Date
June 5, 2025, 7:08 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
Automatically assigned
[ 13.393217] ================================================================== [ 13.393516] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.393829] Read of size 1 at addr ffff88810278df50 by task kunit_try_catch/276 [ 13.394175] [ 13.394261] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.394304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.394315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.394336] Call Trace: [ 13.394348] <TASK> [ 13.394360] dump_stack_lvl+0x73/0xb0 [ 13.394383] print_report+0xd1/0x650 [ 13.394403] ? __virt_addr_valid+0x1db/0x2d0 [ 13.394427] ? strnlen+0x73/0x80 [ 13.394444] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.394466] ? strnlen+0x73/0x80 [ 13.394485] kasan_report+0x141/0x180 [ 13.394506] ? strnlen+0x73/0x80 [ 13.394529] __asan_report_load1_noabort+0x18/0x20 [ 13.394553] strnlen+0x73/0x80 [ 13.394573] kasan_strings+0x615/0xe80 [ 13.394593] ? trace_hardirqs_on+0x37/0xe0 [ 13.394614] ? __pfx_kasan_strings+0x10/0x10 [ 13.394634] ? finish_task_switch.isra.0+0x153/0x700 [ 13.394656] ? __switch_to+0x47/0xf50 [ 13.394680] ? __schedule+0x10cc/0x2b60 [ 13.394703] ? __pfx_read_tsc+0x10/0x10 [ 13.394723] ? ktime_get_ts64+0x86/0x230 [ 13.394746] kunit_try_run_case+0x1a5/0x480 [ 13.394766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.394785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.394809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.394833] ? __kthread_parkme+0x82/0x180 [ 13.394852] ? preempt_count_sub+0x50/0x80 [ 13.394874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.394907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.394931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.394956] kthread+0x337/0x6f0 [ 13.394975] ? trace_preempt_on+0x20/0xc0 [ 13.394996] ? __pfx_kthread+0x10/0x10 [ 13.395015] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.395090] ? calculate_sigpending+0x7b/0xa0 [ 13.395115] ? __pfx_kthread+0x10/0x10 [ 13.395136] ret_from_fork+0x116/0x1d0 [ 13.395155] ? __pfx_kthread+0x10/0x10 [ 13.395175] ret_from_fork_asm+0x1a/0x30 [ 13.395203] </TASK> [ 13.395213] [ 13.403197] Allocated by task 276: [ 13.403375] kasan_save_stack+0x45/0x70 [ 13.403613] kasan_save_track+0x18/0x40 [ 13.403811] kasan_save_alloc_info+0x3b/0x50 [ 13.404035] __kasan_kmalloc+0xb7/0xc0 [ 13.404220] __kmalloc_cache_noprof+0x189/0x420 [ 13.404513] kasan_strings+0xc0/0xe80 [ 13.404644] kunit_try_run_case+0x1a5/0x480 [ 13.404785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.404970] kthread+0x337/0x6f0 [ 13.405097] ret_from_fork+0x116/0x1d0 [ 13.405447] ret_from_fork_asm+0x1a/0x30 [ 13.405669] [ 13.405768] Freed by task 276: [ 13.405938] kasan_save_stack+0x45/0x70 [ 13.406277] kasan_save_track+0x18/0x40 [ 13.406477] kasan_save_free_info+0x3f/0x60 [ 13.406687] __kasan_slab_free+0x56/0x70 [ 13.406888] kfree+0x222/0x3f0 [ 13.407095] kasan_strings+0x2aa/0xe80 [ 13.407228] kunit_try_run_case+0x1a5/0x480 [ 13.407368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.407541] kthread+0x337/0x6f0 [ 13.407658] ret_from_fork+0x116/0x1d0 [ 13.408126] ret_from_fork_asm+0x1a/0x30 [ 13.408327] [ 13.408420] The buggy address belongs to the object at ffff88810278df40 [ 13.408420] which belongs to the cache kmalloc-32 of size 32 [ 13.409208] The buggy address is located 16 bytes inside of [ 13.409208] freed 32-byte region [ffff88810278df40, ffff88810278df60) [ 13.409864] [ 13.409962] The buggy address belongs to the physical page: [ 13.410234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10278d [ 13.410521] flags: 0x200000000000000(node=0|zone=2) [ 13.410683] page_type: f5(slab) [ 13.410801] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.411043] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.411591] page dumped because: kasan: bad access detected [ 13.412056] [ 13.412153] Memory state around the buggy address: [ 13.412376] ffff88810278de00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.412678] ffff88810278de80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.412903] >ffff88810278df00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.413392] ^ [ 13.413752] ffff88810278df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.414810] ffff88810278e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.415058] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
Automatically assigned
[ 11.446369] ================================================================== [ 11.446812] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.447192] Write of size 128 at addr ffff888102b2d200 by task kunit_try_catch/187 [ 11.447638] [ 11.447734] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.447777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.447787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.447809] Call Trace: [ 11.447819] <TASK> [ 11.447833] dump_stack_lvl+0x73/0xb0 [ 11.447859] print_report+0xd1/0x650 [ 11.447880] ? __virt_addr_valid+0x1db/0x2d0 [ 11.447913] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.447934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.448011] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.448035] kasan_report+0x141/0x180 [ 11.448057] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.448083] kasan_check_range+0x10c/0x1c0 [ 11.448106] __asan_memset+0x27/0x50 [ 11.448125] kmalloc_oob_in_memset+0x15f/0x320 [ 11.448147] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.448169] ? __schedule+0x10cc/0x2b60 [ 11.448192] ? __pfx_read_tsc+0x10/0x10 [ 11.448213] ? ktime_get_ts64+0x86/0x230 [ 11.448236] kunit_try_run_case+0x1a5/0x480 [ 11.448257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.448275] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.448300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.448324] ? __kthread_parkme+0x82/0x180 [ 11.448343] ? preempt_count_sub+0x50/0x80 [ 11.448366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.448386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.448410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.448433] kthread+0x337/0x6f0 [ 11.448451] ? trace_preempt_on+0x20/0xc0 [ 11.448474] ? __pfx_kthread+0x10/0x10 [ 11.448494] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.448515] ? calculate_sigpending+0x7b/0xa0 [ 11.448539] ? __pfx_kthread+0x10/0x10 [ 11.448560] ret_from_fork+0x116/0x1d0 [ 11.448577] ? __pfx_kthread+0x10/0x10 [ 11.448597] ret_from_fork_asm+0x1a/0x30 [ 11.448626] </TASK> [ 11.448636] [ 11.456307] Allocated by task 187: [ 11.456440] kasan_save_stack+0x45/0x70 [ 11.456583] kasan_save_track+0x18/0x40 [ 11.456972] kasan_save_alloc_info+0x3b/0x50 [ 11.457193] __kasan_kmalloc+0xb7/0xc0 [ 11.457381] __kmalloc_cache_noprof+0x189/0x420 [ 11.457601] kmalloc_oob_in_memset+0xac/0x320 [ 11.457815] kunit_try_run_case+0x1a5/0x480 [ 11.458043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.458434] kthread+0x337/0x6f0 [ 11.458566] ret_from_fork+0x116/0x1d0 [ 11.458819] ret_from_fork_asm+0x1a/0x30 [ 11.459137] [ 11.459216] The buggy address belongs to the object at ffff888102b2d200 [ 11.459216] which belongs to the cache kmalloc-128 of size 128 [ 11.459695] The buggy address is located 0 bytes inside of [ 11.459695] allocated 120-byte region [ffff888102b2d200, ffff888102b2d278) [ 11.460391] [ 11.460494] The buggy address belongs to the physical page: [ 11.460741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 11.461706] flags: 0x200000000000000(node=0|zone=2) [ 11.461870] page_type: f5(slab) [ 11.461998] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.462226] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.462555] page dumped because: kasan: bad access detected [ 11.462880] [ 11.462980] Memory state around the buggy address: [ 11.463200] ffff888102b2d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.463496] ffff888102b2d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.464051] >ffff888102b2d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.464337] ^ [ 11.464604] ffff888102b2d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.465062] ffff888102b2d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.465280] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
Automatically assigned
[ 11.418657] ================================================================== [ 11.419765] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.420381] Read of size 16 at addr ffff88810188eea0 by task kunit_try_catch/185 [ 11.420838] [ 11.420945] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.421035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.421051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.421072] Call Trace: [ 11.421084] <TASK> [ 11.421100] dump_stack_lvl+0x73/0xb0 [ 11.421129] print_report+0xd1/0x650 [ 11.421151] ? __virt_addr_valid+0x1db/0x2d0 [ 11.421175] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.421195] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.421216] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.421237] kasan_report+0x141/0x180 [ 11.421258] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.421283] __asan_report_load16_noabort+0x18/0x20 [ 11.421303] kmalloc_uaf_16+0x47b/0x4c0 [ 11.421323] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.421345] ? __schedule+0x10cc/0x2b60 [ 11.421368] ? __pfx_read_tsc+0x10/0x10 [ 11.421389] ? ktime_get_ts64+0x86/0x230 [ 11.421414] kunit_try_run_case+0x1a5/0x480 [ 11.421436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.421455] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.421479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.421502] ? __kthread_parkme+0x82/0x180 [ 11.421523] ? preempt_count_sub+0x50/0x80 [ 11.421546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.421567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.421590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.421614] kthread+0x337/0x6f0 [ 11.421643] ? trace_preempt_on+0x20/0xc0 [ 11.421666] ? __pfx_kthread+0x10/0x10 [ 11.421686] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.421707] ? calculate_sigpending+0x7b/0xa0 [ 11.421730] ? __pfx_kthread+0x10/0x10 [ 11.421750] ret_from_fork+0x116/0x1d0 [ 11.421768] ? __pfx_kthread+0x10/0x10 [ 11.421788] ret_from_fork_asm+0x1a/0x30 [ 11.421818] </TASK> [ 11.421828] [ 11.433033] Allocated by task 185: [ 11.433187] kasan_save_stack+0x45/0x70 [ 11.433390] kasan_save_track+0x18/0x40 [ 11.433566] kasan_save_alloc_info+0x3b/0x50 [ 11.433792] __kasan_kmalloc+0xb7/0xc0 [ 11.434156] __kmalloc_cache_noprof+0x189/0x420 [ 11.434361] kmalloc_uaf_16+0x15b/0x4c0 [ 11.434527] kunit_try_run_case+0x1a5/0x480 [ 11.434768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.435010] kthread+0x337/0x6f0 [ 11.435159] ret_from_fork+0x116/0x1d0 [ 11.435290] ret_from_fork_asm+0x1a/0x30 [ 11.435428] [ 11.435497] Freed by task 185: [ 11.435651] kasan_save_stack+0x45/0x70 [ 11.435870] kasan_save_track+0x18/0x40 [ 11.436068] kasan_save_free_info+0x3f/0x60 [ 11.436273] __kasan_slab_free+0x56/0x70 [ 11.436466] kfree+0x222/0x3f0 [ 11.436607] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.436848] kunit_try_run_case+0x1a5/0x480 [ 11.437132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.437319] kthread+0x337/0x6f0 [ 11.437443] ret_from_fork+0x116/0x1d0 [ 11.437576] ret_from_fork_asm+0x1a/0x30 [ 11.437771] [ 11.437865] The buggy address belongs to the object at ffff88810188eea0 [ 11.437865] which belongs to the cache kmalloc-16 of size 16 [ 11.438322] The buggy address is located 0 bytes inside of [ 11.438322] freed 16-byte region [ffff88810188eea0, ffff88810188eeb0) [ 11.438846] [ 11.438931] The buggy address belongs to the physical page: [ 11.439104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10188e [ 11.439576] flags: 0x200000000000000(node=0|zone=2) [ 11.439996] page_type: f5(slab) [ 11.440148] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.440417] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.440848] page dumped because: kasan: bad access detected [ 11.441026] [ 11.441097] Memory state around the buggy address: [ 11.441336] ffff88810188ed80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.442114] ffff88810188ee00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.442386] >ffff88810188ee80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.442598] ^ [ 11.442760] ffff88810188ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.443194] ffff88810188ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.443505] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
Automatically assigned
[ 11.387040] ================================================================== [ 11.387504] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.387831] Write of size 16 at addr ffff888102ae90e0 by task kunit_try_catch/183 [ 11.388152] [ 11.388267] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.388313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.388324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.388345] Call Trace: [ 11.388356] <TASK> [ 11.388371] dump_stack_lvl+0x73/0xb0 [ 11.388398] print_report+0xd1/0x650 [ 11.388419] ? __virt_addr_valid+0x1db/0x2d0 [ 11.388443] ? kmalloc_oob_16+0x452/0x4a0 [ 11.388463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.388485] ? kmalloc_oob_16+0x452/0x4a0 [ 11.388505] kasan_report+0x141/0x180 [ 11.388526] ? kmalloc_oob_16+0x452/0x4a0 [ 11.388551] __asan_report_store16_noabort+0x1b/0x30 [ 11.388572] kmalloc_oob_16+0x452/0x4a0 [ 11.388593] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.388614] ? __schedule+0x10cc/0x2b60 [ 11.388637] ? __pfx_read_tsc+0x10/0x10 [ 11.388658] ? ktime_get_ts64+0x86/0x230 [ 11.388682] kunit_try_run_case+0x1a5/0x480 [ 11.388703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.388721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.388746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.388769] ? __kthread_parkme+0x82/0x180 [ 11.388790] ? preempt_count_sub+0x50/0x80 [ 11.388813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.388834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.389215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.389249] kthread+0x337/0x6f0 [ 11.389269] ? trace_preempt_on+0x20/0xc0 [ 11.389293] ? __pfx_kthread+0x10/0x10 [ 11.389312] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.389335] ? calculate_sigpending+0x7b/0xa0 [ 11.389360] ? __pfx_kthread+0x10/0x10 [ 11.389381] ret_from_fork+0x116/0x1d0 [ 11.389399] ? __pfx_kthread+0x10/0x10 [ 11.389418] ret_from_fork_asm+0x1a/0x30 [ 11.389448] </TASK> [ 11.389459] [ 11.397052] Allocated by task 183: [ 11.397221] kasan_save_stack+0x45/0x70 [ 11.397398] kasan_save_track+0x18/0x40 [ 11.397575] kasan_save_alloc_info+0x3b/0x50 [ 11.397855] __kasan_kmalloc+0xb7/0xc0 [ 11.398001] __kmalloc_cache_noprof+0x189/0x420 [ 11.398159] kmalloc_oob_16+0xa8/0x4a0 [ 11.398364] kunit_try_run_case+0x1a5/0x480 [ 11.398627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.399030] kthread+0x337/0x6f0 [ 11.399155] ret_from_fork+0x116/0x1d0 [ 11.399285] ret_from_fork_asm+0x1a/0x30 [ 11.400819] [ 11.401839] The buggy address belongs to the object at ffff888102ae90e0 [ 11.401839] which belongs to the cache kmalloc-16 of size 16 [ 11.404789] The buggy address is located 0 bytes inside of [ 11.404789] allocated 13-byte region [ffff888102ae90e0, ffff888102ae90ed) [ 11.406784] [ 11.406871] The buggy address belongs to the physical page: [ 11.407063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 11.408757] flags: 0x200000000000000(node=0|zone=2) [ 11.409131] page_type: f5(slab) [ 11.409837] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.410938] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.411528] page dumped because: kasan: bad access detected [ 11.412243] [ 11.412398] Memory state around the buggy address: [ 11.413083] ffff888102ae8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.413726] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.413973] >ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc [ 11.414189] ^ [ 11.414390] ffff888102ae9100: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.414610] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.414825] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
Automatically assigned
[ 11.316477] ================================================================== [ 11.317247] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.317563] Read of size 1 at addr ffff888100a28000 by task kunit_try_catch/181 [ 11.317920] [ 11.318086] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.318153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.318165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.318185] Call Trace: [ 11.318197] <TASK> [ 11.318226] dump_stack_lvl+0x73/0xb0 [ 11.318252] print_report+0xd1/0x650 [ 11.318275] ? __virt_addr_valid+0x1db/0x2d0 [ 11.318296] ? krealloc_uaf+0x1b8/0x5e0 [ 11.318317] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.318339] ? krealloc_uaf+0x1b8/0x5e0 [ 11.318361] kasan_report+0x141/0x180 [ 11.318382] ? krealloc_uaf+0x1b8/0x5e0 [ 11.318406] ? krealloc_uaf+0x1b8/0x5e0 [ 11.318427] __kasan_check_byte+0x3d/0x50 [ 11.318449] krealloc_noprof+0x3f/0x340 [ 11.318491] krealloc_uaf+0x1b8/0x5e0 [ 11.318512] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.318532] ? finish_task_switch.isra.0+0x153/0x700 [ 11.318553] ? __switch_to+0x47/0xf50 [ 11.318577] ? __schedule+0x10cc/0x2b60 [ 11.318601] ? __pfx_read_tsc+0x10/0x10 [ 11.318620] ? ktime_get_ts64+0x86/0x230 [ 11.318661] kunit_try_run_case+0x1a5/0x480 [ 11.318681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.318700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.318723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.318747] ? __kthread_parkme+0x82/0x180 [ 11.318766] ? preempt_count_sub+0x50/0x80 [ 11.318788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.318808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.318832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.318856] kthread+0x337/0x6f0 [ 11.318874] ? trace_preempt_on+0x20/0xc0 [ 11.318908] ? __pfx_kthread+0x10/0x10 [ 11.318927] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.318959] ? calculate_sigpending+0x7b/0xa0 [ 11.318982] ? __pfx_kthread+0x10/0x10 [ 11.319002] ret_from_fork+0x116/0x1d0 [ 11.319020] ? __pfx_kthread+0x10/0x10 [ 11.319040] ret_from_fork_asm+0x1a/0x30 [ 11.319069] </TASK> [ 11.319078] [ 11.332278] Allocated by task 181: [ 11.332601] kasan_save_stack+0x45/0x70 [ 11.333118] kasan_save_track+0x18/0x40 [ 11.333564] kasan_save_alloc_info+0x3b/0x50 [ 11.334137] __kasan_kmalloc+0xb7/0xc0 [ 11.334412] __kmalloc_cache_noprof+0x189/0x420 [ 11.334935] krealloc_uaf+0xbb/0x5e0 [ 11.335393] kunit_try_run_case+0x1a5/0x480 [ 11.335542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.336084] kthread+0x337/0x6f0 [ 11.336496] ret_from_fork+0x116/0x1d0 [ 11.336995] ret_from_fork_asm+0x1a/0x30 [ 11.337436] [ 11.337743] Freed by task 181: [ 11.338127] kasan_save_stack+0x45/0x70 [ 11.338286] kasan_save_track+0x18/0x40 [ 11.338425] kasan_save_free_info+0x3f/0x60 [ 11.338571] __kasan_slab_free+0x56/0x70 [ 11.338757] kfree+0x222/0x3f0 [ 11.338876] krealloc_uaf+0x13d/0x5e0 [ 11.339171] kunit_try_run_case+0x1a5/0x480 [ 11.339775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.340243] kthread+0x337/0x6f0 [ 11.340550] ret_from_fork+0x116/0x1d0 [ 11.340917] ret_from_fork_asm+0x1a/0x30 [ 11.341198] [ 11.341312] The buggy address belongs to the object at ffff888100a28000 [ 11.341312] which belongs to the cache kmalloc-256 of size 256 [ 11.342277] The buggy address is located 0 bytes inside of [ 11.342277] freed 256-byte region [ffff888100a28000, ffff888100a28100) [ 11.342854] [ 11.343103] The buggy address belongs to the physical page: [ 11.343425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 11.343927] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.344218] flags: 