_sigpending+0x7b/0xa0 [ 20.684509] ? __pfx_kthread+0x10/0x10 [ 20.684540] ret_from_fork+0x116/0x1d0 [ 20.684566] ? __pfx_kthread+0x10/0x10 [ 20.684595] ret_from_fork_asm+0x1a/0x30 [ 20.684639] </TASK> [ 20.684655] [ 20.711144] The buggy address belongs to the physical page: [ 20.712376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c28 [ 20.713348] flags: 0x200000000000000(node=0|zone=2) [ 20.714347] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.714985] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.715798] page dumped because: kasan: bad access detected [ 20.717000] [ 20.717536] Memory state around the buggy address: [ 20.718443] ffff888103c27f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.719020] ffff888103c27f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.720090] >ffff888103c28000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.721158] ^ [ 20.721519] ffff888103c28080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.722508] ffff888103c28100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.723449] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.615692] ================================================================== [ 20.616892] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.617649] Read of size 1 at addr ffff8881022e3240 by task kunit_try_catch/248 [ 20.618856] [ 20.619311] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.619588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.619609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.619642] Call Trace: [ 20.619659] <TASK> [ 20.619691] dump_stack_lvl+0x73/0xb0 [ 20.619758] print_report+0xd1/0x650 [ 20.619797] ? __virt_addr_valid+0x1db/0x2d0 [ 20.619853] ? mempool_uaf_helper+0x392/0x400 [ 20.619887] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.619940] ? mempool_uaf_helper+0x392/0x400 [ 20.620006] kasan_report+0x141/0x180 [ 20.620043] ? mempool_uaf_helper+0x392/0x400 [ 20.620101] __asan_report_load1_noabort+0x18/0x20 [ 20.620134] mempool_uaf_helper+0x392/0x400 [ 20.620187] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.620226] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.620283] ? finish_task_switch.isra.0+0x153/0x700 [ 20.620323] mempool_slab_uaf+0xea/0x140 [ 20.620373] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 20.620403] ? trace_hardirqs_on+0x37/0xe0 [ 20.620495] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 20.620549] ? __pfx_mempool_free_slab+0x10/0x10 [ 20.620582] ? __pfx_read_tsc+0x10/0x10 [ 20.620616] ? ktime_get_ts64+0x86/0x230 [ 20.620645] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 20.620697] kunit_try_run_case+0x1a5/0x480 [ 20.620743] ? __kthread_parkme+0x82/0x180 [ 20.620773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.620804] ? __kthread_parkme+0x82/0x180 [ 20.620832] ? preempt_count_sub+0x50/0x80 [ 20.620864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.620893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.620929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.620987] kthread+0x337/0x6f0 [ 20.621020] ? trace_preempt_on+0x20/0xc0 [ 20.621053] ? __pfx_kthread+0x10/0x10 [ 20.621083] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.621116] ? calculate_sigpending+0x7b/0xa0 [ 20.621152] ? __pfx_kthread+0x10/0x10 [ 20.621183] ret_from_fork+0x116/0x1d0 [ 20.621208] ? __pfx_kthread+0x10/0x10 [ 20.621237] ret_from_fork_asm+0x1a/0x30 [ 20.621280] </TASK> [ 20.621295] [ 20.642723] Allocated by task 248: [ 20.643390] kasan_save_stack+0x45/0x70 [ 20.644191] kasan_save_track+0x18/0x40 [ 20.644521] kasan_save_alloc_info+0x3b/0x50 [ 20.645009] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.645415] remove_element+0x11e/0x190 [ 20.646393] mempool_alloc_preallocated+0x4d/0x90 [ 20.646757] mempool_uaf_helper+0x96/0x400 [ 20.647413] mempool_slab_uaf+0xea/0x140 [ 20.647736] kunit_try_run_case+0x1a5/0x480 [ 20.648085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.648486] kthread+0x337/0x6f0 [ 20.648788] ret_from_fork+0x116/0x1d0 [ 20.649201] ret_from_fork_asm+0x1a/0x30 [ 20.649530] [ 20.649771] Freed by task 248: [ 20.650128] kasan_save_stack+0x45/0x70 [ 20.650478] kasan_save_track+0x18/0x40 [ 20.650795] kasan_save_free_info+0x3f/0x60 [ 20.651237] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.651755] mempool_free+0x2ec/0x380 [ 20.652217] mempool_uaf_helper+0x11a/0x400 [ 20.652755] mempool_slab_uaf+0xea/0x140 [ 20.653253] kunit_try_run_case+0x1a5/0x480 [ 20.653798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.654311] kthread+0x337/0x6f0 [ 20.654811] ret_from_fork+0x116/0x1d0 [ 20.655150] ret_from_fork_asm+0x1a/0x30 [ 20.655474] [ 20.655731] The buggy address belongs to the object at ffff8881022e3240 [ 20.655731] which belongs to the cache test_cache of size 123 [ 20.656842] The buggy address is located 0 bytes inside of [ 20.656842] freed 123-byte region [ffff8881022e3240, ffff8881022e32bb) [ 20.657850] [ 20.658081] The buggy address belongs to the physical page: [ 20.658659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e3 [ 20.659353] flags: 0x200000000000000(node=0|zone=2) [ 20.659863] page_type: f5(slab) [ 20.660279] raw: 0200000000000000 ffff8881022d3640 dead000000000122 0000000000000000 [ 20.661053] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.661614] page dumped because: kasan: bad access detected [ 20.662238] [ 20.662485] Memory state around the buggy address: [ 20.663029] ffff8881022e3100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.663599] ffff8881022e3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.664274] >ffff8881022e3200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.664992] ^ [ 20.665467] ffff8881022e3280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.666136] ffff8881022e3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.666809] ================================================================== [ 20.498085] ================================================================== [ 20.499529] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 20.500347] Read of size 1 at addr ffff8881022e0100 by task kunit_try_catch/244 [ 20.501516] [ 20.501735] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.501848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.501889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.502122] Call Trace: [ 20.502166] <TASK> [ 20.502212] dump_stack_lvl+0x73/0xb0 [ 20.502268] print_report+0xd1/0x650 [ 20.502307] ? __virt_addr_valid+0x1db/0x2d0 [ 20.502343] ? mempool_uaf_helper+0x392/0x400 [ 20.502376] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.502409] ? mempool_uaf_helper+0x392/0x400 [ 20.502442] kasan_report+0x141/0x180 [ 20.502474] ? mempool_uaf_helper+0x392/0x400 [ 20.502512] __asan_report_load1_noabort+0x18/0x20 [ 20.502542] mempool_uaf_helper+0x392/0x400 [ 20.502574] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.502610] ? __kasan_check_write+0x18/0x20 [ 20.502638] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.502671] ? finish_task_switch.isra.0+0x153/0x700 [ 20.502750] mempool_kmalloc_uaf+0xef/0x140 [ 20.502788] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 20.502826] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.502855] ? __pfx_mempool_kfree+0x10/0x10 [ 20.502885] ? __pfx_read_tsc+0x10/0x10 [ 20.502916] ? ktime_get_ts64+0x86/0x230 [ 20.502950] kunit_try_run_case+0x1a5/0x480 [ 20.503010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.503041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.503079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.503114] ? __kthread_parkme+0x82/0x180 [ 20.503143] ? preempt_count_sub+0x50/0x80 [ 20.503175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.503206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.503243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.503279] kthread+0x337/0x6f0 [ 20.503308] ? trace_preempt_on+0x20/0xc0 [ 20.503341] ? __pfx_kthread+0x10/0x10 [ 20.503371] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.503404] ? calculate_sigpending+0x7b/0xa0 [ 20.503438] ? __pfx_kthread+0x10/0x10 [ 20.503469] ret_from_fork+0x116/0x1d0 [ 20.503495] ? __pfx_kthread+0x10/0x10 [ 20.503523] ret_from_fork_asm+0x1a/0x30 [ 20.503565] </TASK> [ 20.503581] [ 20.523855] Allocated by task 244: [ 20.524845] kasan_save_stack+0x45/0x70 [ 20.525182] kasan_save_track+0x18/0x40 [ 20.525635] kasan_save_alloc_info+0x3b/0x50 [ 20.526399] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.526986] remove_element+0x11e/0x190 [ 20.527651] mempool_alloc_preallocated+0x4d/0x90 [ 20.528168] mempool_uaf_helper+0x96/0x400 [ 20.528881] mempool_kmalloc_uaf+0xef/0x140 [ 20.529353] kunit_try_run_case+0x1a5/0x480 [ 20.530107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.530540] kthread+0x337/0x6f0 [ 20.531020] ret_from_fork+0x116/0x1d0 [ 20.531651] ret_from_fork_asm+0x1a/0x30 [ 20.532176] [ 20.532342] Freed by task 244: [ 20.532600] kasan_save_stack+0x45/0x70 [ 20.533848] kasan_save_track+0x18/0x40 [ 20.534227] kasan_save_free_info+0x3f/0x60 [ 20.535001] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.535429] mempool_free+0x2ec/0x380 [ 20.535742] mempool_uaf_helper+0x11a/0x400 [ 20.536093] mempool_kmalloc_uaf+0xef/0x140 [ 20.536425] kunit_try_run_case+0x1a5/0x480 [ 20.537744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.538109] kthread+0x337/0x6f0 [ 20.538751] ret_from_fork+0x116/0x1d0 [ 20.539434] ret_from_fork_asm+0x1a/0x30 [ 20.540134] [ 20.540300] The buggy address belongs to the object at ffff8881022e0100 [ 20.540300] which belongs to the cache kmalloc-128 of size 128 [ 20.541773] The buggy address is located 0 bytes inside of [ 20.541773] freed 128-byte region [ffff8881022e0100, ffff8881022e0180) [ 20.542688] [ 20.543420] The buggy address belongs to the physical page: [ 20.543930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 20.544504] flags: 0x200000000000000(node=0|zone=2) [ 20.545193] page_type: f5(slab) [ 20.545569] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.546182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.546734] page dumped because: kasan: bad access detected [ 20.547722] [ 20.548289] Memory state around the buggy address: [ 20.548709] ffff8881022e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.549364] ffff8881022e0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.550300] >ffff8881022e0100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.550876] ^ [ 20.551253] ffff8881022e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.551742] ffff8881022e0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.552796] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.434859] ================================================================== [ 20.436023] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.437738] Read of size 1 at addr ffff8881022e02bb by task kunit_try_catch/242 [ 20.438575] [ 20.439375] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.439476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.439495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.439528] Call Trace: [ 20.439547] <TASK> [ 20.439571] dump_stack_lvl+0x73/0xb0 [ 20.439612] print_report+0xd1/0x650 [ 20.439646] ? __virt_addr_valid+0x1db/0x2d0 [ 20.439680] ? mempool_oob_right_helper+0x318/0x380 [ 20.439752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.439788] ? mempool_oob_right_helper+0x318/0x380 [ 20.439823] kasan_report+0x141/0x180 [ 20.439854] ? mempool_oob_right_helper+0x318/0x380 [ 20.439894] __asan_report_load1_noabort+0x18/0x20 [ 20.439922] mempool_oob_right_helper+0x318/0x380 [ 20.439958] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.440029] mempool_slab_oob_right+0xed/0x140 [ 20.440060] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 20.440094] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 20.440126] ? __pfx_mempool_free_slab+0x10/0x10 [ 20.440157] ? __pfx_read_tsc+0x10/0x10 [ 20.440228] ? ktime_get_ts64+0x86/0x230 [ 20.440303] kunit_try_run_case+0x1a5/0x480 [ 20.440342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.440371] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.440407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.440444] ? __kthread_parkme+0x82/0x180 [ 20.440474] ? preempt_count_sub+0x50/0x80 [ 20.440507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.440536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.440571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.440607] kthread+0x337/0x6f0 [ 20.440634] ? trace_preempt_on+0x20/0xc0 [ 20.440667] ? __pfx_kthread+0x10/0x10 [ 20.440731] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.440768] ? calculate_sigpending+0x7b/0xa0 [ 20.440805] ? __pfx_kthread+0x10/0x10 [ 20.440835] ret_from_fork+0x116/0x1d0 [ 20.440863] ? __pfx_kthread+0x10/0x10 [ 20.440892] ret_from_fork_asm+0x1a/0x30 [ 20.440935] </TASK> [ 20.440950] [ 20.459041] Allocated by task 242: [ 20.459458] kasan_save_stack+0x45/0x70 [ 20.459796] kasan_save_track+0x18/0x40 [ 20.460514] kasan_save_alloc_info+0x3b/0x50 [ 20.460949] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.461664] remove_element+0x11e/0x190 [ 20.462339] mempool_alloc_preallocated+0x4d/0x90 [ 20.462901] mempool_oob_right_helper+0x8a/0x380 [ 20.463597] mempool_slab_oob_right+0xed/0x140 [ 20.464140] kunit_try_run_case+0x1a5/0x480 [ 20.464749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.465454] kthread+0x337/0x6f0 [ 20.465868] ret_from_fork+0x116/0x1d0 [ 20.466380] ret_from_fork_asm+0x1a/0x30 [ 20.466835] [ 20.467086] The buggy address belongs to the object at ffff8881022e0240 [ 20.467086] which belongs to the cache test_cache of size 123 [ 20.468140] The buggy address is located 0 bytes to the right of [ 20.468140] allocated 123-byte region [ffff8881022e0240, ffff8881022e02bb) [ 20.469593] [ 20.469864] The buggy address belongs to the physical page: [ 20.470467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022e0 [ 20.471519] flags: 0x200000000000000(node=0|zone=2) [ 20.472043] page_type: f5(slab) [ 20.472595] raw: 0200000000000000 ffff8881022d3500 dead000000000122 0000000000000000 [ 20.473515] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.474322] page dumped because: kasan: bad access detected [ 20.474838] [ 20.475121] Memory state around the buggy address: [ 20.475705] ffff8881022e0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.476510] ffff8881022e0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.477447] >ffff8881022e0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.477937] ^ [ 20.478283] ffff8881022e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.479288] ffff8881022e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.479815] ================================================================== [ 20.322552] ================================================================== [ 20.323525] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.325146] Read of size 1 at addr ffff8881022c3d73 by task kunit_try_catch/238 [ 20.326213] [ 20.326737] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.326926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.327000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.327069] Call Trace: [ 20.327159] <TASK> [ 20.327216] dump_stack_lvl+0x73/0xb0 [ 20.327310] print_report+0xd1/0x650 [ 20.327395] ? __virt_addr_valid+0x1db/0x2d0 [ 20.327479] ? mempool_oob_right_helper+0x318/0x380 [ 20.327524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.327559] ? mempool_oob_right_helper+0x318/0x380 [ 20.327595] kasan_report+0x141/0x180 [ 20.327629] ? mempool_oob_right_helper+0x318/0x380 [ 20.327672] __asan_report_load1_noabort+0x18/0x20 [ 20.327717] mempool_oob_right_helper+0x318/0x380 [ 20.327772] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.327811] ? __kasan_check_write+0x18/0x20 [ 20.327840] ? __pfx_sched_clock_cpu+0x10/0x10 [ 20.327876] ? finish_task_switch.isra.0+0x153/0x700 [ 20.327913] mempool_kmalloc_oob_right+0xf2/0x150 [ 20.327949] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 20.328032] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.328092] ? __pfx_mempool_kfree+0x10/0x10 [ 20.328145] ? __pfx_read_tsc+0x10/0x10 [ 20.328223] ? ktime_get_ts64+0x86/0x230 [ 20.328306] kunit_try_run_case+0x1a5/0x480 [ 20.328344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.328373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.328413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.328449] ? __kthread_parkme+0x82/0x180 [ 20.328479] ? preempt_count_sub+0x50/0x80 [ 20.328513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.328543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.328578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.328613] kthread+0x337/0x6f0 [ 20.328641] ? trace_preempt_on+0x20/0xc0 [ 20.328674] ? __pfx_kthread+0x10/0x10 [ 20.328732] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.328770] ? calculate_sigpending+0x7b/0xa0 [ 20.328807] ? __pfx_kthread+0x10/0x10 [ 20.328838] ret_from_fork+0x116/0x1d0 [ 20.328864] ? __pfx_kthread+0x10/0x10 [ 20.328892] ret_from_fork_asm+0x1a/0x30 [ 20.328936] </TASK> [ 20.328952] [ 20.351470] Allocated by task 238: [ 20.351783] kasan_save_stack+0x45/0x70 [ 20.352141] kasan_save_track+0x18/0x40 [ 20.353300] kasan_save_alloc_info+0x3b/0x50 [ 20.353788] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.354592] remove_element+0x11e/0x190 [ 20.355046] mempool_alloc_preallocated+0x4d/0x90 [ 20.355601] mempool_oob_right_helper+0x8a/0x380 [ 20.356686] mempool_kmalloc_oob_right+0xf2/0x150 [ 20.357131] kunit_try_run_case+0x1a5/0x480 [ 20.357648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.358629] kthread+0x337/0x6f0 [ 20.359041] ret_from_fork+0x116/0x1d0 [ 20.359458] ret_from_fork_asm+0x1a/0x30 [ 20.359850] [ 20.360111] The buggy address belongs to the object at ffff8881022c3d00 [ 20.360111] which belongs to the cache kmalloc-128 of size 128 [ 20.361703] The buggy address is located 0 bytes to the right of [ 20.361703] allocated 115-byte region [ffff8881022c3d00, ffff8881022c3d73) [ 20.363127] [ 20.363434] The buggy address belongs to the physical page: [ 20.364178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 20.364815] flags: 0x200000000000000(node=0|zone=2) [ 20.365991] page_type: f5(slab) [ 20.366751] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.367442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.367990] page dumped because: kasan: bad access detected [ 20.368410] [ 20.368954] Memory state around the buggy address: [ 20.369438] ffff8881022c3c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.370503] ffff8881022c3c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.371601] >ffff8881022c3d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.372405] ^ [ 20.373466] ffff8881022c3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.374583] ffff8881022c3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.375163] ================================================================== [ 20.381771] ================================================================== [ 20.382753] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 20.383381] Read of size 1 at addr ffff888102cd6001 by task kunit_try_catch/240 [ 20.383947] [ 20.384992] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 20.385128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.385288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.385359] Call Trace: [ 20.385403] <TASK> [ 20.385452] dump_stack_lvl+0x73/0xb0 [ 20.385536] print_report+0xd1/0x650 [ 20.385616] ? __virt_addr_valid+0x1db/0x2d0 [ 20.385678] ? mempool_oob_right_helper+0x318/0x380 [ 20.385776] ? kasan_addr_to_slab+0x11/0xa0 [ 20.385811] ? mempool_oob_right_helper+0x318/0x380 [ 20.385848] kasan_report+0x141/0x180 [ 20.385880] ? mempool_oob_right_helper+0x318/0x380 [ 20.385921] __asan_report_load1_noabort+0x18/0x20 [ 20.385951] mempool_oob_right_helper+0x318/0x380 [ 20.386016] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 20.386054] ? update_load_avg+0x1be/0x21b0 [ 20.386090] ? dequeue_entities+0x27e/0x1740 [ 20.386127] ? finish_task_switch.isra.0+0x153/0x700 [ 20.386167] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 20.386298] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 20.386347] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.386378] ? __pfx_mempool_kfree+0x10/0x10 [ 20.386409] ? __pfx_read_tsc+0x10/0x10 [ 20.386440] ? ktime_get_ts64+0x86/0x230 [ 20.386474] kunit_try_run_case+0x1a5/0x480 [ 20.386507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.386533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.386570] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.386606] ? __kthread_parkme+0x82/0x180 [ 20.386635] ? preempt_count_sub+0x50/0x80 [ 20.386667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.386731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.386774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.386811] kthread+0x337/0x6f0 [ 20.386838] ? trace_preempt_on+0x20/0xc0 [ 20.386872] ? __pfx_kthread+0x10/0x10 [ 20.386902] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.386934] ? calculate_sigpending+0x7b/0xa0 [ 20.386993] ? __pfx_kthread+0x10/0x10 [ 20.387030] ret_from_fork+0x116/0x1d0 [ 20.387056] ? __pfx_kthread+0x10/0x10 [ 20.387086] ret_from_fork_asm+0x1a/0x30 [ 20.387130] </TASK> [ 20.387146] [ 20.410838] The buggy address belongs to the physical page: [ 20.411929] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cd4 [ 20.412848] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.413954] flags: 0x200000000000040(head|node=0|zone=2) [ 20.414727] page_type: f8(unknown) [ 20.415745] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.416733] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.417642] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.418442] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.419628] head: 0200000000000002 ffffea00040b3501 00000000ffffffff 00000000ffffffff [ 20.420728] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.421457] page dumped because: kasan: bad access detected [ 20.421928] [ 20.422137] Memory state around the buggy address: [ 20.422664] ffff888102cd5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.423271] ffff888102cd5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.423851] >ffff888102cd6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.424400] ^ [ 20.424766] ffff888102cd6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.425385] ffff888102cd6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.426324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.712374] ================================================================== [ 19.713099] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 19.714360] Read of size 1 at addr ffff8881022d33c0 by task kunit_try_catch/232 [ 19.714941] [ 19.715415] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.715699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.715736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.715801] Call Trace: [ 19.715842] <TASK> [ 19.715979] dump_stack_lvl+0x73/0xb0 [ 19.716088] print_report+0xd1/0x650 [ 19.716184] ? __virt_addr_valid+0x1db/0x2d0 [ 19.716270] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.716344] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.716440] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.716517] kasan_report+0x141/0x180 [ 19.716594] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.716676] ? kmem_cache_double_destroy+0x1bf/0x380 [ 19.716772] __kasan_check_byte+0x3d/0x50 [ 19.716837] kmem_cache_destroy+0x25/0x1d0 [ 19.716877] kmem_cache_double_destroy+0x1bf/0x380 [ 19.716908] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 19.716937] ? finish_task_switch.isra.0+0x153/0x700 [ 19.716970] ? __switch_to+0x47/0xf50 [ 19.717043] ? __pfx_read_tsc+0x10/0x10 [ 19.717079] ? ktime_get_ts64+0x86/0x230 [ 19.717114] kunit_try_run_case+0x1a5/0x480 [ 19.717149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.717234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.717319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.717359] ? __kthread_parkme+0x82/0x180 [ 19.717390] ? preempt_count_sub+0x50/0x80 [ 19.717422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.717452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.717488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.717525] kthread+0x337/0x6f0 [ 19.717552] ? trace_preempt_on+0x20/0xc0 [ 19.717586] ? __pfx_kthread+0x10/0x10 [ 19.717614] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.717648] ? calculate_sigpending+0x7b/0xa0 [ 19.717683] ? __pfx_kthread+0x10/0x10 [ 19.717733] ret_from_fork+0x116/0x1d0 [ 19.717768] ? __pfx_kthread+0x10/0x10 [ 19.717799] ret_from_fork_asm+0x1a/0x30 [ 19.717842] </TASK> [ 19.717856] [ 19.737015] Allocated by task 232: [ 19.737417] kasan_save_stack+0x45/0x70 [ 19.737856] kasan_save_track+0x18/0x40 [ 19.738290] kasan_save_alloc_info+0x3b/0x50 [ 19.738762] __kasan_slab_alloc+0x91/0xa0 [ 19.739169] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.739631] __kmem_cache_create_args+0x169/0x240 [ 19.740331] kmem_cache_double_destroy+0xd5/0x380 [ 19.740787] kunit_try_run_case+0x1a5/0x480 [ 19.741191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.741751] kthread+0x337/0x6f0 [ 19.742116] ret_from_fork+0x116/0x1d0 [ 19.742873] ret_from_fork_asm+0x1a/0x30 [ 19.743223] [ 19.743637] Freed by task 232: [ 19.744287] kasan_save_stack+0x45/0x70 [ 19.744642] kasan_save_track+0x18/0x40 [ 19.744961] kasan_save_free_info+0x3f/0x60 [ 19.745313] __kasan_slab_free+0x56/0x70 [ 19.745929] kmem_cache_free+0x249/0x420 [ 19.746609] slab_kmem_cache_release+0x2e/0x40 [ 19.747497] kmem_cache_release+0x16/0x20 [ 19.748012] kobject_put+0x181/0x450 [ 19.748627] sysfs_slab_release+0x16/0x20 [ 19.749007] kmem_cache_destroy+0xf0/0x1d0 [ 19.749339] kmem_cache_double_destroy+0x14e/0x380 [ 19.749897] kunit_try_run_case+0x1a5/0x480 [ 19.750446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.751177] kthread+0x337/0x6f0 [ 19.751549] ret_from_fork+0x116/0x1d0 [ 19.752042] ret_from_fork_asm+0x1a/0x30 [ 19.752367] [ 19.752587] The buggy address belongs to the object at ffff8881022d33c0 [ 19.752587] which belongs to the cache kmem_cache of size 208 [ 19.754090] The buggy address is located 0 bytes inside of [ 19.754090] freed 208-byte region [ffff8881022d33c0, ffff8881022d3490) [ 19.755153] [ 19.755462] The buggy address belongs to the physical page: [ 19.756027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022d3 [ 19.756747] flags: 0x200000000000000(node=0|zone=2) [ 19.757170] page_type: f5(slab) [ 19.757538] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 19.759123] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.760704] page dumped because: kasan: bad access detected [ 19.761199] [ 19.761431] Memory state around the buggy address: [ 19.761885] ffff8881022d3280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.762397] ffff8881022d3300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.763029] >ffff8881022d3380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.763652] ^ [ 19.764515] ffff8881022d3400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.765175] ffff8881022d3480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.765890] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.616515] ================================================================== [ 19.617340] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.618384] Read of size 1 at addr ffff888102b6e000 by task kunit_try_catch/230 [ 19.618750] [ 19.618875] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.618940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.618957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.619041] Call Trace: [ 19.619087] <TASK> [ 19.619137] dump_stack_lvl+0x73/0xb0 [ 19.619226] print_report+0xd1/0x650 [ 19.619301] ? __virt_addr_valid+0x1db/0x2d0 [ 19.619870] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.619946] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.620039] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.620126] kasan_report+0x141/0x180 [ 19.620202] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.620287] __asan_report_load1_noabort+0x18/0x20 [ 19.620358] kmem_cache_rcu_uaf+0x3e3/0x510 [ 19.620434] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 19.620497] ? finish_task_switch.isra.0+0x153/0x700 [ 19.620548] ? __switch_to+0x47/0xf50 [ 19.620591] ? __pfx_read_tsc+0x10/0x10 [ 19.620621] ? ktime_get_ts64+0x86/0x230 [ 19.620657] kunit_try_run_case+0x1a5/0x480 [ 19.620690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.620764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.620809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.620845] ? __kthread_parkme+0x82/0x180 [ 19.620876] ? preempt_count_sub+0x50/0x80 [ 19.620906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.620936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.620973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.621039] kthread+0x337/0x6f0 [ 19.621070] ? trace_preempt_on+0x20/0xc0 [ 19.621107] ? __pfx_kthread+0x10/0x10 [ 19.621138] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.621174] ? calculate_sigpending+0x7b/0xa0 [ 19.621209] ? __pfx_kthread+0x10/0x10 [ 19.621239] ret_from_fork+0x116/0x1d0 [ 19.621265] ? __pfx_kthread+0x10/0x10 [ 19.621295] ret_from_fork_asm+0x1a/0x30 [ 19.621338] </TASK> [ 19.621355] [ 19.634804] Allocated by task 230: [ 19.635116] kasan_save_stack+0x45/0x70 [ 19.635437] kasan_save_track+0x18/0x40 [ 19.635877] kasan_save_alloc_info+0x3b/0x50 [ 19.636352] __kasan_slab_alloc+0x91/0xa0 [ 19.636795] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.637538] kmem_cache_rcu_uaf+0x155/0x510 [ 19.638071] kunit_try_run_case+0x1a5/0x480 [ 19.638414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.638810] kthread+0x337/0x6f0 [ 19.639197] ret_from_fork+0x116/0x1d0 [ 19.639869] ret_from_fork_asm+0x1a/0x30 [ 19.640309] [ 19.640537] Freed by task 0: [ 19.640913] kasan_save_stack+0x45/0x70 [ 19.641354] kasan_save_track+0x18/0x40 [ 19.641716] kasan_save_free_info+0x3f/0x60 [ 19.642173] __kasan_slab_free+0x56/0x70 [ 19.642529] slab_free_after_rcu_debug+0xe4/0x310 [ 19.643133] rcu_core+0x66f/0x1c40 [ 19.643519] rcu_core_si+0x12/0x20 [ 19.643913] handle_softirqs+0x209/0x730 [ 19.644262] __irq_exit_rcu+0xc9/0x110 [ 19.644567] irq_exit_rcu+0x12/0x20 [ 19.645155] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.645653] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.646180] [ 19.646421] Last potentially related work creation: [ 19.646750] kasan_save_stack+0x45/0x70 [ 19.647183] kasan_record_aux_stack+0xb2/0xc0 [ 19.647627] kmem_cache_free+0x131/0x420 [ 19.648042] kmem_cache_rcu_uaf+0x194/0x510 [ 19.648431] kunit_try_run_case+0x1a5/0x480 [ 19.648766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.649423] kthread+0x337/0x6f0 [ 19.649802] ret_from_fork+0x116/0x1d0 [ 19.650339] ret_from_fork_asm+0x1a/0x30 [ 19.650806] [ 19.651025] The buggy address belongs to the object at ffff888102b6e000 [ 19.651025] which belongs to the cache test_cache of size 200 [ 19.651902] The buggy address is located 0 bytes inside of [ 19.651902] freed 200-byte region [ffff888102b6e000, ffff888102b6e0c8) [ 19.652862] [ 19.653127] The buggy address belongs to the physical page: [ 19.653576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b6e [ 19.654280] flags: 0x200000000000000(node=0|zone=2) [ 19.654644] page_type: f5(slab) [ 19.655033] raw: 0200000000000000 ffff888101934a00 dead000000000122 0000000000000000 [ 19.655750] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.656380] page dumped because: kasan: bad access detected [ 19.656796] [ 19.657041] Memory state around the buggy address: [ 19.657497] ffff888102b6df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.658191] ffff888102b6df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.658654] >ffff888102b6e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.659305] ^ [ 19.659686] ffff888102b6e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.660273] ffff888102b6e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660804] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 19.518090] ================================================================== [ 19.518931] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 19.519941] Free of addr ffff8881022d9001 by task kunit_try_catch/228 [ 19.520671] [ 19.520968] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.521115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.521152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.521333] Call Trace: [ 19.521377] <TASK> [ 19.521426] dump_stack_lvl+0x73/0xb0 [ 19.521513] print_report+0xd1/0x650 [ 19.521592] ? __virt_addr_valid+0x1db/0x2d0 [ 19.521673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.521749] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.521824] kasan_report_invalid_free+0x10a/0x130 [ 19.521911] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.522001] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.522075] check_slab_allocation+0x11f/0x130 [ 19.522135] __kasan_slab_pre_free+0x28/0x40 [ 19.522324] kmem_cache_free+0xed/0x420 [ 19.522389] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.522448] ? kmem_cache_invalid_free+0x1d8/0x460 [ 19.522522] kmem_cache_invalid_free+0x1d8/0x460 [ 19.522596] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 19.522668] ? finish_task_switch.isra.0+0x153/0x700 [ 19.522744] ? __switch_to+0x47/0xf50 [ 19.522831] ? __pfx_read_tsc+0x10/0x10 [ 19.522900] ? ktime_get_ts64+0x86/0x230 [ 19.523024] kunit_try_run_case+0x1a5/0x480 [ 19.523106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.523171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.523252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.523334] ? __kthread_parkme+0x82/0x180 [ 19.523394] ? preempt_count_sub+0x50/0x80 [ 19.523427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.523457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.523493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.523527] kthread+0x337/0x6f0 [ 19.523553] ? trace_preempt_on+0x20/0xc0 [ 19.523587] ? __pfx_kthread+0x10/0x10 [ 19.523615] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.523647] ? calculate_sigpending+0x7b/0xa0 [ 19.523680] ? __pfx_kthread+0x10/0x10 [ 19.523718] ret_from_fork+0x116/0x1d0 [ 19.523779] ? __pfx_kthread+0x10/0x10 [ 19.523810] ret_from_fork_asm+0x1a/0x30 [ 19.523854] </TASK> [ 19.523869] [ 19.548245] Allocated by task 228: [ 19.549101] kasan_save_stack+0x45/0x70 [ 19.549953] kasan_save_track+0x18/0x40 [ 19.550533] kasan_save_alloc_info+0x3b/0x50 [ 19.551326] __kasan_slab_alloc+0x91/0xa0 [ 19.551692] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.552183] kmem_cache_invalid_free+0x157/0x460 [ 19.552561] kunit_try_run_case+0x1a5/0x480 [ 19.553434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.553799] kthread+0x337/0x6f0 [ 19.554653] ret_from_fork+0x116/0x1d0 [ 19.555081] ret_from_fork_asm+0x1a/0x30 [ 19.555851] [ 19.556105] The buggy address belongs to the object at ffff8881022d9000 [ 19.556105] which belongs to the cache test_cache of size 200 [ 19.557298] The buggy address is located 1 bytes inside of [ 19.557298] 200-byte region [ffff8881022d9000, ffff8881022d90c8) [ 19.558780] [ 19.559048] The buggy address belongs to the physical page: [ 19.560016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022d9 [ 19.560798] flags: 0x200000000000000(node=0|zone=2) [ 19.561239] page_type: f5(slab) [ 19.561604] raw: 0200000000000000 ffff8881022d3280 dead000000000122 0000000000000000 [ 19.562810] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.563758] page dumped because: kasan: bad access detected [ 19.564522] [ 19.565101] Memory state around the buggy address: [ 19.565832] ffff8881022d8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.566639] ffff8881022d8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.567495] >ffff8881022d9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.568598] ^ [ 19.569004] ffff8881022d9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.569786] ffff8881022d9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.570543] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.452859] ================================================================== [ 19.453667] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 19.456349] Free of addr ffff8881022d8000 by task kunit_try_catch/226 [ 19.457226] [ 19.457508] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.457636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.457673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.457751] Call Trace: [ 19.457790] <TASK> [ 19.457839] dump_stack_lvl+0x73/0xb0 [ 19.457919] print_report+0xd1/0x650 [ 19.458018] ? __virt_addr_valid+0x1db/0x2d0 [ 19.458100] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.458177] ? kmem_cache_double_free+0x1e5/0x480 [ 19.458252] kasan_report_invalid_free+0x10a/0x130 [ 19.458350] ? kmem_cache_double_free+0x1e5/0x480 [ 19.458427] ? kmem_cache_double_free+0x1e5/0x480 [ 19.458499] check_slab_allocation+0x101/0x130 [ 19.458580] __kasan_slab_pre_free+0x28/0x40 [ 19.458654] kmem_cache_free+0xed/0x420 [ 19.458725] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.458795] ? kmem_cache_double_free+0x1e5/0x480 [ 19.458869] kmem_cache_double_free+0x1e5/0x480 [ 19.458938] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 19.459062] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.459242] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 19.459331] kunit_try_run_case+0x1a5/0x480 [ 19.459409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.459472] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.459555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.459601] ? __kthread_parkme+0x82/0x180 [ 19.459633] ? preempt_count_sub+0x50/0x80 [ 19.459665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.459694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.459761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.459799] kthread+0x337/0x6f0 [ 19.459826] ? trace_preempt_on+0x20/0xc0 [ 19.459859] ? __pfx_kthread+0x10/0x10 [ 19.459887] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.459921] ? calculate_sigpending+0x7b/0xa0 [ 19.459954] ? __pfx_kthread+0x10/0x10 [ 19.459984] ret_from_fork+0x116/0x1d0 [ 19.460043] ? __pfx_kthread+0x10/0x10 [ 19.460073] ret_from_fork_asm+0x1a/0x30 [ 19.460116] </TASK> [ 19.460132] [ 19.479700] Allocated by task 226: [ 19.480111] kasan_save_stack+0x45/0x70 [ 19.480911] kasan_save_track+0x18/0x40 [ 19.481533] kasan_save_alloc_info+0x3b/0x50 [ 19.482050] __kasan_slab_alloc+0x91/0xa0 [ 19.482471] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.482983] kmem_cache_double_free+0x14f/0x480 [ 19.483608] kunit_try_run_case+0x1a5/0x480 [ 19.484088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.484935] kthread+0x337/0x6f0 [ 19.485378] ret_from_fork+0x116/0x1d0 [ 19.485743] ret_from_fork_asm+0x1a/0x30 [ 19.486189] [ 19.486386] Freed by task 226: [ 19.486675] kasan_save_stack+0x45/0x70 [ 19.487386] kasan_save_track+0x18/0x40 [ 19.487846] kasan_save_free_info+0x3f/0x60 [ 19.488607] __kasan_slab_free+0x56/0x70 [ 19.489073] kmem_cache_free+0x249/0x420 [ 19.489538] kmem_cache_double_free+0x16a/0x480 [ 19.490030] kunit_try_run_case+0x1a5/0x480 [ 19.490617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.491198] kthread+0x337/0x6f0 [ 19.491553] ret_from_fork+0x116/0x1d0 [ 19.491909] ret_from_fork_asm+0x1a/0x30 [ 19.492324] [ 19.492522] The buggy address belongs to the object at ffff8881022d8000 [ 19.492522] which belongs to the cache test_cache of size 200 [ 19.494034] The buggy address is located 0 bytes inside of [ 19.494034] 200-byte region [ffff8881022d8000, ffff8881022d80c8) [ 19.495983] [ 19.496559] The buggy address belongs to the physical page: [ 19.496945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022d8 [ 19.497845] flags: 0x200000000000000(node=0|zone=2) [ 19.498433] page_type: f5(slab) [ 19.498838] raw: 0200000000000000 ffff8881022d3140 dead000000000122 0000000000000000 [ 19.499633] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.500614] page dumped because: kasan: bad access detected [ 19.501066] [ 19.501451] Memory state around the buggy address: [ 19.501885] ffff8881022d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.502651] ffff8881022d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.503245] >ffff8881022d8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.503800] ^ [ 19.504183] ffff8881022d8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.505157] ffff8881022d8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.505838] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.371842] ================================================================== [ 19.373595] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 19.374143] Read of size 1 at addr ffff8881022d50c8 by task kunit_try_catch/224 [ 19.375701] [ 19.375956] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.376243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.376284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.376425] Call Trace: [ 19.376474] <TASK> [ 19.376527] dump_stack_lvl+0x73/0xb0 [ 19.376612] print_report+0xd1/0x650 [ 19.376661] ? __virt_addr_valid+0x1db/0x2d0 [ 19.376698] ? kmem_cache_oob+0x402/0x530 [ 19.376774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.376814] ? kmem_cache_oob+0x402/0x530 [ 19.376842] kasan_report+0x141/0x180 [ 19.376875] ? kmem_cache_oob+0x402/0x530 [ 19.376907] __asan_report_load1_noabort+0x18/0x20 [ 19.376936] kmem_cache_oob+0x402/0x530 [ 19.376962] ? __pfx_kmem_cache_oob+0x10/0x10 [ 19.376987] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.377059] ? __pfx_kmem_cache_oob+0x10/0x10 [ 19.377092] kunit_try_run_case+0x1a5/0x480 [ 19.377124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.377150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.377252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.377329] ? __kthread_parkme+0x82/0x180 [ 19.377361] ? preempt_count_sub+0x50/0x80 [ 19.377393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.377422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.377456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.377490] kthread+0x337/0x6f0 [ 19.377516] ? trace_preempt_on+0x20/0xc0 [ 19.377549] ? __pfx_kthread+0x10/0x10 [ 19.377577] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.377609] ? calculate_sigpending+0x7b/0xa0 [ 19.377642] ? __pfx_kthread+0x10/0x10 [ 19.377671] ret_from_fork+0x116/0x1d0 [ 19.377696] ? __pfx_kthread+0x10/0x10 [ 19.377744] ret_from_fork_asm+0x1a/0x30 [ 19.377795] </TASK> [ 19.377811] [ 19.399447] Allocated by task 224: [ 19.400180] kasan_save_stack+0x45/0x70 [ 19.400906] kasan_save_track+0x18/0x40 [ 19.401725] kasan_save_alloc_info+0x3b/0x50 [ 19.402303] __kasan_slab_alloc+0x91/0xa0 [ 19.402980] kmem_cache_alloc_noprof+0x123/0x3f0 [ 19.403718] kmem_cache_oob+0x157/0x530 [ 19.404481] kunit_try_run_case+0x1a5/0x480 [ 19.405072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.405673] kthread+0x337/0x6f0 [ 19.406606] ret_from_fork+0x116/0x1d0 [ 19.406906] ret_from_fork_asm+0x1a/0x30 [ 19.407983] [ 19.408274] The buggy address belongs to the object at ffff8881022d5000 [ 19.408274] which belongs to the cache test_cache of size 200 [ 19.409634] The buggy address is located 0 bytes to the right of [ 19.409634] allocated 200-byte region [ffff8881022d5000, ffff8881022d50c8) [ 19.411592] [ 19.412379] The buggy address belongs to the physical page: [ 19.412888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022d5 [ 19.413646] flags: 0x200000000000000(node=0|zone=2) [ 19.414067] page_type: f5(slab) [ 19.414484] raw: 0200000000000000 ffff8881022d3000 dead000000000122 0000000000000000 [ 19.415739] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.416510] page dumped because: kasan: bad access detected [ 19.417472] [ 19.417821] Memory state around the buggy address: [ 19.418159] ffff8881022d4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.419369] ffff8881022d5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.420048] >ffff8881022d5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.420554] ^ [ 19.421247] ffff8881022d5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.422546] ffff8881022d5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.423336] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 19.294050] ================================================================== [ 19.295070] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 19.296210] Read of size 8 at addr ffff888102b696c0 by task kunit_try_catch/217 [ 19.297572] [ 19.298188] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.298269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.298296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.298326] Call Trace: [ 19.298343] <TASK> [ 19.298365] dump_stack_lvl+0x73/0xb0 [ 19.298405] print_report+0xd1/0x650 [ 19.298437] ? __virt_addr_valid+0x1db/0x2d0 [ 19.298469] ? workqueue_uaf+0x4d6/0x560 [ 19.298499] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.298530] ? workqueue_uaf+0x4d6/0x560 [ 19.298560] kasan_report+0x141/0x180 [ 19.298590] ? workqueue_uaf+0x4d6/0x560 [ 19.298626] __asan_report_load8_noabort+0x18/0x20 [ 19.298655] workqueue_uaf+0x4d6/0x560 [ 19.298687] ? __pfx_workqueue_uaf+0x10/0x10 [ 19.298732] ? __schedule+0x10cc/0x2b60 [ 19.298785] ? __pfx_read_tsc+0x10/0x10 [ 19.298817] ? ktime_get_ts64+0x86/0x230 [ 19.298851] kunit_try_run_case+0x1a5/0x480 [ 19.298883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.298910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.298945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.298979] ? __kthread_parkme+0x82/0x180 [ 19.299034] ? preempt_count_sub+0x50/0x80 [ 19.299067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.299096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.299131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.299165] kthread+0x337/0x6f0 [ 19.299191] ? trace_preempt_on+0x20/0xc0 [ 19.299224] ? __pfx_kthread+0x10/0x10 [ 19.299253] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.299285] ? calculate_sigpending+0x7b/0xa0 [ 19.299318] ? __pfx_kthread+0x10/0x10 [ 19.299347] ret_from_fork+0x116/0x1d0 [ 19.299371] ? __pfx_kthread+0x10/0x10 [ 19.299399] ret_from_fork_asm+0x1a/0x30 [ 19.299439] </TASK> [ 19.299453] [ 19.317874] Allocated by task 217: [ 19.318376] kasan_save_stack+0x45/0x70 [ 19.318816] kasan_save_track+0x18/0x40 [ 19.319245] kasan_save_alloc_info+0x3b/0x50 [ 19.319664] __kasan_kmalloc+0xb7/0xc0 [ 19.320377] __kmalloc_cache_noprof+0x189/0x420 [ 19.320808] workqueue_uaf+0x152/0x560 [ 19.321665] kunit_try_run_case+0x1a5/0x480 [ 19.322150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.322666] kthread+0x337/0x6f0 [ 19.323075] ret_from_fork+0x116/0x1d0 [ 19.323667] ret_from_fork_asm+0x1a/0x30 [ 19.324324] [ 19.324636] Freed by task 9: [ 19.325032] kasan_save_stack+0x45/0x70 [ 19.325608] kasan_save_track+0x18/0x40 [ 19.326145] kasan_save_free_info+0x3f/0x60 [ 19.327097] __kasan_slab_free+0x56/0x70 [ 19.327625] kfree+0x222/0x3f0 [ 19.327958] workqueue_uaf_work+0x12/0x20 [ 19.328663] process_one_work+0x5ee/0xf60 [ 19.330054] worker_thread+0x758/0x1220 [ 19.331145] kthread+0x337/0x6f0 [ 19.331431] ret_from_fork+0x116/0x1d0 [ 19.331730] ret_from_fork_asm+0x1a/0x30 [ 19.332066] [ 19.332229] Last potentially related work creation: [ 19.332573] kasan_save_stack+0x45/0x70 [ 19.332879] kasan_record_aux_stack+0xb2/0xc0 [ 19.334405] __queue_work+0x626/0xeb0 [ 19.335643] queue_work_on+0xb6/0xc0 [ 19.336353] workqueue_uaf+0x26d/0x560 [ 19.337463] kunit_try_run_case+0x1a5/0x480 [ 19.337952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.338668] kthread+0x337/0x6f0 [ 19.339244] ret_from_fork+0x116/0x1d0 [ 19.340092] ret_from_fork_asm+0x1a/0x30 [ 19.340527] [ 19.340965] The buggy address belongs to the object at ffff888102b696c0 [ 19.340965] which belongs to the cache kmalloc-32 of size 32 [ 19.343096] The buggy address is located 0 bytes inside of [ 19.343096] freed 32-byte region [ffff888102b696c0, ffff888102b696e0) [ 19.344065] [ 19.344773] The buggy address belongs to the physical page: [ 19.345844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b69 [ 19.346926] flags: 0x200000000000000(node=0|zone=2) [ 19.347625] page_type: f5(slab) [ 19.348232] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.349193] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.349595] page dumped because: kasan: bad access detected [ 19.349788] [ 19.349873] Memory state around the buggy address: [ 19.350249] ffff888102b69580: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 19.352113] ffff888102b69600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.353319] >ffff888102b69680: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.354118] ^ [ 19.355031] ffff888102b69700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.355533] ffff888102b69780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356327] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.207417] ================================================================== [ 19.208480] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 19.209425] Read of size 4 at addr ffff888102b69640 by task swapper/0/0 [ 19.209946] [ 19.210968] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.211091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.211130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.211188] Call Trace: [ 19.211259] <IRQ> [ 19.211300] dump_stack_lvl+0x73/0xb0 [ 19.211369] print_report+0xd1/0x650 [ 19.211430] ? __virt_addr_valid+0x1db/0x2d0 [ 19.211466] ? rcu_uaf_reclaim+0x50/0x60 [ 19.211495] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.211529] ? rcu_uaf_reclaim+0x50/0x60 [ 19.211558] kasan_report+0x141/0x180 [ 19.211589] ? rcu_uaf_reclaim+0x50/0x60 [ 19.211623] __asan_report_load4_noabort+0x18/0x20 [ 19.211651] rcu_uaf_reclaim+0x50/0x60 [ 19.211680] rcu_core+0x66f/0x1c40 [ 19.211728] ? __pfx_rcu_core+0x10/0x10 [ 19.211985] ? ktime_get+0x6b/0x150 [ 19.212052] rcu_core_si+0x12/0x20 [ 19.212083] handle_softirqs+0x209/0x730 [ 19.212114] ? hrtimer_interrupt+0x2fe/0x780 [ 19.212145] ? __pfx_handle_softirqs+0x10/0x10 [ 19.212269] __irq_exit_rcu+0xc9/0x110 [ 19.212310] irq_exit_rcu+0x12/0x20 [ 19.212340] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.212380] </IRQ> [ 19.212420] <TASK> [ 19.212436] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.212560] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 19.212853] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 98 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 19.212968] RSP: 0000:ffffffff8a807dd8 EFLAGS: 00010216 [ 19.213112] RAX: ffff8881cf45b000 RBX: ffffffff8a81cac0 RCX: ffffffff896b2245 [ 19.213311] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 000000000002846c [ 19.213386] RBP: ffffffff8a807de0 R08: 0000000000000001 R09: ffffed102b60618a [ 19.213447] R10: ffff88815b030c53 R11: 0000000000023400 R12: 0000000000000000 [ 19.213506] R13: fffffbfff1503958 R14: ffffffff8b3c3190 R15: 0000000000000000 [ 19.213587] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 19.213663] ? default_idle+0xd/0x20 [ 19.213697] arch_cpu_idle+0xd/0x20 [ 19.213747] default_idle_call+0x48/0x80 [ 19.213790] do_idle+0x379/0x4f0 [ 19.213821] ? __pfx_do_idle+0x10/0x10 [ 19.213846] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.213881] ? trace_preempt_on+0x20/0xc0 [ 19.213914] ? schedule+0x86/0x2e0 [ 19.213943] ? preempt_count_sub+0x50/0x80 [ 19.213975] cpu_startup_entry+0x5c/0x70 [ 19.214027] rest_init+0x11a/0x140 [ 19.214058] ? acpi_subsystem_init+0x5d/0x150 [ 19.214094] start_kernel+0x330/0x410 [ 19.214124] x86_64_start_reservations+0x1c/0x30 [ 19.214154] x86_64_start_kernel+0x10d/0x120 [ 19.214233] common_startup_64+0x13e/0x148 [ 19.214345] </TASK> [ 19.214385] [ 19.247082] Allocated by task 215: [ 19.247980] kasan_save_stack+0x45/0x70 [ 19.248567] kasan_save_track+0x18/0x40 [ 19.249282] kasan_save_alloc_info+0x3b/0x50 [ 19.249885] __kasan_kmalloc+0xb7/0xc0 [ 19.250542] __kmalloc_cache_noprof+0x189/0x420 [ 19.251108] rcu_uaf+0xb0/0x330 [ 19.251830] kunit_try_run_case+0x1a5/0x480 [ 19.252347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.253073] kthread+0x337/0x6f0 [ 19.253572] ret_from_fork+0x116/0x1d0 [ 19.254049] ret_from_fork_asm+0x1a/0x30 [ 19.254679] [ 19.254977] Freed by task 0: [ 19.255595] kasan_save_stack+0x45/0x70 [ 19.256411] kasan_save_track+0x18/0x40 [ 19.256820] kasan_save_free_info+0x3f/0x60 [ 19.257116] __kasan_slab_free+0x56/0x70 [ 19.257860] kfree+0x222/0x3f0 [ 19.258382] rcu_uaf_reclaim+0x1f/0x60 [ 19.258842] rcu_core+0x66f/0x1c40 [ 19.259599] rcu_core_si+0x12/0x20 [ 19.260118] handle_softirqs+0x209/0x730 [ 19.260822] __irq_exit_rcu+0xc9/0x110 [ 19.261391] irq_exit_rcu+0x12/0x20 [ 19.261617] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.262585] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.263783] [ 19.264401] Last potentially related work creation: [ 19.265260] kasan_save_stack+0x45/0x70 [ 19.265683] kasan_record_aux_stack+0xb2/0xc0 [ 19.266139] __call_rcu_common.constprop.0+0x72/0x9d0 [ 19.266628] call_rcu+0x12/0x20 [ 19.267395] rcu_uaf+0x168/0x330 [ 19.267742] kunit_try_run_case+0x1a5/0x480 [ 19.268230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.268820] kthread+0x337/0x6f0 [ 19.269631] ret_from_fork+0x116/0x1d0 [ 19.270103] ret_from_fork_asm+0x1a/0x30 [ 19.270739] [ 19.270978] The buggy address belongs to the object at ffff888102b69640 [ 19.270978] which belongs to the cache kmalloc-32 of size 32 [ 19.272623] The buggy address is located 0 bytes inside of [ 19.272623] freed 32-byte region [ffff888102b69640, ffff888102b69660) [ 19.273650] [ 19.273884] The buggy address belongs to the physical page: [ 19.274891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b69 [ 19.275891] flags: 0x200000000000000(node=0|zone=2) [ 19.276431] page_type: f5(slab) [ 19.277036] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.277786] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.278397] page dumped because: kasan: bad access detected [ 19.278912] [ 19.279111] Memory state around the buggy address: [ 19.279638] ffff888102b69500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.280891] ffff888102b69580: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 19.281549] >ffff888102b69600: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.282390] ^ [ 19.283167] ffff888102b69680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.284082] ffff888102b69700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.284703] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.087456] ================================================================== [ 19.088103] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 19.088709] Read of size 1 at addr ffff888102b56400 by task kunit_try_catch/213 [ 19.089463] [ 19.089897] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.090076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.090120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.090181] Call Trace: [ 19.090222] <TASK> [ 19.090282] dump_stack_lvl+0x73/0xb0 [ 19.090367] print_report+0xd1/0x650 [ 19.090444] ? __virt_addr_valid+0x1db/0x2d0 [ 19.090524] ? ksize_uaf+0x5fe/0x6c0 [ 19.090590] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.090626] ? ksize_uaf+0x5fe/0x6c0 [ 19.090657] kasan_report+0x141/0x180 [ 19.090690] ? ksize_uaf+0x5fe/0x6c0 [ 19.090741] __asan_report_load1_noabort+0x18/0x20 [ 19.091121] ksize_uaf+0x5fe/0x6c0 [ 19.091296] ? __pfx_ksize_uaf+0x10/0x10 [ 19.091377] ? __schedule+0x10cc/0x2b60 [ 19.091447] ? __pfx_read_tsc+0x10/0x10 [ 19.091482] ? ktime_get_ts64+0x86/0x230 [ 19.091518] kunit_try_run_case+0x1a5/0x480 [ 19.091549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.091576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.091612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.091646] ? __kthread_parkme+0x82/0x180 [ 19.091675] ? preempt_count_sub+0x50/0x80 [ 19.091706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.091769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.091808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.091843] kthread+0x337/0x6f0 [ 19.091870] ? trace_preempt_on+0x20/0xc0 [ 19.091904] ? __pfx_kthread+0x10/0x10 [ 19.091932] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.091963] ? calculate_sigpending+0x7b/0xa0 [ 19.092019] ? __pfx_kthread+0x10/0x10 [ 19.092055] ret_from_fork+0x116/0x1d0 [ 19.092081] ? __pfx_kthread+0x10/0x10 [ 19.092109] ret_from_fork_asm+0x1a/0x30 [ 19.092151] </TASK> [ 19.092169] [ 19.110411] Allocated by task 213: [ 19.110716] kasan_save_stack+0x45/0x70 [ 19.111169] kasan_save_track+0x18/0x40 [ 19.111588] kasan_save_alloc_info+0x3b/0x50 [ 19.112495] __kasan_kmalloc+0xb7/0xc0 [ 19.113090] __kmalloc_cache_noprof+0x189/0x420 [ 19.113761] ksize_uaf+0xaa/0x6c0 [ 19.114120] kunit_try_run_case+0x1a5/0x480 [ 19.114844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.115693] kthread+0x337/0x6f0 [ 19.116520] ret_from_fork+0x116/0x1d0 [ 19.116801] ret_from_fork_asm+0x1a/0x30 [ 19.117757] [ 19.118120] Freed by task 213: [ 19.118375] kasan_save_stack+0x45/0x70 [ 19.119092] kasan_save_track+0x18/0x40 [ 19.119929] kasan_save_free_info+0x3f/0x60 [ 19.120689] __kasan_slab_free+0x56/0x70 [ 19.121089] kfree+0x222/0x3f0 [ 19.121440] ksize_uaf+0x12c/0x6c0 [ 19.122618] kunit_try_run_case+0x1a5/0x480 [ 19.123011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.123672] kthread+0x337/0x6f0 [ 19.123988] ret_from_fork+0x116/0x1d0 [ 19.124486] ret_from_fork_asm+0x1a/0x30 [ 19.125522] [ 19.125694] The buggy address belongs to the object at ffff888102b56400 [ 19.125694] which belongs to the cache kmalloc-128 of size 128 [ 19.127266] The buggy address is located 0 bytes inside of [ 19.127266] freed 128-byte region [ffff888102b56400, ffff888102b56480) [ 19.128065] [ 19.128303] The buggy address belongs to the physical page: [ 19.128803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 19.129959] flags: 0x200000000000000(node=0|zone=2) [ 19.130796] page_type: f5(slab) [ 19.131481] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.132334] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.133184] page dumped because: kasan: bad access detected [ 19.134087] [ 19.134869] Memory state around the buggy address: [ 19.135255] ffff888102b56300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.136012] ffff888102b56380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.136627] >ffff888102b56400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.137598] ^ [ 19.137974] ffff888102b56480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.139195] ffff888102b56500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.140121] ================================================================== [ 19.141504] ================================================================== [ 19.141981] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 19.144016] Read of size 1 at addr ffff888102b56478 by task kunit_try_catch/213 [ 19.145089] [ 19.145346] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.145469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.145505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.145554] Call Trace: [ 19.145575] <TASK> [ 19.145603] dump_stack_lvl+0x73/0xb0 [ 19.145675] print_report+0xd1/0x650 [ 19.145710] ? __virt_addr_valid+0x1db/0x2d0 [ 19.145771] ? ksize_uaf+0x5e4/0x6c0 [ 19.145802] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.145834] ? ksize_uaf+0x5e4/0x6c0 [ 19.145865] kasan_report+0x141/0x180 [ 19.145896] ? ksize_uaf+0x5e4/0x6c0 [ 19.145931] __asan_report_load1_noabort+0x18/0x20 [ 19.145959] ksize_uaf+0x5e4/0x6c0 [ 19.145989] ? __pfx_ksize_uaf+0x10/0x10 [ 19.146074] ? __schedule+0x10cc/0x2b60 [ 19.146145] ? __pfx_read_tsc+0x10/0x10 [ 19.146214] ? ktime_get_ts64+0x86/0x230 [ 19.146305] kunit_try_run_case+0x1a5/0x480 [ 19.146373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.146405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.146442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.146477] ? __kthread_parkme+0x82/0x180 [ 19.146506] ? preempt_count_sub+0x50/0x80 [ 19.146538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.146566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.146601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.146635] kthread+0x337/0x6f0 [ 19.146662] ? trace_preempt_on+0x20/0xc0 [ 19.146693] ? __pfx_kthread+0x10/0x10 [ 19.146736] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.146787] ? calculate_sigpending+0x7b/0xa0 [ 19.146822] ? __pfx_kthread+0x10/0x10 [ 19.146852] ret_from_fork+0x116/0x1d0 [ 19.146877] ? __pfx_kthread+0x10/0x10 [ 19.146905] ret_from_fork_asm+0x1a/0x30 [ 19.146947] </TASK> [ 19.146961] [ 19.162555] Allocated by task 213: [ 19.163165] kasan_save_stack+0x45/0x70 [ 19.163866] kasan_save_track+0x18/0x40 [ 19.164202] kasan_save_alloc_info+0x3b/0x50 [ 19.164630] __kasan_kmalloc+0xb7/0xc0 [ 19.165349] __kmalloc_cache_noprof+0x189/0x420 [ 19.165848] ksize_uaf+0xaa/0x6c0 [ 19.166360] kunit_try_run_case+0x1a5/0x480 [ 19.166802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.169085] kthread+0x337/0x6f0 [ 19.169446] ret_from_fork+0x116/0x1d0 [ 19.171840] ret_from_fork_asm+0x1a/0x30 [ 19.172953] [ 19.173140] Freed by task 213: [ 19.173451] kasan_save_stack+0x45/0x70 [ 19.175855] kasan_save_track+0x18/0x40 [ 19.176260] kasan_save_free_info+0x3f/0x60 [ 19.176570] __kasan_slab_free+0x56/0x70 [ 19.176868] kfree+0x222/0x3f0 [ 19.177518] ksize_uaf+0x12c/0x6c0 [ 19.177790] kunit_try_run_case+0x1a5/0x480 [ 19.178133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.178532] kthread+0x337/0x6f0 [ 19.179113] ret_from_fork+0x116/0x1d0 [ 19.179635] ret_from_fork_asm+0x1a/0x30 [ 19.181647] [ 19.182606] The buggy address belongs to the object at ffff888102b56400 [ 19.182606] which belongs to the cache kmalloc-128 of size 128 [ 19.183632] The buggy address is located 120 bytes inside of [ 19.183632] freed 128-byte region [ffff888102b56400, ffff888102b56480) [ 19.184227] [ 19.184367] The buggy address belongs to the physical page: [ 19.185935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 19.186899] flags: 0x200000000000000(node=0|zone=2) [ 19.187359] page_type: f5(slab) [ 19.187673] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.188334] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.189066] page dumped because: kasan: bad access detected [ 19.189546] [ 19.190033] Memory state around the buggy address: [ 19.190527] ffff888102b56300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.191461] ffff888102b56380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.192027] >ffff888102b56400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.192643] ^ [ 19.193675] ffff888102b56480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.194249] ffff888102b56500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.194955] ================================================================== [ 19.030128] ================================================================== [ 19.031231] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 19.032032] Read of size 1 at addr ffff888102b56400 by task kunit_try_catch/213 [ 19.033507] [ 19.033699] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 19.033785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.033803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.033834] Call Trace: [ 19.033850] <TASK> [ 19.033871] dump_stack_lvl+0x73/0xb0 [ 19.033909] print_report+0xd1/0x650 [ 19.033940] ? __virt_addr_valid+0x1db/0x2d0 [ 19.033971] ? ksize_uaf+0x19d/0x6c0 [ 19.034023] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.034098] ? ksize_uaf+0x19d/0x6c0 [ 19.034316] kasan_report+0x141/0x180 [ 19.034400] ? ksize_uaf+0x19d/0x6c0 [ 19.034484] ? ksize_uaf+0x19d/0x6c0 [ 19.034587] __kasan_check_byte+0x3d/0x50 [ 19.034675] ksize+0x20/0x60 [ 19.034750] ksize_uaf+0x19d/0x6c0 [ 19.034861] ? __pfx_ksize_uaf+0x10/0x10 [ 19.034896] ? __schedule+0x10cc/0x2b60 [ 19.034932] ? __pfx_read_tsc+0x10/0x10 [ 19.034963] ? ktime_get_ts64+0x86/0x230 [ 19.035017] kunit_try_run_case+0x1a5/0x480 [ 19.035058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.035087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.035121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.035155] ? __kthread_parkme+0x82/0x180 [ 19.035276] ? preempt_count_sub+0x50/0x80 [ 19.035318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.035348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.035383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.035418] kthread+0x337/0x6f0 [ 19.035444] ? trace_preempt_on+0x20/0xc0 [ 19.035477] ? __pfx_kthread+0x10/0x10 [ 19.035505] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.035536] ? calculate_sigpending+0x7b/0xa0 [ 19.035570] ? __pfx_kthread+0x10/0x10 [ 19.035599] ret_from_fork+0x116/0x1d0 [ 19.035623] ? __pfx_kthread+0x10/0x10 [ 19.035651] ret_from_fork_asm+0x1a/0x30 [ 19.035691] </TASK> [ 19.035706] [ 19.058085] Allocated by task 213: [ 19.058638] kasan_save_stack+0x45/0x70 [ 19.059366] kasan_save_track+0x18/0x40 [ 19.059773] kasan_save_alloc_info+0x3b/0x50 [ 19.060289] __kasan_kmalloc+0xb7/0xc0 [ 19.060759] __kmalloc_cache_noprof+0x189/0x420 [ 19.061374] ksize_uaf+0xaa/0x6c0 [ 19.061730] kunit_try_run_case+0x1a5/0x480 [ 19.062502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.063096] kthread+0x337/0x6f0 [ 19.063557] ret_from_fork+0x116/0x1d0 [ 19.064047] ret_from_fork_asm+0x1a/0x30 [ 19.064612] [ 19.064917] Freed by task 213: [ 19.065582] kasan_save_stack+0x45/0x70 [ 19.066031] kasan_save_track+0x18/0x40 [ 19.066419] kasan_save_free_info+0x3f/0x60 [ 19.066859] __kasan_slab_free+0x56/0x70 [ 19.067461] kfree+0x222/0x3f0 [ 19.067813] ksize_uaf+0x12c/0x6c0 [ 19.068372] kunit_try_run_case+0x1a5/0x480 [ 19.068861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.069649] kthread+0x337/0x6f0 [ 19.070090] ret_from_fork+0x116/0x1d0 [ 19.070670] ret_from_fork_asm+0x1a/0x30 [ 19.071331] [ 19.071546] The buggy address belongs to the object at ffff888102b56400 [ 19.071546] which belongs to the cache kmalloc-128 of size 128 [ 19.072681] The buggy address is located 0 bytes inside of [ 19.072681] freed 128-byte region [ffff888102b56400, ffff888102b56480) [ 19.073729] [ 19.074586] The buggy address belongs to the physical page: [ 19.075369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 19.076041] flags: 0x200000000000000(node=0|zone=2) [ 19.076653] page_type: f5(slab) [ 19.077058] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.077894] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.078885] page dumped because: kasan: bad access detected [ 19.079439] [ 19.079660] Memory state around the buggy address: [ 19.080388] ffff888102b56300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.080957] ffff888102b56380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.082028] >ffff888102b56400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.082698] ^ [ 19.083444] ffff888102b56480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.084348] ffff888102b56500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.084908] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.930349] ================================================================== [ 18.931034] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.931737] Read of size 1 at addr ffff888102b56378 by task kunit_try_catch/211 [ 18.932366] [ 