0x200000000000040(head|node=0|zone=2) [ 11.344470] page_type: f5(slab) [ 11.344625] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.345283] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.345730] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.346222] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.346661] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 11.347219] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.347616] page dumped because: kasan: bad access detected [ 11.348160] [ 11.348247] Memory state around the buggy address: [ 11.348465] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.348778] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.349122] >ffff888100a28000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.349444] ^ [ 11.349567] ffff888100a28080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.349987] ffff888100a28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.350584] ================================================================== [ 11.351712] ================================================================== [ 11.351970] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.352759] Read of size 1 at addr ffff888100a28000 by task kunit_try_catch/181 [ 11.353312] [ 11.353526] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.353571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.353583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.353603] Call Trace: [ 11.353615] <TASK> [ 11.353629] dump_stack_lvl+0x73/0xb0 [ 11.353656] print_report+0xd1/0x650 [ 11.353678] ? __virt_addr_valid+0x1db/0x2d0 [ 11.353700] ? krealloc_uaf+0x53c/0x5e0 [ 11.353721] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.353837] ? krealloc_uaf+0x53c/0x5e0 [ 11.353861] kasan_report+0x141/0x180 [ 11.353883] ? krealloc_uaf+0x53c/0x5e0 [ 11.353920] __asan_report_load1_noabort+0x18/0x20 [ 11.353957] krealloc_uaf+0x53c/0x5e0 [ 11.353978] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.353999] ? finish_task_switch.isra.0+0x153/0x700 [ 11.354020] ? __switch_to+0x47/0xf50 [ 11.354045] ? __schedule+0x10cc/0x2b60 [ 11.354068] ? __pfx_read_tsc+0x10/0x10 [ 11.354087] ? ktime_get_ts64+0x86/0x230 [ 11.354111] kunit_try_run_case+0x1a5/0x480 [ 11.354131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.354150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.354173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.354197] ? __kthread_parkme+0x82/0x180 [ 11.354216] ? preempt_count_sub+0x50/0x80 [ 11.354238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.354259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.354282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.354305] kthread+0x337/0x6f0 [ 11.354324] ? trace_preempt_on+0x20/0xc0 [ 11.354345] ? __pfx_kthread+0x10/0x10 [ 11.354364] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.354386] ? calculate_sigpending+0x7b/0xa0 [ 11.354409] ? __pfx_kthread+0x10/0x10 [ 11.354429] ret_from_fork+0x116/0x1d0 [ 11.354447] ? __pfx_kthread+0x10/0x10 [ 11.354466] ret_from_fork_asm+0x1a/0x30 [ 11.354495] </TASK> [ 11.354505] [ 11.365405] Allocated by task 181: [ 11.365571] kasan_save_stack+0x45/0x70 [ 11.365738] kasan_save_track+0x18/0x40 [ 11.366249] kasan_save_alloc_info+0x3b/0x50 [ 11.366433] __kasan_kmalloc+0xb7/0xc0 [ 11.366935] __kmalloc_cache_noprof+0x189/0x420 [ 11.367492] krealloc_uaf+0xbb/0x5e0 [ 11.367784] kunit_try_run_case+0x1a5/0x480 [ 11.368124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.368384] kthread+0x337/0x6f0 [ 11.368546] ret_from_fork+0x116/0x1d0 [ 11.369055] ret_from_fork_asm+0x1a/0x30 [ 11.369251] [ 11.369325] Freed by task 181: [ 11.369612] kasan_save_stack+0x45/0x70 [ 11.369768] kasan_save_track+0x18/0x40 [ 11.370157] kasan_save_free_info+0x3f/0x60 [ 11.370457] __kasan_slab_free+0x56/0x70 [ 11.370759] kfree+0x222/0x3f0 [ 11.370914] krealloc_uaf+0x13d/0x5e0 [ 11.371297] kunit_try_run_case+0x1a5/0x480 [ 11.371588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.372171] kthread+0x337/0x6f0 [ 11.372501] ret_from_fork+0x116/0x1d0 [ 11.372674] ret_from_fork_asm+0x1a/0x30 [ 11.373051] [ 11.373136] The buggy address belongs to the object at ffff888100a28000 [ 11.373136] which belongs to the cache kmalloc-256 of size 256 [ 11.373662] The buggy address is located 0 bytes inside of [ 11.373662] freed 256-byte region [ffff888100a28000, ffff888100a28100) [ 11.374423] [ 11.374530] The buggy address belongs to the physical page: [ 11.375099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a28 [ 11.375524] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.375888] flags: 0x200000000000040(head|node=0|zone=2) [ 11.376275] page_type: f5(slab) [ 11.376445] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.376932] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.377439] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.377784] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.378099] head: 0200000000000001 ffffea0004028a01 00000000ffffffff 00000000ffffffff [ 11.378451] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.378742] page dumped because: kasan: bad access detected [ 11.378997] [ 11.379136] Memory state around the buggy address: [ 11.379340] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.379618] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.379956] >ffff888100a28000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.380447] ^ [ 11.380601] ffff888100a28080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.380846] ffff888100a28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.381399] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
Automatically assigned
[ 11.091904] ================================================================== [ 11.092279] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.092596] Write of size 1 at addr ffff888100a27eda by task kunit_try_catch/175 [ 11.092888] [ 11.092982] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.093023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.093034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.093057] Call Trace: [ 11.093072] <TASK> [ 11.093085] dump_stack_lvl+0x73/0xb0 [ 11.093110] print_report+0xd1/0x650 [ 11.093132] ? __virt_addr_valid+0x1db/0x2d0 [ 11.093155] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.093179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.093201] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.093226] kasan_report+0x141/0x180 [ 11.093247] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.093276] __asan_report_store1_noabort+0x1b/0x30 [ 11.093297] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.093322] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.093346] ? finish_task_switch.isra.0+0x153/0x700 [ 11.093367] ? __switch_to+0x47/0xf50 [ 11.093392] ? __schedule+0x10cc/0x2b60 [ 11.093414] ? __pfx_read_tsc+0x10/0x10 [ 11.093438] krealloc_less_oob+0x1c/0x30 [ 11.093459] kunit_try_run_case+0x1a5/0x480 [ 11.093480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.093499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.093523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.093547] ? __kthread_parkme+0x82/0x180 [ 11.093566] ? preempt_count_sub+0x50/0x80 [ 11.093588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.093608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.093632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.093655] kthread+0x337/0x6f0 [ 11.093732] ? trace_preempt_on+0x20/0xc0 [ 11.093754] ? __pfx_kthread+0x10/0x10 [ 11.093774] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.093796] ? calculate_sigpending+0x7b/0xa0 [ 11.093820] ? __pfx_kthread+0x10/0x10 [ 11.093841] ret_from_fork+0x116/0x1d0 [ 11.093858] ? __pfx_kthread+0x10/0x10 [ 11.093878] ret_from_fork_asm+0x1a/0x30 [ 11.093917] </TASK> [ 11.093927] [ 11.101325] Allocated by task 175: [ 11.101505] kasan_save_stack+0x45/0x70 [ 11.101704] kasan_save_track+0x18/0x40 [ 11.101984] kasan_save_alloc_info+0x3b/0x50 [ 11.102181] __kasan_krealloc+0x190/0x1f0 [ 11.102383] krealloc_noprof+0xf3/0x340 [ 11.102517] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.102703] krealloc_less_oob+0x1c/0x30 [ 11.102917] kunit_try_run_case+0x1a5/0x480 [ 11.103166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.103363] kthread+0x337/0x6f0 [ 11.103481] ret_from_fork+0x116/0x1d0 [ 11.103611] ret_from_fork_asm+0x1a/0x30 [ 11.103745] [ 11.103827] The buggy address belongs to the object at ffff888100a27e00 [ 11.103827] which belongs to the cache kmalloc-256 of size 256 [ 11.104376] The buggy address is located 17 bytes to the right of [ 11.104376] allocated 201-byte region [ffff888100a27e00, ffff888100a27ec9) [ 11.105231] [ 11.105346] The buggy address belongs to the physical page: [ 11.105575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a26 [ 11.105933] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.106160] flags: 0x200000000000040(head|node=0|zone=2) [ 11.106390] page_type: f5(slab) [ 11.106662] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.107011] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.107281] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.107511] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.107887] head: 0200000000000001 ffffea0004028981 00000000ffffffff 00000000ffffffff [ 11.108238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.108682] page dumped because: kasan: bad access detected [ 11.108847] [ 11.109222] Memory state around the buggy address: [ 11.109464] ffff888100a27d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.110289] ffff888100a27e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.110636] >ffff888100a27e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.111202] ^ [ 11.111543] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.112175] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.112477] ================================================================== [ 11.278392] ================================================================== [ 11.278719] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279140] Write of size 1 at addr ffff888102c2e0ea by task kunit_try_catch/179 [ 11.279487] [ 11.279581] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.279641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.279652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.279692] Call Trace: [ 11.279705] <TASK> [ 11.279718] dump_stack_lvl+0x73/0xb0 [ 11.279757] print_report+0xd1/0x650 [ 11.279778] ? __virt_addr_valid+0x1db/0x2d0 [ 11.279801] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279823] ? kasan_addr_to_slab+0x11/0xa0 [ 11.279843] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279867] kasan_report+0x141/0x180 [ 11.279888] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.279924] __asan_report_store1_noabort+0x1b/0x30 [ 11.280008] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.280054] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.280079] ? finish_task_switch.isra.0+0x153/0x700 [ 11.280102] ? __switch_to+0x47/0xf50 [ 11.280126] ? __schedule+0x10cc/0x2b60 [ 11.280148] ? __pfx_read_tsc+0x10/0x10 [ 11.280171] krealloc_large_less_oob+0x1c/0x30 [ 11.280210] kunit_try_run_case+0x1a5/0x480 [ 11.280231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.280250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.280289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.280312] ? __kthread_parkme+0x82/0x180 [ 11.280344] ? preempt_count_sub+0x50/0x80 [ 11.280367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.280400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.280424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.280460] kthread+0x337/0x6f0 [ 11.280479] ? trace_preempt_on+0x20/0xc0 [ 11.280501] ? __pfx_kthread+0x10/0x10 [ 11.280520] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.280541] ? calculate_sigpending+0x7b/0xa0 [ 11.280565] ? __pfx_kthread+0x10/0x10 [ 11.280585] ret_from_fork+0x116/0x1d0 [ 11.280603] ? __pfx_kthread+0x10/0x10 [ 11.280622] ret_from_fork_asm+0x1a/0x30 [ 11.280669] </TASK> [ 11.280679] [ 11.288498] The buggy address belongs to the physical page: [ 11.288786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c2c [ 11.289064] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.289338] flags: 0x200000000000040(head|node=0|zone=2) [ 11.289591] page_type: f8(unknown) [ 11.289767] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.290356] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.290588] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.291098] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.291471] head: 0200000000000002 ffffea00040b0b01 00000000ffffffff 00000000ffffffff [ 11.291774] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.292228] page dumped because: kasan: bad access detected [ 11.292462] [ 11.292555] Memory state around the buggy address: [ 11.292719] ffff888102c2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.293176] ffff888102c2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.293495] >ffff888102c2e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.293758] ^ [ 11.294054] ffff888102c2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.294365] ffff888102c2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.294647] ================================================================== [ 11.056803] ================================================================== [ 11.057619] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.058794] Write of size 1 at addr ffff888100a27ed0 by task kunit_try_catch/175 [ 11.059762] [ 11.060056] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.060136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.060148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.060169] Call Trace: [ 11.060180] <TASK> [ 11.060205] dump_stack_lvl+0x73/0xb0 [ 11.060232] print_report+0xd1/0x650 [ 11.060254] ? __virt_addr_valid+0x1db/0x2d0 [ 11.060276] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.060299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.060321] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.060345] kasan_report+0x141/0x180 [ 11.060366] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.060394] __asan_report_store1_noabort+0x1b/0x30 [ 11.060415] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.060440] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.060464] ? finish_task_switch.isra.0+0x153/0x700 [ 11.060485] ? __switch_to+0x47/0xf50 [ 11.060510] ? __schedule+0x10cc/0x2b60 [ 11.060533] ? __pfx_read_tsc+0x10/0x10 [ 11.060556] krealloc_less_oob+0x1c/0x30 [ 11.060577] kunit_try_run_case+0x1a5/0x480 [ 11.060598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.060617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.060641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.060664] ? __kthread_parkme+0x82/0x180 [ 11.060683] ? preempt_count_sub+0x50/0x80 [ 11.060705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.060725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.060749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.060773] kthread+0x337/0x6f0 [ 11.060791] ? trace_preempt_on+0x20/0xc0 [ 11.060813] ? __pfx_kthread+0x10/0x10 [ 11.060833] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.060855] ? calculate_sigpending+0x7b/0xa0 [ 11.060877] ? __pfx_kthread+0x10/0x10 [ 11.060909] ret_from_fork+0x116/0x1d0 [ 11.060927] ? __pfx_kthread+0x10/0x10 [ 11.060962] ret_from_fork_asm+0x1a/0x30 [ 11.060992] </TASK> [ 11.061002] [ 11.074936] Allocated by task 175: [ 11.075314] kasan_save_stack+0x45/0x70 [ 11.075808] kasan_save_track+0x18/0x40 [ 11.076280] kasan_save_alloc_info+0x3b/0x50 [ 11.076739] __kasan_krealloc+0x190/0x1f0 [ 11.077243] krealloc_noprof+0xf3/0x340 [ 11.077389] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.077551] krealloc_less_oob+0x1c/0x30 [ 11.077790] kunit_try_run_case+0x1a5/0x480 [ 11.078079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.078279] kthread+0x337/0x6f0 [ 11.078402] ret_from_fork+0x116/0x1d0 [ 11.078533] ret_from_fork_asm+0x1a/0x30 [ 11.078670] [ 11.078743] The buggy address belongs to the object at ffff888100a27e00 [ 11.078743] which belongs to the cache kmalloc-256 of size 256 [ 11.079119] The buggy address is located 7 bytes to the right of [ 11.079119] allocated 201-byte region [ffff888100a27e00, ffff888100a27ec9) [ 11.080274] [ 11.080478] The buggy address belongs to the physical page: [ 11.080962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a26 [ 11.081480] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.082270] flags: 0x200000000000040(head|node=0|zone=2) [ 11.082619] page_type: f5(slab) [ 11.083005] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.083561] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.084205] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.084683] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.085263] head: 0200000000000001 ffffea0004028981 00000000ffffffff 00000000ffffffff [ 11.085774] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.086382] page dumped because: kasan: bad access detected [ 11.086621] [ 11.086874] Memory state around the buggy address: [ 11.087525] ffff888100a27d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.088006] ffff888100a27e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.088440] >ffff888100a27e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.088864] ^ [ 11.089416] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.089905] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.090499] ================================================================== [ 11.295030] ================================================================== [ 11.295298] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.295580] Write of size 1 at addr ffff888102c2e0eb by task kunit_try_catch/179 [ 11.295821] [ 11.296178] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.296224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.296234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.296253] Call Trace: [ 11.296265] <TASK> [ 11.296278] dump_stack_lvl+0x73/0xb0 [ 11.296301] print_report+0xd1/0x650 [ 11.296343] ? __virt_addr_valid+0x1db/0x2d0 [ 11.296365] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.296388] ? kasan_addr_to_slab+0x11/0xa0 [ 11.296408] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.296431] kasan_report+0x141/0x180 [ 11.296452] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.296480] __asan_report_store1_noabort+0x1b/0x30 [ 11.296500] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.296525] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.296548] ? finish_task_switch.isra.0+0x153/0x700 [ 11.296571] ? __switch_to+0x47/0xf50 [ 11.296595] ? __schedule+0x10cc/0x2b60 [ 11.296637] ? __pfx_read_tsc+0x10/0x10 [ 11.296660] krealloc_large_less_oob+0x1c/0x30 [ 11.296682] kunit_try_run_case+0x1a5/0x480 [ 11.296702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.296721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.296744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.296768] ? __kthread_parkme+0x82/0x180 [ 11.296786] ? preempt_count_sub+0x50/0x80 [ 11.296809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.296829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.296852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.296875] kthread+0x337/0x6f0 [ 11.296902] ? trace_preempt_on+0x20/0xc0 [ 11.296924] ? __pfx_kthread+0x10/0x10 [ 11.297004] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.297026] ? calculate_sigpending+0x7b/0xa0 [ 11.297054] ? __pfx_kthread+0x10/0x10 [ 11.297074] ret_from_fork+0x116/0x1d0 [ 11.297092] ? __pfx_kthread+0x10/0x10 [ 11.297134] ret_from_fork_asm+0x1a/0x30 [ 11.297163] </TASK> [ 11.297173] [ 11.305398] The buggy address belongs to the physical page: [ 11.305644] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c2c [ 11.306247] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.306596] flags: 0x200000000000040(head|node=0|zone=2) [ 11.306859] page_type: f8(unknown) [ 11.307113] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.307382] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.307784] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.308181] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.308522] head: 0200000000000002 ffffea00040b0b01 00000000ffffffff 00000000ffffffff [ 11.308884] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.309271] page dumped because: kasan: bad access detected [ 11.309526] [ 11.309636] Memory state around the buggy address: [ 11.309827] ffff888102c2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.310277] ffff888102c2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.310556] >ffff888102c2e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.311115] ^ [ 11.311416] ffff888102c2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.311728] ffff888102c2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.312162] ================================================================== [ 11.113336] ================================================================== [ 11.114052] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.114376] Write of size 1 at addr ffff888100a27eea by task kunit_try_catch/175 [ 11.114856] [ 11.115251] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.115300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.115312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.115332] Call Trace: [ 11.115345] <TASK> [ 11.115358] dump_stack_lvl+0x73/0xb0 [ 11.115418] print_report+0xd1/0x650 [ 11.115441] ? __virt_addr_valid+0x1db/0x2d0 [ 11.115463] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115487] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.115509] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115533] kasan_report+0x141/0x180 [ 11.115555] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115582] __asan_report_store1_noabort+0x1b/0x30 [ 11.115602] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.115627] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.115651] ? finish_task_switch.isra.0+0x153/0x700 [ 11.115673] ? __switch_to+0x47/0xf50 [ 11.115697] ? __schedule+0x10cc/0x2b60 [ 11.115720] ? __pfx_read_tsc+0x10/0x10 [ 11.115742] krealloc_less_oob+0x1c/0x30 [ 11.115763] kunit_try_run_case+0x1a5/0x480 [ 11.115783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.115802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.115825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.115848] ? __kthread_parkme+0x82/0x180 [ 11.115867] ? preempt_count_sub+0x50/0x80 [ 11.115888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.115918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.115992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.116018] kthread+0x337/0x6f0 [ 11.116037] ? trace_preempt_on+0x20/0xc0 [ 11.116059] ? __pfx_kthread+0x10/0x10 [ 11.116078] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.116100] ? calculate_sigpending+0x7b/0xa0 [ 11.116123] ? __pfx_kthread+0x10/0x10 [ 11.116143] ret_from_fork+0x116/0x1d0 [ 11.116161] ? __pfx_kthread+0x10/0x10 [ 11.116181] ret_from_fork_asm+0x1a/0x30 [ 11.116209] </TASK> [ 11.116219] [ 11.124589] Allocated by task 175: [ 11.124928] kasan_save_stack+0x45/0x70 [ 11.125126] kasan_save_track+0x18/0x40 [ 11.125380] kasan_save_alloc_info+0x3b/0x50 [ 11.125572] __kasan_krealloc+0x190/0x1f0 [ 11.125754] krealloc_noprof+0xf3/0x340 [ 11.125945] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.126136] krealloc_less_oob+0x1c/0x30 [ 11.126330] kunit_try_run_case+0x1a5/0x480 [ 11.126533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.126905] kthread+0x337/0x6f0 [ 11.127033] ret_from_fork+0x116/0x1d0 [ 11.127166] ret_from_fork_asm+0x1a/0x30 [ 11.127305] [ 11.127375] The buggy address belongs to the object at ffff888100a27e00 [ 11.127375] which belongs to the cache kmalloc-256 of size 256 [ 11.127861] The buggy address is located 33 bytes to the right of [ 11.127861] allocated 201-byte region [ffff888100a27e00, ffff888100a27ec9) [ 11.128466] [ 11.128537] The buggy address belongs to the physical page: [ 11.128914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a26 [ 11.129216] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.129440] flags: 0x200000000000040(head|node=0|zone=2) [ 11.129829] page_type: f5(slab) [ 11.130147] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.130489] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.131124] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.131418] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.131653] head: 0200000000000001 ffffea0004028981 00000000ffffffff 00000000ffffffff [ 11.131890] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.132425] page dumped because: kasan: bad access detected [ 11.132677] [ 11.132816] Memory state around the buggy address: [ 11.133013] ffff888100a27d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.133262] ffff888100a27e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.133473] >ffff888100a27e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.134031] ^ [ 11.134340] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.134615] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.134864] ================================================================== [ 11.241330] ================================================================== [ 11.241828] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.242190] Write of size 1 at addr ffff888102c2e0d0 by task kunit_try_catch/179 [ 11.242472] [ 11.242582] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.242625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.242636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.242655] Call Trace: [ 11.242667] <TASK> [ 11.242679] dump_stack_lvl+0x73/0xb0 [ 11.242702] print_report+0xd1/0x650 [ 11.242723] ? __virt_addr_valid+0x1db/0x2d0 [ 11.242745] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.242768] ? kasan_addr_to_slab+0x11/0xa0 [ 11.242789] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.242812] kasan_report+0x141/0x180 [ 11.242833] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.242861] __asan_report_store1_noabort+0x1b/0x30 [ 11.242882] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.242919] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.242942] ? finish_task_switch.isra.0+0x153/0x700 [ 11.242966] ? __switch_to+0x47/0xf50 [ 11.242989] ? __schedule+0x10cc/0x2b60 [ 11.243011] ? __pfx_read_tsc+0x10/0x10 [ 11.243034] krealloc_large_less_oob+0x1c/0x30 [ 11.243056] kunit_try_run_case+0x1a5/0x480 [ 11.243076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.243106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.243130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.243153] ? __kthread_parkme+0x82/0x180 [ 11.243172] ? preempt_count_sub+0x50/0x80 [ 11.243195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.243215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.243238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.243261] kthread+0x337/0x6f0 [ 11.243279] ? trace_preempt_on+0x20/0xc0 [ 11.243302] ? __pfx_kthread+0x10/0x10 [ 11.243322] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.243343] ? calculate_sigpending+0x7b/0xa0 [ 11.243366] ? __pfx_kthread+0x10/0x10 [ 11.243387] ret_from_fork+0x116/0x1d0 [ 11.243404] ? __pfx_kthread+0x10/0x10 [ 11.243424] ret_from_fork_asm+0x1a/0x30 [ 11.243453] </TASK> [ 11.243462] [ 11.250666] The buggy address belongs to the physical page: [ 11.250944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c2c [ 11.251308] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.251646] flags: 0x200000000000040(head|node=0|zone=2) [ 11.251846] page_type: f8(unknown) [ 11.252023] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.252546] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.252851] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.253388] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.253740] head: 0200000000000002 ffffea00040b0b01 00000000ffffffff 00000000ffffffff [ 11.254088] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.254317] page dumped because: kasan: bad access detected [ 11.254486] [ 11.254553] Memory state around the buggy address: [ 11.254747] ffff888102c2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.255078] ffff888102c2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.255389] >ffff888102c2e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.255740] ^ [ 11.256007] ffff888102c2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.256241] ffff888102c2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.256452] ================================================================== [ 11.135327] ================================================================== [ 11.135651] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.136229] Write of size 1 at addr ffff888100a27eeb by task kunit_try_catch/175 [ 11.136509] [ 11.136615] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.136654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.136665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.136683] Call Trace: [ 11.136695] <TASK> [ 11.136706] dump_stack_lvl+0x73/0xb0 [ 11.136730] print_report+0xd1/0x650 [ 11.136752] ? __virt_addr_valid+0x1db/0x2d0 [ 11.136773] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.136796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.136817] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.136840] kasan_report+0x141/0x180 [ 11.136861] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.136889] __asan_report_store1_noabort+0x1b/0x30 [ 11.136985] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.137011] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.137035] ? finish_task_switch.isra.0+0x153/0x700 [ 11.137065] ? __switch_to+0x47/0xf50 [ 11.137089] ? __schedule+0x10cc/0x2b60 [ 11.137111] ? __pfx_read_tsc+0x10/0x10 [ 11.137134] krealloc_less_oob+0x1c/0x30 [ 11.137156] kunit_try_run_case+0x1a5/0x480 [ 11.137176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.137196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.137219] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.137242] ? __kthread_parkme+0x82/0x180 [ 11.137262] ? preempt_count_sub+0x50/0x80 [ 11.137283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.137304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.137327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.137350] kthread+0x337/0x6f0 [ 11.137369] ? trace_preempt_on+0x20/0xc0 [ 11.137390] ? __pfx_kthread+0x10/0x10 [ 11.137410] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.137431] ? calculate_sigpending+0x7b/0xa0 [ 11.137454] ? __pfx_kthread+0x10/0x10 [ 11.137474] ret_from_fork+0x116/0x1d0 [ 11.137492] ? __pfx_kthread+0x10/0x10 [ 11.137511] ret_from_fork_asm+0x1a/0x30 [ 11.137540] </TASK> [ 11.137550] [ 11.151140] Allocated by task 175: [ 11.151329] kasan_save_stack+0x45/0x70 [ 11.151669] kasan_save_track+0x18/0x40 [ 11.152010] kasan_save_alloc_info+0x3b/0x50 [ 11.152177] __kasan_krealloc+0x190/0x1f0 [ 11.152645] krealloc_noprof+0xf3/0x340 [ 11.152941] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.153460] krealloc_less_oob+0x1c/0x30 [ 11.153680] kunit_try_run_case+0x1a5/0x480 [ 11.153877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.154348] kthread+0x337/0x6f0 [ 11.154682] ret_from_fork+0x116/0x1d0 [ 11.155053] ret_from_fork_asm+0x1a/0x30 [ 11.155235] [ 11.155511] The buggy address belongs to the object at ffff888100a27e00 [ 11.155511] which belongs to the cache kmalloc-256 of size 256 [ 11.156370] The buggy address is located 34 bytes to the right of [ 11.156370] allocated 201-byte region [ffff888100a27e00, ffff888100a27ec9) [ 11.157240] [ 11.157356] The buggy address belongs to the physical page: [ 11.157597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a26 [ 11.158582] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.159074] flags: 0x200000000000040(head|node=0|zone=2) [ 11.159339] page_type: f5(slab) [ 11.159513] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.160183] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.160588] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.161284] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.161676] head: 0200000000000001 ffffea0004028981 00000000ffffffff 00000000ffffffff [ 11.162222] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.162573] page dumped because: kasan: bad access detected [ 11.163292] [ 11.163395] Memory state around the buggy address: [ 11.163588] ffff888100a27d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.164263] ffff888100a27e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.164638] >ffff888100a27e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.165121] ^ [ 11.165427] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.166035] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.166318] ================================================================== [ 11.019120] ================================================================== [ 11.020467] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.020906] Write of size 1 at addr ffff888100a27ec9 by task kunit_try_catch/175 [ 11.021135] [ 11.021219] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.021290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.021301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.021321] Call Trace: [ 11.021450] <TASK> [ 11.021469] dump_stack_lvl+0x73/0xb0 [ 11.021499] print_report+0xd1/0x650 [ 11.021520] ? __virt_addr_valid+0x1db/0x2d0 [ 11.021543] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.021566] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.021591] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.021921] kasan_report+0x141/0x180 [ 11.021975] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.022003] __asan_report_store1_noabort+0x1b/0x30 [ 11.022023] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.022048] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.022071] ? finish_task_switch.isra.0+0x153/0x700 [ 11.022094] ? __switch_to+0x47/0xf50 [ 11.022120] ? __schedule+0x10cc/0x2b60 [ 11.022143] ? __pfx_read_tsc+0x10/0x10 [ 11.022166] krealloc_less_oob+0x1c/0x30 [ 11.022187] kunit_try_run_case+0x1a5/0x480 [ 11.022207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.022226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.022249] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.022273] ? __kthread_parkme+0x82/0x180 [ 11.022292] ? preempt_count_sub+0x50/0x80 [ 11.022314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.022334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.022358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.022382] kthread+0x337/0x6f0 [ 11.022400] ? trace_preempt_on+0x20/0xc0 [ 11.022423] ? __pfx_kthread+0x10/0x10 [ 11.022442] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.022464] ? calculate_sigpending+0x7b/0xa0 [ 11.022487] ? __pfx_kthread+0x10/0x10 [ 11.022507] ret_from_fork+0x116/0x1d0 [ 11.022525] ? __pfx_kthread+0x10/0x10 [ 11.022544] ret_from_fork_asm+0x1a/0x30 [ 11.022573] </TASK> [ 11.022583] [ 11.037738] Allocated by task 175: [ 11.037874] kasan_save_stack+0x45/0x70 [ 11.038317] kasan_save_track+0x18/0x40 [ 11.038778] kasan_save_alloc_info+0x3b/0x50 [ 11.039370] __kasan_krealloc+0x190/0x1f0 [ 11.039916] krealloc_noprof+0xf3/0x340 [ 11.040341] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.040510] krealloc_less_oob+0x1c/0x30 [ 11.040925] kunit_try_run_case+0x1a5/0x480 [ 11.041562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.042300] kthread+0x337/0x6f0 [ 11.042757] ret_from_fork+0x116/0x1d0 [ 11.042906] ret_from_fork_asm+0x1a/0x30 [ 11.043502] [ 11.043808] The buggy address belongs to the object at ffff888100a27e00 [ 11.043808] which belongs to the cache kmalloc-256 of size 256 [ 11.044411] The buggy address is located 0 bytes to the right of [ 11.044411] allocated 201-byte region [ffff888100a27e00, ffff888100a27ec9) [ 11.044765] [ 11.044834] The buggy address belongs to the physical page: [ 11.045280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a26 [ 11.046172] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.046860] flags: 0x200000000000040(head|node=0|zone=2) [ 11.047439] page_type: f5(slab) [ 11.047782] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.048481] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.048936] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.049804] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.050333] head: 0200000000000001 ffffea0004028981 00000000ffffffff 00000000ffffffff [ 11.050562] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.051240] page dumped because: kasan: bad access detected [ 11.051792] [ 11.051961] Memory state around the buggy address: [ 11.052539] ffff888100a27d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.053429] ffff888100a27e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.053663] >ffff888100a27e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.054455] ^ [ 11.055088] ffff888100a27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.055562] ffff888100a27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.055884] ================================================================== [ 11.256861] ================================================================== [ 11.257661] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.258048] Write of size 1 at addr ffff888102c2e0da by task kunit_try_catch/179 [ 11.258342] [ 11.258450] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.258489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.258500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.258518] Call Trace: [ 11.258531] <TASK> [ 11.258544] dump_stack_lvl+0x73/0xb0 [ 11.258567] print_report+0xd1/0x650 [ 11.258588] ? __virt_addr_valid+0x1db/0x2d0 [ 11.258610] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.258642] ? kasan_addr_to_slab+0x11/0xa0 [ 11.258662] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.258686] kasan_report+0x141/0x180 [ 11.258707] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.258734] __asan_report_store1_noabort+0x1b/0x30 [ 11.258754] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.258779] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.258802] ? finish_task_switch.isra.0+0x153/0x700 [ 11.258825] ? __switch_to+0x47/0xf50 [ 11.258849] ? __schedule+0x10cc/0x2b60 [ 11.258871] ? __pfx_read_tsc+0x10/0x10 [ 11.258906] krealloc_large_less_oob+0x1c/0x30 [ 11.258928] kunit_try_run_case+0x1a5/0x480 [ 11.258994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.259014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.259037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.259060] ? __kthread_parkme+0x82/0x180 [ 11.259079] ? preempt_count_sub+0x50/0x80 [ 11.259102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.259122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.259145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.259169] kthread+0x337/0x6f0 [ 11.259187] ? trace_preempt_on+0x20/0xc0 [ 11.259208] ? __pfx_kthread+0x10/0x10 [ 11.259228] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.259249] ? calculate_sigpending+0x7b/0xa0 [ 11.259272] ? __pfx_kthread+0x10/0x10 [ 11.259292] ret_from_fork+0x116/0x1d0 [ 11.259310] ? __pfx_kthread+0x10/0x10 [ 11.259331] ret_from_fork_asm+0x1a/0x30 [ 11.259360] </TASK> [ 11.259370] [ 11.270794] The buggy address belongs to the physical page: [ 11.271219] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c2c [ 11.271678] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.272135] flags: 0x200000000000040(head|node=0|zone=2) [ 11.272452] page_type: f8(unknown) [ 