18.932649] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.932769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.932788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.932820] Call Trace: [ 18.932847] <TASK> [ 18.932897] dump_stack_lvl+0x73/0xb0 [ 18.932981] print_report+0xd1/0x650 [ 18.933940] ? __virt_addr_valid+0x1db/0x2d0 [ 18.933979] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.934040] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.934075] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.934110] kasan_report+0x141/0x180 [ 18.934142] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.934303] __asan_report_load1_noabort+0x18/0x20 [ 18.934345] ksize_unpoisons_memory+0x7e9/0x9b0 [ 18.934382] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.934417] ? finish_task_switch.isra.0+0x153/0x700 [ 18.934448] ? __switch_to+0x47/0xf50 [ 18.934484] ? __schedule+0x10cc/0x2b60 [ 18.934519] ? __pfx_read_tsc+0x10/0x10 [ 18.934549] ? ktime_get_ts64+0x86/0x230 [ 18.934583] kunit_try_run_case+0x1a5/0x480 [ 18.934613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.934640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.934676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.934711] ? __kthread_parkme+0x82/0x180 [ 18.934768] ? preempt_count_sub+0x50/0x80 [ 18.934803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.934832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.934868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.934903] kthread+0x337/0x6f0 [ 18.934931] ? trace_preempt_on+0x20/0xc0 [ 18.934964] ? __pfx_kthread+0x10/0x10 [ 18.934993] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.935051] ? calculate_sigpending+0x7b/0xa0 [ 18.935086] ? __pfx_kthread+0x10/0x10 [ 18.935116] ret_from_fork+0x116/0x1d0 [ 18.935140] ? __pfx_kthread+0x10/0x10 [ 18.935180] ret_from_fork_asm+0x1a/0x30 [ 18.935241] </TASK> [ 18.935257] [ 18.954879] Allocated by task 211: [ 18.955446] kasan_save_stack+0x45/0x70 [ 18.955922] kasan_save_track+0x18/0x40 [ 18.956341] kasan_save_alloc_info+0x3b/0x50 [ 18.956979] __kasan_kmalloc+0xb7/0xc0 [ 18.957526] __kmalloc_cache_noprof+0x189/0x420 [ 18.958087] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.959022] kunit_try_run_case+0x1a5/0x480 [ 18.959623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.960335] kthread+0x337/0x6f0 [ 18.960787] ret_from_fork+0x116/0x1d0 [ 18.961313] ret_from_fork_asm+0x1a/0x30 [ 18.961841] [ 18.962067] The buggy address belongs to the object at ffff888102b56300 [ 18.962067] which belongs to the cache kmalloc-128 of size 128 [ 18.963616] The buggy address is located 5 bytes to the right of [ 18.963616] allocated 115-byte region [ffff888102b56300, ffff888102b56373) [ 18.964761] [ 18.965065] The buggy address belongs to the physical page: [ 18.965762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 18.966593] flags: 0x200000000000000(node=0|zone=2) [ 18.967399] page_type: f5(slab) [ 18.967808] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.968647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.969403] page dumped because: kasan: bad access detected [ 18.970151] [ 18.970941] Memory state around the buggy address: [ 18.971303] ffff888102b56200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.972238] ffff888102b56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.972918] >ffff888102b56300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.973518] ^ [ 18.974564] ffff888102b56380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.975052] ffff888102b56400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.976380] ================================================================== [ 18.978890] ================================================================== [ 18.979523] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.980674] Read of size 1 at addr ffff888102b5637f by task kunit_try_catch/211 [ 18.981673] [ 18.982134] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.982503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.982542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.982595] Call Trace: [ 18.982614] <TASK> [ 18.982633] dump_stack_lvl+0x73/0xb0 [ 18.982671] print_report+0xd1/0x650 [ 18.982703] ? __virt_addr_valid+0x1db/0x2d0 [ 18.982779] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.982818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.982851] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.982884] kasan_report+0x141/0x180 [ 18.982916] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.982955] __asan_report_load1_noabort+0x18/0x20 [ 18.982985] ksize_unpoisons_memory+0x7b6/0x9b0 [ 18.983045] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.983081] ? finish_task_switch.isra.0+0x153/0x700 [ 18.983112] ? __switch_to+0x47/0xf50 [ 18.983147] ? __schedule+0x10cc/0x2b60 [ 18.983229] ? __pfx_read_tsc+0x10/0x10 [ 18.983305] ? ktime_get_ts64+0x86/0x230 [ 18.983343] kunit_try_run_case+0x1a5/0x480 [ 18.983374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.983402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.983436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.983472] ? __kthread_parkme+0x82/0x180 [ 18.983500] ? preempt_count_sub+0x50/0x80 [ 18.983532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.983561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.983595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.983630] kthread+0x337/0x6f0 [ 18.983656] ? trace_preempt_on+0x20/0xc0 [ 18.983688] ? __pfx_kthread+0x10/0x10 [ 18.983716] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.983783] ? calculate_sigpending+0x7b/0xa0 [ 18.983821] ? __pfx_kthread+0x10/0x10 [ 18.983851] ret_from_fork+0x116/0x1d0 [ 18.983875] ? __pfx_kthread+0x10/0x10 [ 18.983903] ret_from_fork_asm+0x1a/0x30 [ 18.983943] </TASK> [ 18.983957] [ 19.004210] Allocated by task 211: [ 19.004608] kasan_save_stack+0x45/0x70 [ 19.005187] kasan_save_track+0x18/0x40 [ 19.005658] kasan_save_alloc_info+0x3b/0x50 [ 19.006155] __kasan_kmalloc+0xb7/0xc0 [ 19.006809] __kmalloc_cache_noprof+0x189/0x420 [ 19.007181] ksize_unpoisons_memory+0xc7/0x9b0 [ 19.007780] kunit_try_run_case+0x1a5/0x480 [ 19.008341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.008949] kthread+0x337/0x6f0 [ 19.009263] ret_from_fork+0x116/0x1d0 [ 19.009736] ret_from_fork_asm+0x1a/0x30 [ 19.010205] [ 19.010846] The buggy address belongs to the object at ffff888102b56300 [ 19.010846] which belongs to the cache kmalloc-128 of size 128 [ 19.012168] The buggy address is located 12 bytes to the right of [ 19.012168] allocated 115-byte region [ffff888102b56300, ffff888102b56373) [ 19.013256] [ 19.013443] The buggy address belongs to the physical page: [ 19.014021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 19.015240] flags: 0x200000000000000(node=0|zone=2) [ 19.015712] page_type: f5(slab) [ 19.016057] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.016646] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.017840] page dumped because: kasan: bad access detected [ 19.018773] [ 19.018961] Memory state around the buggy address: [ 19.019687] ffff888102b56200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.020542] ffff888102b56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.021374] >ffff888102b56300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.022120] ^ [ 19.023094] ffff888102b56380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.023873] ffff888102b56400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.024624] ================================================================== [ 18.868445] ================================================================== [ 18.869895] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 18.870847] Read of size 1 at addr ffff888102b56373 by task kunit_try_catch/211 [ 18.871866] [ 18.872474] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.872582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.872603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.872633] Call Trace: [ 18.872653] <TASK> [ 18.872676] dump_stack_lvl+0x73/0xb0 [ 18.872716] print_report+0xd1/0x650 [ 18.872780] ? __virt_addr_valid+0x1db/0x2d0 [ 18.872816] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.872849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.872881] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.872914] kasan_report+0x141/0x180 [ 18.872945] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 18.872984] __asan_report_load1_noabort+0x18/0x20 [ 18.873201] ksize_unpoisons_memory+0x81c/0x9b0 [ 18.873289] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.873364] ? finish_task_switch.isra.0+0x153/0x700 [ 18.873469] ? __switch_to+0x47/0xf50 [ 18.873545] ? __schedule+0x10cc/0x2b60 [ 18.873583] ? __pfx_read_tsc+0x10/0x10 [ 18.873614] ? ktime_get_ts64+0x86/0x230 [ 18.873648] kunit_try_run_case+0x1a5/0x480 [ 18.873679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.873706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.873777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.873816] ? __kthread_parkme+0x82/0x180 [ 18.873845] ? preempt_count_sub+0x50/0x80 [ 18.873876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.873904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.873941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.873975] kthread+0x337/0x6f0 [ 18.874022] ? trace_preempt_on+0x20/0xc0 [ 18.874063] ? __pfx_kthread+0x10/0x10 [ 18.874093] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.874125] ? calculate_sigpending+0x7b/0xa0 [ 18.874158] ? __pfx_kthread+0x10/0x10 [ 18.874308] ret_from_fork+0x116/0x1d0 [ 18.874341] ? __pfx_kthread+0x10/0x10 [ 18.874370] ret_from_fork_asm+0x1a/0x30 [ 18.874413] </TASK> [ 18.874428] [ 18.898311] Allocated by task 211: [ 18.898812] kasan_save_stack+0x45/0x70 [ 18.899931] kasan_save_track+0x18/0x40 [ 18.901278] kasan_save_alloc_info+0x3b/0x50 [ 18.902241] __kasan_kmalloc+0xb7/0xc0 [ 18.902849] __kmalloc_cache_noprof+0x189/0x420 [ 18.904295] ksize_unpoisons_memory+0xc7/0x9b0 [ 18.906354] kunit_try_run_case+0x1a5/0x480 [ 18.906720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.908765] kthread+0x337/0x6f0 [ 18.909069] ret_from_fork+0x116/0x1d0 [ 18.909360] ret_from_fork_asm+0x1a/0x30 [ 18.909653] [ 18.909807] The buggy address belongs to the object at ffff888102b56300 [ 18.909807] which belongs to the cache kmalloc-128 of size 128 [ 18.910841] The buggy address is located 0 bytes to the right of [ 18.910841] allocated 115-byte region [ffff888102b56300, ffff888102b56373) [ 18.911904] [ 18.912188] The buggy address belongs to the physical page: [ 18.912688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 18.917087] flags: 0x200000000000000(node=0|zone=2) [ 18.917915] page_type: f5(slab) [ 18.918907] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.919695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.920740] page dumped because: kasan: bad access detected [ 18.921371] [ 18.921466] Memory state around the buggy address: [ 18.921641] ffff888102b56200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.922592] ffff888102b56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.923941] >ffff888102b56300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.924653] ^ [ 18.925567] ffff888102b56380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.926893] ffff888102b56400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.927466] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.797535] ================================================================== [ 18.799308] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 18.799773] Free of addr ffff888102b0a0e0 by task kunit_try_catch/209 [ 18.801143] [ 18.801434] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.801561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.801662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.801700] Call Trace: [ 18.801730] <TASK> [ 18.801794] dump_stack_lvl+0x73/0xb0 [ 18.801847] print_report+0xd1/0x650 [ 18.801881] ? __virt_addr_valid+0x1db/0x2d0 [ 18.801915] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.801946] ? kfree_sensitive+0x2e/0x90 [ 18.801975] kasan_report_invalid_free+0x10a/0x130 [ 18.802034] ? kfree_sensitive+0x2e/0x90 [ 18.802069] ? kfree_sensitive+0x2e/0x90 [ 18.802097] check_slab_allocation+0x101/0x130 [ 18.802128] __kasan_slab_pre_free+0x28/0x40 [ 18.802158] kfree+0xf0/0x3f0 [ 18.802183] ? kfree_sensitive+0x2e/0x90 [ 18.802213] kfree_sensitive+0x2e/0x90 [ 18.802241] kmalloc_double_kzfree+0x19c/0x350 [ 18.802273] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.802318] ? __schedule+0x10cc/0x2b60 [ 18.802352] ? __pfx_read_tsc+0x10/0x10 [ 18.802382] ? ktime_get_ts64+0x86/0x230 [ 18.802415] kunit_try_run_case+0x1a5/0x480 [ 18.802444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.802470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.802505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.802745] ? __kthread_parkme+0x82/0x180 [ 18.802800] ? preempt_count_sub+0x50/0x80 [ 18.802835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.802864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.802901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.802936] kthread+0x337/0x6f0 [ 18.802964] ? trace_preempt_on+0x20/0xc0 [ 18.802996] ? __pfx_kthread+0x10/0x10 [ 18.803051] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.803084] ? calculate_sigpending+0x7b/0xa0 [ 18.803119] ? __pfx_kthread+0x10/0x10 [ 18.803148] ret_from_fork+0x116/0x1d0 [ 18.803261] ? __pfx_kthread+0x10/0x10 [ 18.803299] ret_from_fork_asm+0x1a/0x30 [ 18.803343] </TASK> [ 18.803357] [ 18.828961] Allocated by task 209: [ 18.829314] kasan_save_stack+0x45/0x70 [ 18.829701] kasan_save_track+0x18/0x40 [ 18.830543] kasan_save_alloc_info+0x3b/0x50 [ 18.831039] __kasan_kmalloc+0xb7/0xc0 [ 18.831974] __kmalloc_cache_noprof+0x189/0x420 [ 18.832674] kmalloc_double_kzfree+0xa9/0x350 [ 18.833322] kunit_try_run_case+0x1a5/0x480 [ 18.833753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.834669] kthread+0x337/0x6f0 [ 18.835301] ret_from_fork+0x116/0x1d0 [ 18.835669] ret_from_fork_asm+0x1a/0x30 [ 18.836094] [ 18.836407] Freed by task 209: [ 18.837502] kasan_save_stack+0x45/0x70 [ 18.838118] kasan_save_track+0x18/0x40 [ 18.838694] kasan_save_free_info+0x3f/0x60 [ 18.839746] __kasan_slab_free+0x56/0x70 [ 18.840218] kfree+0x222/0x3f0 [ 18.840611] kfree_sensitive+0x67/0x90 [ 18.841561] kmalloc_double_kzfree+0x12b/0x350 [ 18.842191] kunit_try_run_case+0x1a5/0x480 [ 18.842525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.843336] kthread+0x337/0x6f0 [ 18.844126] ret_from_fork+0x116/0x1d0 [ 18.844626] ret_from_fork_asm+0x1a/0x30 [ 18.845488] [ 18.845906] The buggy address belongs to the object at ffff888102b0a0e0 [ 18.845906] which belongs to the cache kmalloc-16 of size 16 [ 18.847709] The buggy address is located 0 bytes inside of [ 18.847709] 16-byte region [ffff888102b0a0e0, ffff888102b0a0f0) [ 18.848584] [ 18.848826] The buggy address belongs to the physical page: [ 18.849858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0a [ 18.850650] flags: 0x200000000000000(node=0|zone=2) [ 18.851496] page_type: f5(slab) [ 18.851868] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.853038] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.853943] page dumped because: kasan: bad access detected [ 18.854541] [ 18.855487] Memory state around the buggy address: [ 18.855866] ffff888102b09f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.856545] ffff888102b0a000: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 18.857211] >ffff888102b0a080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.857713] ^ [ 18.859695] ffff888102b0a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.860223] ffff888102b0a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.861052] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.734867] ================================================================== [ 18.736388] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 18.737495] Read of size 1 at addr ffff888102b0a0e0 by task kunit_try_catch/209 [ 18.738990] [ 18.739440] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.739570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.739609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.739658] Call Trace: [ 18.739679] <TASK> [ 18.739708] dump_stack_lvl+0x73/0xb0 [ 18.740080] print_report+0xd1/0x650 [ 18.740121] ? __virt_addr_valid+0x1db/0x2d0 [ 18.740155] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.740273] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.740312] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.740347] kasan_report+0x141/0x180 [ 18.740379] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.740416] ? kmalloc_double_kzfree+0x19c/0x350 [ 18.740450] __kasan_check_byte+0x3d/0x50 [ 18.740481] kfree_sensitive+0x22/0x90 [ 18.740512] kmalloc_double_kzfree+0x19c/0x350 [ 18.740545] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.740579] ? __schedule+0x10cc/0x2b60 [ 18.740612] ? __pfx_read_tsc+0x10/0x10 [ 18.740642] ? ktime_get_ts64+0x86/0x230 [ 18.740674] kunit_try_run_case+0x1a5/0x480 [ 18.740704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.740739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.740794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.740829] ? __kthread_parkme+0x82/0x180 [ 18.740858] ? preempt_count_sub+0x50/0x80 [ 18.740889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.740918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.740952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.740986] kthread+0x337/0x6f0 [ 18.741036] ? trace_preempt_on+0x20/0xc0 [ 18.741072] ? __pfx_kthread+0x10/0x10 [ 18.741102] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.741135] ? calculate_sigpending+0x7b/0xa0 [ 18.741183] ? __pfx_kthread+0x10/0x10 [ 18.741231] ret_from_fork+0x116/0x1d0 [ 18.741257] ? __pfx_kthread+0x10/0x10 [ 18.741286] ret_from_fork_asm+0x1a/0x30 [ 18.741329] </TASK> [ 18.741344] [ 18.765102] Allocated by task 209: [ 18.765735] kasan_save_stack+0x45/0x70 [ 18.766302] kasan_save_track+0x18/0x40 [ 18.767059] kasan_save_alloc_info+0x3b/0x50 [ 18.767666] __kasan_kmalloc+0xb7/0xc0 [ 18.768196] __kmalloc_cache_noprof+0x189/0x420 [ 18.768571] kmalloc_double_kzfree+0xa9/0x350 [ 18.769729] kunit_try_run_case+0x1a5/0x480 [ 18.770116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.770979] kthread+0x337/0x6f0 [ 18.771401] ret_from_fork+0x116/0x1d0 [ 18.771765] ret_from_fork_asm+0x1a/0x30 [ 18.772658] [ 18.772852] Freed by task 209: [ 18.773159] kasan_save_stack+0x45/0x70 [ 18.774353] kasan_save_track+0x18/0x40 [ 18.774828] kasan_save_free_info+0x3f/0x60 [ 18.775560] __kasan_slab_free+0x56/0x70 [ 18.776216] kfree+0x222/0x3f0 [ 18.776797] kfree_sensitive+0x67/0x90 [ 18.777144] kmalloc_double_kzfree+0x12b/0x350 [ 18.778211] kunit_try_run_case+0x1a5/0x480 [ 18.778586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.779394] kthread+0x337/0x6f0 [ 18.779743] ret_from_fork+0x116/0x1d0 [ 18.780166] ret_from_fork_asm+0x1a/0x30 [ 18.780507] [ 18.780743] The buggy address belongs to the object at ffff888102b0a0e0 [ 18.780743] which belongs to the cache kmalloc-16 of size 16 [ 18.782111] The buggy address is located 0 bytes inside of [ 18.782111] freed 16-byte region [ffff888102b0a0e0, ffff888102b0a0f0) [ 18.783422] [ 18.783615] The buggy address belongs to the physical page: [ 18.784686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0a [ 18.785395] flags: 0x200000000000000(node=0|zone=2) [ 18.785860] page_type: f5(slab) [ 18.786672] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.787501] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.788322] page dumped because: kasan: bad access detected [ 18.789183] [ 18.789412] Memory state around the buggy address: [ 18.789782] ffff888102b09f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.791108] ffff888102b0a000: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 18.791972] >ffff888102b0a080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.792700] ^ [ 18.793491] ffff888102b0a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.794626] ffff888102b0a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.796039] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.672814] ================================================================== [ 18.674083] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 18.675885] Read of size 1 at addr ffff888102b675a8 by task kunit_try_catch/205 [ 18.676411] [ 18.676878] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.677004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.677062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.677111] Call Trace: [ 18.677151] <TASK> [ 18.677199] dump_stack_lvl+0x73/0xb0 [ 18.677286] print_report+0xd1/0x650 [ 18.677346] ? __virt_addr_valid+0x1db/0x2d0 [ 18.677380] ? kmalloc_uaf2+0x4a8/0x520 [ 18.677408] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.677439] ? kmalloc_uaf2+0x4a8/0x520 [ 18.677469] kasan_report+0x141/0x180 [ 18.677501] ? kmalloc_uaf2+0x4a8/0x520 [ 18.677536] __asan_report_load1_noabort+0x18/0x20 [ 18.677564] kmalloc_uaf2+0x4a8/0x520 [ 18.677592] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 18.677620] ? finish_task_switch.isra.0+0x153/0x700 [ 18.677651] ? __switch_to+0x47/0xf50 [ 18.677686] ? __schedule+0x10cc/0x2b60 [ 18.677720] ? __pfx_read_tsc+0x10/0x10 [ 18.677777] ? ktime_get_ts64+0x86/0x230 [ 18.677814] kunit_try_run_case+0x1a5/0x480 [ 18.677845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.677872] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.677907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.677941] ? __kthread_parkme+0x82/0x180 [ 18.677968] ? preempt_count_sub+0x50/0x80 [ 18.677998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.678073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.678153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.678232] kthread+0x337/0x6f0 [ 18.678309] ? trace_preempt_on+0x20/0xc0 [ 18.678548] ? __pfx_kthread+0x10/0x10 [ 18.678581] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.678614] ? calculate_sigpending+0x7b/0xa0 [ 18.678649] ? __pfx_kthread+0x10/0x10 [ 18.678679] ret_from_fork+0x116/0x1d0 [ 18.678704] ? __pfx_kthread+0x10/0x10 [ 18.678739] ret_from_fork_asm+0x1a/0x30 [ 18.678816] </TASK> [ 18.678834] [ 18.696027] Allocated by task 205: [ 18.696312] kasan_save_stack+0x45/0x70 [ 18.696993] kasan_save_track+0x18/0x40 [ 18.697550] kasan_save_alloc_info+0x3b/0x50 [ 18.698054] __kasan_kmalloc+0xb7/0xc0 [ 18.698483] __kmalloc_cache_noprof+0x189/0x420 [ 18.699284] kmalloc_uaf2+0xc6/0x520 [ 18.699719] kunit_try_run_case+0x1a5/0x480 [ 18.700349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.700870] kthread+0x337/0x6f0 [ 18.701226] ret_from_fork+0x116/0x1d0 [ 18.701533] ret_from_fork_asm+0x1a/0x30 [ 18.701894] [ 18.702166] Freed by task 205: [ 18.702549] kasan_save_stack+0x45/0x70 [ 18.703025] kasan_save_track+0x18/0x40 [ 18.703720] kasan_save_free_info+0x3f/0x60 [ 18.704285] __kasan_slab_free+0x56/0x70 [ 18.704959] kfree+0x222/0x3f0 [ 18.705513] kmalloc_uaf2+0x14c/0x520 [ 18.705866] kunit_try_run_case+0x1a5/0x480 [ 18.706680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.707284] kthread+0x337/0x6f0 [ 18.707716] ret_from_fork+0x116/0x1d0 [ 18.708291] ret_from_fork_asm+0x1a/0x30 [ 18.708612] [ 18.708847] The buggy address belongs to the object at ffff888102b67580 [ 18.708847] which belongs to the cache kmalloc-64 of size 64 [ 18.709804] The buggy address is located 40 bytes inside of [ 18.709804] freed 64-byte region [ffff888102b67580, ffff888102b675c0) [ 18.711483] [ 18.711790] The buggy address belongs to the physical page: [ 18.712495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b67 [ 18.713925] flags: 0x200000000000000(node=0|zone=2) [ 18.714849] page_type: f5(slab) [ 18.716131] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.716786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.717720] page dumped because: kasan: bad access detected [ 18.717949] [ 18.718083] Memory state around the buggy address: [ 18.719435] ffff888102b67480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.721077] ffff888102b67500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.721812] >ffff888102b67580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.722539] ^ [ 18.723041] ffff888102b67600: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.723708] ffff888102b67680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.724233] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.602907] ================================================================== [ 18.604330] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 18.606203] Write of size 33 at addr ffff8881022c8d00 by task kunit_try_catch/203 [ 18.606870] [ 18.607179] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.607380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.607421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.607482] Call Trace: [ 18.607521] <TASK> [ 18.607571] dump_stack_lvl+0x73/0xb0 [ 18.607660] print_report+0xd1/0x650 [ 18.607741] ? __virt_addr_valid+0x1db/0x2d0 [ 18.607800] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.607834] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.607866] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.607897] kasan_report+0x141/0x180 [ 18.607930] ? kmalloc_uaf_memset+0x1a3/0x360 [ 18.607966] kasan_check_range+0x10c/0x1c0 [ 18.608000] __asan_memset+0x27/0x50 [ 18.608057] kmalloc_uaf_memset+0x1a3/0x360 [ 18.608089] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 18.608121] ? __schedule+0x10cc/0x2b60 [ 18.608157] ? __pfx_read_tsc+0x10/0x10 [ 18.608225] ? ktime_get_ts64+0x86/0x230 [ 18.608299] kunit_try_run_case+0x1a5/0x480 [ 18.608368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.608427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.608499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.608572] ? __kthread_parkme+0x82/0x180 [ 18.608643] ? preempt_count_sub+0x50/0x80 [ 18.608680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.608710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.608746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.608781] kthread+0x337/0x6f0 [ 18.608808] ? trace_preempt_on+0x20/0xc0 [ 18.608841] ? __pfx_kthread+0x10/0x10 [ 18.608869] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.608902] ? calculate_sigpending+0x7b/0xa0 [ 18.608936] ? __pfx_kthread+0x10/0x10 [ 18.608965] ret_from_fork+0x116/0x1d0 [ 18.608989] ? __pfx_kthread+0x10/0x10 [ 18.609041] ret_from_fork_asm+0x1a/0x30 [ 18.609088] </TASK> [ 18.609103] [ 18.632291] Allocated by task 203: [ 18.634653] kasan_save_stack+0x45/0x70 [ 18.636031] kasan_save_track+0x18/0x40 [ 18.636547] kasan_save_alloc_info+0x3b/0x50 [ 18.636822] __kasan_kmalloc+0xb7/0xc0 [ 18.637090] __kmalloc_cache_noprof+0x189/0x420 [ 18.637366] kmalloc_uaf_memset+0xa9/0x360 [ 18.638806] kunit_try_run_case+0x1a5/0x480 [ 18.640210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.641223] kthread+0x337/0x6f0 [ 18.641644] ret_from_fork+0x116/0x1d0 [ 18.641957] ret_from_fork_asm+0x1a/0x30 [ 18.642296] [ 18.642455] Freed by task 203: [ 18.642674] kasan_save_stack+0x45/0x70 [ 18.642944] kasan_save_track+0x18/0x40 [ 18.645040] kasan_save_free_info+0x3f/0x60 [ 18.645909] __kasan_slab_free+0x56/0x70 [ 18.646802] kfree+0x222/0x3f0 [ 18.647609] kmalloc_uaf_memset+0x12b/0x360 [ 18.648226] kunit_try_run_case+0x1a5/0x480 [ 18.648512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.649091] kthread+0x337/0x6f0 [ 18.650551] ret_from_fork+0x116/0x1d0 [ 18.651614] ret_from_fork_asm+0x1a/0x30 [ 18.652407] [ 18.652953] The buggy address belongs to the object at ffff8881022c8d00 [ 18.652953] which belongs to the cache kmalloc-64 of size 64 [ 18.654446] The buggy address is located 0 bytes inside of [ 18.654446] freed 64-byte region [ffff8881022c8d00, ffff8881022c8d40) [ 18.655452] [ 18.655898] The buggy address belongs to the physical page: [ 18.656398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c8 [ 18.657100] flags: 0x200000000000000(node=0|zone=2) [ 18.657659] page_type: f5(slab) [ 18.657974] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.658803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.660687] page dumped because: kasan: bad access detected [ 18.661543] [ 18.661718] Memory state around the buggy address: [ 18.662564] ffff8881022c8c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.663865] ffff8881022c8c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.664139] >ffff8881022c8d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.665380] ^ [ 18.665689] ffff8881022c8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.666294] ffff8881022c8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.666784] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.540474] ================================================================== [ 18.541375] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 18.541931] Read of size 1 at addr ffff888102b0a0c8 by task kunit_try_catch/201 [ 18.543784] [ 18.543972] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.544086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.544126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.544418] Call Trace: [ 18.544446] <TASK> [ 18.544471] dump_stack_lvl+0x73/0xb0 [ 18.544515] print_report+0xd1/0x650 [ 18.544549] ? __virt_addr_valid+0x1db/0x2d0 [ 18.544582] ? kmalloc_uaf+0x320/0x380 [ 18.544611] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.544641] ? kmalloc_uaf+0x320/0x380 [ 18.544670] kasan_report+0x141/0x180 [ 18.544700] ? kmalloc_uaf+0x320/0x380 [ 18.544759] __asan_report_load1_noabort+0x18/0x20 [ 18.544806] kmalloc_uaf+0x320/0x380 [ 18.544836] ? __pfx_kmalloc_uaf+0x10/0x10 [ 18.544866] ? __schedule+0x10cc/0x2b60 [ 18.544901] ? __pfx_read_tsc+0x10/0x10 [ 18.544931] ? ktime_get_ts64+0x86/0x230 [ 18.544965] kunit_try_run_case+0x1a5/0x480 [ 18.544996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.545046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.545086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.545120] ? __kthread_parkme+0x82/0x180 [ 18.545149] ? preempt_count_sub+0x50/0x80 [ 18.545278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.545317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.545355] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.545390] kthread+0x337/0x6f0 [ 18.545417] ? trace_preempt_on+0x20/0xc0 [ 18.545450] ? __pfx_kthread+0x10/0x10 [ 18.545478] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.545509] ? calculate_sigpending+0x7b/0xa0 [ 18.545542] ? __pfx_kthread+0x10/0x10 [ 18.545571] ret_from_fork+0x116/0x1d0 [ 18.545595] ? __pfx_kthread+0x10/0x10 [ 18.545623] ret_from_fork_asm+0x1a/0x30 [ 18.545665] </TASK> [ 18.545679] [ 18.566700] Allocated by task 201: [ 18.567075] kasan_save_stack+0x45/0x70 [ 18.567673] kasan_save_track+0x18/0x40 [ 18.568385] kasan_save_alloc_info+0x3b/0x50 [ 18.569091] __kasan_kmalloc+0xb7/0xc0 [ 18.569688] __kmalloc_cache_noprof+0x189/0x420 [ 18.570508] kmalloc_uaf+0xaa/0x380 [ 18.570833] kunit_try_run_case+0x1a5/0x480 [ 18.571206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.571614] kthread+0x337/0x6f0 [ 18.572850] ret_from_fork+0x116/0x1d0 [ 18.573157] ret_from_fork_asm+0x1a/0x30 [ 18.574001] [ 18.574399] Freed by task 201: [ 18.574746] kasan_save_stack+0x45/0x70 [ 18.575509] kasan_save_track+0x18/0x40 [ 18.575818] kasan_save_free_info+0x3f/0x60 [ 18.576923] __kasan_slab_free+0x56/0x70 [ 18.577629] kfree+0x222/0x3f0 [ 18.578191] kmalloc_uaf+0x12c/0x380 [ 18.578692] kunit_try_run_case+0x1a5/0x480 [ 18.579505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.580286] kthread+0x337/0x6f0 [ 18.580574] ret_from_fork+0x116/0x1d0 [ 18.581544] ret_from_fork_asm+0x1a/0x30 [ 18.581830] [ 18.582141] The buggy address belongs to the object at ffff888102b0a0c0 [ 18.582141] which belongs to the cache kmalloc-16 of size 16 [ 18.583949] The buggy address is located 8 bytes inside of [ 18.583949] freed 16-byte region [ffff888102b0a0c0, ffff888102b0a0d0) [ 18.585603] [ 18.585707] The buggy address belongs to the physical page: [ 18.586108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0a [ 18.587195] flags: 0x200000000000000(node=0|zone=2) [ 18.587611] page_type: f5(slab) [ 18.588169] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.589075] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.589830] page dumped because: kasan: bad access detected [ 18.590332] [ 18.590631] Memory state around the buggy address: [ 18.591807] ffff888102b09f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.592535] ffff888102b0a000: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 18.593420] >ffff888102b0a080: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 18.593820] ^ [ 18.594656] ffff888102b0a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.595570] ffff888102b0a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.596131] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.483113] ================================================================== [ 18.485127] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.486143] Read of size 64 at addr ffff8881022c8c04 by task kunit_try_catch/199 [ 18.487515] [ 18.487712] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.487823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.487863] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.487922] Call Trace: [ 18.488122] <TASK> [ 18.488155] dump_stack_lvl+0x73/0xb0 [ 18.488239] print_report+0xd1/0x650 [ 18.488305] ? __virt_addr_valid+0x1db/0x2d0 [ 18.488341] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.488377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.488409] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.488444] kasan_report+0x141/0x180 [ 18.488475] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.488515] kasan_check_range+0x10c/0x1c0 [ 18.488548] __asan_memmove+0x27/0x70 [ 18.488575] kmalloc_memmove_invalid_size+0x16f/0x330 [ 18.488610] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 18.488646] ? __schedule+0x10cc/0x2b60 [ 18.488679] ? __pfx_read_tsc+0x10/0x10 [ 18.488709] ? ktime_get_ts64+0x86/0x230 [ 18.488761] kunit_try_run_case+0x1a5/0x480 [ 18.488803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.488831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.488866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.488900] ? __kthread_parkme+0x82/0x180 [ 18.488928] ? preempt_count_sub+0x50/0x80 [ 18.488961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.488989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.489046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.489084] kthread+0x337/0x6f0 [ 18.489112] ? trace_preempt_on+0x20/0xc0 [ 18.489145] ? __pfx_kthread+0x10/0x10 [ 18.489191] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.489265] ? calculate_sigpending+0x7b/0xa0 [ 18.489344] ? __pfx_kthread+0x10/0x10 [ 18.489420] ret_from_fork+0x116/0x1d0 [ 18.489486] ? __pfx_kthread+0x10/0x10 [ 18.489551] ret_from_fork_asm+0x1a/0x30 [ 18.489594] </TASK> [ 18.489609] [ 18.511443] Allocated by task 199: [ 18.512175] kasan_save_stack+0x45/0x70 [ 18.512995] kasan_save_track+0x18/0x40 [ 18.513681] kasan_save_alloc_info+0x3b/0x50 [ 18.514230] __kasan_kmalloc+0xb7/0xc0 [ 18.515031] __kmalloc_cache_noprof+0x189/0x420 [ 18.515389] kmalloc_memmove_invalid_size+0xac/0x330 [ 18.516331] kunit_try_run_case+0x1a5/0x480 [ 18.516670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.517903] kthread+0x337/0x6f0 [ 18.518299] ret_from_fork+0x116/0x1d0 [ 18.518830] ret_from_fork_asm+0x1a/0x30 [ 18.519600] [ 18.519808] The buggy address belongs to the object at ffff8881022c8c00 [ 18.519808] which belongs to the cache kmalloc-64 of size 64 [ 18.521392] The buggy address is located 4 bytes inside of [ 18.521392] allocated 64-byte region [ffff8881022c8c00, ffff8881022c8c40) [ 18.522562] [ 18.522995] The buggy address belongs to the physical page: [ 18.523681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c8 [ 18.524599] flags: 0x200000000000000(node=0|zone=2) [ 18.525213] page_type: f5(slab) [ 18.526123] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.526737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.527745] page dumped because: kasan: bad access detected [ 18.528444] [ 18.528606] Memory state around the buggy address: [ 18.529906] ffff8881022c8b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.530441] ffff8881022c8b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.531356] >ffff8881022c8c00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.532155] ^ [ 18.532977] ffff8881022c8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.533787] ffff8881022c8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.534654] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.430767] ================================================================== [ 18.431814] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 18.432579] Read of size 18446744073709551614 at addr ffff8881022c8b84 by task kunit_try_catch/197 [ 18.433347] [ 18.433628] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.433755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.433794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.433851] Call Trace: [ 18.433890] <TASK> [ 18.433938] dump_stack_lvl+0x73/0xb0 [ 18.434039] print_report+0xd1/0x650 [ 18.434208] ? __virt_addr_valid+0x1db/0x2d0 [ 18.434297] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.434376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.434447] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.434558] kasan_report+0x141/0x180 [ 18.434719] ? kmalloc_memmove_negative_size+0x171/0x330 [ 18.434811] kasan_check_range+0x10c/0x1c0 [ 18.434848] __asan_memmove+0x27/0x70 [ 18.434878] kmalloc_memmove_negative_size+0x171/0x330 [ 18.434914] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 18.434953] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 18.434997] kunit_try_run_case+0x1a5/0x480 [ 18.435058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.435087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.435124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.435159] ? __kthread_parkme+0x82/0x180 [ 18.435229] ? preempt_count_sub+0x50/0x80 [ 18.435296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.435326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.435361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.435395] kthread+0x337/0x6f0 [ 18.435421] ? trace_preempt_on+0x20/0xc0 [ 18.435453] ? __pfx_kthread+0x10/0x10 [ 18.435481] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.435513] ? calculate_sigpending+0x7b/0xa0 [ 18.435546] ? __pfx_kthread+0x10/0x10 [ 18.435575] ret_from_fork+0x116/0x1d0 [ 18.435600] ? __pfx_kthread+0x10/0x10 [ 18.435628] ret_from_fork_asm+0x1a/0x30 [ 18.435669] </TASK> [ 18.435683] [ 18.456637] Allocated by task 197: [ 18.457187] kasan_save_stack+0x45/0x70 [ 18.457597] kasan_save_track+0x18/0x40 [ 18.458350] kasan_save_alloc_info+0x3b/0x50 [ 18.458750] __kasan_kmalloc+0xb7/0xc0 [ 18.459884] __kmalloc_cache_noprof+0x189/0x420 [ 18.460445] kmalloc_memmove_negative_size+0xac/0x330 [ 18.461082] kunit_try_run_case+0x1a5/0x480 [ 18.461705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.462430] kthread+0x337/0x6f0 [ 18.462771] ret_from_fork+0x116/0x1d0 [ 18.463151] ret_from_fork_asm+0x1a/0x30 [ 18.463493] [ 18.463730] The buggy address belongs to the object at ffff8881022c8b80 [ 18.463730] which belongs to the cache kmalloc-64 of size 64 [ 18.464701] The buggy address is located 4 bytes inside of [ 18.464701] 64-byte region [ffff8881022c8b80, ffff8881022c8bc0) [ 18.466008] [ 18.466453] The buggy address belongs to the physical page: [ 18.467077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c8 [ 18.467900] flags: 0x200000000000000(node=0|zone=2) [ 18.468544] page_type: f5(slab) [ 18.468985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.469818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.470774] page dumped because: kasan: bad access detected [ 18.471431] [ 18.471692] Memory state around the buggy address: [ 18.472136] ffff8881022c8a80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.472917] ffff8881022c8b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.473729] >ffff8881022c8b80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.474455] ^ [ 18.474889] ffff8881022c8c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.475921] ffff8881022c8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.476639] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.380106] ================================================================== [ 18.382395] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 18.383726] Write of size 16 at addr ffff8881022c3a69 by task kunit_try_catch/195 [ 18.384440] [ 18.384631] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.384697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.384714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.384754] Call Trace: [ 18.384787] <TASK> [ 18.384811] dump_stack_lvl+0x73/0xb0 [ 18.384849] print_report+0xd1/0x650 [ 18.384880] ? __virt_addr_valid+0x1db/0x2d0 [ 18.384913] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.384943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.384974] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.385004] kasan_report+0x141/0x180 [ 18.385073] ? kmalloc_oob_memset_16+0x166/0x330 [ 18.385114] kasan_check_range+0x10c/0x1c0 [ 18.385149] __asan_memset+0x27/0x50 [ 18.385176] kmalloc_oob_memset_16+0x166/0x330 [ 18.385208] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 18.385240] ? __schedule+0x10cc/0x2b60 [ 18.385275] ? __pfx_read_tsc+0x10/0x10 [ 18.385305] ? ktime_get_ts64+0x86/0x230 [ 18.385339] kunit_try_run_case+0x1a5/0x480 [ 18.385370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.385398] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.385432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.385467] ? __kthread_parkme+0x82/0x180 [ 18.385495] ? preempt_count_sub+0x50/0x80 [ 18.385526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.385554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.385588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.385622] kthread+0x337/0x6f0 [ 18.385649] ? trace_preempt_on+0x20/0xc0 [ 18.385680] ? __pfx_kthread+0x10/0x10 [ 18.385708] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.385750] ? calculate_sigpending+0x7b/0xa0 [ 18.385805] ? __pfx_kthread+0x10/0x10 [ 18.385837] ret_from_fork+0x116/0x1d0 [ 18.385862] ? __pfx_kthread+0x10/0x10 [ 18.385890] ret_from_fork_asm+0x1a/0x30 [ 18.385932] </TASK> [ 18.385946] [ 18.404624] Allocated by task 195: [ 18.405374] kasan_save_stack+0x45/0x70 [ 18.406231] kasan_save_track+0x18/0x40 [ 18.406559] kasan_save_alloc_info+0x3b/0x50 [ 18.407453] __kasan_kmalloc+0xb7/0xc0 [ 18.407902] __kmalloc_cache_noprof+0x189/0x420 [ 18.408402] kmalloc_oob_memset_16+0xac/0x330 [ 18.408785] kunit_try_run_case+0x1a5/0x480 [ 18.409140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.409530] kthread+0x337/0x6f0 [ 18.410099] ret_from_fork+0x116/0x1d0 [ 18.410842] ret_from_fork_asm+0x1a/0x30 [ 18.411617] [ 18.412141] The buggy address belongs to the object at ffff8881022c3a00 [ 18.412141] which belongs to the cache kmalloc-128 of size 128 [ 18.413564] The buggy address is located 105 bytes inside of [ 18.413564] allocated 120-byte region [ffff8881022c3a00, ffff8881022c3a78) [ 18.414604] [ 18.414845] The buggy address belongs to the physical page: [ 18.415326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 18.415941] flags: 0x200000000000000(node=0|zone=2) [ 18.416350] page_type: f5(slab) [ 18.416731] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.417716] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.418836] page dumped because: kasan: bad access detected [ 18.419327] [ 18.419559] Memory state around the buggy address: [ 18.420399] ffff8881022c3900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.420929] ffff8881022c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.421499] >ffff8881022c3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.421986] ^ [ 18.422636] ffff8881022c3a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423257] ffff8881022c3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423829] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.318549] ================================================================== [ 18.319770] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 18.320855] Write of size 8 at addr ffff8881022c3971 by task kunit_try_catch/193 [ 18.321482] [ 18.321797] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.321926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.321964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.322008] Call Trace: [ 18.322049] <TASK> [ 18.322072] dump_stack_lvl+0x73/0xb0 [ 18.322110] print_report+0xd1/0x650 [ 18.322171] ? __virt_addr_valid+0x1db/0x2d0 [ 18.322255] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.322327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.322359] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.322390] kasan_report+0x141/0x180 [ 18.322421] ? kmalloc_oob_memset_8+0x166/0x330 [ 18.322457] kasan_check_range+0x10c/0x1c0 [ 18.322490] __asan_memset+0x27/0x50 [ 18.322516] kmalloc_oob_memset_8+0x166/0x330 [ 18.322547] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 18.322579] ? __schedule+0x10cc/0x2b60 [ 18.322613] ? __pfx_read_tsc+0x10/0x10 [ 18.322642] ? ktime_get_ts64+0x86/0x230 [ 18.322675] kunit_try_run_case+0x1a5/0x480 [ 18.322705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.322731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.322792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.322829] ? __kthread_parkme+0x82/0x180 [ 18.322858] ? preempt_count_sub+0x50/0x80 [ 18.322889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.322917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.322951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.322985] kthread+0x337/0x6f0 [ 18.323011] ? trace_preempt_on+0x20/0xc0 [ 18.323606] ? __pfx_kthread+0x10/0x10 [ 18.323645] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.323679] ? calculate_sigpending+0x7b/0xa0 [ 18.323714] ? __pfx_kthread+0x10/0x10 [ 18.323759] ret_from_fork+0x116/0x1d0 [ 18.323803] ? __pfx_kthread+0x10/0x10 [ 18.323832] ret_from_fork_asm+0x1a/0x30 [ 18.323874] </TASK> [ 18.323888] [ 18.345645] Allocated by task 193: [ 18.345964] kasan_save_stack+0x45/0x70 [ 18.346625] kasan_save_track+0x18/0x40 [ 18.347466] kasan_save_alloc_info+0x3b/0x50 [ 18.347975] __kasan_kmalloc+0xb7/0xc0 [ 18.348296] __kmalloc_cache_noprof+0x189/0x420 [ 18.348835] kmalloc_oob_memset_8+0xac/0x330 [ 18.349254] kunit_try_run_case+0x1a5/0x480 [ 18.349910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.350869] kthread+0x337/0x6f0 [ 18.351811] ret_from_fork+0x116/0x1d0 [ 18.352514] ret_from_fork_asm+0x1a/0x30 [ 18.353045] [ 18.353286] The buggy address belongs to the object at ffff8881022c3900 [ 18.353286] which belongs to the cache kmalloc-128 of size 128 [ 18.354311] The buggy address is located 113 bytes inside of [ 18.354311] allocated 120-byte region [ffff8881022c3900, ffff8881022c3978) [ 18.356676] [ 18.356840] The buggy address belongs to the physical page: [ 18.357722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 18.358329] flags: 0x200000000000000(node=0|zone=2) [ 18.359005] page_type: f5(slab) [ 18.359500] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.360381] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.361209] page dumped because: kasan: bad access detected [ 18.361646] [ 18.362256] Memory state around the buggy address: [ 18.362583] ffff8881022c3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.363358] ffff8881022c3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.364532] >ffff8881022c3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.365103] ^ [ 18.366207] ffff8881022c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.366695] ffff8881022c3a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.367520] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.258430] ================================================================== [ 18.259836] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 18.261112] Write of size 4 at addr ffff8881022c3875 by task kunit_try_catch/191 [ 18.262068] [ 18.262460] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.262590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.262658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.262726] Call Trace: [ 18.262767] <TASK> [ 18.262818] dump_stack_lvl+0x73/0xb0 [ 18.262903] print_report+0xd1/0x650 [ 18.262940] ? __virt_addr_valid+0x1db/0x2d0 [ 18.262974] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.263005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.263064] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.263097] kasan_report+0x141/0x180 [ 18.263128] ? kmalloc_oob_memset_4+0x166/0x330 [ 18.263171] kasan_check_range+0x10c/0x1c0 [ 18.263291] __asan_memset+0x27/0x50 [ 18.263368] kmalloc_oob_memset_4+0x166/0x330 [ 18.263453] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 18.263522] ? __schedule+0x10cc/0x2b60 [ 18.263560] ? __pfx_read_tsc+0x10/0x10 [ 18.263591] ? ktime_get_ts64+0x86/0x230 [ 18.263624] kunit_try_run_case+0x1a5/0x480 [ 18.263656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.263682] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.263718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.263796] ? __kthread_parkme+0x82/0x180 [ 18.263832] ? preempt_count_sub+0x50/0x80 [ 18.263866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.263894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.263928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.263962] kthread+0x337/0x6f0 [ 18.263989] ? trace_preempt_on+0x20/0xc0 [ 18.264046] ? __pfx_kthread+0x10/0x10 [ 18.264079] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.264113] ? calculate_sigpending+0x7b/0xa0 [ 18.264148] ? __pfx_kthread+0x10/0x10 [ 18.264197] ret_from_fork+0x116/0x1d0 [ 18.264268] ? __pfx_kthread+0x10/0x10 [ 18.264314] ret_from_fork_asm+0x1a/0x30 [ 18.264356] </TASK> [ 18.264372] [ 18.287099] Allocated by task 191: [ 18.287739] kasan_save_stack+0x45/0x70 [ 18.288481] kasan_save_track+0x18/0x40 [ 18.289235] kasan_save_alloc_info+0x3b/0x50 [ 18.289597] __kasan_kmalloc+0xb7/0xc0 [ 18.290822] __kmalloc_cache_noprof+0x189/0x420 [ 18.291652] kmalloc_oob_memset_4+0xac/0x330 [ 18.292359] kunit_try_run_case+0x1a5/0x480 [ 18.292965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.293403] kthread+0x337/0x6f0 [ 18.293696] ret_from_fork+0x116/0x1d0 [ 18.294622] ret_from_fork_asm+0x1a/0x30 [ 18.295127] [ 18.295659] The buggy address belongs to the object at ffff8881022c3800 [ 18.295659] which belongs to the cache kmalloc-128 of size 128 [ 18.297388] The buggy address is located 117 bytes inside of [ 18.297388] allocated 120-byte region [ffff8881022c3800, ffff8881022c3878) [ 18.298398] [ 18.299277] The buggy address belongs to the physical page: [ 18.299686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 18.300698] flags: 0x200000000000000(node=0|zone=2) [ 18.301595] page_type: f5(slab) [ 18.301917] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.303074] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.303968] page dumped because: kasan: bad access detected [ 18.304757] [ 18.305617] Memory state around the buggy address: [ 18.306465] ffff8881022c3700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.307350] ffff8881022c3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.308170] >ffff8881022c3800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.308950] ^ [ 18.309790] ffff8881022c3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310598] ffff8881022c3900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.312154] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.206665] ================================================================== [ 18.207646] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 18.208945] Write of size 2 at addr ffff8881022c3777 by task kunit_try_catch/189 [ 18.209875] [ 18.209997] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.210126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.210164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.210244] Call Trace: [ 18.210297] <TASK> [ 18.210349] dump_stack_lvl+0x73/0xb0 [ 18.210434] print_report+0xd1/0x650 [ 18.210917] ? __virt_addr_valid+0x1db/0x2d0 [ 18.210957] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.210989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.211045] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.211083] kasan_report+0x141/0x180 [ 18.211124] ? kmalloc_oob_memset_2+0x166/0x330 [ 18.211191] kasan_check_range+0x10c/0x1c0 [ 18.211272] __asan_memset+0x27/0x50 [ 18.211359] kmalloc_oob_memset_2+0x166/0x330 [ 18.211424] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 18.211461] ? __schedule+0x10cc/0x2b60 [ 18.211515] ? __pfx_read_tsc+0x10/0x10 [ 18.211556] ? ktime_get_ts64+0x86/0x230 [ 18.211631] kunit_try_run_case+0x1a5/0x480 [ 18.211681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.211716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.211783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.211823] ? __kthread_parkme+0x82/0x180 [ 18.211854] ? preempt_count_sub+0x50/0x80 [ 18.211886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.211915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.211950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.211984] kthread+0x337/0x6f0 [ 18.212011] ? trace_preempt_on+0x20/0xc0 [ 18.212072] ? __pfx_kthread+0x10/0x10 [ 18.212101] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.212133] ? calculate_sigpending+0x7b/0xa0 [ 18.212181] ? __pfx_kthread+0x10/0x10 [ 18.212256] ret_from_fork+0x116/0x1d0 [ 18.212303] ? __pfx_kthread+0x10/0x10 [ 18.212333] ret_from_fork_asm+0x1a/0x30 [ 18.212377] </TASK> [ 18.212393] [ 18.231061] Allocated by task 189: [ 18.231589] kasan_save_stack+0x45/0x70 [ 18.232127] kasan_save_track+0x18/0x40 [ 18.232621] kasan_save_alloc_info+0x3b/0x50 [ 18.233219] __kasan_kmalloc+0xb7/0xc0 [ 18.233723] __kmalloc_cache_noprof+0x189/0x420 [ 18.234360] kmalloc_oob_memset_2+0xac/0x330 [ 18.234893] kunit_try_run_case+0x1a5/0x480 [ 18.235449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.236073] kthread+0x337/0x6f0 [ 18.236706] ret_from_fork+0x116/0x1d0 [ 18.237271] ret_from_fork_asm+0x1a/0x30 [ 18.237697] [ 18.238135] The buggy address belongs to the object at ffff8881022c3700 [ 18.238135] which belongs to the cache kmalloc-128 of size 128 [ 18.239367] The buggy address is located 119 bytes inside of [ 18.239367] allocated 120-byte region [ffff8881022c3700, ffff8881022c3778) [ 18.240661] [ 18.241141] The buggy address belongs to the physical page: [ 18.241805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 18.242566] flags: 0x200000000000000(node=0|zone=2) [ 18.243222] page_type: f5(slab) [ 18.243718] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.244581] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.245352] page dumped because: kasan: bad access detected [ 18.245891] [ 18.246202] Memory state around the buggy address: [ 18.246666] ffff8881022c3600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.247654] ffff8881022c3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.248513] >ffff8881022c3700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.249202] ^ [ 18.250167] ffff8881022c3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250922] ffff8881022c3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.251465] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.150729] ================================================================== [ 18.152064] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 18.152763] Write of size 128 at addr ffff888102b56200 by task kunit_try_catch/187 [ 18.153576] [ 18.153929] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.154073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.154115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.154599] Call Trace: [ 18.154651] <TASK> [ 18.154703] dump_stack_lvl+0x73/0xb0 [ 18.154789] print_report+0xd1/0x650 [ 18.154859] ? __virt_addr_valid+0x1db/0x2d0 [ 18.154897] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.154930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.154962] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.154995] kasan_report+0x141/0x180 [ 18.155053] ? kmalloc_oob_in_memset+0x15f/0x320 [ 18.155106] kasan_check_range+0x10c/0x1c0 [ 18.155142] __asan_memset+0x27/0x50 [ 18.155169] kmalloc_oob_in_memset+0x15f/0x320 [ 18.155200] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 18.155233] ? __schedule+0x10cc/0x2b60 [ 18.155267] ? __pfx_read_tsc+0x10/0x10 [ 18.155297] ? ktime_get_ts64+0x86/0x230 [ 18.155331] kunit_try_run_case+0x1a5/0x480 [ 18.155362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.155388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.155423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.155457] ? __kthread_parkme+0x82/0x180 [ 18.155486] ? preempt_count_sub+0x50/0x80 [ 18.155517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.155545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.155677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.155721] kthread+0x337/0x6f0 [ 18.155764] ? trace_preempt_on+0x20/0xc0 [ 18.155815] ? __pfx_kthread+0x10/0x10 [ 18.155846] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.155878] ? calculate_sigpending+0x7b/0xa0 [ 18.155913] ? __pfx_kthread+0x10/0x10 [ 18.155943] ret_from_fork+0x116/0x1d0 [ 18.155968] ? __pfx_kthread+0x10/0x10 [ 18.155996] ret_from_fork_asm+0x1a/0x30 [ 18.156060] </TASK> [ 18.156076] [ 18.178661] Allocated by task 187: [ 18.179276] kasan_save_stack+0x45/0x70 [ 18.179808] kasan_save_track+0x18/0x40 [ 18.180283] kasan_save_alloc_info+0x3b/0x50 [ 18.180848] __kasan_kmalloc+0xb7/0xc0 [ 18.181386] __kmalloc_cache_noprof+0x189/0x420 [ 18.181873] kmalloc_oob_in_memset+0xac/0x320 [ 18.182393] kunit_try_run_case+0x1a5/0x480 [ 18.182982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.183718] kthread+0x337/0x6f0 [ 18.184142] ret_from_fork+0x116/0x1d0 [ 18.184693] ret_from_fork_asm+0x1a/0x30 [ 18.185101] [ 18.185444] The buggy address belongs to the object at ffff888102b56200 [ 18.185444] which belongs to the cache kmalloc-128 of size 128 [ 18.186766] The buggy address is located 0 bytes inside of [ 18.186766] allocated 120-byte region [ffff888102b56200, ffff888102b56278) [ 18.188240] [ 18.188624] The buggy address belongs to the physical page: [ 18.189461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 18.190349] flags: 0x200000000000000(node=0|zone=2) [ 18.191113] page_type: f5(slab) [ 18.191457] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.192751] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.193653] page dumped because: kasan: bad access detected [ 18.194162] [ 18.194550] Memory state around the buggy address: [ 18.195079] ffff888102b56100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.195812] ffff888102b56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.196981] >ffff888102b56200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.197738] ^ [ 18.198635] ffff888102b56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.199324] ffff888102b56300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.200210] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.086082] ================================================================== [ 18.087513] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 18.088883] Read of size 16 at addr ffff888102b0a0a0 by task kunit_try_catch/185 [ 18.089395] [ 18.089516] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.089583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.089599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.089629] Call Trace: [ 18.089647] <TASK> [ 18.089672] dump_stack_lvl+0x73/0xb0 [ 18.089711] print_report+0xd1/0x650 [ 18.089744] ? __virt_addr_valid+0x1db/0x2d0 [ 18.089809] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.089841] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.089872] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.089902] kasan_report+0x141/0x180 [ 18.089935] ? kmalloc_uaf_16+0x47b/0x4c0 [ 18.089970] __asan_report_load16_noabort+0x18/0x20 [ 18.089999] kmalloc_uaf_16+0x47b/0x4c0 [ 18.090056] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 18.090133] ? __schedule+0x10cc/0x2b60 [ 18.090216] ? __pfx_read_tsc+0x10/0x10 [ 18.090298] ? ktime_get_ts64+0x86/0x230 [ 18.090386] kunit_try_run_case+0x1a5/0x480 [ 18.090469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.090542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.090583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.090618] ? __kthread_parkme+0x82/0x180 [ 18.090647] ? preempt_count_sub+0x50/0x80 [ 18.090679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.090708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.090746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.090808] kthread+0x337/0x6f0 [ 18.090837] ? trace_preempt_on+0x20/0xc0 [ 18.090871] ? __pfx_kthread+0x10/0x10 [ 18.090899] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.090931] ? calculate_sigpending+0x7b/0xa0 [ 18.090965] ? __pfx_kthread+0x10/0x10 [ 18.090994] ret_from_fork+0x116/0x1d0 [ 18.091018] ? __pfx_kthread+0x10/0x10 [ 18.091121] ret_from_fork_asm+0x1a/0x30 [ 18.091218] </TASK> [ 18.091294] [ 18.110796] Allocated by task 185: [ 18.111477] kasan_save_stack+0x45/0x70 [ 18.111899] kasan_save_track+0x18/0x40 [ 18.112856] kasan_save_alloc_info+0x3b/0x50 [ 18.115336] __kasan_kmalloc+0xb7/0xc0 [ 18.115775] __kmalloc_cache_noprof+0x189/0x420 [ 18.116389] kmalloc_uaf_16+0x15b/0x4c0 [ 18.116847] kunit_try_run_case+0x1a5/0x480 [ 18.118884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.119877] kthread+0x337/0x6f0 [ 18.120511] ret_from_fork+0x116/0x1d0 [ 18.121076] ret_from_fork_asm+0x1a/0x30 [ 18.121733] [ 18.122584] Freed by task 185: [ 18.122929] kasan_save_stack+0x45/0x70 [ 18.123542] kasan_save_track+0x18/0x40 [ 18.123834] kasan_save_free_info+0x3f/0x60 [ 18.124316] __kasan_slab_free+0x56/0x70 [ 18.124820] kfree+0x222/0x3f0 [ 18.125288] kmalloc_uaf_16+0x1d6/0x4c0 [ 18.125686] kunit_try_run_case+0x1a5/0x480 [ 18.126296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.126733] kthread+0x337/0x6f0 [ 18.127699] ret_from_fork+0x116/0x1d0 [ 18.128013] ret_from_fork_asm+0x1a/0x30 [ 18.128591] [ 18.129297] The buggy address belongs to the object at ffff888102b0a0a0 [ 18.129297] which belongs to the cache kmalloc-16 of size 16 [ 18.130537] The buggy address is located 0 bytes inside of [ 18.130537] freed 16-byte region [ffff888102b0a0a0, ffff888102b0a0b0) [ 18.132321] [ 18.133017] The buggy address belongs to the physical page: [ 18.133895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0a [ 18.134485] flags: 0x200000000000000(node=0|zone=2) [ 18.134944] page_type: f5(slab) [ 18.135238] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.135788] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.137392] page dumped because: kasan: bad access detected [ 18.137887] [ 18.138299] Memory state around the buggy address: [ 18.138693] ffff888102b09f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.139598] ffff888102b0a000: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 18.140340] >ffff888102b0a080: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.141257] ^ [ 18.141663] ffff888102b0a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.142530] ffff888102b0a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.143376] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.036098] ================================================================== [ 18.037388] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 18.038155] Write of size 16 at addr ffff888100fa0ee0 by task kunit_try_catch/183 [ 18.039194] [ 18.039455] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 18.039541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.039560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.039588] Call Trace: [ 18.039604] <TASK> [ 18.039624] dump_stack_lvl+0x73/0xb0 [ 18.039702] print_report+0xd1/0x650 [ 18.039736] ? __virt_addr_valid+0x1db/0x2d0 [ 18.039799] ? kmalloc_oob_16+0x452/0x4a0 [ 18.039833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.039865] ? kmalloc_oob_16+0x452/0x4a0 [ 18.039895] kasan_report+0x141/0x180 [ 18.039928] ? kmalloc_oob_16+0x452/0x4a0 [ 18.039964] __asan_report_store16_noabort+0x1b/0x30 [ 18.039994] kmalloc_oob_16+0x452/0x4a0 [ 18.040046] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 18.040124] ? __schedule+0x10cc/0x2b60 [ 18.040205] ? __pfx_read_tsc+0x10/0x10 [ 18.040247] ? ktime_get_ts64+0x86/0x230 [ 18.040281] kunit_try_run_case+0x1a5/0x480 [ 18.040311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.040338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.040372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.040407] ? __kthread_parkme+0x82/0x180 [ 18.040435] ? preempt_count_sub+0x50/0x80 [ 18.040466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.040493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.040527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.040560] kthread+0x337/0x6f0 [ 18.040586] ? trace_preempt_on+0x20/0xc0 [ 18.040617] ? __pfx_kthread+0x10/0x10 [ 18.040645] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.040676] ? calculate_sigpending+0x7b/0xa0 [ 18.040709] ? __pfx_kthread+0x10/0x10 [ 18.040738] ret_from_fork+0x116/0x1d0 [ 18.040837] ? __pfx_kthread+0x10/0x10 [ 18.040916] ret_from_fork_asm+0x1a/0x30 [ 18.041013] </TASK> [ 18.041068] [ 18.059860] Allocated by task 183: [ 18.060803] kasan_save_stack+0x45/0x70 [ 18.061386] kasan_save_track+0x18/0x40 [ 18.062004] kasan_save_alloc_info+0x3b/0x50 [ 18.062479] __kasan_kmalloc+0xb7/0xc0 [ 18.063143] __kmalloc_cache_noprof+0x189/0x420 [ 18.063675] kmalloc_oob_16+0xa8/0x4a0 [ 18.064312] kunit_try_run_case+0x1a5/0x480 [ 18.064922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.065360] kthread+0x337/0x6f0 [ 18.065639] ret_from_fork+0x116/0x1d0 [ 18.066802] ret_from_fork_asm+0x1a/0x30 [ 18.067107] [ 18.067341] The buggy address belongs to the object at ffff888100fa0ee0 [ 18.067341] which belongs to the cache kmalloc-16 of size 16 [ 18.068643] The buggy address is located 0 bytes inside of [ 18.068643] allocated 13-byte region [ffff888100fa0ee0, ffff888100fa0eed) [ 18.070249] [ 18.070420] The buggy address belongs to the physical page: [ 18.070864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 18.071435] flags: 0x200000000000000(node=0|zone=2) [ 18.071820] page_type: f5(slab) [ 18.072150] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.072626] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.073699] page dumped because: kasan: bad access detected [ 18.074547] [ 18.074707] Memory state around the buggy address: [ 18.075271] ffff888100fa0d80: 00 04 fc fc 00 04 fc fc 00 00 fc fc fa fb fc fc [ 18.075931] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.076888] >ffff888100fa0e80: fa fb fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc [ 18.077346] ^ [ 18.077827] ffff888100fa0f00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.078339] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.078878] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.906663] ================================================================== [ 