11.272689] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.273132] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.273735] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.274158] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.274496] head: 0200000000000002 ffffea00040b0b01 00000000ffffffff 00000000ffffffff [ 11.274865] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.275258] page dumped because: kasan: bad access detected [ 11.275490] [ 11.275581] Memory state around the buggy address: [ 11.275793] ffff888102c2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.276189] ffff888102c2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.276510] >ffff888102c2e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.276859] ^ [ 11.277200] ffff888102c2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.277492] ffff888102c2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.277818] ================================================================== [ 11.224712] ================================================================== [ 11.225461] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.225789] Write of size 1 at addr ffff888102c2e0c9 by task kunit_try_catch/179 [ 11.226095] [ 11.226443] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.226490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.226501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.226521] Call Trace: [ 11.226532] <TASK> [ 11.226546] dump_stack_lvl+0x73/0xb0 [ 11.226574] print_report+0xd1/0x650 [ 11.226595] ? __virt_addr_valid+0x1db/0x2d0 [ 11.226618] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.226641] ? kasan_addr_to_slab+0x11/0xa0 [ 11.226661] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.226695] kasan_report+0x141/0x180 [ 11.226717] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.226744] __asan_report_store1_noabort+0x1b/0x30 [ 11.226764] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.226789] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.226813] ? finish_task_switch.isra.0+0x153/0x700 [ 11.226835] ? __switch_to+0x47/0xf50 [ 11.226861] ? __schedule+0x10cc/0x2b60 [ 11.226883] ? __pfx_read_tsc+0x10/0x10 [ 11.226921] krealloc_large_less_oob+0x1c/0x30 [ 11.226991] kunit_try_run_case+0x1a5/0x480 [ 11.227015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.227034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.227058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.227082] ? __kthread_parkme+0x82/0x180 [ 11.227101] ? preempt_count_sub+0x50/0x80 [ 11.227126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.227146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.227170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.227193] kthread+0x337/0x6f0 [ 11.227211] ? trace_preempt_on+0x20/0xc0 [ 11.227233] ? __pfx_kthread+0x10/0x10 [ 11.227253] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.227274] ? calculate_sigpending+0x7b/0xa0 [ 11.227324] ? __pfx_kthread+0x10/0x10 [ 11.227345] ret_from_fork+0x116/0x1d0 [ 11.227362] ? __pfx_kthread+0x10/0x10 [ 11.227382] ret_from_fork_asm+0x1a/0x30 [ 11.227411] </TASK> [ 11.227422] [ 11.235079] The buggy address belongs to the physical page: [ 11.235346] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c2c [ 11.235715] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.236085] flags: 0x200000000000040(head|node=0|zone=2) [ 11.236283] page_type: f8(unknown) [ 11.236462] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.236799] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.237306] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.237624] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.237961] head: 0200000000000002 ffffea00040b0b01 00000000ffffffff 00000000ffffffff [ 11.238247] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.238474] page dumped because: kasan: bad access detected [ 11.238650] [ 11.238741] Memory state around the buggy address: [ 11.239117] ffff888102c2df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.239436] ffff888102c2e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.239858] >ffff888102c2e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.240228] ^ [ 11.240440] ffff888102c2e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.240655] ffff888102c2e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.240950] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
Automatically assigned
[ 10.974220] ================================================================== [ 10.974653] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.975201] Write of size 1 at addr ffff8881003526eb by task kunit_try_catch/173 [ 10.975484] [ 10.975593] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.975634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.975645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.975664] Call Trace: [ 10.975673] <TASK> [ 10.975686] dump_stack_lvl+0x73/0xb0 [ 10.975710] print_report+0xd1/0x650 [ 10.975731] ? __virt_addr_valid+0x1db/0x2d0 [ 10.975752] ? krealloc_more_oob_helper+0x821/0x930 [ 10.975775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.975797] ? krealloc_more_oob_helper+0x821/0x930 [ 10.975821] kasan_report+0x141/0x180 [ 10.975868] ? krealloc_more_oob_helper+0x821/0x930 [ 10.975908] __asan_report_store1_noabort+0x1b/0x30 [ 10.975929] krealloc_more_oob_helper+0x821/0x930 [ 10.975951] ? __schedule+0x10cc/0x2b60 [ 10.975973] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.975999] ? __kasan_check_write+0x18/0x20 [ 10.976018] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.976043] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 10.976068] ? __pfx_read_tsc+0x10/0x10 [ 10.976091] krealloc_more_oob+0x1c/0x30 [ 10.976112] kunit_try_run_case+0x1a5/0x480 [ 10.976132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.976152] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 10.976175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.976198] ? __kthread_parkme+0x82/0x180 [ 10.976218] ? preempt_count_sub+0x50/0x80 [ 10.976240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.976260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.976283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.976307] kthread+0x337/0x6f0 [ 10.976325] ? trace_preempt_on+0x20/0xc0 [ 10.976347] ? __pfx_kthread+0x10/0x10 [ 10.976366] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.976388] ? calculate_sigpending+0x7b/0xa0 [ 10.976411] ? __pfx_kthread+0x10/0x10 [ 10.976431] ret_from_fork+0x116/0x1d0 [ 10.976456] ? __pfx_kthread+0x10/0x10 [ 10.976475] ret_from_fork_asm+0x1a/0x30 [ 10.976505] </TASK> [ 10.976514] [ 10.984454] Allocated by task 173: [ 10.984615] kasan_save_stack+0x45/0x70 [ 10.984831] kasan_save_track+0x18/0x40 [ 10.985033] kasan_save_alloc_info+0x3b/0x50 [ 10.985334] __kasan_krealloc+0x190/0x1f0 [ 10.985748] krealloc_noprof+0xf3/0x340 [ 10.985998] krealloc_more_oob_helper+0x1a9/0x930 [ 10.986177] krealloc_more_oob+0x1c/0x30 [ 10.986331] kunit_try_run_case+0x1a5/0x480 [ 10.986535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.986814] kthread+0x337/0x6f0 [ 10.986946] ret_from_fork+0x116/0x1d0 [ 10.987078] ret_from_fork_asm+0x1a/0x30 [ 10.987215] [ 10.987285] The buggy address belongs to the object at ffff888100352600 [ 10.987285] which belongs to the cache kmalloc-256 of size 256 [ 10.987836] The buggy address is located 0 bytes to the right of [ 10.987836] allocated 235-byte region [ffff888100352600, ffff8881003526eb) [ 10.988552] [ 10.988627] The buggy address belongs to the physical page: [ 10.988875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 10.989155] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.989381] flags: 0x200000000000040(head|node=0|zone=2) [ 10.989966] page_type: f5(slab) [ 10.990141] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.990502] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.991097] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.991384] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.991775] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 10.992019] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.992261] page dumped because: kasan: bad access detected [ 10.992513] [ 10.992609] Memory state around the buggy address: [ 10.992844] ffff888100352580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.993175] ffff888100352600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.993450] >ffff888100352680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.993663] ^ [ 10.993912] ffff888100352700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.994235] ffff888100352780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.994556] ================================================================== [ 11.198101] ================================================================== [ 11.198338] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.198577] Write of size 1 at addr ffff88810241a0f0 by task kunit_try_catch/177 [ 11.199182] [ 11.199382] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.199423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.199433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.199453] Call Trace: [ 11.199463] <TASK> [ 11.199476] dump_stack_lvl+0x73/0xb0 [ 11.199500] print_report+0xd1/0x650 [ 11.199521] ? __virt_addr_valid+0x1db/0x2d0 [ 11.199542] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.199565] ? kasan_addr_to_slab+0x11/0xa0 [ 11.199585] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.199609] kasan_report+0x141/0x180 [ 11.199644] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.199672] __asan_report_store1_noabort+0x1b/0x30 [ 11.199692] krealloc_more_oob_helper+0x7eb/0x930 [ 11.199713] ? __schedule+0x10cc/0x2b60 [ 11.199736] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.199759] ? finish_task_switch.isra.0+0x153/0x700 [ 11.199780] ? __switch_to+0x47/0xf50 [ 11.199804] ? __schedule+0x10cc/0x2b60 [ 11.199825] ? __pfx_read_tsc+0x10/0x10 [ 11.199848] krealloc_large_more_oob+0x1c/0x30 [ 11.199870] kunit_try_run_case+0x1a5/0x480 [ 11.199890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.199918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.199942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.199965] ? __kthread_parkme+0x82/0x180 [ 11.199984] ? preempt_count_sub+0x50/0x80 [ 11.200006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.200026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.200049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.200072] kthread+0x337/0x6f0 [ 11.200090] ? trace_preempt_on+0x20/0xc0 [ 11.200111] ? __pfx_kthread+0x10/0x10 [ 11.200131] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.200153] ? calculate_sigpending+0x7b/0xa0 [ 11.200176] ? __pfx_kthread+0x10/0x10 [ 11.200196] ret_from_fork+0x116/0x1d0 [ 11.200214] ? __pfx_kthread+0x10/0x10 [ 11.200233] ret_from_fork_asm+0x1a/0x30 [ 11.200272] </TASK> [ 11.200281] [ 11.213885] The buggy address belongs to the physical page: [ 11.214386] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102418 [ 11.214653] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.214972] flags: 0x200000000000040(head|node=0|zone=2) [ 11.215341] page_type: f8(unknown) [ 11.215520] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.215809] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.216186] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.216488] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.216928] head: 0200000000000002 ffffea0004090601 00000000ffffffff 00000000ffffffff [ 11.217322] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.217617] page dumped because: kasan: bad access detected [ 11.217807] [ 11.217876] Memory state around the buggy address: [ 11.218107] ffff888102419f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.218706] ffff88810241a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.218979] >ffff88810241a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.219304] ^ [ 11.219573] ffff88810241a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.219939] ffff88810241a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.220322] ================================================================== [ 10.995030] ================================================================== [ 10.995392] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.995709] Write of size 1 at addr ffff8881003526f0 by task kunit_try_catch/173 [ 10.996006] [ 10.996086] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.996127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.996137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.996156] Call Trace: [ 10.996170] <TASK> [ 10.996183] dump_stack_lvl+0x73/0xb0 [ 10.996206] print_report+0xd1/0x650 [ 10.996226] ? __virt_addr_valid+0x1db/0x2d0 [ 10.996248] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.996271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.996293] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.996317] kasan_report+0x141/0x180 [ 10.996521] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.996557] __asan_report_store1_noabort+0x1b/0x30 [ 10.996577] krealloc_more_oob_helper+0x7eb/0x930 [ 10.996600] ? __schedule+0x10cc/0x2b60 [ 10.996623] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.996648] ? __kasan_check_write+0x18/0x20 [ 10.996667] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.996693] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 10.996718] ? __pfx_read_tsc+0x10/0x10 [ 10.996742] krealloc_more_oob+0x1c/0x30 [ 10.996763] kunit_try_run_case+0x1a5/0x480 [ 10.996793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.996812] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 10.996835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.996858] ? __kthread_parkme+0x82/0x180 [ 10.996878] ? preempt_count_sub+0x50/0x80 [ 10.996915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.996935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.996959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.996983] kthread+0x337/0x6f0 [ 10.997001] ? trace_preempt_on+0x20/0xc0 [ 10.997022] ? __pfx_kthread+0x10/0x10 [ 10.997046] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.997069] ? calculate_sigpending+0x7b/0xa0 [ 10.997091] ? __pfx_kthread+0x10/0x10 [ 10.997112] ret_from_fork+0x116/0x1d0 [ 10.997130] ? __pfx_kthread+0x10/0x10 [ 10.997150] ret_from_fork_asm+0x1a/0x30 [ 10.997180] </TASK> [ 10.997189] [ 11.005924] Allocated by task 173: [ 11.006159] kasan_save_stack+0x45/0x70 [ 11.006339] kasan_save_track+0x18/0x40 [ 11.006507] kasan_save_alloc_info+0x3b/0x50 [ 11.006722] __kasan_krealloc+0x190/0x1f0 [ 11.006933] krealloc_noprof+0xf3/0x340 [ 11.007150] krealloc_more_oob_helper+0x1a9/0x930 [ 11.007340] krealloc_more_oob+0x1c/0x30 [ 11.007478] kunit_try_run_case+0x1a5/0x480 [ 11.007620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.007874] kthread+0x337/0x6f0 [ 11.008112] ret_from_fork+0x116/0x1d0 [ 11.008302] ret_from_fork_asm+0x1a/0x30 [ 11.008505] [ 11.008592] The buggy address belongs to the object at ffff888100352600 [ 11.008592] which belongs to the cache kmalloc-256 of size 256 [ 11.009289] The buggy address is located 5 bytes to the right of [ 11.009289] allocated 235-byte region [ffff888100352600, ffff8881003526eb) [ 11.009659] [ 11.009755] The buggy address belongs to the physical page: [ 11.010177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100352 [ 11.010543] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.010857] flags: 0x200000000000040(head|node=0|zone=2) [ 11.011148] page_type: f5(slab) [ 11.011297] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.011526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.012006] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.012309] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.012538] head: 0200000000000001 ffffea000400d481 00000000ffffffff 00000000ffffffff [ 11.012903] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.013363] page dumped because: kasan: bad access detected [ 11.013546] [ 11.013616] Memory state around the buggy address: [ 11.013766] ffff888100352580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.014188] ffff888100352600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.014518] >ffff888100352680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.015108] ^ [ 11.015427] ffff888100352700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.015664] ffff888100352780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.015875] ================================================================== [ 11.171465] ================================================================== [ 11.171929] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.172175] Write of size 1 at addr ffff88810241a0eb by task kunit_try_catch/177 [ 11.172837] [ 11.173074] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.173133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.173145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.173165] Call Trace: [ 11.173177] <TASK> [ 11.173192] dump_stack_lvl+0x73/0xb0 [ 11.173218] print_report+0xd1/0x650 [ 11.173242] ? __virt_addr_valid+0x1db/0x2d0 [ 11.173267] ? krealloc_more_oob_helper+0x821/0x930 [ 11.173291] ? kasan_addr_to_slab+0x11/0xa0 [ 11.173312] ? krealloc_more_oob_helper+0x821/0x930 [ 11.173337] kasan_report+0x141/0x180 [ 11.173359] ? krealloc_more_oob_helper+0x821/0x930 [ 11.173387] __asan_report_store1_noabort+0x1b/0x30 [ 11.173408] krealloc_more_oob_helper+0x821/0x930 [ 11.173431] ? __schedule+0x10cc/0x2b60 [ 11.173453] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.173477] ? finish_task_switch.isra.0+0x153/0x700 [ 11.173498] ? __switch_to+0x47/0xf50 [ 11.173524] ? __schedule+0x10cc/0x2b60 [ 11.173547] ? __pfx_read_tsc+0x10/0x10 [ 11.173571] krealloc_large_more_oob+0x1c/0x30 [ 11.173593] kunit_try_run_case+0x1a5/0x480 [ 11.173613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.173631] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.173655] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.173679] ? __kthread_parkme+0x82/0x180 [ 11.173698] ? preempt_count_sub+0x50/0x80 [ 11.173719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.173739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.173762] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.173786] kthread+0x337/0x6f0 [ 11.173804] ? trace_preempt_on+0x20/0xc0 [ 11.173826] ? __pfx_kthread+0x10/0x10 [ 11.173845] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.173867] ? calculate_sigpending+0x7b/0xa0 [ 11.173889] ? __pfx_kthread+0x10/0x10 [ 11.173921] ret_from_fork+0x116/0x1d0 [ 11.173938] ? __pfx_kthread+0x10/0x10 [ 11.173969] ret_from_fork_asm+0x1a/0x30 [ 11.173998] </TASK> [ 11.174009] [ 11.188562] The buggy address belongs to the physical page: [ 11.188832] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102418 [ 11.189625] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.190531] flags: 0x200000000000040(head|node=0|zone=2) [ 11.190799] page_type: f8(unknown) [ 11.190942] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.191173] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.191405] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.191635] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.191950] head: 0200000000000002 ffffea0004090601 00000000ffffffff 00000000ffffffff [ 11.192678] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.193268] page dumped because: kasan: bad access detected [ 11.193443] [ 11.193512] Memory state around the buggy address: [ 11.193686] ffff888102419f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.194332] ffff88810241a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.195189] >ffff88810241a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.195909] ^ [ 11.196538] ffff88810241a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.197009] ffff88810241a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.197679] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
Automatically assigned
[ 10.738192] ================================================================== [ 10.738652] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.738992] Read of size 1 at addr ffff888102c05000 by task kunit_try_catch/157 [ 10.739310] [ 10.739421] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.739466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.739478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.739498] Call Trace: [ 10.739512] <TASK> [ 10.739527] dump_stack_lvl+0x73/0xb0 [ 10.739552] print_report+0xd1/0x650 [ 10.739573] ? __virt_addr_valid+0x1db/0x2d0 [ 10.739596] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.739618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.739639] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.739662] kasan_report+0x141/0x180 [ 10.739683] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.739710] __asan_report_load1_noabort+0x18/0x20 [ 10.740201] kmalloc_node_oob_right+0x369/0x3c0 [ 10.740236] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.740260] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 10.740289] ? trace_hardirqs_on+0x37/0xe0 [ 10.740314] ? __pfx_read_tsc+0x10/0x10 [ 10.740335] ? ktime_get_ts64+0x86/0x230 [ 10.740358] kunit_try_run_case+0x1a5/0x480 [ 10.740379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.740400] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.740425] ? __kthread_parkme+0x82/0x180 [ 10.740445] ? preempt_count_sub+0x50/0x80 [ 10.740468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.740488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.740511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.740535] kthread+0x337/0x6f0 [ 10.740553] ? trace_preempt_on+0x20/0xc0 [ 10.740574] ? __pfx_kthread+0x10/0x10 [ 10.740593] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.740636] ? calculate_sigpending+0x7b/0xa0 [ 10.740660] ? __pfx_kthread+0x10/0x10 [ 10.740680] ret_from_fork+0x116/0x1d0 [ 10.740698] ? __pfx_kthread+0x10/0x10 [ 10.740718] ret_from_fork_asm+0x1a/0x30 [ 10.740747] </TASK> [ 10.740758] [ 10.752061] Allocated by task 157: [ 10.752478] kasan_save_stack+0x45/0x70 [ 10.752670] kasan_save_track+0x18/0x40 [ 10.752860] kasan_save_alloc_info+0x3b/0x50 [ 10.753292] __kasan_kmalloc+0xb7/0xc0 [ 10.753606] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.754090] kmalloc_node_oob_right+0xab/0x3c0 [ 10.754279] kunit_try_run_case+0x1a5/0x480 [ 10.754598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.754837] kthread+0x337/0x6f0 [ 10.755350] ret_from_fork+0x116/0x1d0 [ 10.755547] ret_from_fork_asm+0x1a/0x30 [ 10.756054] [ 10.756316] The buggy address belongs to the object at ffff888102c04000 [ 10.756316] which belongs to the cache kmalloc-4k of size 4096 [ 10.757090] The buggy address is located 0 bytes to the right of [ 10.757090] allocated 4096-byte region [ffff888102c04000, ffff888102c05000) [ 10.758044] [ 10.758145] The buggy address belongs to the physical page: [ 10.758435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c00 [ 10.759230] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.759534] flags: 0x200000000000040(head|node=0|zone=2) [ 10.759857] page_type: f5(slab) [ 10.760176] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.760658] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.760963] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.761587] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.762020] head: 0200000000000003 ffffea00040b0001 00000000ffffffff 00000000ffffffff [ 10.762502] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.762931] page dumped because: kasan: bad access detected [ 10.763170] [ 10.763451] Memory state around the buggy address: [ 10.763621] ffff888102c04f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.764071] ffff888102c04f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.764493] >ffff888102c05000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.764787] ^ [ 10.765087] ffff888102c05080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.765347] ffff888102c05100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.765600] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
Automatically assigned
[ 10.702359] ================================================================== [ 10.703165] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.703539] Read of size 1 at addr ffff888102ae90bf by task kunit_try_catch/155 [ 10.704112] [ 10.704577] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.704627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.704638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.704660] Call Trace: [ 10.704670] <TASK> [ 10.704687] dump_stack_lvl+0x73/0xb0 [ 10.704715] print_report+0xd1/0x650 [ 10.704736] ? __virt_addr_valid+0x1db/0x2d0 [ 10.704759] ? kmalloc_oob_left+0x361/0x3c0 [ 10.704780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.704801] ? kmalloc_oob_left+0x361/0x3c0 [ 10.704822] kasan_report+0x141/0x180 [ 10.704843] ? kmalloc_oob_left+0x361/0x3c0 [ 10.704868] __asan_report_load1_noabort+0x18/0x20 [ 10.704905] kmalloc_oob_left+0x361/0x3c0 [ 10.704927] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.704948] ? __schedule+0x10cc/0x2b60 [ 10.704972] ? __pfx_read_tsc+0x10/0x10 [ 10.704993] ? ktime_get_ts64+0x86/0x230 [ 10.705049] kunit_try_run_case+0x1a5/0x480 [ 10.705071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.705090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.705114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.705146] ? __kthread_parkme+0x82/0x180 [ 10.705166] ? preempt_count_sub+0x50/0x80 [ 10.705189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.705209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.705233] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.705256] kthread+0x337/0x6f0 [ 10.705274] ? trace_preempt_on+0x20/0xc0 [ 10.705297] ? __pfx_kthread+0x10/0x10 [ 10.705317] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.705338] ? calculate_sigpending+0x7b/0xa0 [ 10.705362] ? __pfx_kthread+0x10/0x10 [ 10.705382] ret_from_fork+0x116/0x1d0 [ 10.705399] ? __pfx_kthread+0x10/0x10 [ 10.705419] ret_from_fork_asm+0x1a/0x30 [ 10.705449] </TASK> [ 10.705459] [ 10.717675] Allocated by task 1: [ 10.718009] kasan_save_stack+0x45/0x70 [ 10.718452] kasan_save_track+0x18/0x40 [ 10.718808] kasan_save_alloc_info+0x3b/0x50 [ 10.718994] __kasan_kmalloc+0xb7/0xc0 [ 10.719694] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.720346] kvasprintf+0xc5/0x150 [ 10.720518] __kthread_create_on_node+0x18b/0x3a0 [ 10.721074] kthread_create_on_node+0xab/0xe0 [ 10.721265] create_worker+0x3e5/0x7b0 [ 10.721639] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.721924] apply_wqattrs_prepare+0x332/0xd20 [ 10.722479] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.722709] alloc_workqueue+0xcc7/0x1ad0 [ 10.722847] latency_fsnotify_init+0x1b/0x50 [ 10.723274] do_one_initcall+0xd8/0x370 [ 10.723626] kernel_init_freeable+0x420/0x6f0 [ 10.724141] kernel_init+0x23/0x1e0 [ 10.724482] ret_from_fork+0x116/0x1d0 [ 10.724851] ret_from_fork_asm+0x1a/0x30 [ 10.725322] [ 10.725410] The buggy address belongs to the object at ffff888102ae90a0 [ 10.725410] which belongs to the cache kmalloc-16 of size 16 [ 10.725782] The buggy address is located 18 bytes to the right of [ 10.725782] allocated 13-byte region [ffff888102ae90a0, ffff888102ae90ad) [ 10.726592] [ 10.726761] The buggy address belongs to the physical page: [ 10.727483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 10.728250] flags: 0x200000000000000(node=0|zone=2) [ 10.728420] page_type: f5(slab) [ 10.728540] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.729089] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.729903] page dumped because: kasan: bad access detected [ 10.730464] [ 10.730628] Memory state around the buggy address: [ 10.731260] ffff888102ae8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.731805] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 10.732263] >ffff888102ae9080: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 10.732938] ^ [ 10.733413] ffff888102ae9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.733641] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.733854] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
Automatically assigned
[ 10.658529] ================================================================== [ 10.658860] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.659288] Write of size 1 at addr ffff88810276e378 by task kunit_try_catch/153 [ 10.659627] [ 10.659736] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.659779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.659809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.659830] Call Trace: [ 10.659842] <TASK> [ 10.659856] dump_stack_lvl+0x73/0xb0 [ 10.659905] print_report+0xd1/0x650 [ 10.659927] ? __virt_addr_valid+0x1db/0x2d0 [ 10.659950] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.660034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.660058] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.660080] kasan_report+0x141/0x180 [ 10.660101] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.660127] __asan_report_store1_noabort+0x1b/0x30 [ 10.660147] kmalloc_oob_right+0x6bd/0x7f0 [ 10.660169] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.660191] ? __schedule+0x10cc/0x2b60 [ 10.660213] ? __pfx_read_tsc+0x10/0x10 [ 10.660233] ? ktime_get_ts64+0x86/0x230 [ 10.660277] kunit_try_run_case+0x1a5/0x480 [ 10.660298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.660317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.660341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.660364] ? __kthread_parkme+0x82/0x180 [ 10.660384] ? preempt_count_sub+0x50/0x80 [ 10.660407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.660428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.660453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.660477] kthread+0x337/0x6f0 [ 10.660495] ? trace_preempt_on+0x20/0xc0 [ 10.660518] ? __pfx_kthread+0x10/0x10 [ 10.660538] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.660559] ? calculate_sigpending+0x7b/0xa0 [ 10.660583] ? __pfx_kthread+0x10/0x10 [ 10.660603] ret_from_fork+0x116/0x1d0 [ 10.660621] ? __pfx_kthread+0x10/0x10 [ 10.660641] ret_from_fork_asm+0x1a/0x30 [ 10.660670] </TASK> [ 10.660680] [ 10.667661] Allocated by task 153: [ 10.667839] kasan_save_stack+0x45/0x70 [ 10.668252] kasan_save_track+0x18/0x40 [ 10.668450] kasan_save_alloc_info+0x3b/0x50 [ 10.668656] __kasan_kmalloc+0xb7/0xc0 [ 10.668994] __kmalloc_cache_noprof+0x189/0x420 [ 10.669159] kmalloc_oob_right+0xa9/0x7f0 [ 10.669300] kunit_try_run_case+0x1a5/0x480 [ 10.669464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.669816] kthread+0x337/0x6f0 [ 10.670021] ret_from_fork+0x116/0x1d0 [ 10.670223] ret_from_fork_asm+0x1a/0x30 [ 10.670402] [ 10.670481] The buggy address belongs to the object at ffff88810276e300 [ 10.670481] which belongs to the cache kmalloc-128 of size 128 [ 10.671113] The buggy address is located 5 bytes to the right of [ 10.671113] allocated 115-byte region [ffff88810276e300, ffff88810276e373) [ 10.671881] [ 10.671987] The buggy address belongs to the physical page: [ 10.672236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 10.672563] flags: 0x200000000000000(node=0|zone=2) [ 10.672724] page_type: f5(slab) [ 10.672843] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.673087] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.673471] page dumped because: kasan: bad access detected [ 10.673919] [ 10.674016] Memory state around the buggy address: [ 10.674237] ffff88810276e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.674583] ffff88810276e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.674833] >ffff88810276e300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.675054] ^ [ 10.675478] ffff88810276e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.676043] ffff88810276e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.676311] ================================================================== [ 10.631568] ================================================================== [ 10.632405] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.633280] Write of size 1 at addr ffff88810276e373 by task kunit_try_catch/153 [ 10.633627] [ 10.634701] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.635076] Tainted: [N]=TEST [ 10.635108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.635326] Call Trace: [ 10.635389] <TASK> [ 10.635528] dump_stack_lvl+0x73/0xb0 [ 10.635612] print_report+0xd1/0x650 [ 10.635692] ? __virt_addr_valid+0x1db/0x2d0 [ 10.635721] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.635742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.635764] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.635785] kasan_report+0x141/0x180 [ 10.635807] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.635833] __asan_report_store1_noabort+0x1b/0x30 [ 10.635853] kmalloc_oob_right+0x6f0/0x7f0 [ 10.635875] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.635919] ? __schedule+0x10cc/0x2b60 [ 10.636149] ? __pfx_read_tsc+0x10/0x10 [ 10.636182] ? ktime_get_ts64+0x86/0x230 [ 10.636208] kunit_try_run_case+0x1a5/0x480 [ 10.636232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.636251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.636276] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.636299] ? __kthread_parkme+0x82/0x180 [ 10.636320] ? preempt_count_sub+0x50/0x80 [ 10.636344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.636364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.636388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.636411] kthread+0x337/0x6f0 [ 10.636430] ? trace_preempt_on+0x20/0xc0 [ 10.636454] ? __pfx_kthread+0x10/0x10 [ 10.636473] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.636495] ? calculate_sigpending+0x7b/0xa0 [ 10.636519] ? __pfx_kthread+0x10/0x10 [ 10.636540] ret_from_fork+0x116/0x1d0 [ 10.636557] ? __pfx_kthread+0x10/0x10 [ 10.636577] ret_from_fork_asm+0x1a/0x30 [ 10.636640] </TASK> [ 10.636708] [ 10.644791] Allocated by task 153: [ 10.645275] kasan_save_stack+0x45/0x70 [ 10.645461] kasan_save_track+0x18/0x40 [ 10.645600] kasan_save_alloc_info+0x3b/0x50 [ 10.645818] __kasan_kmalloc+0xb7/0xc0 [ 10.646155] __kmalloc_cache_noprof+0x189/0x420 [ 10.646388] kmalloc_oob_right+0xa9/0x7f0 [ 10.646633] kunit_try_run_case+0x1a5/0x480 [ 10.646858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.647137] kthread+0x337/0x6f0 [ 10.647412] ret_from_fork+0x116/0x1d0 [ 10.647795] ret_from_fork_asm+0x1a/0x30 [ 10.648159] [ 10.648365] The buggy address belongs to the object at ffff88810276e300 [ 10.648365] which belongs to the cache kmalloc-128 of size 128 [ 10.649035] The buggy address is located 0 bytes to the right of [ 10.649035] allocated 115-byte region [ffff88810276e300, ffff88810276e373) [ 10.649759] [ 10.649995] The buggy address belongs to the physical page: [ 10.650590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 10.651279] flags: 0x200000000000000(node=0|zone=2) [ 10.651928] page_type: f5(slab) [ 10.652751] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.653197] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.653584] page dumped because: kasan: bad access detected [ 10.653985] [ 10.654110] Memory state around the buggy address: [ 10.654680] ffff88810276e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.655143] ffff88810276e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.655466] >ffff88810276e300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.655849] ^ [ 10.656334] ffff88810276e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.656629] ffff88810276e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.657187] ================================================================== [ 10.676681] ================================================================== [ 10.677127] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.677966] Read of size 1 at addr ffff88810276e380 by task kunit_try_catch/153 [ 10.678263] [ 10.678565] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.678608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.678619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.678638] Call Trace: [ 10.678650] <TASK> [ 10.678663] dump_stack_lvl+0x73/0xb0 [ 10.678687] print_report+0xd1/0x650 [ 10.678709] ? __virt_addr_valid+0x1db/0x2d0 [ 10.678731] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.678752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.678773] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.678795] kasan_report+0x141/0x180 [ 10.678816] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.678842] __asan_report_load1_noabort+0x18/0x20 [ 10.678866] kmalloc_oob_right+0x68a/0x7f0 [ 10.678888] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.678924] ? __schedule+0x10cc/0x2b60 [ 10.679189] ? __pfx_read_tsc+0x10/0x10 [ 10.679213] ? ktime_get_ts64+0x86/0x230 [ 10.679237] kunit_try_run_case+0x1a5/0x480 [ 10.679259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.679277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.679301] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.679325] ? __kthread_parkme+0x82/0x180 [ 10.679344] ? preempt_count_sub+0x50/0x80 [ 10.679367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.679387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.679411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.679434] kthread+0x337/0x6f0 [ 10.679453] ? trace_preempt_on+0x20/0xc0 [ 10.679474] ? __pfx_kthread+0x10/0x10 [ 10.679494] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.679516] ? calculate_sigpending+0x7b/0xa0 [ 10.679539] ? __pfx_kthread+0x10/0x10 [ 10.679560] ret_from_fork+0x116/0x1d0 [ 10.679578] ? __pfx_kthread+0x10/0x10 [ 10.679597] ret_from_fork_asm+0x1a/0x30 [ 10.679626] </TASK> [ 10.679637] [ 10.689452] Allocated by task 153: [ 10.689807] kasan_save_stack+0x45/0x70 [ 10.690070] kasan_save_track+0x18/0x40 [ 10.690299] kasan_save_alloc_info+0x3b/0x50 [ 10.690466] __kasan_kmalloc+0xb7/0xc0 [ 10.690645] __kmalloc_cache_noprof+0x189/0x420 [ 10.691141] kmalloc_oob_right+0xa9/0x7f0 [ 10.691325] kunit_try_run_case+0x1a5/0x480 [ 10.691623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.692070] kthread+0x337/0x6f0 [ 10.692204] ret_from_fork+0x116/0x1d0 [ 10.692396] ret_from_fork_asm+0x1a/0x30 [ 10.692555] [ 10.692645] The buggy address belongs to the object at ffff88810276e300 [ 10.692645] which belongs to the cache kmalloc-128 of size 128 [ 10.693522] The buggy address is located 13 bytes to the right of [ 10.693522] allocated 115-byte region [ffff88810276e300, ffff88810276e373) [ 10.694317] [ 10.694405] The buggy address belongs to the physical page: [ 10.694648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 10.695199] flags: 0x200000000000000(node=0|zone=2) [ 10.695390] page_type: f5(slab) [ 10.695696] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.696043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.696491] page dumped because: kasan: bad access detected [ 10.696700] [ 10.696890] Memory state around the buggy address: [ 10.697307] ffff88810276e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.697599] ffff88810276e300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.698035] >ffff88810276e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.698482] ^ [ 10.698758] ffff88810276e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.699210] ffff88810276e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.699596] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale: Failure
Automatically assigned