17.908080] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 17.908974] Read of size 1 at addr ffff888100a24400 by task kunit_try_catch/181 [ 17.910476] [ 17.910718] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.910843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.910871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.910902] Call Trace: [ 17.910925] <TASK> [ 17.910972] dump_stack_lvl+0x73/0xb0 [ 17.911024] print_report+0xd1/0x650 [ 17.911086] ? __virt_addr_valid+0x1db/0x2d0 [ 17.911120] ? krealloc_uaf+0x1b8/0x5e0 [ 17.911150] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.911210] ? krealloc_uaf+0x1b8/0x5e0 [ 17.911284] kasan_report+0x141/0x180 [ 17.911357] ? krealloc_uaf+0x1b8/0x5e0 [ 17.911396] ? krealloc_uaf+0x1b8/0x5e0 [ 17.911427] __kasan_check_byte+0x3d/0x50 [ 17.911457] krealloc_noprof+0x3f/0x340 [ 17.911486] ? stack_depot_save_flags+0x48b/0x840 [ 17.911524] krealloc_uaf+0x1b8/0x5e0 [ 17.911555] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.911585] ? finish_task_switch.isra.0+0x153/0x700 [ 17.911615] ? __switch_to+0x47/0xf50 [ 17.911649] ? __schedule+0x10cc/0x2b60 [ 17.911683] ? __pfx_read_tsc+0x10/0x10 [ 17.911712] ? ktime_get_ts64+0x86/0x230 [ 17.911747] kunit_try_run_case+0x1a5/0x480 [ 17.911806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.911834] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.911870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.911904] ? __kthread_parkme+0x82/0x180 [ 17.911931] ? preempt_count_sub+0x50/0x80 [ 17.911962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.911989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.912023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.912134] kthread+0x337/0x6f0 [ 17.912220] ? trace_preempt_on+0x20/0xc0 [ 17.912302] ? __pfx_kthread+0x10/0x10 [ 17.912406] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.912469] ? calculate_sigpending+0x7b/0xa0 [ 17.912507] ? __pfx_kthread+0x10/0x10 [ 17.912537] ret_from_fork+0x116/0x1d0 [ 17.912564] ? __pfx_kthread+0x10/0x10 [ 17.912592] ret_from_fork_asm+0x1a/0x30 [ 17.912633] </TASK> [ 17.912648] [ 17.935863] Allocated by task 181: [ 17.936887] kasan_save_stack+0x45/0x70 [ 17.937253] kasan_save_track+0x18/0x40 [ 17.937628] kasan_save_alloc_info+0x3b/0x50 [ 17.938428] __kasan_kmalloc+0xb7/0xc0 [ 17.938722] __kmalloc_cache_noprof+0x189/0x420 [ 17.939703] krealloc_uaf+0xbb/0x5e0 [ 17.940267] kunit_try_run_case+0x1a5/0x480 [ 17.940895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.941776] kthread+0x337/0x6f0 [ 17.942210] ret_from_fork+0x116/0x1d0 [ 17.943251] ret_from_fork_asm+0x1a/0x30 [ 17.943616] [ 17.943969] Freed by task 181: [ 17.944488] kasan_save_stack+0x45/0x70 [ 17.945284] kasan_save_track+0x18/0x40 [ 17.945670] kasan_save_free_info+0x3f/0x60 [ 17.946639] __kasan_slab_free+0x56/0x70 [ 17.947781] kfree+0x222/0x3f0 [ 17.948126] krealloc_uaf+0x13d/0x5e0 [ 17.948825] kunit_try_run_case+0x1a5/0x480 [ 17.949852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.950368] kthread+0x337/0x6f0 [ 17.950713] ret_from_fork+0x116/0x1d0 [ 17.951100] ret_from_fork_asm+0x1a/0x30 [ 17.951545] [ 17.951759] The buggy address belongs to the object at ffff888100a24400 [ 17.951759] which belongs to the cache kmalloc-256 of size 256 [ 17.953453] The buggy address is located 0 bytes inside of [ 17.953453] freed 256-byte region [ffff888100a24400, ffff888100a24500) [ 17.955494] [ 17.956142] The buggy address belongs to the physical page: [ 17.956960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 17.958121] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.959021] flags: 0x200000000000040(head|node=0|zone=2) [ 17.959564] page_type: f5(slab) [ 17.959906] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.960527] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.961100] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.961951] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.962676] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 17.963368] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.964115] page dumped because: kasan: bad access detected [ 17.964682] [ 17.965092] Memory state around the buggy address: [ 17.965686] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.966517] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.967147] >ffff888100a24400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.967937] ^ [ 17.968401] ffff888100a24480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.969272] ffff888100a24500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.970187] ================================================================== [ 17.971492] ================================================================== [ 17.972266] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 17.973004] Read of size 1 at addr ffff888100a24400 by task kunit_try_catch/181 [ 17.973725] [ 17.974013] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.974160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.974198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.974252] Call Trace: [ 17.974311] <TASK> [ 17.974359] dump_stack_lvl+0x73/0xb0 [ 17.974440] print_report+0xd1/0x650 [ 17.974517] ? __virt_addr_valid+0x1db/0x2d0 [ 17.974599] ? krealloc_uaf+0x53c/0x5e0 [ 17.974669] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.974759] ? krealloc_uaf+0x53c/0x5e0 [ 17.974836] kasan_report+0x141/0x180 [ 17.974914] ? krealloc_uaf+0x53c/0x5e0 [ 17.975000] __asan_report_load1_noabort+0x18/0x20 [ 17.975095] krealloc_uaf+0x53c/0x5e0 [ 17.975173] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.975251] ? finish_task_switch.isra.0+0x153/0x700 [ 17.975327] ? __switch_to+0x47/0xf50 [ 17.975409] ? __schedule+0x10cc/0x2b60 [ 17.975488] ? __pfx_read_tsc+0x10/0x10 [ 17.975561] ? ktime_get_ts64+0x86/0x230 [ 17.975644] kunit_try_run_case+0x1a5/0x480 [ 17.975719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.975786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.975873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.975952] ? __kthread_parkme+0x82/0x180 [ 17.976022] ? preempt_count_sub+0x50/0x80 [ 17.976246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.976299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.976339] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.976375] kthread+0x337/0x6f0 [ 17.976402] ? trace_preempt_on+0x20/0xc0 [ 17.976434] ? __pfx_kthread+0x10/0x10 [ 17.976462] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.976494] ? calculate_sigpending+0x7b/0xa0 [ 17.976527] ? __pfx_kthread+0x10/0x10 [ 17.976556] ret_from_fork+0x116/0x1d0 [ 17.976579] ? __pfx_kthread+0x10/0x10 [ 17.976607] ret_from_fork_asm+0x1a/0x30 [ 17.976647] </TASK> [ 17.976661] [ 17.996496] Allocated by task 181: [ 17.996886] kasan_save_stack+0x45/0x70 [ 17.997724] kasan_save_track+0x18/0x40 [ 17.998093] kasan_save_alloc_info+0x3b/0x50 [ 17.998692] __kasan_kmalloc+0xb7/0xc0 [ 17.999414] __kmalloc_cache_noprof+0x189/0x420 [ 17.999824] krealloc_uaf+0xbb/0x5e0 [ 18.000630] kunit_try_run_case+0x1a5/0x480 [ 18.001075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.001981] kthread+0x337/0x6f0 [ 18.002858] ret_from_fork+0x116/0x1d0 [ 18.003471] ret_from_fork_asm+0x1a/0x30 [ 18.004099] [ 18.004316] Freed by task 181: [ 18.004637] kasan_save_stack+0x45/0x70 [ 18.005237] kasan_save_track+0x18/0x40 [ 18.005722] kasan_save_free_info+0x3f/0x60 [ 18.006137] __kasan_slab_free+0x56/0x70 [ 18.006635] kfree+0x222/0x3f0 [ 18.007509] krealloc_uaf+0x13d/0x5e0 [ 18.007796] kunit_try_run_case+0x1a5/0x480 [ 18.008631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.009463] kthread+0x337/0x6f0 [ 18.010007] ret_from_fork+0x116/0x1d0 [ 18.010470] ret_from_fork_asm+0x1a/0x30 [ 18.011269] [ 18.011425] The buggy address belongs to the object at ffff888100a24400 [ 18.011425] which belongs to the cache kmalloc-256 of size 256 [ 18.012301] The buggy address is located 0 bytes inside of [ 18.012301] freed 256-byte region [ffff888100a24400, ffff888100a24500) [ 18.013739] [ 18.014007] The buggy address belongs to the physical page: [ 18.015196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 18.015797] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.016569] flags: 0x200000000000040(head|node=0|zone=2) [ 18.017428] page_type: f5(slab) [ 18.017964] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.018783] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.019696] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.020820] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.021827] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 18.022693] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.023584] page dumped because: kasan: bad access detected [ 18.024312] [ 18.024524] Memory state around the buggy address: [ 18.025248] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026378] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.027051] >ffff888100a24400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.027902] ^ [ 18.028414] ffff888100a24480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.029122] ffff888100a24500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.030508] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.547855] ================================================================== [ 17.549253] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 17.550995] Write of size 1 at addr ffff888100a242eb by task kunit_try_catch/175 [ 17.552645] [ 17.552894] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.553020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.553077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.553135] Call Trace: [ 17.553186] <TASK> [ 17.553237] dump_stack_lvl+0x73/0xb0 [ 17.553320] print_report+0xd1/0x650 [ 17.553395] ? __virt_addr_valid+0x1db/0x2d0 [ 17.553434] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.553469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.553500] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.553534] kasan_report+0x141/0x180 [ 17.553564] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.553604] __asan_report_store1_noabort+0x1b/0x30 [ 17.553632] krealloc_less_oob_helper+0xd47/0x11d0 [ 17.553668] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.553701] ? finish_task_switch.isra.0+0x153/0x700 [ 17.553733] ? __switch_to+0x47/0xf50 [ 17.553785] ? __schedule+0x10cc/0x2b60 [ 17.553865] ? __pfx_read_tsc+0x10/0x10 [ 17.553945] krealloc_less_oob+0x1c/0x30 [ 17.554111] kunit_try_run_case+0x1a5/0x480 [ 17.554270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.554352] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.554430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.554528] ? __kthread_parkme+0x82/0x180 [ 17.554595] ? preempt_count_sub+0x50/0x80 [ 17.554668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.554741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.554828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.554900] kthread+0x337/0x6f0 [ 17.554932] ? trace_preempt_on+0x20/0xc0 [ 17.554964] ? __pfx_kthread+0x10/0x10 [ 17.554992] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.555064] ? calculate_sigpending+0x7b/0xa0 [ 17.555120] ? __pfx_kthread+0x10/0x10 [ 17.555151] ret_from_fork+0x116/0x1d0 [ 17.555217] ? __pfx_kthread+0x10/0x10 [ 17.555296] ret_from_fork_asm+0x1a/0x30 [ 17.555342] </TASK> [ 17.555356] [ 17.582947] Allocated by task 175: [ 17.583982] kasan_save_stack+0x45/0x70 [ 17.584592] kasan_save_track+0x18/0x40 [ 17.585360] kasan_save_alloc_info+0x3b/0x50 [ 17.585732] __kasan_krealloc+0x190/0x1f0 [ 17.586299] krealloc_noprof+0xf3/0x340 [ 17.586777] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.587334] krealloc_less_oob+0x1c/0x30 [ 17.587766] kunit_try_run_case+0x1a5/0x480 [ 17.588141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.588684] kthread+0x337/0x6f0 [ 17.589788] ret_from_fork+0x116/0x1d0 [ 17.590531] ret_from_fork_asm+0x1a/0x30 [ 17.591236] [ 17.591705] The buggy address belongs to the object at ffff888100a24200 [ 17.591705] which belongs to the cache kmalloc-256 of size 256 [ 17.592681] The buggy address is located 34 bytes to the right of [ 17.592681] allocated 201-byte region [ffff888100a24200, ffff888100a242c9) [ 17.595231] [ 17.595444] The buggy address belongs to the physical page: [ 17.595958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 17.597732] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.598755] flags: 0x200000000000040(head|node=0|zone=2) [ 17.599727] page_type: f5(slab) [ 17.600509] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.601495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.602280] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.602902] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.603994] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 17.605064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.605763] page dumped because: kasan: bad access detected [ 17.605979] [ 17.606091] Memory state around the buggy address: [ 17.606264] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.606506] ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.606734] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.606990] ^ [ 17.607428] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.609384] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.610000] ================================================================== [ 17.706674] ================================================================== [ 17.707548] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.709332] Write of size 1 at addr ffff8881024ce0c9 by task kunit_try_catch/179 [ 17.709890] [ 17.710491] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.710556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.710573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.710602] Call Trace: [ 17.710620] <TASK> [ 17.710642] dump_stack_lvl+0x73/0xb0 [ 17.710680] print_report+0xd1/0x650 [ 17.710711] ? __virt_addr_valid+0x1db/0x2d0 [ 17.710742] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.710821] ? kasan_addr_to_slab+0x11/0xa0 [ 17.710854] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.710889] kasan_report+0x141/0x180 [ 17.710920] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.710959] __asan_report_store1_noabort+0x1b/0x30 [ 17.710988] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.711024] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.711096] ? finish_task_switch.isra.0+0x153/0x700 [ 17.711130] ? __switch_to+0x47/0xf50 [ 17.711165] ? __schedule+0x10cc/0x2b60 [ 17.711198] ? __pfx_read_tsc+0x10/0x10 [ 17.711232] krealloc_large_less_oob+0x1c/0x30 [ 17.711266] kunit_try_run_case+0x1a5/0x480 [ 17.711296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.711323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.711357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.711392] ? __kthread_parkme+0x82/0x180 [ 17.711420] ? preempt_count_sub+0x50/0x80 [ 17.711451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.711480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.711513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.711547] kthread+0x337/0x6f0 [ 17.711574] ? trace_preempt_on+0x20/0xc0 [ 17.711605] ? __pfx_kthread+0x10/0x10 [ 17.711633] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.711664] ? calculate_sigpending+0x7b/0xa0 [ 17.711698] ? __pfx_kthread+0x10/0x10 [ 17.711727] ret_from_fork+0x116/0x1d0 [ 17.711755] ? __pfx_kthread+0x10/0x10 [ 17.711809] ret_from_fork_asm+0x1a/0x30 [ 17.711854] </TASK> [ 17.711868] [ 17.733004] The buggy address belongs to the physical page: [ 17.733619] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.734715] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.735615] flags: 0x200000000000040(head|node=0|zone=2) [ 17.736363] page_type: f8(unknown) [ 17.737201] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.737771] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.738206] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.738469] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.738716] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.739916] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.740948] page dumped because: kasan: bad access detected [ 17.741436] [ 17.741708] Memory state around the buggy address: [ 17.742199] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.743275] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.743723] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.744555] ^ [ 17.745303] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.745855] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.746594] ================================================================== [ 17.863963] ================================================================== [ 17.864595] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 17.865277] Write of size 1 at addr ffff8881024ce0eb by task kunit_try_catch/179 [ 17.866125] [ 17.866362] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.866506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.866539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.866615] Call Trace: [ 17.866668] <TASK> [ 17.866708] dump_stack_lvl+0x73/0xb0 [ 17.866778] print_report+0xd1/0x650 [ 17.866846] ? __virt_addr_valid+0x1db/0x2d0 [ 17.866909] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.866976] ? kasan_addr_to_slab+0x11/0xa0 [ 17.867099] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.867206] kasan_report+0x141/0x180 [ 17.867329] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 17.867445] __asan_report_store1_noabort+0x1b/0x30 [ 17.867519] krealloc_less_oob_helper+0xd47/0x11d0 [ 17.867602] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.867683] ? finish_task_switch.isra.0+0x153/0x700 [ 17.867798] ? __switch_to+0x47/0xf50 [ 17.867906] ? __schedule+0x10cc/0x2b60 [ 17.868017] ? __pfx_read_tsc+0x10/0x10 [ 17.868120] krealloc_large_less_oob+0x1c/0x30 [ 17.868199] kunit_try_run_case+0x1a5/0x480 [ 17.868276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.868340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.868442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.868553] ? __kthread_parkme+0x82/0x180 [ 17.868622] ? preempt_count_sub+0x50/0x80 [ 17.868695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.868733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.868807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.868844] kthread+0x337/0x6f0 [ 17.868871] ? trace_preempt_on+0x20/0xc0 [ 17.868906] ? __pfx_kthread+0x10/0x10 [ 17.868935] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.868968] ? calculate_sigpending+0x7b/0xa0 [ 17.869001] ? __pfx_kthread+0x10/0x10 [ 17.869050] ret_from_fork+0x116/0x1d0 [ 17.869085] ? __pfx_kthread+0x10/0x10 [ 17.869168] ret_from_fork_asm+0x1a/0x30 [ 17.869301] </TASK> [ 17.869340] [ 17.885532] The buggy address belongs to the physical page: [ 17.886247] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.887078] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.887695] flags: 0x200000000000040(head|node=0|zone=2) [ 17.888097] page_type: f8(unknown) [ 17.888397] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.889121] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.889901] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.890496] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.891319] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.892057] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.892730] page dumped because: kasan: bad access detected [ 17.893323] [ 17.893592] Memory state around the buggy address: [ 17.894129] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.894816] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.895467] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.896175] ^ [ 17.896734] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.897387] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.897979] ================================================================== [ 17.401489] ================================================================== [ 17.402579] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 17.403426] Write of size 1 at addr ffff888100a242da by task kunit_try_catch/175 [ 17.404942] [ 17.405253] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.405620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.405661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.405780] Call Trace: [ 17.405821] <TASK> [ 17.405843] dump_stack_lvl+0x73/0xb0 [ 17.405880] print_report+0xd1/0x650 [ 17.405910] ? __virt_addr_valid+0x1db/0x2d0 [ 17.405941] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.405974] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.406004] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.406037] kasan_report+0x141/0x180 [ 17.406095] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.406135] __asan_report_store1_noabort+0x1b/0x30 [ 17.406171] krealloc_less_oob_helper+0xec6/0x11d0 [ 17.406331] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.406367] ? finish_task_switch.isra.0+0x153/0x700 [ 17.406400] ? __switch_to+0x47/0xf50 [ 17.406434] ? __schedule+0x10cc/0x2b60 [ 17.406467] ? __pfx_read_tsc+0x10/0x10 [ 17.406499] krealloc_less_oob+0x1c/0x30 [ 17.406529] kunit_try_run_case+0x1a5/0x480 [ 17.406558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.406583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.406617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.406687] ? __kthread_parkme+0x82/0x180 [ 17.406717] ? preempt_count_sub+0x50/0x80 [ 17.406748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.406796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.406847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.406903] kthread+0x337/0x6f0 [ 17.406933] ? trace_preempt_on+0x20/0xc0 [ 17.406982] ? __pfx_kthread+0x10/0x10 [ 17.407013] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.407074] ? calculate_sigpending+0x7b/0xa0 [ 17.407113] ? __pfx_kthread+0x10/0x10 [ 17.407155] ret_from_fork+0x116/0x1d0 [ 17.407208] ? __pfx_kthread+0x10/0x10 [ 17.407256] ret_from_fork_asm+0x1a/0x30 [ 17.407302] </TASK> [ 17.407316] [ 17.435746] Allocated by task 175: [ 17.437066] kasan_save_stack+0x45/0x70 [ 17.437855] kasan_save_track+0x18/0x40 [ 17.438545] kasan_save_alloc_info+0x3b/0x50 [ 17.439348] __kasan_krealloc+0x190/0x1f0 [ 17.440103] krealloc_noprof+0xf3/0x340 [ 17.440914] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.441827] krealloc_less_oob+0x1c/0x30 [ 17.442596] kunit_try_run_case+0x1a5/0x480 [ 17.443917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.444508] kthread+0x337/0x6f0 [ 17.444888] ret_from_fork+0x116/0x1d0 [ 17.445298] ret_from_fork_asm+0x1a/0x30 [ 17.445719] [ 17.445937] The buggy address belongs to the object at ffff888100a24200 [ 17.445937] which belongs to the cache kmalloc-256 of size 256 [ 17.448447] The buggy address is located 17 bytes to the right of [ 17.448447] allocated 201-byte region [ffff888100a24200, ffff888100a242c9) [ 17.450098] [ 17.450279] The buggy address belongs to the physical page: [ 17.450693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 17.452679] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.453839] flags: 0x200000000000040(head|node=0|zone=2) [ 17.454907] page_type: f5(slab) [ 17.455179] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.456555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.457300] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.458225] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.460298] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 17.461355] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.462993] page dumped because: kasan: bad access detected [ 17.463476] [ 17.463721] Memory state around the buggy address: [ 17.464100] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.464862] ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.466242] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.467331] ^ [ 17.468334] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.469283] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.469687] ================================================================== [ 17.748210] ================================================================== [ 17.748745] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 17.749407] Write of size 1 at addr ffff8881024ce0d0 by task kunit_try_catch/179 [ 17.750481] [ 17.750692] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.750761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.750798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.750830] Call Trace: [ 17.750846] <TASK> [ 17.750865] dump_stack_lvl+0x73/0xb0 [ 17.750899] print_report+0xd1/0x650 [ 17.750929] ? __virt_addr_valid+0x1db/0x2d0 [ 17.750960] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.750994] ? kasan_addr_to_slab+0x11/0xa0 [ 17.751022] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.751110] kasan_report+0x141/0x180 [ 17.751185] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.751274] __asan_report_store1_noabort+0x1b/0x30 [ 17.751344] krealloc_less_oob_helper+0xe23/0x11d0 [ 17.751427] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.751508] ? finish_task_switch.isra.0+0x153/0x700 [ 17.751582] ? __switch_to+0x47/0xf50 [ 17.751662] ? __schedule+0x10cc/0x2b60 [ 17.751726] ? __pfx_read_tsc+0x10/0x10 [ 17.751781] krealloc_large_less_oob+0x1c/0x30 [ 17.751830] kunit_try_run_case+0x1a5/0x480 [ 17.751860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.751886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.751921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.751955] ? __kthread_parkme+0x82/0x180 [ 17.751982] ? preempt_count_sub+0x50/0x80 [ 17.752012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.752576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.752668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.752811] kthread+0x337/0x6f0 [ 17.752886] ? trace_preempt_on+0x20/0xc0 [ 17.752963] ? __pfx_kthread+0x10/0x10 [ 17.753065] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.753104] ? calculate_sigpending+0x7b/0xa0 [ 17.753139] ? __pfx_kthread+0x10/0x10 [ 17.753169] ret_from_fork+0x116/0x1d0 [ 17.753195] ? __pfx_kthread+0x10/0x10 [ 17.753223] ret_from_fork_asm+0x1a/0x30 [ 17.753264] </TASK> [ 17.753279] [ 17.770743] The buggy address belongs to the physical page: [ 17.771359] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.772246] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.773002] flags: 0x200000000000040(head|node=0|zone=2) [ 17.773598] page_type: f8(unknown) [ 17.774131] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.774856] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.775564] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.776394] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.777146] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.777941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.778532] page dumped because: kasan: bad access detected [ 17.779148] [ 17.779471] Memory state around the buggy address: [ 17.780020] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.780669] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.781460] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.782215] ^ [ 17.782864] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.783547] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.784333] ================================================================== [ 17.823514] ================================================================== [ 17.824099] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 17.825125] Write of size 1 at addr ffff8881024ce0ea by task kunit_try_catch/179 [ 17.825913] [ 17.826228] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.826478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.826519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.826639] Call Trace: [ 17.826709] <TASK> [ 17.826758] dump_stack_lvl+0x73/0xb0 [ 17.826839] print_report+0xd1/0x650 [ 17.826912] ? __virt_addr_valid+0x1db/0x2d0 [ 17.826988] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.827116] ? kasan_addr_to_slab+0x11/0xa0 [ 17.827154] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.827192] kasan_report+0x141/0x180 [ 17.827224] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.827264] __asan_report_store1_noabort+0x1b/0x30 [ 17.827293] krealloc_less_oob_helper+0xe90/0x11d0 [ 17.827329] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.827363] ? finish_task_switch.isra.0+0x153/0x700 [ 17.827396] ? __switch_to+0x47/0xf50 [ 17.827430] ? __schedule+0x10cc/0x2b60 [ 17.827464] ? __pfx_read_tsc+0x10/0x10 [ 17.827499] krealloc_large_less_oob+0x1c/0x30 [ 17.827531] kunit_try_run_case+0x1a5/0x480 [ 17.827561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.827587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.827623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.827657] ? __kthread_parkme+0x82/0x180 [ 17.827684] ? preempt_count_sub+0x50/0x80 [ 17.827714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.827742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.827818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.827855] kthread+0x337/0x6f0 [ 17.827882] ? trace_preempt_on+0x20/0xc0 [ 17.827914] ? __pfx_kthread+0x10/0x10 [ 17.827942] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.827974] ? calculate_sigpending+0x7b/0xa0 [ 17.828008] ? __pfx_kthread+0x10/0x10 [ 17.828061] ret_from_fork+0x116/0x1d0 [ 17.828091] ? __pfx_kthread+0x10/0x10 [ 17.828121] ret_from_fork_asm+0x1a/0x30 [ 17.828163] </TASK> [ 17.828177] [ 17.850381] The buggy address belongs to the physical page: [ 17.850940] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.851689] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.852398] flags: 0x200000000000040(head|node=0|zone=2) [ 17.852987] page_type: f8(unknown) [ 17.853378] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.854122] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.854790] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.855343] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.855999] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.856595] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.857352] page dumped because: kasan: bad access detected [ 17.857812] [ 17.858096] Memory state around the buggy address: [ 17.858602] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.859268] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.859956] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.860568] ^ [ 17.861213] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.861915] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.862533] ================================================================== [ 17.282969] ================================================================== [ 17.283677] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 17.284949] Write of size 1 at addr ffff888100a242c9 by task kunit_try_catch/175 [ 17.286316] [ 17.286535] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.286707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.286746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.286810] Call Trace: [ 17.286850] <TASK> [ 17.286899] dump_stack_lvl+0x73/0xb0 [ 17.287032] print_report+0xd1/0x650 [ 17.287133] ? __virt_addr_valid+0x1db/0x2d0 [ 17.287195] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.287241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.287273] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.287346] kasan_report+0x141/0x180 [ 17.287381] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 17.287421] __asan_report_store1_noabort+0x1b/0x30 [ 17.287449] krealloc_less_oob_helper+0xd70/0x11d0 [ 17.287487] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.287522] ? finish_task_switch.isra.0+0x153/0x700 [ 17.287554] ? __switch_to+0x47/0xf50 [ 17.287590] ? __schedule+0x10cc/0x2b60 [ 17.287624] ? __pfx_read_tsc+0x10/0x10 [ 17.287658] krealloc_less_oob+0x1c/0x30 [ 17.287689] kunit_try_run_case+0x1a5/0x480 [ 17.287721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.287748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.287914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.287957] ? __kthread_parkme+0x82/0x180 [ 17.287987] ? preempt_count_sub+0x50/0x80 [ 17.288017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.288069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.288111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.288145] kthread+0x337/0x6f0 [ 17.288253] ? trace_preempt_on+0x20/0xc0 [ 17.288298] ? __pfx_kthread+0x10/0x10 [ 17.288327] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.288360] ? calculate_sigpending+0x7b/0xa0 [ 17.288394] ? __pfx_kthread+0x10/0x10 [ 17.288424] ret_from_fork+0x116/0x1d0 [ 17.288449] ? __pfx_kthread+0x10/0x10 [ 17.288477] ret_from_fork_asm+0x1a/0x30 [ 17.288518] </TASK> [ 17.288532] [ 17.310713] Allocated by task 175: [ 17.311036] kasan_save_stack+0x45/0x70 [ 17.311556] kasan_save_track+0x18/0x40 [ 17.313859] kasan_save_alloc_info+0x3b/0x50 [ 17.314085] __kasan_krealloc+0x190/0x1f0 [ 17.315421] krealloc_noprof+0xf3/0x340 [ 17.316225] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.317037] krealloc_less_oob+0x1c/0x30 [ 17.317491] kunit_try_run_case+0x1a5/0x480 [ 17.318024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.318795] kthread+0x337/0x6f0 [ 17.319360] ret_from_fork+0x116/0x1d0 [ 17.319877] ret_from_fork_asm+0x1a/0x30 [ 17.320354] [ 17.320648] The buggy address belongs to the object at ffff888100a24200 [ 17.320648] which belongs to the cache kmalloc-256 of size 256 [ 