------------[ cut here ]------------ [ 144.645337] WARNING: CPU: 0 PID: 2819 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.646556] Modules linked in: [ 144.647184] CPU: 0 UID: 0 PID: 2819 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 144.648170] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.648837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.649518] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.649832] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 d0 b8 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.650825] RSP: 0000:ffff8881094bfc78 EFLAGS: 00010286 [ 144.651166] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.651456] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb8e3ca54 [ 144.651800] RBP: ffff8881094bfca0 R08: 0000000000000000 R09: ffffed1020edb560 [ 144.652127] R10: ffff8881076dab07 R11: 0000000000000000 R12: ffffffffb8e3ca40 [ 144.652601] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881094bfd38 [ 144.653191] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 144.653582] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.653862] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 144.654308] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 144.654637] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.655060] Call Trace: [ 144.655181] <TASK> [ 144.655324] drm_test_rect_calc_vscale+0x108/0x270 [ 144.655587] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.655907] ? __schedule+0x10cc/0x2b60 [ 144.656095] ? __pfx_read_tsc+0x10/0x10 [ 144.656482] ? ktime_get_ts64+0x86/0x230 [ 144.656716] kunit_try_run_case+0x1a5/0x480 [ 144.657181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.657404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.657622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.657852] ? __kthread_parkme+0x82/0x180 [ 144.658177] ? preempt_count_sub+0x50/0x80 [ 144.658395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.658614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.658919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.659264] kthread+0x337/0x6f0 [ 144.659474] ? trace_preempt_on+0x20/0xc0 [ 144.659661] ? __pfx_kthread+0x10/0x10 [ 144.659891] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.660102] ? calculate_sigpending+0x7b/0xa0 [ 144.660536] ? __pfx_kthread+0x10/0x10 [ 144.660855] ret_from_fork+0x116/0x1d0 [ 144.661330] ? __pfx_kthread+0x10/0x10 [ 144.661578] ret_from_fork_asm+0x1a/0x30 [ 144.661809] </TASK> [ 144.662020] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.624999] WARNING: CPU: 1 PID: 2817 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 144.625871] Modules linked in: [ 144.626155] CPU: 1 UID: 0 PID: 2817 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 144.626612] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.626818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.627326] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 144.627594] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 d0 b8 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.628533] RSP: 0000:ffff88810934fc78 EFLAGS: 00010286 [ 144.628796] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.629156] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb8e3ca1c [ 144.629429] RBP: ffff88810934fca0 R08: 0000000000000000 R09: ffffed1020edb520 [ 144.629754] R10: ffff8881076da907 R11: 0000000000000000 R12: ffffffffb8e3ca08 [ 144.630071] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810934fd38 [ 144.630449] FS: 0000000000000000(0000) GS:ffff8881a035d000(0000) knlGS:0000000000000000 [ 144.630731] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.631156] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 144.631426] DR0: ffffffffbae67404 DR1: ffffffffbae67409 DR2: ffffffffbae6740a [ 144.631674] DR3: ffffffffbae6740b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.631976] Call Trace: [ 144.632304] <TASK> [ 144.632419] drm_test_rect_calc_vscale+0x108/0x270 [ 144.632676] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 144.632899] ? __schedule+0x10cc/0x2b60 [ 144.633087] ? __pfx_read_tsc+0x10/0x10 [ 144.633401] ? ktime_get_ts64+0x86/0x230 [ 144.633564] kunit_try_run_case+0x1a5/0x480 [ 144.633768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.634050] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.634245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.634479] ? __kthread_parkme+0x82/0x180 [ 144.634652] ? preempt_count_sub+0x50/0x80 [ 144.634796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.635257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.635505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.635803] kthread+0x337/0x6f0 [ 144.635941] ? trace_preempt_on+0x20/0xc0 [ 144.636425] ? __pfx_kthread+0x10/0x10 [ 144.636606] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.636830] ? calculate_sigpending+0x7b/0xa0 [ 144.637151] ? __pfx_kthread+0x10/0x10 [ 144.637316] ret_from_fork+0x116/0x1d0 [ 144.637448] ? __pfx_kthread+0x10/0x10 [ 144.637638] ret_from_fork_asm+0x1a/0x30 [ 144.637871] </TASK> [ 144.637976] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale: Failure
Automatically assigned
------------[ cut here ]------------ [ 144.591062] WARNING: CPU: 0 PID: 2807 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.592046] Modules linked in: [ 144.592365] CPU: 0 UID: 0 PID: 2807 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 144.592933] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.593328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.593962] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.594429] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.595396] RSP: 0000:ffff8881093efc78 EFLAGS: 00010286 [ 144.595896] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 144.596375] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb8e3ca58 [ 144.596671] RBP: ffff8881093efca0 R08: 0000000000000000 R09: ffffed1020eb21a0 [ 144.597282] R10: ffff888107590d07 R11: 0000000000000000 R12: ffffffffb8e3ca40 [ 144.597584] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881093efd38 [ 144.598107] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 144.598537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.598957] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 144.599423] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 144.600056] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.600313] Call Trace: [ 144.600610] <TASK> [ 144.600843] drm_test_rect_calc_hscale+0x108/0x270 [ 144.601312] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.601545] ? __schedule+0x10cc/0x2b60 [ 144.601762] ? __pfx_read_tsc+0x10/0x10 [ 144.601954] ? ktime_get_ts64+0x86/0x230 [ 144.602453] kunit_try_run_case+0x1a5/0x480 [ 144.602638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.603236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.603457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.603850] ? __kthread_parkme+0x82/0x180 [ 144.604351] ? preempt_count_sub+0x50/0x80 [ 144.604563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.604946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.605383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.605632] kthread+0x337/0x6f0 [ 144.605808] ? trace_preempt_on+0x20/0xc0 [ 144.606326] ? __pfx_kthread+0x10/0x10 [ 144.606499] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.606927] ? calculate_sigpending+0x7b/0xa0 [ 144.607384] ? __pfx_kthread+0x10/0x10 [ 144.607812] ret_from_fork+0x116/0x1d0 [ 144.608282] ? __pfx_kthread+0x10/0x10 [ 144.608480] ret_from_fork_asm+0x1a/0x30 [ 144.608673] </TASK> [ 144.608784] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 144.570842] WARNING: CPU: 0 PID: 2805 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 144.571360] Modules linked in: [ 144.571570] CPU: 0 UID: 0 PID: 2805 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 144.572362] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.572615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.573087] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 144.573320] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 144.574526] RSP: 0000:ffff888109107c78 EFLAGS: 00010286 [ 144.574860] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 144.575508] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb8e3ca20 [ 144.576092] RBP: ffff888109107ca0 R08: 0000000000000000 R09: ffffed1020edb440 [ 144.576362] R10: ffff8881076da207 R11: 0000000000000000 R12: ffffffffb8e3ca08 [ 144.576846] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888109107d38 [ 144.577402] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 144.577868] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.578405] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 144.579037] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 144.579531] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.580080] Call Trace: [ 144.580202] <TASK> [ 144.580342] drm_test_rect_calc_hscale+0x108/0x270 [ 144.580805] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 144.581317] ? __schedule+0x10cc/0x2b60 [ 144.581534] ? __pfx_read_tsc+0x10/0x10 [ 144.581928] ? ktime_get_ts64+0x86/0x230 [ 144.582346] kunit_try_run_case+0x1a5/0x480 [ 144.582665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.583068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.583460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.583829] ? __kthread_parkme+0x82/0x180 [ 144.584274] ? preempt_count_sub+0x50/0x80 [ 144.584502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.584694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.585239] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.585520] kthread+0x337/0x6f0 [ 144.585850] ? trace_preempt_on+0x20/0xc0 [ 144.586034] ? __pfx_kthread+0x10/0x10 [ 144.586471] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.586825] ? calculate_sigpending+0x7b/0xa0 [ 144.587216] ? __pfx_kthread+0x10/0x10 [ 144.587553] ret_from_fork+0x116/0x1d0 [ 144.587944] ? __pfx_kthread+0x10/0x10 [ 144.588203] ret_from_fork_asm+0x1a/0x30 [ 144.588410] </TASK> [ 144.588505] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti: Failure
Automatically assigned
[ 104.573965] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
Automatically assigned
[ 46.988740] ================================================================== [ 46.989132] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 46.989132] [ 46.989532] Use-after-free read at 0x(____ptrval____) (in kfence-#118): [ 46.989825] test_krealloc+0x6fc/0xbe0 [ 46.990099] kunit_try_run_case+0x1a5/0x480 [ 46.990250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 46.990569] kthread+0x337/0x6f0 [ 46.990794] ret_from_fork+0x116/0x1d0 [ 46.990947] ret_from_fork_asm+0x1a/0x30 [ 46.991151] [ 46.991251] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 46.991251] [ 46.991692] allocated by task 354 on cpu 1 at 46.988165s (0.003524s ago): [ 46.992072] test_alloc+0x364/0x10f0 [ 46.992281] test_krealloc+0xad/0xbe0 [ 46.992467] kunit_try_run_case+0x1a5/0x480 [ 46.992685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 46.993018] kthread+0x337/0x6f0 [ 46.993229] ret_from_fork+0x116/0x1d0 [ 46.993402] ret_from_fork_asm+0x1a/0x30 [ 46.993544] [ 46.993616] freed by task 354 on cpu 1 at 46.988370s (0.005244s ago): [ 46.994018] krealloc_noprof+0x108/0x340 [ 46.994280] test_krealloc+0x226/0xbe0 [ 46.994468] kunit_try_run_case+0x1a5/0x480 [ 46.994666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 46.994871] kthread+0x337/0x6f0 [ 46.995108] ret_from_fork+0x116/0x1d0 [ 46.995381] ret_from_fork_asm+0x1a/0x30 [ 46.995696] [ 46.995815] CPU: 1 UID: 0 PID: 354 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 46.996338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 46.996478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.997185] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
Automatically assigned
[ 46.905979] ================================================================== [ 46.906424] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 46.906424] [ 46.907013] Use-after-free read at 0x(____ptrval____) (in kfence-#117): [ 46.907441] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 46.908229] kunit_try_run_case+0x1a5/0x480 [ 46.908445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 46.908689] kthread+0x337/0x6f0 [ 46.908845] ret_from_fork+0x116/0x1d0 [ 46.909027] ret_from_fork_asm+0x1a/0x30 [ 46.909212] [ 46.909298] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 46.909298] [ 46.910070] allocated by task 352 on cpu 1 at 46.884182s (0.025885s ago): [ 46.910376] test_alloc+0x2a6/0x10f0 [ 46.910689] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 46.911020] kunit_try_run_case+0x1a5/0x480 [ 46.911285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 46.911596] kthread+0x337/0x6f0 [ 46.911879] ret_from_fork+0x116/0x1d0 [ 46.912060] ret_from_fork_asm+0x1a/0x30 [ 46.912351] [ 46.912447] freed by task 352 on cpu 1 at 46.884282s (0.028164s ago): [ 46.912725] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 46.913142] kunit_try_run_case+0x1a5/0x480 [ 46.913430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 46.913647] kthread+0x337/0x6f0 [ 46.913921] ret_from_fork+0x116/0x1d0 [ 46.914106] ret_from_fork_asm+0x1a/0x30 [ 46.914290] [ 46.914412] CPU: 1 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 46.915170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 46.915335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 46.915899] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
Automatically assigned
[ 21.729637] ================================================================== [ 21.730178] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 21.730178] [ 21.731866] Invalid read at 0x(____ptrval____): [ 21.732302] test_invalid_access+0xf0/0x210 [ 21.732464] kunit_try_run_case+0x1a5/0x480 [ 21.732611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.732783] kthread+0x337/0x6f0 [ 21.732919] ret_from_fork+0x116/0x1d0 [ 21.733059] ret_from_fork_asm+0x1a/0x30 [ 21.733544] [ 21.733684] CPU: 0 UID: 0 PID: 348 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 21.734465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.734658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.735253] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
Automatically assigned
[ 21.508522] ================================================================== [ 21.508850] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.508850] [ 21.509184] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#113): [ 21.509746] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.509936] kunit_try_run_case+0x1a5/0x480 [ 21.510084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.510271] kthread+0x337/0x6f0 [ 21.510409] ret_from_fork+0x116/0x1d0 [ 21.510557] ret_from_fork_asm+0x1a/0x30 [ 21.511202] [ 21.511291] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.511291] [ 21.511607] allocated by task 342 on cpu 0 at 21.508275s (0.003330s ago): [ 21.511836] test_alloc+0x364/0x10f0 [ 21.512028] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 21.512273] kunit_try_run_case+0x1a5/0x480 [ 21.512418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.512629] kthread+0x337/0x6f0 [ 21.512750] ret_from_fork+0x116/0x1d0 [ 21.513298] ret_from_fork_asm+0x1a/0x30 [ 21.513456] [ 21.513530] freed by task 342 on cpu 0 at 21.508411s (0.005116s ago): [ 21.513797] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 21.514061] kunit_try_run_case+0x1a5/0x480 [ 21.514281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.514489] kthread+0x337/0x6f0 [ 21.514613] ret_from_fork+0x116/0x1d0 [ 21.515010] ret_from_fork_asm+0x1a/0x30 [ 21.515159] [ 21.515259] CPU: 0 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 21.515782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.516065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.516474] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
Automatically assigned
[ 21.404481] ================================================================== [ 21.404935] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.404935] [ 21.405391] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#112): [ 21.405667] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 21.405841] kunit_try_run_case+0x1a5/0x480 [ 21.406060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.406387] kthread+0x337/0x6f0 [ 21.406578] ret_from_fork+0x116/0x1d0 [ 21.406804] ret_from_fork_asm+0x1a/0x30 [ 21.407033] [ 21.407133] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 21.407133] [ 21.407533] allocated by task 340 on cpu 1 at 21.404259s (0.003273s ago): [ 21.407759] test_alloc+0x364/0x10f0 [ 21.407953] test_kmalloc_aligned_oob_read+0x105/0x560 [ 21.408225] kunit_try_run_case+0x1a5/0x480 [ 21.408476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.408758] kthread+0x337/0x6f0 [ 21.408887] ret_from_fork+0x116/0x1d0 [ 21.409092] ret_from_fork_asm+0x1a/0x30 [ 21.409317] [ 21.409448] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 21.409991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.410208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.410567] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
Automatically assigned
[ 18.180254] ================================================================== [ 18.180647] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.180647] [ 18.180970] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#81): [ 18.181367] test_corruption+0x216/0x3e0 [ 18.181586] kunit_try_run_case+0x1a5/0x480 [ 18.182232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.182481] kthread+0x337/0x6f0 [ 18.182943] ret_from_fork+0x116/0x1d0 [ 18.183143] ret_from_fork_asm+0x1a/0x30 [ 18.183339] [ 18.183540] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.183540] [ 18.184006] allocated by task 330 on cpu 1 at 18.180131s (0.003872s ago): [ 18.184314] test_alloc+0x2a6/0x10f0 [ 18.184494] test_corruption+0x1cb/0x3e0 [ 18.184920] kunit_try_run_case+0x1a5/0x480 [ 18.185129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.185359] kthread+0x337/0x6f0 [ 18.185640] ret_from_fork+0x116/0x1d0 [ 18.185883] ret_from_fork_asm+0x1a/0x30 [ 18.186143] [ 18.186225] freed by task 330 on cpu 1 at 18.180181s (0.006042s ago): [ 18.186512] test_corruption+0x216/0x3e0 [ 18.186687] kunit_try_run_case+0x1a5/0x480 [ 18.187089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.187398] kthread+0x337/0x6f0 [ 18.187617] ret_from_fork+0x116/0x1d0 [ 18.187837] ret_from_fork_asm+0x1a/0x30 [ 18.188176] [ 18.188299] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 18.188863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.189153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.189596] ================================================================== [ 17.764319] ================================================================== [ 17.764715] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 17.764715] [ 17.765238] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#77): [ 17.766191] test_corruption+0x131/0x3e0 [ 17.766398] kunit_try_run_case+0x1a5/0x480 [ 17.766569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.766842] kthread+0x337/0x6f0 [ 17.766999] ret_from_fork+0x116/0x1d0 [ 17.767166] ret_from_fork_asm+0x1a/0x30 [ 17.767349] [ 17.767447] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.767447] [ 17.768159] allocated by task 330 on cpu 1 at 17.764211s (0.003946s ago): [ 17.768671] test_alloc+0x2a6/0x10f0 [ 17.768870] test_corruption+0xe6/0x3e0 [ 17.769038] kunit_try_run_case+0x1a5/0x480 [ 17.769391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.769723] kthread+0x337/0x6f0 [ 17.769973] ret_from_fork+0x116/0x1d0 [ 17.770131] ret_from_fork_asm+0x1a/0x30 [ 17.770408] [ 17.770607] freed by task 330 on cpu 1 at 17.764257s (0.006348s ago): [ 17.770889] test_corruption+0x131/0x3e0 [ 17.771076] kunit_try_run_case+0x1a5/0x480 [ 17.771254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.771483] kthread+0x337/0x6f0 [ 17.771635] ret_from_fork+0x116/0x1d0 [ 17.772126] ret_from_fork_asm+0x1a/0x30 [ 17.772278] [ 17.772402] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.773081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.773340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.773795] ================================================================== [ 17.660466] ================================================================== [ 17.660880] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.660880] [ 17.661192] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#76): [ 17.661572] test_corruption+0x2df/0x3e0 [ 17.661757] kunit_try_run_case+0x1a5/0x480 [ 17.662026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.662226] kthread+0x337/0x6f0 [ 17.662404] ret_from_fork+0x116/0x1d0 [ 17.662540] ret_from_fork_asm+0x1a/0x30 [ 17.662693] [ 17.662789] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.662789] [ 17.663330] allocated by task 328 on cpu 0 at 17.660260s (0.003067s ago): [ 17.663603] test_alloc+0x364/0x10f0 [ 17.663800] test_corruption+0x1cb/0x3e0 [ 17.664009] kunit_try_run_case+0x1a5/0x480 [ 17.664215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.664403] kthread+0x337/0x6f0 [ 17.664537] ret_from_fork+0x116/0x1d0 [ 17.664725] ret_from_fork_asm+0x1a/0x30 [ 17.665038] [ 17.665115] freed by task 328 on cpu 0 at 17.660326s (0.004786s ago): [ 17.665322] test_corruption+0x2df/0x3e0 [ 17.665509] kunit_try_run_case+0x1a5/0x480 [ 17.665798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.666111] kthread+0x337/0x6f0 [ 17.666269] ret_from_fork+0x116/0x1d0 [ 17.666431] ret_from_fork_asm+0x1a/0x30 [ 17.666621] [ 17.666755] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.667217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.667358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.667674] ================================================================== [ 17.556430] ================================================================== [ 17.556854] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.556854] [ 17.557380] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#75): [ 17.558030] test_corruption+0x2d2/0x3e0 [ 17.558208] kunit_try_run_case+0x1a5/0x480 [ 17.558422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.558799] kthread+0x337/0x6f0 [ 17.559014] ret_from_fork+0x116/0x1d0 [ 17.559206] ret_from_fork_asm+0x1a/0x30 [ 17.559406] [ 17.559539] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.559539] [ 17.559955] allocated by task 328 on cpu 0 at 17.556274s (0.003678s ago): [ 17.560284] test_alloc+0x364/0x10f0 [ 17.560496] test_corruption+0xe6/0x3e0 [ 17.560706] kunit_try_run_case+0x1a5/0x480 [ 17.560982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.561262] kthread+0x337/0x6f0 [ 17.561443] ret_from_fork+0x116/0x1d0 [ 17.561692] ret_from_fork_asm+0x1a/0x30 [ 17.561900] [ 17.562227] freed by task 328 on cpu 0 at 17.556365s (0.005859s ago): [ 17.562522] test_corruption+0x2d2/0x3e0 [ 17.562784] kunit_try_run_case+0x1a5/0x480 [ 17.562991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.563211] kthread+0x337/0x6f0 [ 17.563363] ret_from_fork+0x116/0x1d0 [ 17.563536] ret_from_fork_asm+0x1a/0x30 [ 17.564157] [ 17.564309] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.565147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.565346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.565755] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
Automatically assigned
[ 17.452352] ================================================================== [ 17.452804] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.452804] [ 17.453164] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 17.453501] test_invalid_addr_free+0xfb/0x260 [ 17.453687] kunit_try_run_case+0x1a5/0x480 [ 17.453925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.454197] kthread+0x337/0x6f0 [ 17.454380] ret_from_fork+0x116/0x1d0 [ 17.454571] ret_from_fork_asm+0x1a/0x30 [ 17.454746] [ 17.454820] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.454820] [ 17.455267] allocated by task 326 on cpu 1 at 17.452259s (0.003006s ago): [ 17.455559] test_alloc+0x2a6/0x10f0 [ 17.455768] test_invalid_addr_free+0xdb/0x260 [ 17.456000] kunit_try_run_case+0x1a5/0x480 [ 17.456234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.456476] kthread+0x337/0x6f0 [ 17.456654] ret_from_fork+0x116/0x1d0 [ 17.456847] ret_from_fork_asm+0x1a/0x30 [ 17.457056] [ 17.457194] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.457729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.457924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.458308] ================================================================== [ 17.348309] ================================================================== [ 17.348755] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.348755] [ 17.349159] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 17.349396] test_invalid_addr_free+0x1e1/0x260 [ 17.349613] kunit_try_run_case+0x1a5/0x480 [ 17.349855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.350076] kthread+0x337/0x6f0 [ 17.350254] ret_from_fork+0x116/0x1d0 [ 17.350451] ret_from_fork_asm+0x1a/0x30 [ 17.350635] [ 17.350728] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.350728] [ 17.351023] allocated by task 324 on cpu 0 at 17.348197s (0.002825s ago): [ 17.351350] test_alloc+0x364/0x10f0 [ 17.351539] test_invalid_addr_free+0xdb/0x260 [ 17.351762] kunit_try_run_case+0x1a5/0x480 [ 17.351954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.352751] kthread+0x337/0x6f0 [ 17.352932] ret_from_fork+0x116/0x1d0 [ 17.353114] ret_from_fork_asm+0x1a/0x30 [ 17.353291] [ 17.353405] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.354217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.354381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.355014] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
Automatically assigned
[ 17.244393] ================================================================== [ 17.244846] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.244846] [ 17.245216] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 17.245540] test_double_free+0x112/0x260 [ 17.245725] kunit_try_run_case+0x1a5/0x480 [ 17.245914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.246262] kthread+0x337/0x6f0 [ 17.246391] ret_from_fork+0x116/0x1d0 [ 17.246576] ret_from_fork_asm+0x1a/0x30 [ 17.246951] [ 17.247068] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.247068] [ 17.247380] allocated by task 322 on cpu 1 at 17.244233s (0.003145s ago): [ 17.247688] test_alloc+0x2a6/0x10f0 [ 17.247889] test_double_free+0xdb/0x260 [ 17.248062] kunit_try_run_case+0x1a5/0x480 [ 17.248290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.248511] kthread+0x337/0x6f0 [ 17.248655] ret_from_fork+0x116/0x1d0 [ 17.248788] ret_from_fork_asm+0x1a/0x30 [ 17.249092] [ 17.249189] freed by task 322 on cpu 1 at 17.244288s (0.004899s ago): [ 17.249551] test_double_free+0xfa/0x260 [ 17.249693] kunit_try_run_case+0x1a5/0x480 [ 17.249909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.250200] kthread+0x337/0x6f0 [ 17.250326] ret_from_fork+0x116/0x1d0 [ 17.250499] ret_from_fork_asm+0x1a/0x30 [ 17.250768] [ 17.250888] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.251398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.251582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.252116] ================================================================== [ 17.140420] ================================================================== [ 17.140850] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 17.140850] [ 17.141224] Invalid free of 0x(____ptrval____) (in kfence-#71): [ 17.141805] test_double_free+0x1d3/0x260 [ 17.142003] kunit_try_run_case+0x1a5/0x480 [ 17.142216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.142445] kthread+0x337/0x6f0 [ 17.142598] ret_from_fork+0x116/0x1d0 [ 17.142771] ret_from_fork_asm+0x1a/0x30 [ 17.143470] [ 17.143564] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.143564] [ 17.143976] allocated by task 320 on cpu 0 at 17.140246s (0.003728s ago): [ 17.144498] test_alloc+0x364/0x10f0 [ 17.144762] test_double_free+0xdb/0x260 [ 17.145030] kunit_try_run_case+0x1a5/0x480 [ 17.145301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.145536] kthread+0x337/0x6f0 [ 17.145772] ret_from_fork+0x116/0x1d0 [ 17.146109] ret_from_fork_asm+0x1a/0x30 [ 17.146352] [ 17.146514] freed by task 320 on cpu 0 at 17.140292s (0.006219s ago): [ 17.146880] test_double_free+0x1e0/0x260 [ 17.147075] kunit_try_run_case+0x1a5/0x480 [ 17.147380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.147606] kthread+0x337/0x6f0 [ 17.147888] ret_from_fork+0x116/0x1d0 [ 17.148087] ret_from_fork_asm+0x1a/0x30 [ 17.148403] [ 17.148529] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 17.149131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.149315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.149859] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
Automatically assigned
[ 16.828373] ================================================================== [ 16.828822] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.828822] [ 16.829286] Use-after-free read at 0x(____ptrval____) (in kfence-#68): [ 16.829570] test_use_after_free_read+0x129/0x270 [ 16.829946] kunit_try_run_case+0x1a5/0x480 [ 16.830356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.830718] kthread+0x337/0x6f0 [ 16.830916] ret_from_fork+0x116/0x1d0 [ 16.831213] ret_from_fork_asm+0x1a/0x30 [ 16.831356] [ 16.831428] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.831428] [ 16.831863] allocated by task 314 on cpu 1 at 16.828249s (0.003612s ago): [ 16.832430] test_alloc+0x2a6/0x10f0 [ 16.832579] test_use_after_free_read+0xdc/0x270 [ 16.832935] kunit_try_run_case+0x1a5/0x480 [ 16.833162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.833417] kthread+0x337/0x6f0 [ 16.833580] ret_from_fork+0x116/0x1d0 [ 16.833840] ret_from_fork_asm+0x1a/0x30 [ 16.833996] [ 16.834093] freed by task 314 on cpu 1 at 16.828302s (0.005790s ago): [ 16.834435] test_use_after_free_read+0xfb/0x270 [ 16.834646] kunit_try_run_case+0x1a5/0x480 [ 16.834866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.835096] kthread+0x337/0x6f0 [ 16.835286] ret_from_fork+0x116/0x1d0 [ 16.835476] ret_from_fork_asm+0x1a/0x30 [ 16.835682] [ 16.835803] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 16.836258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.836493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.836818] ================================================================== [ 16.724410] ================================================================== [ 16.724935] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.724935] [ 16.725361] Use-after-free read at 0x(____ptrval____) (in kfence-#67): [ 16.725967] test_use_after_free_read+0x129/0x270 [ 16.726236] kunit_try_run_case+0x1a5/0x480 [ 16.726458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.727029] kthread+0x337/0x6f0 [ 16.727206] ret_from_fork+0x116/0x1d0 [ 16.727364] ret_from_fork_asm+0x1a/0x30 [ 16.727696] [ 16.727866] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.727866] [ 16.728342] allocated by task 312 on cpu 0 at 16.724204s (0.004136s ago): [ 16.728667] test_alloc+0x364/0x10f0 [ 16.729063] test_use_after_free_read+0xdc/0x270 [ 16.729272] kunit_try_run_case+0x1a5/0x480 [ 16.729461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.729924] kthread+0x337/0x6f0 [ 16.730108] ret_from_fork+0x116/0x1d0 [ 16.730359] ret_from_fork_asm+0x1a/0x30 [ 16.730519] [ 16.730692] freed by task 312 on cpu 0 at 16.724253s (0.006436s ago): [ 16.731124] test_use_after_free_read+0x1e7/0x270 [ 16.731344] kunit_try_run_case+0x1a5/0x480 [ 16.731531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.731935] kthread+0x337/0x6f0 [ 16.732179] ret_from_fork+0x116/0x1d0 [ 16.732329] ret_from_fork_asm+0x1a/0x30 [ 16.732664] [ 16.732795] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 16.733428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.733626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.734086] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
Automatically assigned
[ 16.412372] ================================================================== [ 16.412794] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.412794] [ 16.413295] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#64): [ 16.413948] test_out_of_bounds_write+0x10d/0x260 [ 16.414207] kunit_try_run_case+0x1a5/0x480 [ 16.414424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.414946] kthread+0x337/0x6f0 [ 16.415144] ret_from_fork+0x116/0x1d0 [ 16.415397] ret_from_fork_asm+0x1a/0x30 [ 16.415568] [ 16.415768] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.415768] [ 16.416181] allocated by task 308 on cpu 0 at 16.412263s (0.003916s ago): [ 16.416479] test_alloc+0x364/0x10f0 [ 16.416957] test_out_of_bounds_write+0xd4/0x260 [ 16.417169] kunit_try_run_case+0x1a5/0x480 [ 16.417355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.417761] kthread+0x337/0x6f0 [ 16.418005] ret_from_fork+0x116/0x1d0 [ 16.418156] ret_from_fork_asm+0x1a/0x30 [ 16.418465] [ 16.418578] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 16.419244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.419581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.420047] ================================================================== [ 16.620331] ================================================================== [ 16.620783] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.620783] [ 16.621262] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 16.621538] test_out_of_bounds_write+0x10d/0x260 [ 16.621929] kunit_try_run_case+0x1a5/0x480 [ 16.622126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.622337] kthread+0x337/0x6f0 [ 16.622506] ret_from_fork+0x116/0x1d0 [ 16.622680] ret_from_fork_asm+0x1a/0x30 [ 16.622829] [ 16.622912] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.622912] [ 16.623473] allocated by task 310 on cpu 1 at 16.620275s (0.003196s ago): [ 16.623805] test_alloc+0x2a6/0x10f0 [ 16.623963] test_out_of_bounds_write+0xd4/0x260 [ 16.624153] kunit_try_run_case+0x1a5/0x480 [ 16.624360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.624612] kthread+0x337/0x6f0 [ 16.624770] ret_from_fork+0x116/0x1d0 [ 16.624941] ret_from_fork_asm+0x1a/0x30 [ 16.625089] [ 16.625184] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 16.625663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.625829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.626214] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
Automatically assigned
[ 15.892415] ================================================================== [ 15.892879] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.892879] [ 15.893342] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#59): [ 15.893602] test_out_of_bounds_read+0x216/0x4e0 [ 15.893887] kunit_try_run_case+0x1a5/0x480 [ 15.894109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.894319] kthread+0x337/0x6f0 [ 15.894496] ret_from_fork+0x116/0x1d0 [ 15.894667] ret_from_fork_asm+0x1a/0x30 [ 15.894825] [ 15.894936] kfence-#59: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.894936] [ 15.895448] allocated by task 304 on cpu 0 at 15.892254s (0.003191s ago): [ 15.895696] test_alloc+0x364/0x10f0 [ 15.895953] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.896159] kunit_try_run_case+0x1a5/0x480 [ 15.896306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.896554] kthread+0x337/0x6f0 [ 15.896722] ret_from_fork+0x116/0x1d0 [ 15.896991] ret_from_fork_asm+0x1a/0x30 [ 15.897137] [ 15.897255] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.897862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.898060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.898379] ================================================================== [ 15.996375] ================================================================== [ 15.996820] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.996820] [ 15.997319] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#60): [ 15.997582] test_out_of_bounds_read+0x126/0x4e0 [ 15.997852] kunit_try_run_case+0x1a5/0x480 [ 15.998022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.998280] kthread+0x337/0x6f0 [ 15.998453] ret_from_fork+0x116/0x1d0 [ 15.998615] ret_from_fork_asm+0x1a/0x30 [ 15.998794] [ 15.998976] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.998976] [ 15.999324] allocated by task 306 on cpu 1 at 15.996320s (0.003002s ago): [ 15.999577] test_alloc+0x2a6/0x10f0 [ 15.999758] test_out_of_bounds_read+0xed/0x4e0 [ 16.000081] kunit_try_run_case+0x1a5/0x480 [ 16.000271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.000496] kthread+0x337/0x6f0 [ 16.000657] ret_from_fork+0x116/0x1d0 [ 16.000790] ret_from_fork_asm+0x1a/0x30 [ 16.000980] [ 16.001194] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 16.001654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.001797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.002214] ================================================================== [ 15.789370] ================================================================== [ 15.789889] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.789889] [ 15.790377] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#58): [ 15.790692] test_out_of_bounds_read+0x126/0x4e0 [ 15.790912] kunit_try_run_case+0x1a5/0x480 [ 15.791122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.791402] kthread+0x337/0x6f0 [ 15.791565] ret_from_fork+0x116/0x1d0 [ 15.791701] ret_from_fork_asm+0x1a/0x30 [ 15.791965] [ 15.792065] kfence-#58: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.792065] [ 15.792443] allocated by task 304 on cpu 0 at 15.788245s (0.004197s ago): [ 15.792672] test_alloc+0x364/0x10f0 [ 15.792900] test_out_of_bounds_read+0xed/0x4e0 [ 15.793152] kunit_try_run_case+0x1a5/0x480 [ 15.793380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.793746] kthread+0x337/0x6f0 [ 15.794124] ret_from_fork+0x116/0x1d0 [ 15.794425] ret_from_fork_asm+0x1a/0x30 [ 15.795000] [ 15.795212] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.795710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.795872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.796248] ================================================================== [ 16.100321] ================================================================== [ 16.100710] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.100710] [ 16.101132] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#61): [ 16.101449] test_out_of_bounds_read+0x216/0x4e0 [ 16.101659] kunit_try_run_case+0x1a5/0x480 [ 16.101870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.102126] kthread+0x337/0x6f0 [ 16.102252] ret_from_fork+0x116/0x1d0 [ 16.102443] ret_from_fork_asm+0x1a/0x30 [ 16.102648] [ 16.102725] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.102725] [ 16.103029] allocated by task 306 on cpu 1 at 16.100274s (0.002753s ago): [ 16.103351] test_alloc+0x2a6/0x10f0 [ 16.103542] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.103740] kunit_try_run_case+0x1a5/0x480 [ 16.103994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.104195] kthread+0x337/0x6f0 [ 16.104315] ret_from_fork+0x116/0x1d0 [ 16.104479] ret_from_fork_asm+0x1a/0x30 [ 16.104672] [ 16.104796] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 16.105270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.105459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.105761] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user: Failure
Automatically assigned