17.322143] The buggy address is located 0 bytes to the right of [ 17.322143] allocated 201-byte region [ffff888100a24200, ffff888100a242c9) [ 17.323612] [ 17.324558] The buggy address belongs to the physical page: [ 17.325138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 17.325858] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.326545] flags: 0x200000000000040(head|node=0|zone=2) [ 17.327069] page_type: f5(slab) [ 17.327547] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.328915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.329587] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.330598] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.331438] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 17.332475] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.333232] page dumped because: kasan: bad access detected [ 17.333902] [ 17.334108] Memory state around the buggy address: [ 17.335583] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.336319] ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.337294] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.337885] ^ [ 17.338709] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.339603] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.340218] ================================================================== [ 17.472886] ================================================================== [ 17.473966] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 17.474788] Write of size 1 at addr ffff888100a242ea by task kunit_try_catch/175 [ 17.476119] [ 17.476424] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.476553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.476592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.476635] Call Trace: [ 17.476679] <TASK> [ 17.476705] dump_stack_lvl+0x73/0xb0 [ 17.476743] print_report+0xd1/0x650 [ 17.476815] ? __virt_addr_valid+0x1db/0x2d0 [ 17.476862] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.476897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.476927] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.476961] kasan_report+0x141/0x180 [ 17.476992] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 17.477033] __asan_report_store1_noabort+0x1b/0x30 [ 17.477123] krealloc_less_oob_helper+0xe90/0x11d0 [ 17.477446] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.477507] ? finish_task_switch.isra.0+0x153/0x700 [ 17.477559] ? __switch_to+0x47/0xf50 [ 17.477618] ? __schedule+0x10cc/0x2b60 [ 17.477676] ? __pfx_read_tsc+0x10/0x10 [ 17.477729] krealloc_less_oob+0x1c/0x30 [ 17.477803] kunit_try_run_case+0x1a5/0x480 [ 17.477856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.477905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.477958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.478016] ? __kthread_parkme+0x82/0x180 [ 17.478083] ? preempt_count_sub+0x50/0x80 [ 17.478140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.478192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.478250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.478316] kthread+0x337/0x6f0 [ 17.478365] ? trace_preempt_on+0x20/0xc0 [ 17.478418] ? __pfx_kthread+0x10/0x10 [ 17.478465] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.478519] ? calculate_sigpending+0x7b/0xa0 [ 17.478573] ? __pfx_kthread+0x10/0x10 [ 17.478623] ret_from_fork+0x116/0x1d0 [ 17.478666] ? __pfx_kthread+0x10/0x10 [ 17.478717] ret_from_fork_asm+0x1a/0x30 [ 17.478789] </TASK> [ 17.478815] [ 17.506773] Allocated by task 175: [ 17.507269] kasan_save_stack+0x45/0x70 [ 17.507717] kasan_save_track+0x18/0x40 [ 17.509138] kasan_save_alloc_info+0x3b/0x50 [ 17.509726] __kasan_krealloc+0x190/0x1f0 [ 17.510331] krealloc_noprof+0xf3/0x340 [ 17.510865] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.512351] krealloc_less_oob+0x1c/0x30 [ 17.513416] kunit_try_run_case+0x1a5/0x480 [ 17.514231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.515534] kthread+0x337/0x6f0 [ 17.516338] ret_from_fork+0x116/0x1d0 [ 17.517174] ret_from_fork_asm+0x1a/0x30 [ 17.518207] [ 17.518587] The buggy address belongs to the object at ffff888100a24200 [ 17.518587] which belongs to the cache kmalloc-256 of size 256 [ 17.520529] The buggy address is located 33 bytes to the right of [ 17.520529] allocated 201-byte region [ffff888100a24200, ffff888100a242c9) [ 17.522984] [ 17.523266] The buggy address belongs to the physical page: [ 17.523731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 17.526012] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.527226] flags: 0x200000000000040(head|node=0|zone=2) [ 17.527839] page_type: f5(slab) [ 17.528266] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.529354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.530122] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.531635] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.532626] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 17.533873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.535170] page dumped because: kasan: bad access detected [ 17.536453] [ 17.536756] Memory state around the buggy address: [ 17.538063] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.540013] ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.541151] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.542303] ^ [ 17.542769] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.544257] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.545411] ================================================================== [ 17.785734] ================================================================== [ 17.786365] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 17.787006] Write of size 1 at addr ffff8881024ce0da by task kunit_try_catch/179 [ 17.787586] [ 17.787933] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.788069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.788102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.788148] Call Trace: [ 17.788190] <TASK> [ 17.788230] dump_stack_lvl+0x73/0xb0 [ 17.788302] print_report+0xd1/0x650 [ 17.788364] ? __virt_addr_valid+0x1db/0x2d0 [ 17.788423] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.788488] ? kasan_addr_to_slab+0x11/0xa0 [ 17.788551] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.788617] kasan_report+0x141/0x180 [ 17.788684] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 17.788797] __asan_report_store1_noabort+0x1b/0x30 [ 17.788870] krealloc_less_oob_helper+0xec6/0x11d0 [ 17.789002] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.789131] ? finish_task_switch.isra.0+0x153/0x700 [ 17.789394] ? __switch_to+0x47/0xf50 [ 17.789478] ? __schedule+0x10cc/0x2b60 [ 17.789557] ? __pfx_read_tsc+0x10/0x10 [ 17.789636] krealloc_large_less_oob+0x1c/0x30 [ 17.789716] kunit_try_run_case+0x1a5/0x480 [ 17.789820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.789863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.789899] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.789935] ? __kthread_parkme+0x82/0x180 [ 17.789962] ? preempt_count_sub+0x50/0x80 [ 17.789992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.790020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.790086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.790123] kthread+0x337/0x6f0 [ 17.790151] ? trace_preempt_on+0x20/0xc0 [ 17.790183] ? __pfx_kthread+0x10/0x10 [ 17.790211] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.790243] ? calculate_sigpending+0x7b/0xa0 [ 17.790275] ? __pfx_kthread+0x10/0x10 [ 17.790321] ret_from_fork+0x116/0x1d0 [ 17.790348] ? __pfx_kthread+0x10/0x10 [ 17.790376] ret_from_fork_asm+0x1a/0x30 [ 17.790417] </TASK> [ 17.790431] [ 17.807094] The buggy address belongs to the physical page: [ 17.807634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.808455] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.809166] flags: 0x200000000000040(head|node=0|zone=2) [ 17.809696] page_type: f8(unknown) [ 17.810094] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.810594] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.811458] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.813173] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.814312] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.814872] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.815461] page dumped because: kasan: bad access detected [ 17.815882] [ 17.816165] Memory state around the buggy address: [ 17.816686] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.817416] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.818014] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.818819] ^ [ 17.819426] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.820179] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.820874] ================================================================== [ 17.342853] ================================================================== [ 17.343456] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 17.344089] Write of size 1 at addr ffff888100a242d0 by task kunit_try_catch/175 [ 17.344639] [ 17.344903] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.345028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.345917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.345952] Call Trace: [ 17.345969] <TASK> [ 17.345990] dump_stack_lvl+0x73/0xb0 [ 17.346029] print_report+0xd1/0x650 [ 17.346089] ? __virt_addr_valid+0x1db/0x2d0 [ 17.346125] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.346160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.346280] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.346334] kasan_report+0x141/0x180 [ 17.346366] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 17.346405] __asan_report_store1_noabort+0x1b/0x30 [ 17.346434] krealloc_less_oob_helper+0xe23/0x11d0 [ 17.346470] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.346503] ? finish_task_switch.isra.0+0x153/0x700 [ 17.346535] ? __switch_to+0x47/0xf50 [ 17.346569] ? __schedule+0x10cc/0x2b60 [ 17.346602] ? __pfx_read_tsc+0x10/0x10 [ 17.346636] krealloc_less_oob+0x1c/0x30 [ 17.346666] kunit_try_run_case+0x1a5/0x480 [ 17.346695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.346721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.346755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.346818] ? __kthread_parkme+0x82/0x180 [ 17.346847] ? preempt_count_sub+0x50/0x80 [ 17.346878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.346905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.346940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.346974] kthread+0x337/0x6f0 [ 17.347000] ? trace_preempt_on+0x20/0xc0 [ 17.347032] ? __pfx_kthread+0x10/0x10 [ 17.347086] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.347119] ? calculate_sigpending+0x7b/0xa0 [ 17.347153] ? __pfx_kthread+0x10/0x10 [ 17.347277] ret_from_fork+0x116/0x1d0 [ 17.347308] ? __pfx_kthread+0x10/0x10 [ 17.347337] ret_from_fork_asm+0x1a/0x30 [ 17.347378] </TASK> [ 17.347392] [ 17.370491] Allocated by task 175: [ 17.370645] kasan_save_stack+0x45/0x70 [ 17.371105] kasan_save_track+0x18/0x40 [ 17.371823] kasan_save_alloc_info+0x3b/0x50 [ 17.372812] __kasan_krealloc+0x190/0x1f0 [ 17.373824] krealloc_noprof+0xf3/0x340 [ 17.374222] krealloc_less_oob_helper+0x1aa/0x11d0 [ 17.374802] krealloc_less_oob+0x1c/0x30 [ 17.375561] kunit_try_run_case+0x1a5/0x480 [ 17.376089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.376602] kthread+0x337/0x6f0 [ 17.376986] ret_from_fork+0x116/0x1d0 [ 17.377400] ret_from_fork_asm+0x1a/0x30 [ 17.377754] [ 17.378532] The buggy address belongs to the object at ffff888100a24200 [ 17.378532] which belongs to the cache kmalloc-256 of size 256 [ 17.380094] The buggy address is located 7 bytes to the right of [ 17.380094] allocated 201-byte region [ffff888100a24200, ffff888100a242c9) [ 17.382006] [ 17.382373] The buggy address belongs to the physical page: [ 17.383186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a24 [ 17.383959] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.385120] flags: 0x200000000000040(head|node=0|zone=2) [ 17.385747] page_type: f5(slab) [ 17.386074] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.387555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.388533] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.389573] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.391012] head: 0200000000000001 ffffea0004028901 00000000ffffffff 00000000ffffffff [ 17.391725] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.392821] page dumped because: kasan: bad access detected [ 17.393097] [ 17.393317] Memory state around the buggy address: [ 17.393716] ffff888100a24180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.394866] ffff888100a24200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.395507] >ffff888100a24280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.396909] ^ [ 17.397442] ffff888100a24300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398667] ffff888100a24380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.399826] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.615857] ================================================================== [ 17.617653] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 17.618617] Write of size 1 at addr ffff8881024ce0eb by task kunit_try_catch/177 [ 17.619628] [ 17.619835] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.619901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.619917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.619945] Call Trace: [ 17.619963] <TASK> [ 17.619983] dump_stack_lvl+0x73/0xb0 [ 17.620020] print_report+0xd1/0x650 [ 17.620077] ? __virt_addr_valid+0x1db/0x2d0 [ 17.620114] ? krealloc_more_oob_helper+0x821/0x930 [ 17.620148] ? kasan_addr_to_slab+0x11/0xa0 [ 17.621264] ? krealloc_more_oob_helper+0x821/0x930 [ 17.621314] kasan_report+0x141/0x180 [ 17.621349] ? krealloc_more_oob_helper+0x821/0x930 [ 17.621390] __asan_report_store1_noabort+0x1b/0x30 [ 17.621420] krealloc_more_oob_helper+0x821/0x930 [ 17.621453] ? __schedule+0x10cc/0x2b60 [ 17.621488] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.621524] ? finish_task_switch.isra.0+0x153/0x700 [ 17.621555] ? __switch_to+0x47/0xf50 [ 17.621590] ? __schedule+0x10cc/0x2b60 [ 17.621622] ? __pfx_read_tsc+0x10/0x10 [ 17.621655] krealloc_large_more_oob+0x1c/0x30 [ 17.621688] kunit_try_run_case+0x1a5/0x480 [ 17.621716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.621743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.621796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.621840] ? __kthread_parkme+0x82/0x180 [ 17.621869] ? preempt_count_sub+0x50/0x80 [ 17.621899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.621927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.621963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.621997] kthread+0x337/0x6f0 [ 17.622024] ? trace_preempt_on+0x20/0xc0 [ 17.622085] ? __pfx_kthread+0x10/0x10 [ 17.622116] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.622148] ? calculate_sigpending+0x7b/0xa0 [ 17.622272] ? __pfx_kthread+0x10/0x10 [ 17.622320] ret_from_fork+0x116/0x1d0 [ 17.622347] ? __pfx_kthread+0x10/0x10 [ 17.622376] ret_from_fork_asm+0x1a/0x30 [ 17.622417] </TASK> [ 17.622432] [ 17.642588] The buggy address belongs to the physical page: [ 17.643274] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.644029] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.644895] flags: 0x200000000000040(head|node=0|zone=2) [ 17.645474] page_type: f8(unknown) [ 17.645880] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.646927] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.647535] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.648092] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.649365] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.650840] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.651637] page dumped because: kasan: bad access detected [ 17.652128] [ 17.652374] Memory state around the buggy address: [ 17.652930] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.653642] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.654661] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.655316] ^ [ 17.656061] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.656900] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.657669] ================================================================== [ 17.226083] ================================================================== [ 17.226711] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.227624] Write of size 1 at addr ffff8881003564f0 by task kunit_try_catch/173 [ 17.228406] [ 17.228759] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.228882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.228918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.228975] Call Trace: [ 17.229012] <TASK> [ 17.229091] dump_stack_lvl+0x73/0xb0 [ 17.229292] print_report+0xd1/0x650 [ 17.229373] ? __virt_addr_valid+0x1db/0x2d0 [ 17.229452] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.229549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.229656] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.229741] kasan_report+0x141/0x180 [ 17.229818] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.229910] __asan_report_store1_noabort+0x1b/0x30 [ 17.229945] krealloc_more_oob_helper+0x7eb/0x930 [ 17.229979] ? __schedule+0x10cc/0x2b60 [ 17.230014] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.230074] ? finish_task_switch.isra.0+0x153/0x700 [ 17.230110] ? __switch_to+0x47/0xf50 [ 17.230146] ? __schedule+0x10cc/0x2b60 [ 17.230261] ? __pfx_read_tsc+0x10/0x10 [ 17.230315] krealloc_more_oob+0x1c/0x30 [ 17.230348] kunit_try_run_case+0x1a5/0x480 [ 17.230378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.230404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.230439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.230474] ? __kthread_parkme+0x82/0x180 [ 17.230502] ? preempt_count_sub+0x50/0x80 [ 17.230533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.230561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.230595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.230629] kthread+0x337/0x6f0 [ 17.230655] ? trace_preempt_on+0x20/0xc0 [ 17.230687] ? __pfx_kthread+0x10/0x10 [ 17.230715] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.230746] ? calculate_sigpending+0x7b/0xa0 [ 17.230798] ? __pfx_kthread+0x10/0x10 [ 17.230837] ret_from_fork+0x116/0x1d0 [ 17.230861] ? __pfx_kthread+0x10/0x10 [ 17.230889] ret_from_fork_asm+0x1a/0x30 [ 17.230930] </TASK> [ 17.230944] [ 17.248737] Allocated by task 173: [ 17.249027] kasan_save_stack+0x45/0x70 [ 17.249486] kasan_save_track+0x18/0x40 [ 17.249924] kasan_save_alloc_info+0x3b/0x50 [ 17.251126] __kasan_krealloc+0x190/0x1f0 [ 17.251635] krealloc_noprof+0xf3/0x340 [ 17.252075] krealloc_more_oob_helper+0x1a9/0x930 [ 17.252994] krealloc_more_oob+0x1c/0x30 [ 17.253499] kunit_try_run_case+0x1a5/0x480 [ 17.253835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.254308] kthread+0x337/0x6f0 [ 17.254776] ret_from_fork+0x116/0x1d0 [ 17.255688] ret_from_fork_asm+0x1a/0x30 [ 17.256899] [ 17.257662] The buggy address belongs to the object at ffff888100356400 [ 17.257662] which belongs to the cache kmalloc-256 of size 256 [ 17.260066] The buggy address is located 5 bytes to the right of [ 17.260066] allocated 235-byte region [ffff888100356400, ffff8881003564eb) [ 17.261116] [ 17.261466] The buggy address belongs to the physical page: [ 17.262127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100356 [ 17.262866] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.263504] flags: 0x200000000000040(head|node=0|zone=2) [ 17.264303] page_type: f5(slab) [ 17.264679] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.265370] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.266461] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.267426] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.268164] head: 0200000000000001 ffffea000400d581 00000000ffffffff 00000000ffffffff [ 17.268891] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.269602] page dumped because: kasan: bad access detected [ 17.270687] [ 17.270940] Memory state around the buggy address: [ 17.271342] ffff888100356380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272023] ffff888100356400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.272956] >ffff888100356480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.273664] ^ [ 17.274289] ffff888100356500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.274976] ffff888100356580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.275878] ================================================================== [ 17.658994] ================================================================== [ 17.659595] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 17.660343] Write of size 1 at addr ffff8881024ce0f0 by task kunit_try_catch/177 [ 17.661176] [ 17.661398] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.661522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.661687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.661779] Call Trace: [ 17.661821] <TASK> [ 17.661868] dump_stack_lvl+0x73/0xb0 [ 17.661948] print_report+0xd1/0x650 [ 17.662081] ? __virt_addr_valid+0x1db/0x2d0 [ 17.662162] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.662241] ? kasan_addr_to_slab+0x11/0xa0 [ 17.662319] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.662399] kasan_report+0x141/0x180 [ 17.662474] ? krealloc_more_oob_helper+0x7eb/0x930 [ 17.662563] __asan_report_store1_noabort+0x1b/0x30 [ 17.662638] krealloc_more_oob_helper+0x7eb/0x930 [ 17.662712] ? __schedule+0x10cc/0x2b60 [ 17.663155] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.663240] ? finish_task_switch.isra.0+0x153/0x700 [ 17.663317] ? __switch_to+0x47/0xf50 [ 17.663397] ? __schedule+0x10cc/0x2b60 [ 17.663477] ? __pfx_read_tsc+0x10/0x10 [ 17.663525] krealloc_large_more_oob+0x1c/0x30 [ 17.663559] kunit_try_run_case+0x1a5/0x480 [ 17.663588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.663616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.663650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.663687] ? __kthread_parkme+0x82/0x180 [ 17.663715] ? preempt_count_sub+0x50/0x80 [ 17.663745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.663803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.663843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.663878] kthread+0x337/0x6f0 [ 17.663905] ? trace_preempt_on+0x20/0xc0 [ 17.663937] ? __pfx_kthread+0x10/0x10 [ 17.663966] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.663998] ? calculate_sigpending+0x7b/0xa0 [ 17.664032] ? __pfx_kthread+0x10/0x10 [ 17.664089] ret_from_fork+0x116/0x1d0 [ 17.664115] ? __pfx_kthread+0x10/0x10 [ 17.664143] ret_from_fork_asm+0x1a/0x30 [ 17.664242] </TASK> [ 17.664286] [ 17.683569] The buggy address belongs to the physical page: [ 17.684678] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.685576] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.686558] flags: 0x200000000000040(head|node=0|zone=2) [ 17.687078] page_type: f8(unknown) [ 17.687792] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.688824] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.689707] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.690712] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.691685] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.692533] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.694129] page dumped because: kasan: bad access detected [ 17.694768] [ 17.695082] Memory state around the buggy address: [ 17.695548] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.696535] ffff8881024ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.697663] >ffff8881024ce080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.698455] ^ [ 17.698689] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.699969] ffff8881024ce180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.700731] ================================================================== [ 17.173903] ================================================================== [ 17.174514] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 17.174821] Write of size 1 at addr ffff8881003564eb by task kunit_try_catch/173 [ 17.175116] [ 17.175960] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.176105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.176144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.176203] Call Trace: [ 17.176242] <TASK> [ 17.176290] dump_stack_lvl+0x73/0xb0 [ 17.176373] print_report+0xd1/0x650 [ 17.176555] ? __virt_addr_valid+0x1db/0x2d0 [ 17.176634] ? krealloc_more_oob_helper+0x821/0x930 [ 17.176708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.176825] ? krealloc_more_oob_helper+0x821/0x930 [ 17.176908] kasan_report+0x141/0x180 [ 17.176982] ? krealloc_more_oob_helper+0x821/0x930 [ 17.177085] __asan_report_store1_noabort+0x1b/0x30 [ 17.177127] krealloc_more_oob_helper+0x821/0x930 [ 17.177165] ? __schedule+0x10cc/0x2b60 [ 17.177297] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.177336] ? finish_task_switch.isra.0+0x153/0x700 [ 17.177369] ? __switch_to+0x47/0xf50 [ 17.177405] ? __schedule+0x10cc/0x2b60 [ 17.177437] ? __pfx_read_tsc+0x10/0x10 [ 17.177472] krealloc_more_oob+0x1c/0x30 [ 17.177505] kunit_try_run_case+0x1a5/0x480 [ 17.177536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.177563] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.177598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.177632] ? __kthread_parkme+0x82/0x180 [ 17.177660] ? preempt_count_sub+0x50/0x80 [ 17.177690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.177718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.177752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.177820] kthread+0x337/0x6f0 [ 17.177853] ? trace_preempt_on+0x20/0xc0 [ 17.177889] ? __pfx_kthread+0x10/0x10 [ 17.177919] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.177951] ? calculate_sigpending+0x7b/0xa0 [ 17.177985] ? __pfx_kthread+0x10/0x10 [ 17.178015] ret_from_fork+0x116/0x1d0 [ 17.178039] ? __pfx_kthread+0x10/0x10 [ 17.178095] ret_from_fork_asm+0x1a/0x30 [ 17.178138] </TASK> [ 17.178153] [ 17.196701] Allocated by task 173: [ 17.197110] kasan_save_stack+0x45/0x70 [ 17.197661] kasan_save_track+0x18/0x40 [ 17.199135] kasan_save_alloc_info+0x3b/0x50 [ 17.200108] __kasan_krealloc+0x190/0x1f0 [ 17.200513] krealloc_noprof+0xf3/0x340 [ 17.201424] krealloc_more_oob_helper+0x1a9/0x930 [ 17.201982] krealloc_more_oob+0x1c/0x30 [ 17.202598] kunit_try_run_case+0x1a5/0x480 [ 17.203249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.203823] kthread+0x337/0x6f0 [ 17.204205] ret_from_fork+0x116/0x1d0 [ 17.204728] ret_from_fork_asm+0x1a/0x30 [ 17.205103] [ 17.205754] The buggy address belongs to the object at ffff888100356400 [ 17.205754] which belongs to the cache kmalloc-256 of size 256 [ 17.207114] The buggy address is located 0 bytes to the right of [ 17.207114] allocated 235-byte region [ffff888100356400, ffff8881003564eb) [ 17.208596] [ 17.208767] The buggy address belongs to the physical page: [ 17.209721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100356 [ 17.210780] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.211412] flags: 0x200000000000040(head|node=0|zone=2) [ 17.211941] page_type: f5(slab) [ 17.212490] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.213904] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.214740] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.215026] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.215924] head: 0200000000000001 ffffea000400d581 00000000ffffffff 00000000ffffffff [ 17.217391] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.217977] page dumped because: kasan: bad access detected [ 17.218481] [ 17.218714] Memory state around the buggy address: [ 17.219123] ffff888100356380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.219667] ffff888100356400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.220567] >ffff888100356480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.221454] ^ [ 17.222535] ffff888100356500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.223436] ffff888100356580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.127525] ================================================================== [ 17.128831] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 17.129769] Read of size 1 at addr ffff888103b80000 by task kunit_try_catch/171 [ 17.130360] [ 17.131296] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.131557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.131577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.131606] Call Trace: [ 17.131625] <TASK> [ 17.131646] dump_stack_lvl+0x73/0xb0 [ 17.131724] print_report+0xd1/0x650 [ 17.131800] ? __virt_addr_valid+0x1db/0x2d0 [ 17.131879] ? page_alloc_uaf+0x356/0x3d0 [ 17.131949] ? kasan_addr_to_slab+0x11/0xa0 [ 17.132018] ? page_alloc_uaf+0x356/0x3d0 [ 17.132097] kasan_report+0x141/0x180 [ 17.132134] ? page_alloc_uaf+0x356/0x3d0 [ 17.132187] __asan_report_load1_noabort+0x18/0x20 [ 17.132262] page_alloc_uaf+0x356/0x3d0 [ 17.132316] ? __pfx_page_alloc_uaf+0x10/0x10 [ 17.132351] ? __schedule+0x10cc/0x2b60 [ 17.132387] ? __pfx_read_tsc+0x10/0x10 [ 17.132417] ? ktime_get_ts64+0x86/0x230 [ 17.132450] kunit_try_run_case+0x1a5/0x480 [ 17.132479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.132505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.132540] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.132576] ? __kthread_parkme+0x82/0x180 [ 17.132605] ? preempt_count_sub+0x50/0x80 [ 17.132636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.132664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.132698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.132731] kthread+0x337/0x6f0 [ 17.132758] ? trace_preempt_on+0x20/0xc0 [ 17.132837] ? __pfx_kthread+0x10/0x10 [ 17.132870] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.132904] ? calculate_sigpending+0x7b/0xa0 [ 17.132940] ? __pfx_kthread+0x10/0x10 [ 17.132969] ret_from_fork+0x116/0x1d0 [ 17.132994] ? __pfx_kthread+0x10/0x10 [ 17.133022] ret_from_fork_asm+0x1a/0x30 [ 17.133085] </TASK> [ 17.133101] [ 17.154213] The buggy address belongs to the physical page: [ 17.155284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b80 [ 17.156342] flags: 0x200000000000000(node=0|zone=2) [ 17.157190] page_type: f0(buddy) [ 17.157689] raw: 0200000000000000 ffff88817fffc538 ffff88817fffc538 0000000000000000 [ 17.158683] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 17.159636] page dumped because: kasan: bad access detected [ 17.160700] [ 17.160888] Memory state around the buggy address: [ 17.162074] ffff888103b7ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.162992] ffff888103b7ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.163761] >ffff888103b80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.164708] ^ [ 17.165499] ffff888103b80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.166043] ffff888103b80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.166496] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 17.084003] ================================================================== [ 17.085241] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 17.085644] Free of addr ffff888102cc0001 by task kunit_try_catch/167 [ 17.086368] [ 17.086630] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.086764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.086822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.086883] Call Trace: [ 17.086926] <TASK> [ 17.086975] dump_stack_lvl+0x73/0xb0 [ 17.087080] print_report+0xd1/0x650 [ 17.087185] ? __virt_addr_valid+0x1db/0x2d0 [ 17.087292] ? kasan_addr_to_slab+0x11/0xa0 [ 17.087358] ? kfree+0x274/0x3f0 [ 17.087422] kasan_report_invalid_free+0x10a/0x130 [ 17.087498] ? kfree+0x274/0x3f0 [ 17.087567] ? kfree+0x274/0x3f0 [ 17.087629] __kasan_kfree_large+0x86/0xd0 [ 17.087692] free_large_kmalloc+0x4b/0x110 [ 17.087733] kfree+0x274/0x3f0 [ 17.087764] kmalloc_large_invalid_free+0x120/0x2b0 [ 17.087840] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 17.087878] ? __schedule+0x10cc/0x2b60 [ 17.087915] ? __pfx_read_tsc+0x10/0x10 [ 17.087945] ? ktime_get_ts64+0x86/0x230 [ 17.087979] kunit_try_run_case+0x1a5/0x480 [ 17.088009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.088036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.088102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.088141] ? __kthread_parkme+0x82/0x180 [ 17.088172] ? preempt_count_sub+0x50/0x80 [ 17.088205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.088233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.088268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.088303] kthread+0x337/0x6f0 [ 17.088330] ? trace_preempt_on+0x20/0xc0 [ 17.088363] ? __pfx_kthread+0x10/0x10 [ 17.088392] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.088423] ? calculate_sigpending+0x7b/0xa0 [ 17.088457] ? __pfx_kthread+0x10/0x10 [ 17.088486] ret_from_fork+0x116/0x1d0 [ 17.088511] ? __pfx_kthread+0x10/0x10 [ 17.088539] ret_from_fork_asm+0x1a/0x30 [ 17.088581] </TASK> [ 17.088596] [ 17.102993] The buggy address belongs to the physical page: [ 17.103515] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 17.104249] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.104905] flags: 0x200000000000040(head|node=0|zone=2) [ 17.105534] page_type: f8(unknown) [ 17.105962] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.106659] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.107464] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.108183] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.108846] head: 0200000000000002 ffffea00040b3001 00000000ffffffff 00000000ffffffff [ 17.109459] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.110157] page dumped because: kasan: bad access detected [ 17.110702] [ 17.111017] Memory state around the buggy address: [ 17.111493] ffff888102cbff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.112134] ffff888102cbff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.112585] >ffff888102cc0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.113161] ^ [ 17.113581] ffff888102cc0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.114259] ffff888102cc0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.115140] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.032844] ================================================================== [ 17.033943] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 17.034445] Read of size 1 at addr ffff888102cc0000 by task kunit_try_catch/165 [ 17.036592] [ 17.038191] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 17.038309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.038339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.038387] Call Trace: [ 17.038417] <TASK> [ 17.038454] dump_stack_lvl+0x73/0xb0 [ 17.038519] print_report+0xd1/0x650 [ 17.038573] ? __virt_addr_valid+0x1db/0x2d0 [ 17.038628] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.038677] ? kasan_addr_to_slab+0x11/0xa0 [ 17.038726] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.038775] kasan_report+0x141/0x180 [ 17.038827] ? kmalloc_large_uaf+0x2f1/0x340 [ 17.038888] __asan_report_load1_noabort+0x18/0x20 [ 17.038937] kmalloc_large_uaf+0x2f1/0x340 [ 17.038986] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 17.039037] ? __schedule+0x10cc/0x2b60 [ 17.039233] ? __pfx_read_tsc+0x10/0x10 [ 17.039309] ? ktime_get_ts64+0x86/0x230 [ 17.039414] kunit_try_run_case+0x1a5/0x480 [ 17.039473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.039518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.039572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.039627] ? __kthread_parkme+0x82/0x180 [ 17.039676] ? preempt_count_sub+0x50/0x80 [ 17.039731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.040429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.040514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.040591] kthread+0x337/0x6f0 [ 17.040646] ? trace_preempt_on+0x20/0xc0 [ 17.040714] ? __pfx_kthread+0x10/0x10 [ 17.040810] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.040889] ? calculate_sigpending+0x7b/0xa0 [ 17.040964] ? __pfx_kthread+0x10/0x10 [ 17.041032] ret_from_fork+0x116/0x1d0 [ 17.041113] ? __pfx_kthread+0x10/0x10 [ 17.041518] ret_from_fork_asm+0x1a/0x30 [ 17.041608] </TASK> [ 17.041640] [ 17.067145] The buggy address belongs to the physical page: [ 17.067661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cc0 [ 17.069021] flags: 0x200000000000000(node=0|zone=2) [ 17.069923] raw: 0200000000000000 ffffea00040b3108 ffff88815b039f80 0000000000000000 [ 17.071012] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.071941] page dumped because: kasan: bad access detected [ 17.072448] [ 17.072685] Memory state around the buggy address: [ 17.073666] ffff888102cbff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.074678] ffff888102cbff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.075448] >ffff888102cc0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.076197] ^ [ 17.076519] ffff888102cc0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.077487] ffff888102cc0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.078137] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.984744] ================================================================== [ 16.985902] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 16.986880] Write of size 1 at addr ffff8881024ce00a by task kunit_try_catch/163 [ 16.987749] [ 16.988669] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.988959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.988998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.989046] Call Trace: [ 16.989088] <TASK> [ 16.989112] dump_stack_lvl+0x73/0xb0 [ 16.989152] print_report+0xd1/0x650 [ 16.989317] ? __virt_addr_valid+0x1db/0x2d0 [ 16.989358] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.989390] ? kasan_addr_to_slab+0x11/0xa0 [ 16.989419] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.989451] kasan_report+0x141/0x180 [ 16.989482] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.989519] __asan_report_store1_noabort+0x1b/0x30 [ 16.989548] kmalloc_large_oob_right+0x2e9/0x330 [ 16.989579] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.989611] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.989651] ? trace_hardirqs_on+0x37/0xe0 [ 16.989683] ? __pfx_read_tsc+0x10/0x10 [ 16.989712] ? ktime_get_ts64+0x86/0x230 [ 16.989745] kunit_try_run_case+0x1a5/0x480 [ 16.989777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.989836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.989874] ? __kthread_parkme+0x82/0x180 [ 16.989903] ? preempt_count_sub+0x50/0x80 [ 16.989935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.989964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.989998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.990033] kthread+0x337/0x6f0 [ 16.990084] ? trace_preempt_on+0x20/0xc0 [ 16.990119] ? __pfx_kthread+0x10/0x10 [ 16.990148] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.990268] ? calculate_sigpending+0x7b/0xa0 [ 16.990323] ? __pfx_kthread+0x10/0x10 [ 16.990354] ret_from_fork+0x116/0x1d0 [ 16.990380] ? __pfx_kthread+0x10/0x10 [ 16.990408] ret_from_fork_asm+0x1a/0x30 [ 16.990449] </TASK> [ 16.990464] [ 17.011375] The buggy address belongs to the physical page: [ 17.011849] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024cc [ 17.012548] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.013744] flags: 0x200000000000040(head|node=0|zone=2) [ 17.014333] page_type: f8(unknown) [ 17.014944] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.015925] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.016887] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.017666] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.018424] head: 0200000000000002 ffffea0004093301 00000000ffffffff 00000000ffffffff [ 17.019122] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.020005] page dumped because: kasan: bad access detected [ 17.020665] [ 17.020960] Memory state around the buggy address: [ 17.021403] ffff8881024cdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.022129] ffff8881024cdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.022934] >ffff8881024ce000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.023707] ^ [ 17.024148] ffff8881024ce080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.024949] ffff8881024ce100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.025589] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.923626] ================================================================== [ 16.924923] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 16.926163] Write of size 1 at addr ffff888102cf5f00 by task kunit_try_catch/161 [ 16.926761] [ 16.927072] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.927199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.927237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.927297] Call Trace: [ 16.927343] <TASK> [ 16.927397] dump_stack_lvl+0x73/0xb0 [ 16.927483] print_report+0xd1/0x650 [ 16.927563] ? __virt_addr_valid+0x1db/0x2d0 [ 16.927645] ? kmalloc_big_oob_right+0x316/0x370 [ 16.927720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.927797] ? kmalloc_big_oob_right+0x316/0x370 [ 16.927875] kasan_report+0x141/0x180 [ 16.927954] ? kmalloc_big_oob_right+0x316/0x370 [ 16.928039] __asan_report_store1_noabort+0x1b/0x30 [ 16.928528] kmalloc_big_oob_right+0x316/0x370 [ 16.928565] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.928599] ? __schedule+0x10cc/0x2b60 [ 16.928634] ? __pfx_read_tsc+0x10/0x10 [ 16.928665] ? ktime_get_ts64+0x86/0x230 [ 16.928699] kunit_try_run_case+0x1a5/0x480 [ 16.928729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.928756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.928809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.928860] ? __kthread_parkme+0x82/0x180 [ 16.928890] ? preempt_count_sub+0x50/0x80 [ 16.928922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.928951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.928985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.929019] kthread+0x337/0x6f0 [ 16.929046] ? trace_preempt_on+0x20/0xc0 [ 16.929107] ? __pfx_kthread+0x10/0x10 [ 16.929137] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.929180] ? calculate_sigpending+0x7b/0xa0 [ 16.929320] ? __pfx_kthread+0x10/0x10 [ 16.929352] ret_from_fork+0x116/0x1d0 [ 16.929378] ? __pfx_kthread+0x10/0x10 [ 16.929406] ret_from_fork_asm+0x1a/0x30 [ 16.929448] </TASK> [ 16.929463] [ 16.949813] Allocated by task 161: [ 16.950222] kasan_save_stack+0x45/0x70 [ 16.950689] kasan_save_track+0x18/0x40 [ 16.951248] kasan_save_alloc_info+0x3b/0x50 [ 16.951597] __kasan_kmalloc+0xb7/0xc0 [ 16.952143] __kmalloc_cache_noprof+0x189/0x420 [ 16.953150] kmalloc_big_oob_right+0xa9/0x370 [ 16.954280] kunit_try_run_case+0x1a5/0x480 [ 16.954962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.955739] kthread+0x337/0x6f0 [ 16.956245] ret_from_fork+0x116/0x1d0 [ 16.956962] ret_from_fork_asm+0x1a/0x30 [ 16.957649] [ 16.957806] The buggy address belongs to the object at ffff888102cf4000 [ 16.957806] which belongs to the cache kmalloc-8k of size 8192 [ 16.959397] The buggy address is located 0 bytes to the right of [ 16.959397] allocated 7936-byte region [ffff888102cf4000, ffff888102cf5f00) [ 16.961371] [ 16.961577] The buggy address belongs to the physical page: [ 16.962222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cf0 [ 16.962946] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.963581] flags: 0x200000000000040(head|node=0|zone=2) [ 16.964549] page_type: f5(slab) [ 16.965508] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.966027] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.967171] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.967808] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.969134] head: 0200000000000003 ffffea00040b3c01 00000000ffffffff 00000000ffffffff [ 16.970422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.971596] page dumped because: kasan: bad access detected [ 16.972517] [ 16.972688] Memory state around the buggy address: [ 16.973016] ffff888102cf5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.973826] ffff888102cf5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.974427] >ffff888102cf5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.975529] ^ [ 16.975781] ffff888102cf5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.976976] ffff888102cf6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.977829] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.818827] ================================================================== [ 16.819627] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.821156] Write of size 1 at addr ffff8881022c3578 by task kunit_try_catch/159 [ 16.822462] [ 16.822655] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.822723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.822740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.822770] Call Trace: [ 16.822798] <TASK> [ 16.822838] dump_stack_lvl+0x73/0xb0 [ 16.822879] print_report+0xd1/0x650 [ 16.822913] ? __virt_addr_valid+0x1db/0x2d0 [ 16.822946] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.822981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.823012] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.823048] kasan_report+0x141/0x180 [ 16.823132] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.823226] __asan_report_store1_noabort+0x1b/0x30 [ 16.823486] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.823578] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.823716] ? __schedule+0x10cc/0x2b60 [ 16.823756] ? __pfx_read_tsc+0x10/0x10 [ 16.823800] ? ktime_get_ts64+0x86/0x230 [ 16.823855] kunit_try_run_case+0x1a5/0x480 [ 16.823891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.823920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.823956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.823990] ? __kthread_parkme+0x82/0x180 [ 16.824020] ? preempt_count_sub+0x50/0x80 [ 16.824051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.824105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.824142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.824270] kthread+0x337/0x6f0 [ 16.824307] ? trace_preempt_on+0x20/0xc0 [ 16.824343] ? __pfx_kthread+0x10/0x10 [ 16.824372] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.824404] ? calculate_sigpending+0x7b/0xa0 [ 16.824439] ? __pfx_kthread+0x10/0x10 [ 16.824468] ret_from_fork+0x116/0x1d0 [ 16.824493] ? __pfx_kthread+0x10/0x10 [ 16.824520] ret_from_fork_asm+0x1a/0x30 [ 16.824562] </TASK> [ 16.824577] [ 16.844962] Allocated by task 159: [ 16.845361] kasan_save_stack+0x45/0x70 [ 16.845689] kasan_save_track+0x18/0x40 [ 16.846979] kasan_save_alloc_info+0x3b/0x50 [ 16.847456] __kasan_kmalloc+0xb7/0xc0 [ 16.848118] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.849125] kmalloc_track_caller_oob_right+0x99/0x520 [ 16.849937] kunit_try_run_case+0x1a5/0x480 [ 16.850253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.850897] kthread+0x337/0x6f0 [ 16.851377] ret_from_fork+0x116/0x1d0 [ 16.851748] ret_from_fork_asm+0x1a/0x30 [ 16.852392] [ 16.852769] The buggy address belongs to the object at ffff8881022c3500 [ 16.852769] which belongs to the cache kmalloc-128 of size 128 [ 16.854496] The buggy address is located 0 bytes to the right of [ 16.854496] allocated 120-byte region [ffff8881022c3500, ffff8881022c3578) [ 16.855770] [ 16.856046] The buggy address belongs to the physical page: [ 16.856569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 16.857933] flags: 0x200000000000000(node=0|zone=2) [ 16.858403] page_type: f5(slab) [ 16.858681] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.859768] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.860918] page dumped because: kasan: bad access detected [ 16.861585] [ 16.861781] Memory state around the buggy address: [ 16.862571] ffff8881022c3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.864131] ffff8881022c3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.864883] >ffff8881022c3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.865655] ^ [ 16.866807] ffff8881022c3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.867557] ffff8881022c3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868237] ================================================================== [ 16.871028] ================================================================== [ 16.872013] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.872758] Write of size 1 at addr ffff8881022c3678 by task kunit_try_catch/159 [ 16.874047] [ 16.874691] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.874859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.874900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.874958] Call Trace: [ 16.874977] <TASK> [ 16.874997] dump_stack_lvl+0x73/0xb0 [ 16.875034] print_report+0xd1/0x650 [ 16.875099] ? __virt_addr_valid+0x1db/0x2d0 [ 16.875153] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.875218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.875254] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.875290] kasan_report+0x141/0x180 [ 16.875321] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.875363] __asan_report_store1_noabort+0x1b/0x30 [ 16.875392] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.875428] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.875466] ? __schedule+0x10cc/0x2b60 [ 16.875498] ? __pfx_read_tsc+0x10/0x10 [ 16.875528] ? ktime_get_ts64+0x86/0x230 [ 16.875561] kunit_try_run_case+0x1a5/0x480 [ 16.875589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.875615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.875650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.875684] ? __kthread_parkme+0x82/0x180 [ 16.875711] ? preempt_count_sub+0x50/0x80 [ 16.875743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.875770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.875832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.875868] kthread+0x337/0x6f0 [ 16.875895] ? trace_preempt_on+0x20/0xc0 [ 16.875925] ? __pfx_kthread+0x10/0x10 [ 16.875953] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.875985] ? calculate_sigpending+0x7b/0xa0 [ 16.876019] ? __pfx_kthread+0x10/0x10 [ 16.876049] ret_from_fork+0x116/0x1d0 [ 16.876099] ? __pfx_kthread+0x10/0x10 [ 16.876128] ret_from_fork_asm+0x1a/0x30 [ 16.876169] </TASK> [ 16.876182] [ 16.896153] Allocated by task 159: [ 16.896746] kasan_save_stack+0x45/0x70 [ 16.897264] kasan_save_track+0x18/0x40 [ 16.897827] kasan_save_alloc_info+0x3b/0x50 [ 16.898348] __kasan_kmalloc+0xb7/0xc0 [ 16.898695] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.899669] kmalloc_track_caller_oob_right+0x19a/0x520 [ 16.900378] kunit_try_run_case+0x1a5/0x480 [ 16.900901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.901583] kthread+0x337/0x6f0 [ 16.902037] ret_from_fork+0x116/0x1d0 [ 16.902603] ret_from_fork_asm+0x1a/0x30 [ 16.903130] [ 16.903705] The buggy address belongs to the object at ffff8881022c3600 [ 16.903705] which belongs to the cache kmalloc-128 of size 128 [ 16.904855] The buggy address is located 0 bytes to the right of [ 16.904855] allocated 120-byte region [ffff8881022c3600, ffff8881022c3678) [ 16.906283] [ 16.906516] The buggy address belongs to the physical page: [ 16.907022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c3 [ 16.908043] flags: 0x200000000000000(node=0|zone=2) [ 16.908698] page_type: f5(slab) [ 16.909108] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.909690] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.910573] page dumped because: kasan: bad access detected [ 16.911136] [ 16.911646] Memory state around the buggy address: [ 16.912092] ffff8881022c3500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.912771] ffff8881022c3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.913399] >ffff8881022c3600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.913914] ^ [ 16.914537] ffff8881022c3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.915545] ffff8881022c3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916330] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.755512] ================================================================== [ 16.756913] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 16.757603] Read of size 1 at addr ffff88810299f000 by task kunit_try_catch/157 [ 16.758077] [ 16.758651] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.758718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.758735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.758764] Call Trace: [ 16.758790] <TASK> [ 16.758832] dump_stack_lvl+0x73/0xb0 [ 16.758872] print_report+0xd1/0x650 [ 16.758905] ? __virt_addr_valid+0x1db/0x2d0 [ 16.758938] ? kmalloc_node_oob_right+0x369/0x3c0 [ 16.758971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.759001] ? kmalloc_node_oob_right+0x369/0x3c0 [ 16.759035] kasan_report+0x141/0x180 [ 16.759098] ? kmalloc_node_oob_right+0x369/0x3c0 [ 16.759189] __asan_report_load1_noabort+0x18/0x20 [ 16.759449] kmalloc_node_oob_right+0x369/0x3c0 [ 16.759498] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 16.759536] ? kasan_save_stack+0x45/0x70 [ 16.759567] ? __pfx_read_tsc+0x10/0x10 [ 16.759599] ? ktime_get_ts64+0x86/0x230 [ 16.759633] kunit_try_run_case+0x1a5/0x480 [ 16.759664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.759691] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.759726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.759761] ? __kthread_parkme+0x82/0x180 [ 16.759805] ? preempt_count_sub+0x50/0x80 [ 16.759856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.759885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.759920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.759954] kthread+0x337/0x6f0 [ 16.759980] ? trace_preempt_on+0x20/0xc0 [ 16.760013] ? __pfx_kthread+0x10/0x10 [ 16.760040] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.760098] ? calculate_sigpending+0x7b/0xa0 [ 16.760135] ? __pfx_kthread+0x10/0x10 [ 16.760174] ret_from_fork+0x116/0x1d0 [ 16.760555] ? __pfx_kthread+0x10/0x10 [ 16.760593] ret_from_fork_asm+0x1a/0x30 [ 16.760640] </TASK> [ 16.760656] [ 16.783828] Allocated by task 157: [ 16.784181] kasan_save_stack+0x45/0x70 [ 16.785684] kasan_save_track+0x18/0x40 [ 16.786618] kasan_save_alloc_info+0x3b/0x50 [ 16.787573] __kasan_kmalloc+0xb7/0xc0 [ 16.788100] __kmalloc_cache_node_noprof+0x188/0x420 [ 16.788925] kmalloc_node_oob_right+0xab/0x3c0 [ 16.789727] kunit_try_run_case+0x1a5/0x480 [ 16.790625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.790976] kthread+0x337/0x6f0 [ 16.791599] ret_from_fork+0x116/0x1d0 [ 16.791993] ret_from_fork_asm+0x1a/0x30 [ 16.792782] [ 16.793824] The buggy address belongs to the object at ffff88810299e000 [ 16.793824] which belongs to the cache kmalloc-4k of size 4096 [ 16.795073] The buggy address is located 0 bytes to the right of [ 16.795073] allocated 4096-byte region [ffff88810299e000, ffff88810299f000) [ 16.796412] [ 16.797012] The buggy address belongs to the physical page: [ 16.798042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102998 [ 16.799268] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.799906] flags: 0x200000000000040(head|node=0|zone=2) [ 16.800628] page_type: f5(slab) [ 16.801361] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.802180] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.803098] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.804356] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.805005] head: 0200000000000003 ffffea00040a6601 00000000ffffffff 00000000ffffffff [ 16.805778] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.806581] page dumped because: kasan: bad access detected [ 16.807552] [ 16.807719] Memory state around the buggy address: [ 16.808783] ffff88810299ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.809416] ffff88810299ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.810414] >ffff88810299f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.810957] ^ [ 16.811182] ffff88810299f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.811942] ffff88810299f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.812539] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.695328] ================================================================== [ 16.696689] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 16.698177] Read of size 1 at addr ffff888100fa0ebf by task kunit_try_catch/155 [ 16.698657] [ 16.698865] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.698933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.698950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.698982] Call Trace: [ 16.698999] <TASK> [ 16.699023] dump_stack_lvl+0x73/0xb0 [ 16.699093] print_report+0xd1/0x650 [ 16.699176] ? __virt_addr_valid+0x1db/0x2d0 [ 16.699256] ? kmalloc_oob_left+0x361/0x3c0 [ 16.699328] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.699404] ? kmalloc_oob_left+0x361/0x3c0 [ 16.699478] kasan_report+0x141/0x180 [ 16.699558] ? kmalloc_oob_left+0x361/0x3c0 [ 16.699644] __asan_report_load1_noabort+0x18/0x20 [ 16.699713] kmalloc_oob_left+0x361/0x3c0 [ 16.699770] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 16.699827] ? __schedule+0x10cc/0x2b60 [ 16.699866] ? __pfx_read_tsc+0x10/0x10 [ 16.699898] ? ktime_get_ts64+0x86/0x230 [ 16.699932] kunit_try_run_case+0x1a5/0x480 [ 16.699963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.699989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.700024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.700077] ? __kthread_parkme+0x82/0x180 [ 16.700113] ? preempt_count_sub+0x50/0x80 [ 16.700145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.700190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.700274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.700318] kthread+0x337/0x6f0 [ 16.700346] ? trace_preempt_on+0x20/0xc0 [ 16.700380] ? __pfx_kthread+0x10/0x10 [ 16.700409] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.700441] ? calculate_sigpending+0x7b/0xa0 [ 16.700475] ? __pfx_kthread+0x10/0x10 [ 16.700504] ret_from_fork+0x116/0x1d0 [ 16.700528] ? __pfx_kthread+0x10/0x10 [ 16.700556] ret_from_fork_asm+0x1a/0x30 [ 16.700598] </TASK> [ 16.700613] [ 16.721051] Allocated by task 1: [ 16.722217] kasan_save_stack+0x45/0x70 [ 16.722631] kasan_save_track+0x18/0x40 [ 16.722999] kasan_save_alloc_info+0x3b/0x50 [ 16.723965] __kasan_kmalloc+0xb7/0xc0 [ 16.724659] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.725417] kvasprintf+0xc5/0x150 [ 16.725999] __kthread_create_on_node+0x18b/0x3a0 [ 16.726976] kthread_create_on_node+0xab/0xe0 [ 16.727745] create_worker+0x3e5/0x7b0 [ 16.728431] alloc_unbound_pwq+0x8ea/0xdb0 [ 16.729143] apply_wqattrs_prepare+0x332/0xd20 [ 16.729633] apply_workqueue_attrs_locked+0x4d/0xa0 [ 16.730454] alloc_workqueue+0xcc7/0x1ad0 [ 16.730747] latency_fsnotify_init+0x1b/0x50 [ 16.731687] do_one_initcall+0xd8/0x370 [ 16.732474] kernel_init_freeable+0x420/0x6f0 [ 16.732889] kernel_init+0x23/0x1e0 [ 16.733508] ret_from_fork+0x116/0x1d0 [ 16.733833] ret_from_fork_asm+0x1a/0x30 [ 16.734175] [ 16.734356] The buggy address belongs to the object at ffff888100fa0ea0 [ 16.734356] which belongs to the cache kmalloc-16 of size 16 [ 16.736379] The buggy address is located 18 bytes to the right of [ 16.736379] allocated 13-byte region [ffff888100fa0ea0, ffff888100fa0ead) [ 16.737646] [ 16.737838] The buggy address belongs to the physical page: [ 16.738415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fa0 [ 16.739028] flags: 0x200000000000000(node=0|zone=2) [ 16.740047] page_type: f5(slab) [ 16.740958] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.741795] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.742656] page dumped because: kasan: bad access detected [ 16.743684] [ 16.743928] Memory state around the buggy address: [ 16.745253] ffff888100fa0d80: 00 04 fc fc 00 04 fc fc 00 00 fc fc fa fb fc fc [ 16.745769] ffff888100fa0e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.747055] >ffff888100fa0e80: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 16.747933] ^ [ 16.748362] ffff888100fa0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.749383] ffff888100fa0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.750211] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.603697] ================================================================== [ 16.604560] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 16.605364] Write of size 1 at addr ffff888102b56178 by task kunit_try_catch/153 [ 16.606096] [ 16.606400] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.606519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.606616] Call Trace: [ 16.606661] <TASK> [ 16.606707] dump_stack_lvl+0x73/0xb0 [ 16.606758] print_report+0xd1/0x650 [ 16.606873] ? __virt_addr_valid+0x1db/0x2d0 [ 16.606953] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.606988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.607020] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.607053] kasan_report+0x141/0x180 [ 16.607142] ? kmalloc_oob_right+0x6bd/0x7f0 [ 16.607229] __asan_report_store1_noabort+0x1b/0x30 [ 16.607299] kmalloc_oob_right+0x6bd/0x7f0 [ 16.607375] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.607449] ? __schedule+0x10cc/0x2b60 [ 16.607525] ? __pfx_read_tsc+0x10/0x10 [ 16.607586] ? ktime_get_ts64+0x86/0x230 [ 16.607622] kunit_try_run_case+0x1a5/0x480 [ 16.607651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.607712] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.607747] ? __kthread_parkme+0x82/0x180 [ 16.607774] ? preempt_count_sub+0x50/0x80 [ 16.607849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.607915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.607949] kthread+0x337/0x6f0 [ 16.607975] ? trace_preempt_on+0x20/0xc0 [ 16.608005] ? __pfx_kthread+0x10/0x10 [ 16.608033] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.608090] ? calculate_sigpending+0x7b/0xa0 [ 16.608128] ? __pfx_kthread+0x10/0x10 [ 16.608157] ret_from_fork+0x116/0x1d0 [ 16.608181] ? __pfx_kthread+0x10/0x10 [ 16.608209] ret_from_fork_asm+0x1a/0x30 [ 16.608250] </TASK> [ 16.608263] [ 16.627494] Allocated by task 153: [ 16.627875] kasan_save_stack+0x45/0x70 [ 16.628597] kasan_save_track+0x18/0x40 [ 16.629321] kasan_save_alloc_info+0x3b/0x50 [ 16.629624] __kasan_kmalloc+0xb7/0xc0 [ 16.630297] __kmalloc_cache_noprof+0x189/0x420 [ 16.630944] kmalloc_oob_right+0xa9/0x7f0 [ 16.631348] kunit_try_run_case+0x1a5/0x480 [ 16.632075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.632737] kthread+0x337/0x6f0 [ 16.633257] ret_from_fork+0x116/0x1d0 [ 16.633624] ret_from_fork_asm+0x1a/0x30 [ 16.634339] [ 16.634711] The buggy address belongs to the object at ffff888102b56100 [ 16.634711] which belongs to the cache kmalloc-128 of size 128 [ 16.635660] The buggy address is located 5 bytes to the right of [ 16.635660] allocated 115-byte region [ffff888102b56100, ffff888102b56173) [ 16.637481] [ 16.637712] The buggy address belongs to the physical page: [ 16.638245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 16.638881] flags: 0x200000000000000(node=0|zone=2) [ 16.639323] page_type: f5(slab) [ 16.639662] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.640766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.641496] page dumped because: kasan: bad access detected [ 16.642150] [ 16.642468] Memory state around the buggy address: [ 16.643195] ffff888102b56000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.643875] ffff888102b56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.644543] >ffff888102b56100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.645420] ^ [ 16.645872] ffff888102b56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646552] ffff888102b56200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647188] ================================================================== [ 16.648484] ================================================================== [ 16.649085] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 16.649693] Read of size 1 at addr ffff888102b56180 by task kunit_try_catch/153 [ 16.650316] [ 16.650764] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.650882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.650918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.650976] Call Trace: [ 16.651021] <TASK> [ 16.651057] dump_stack_lvl+0x73/0xb0 [ 16.651153] print_report+0xd1/0x650 [ 16.651228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.651350] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.651425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.651500] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.651595] kasan_report+0x141/0x180 [ 16.651703] ? kmalloc_oob_right+0x68a/0x7f0 [ 16.651794] __asan_report_load1_noabort+0x18/0x20 [ 16.651872] kmalloc_oob_right+0x68a/0x7f0 [ 16.651971] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.652095] ? __schedule+0x10cc/0x2b60 [ 16.652178] ? __pfx_read_tsc+0x10/0x10 [ 16.652250] ? ktime_get_ts64+0x86/0x230 [ 16.652330] kunit_try_run_case+0x1a5/0x480 [ 16.652405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.652496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.652603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.652682] ? __kthread_parkme+0x82/0x180 [ 16.652735] ? preempt_count_sub+0x50/0x80 [ 16.652768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.652839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.652880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.652915] kthread+0x337/0x6f0 [ 16.652942] ? trace_preempt_on+0x20/0xc0 [ 16.652973] ? __pfx_kthread+0x10/0x10 [ 16.653000] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.653032] ? calculate_sigpending+0x7b/0xa0 [ 16.653088] ? __pfx_kthread+0x10/0x10 [ 16.653121] ret_from_fork+0x116/0x1d0 [ 16.653145] ? __pfx_kthread+0x10/0x10 [ 16.653172] ret_from_fork_asm+0x1a/0x30 [ 16.653213] </TASK> [ 16.653226] [ 16.671154] Allocated by task 153: [ 16.671546] kasan_save_stack+0x45/0x70 [ 16.672041] kasan_save_track+0x18/0x40 [ 16.672787] kasan_save_alloc_info+0x3b/0x50 [ 16.673473] __kasan_kmalloc+0xb7/0xc0 [ 16.673801] __kmalloc_cache_noprof+0x189/0x420 [ 16.674181] kmalloc_oob_right+0xa9/0x7f0 [ 16.674503] kunit_try_run_case+0x1a5/0x480 [ 16.675411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.676051] kthread+0x337/0x6f0 [ 16.676488] ret_from_fork+0x116/0x1d0 [ 16.676852] ret_from_fork_asm+0x1a/0x30 [ 16.677416] [ 16.677728] The buggy address belongs to the object at ffff888102b56100 [ 16.677728] which belongs to the cache kmalloc-128 of size 128 [ 16.678588] The buggy address is located 13 bytes to the right of [ 16.678588] allocated 115-byte region [ffff888102b56100, ffff888102b56173) [ 16.679551] [ 16.679793] The buggy address belongs to the physical page: [ 16.680385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 16.681172] flags: 0x200000000000000(node=0|zone=2) [ 16.681564] page_type: f5(slab) [ 16.682008] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.682571] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.683612] page dumped because: kasan: bad access detected [ 16.684374] [ 16.684587] Memory state around the buggy address: [ 16.685233] ffff888102b56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685770] ffff888102b56100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.686612] >ffff888102b56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687357] ^ [ 16.687826] ffff888102b56200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688368] ffff888102b56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689168] ================================================================== [ 16.557469] ================================================================== [ 16.558772] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 16.559821] Write of size 1 at addr ffff888102b56173 by task kunit_try_catch/153 [ 16.560637] [ 16.562540] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 16.563128] Tainted: [N]=TEST [ 16.563176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.563439] Call Trace: [ 16.563524] <TASK> [ 16.563695] dump_stack_lvl+0x73/0xb0 [ 16.563844] print_report+0xd1/0x650 [ 16.563899] ? __virt_addr_valid+0x1db/0x2d0 [ 16.563936] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.563966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.563997] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.564028] kasan_report+0x141/0x180 [ 16.564058] ? kmalloc_oob_right+0x6f0/0x7f0 [ 16.564122] __asan_report_store1_noabort+0x1b/0x30 [ 16.564154] kmalloc_oob_right+0x6f0/0x7f0 [ 16.564185] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.564217] ? __schedule+0x10cc/0x2b60 [ 16.564251] ? __pfx_read_tsc+0x10/0x10 [ 16.564281] ? ktime_get_ts64+0x86/0x230 [ 16.564315] kunit_try_run_case+0x1a5/0x480 [ 16.564345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.564372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.564407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.564440] ? __kthread_parkme+0x82/0x180 [ 16.564469] ? preempt_count_sub+0x50/0x80 [ 16.564500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.564528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.564562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.564596] kthread+0x337/0x6f0 [ 16.564622] ? trace_preempt_on+0x20/0xc0 [ 16.564654] ? __pfx_kthread+0x10/0x10 [ 16.564681] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.564712] ? calculate_sigpending+0x7b/0xa0 [ 16.564745] ? __pfx_kthread+0x10/0x10 [ 16.564774] ret_from_fork+0x116/0x1d0 [ 16.564840] ? __pfx_kthread+0x10/0x10 [ 16.564875] ret_from_fork_asm+0x1a/0x30 [ 16.564953] </TASK> [ 16.565038] [ 16.581252] Allocated by task 153: [ 16.581934] kasan_save_stack+0x45/0x70 [ 16.582429] kasan_save_track+0x18/0x40 [ 16.582881] kasan_save_alloc_info+0x3b/0x50 [ 16.583271] __kasan_kmalloc+0xb7/0xc0 [ 16.583672] __kmalloc_cache_noprof+0x189/0x420 [ 16.584144] kmalloc_oob_right+0xa9/0x7f0 [ 16.584474] kunit_try_run_case+0x1a5/0x480 [ 16.584966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.585532] kthread+0x337/0x6f0 [ 16.585957] ret_from_fork+0x116/0x1d0 [ 16.586374] ret_from_fork_asm+0x1a/0x30 [ 16.586867] [ 16.587188] The buggy address belongs to the object at ffff888102b56100 [ 16.587188] which belongs to the cache kmalloc-128 of size 128 [ 16.588407] The buggy address is located 0 bytes to the right of [ 16.588407] allocated 115-byte region [ffff888102b56100, ffff888102b56173) [ 16.589435] [ 16.589777] The buggy address belongs to the physical page: [ 16.590736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b56 [ 16.592057] flags: 0x200000000000000(node=0|zone=2) [ 16.593292] page_type: f5(slab) [ 16.594234] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.594839] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.595580] page dumped because: kasan: bad access detected [ 16.596116] [ 16.596375] Memory state around the buggy address: [ 16.597352] ffff888102b56000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.598022] ffff888102b56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598627] >ffff888102b56100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.599282] ^ [ 16.599957] ffff888102b56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600545] ffff888102b56200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601207] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 210.274678] WARNING: CPU: 1 PID: 2817 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 210.276127] Modules linked in: [ 210.276868] CPU: 1 UID: 0 PID: 2817 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 210.278153] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 210.278740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 210.279432] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 210.280625] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 210.282001] RSP: 0000:ffff8881091c7c78 EFLAGS: 00010286 [ 210.282786] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 210.283693] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff89c3cbdc [ 210.284209] RBP: ffff8881091c7ca0 R08: 0000000000000000 R09: ffffed10209cac60 [ 210.285205] R10: ffff888104e56307 R11: 0000000000000000 R12: ffffffff89c3cbc8 [ 210.286119] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881091c7d38 [ 210.286720] FS: 0000000000000000(0000) GS:ffff8881cf55b000(0000) knlGS:0000000000000000 [ 210.287350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.288123] CR2: ffffffffffffffff CR3: 00000001246bc000 CR4: 00000000000006f0 [ 210.288836] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69403 [ 210.289728] DR3: ffffffff8bc69405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 210.290807] Call Trace: [ 210.291044] <TASK> [ 210.291176] drm_test_rect_calc_vscale+0x108/0x270 [ 210.292325] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 210.292933] ? __schedule+0x10cc/0x2b60 [ 210.293419] ? __pfx_read_tsc+0x10/0x10 [ 210.294055] ? ktime_get_ts64+0x86/0x230 [ 210.294958] kunit_try_run_case+0x1a5/0x480 [ 210.295721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.296199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 210.297087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 210.297490] ? __kthread_parkme+0x82/0x180 [ 210.298084] ? preempt_count_sub+0x50/0x80 [ 210.298976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.299823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 210.300365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 210.301007] kthread+0x337/0x6f0 [ 210.301492] ? trace_preempt_on+0x20/0xc0 [ 210.301936] ? __pfx_kthread+0x10/0x10 [ 210.302364] ? _raw_spin_unlock_irq+0x47/0x80 [ 210.302904] ? calculate_sigpending+0x7b/0xa0 [ 210.303710] ? __pfx_kthread+0x10/0x10 [ 210.304586] ret_from_fork+0x116/0x1d0 [ 210.305127] ? __pfx_kthread+0x10/0x10 [ 210.305919] ret_from_fork_asm+0x1a/0x30 [ 210.306544] </TASK> [ 210.306986] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 210.313062] WARNING: CPU: 0 PID: 2819 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 210.313915] Modules linked in: [ 210.315030] CPU: 0 UID: 0 PID: 2819 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 210.316363] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 210.316909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 210.317983] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 210.318915] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 210.320707] RSP: 0000:ffff88810980fc78 EFLAGS: 00010286 [ 210.321817] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 210.323061] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff89c3cc14 [ 210.323949] RBP: ffff88810980fca0 R08: 0000000000000000 R09: ffffed10208dd180 [ 210.324959] R10: ffff8881046e8c07 R11: 0000000000000000 R12: ffffffff89c3cc00 [ 210.325994] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810980fd38 [ 210.327113] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 210.328203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.328563] CR2: 00007ffff7ffe000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 210.329653] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 210.330191] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 210.330596] Call Trace: [ 210.330831] <TASK> [ 210.332586] drm_test_rect_calc_vscale+0x108/0x270 [ 210.333854] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 210.335642] ? __schedule+0x10cc/0x2b60 [ 210.336287] ? __pfx_read_tsc+0x10/0x10 [ 210.336604] ? ktime_get_ts64+0x86/0x230 [ 210.336956] kunit_try_run_case+0x1a5/0x480 [ 210.337292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.337629] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 210.340085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 210.341725] ? __kthread_parkme+0x82/0x180 [ 210.343098] ? preempt_count_sub+0x50/0x80 [ 210.343941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.344921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 210.346297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 210.347173] kthread+0x337/0x6f0 [ 210.347775] ? trace_preempt_on+0x20/0xc0 [ 210.348529] ? __pfx_kthread+0x10/0x10 [ 210.349020] ? _raw_spin_unlock_irq+0x47/0x80 [ 210.350089] ? calculate_sigpending+0x7b/0xa0 [ 210.350894] ? __pfx_kthread+0x10/0x10 [ 210.351592] ret_from_fork+0x116/0x1d0 [ 210.351995] ? __pfx_kthread+0x10/0x10 [ 210.352481] ret_from_fork_asm+0x1a/0x30 [ 210.353508] </TASK> [ 210.353774] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 210.215834] WARNING: CPU: 0 PID: 2807 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 210.217028] Modules linked in: [ 210.217655] CPU: 0 UID: 0 PID: 2807 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 210.219468] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 210.219814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 210.220569] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 210.221810] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 8b b5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 210.223420] RSP: 0000:ffff88810935fc78 EFLAGS: 00010286 [ 210.223971] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 210.225072] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff89c3cc18 [ 210.225928] RBP: ffff88810935fca0 R08: 0000000000000000 R09: ffffed10208dd0e0 [ 210.226631] R10: ffff8881046e8707 R11: 0000000000000000 R12: ffffffff89c3cc00 [ 210.227502] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810935fd38 [ 210.228239] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 210.228780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.229369] CR2: 00007ffff7ffe000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 210.229790] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 210.230921] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 210.231675] Call Trace: [ 210.232031] <TASK> [ 210.232762] drm_test_rect_calc_hscale+0x108/0x270 [ 210.234045] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 210.234764] ? __schedule+0x10cc/0x2b60 [ 210.235522] ? __pfx_read_tsc+0x10/0x10 [ 210.235951] ? ktime_get_ts64+0x86/0x230 [ 210.236354] kunit_try_run_case+0x1a5/0x480 [ 210.236750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.237719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 210.238219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 210.239163] ? __kthread_parkme+0x82/0x180 [ 210.239917] ? preempt_count_sub+0x50/0x80 [ 210.240957] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.241632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 210.242271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 210.243129] kthread+0x337/0x6f0 [ 210.243660] ? trace_preempt_on+0x20/0xc0 [ 210.244101] ? __pfx_kthread+0x10/0x10 [ 210.244639] ? _raw_spin_unlock_irq+0x47/0x80 [ 210.245568] ? calculate_sigpending+0x7b/0xa0 [ 210.246178] ? __pfx_kthread+0x10/0x10 [ 210.246913] ret_from_fork+0x116/0x1d0 [ 210.247660] ? __pfx_kthread+0x10/0x10 [ 210.248385] ret_from_fork_asm+0x1a/0x30 [ 210.249008] </TASK> [ 210.249215] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 210.172055] WARNING: CPU: 1 PID: 2805 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 210.173509] Modules linked in: [ 210.174650] CPU: 1 UID: 0 PID: 2805 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 210.175682] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 210.176183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 210.177179] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 210.178297] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 8b b5 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 210.180730] RSP: 0000:ffff88810980fc78 EFLAGS: 00010286 [ 210.181613] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 210.182978] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff89c3cbe0 [ 210.183603] RBP: ffff88810980fca0 R08: 0000000000000000 R09: ffffed1020cafb80 [ 210.184148] R10: ffff88810657dc07 R11: 0000000000000000 R12: ffffffff89c3cbc8 [ 210.185384] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810980fd38 [ 210.185954] FS: 0000000000000000(0000) GS:ffff8881cf55b000(0000) knlGS:0000000000000000 [ 210.186547] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 210.187614] CR2: ffffffffffffffff CR3: 00000001246bc000 CR4: 00000000000006f0 [ 210.188561] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69403 [ 210.189650] DR3: ffffffff8bc69405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 210.190451] Call Trace: [ 210.190941] <TASK> [ 210.191589] drm_test_rect_calc_hscale+0x108/0x270 [ 210.192125] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 210.193200] ? __schedule+0x10cc/0x2b60 [ 210.193979] ? __pfx_read_tsc+0x10/0x10 [ 210.194675] ? ktime_get_ts64+0x86/0x230 [ 210.195077] kunit_try_run_case+0x1a5/0x480 [ 210.195858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.196861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 210.197542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 210.198024] ? __kthread_parkme+0x82/0x180 [ 210.198690] ? preempt_count_sub+0x50/0x80 [ 210.199154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 210.199692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 210.200744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 210.202080] kthread+0x337/0x6f0 [ 210.202526] ? trace_preempt_on+0x20/0xc0 [ 210.203123] ? __pfx_kthread+0x10/0x10 [ 210.203972] ? _raw_spin_unlock_irq+0x47/0x80 [ 210.204587] ? calculate_sigpending+0x7b/0xa0 [ 210.205542] ? __pfx_kthread+0x10/0x10 [ 210.206110] ret_from_fork+0x116/0x1d0 [ 210.206615] ? __pfx_kthread+0x10/0x10 [ 210.207044] ret_from_fork_asm+0x1a/0x30 [ 210.207623] </TASK> [ 210.207851] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 209.073726] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 209.073950] WARNING: CPU: 0 PID: 2622 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 209.077133] Modules linked in: [ 209.077731] CPU: 0 UID: 0 PID: 2622 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 209.078982] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 209.079756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 209.080805] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 209.081483] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 4d 27 80 00 48 c7 c1 c0 1a bf 89 4c 89 f2 48 c7 c7 80 17 bf 89 48 89 c6 e8 a4 c7 73 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 209.083459] RSP: 0000:ffff8881090f7d18 EFLAGS: 00010286 [ 209.084688] RAX: 0000000000000000 RBX: ffff888102447800 RCX: 1ffffffff1524cec [ 209.085421] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 209.085718] RBP: ffff8881090f7d48 R08: 0000000000000000 R09: fffffbfff1524cec [ 209.086430] R10: 0000000000000003 R11: 0000000000039fb8 R12: ffff888109198800 [ 209.086999] R13: ffff8881024478f8 R14: ffff888104917100 R15: ffff8881003c7b40 [ 209.087859] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 209.088649] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 209.089606] CR2: 00007ffff7ffe000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 209.090493] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 209.091165] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 209.091871] Call Trace: [ 209.092216] <TASK> [ 209.092716] ? trace_preempt_on+0x20/0xc0 [ 209.093545] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 209.094087] drm_gem_shmem_free_wrapper+0x12/0x20 [ 209.094727] __kunit_action_free+0x57/0x70 [ 209.095115] kunit_remove_resource+0x133/0x200 [ 209.096009] ? preempt_count_sub+0x50/0x80 [ 209.096568] kunit_cleanup+0x7a/0x120 [ 209.097024] kunit_try_run_case_cleanup+0xbd/0xf0 [ 209.097828] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 209.098719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 209.099201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 209.099828] kthread+0x337/0x6f0 [ 209.100338] ? trace_preempt_on+0x20/0xc0 [ 209.101051] ? __pfx_kthread+0x10/0x10 [ 209.101573] ? _raw_spin_unlock_irq+0x47/0x80 [ 209.101985] ? calculate_sigpending+0x7b/0xa0 [ 209.102955] ? __pfx_kthread+0x10/0x10 [ 209.103565] ret_from_fork+0x116/0x1d0 [ 209.103963] ? __pfx_kthread+0x10/0x10 [ 209.104390] ret_from_fork_asm+0x1a/0x30 [ 209.104873] </TASK> [ 209.105461] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 208.834255] WARNING: CPU: 0 PID: 2603 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 208.835793] Modules linked in: [ 208.836307] CPU: 0 UID: 0 PID: 2603 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 208.837689] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.838336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.839085] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 208.839906] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 208.842290] RSP: 0000:ffff88810919fb30 EFLAGS: 00010246 [ 208.843087] RAX: dffffc0000000000 RBX: ffff88810919fc28 RCX: 0000000000000000 [ 208.843797] RDX: 1ffff11021233f8e RSI: ffff88810919fc28 RDI: ffff88810919fc70 [ 208.844369] RBP: ffff88810919fb70 R08: ffff8881091b1000 R09: ffffffff89be1de0 [ 208.845139] R10: 0000000000000003 R11: 0000000019f37507 R12: ffff8881091b1000 [ 208.846190] R13: ffff8881003c7ae8 R14: ffff88810919fba8 R15: 0000000000000000 [ 208.847160] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 208.847930] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.848662] CR2: 00007ffff7ffe000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 208.849218] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 208.849807] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.851350] Call Trace: [ 208.851784] <TASK> [ 208.852181] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 208.852920] ? add_dr+0x148/0x1d0 [ 208.853516] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 208.854410] ? __drmm_add_action+0x1a4/0x280 [ 208.855125] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.855812] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.856311] ? __drmm_add_action_or_reset+0x22/0x50 [ 208.856983] ? __schedule+0x10cc/0x2b60 [ 208.857406] ? __pfx_read_tsc+0x10/0x10 [ 208.858036] ? ktime_get_ts64+0x86/0x230 [ 208.858599] kunit_try_run_case+0x1a5/0x480 [ 208.859055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.859660] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.860169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.860716] ? __kthread_parkme+0x82/0x180 [ 208.861225] ? preempt_count_sub+0x50/0x80 [ 208.861921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.862527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.863000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.863657] kthread+0x337/0x6f0 [ 208.864139] ? trace_preempt_on+0x20/0xc0 [ 208.864539] ? __pfx_kthread+0x10/0x10 [ 208.865098] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.865662] ? calculate_sigpending+0x7b/0xa0 [ 208.866081] ? __pfx_kthread+0x10/0x10 [ 208.866484] ret_from_fork+0x116/0x1d0 [ 208.867290] ? __pfx_kthread+0x10/0x10 [ 208.867668] ret_from_fork_asm+0x1a/0x30 [ 208.868098] </TASK> [ 208.868499] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 208.771473] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 208.771750] WARNING: CPU: 0 PID: 2599 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 208.774950] Modules linked in: [ 208.775637] CPU: 0 UID: 0 PID: 2599 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 208.776725] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.777202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.778583] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 208.779337] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 7b 41 87 00 48 c7 c1 a0 cd bd 89 4c 89 fa 48 c7 c7 00 ce bd 89 48 89 c6 e8 d2 e1 7a fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 208.780831] RSP: 0000:ffff888108f2fb68 EFLAGS: 00010282 [ 208.781729] RAX: 0000000000000000 RBX: ffff888108f2fc40 RCX: 1ffffffff1524cec [ 208.782440] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 208.783425] RBP: ffff888108f2fb90 R08: 0000000000000000 R09: fffffbfff1524cec [ 208.784221] R10: 0000000000000003 R11: 00000000000386e0 R12: ffff888108f2fc18 [ 208.785069] R13: ffff888108b0e000 R14: ffff8881034cf000 R15: ffff888106541200 [ 208.786138] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 208.787465] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.788076] CR2: 00007ffff7ffe000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 208.788918] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 208.789646] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.790180] Call Trace: [ 208.790659] <TASK> [ 208.790984] drm_test_framebuffer_free+0x1ab/0x610 [ 208.791632] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 208.792103] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.792800] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 208.793289] ? __drmm_add_action_or_reset+0x22/0x50 [ 208.794302] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 208.794811] kunit_try_run_case+0x1a5/0x480 [ 208.795481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.795911] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.796388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.797209] ? __kthread_parkme+0x82/0x180 [ 208.798035] ? preempt_count_sub+0x50/0x80 [ 208.798637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.799145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.799888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.800649] kthread+0x337/0x6f0 [ 208.801019] ? trace_preempt_on+0x20/0xc0 [ 208.801947] ? __pfx_kthread+0x10/0x10 [ 208.802390] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.803036] ? calculate_sigpending+0x7b/0xa0 [ 208.803524] ? __pfx_kthread+0x10/0x10 [ 208.804150] ret_from_fork+0x116/0x1d0 [ 208.804699] ? __pfx_kthread+0x10/0x10 [ 208.805180] ret_from_fork_asm+0x1a/0x30 [ 208.806145] </TASK> [ 208.806662] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 206.572356] WARNING: CPU: 0 PID: 2037 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 206.573662] Modules linked in: [ 206.574038] CPU: 0 UID: 0 PID: 2037 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 206.575358] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.576075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.577293] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 206.577950] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 92 fb 25 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 80 fb 25 02 48 89 df e8 68 [ 206.579707] RSP: 0000:ffff88810828fc90 EFLAGS: 00010246 [ 206.580252] RAX: dffffc0000000000 RBX: ffff8881082a4000 RCX: 0000000000000000 [ 206.581117] RDX: 1ffff11021054832 RSI: ffffffff86e444a8 RDI: ffff8881082a4190 [ 206.582217] RBP: ffff88810828fca0 R08: 1ffff11020078f69 R09: ffffed1021051f65 [ 206.583062] R10: 0000000000000003 R11: ffffffff86388398 R12: 0000000000000000 [ 206.583826] R13: ffff88810828fd38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 206.584870] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 206.585977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.586727] CR2: 00007ffff7ffe000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 206.587560] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 206.588590] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.589212] Call Trace: [ 206.590062] <TASK> [ 206.590510] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 206.591496] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 206.592574] ? __schedule+0x10cc/0x2b60 [ 206.593123] ? irqentry_exit+0x2a/0x60 [ 206.594051] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 206.594651] ? __pfx_read_tsc+0x10/0x10 [ 206.595176] ? ktime_get_ts64+0x86/0x230 [ 206.595846] ? trace_hardirqs_on+0x37/0xe0 [ 206.596489] kunit_try_run_case+0x1a5/0x480 [ 206.597184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.598059] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 206.598772] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.599433] ? __kthread_parkme+0x82/0x180 [ 206.599816] ? preempt_count_sub+0x50/0x80 [ 206.600435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.601030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.601963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.602702] kthread+0x337/0x6f0 [ 206.603316] ? trace_preempt_on+0x20/0xc0 [ 206.603789] ? __pfx_kthread+0x10/0x10 [ 206.604160] ? _raw_spin_unlock_irq+0x47/0x80 [ 206.604882] ? calculate_sigpending+0x7b/0xa0 [ 206.605616] ? __pfx_kthread+0x10/0x10 [ 206.606031] ret_from_fork+0x116/0x1d0 [ 206.606637] ? __pfx_kthread+0x10/0x10 [ 206.607081] ret_from_fork_asm+0x1a/0x30 [ 206.607614] </TASK> [ 206.607936] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 206.443492] WARNING: CPU: 1 PID: 2029 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 206.444162] Modules linked in: [ 206.445075] CPU: 1 UID: 0 PID: 2029 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 206.446430] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.446995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.448165] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 206.449192] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 92 fb 25 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 80 fb 25 02 48 89 df e8 68 [ 206.451060] RSP: 0000:ffff888107fcfc90 EFLAGS: 00010246 [ 206.451832] RAX: dffffc0000000000 RBX: ffff888108190000 RCX: 0000000000000000 [ 206.452850] RDX: 1ffff11021032032 RSI: ffffffff86e444a8 RDI: ffff888108190190 [ 206.453652] RBP: ffff888107fcfca0 R08: 1ffff11020078f69 R09: ffffed1020ff9f65 [ 206.454433] R10: 0000000000000003 R11: ffffffff86388398 R12: 0000000000000000 [ 206.455207] R13: ffff888107fcfd38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 206.455819] FS: 0000000000000000(0000) GS:ffff8881cf55b000(0000) knlGS:0000000000000000 [ 206.456457] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.457159] CR2: ffffffffffffffff CR3: 00000001246bc000 CR4: 00000000000006f0 [ 206.457840] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69403 [ 206.458548] DR3: ffffffff8bc69405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.459161] Call Trace: [ 206.459574] <TASK> [ 206.459947] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 206.460725] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 206.461530] ? __schedule+0x10cc/0x2b60 [ 206.461992] ? __pfx_read_tsc+0x10/0x10 [ 206.462519] ? ktime_get_ts64+0x86/0x230 [ 206.462967] kunit_try_run_case+0x1a5/0x480 [ 206.463523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.464036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 206.464612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.465320] ? __kthread_parkme+0x82/0x180 [ 206.465804] ? preempt_count_sub+0x50/0x80 [ 206.466389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.466900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.467549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.468129] kthread+0x337/0x6f0 [ 206.468900] ? trace_preempt_on+0x20/0xc0 [ 206.469465] ? __pfx_kthread+0x10/0x10 [ 206.469895] ? _raw_spin_unlock_irq+0x47/0x80 [ 206.470478] ? calculate_sigpending+0x7b/0xa0 [ 206.470982] ? __pfx_kthread+0x10/0x10 [ 206.471477] ret_from_fork+0x116/0x1d0 [ 206.471955] ? __pfx_kthread+0x10/0x10 [ 206.472456] ret_from_fork_asm+0x1a/0x30 [ 206.472990] </TASK> [ 206.473379] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 149.613027] WARNING: CPU: 0 PID: 721 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 149.613989] Modules linked in: [ 149.614506] CPU: 0 UID: 0 PID: 721 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 149.616023] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 149.616695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 149.617355] RIP: 0010:intlog10+0x2a/0x40 [ 149.617828] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 97 9e 86 02 90 <0f> 0b 90 31 c0 e9 8c 9e 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 149.619654] RSP: 0000:ffff88810b137cb0 EFLAGS: 00010246 [ 149.620848] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11021626fb4 [ 149.621719] RDX: 1ffffffff1353dfc RSI: 1ffff11021626fb3 RDI: 0000000000000000 [ 149.622858] RBP: ffff88810b137d60 R08: 0000000000000000 R09: ffffed1020176160 [ 149.624818] R10: ffff888100bb0b07 R11: 0000000000000000 R12: 1ffff11021626f97 [ 149.625581] R13: ffffffff89a9efe0 R14: 0000000000000000 R15: ffff88810b137d38 [ 149.625983] FS: 0000000000000000(0000) GS:ffff8881cf45b000(0000) knlGS:0000000000000000 [ 149.627282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.629392] CR2: ffff88815a958000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 149.630950] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69402 [ 149.631978] DR3: ffffffff8bc69403 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 149.633666] Call Trace: [ 149.633923] <TASK> [ 149.634101] ? intlog10_test+0xf2/0x220 [ 149.635513] ? __pfx_intlog10_test+0x10/0x10 [ 149.636713] ? __schedule+0x10cc/0x2b60 [ 149.637506] ? __pfx_read_tsc+0x10/0x10 [ 149.637867] ? ktime_get_ts64+0x86/0x230 [ 149.638160] kunit_try_run_case+0x1a5/0x480 [ 149.639733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.640723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 149.641415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 149.642098] ? __kthread_parkme+0x82/0x180 [ 149.642893] ? preempt_count_sub+0x50/0x80 [ 149.643598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.644004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 149.644459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 149.645706] kthread+0x337/0x6f0 [ 149.646122] ? trace_preempt_on+0x20/0xc0 [ 149.646849] ? __pfx_kthread+0x10/0x10 [ 149.647668] ? _raw_spin_unlock_irq+0x47/0x80 [ 149.648033] ? calculate_sigpending+0x7b/0xa0 [ 149.649408] ? __pfx_kthread+0x10/0x10 [ 149.649937] ret_from_fork+0x116/0x1d0 [ 149.650580] ? __pfx_kthread+0x10/0x10 [ 149.651153] ret_from_fork_asm+0x1a/0x30 [ 149.651791] </TASK> [ 149.652092] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 149.542656] WARNING: CPU: 1 PID: 703 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 149.543350] Modules linked in: [ 149.543950] CPU: 1 UID: 0 PID: 703 Comm: kunit_try_catch Tainted: G B D N 6.15.0-next-20250530 #1 PREEMPT(voluntary) [ 149.545063] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 149.545537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 149.546350] RIP: 0010:intlog2+0xdf/0x110 [ 149.546793] Code: a9 89 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 02 9f 86 02 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 9f 25 52 ff 8b 45 e4 eb [ 149.548799] RSP: 0000:ffff88810b137cb0 EFLAGS: 00010246 [ 149.549331] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11021626fb4 [ 149.550064] RDX: 1ffffffff1353e50 RSI: 1ffff11021626fb3 RDI: 0000000000000000 [ 149.550786] RBP: ffff88810b137d60 R08: 0000000000000000 R09: ffffed1020ef20e0 [ 149.551694] R10: ffff888107790707 R11: 0000000000000000 R12: 1ffff11021626f97 [ 149.552531] R13: ffffffff89a9f280 R14: 0000000000000000 R15: ffff88810b137d38 [ 149.553160] FS: 0000000000000000(0000) GS:ffff8881cf55b000(0000) knlGS:0000000000000000 [ 149.553940] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.554442] CR2: dffffc0000000000 CR3: 00000001246bc000 CR4: 00000000000006f0 [ 149.555053] DR0: ffffffff8bc69400 DR1: ffffffff8bc69401 DR2: ffffffff8bc69403 [ 149.555765] DR3: ffffffff8bc69405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 149.556535] Call Trace: [ 149.556946] <TASK> [ 149.557308] ? intlog2_test+0xf2/0x220 [ 149.557787] ? __pfx_intlog2_test+0x10/0x10 [ 149.558250] ? __schedule+0x10cc/0x2b60 [ 149.558687] ? __pfx_read_tsc+0x10/0x10 [ 149.559489] ? ktime_get_ts64+0x86/0x230 [ 149.559902] kunit_try_run_case+0x1a5/0x480 [ 149.560536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.561187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 149.562017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 149.562800] ? __kthread_parkme+0x82/0x180 [ 149.563410] ? preempt_count_sub+0x50/0x80 [ 149.563813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 149.564308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 149.565072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 149.565939] kthread+0x337/0x6f0 [ 149.566385] ? trace_preempt_on+0x20/0xc0 [ 149.567053] ? __pfx_kthread+0x10/0x10 [ 149.567625] ? _raw_spin_unlock_irq+0x47/0x80 [ 149.568298] ? calculate_sigpending+0x7b/0xa0 [ 149.569012] ? __pfx_kthread+0x10/0x10 [ 149.569643] ret_from_fork+0x116/0x1d0 [ 149.570139] ? __pfx_kthread+0x10/0x10 [ 149.570744] ret_from_fork_asm+0x1a/0x30 [ 149.571351] </TASK> [ 149.571714] ---[ end trace 0000000000000000 ]---
Failure - kunit - lib_ratelimit_lib_ratelimit
<8>[ 429.718816] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_lib_ratelimit RESULT=fail>
Failure - kunit - lib_ratelimit_test_ratelimit_smoke
<8>[ 429.402014] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_test_ratelimit_smoke RESULT=fail>