[ 15.654463] ================================================================== [ 15.655132] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.655433] Write of size 1 at addr ffff888102b2dc78 by task kunit_try_catch/302 [ 15.655793] [ 15.655913] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.655967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.655980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.656001] Call Trace: [ 15.656016] <TASK> [ 15.656040] dump_stack_lvl+0x73/0xb0 [ 15.656066] print_report+0xd1/0x650 [ 15.656089] ? __virt_addr_valid+0x1db/0x2d0 [ 15.656123] ? strncpy_from_user+0x1a5/0x1d0 [ 15.656145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.656172] ? strncpy_from_user+0x1a5/0x1d0 [ 15.656204] kasan_report+0x141/0x180 [ 15.656229] ? strncpy_from_user+0x1a5/0x1d0 [ 15.656256] __asan_report_store1_noabort+0x1b/0x30 [ 15.656280] strncpy_from_user+0x1a5/0x1d0 [ 15.656305] copy_user_test_oob+0x760/0x10f0 [ 15.656334] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.656360] ? finish_task_switch.isra.0+0x153/0x700 [ 15.656385] ? __switch_to+0x47/0xf50 [ 15.656413] ? __schedule+0x10cc/0x2b60 [ 15.656438] ? __pfx_read_tsc+0x10/0x10 [ 15.656461] ? ktime_get_ts64+0x86/0x230 [ 15.656486] kunit_try_run_case+0x1a5/0x480 [ 15.656510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.656532] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.656560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.656587] ? __kthread_parkme+0x82/0x180 [ 15.656609] ? preempt_count_sub+0x50/0x80 [ 15.656645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.656677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.656705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.656744] kthread+0x337/0x6f0 [ 15.656766] ? trace_preempt_on+0x20/0xc0 [ 15.656791] ? __pfx_kthread+0x10/0x10 [ 15.656824] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.656849] ? calculate_sigpending+0x7b/0xa0 [ 15.656876] ? __pfx_kthread+0x10/0x10 [ 15.656915] ret_from_fork+0x116/0x1d0 [ 15.656936] ? __pfx_kthread+0x10/0x10 [ 15.656959] ret_from_fork_asm+0x1a/0x30 [ 15.657003] </TASK> [ 15.657014] [ 15.667096] Allocated by task 302: [ 15.667266] kasan_save_stack+0x45/0x70 [ 15.667437] kasan_save_track+0x18/0x40 [ 15.667616] kasan_save_alloc_info+0x3b/0x50 [ 15.668163] __kasan_kmalloc+0xb7/0xc0 [ 15.668471] __kmalloc_noprof+0x1c9/0x500 [ 15.668796] kunit_kmalloc_array+0x25/0x60 [ 15.669017] copy_user_test_oob+0xab/0x10f0 [ 15.669208] kunit_try_run_case+0x1a5/0x480 [ 15.669393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.669874] kthread+0x337/0x6f0 [ 15.670115] ret_from_fork+0x116/0x1d0 [ 15.670441] ret_from_fork_asm+0x1a/0x30 [ 15.670832] [ 15.670939] The buggy address belongs to the object at ffff888102b2dc00 [ 15.670939] which belongs to the cache kmalloc-128 of size 128 [ 15.671607] The buggy address is located 0 bytes to the right of [ 15.671607] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.672109] [ 15.672198] The buggy address belongs to the physical page: [ 15.672413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.673122] flags: 0x200000000000000(node=0|zone=2) [ 15.673560] page_type: f5(slab) [ 15.673970] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.674491] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.675039] page dumped because: kasan: bad access detected [ 15.675277] [ 15.675367] Memory state around the buggy address: [ 15.675575] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.676513] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.677203] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.677658] ^ [ 15.678116] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.678390] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.678944] ================================================================== [ 15.634802] ================================================================== [ 15.635198] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.635511] Write of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.636157] [ 15.636262] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.636303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.636314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.636335] Call Trace: [ 15.636350] <TASK> [ 15.636364] dump_stack_lvl+0x73/0xb0 [ 15.636388] print_report+0xd1/0x650 [ 15.636413] ? __virt_addr_valid+0x1db/0x2d0 [ 15.636438] ? strncpy_from_user+0x2e/0x1d0 [ 15.636460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.636486] ? strncpy_from_user+0x2e/0x1d0 [ 15.636508] kasan_report+0x141/0x180 [ 15.636532] ? strncpy_from_user+0x2e/0x1d0 [ 15.636570] kasan_check_range+0x10c/0x1c0 [ 15.636596] __kasan_check_write+0x18/0x20 [ 15.636617] strncpy_from_user+0x2e/0x1d0 [ 15.636650] ? __kasan_check_read+0x15/0x20 [ 15.636682] copy_user_test_oob+0x760/0x10f0 [ 15.636710] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.636735] ? finish_task_switch.isra.0+0x153/0x700 [ 15.636760] ? __switch_to+0x47/0xf50 [ 15.636795] ? __schedule+0x10cc/0x2b60 [ 15.636821] ? __pfx_read_tsc+0x10/0x10 [ 15.636852] ? ktime_get_ts64+0x86/0x230 [ 15.636878] kunit_try_run_case+0x1a5/0x480 [ 15.636910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.636932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.636967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.636995] ? __kthread_parkme+0x82/0x180 [ 15.637027] ? preempt_count_sub+0x50/0x80 [ 15.637055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.637079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.637106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.637143] kthread+0x337/0x6f0 [ 15.637164] ? trace_preempt_on+0x20/0xc0 [ 15.637198] ? __pfx_kthread+0x10/0x10 [ 15.637220] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.637245] ? calculate_sigpending+0x7b/0xa0 [ 15.637279] ? __pfx_kthread+0x10/0x10 [ 15.637302] ret_from_fork+0x116/0x1d0 [ 15.637323] ? __pfx_kthread+0x10/0x10 [ 15.637355] ret_from_fork_asm+0x1a/0x30 [ 15.637387] </TASK> [ 15.637398] [ 15.645393] Allocated by task 302: [ 15.645598] kasan_save_stack+0x45/0x70 [ 15.645763] kasan_save_track+0x18/0x40 [ 15.645913] kasan_save_alloc_info+0x3b/0x50 [ 15.646082] __kasan_kmalloc+0xb7/0xc0 [ 15.646243] __kmalloc_noprof+0x1c9/0x500 [ 15.646422] kunit_kmalloc_array+0x25/0x60 [ 15.646595] copy_user_test_oob+0xab/0x10f0 [ 15.646796] kunit_try_run_case+0x1a5/0x480 [ 15.647190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.647494] kthread+0x337/0x6f0 [ 15.647731] ret_from_fork+0x116/0x1d0 [ 15.648065] ret_from_fork_asm+0x1a/0x30 [ 15.648243] [ 15.648331] The buggy address belongs to the object at ffff888102b2dc00 [ 15.648331] which belongs to the cache kmalloc-128 of size 128 [ 15.648764] The buggy address is located 0 bytes inside of [ 15.648764] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.649292] [ 15.649391] The buggy address belongs to the physical page: [ 15.649664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.650036] flags: 0x200000000000000(node=0|zone=2) [ 15.650300] page_type: f5(slab) [ 15.650499] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.651116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.651356] page dumped because: kasan: bad access detected [ 15.651643] [ 15.651737] Memory state around the buggy address: [ 15.651938] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.652156] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.652374] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.652718] ^ [ 15.653047] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.653389] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.653775] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob: Failure
Automatically assigned
[ 15.616695] ================================================================== [ 15.617091] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.617328] Read of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.617737] [ 15.617857] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.617910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.617922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.617945] Call Trace: [ 15.617960] <TASK> [ 15.617973] dump_stack_lvl+0x73/0xb0 [ 15.617999] print_report+0xd1/0x650 [ 15.618023] ? __virt_addr_valid+0x1db/0x2d0 [ 15.618048] ? copy_user_test_oob+0x604/0x10f0 [ 15.618073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.618110] ? copy_user_test_oob+0x604/0x10f0 [ 15.618136] kasan_report+0x141/0x180 [ 15.618160] ? copy_user_test_oob+0x604/0x10f0 [ 15.618190] kasan_check_range+0x10c/0x1c0 [ 15.618216] __kasan_check_read+0x15/0x20 [ 15.618237] copy_user_test_oob+0x604/0x10f0 [ 15.618264] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.618299] ? finish_task_switch.isra.0+0x153/0x700 [ 15.618324] ? __switch_to+0x47/0xf50 [ 15.618351] ? __schedule+0x10cc/0x2b60 [ 15.618387] ? __pfx_read_tsc+0x10/0x10 [ 15.618409] ? ktime_get_ts64+0x86/0x230 [ 15.618435] kunit_try_run_case+0x1a5/0x480 [ 15.618458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.618480] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.618507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.618534] ? __kthread_parkme+0x82/0x180 [ 15.618556] ? preempt_count_sub+0x50/0x80 [ 15.618580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.618604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.618658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.618686] kthread+0x337/0x6f0 [ 15.618713] ? trace_preempt_on+0x20/0xc0 [ 15.618737] ? __pfx_kthread+0x10/0x10 [ 15.618759] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.618783] ? calculate_sigpending+0x7b/0xa0 [ 15.618810] ? __pfx_kthread+0x10/0x10 [ 15.618833] ret_from_fork+0x116/0x1d0 [ 15.618853] ? __pfx_kthread+0x10/0x10 [ 15.618875] ret_from_fork_asm+0x1a/0x30 [ 15.618917] </TASK> [ 15.618928] [ 15.626366] Allocated by task 302: [ 15.626548] kasan_save_stack+0x45/0x70 [ 15.626791] kasan_save_track+0x18/0x40 [ 15.627002] kasan_save_alloc_info+0x3b/0x50 [ 15.627229] __kasan_kmalloc+0xb7/0xc0 [ 15.627426] __kmalloc_noprof+0x1c9/0x500 [ 15.627568] kunit_kmalloc_array+0x25/0x60 [ 15.627839] copy_user_test_oob+0xab/0x10f0 [ 15.628074] kunit_try_run_case+0x1a5/0x480 [ 15.628259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.628476] kthread+0x337/0x6f0 [ 15.628670] ret_from_fork+0x116/0x1d0 [ 15.628878] ret_from_fork_asm+0x1a/0x30 [ 15.629110] [ 15.629182] The buggy address belongs to the object at ffff888102b2dc00 [ 15.629182] which belongs to the cache kmalloc-128 of size 128 [ 15.629746] The buggy address is located 0 bytes inside of [ 15.629746] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.630196] [ 15.630307] The buggy address belongs to the physical page: [ 15.630567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.630901] flags: 0x200000000000000(node=0|zone=2) [ 15.631066] page_type: f5(slab) [ 15.631186] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.631417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.631645] page dumped because: kasan: bad access detected [ 15.631903] [ 15.631994] Memory state around the buggy address: [ 15.632249] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.632576] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.632856] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.633083] ^ [ 15.633297] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.633514] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.633728] ================================================================== [ 15.596248] ================================================================== [ 15.596563] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.597054] Write of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.597297] [ 15.597381] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.597424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.597437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.597458] Call Trace: [ 15.597470] <TASK> [ 15.597484] dump_stack_lvl+0x73/0xb0 [ 15.597510] print_report+0xd1/0x650 [ 15.598616] ? __virt_addr_valid+0x1db/0x2d0 [ 15.598649] ? copy_user_test_oob+0x557/0x10f0 [ 15.598688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.598715] ? copy_user_test_oob+0x557/0x10f0 [ 15.598747] kasan_report+0x141/0x180 [ 15.598772] ? copy_user_test_oob+0x557/0x10f0 [ 15.598817] kasan_check_range+0x10c/0x1c0 [ 15.598843] __kasan_check_write+0x18/0x20 [ 15.599035] copy_user_test_oob+0x557/0x10f0 [ 15.599066] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.599091] ? finish_task_switch.isra.0+0x153/0x700 [ 15.599363] ? __switch_to+0x47/0xf50 [ 15.599390] ? __schedule+0x10cc/0x2b60 [ 15.599415] ? __pfx_read_tsc+0x10/0x10 [ 15.599438] ? ktime_get_ts64+0x86/0x230 [ 15.599464] kunit_try_run_case+0x1a5/0x480 [ 15.599487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.599509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.599537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.599564] ? __kthread_parkme+0x82/0x180 [ 15.599587] ? preempt_count_sub+0x50/0x80 [ 15.599612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.599953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.600026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.600068] kthread+0x337/0x6f0 [ 15.600089] ? trace_preempt_on+0x20/0xc0 [ 15.600113] ? __pfx_kthread+0x10/0x10 [ 15.600146] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.600171] ? calculate_sigpending+0x7b/0xa0 [ 15.600198] ? __pfx_kthread+0x10/0x10 [ 15.600221] ret_from_fork+0x116/0x1d0 [ 15.600242] ? __pfx_kthread+0x10/0x10 [ 15.600265] ret_from_fork_asm+0x1a/0x30 [ 15.600298] </TASK> [ 15.600310] [ 15.608142] Allocated by task 302: [ 15.608358] kasan_save_stack+0x45/0x70 [ 15.608531] kasan_save_track+0x18/0x40 [ 15.608773] kasan_save_alloc_info+0x3b/0x50 [ 15.608991] __kasan_kmalloc+0xb7/0xc0 [ 15.609172] __kmalloc_noprof+0x1c9/0x500 [ 15.609382] kunit_kmalloc_array+0x25/0x60 [ 15.609591] copy_user_test_oob+0xab/0x10f0 [ 15.609814] kunit_try_run_case+0x1a5/0x480 [ 15.610034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.610270] kthread+0x337/0x6f0 [ 15.610457] ret_from_fork+0x116/0x1d0 [ 15.610645] ret_from_fork_asm+0x1a/0x30 [ 15.610931] [ 15.611004] The buggy address belongs to the object at ffff888102b2dc00 [ 15.611004] which belongs to the cache kmalloc-128 of size 128 [ 15.611368] The buggy address is located 0 bytes inside of [ 15.611368] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.611867] [ 15.611969] The buggy address belongs to the physical page: [ 15.612218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.612573] flags: 0x200000000000000(node=0|zone=2) [ 15.613011] page_type: f5(slab) [ 15.613139] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.613372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.613643] page dumped because: kasan: bad access detected [ 15.613910] [ 15.614017] Memory state around the buggy address: [ 15.614268] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.614622] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.614959] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.615233] ^ [ 15.615529] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.615837] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.616137] ================================================================== [ 15.574672] ================================================================== [ 15.574962] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.575243] Read of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.575870] [ 15.576065] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.576122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.576136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.576157] Call Trace: [ 15.576183] <TASK> [ 15.576196] dump_stack_lvl+0x73/0xb0 [ 15.576225] print_report+0xd1/0x650 [ 15.576249] ? __virt_addr_valid+0x1db/0x2d0 [ 15.576274] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.576300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.576325] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.576352] kasan_report+0x141/0x180 [ 15.576385] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.576415] kasan_check_range+0x10c/0x1c0 [ 15.576441] __kasan_check_read+0x15/0x20 [ 15.576472] copy_user_test_oob+0x4aa/0x10f0 [ 15.576500] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.576526] ? finish_task_switch.isra.0+0x153/0x700 [ 15.576559] ? __switch_to+0x47/0xf50 [ 15.576586] ? __schedule+0x10cc/0x2b60 [ 15.576611] ? __pfx_read_tsc+0x10/0x10 [ 15.576652] ? ktime_get_ts64+0x86/0x230 [ 15.576677] kunit_try_run_case+0x1a5/0x480 [ 15.576701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.576723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.576759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.576786] ? __kthread_parkme+0x82/0x180 [ 15.576808] ? preempt_count_sub+0x50/0x80 [ 15.576843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.576866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.576904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.576932] kthread+0x337/0x6f0 [ 15.576953] ? trace_preempt_on+0x20/0xc0 [ 15.576977] ? __pfx_kthread+0x10/0x10 [ 15.576999] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.577024] ? calculate_sigpending+0x7b/0xa0 [ 15.577055] ? __pfx_kthread+0x10/0x10 [ 15.577078] ret_from_fork+0x116/0x1d0 [ 15.577098] ? __pfx_kthread+0x10/0x10 [ 15.577120] ret_from_fork_asm+0x1a/0x30 [ 15.577153] </TASK> [ 15.577165] [ 15.587956] Allocated by task 302: [ 15.588138] kasan_save_stack+0x45/0x70 [ 15.588298] kasan_save_track+0x18/0x40 [ 15.588437] kasan_save_alloc_info+0x3b/0x50 [ 15.588668] __kasan_kmalloc+0xb7/0xc0 [ 15.588857] __kmalloc_noprof+0x1c9/0x500 [ 15.589236] kunit_kmalloc_array+0x25/0x60 [ 15.589386] copy_user_test_oob+0xab/0x10f0 [ 15.589537] kunit_try_run_case+0x1a5/0x480 [ 15.589737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.590023] kthread+0x337/0x6f0 [ 15.590245] ret_from_fork+0x116/0x1d0 [ 15.590380] ret_from_fork_asm+0x1a/0x30 [ 15.590522] [ 15.590593] The buggy address belongs to the object at ffff888102b2dc00 [ 15.590593] which belongs to the cache kmalloc-128 of size 128 [ 15.591140] The buggy address is located 0 bytes inside of [ 15.591140] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.591739] [ 15.591840] The buggy address belongs to the physical page: [ 15.592041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.592415] flags: 0x200000000000000(node=0|zone=2) [ 15.592616] page_type: f5(slab) [ 15.592805] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.593133] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.593464] page dumped because: kasan: bad access detected [ 15.593710] [ 15.593781] Memory state around the buggy address: [ 15.594025] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.594340] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594613] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.594845] ^ [ 15.595068] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.595401] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.595746] ================================================================== [ 15.549372] ================================================================== [ 15.549723] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.550078] Write of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.550459] [ 15.550552] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.550597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.550611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.550646] Call Trace: [ 15.550679] <TASK> [ 15.550695] dump_stack_lvl+0x73/0xb0 [ 15.550722] print_report+0xd1/0x650 [ 15.550746] ? __virt_addr_valid+0x1db/0x2d0 [ 15.550789] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.550815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.550841] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.550867] kasan_report+0x141/0x180 [ 15.550901] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.550932] kasan_check_range+0x10c/0x1c0 [ 15.550958] __kasan_check_write+0x18/0x20 [ 15.550980] copy_user_test_oob+0x3fd/0x10f0 [ 15.551007] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.551033] ? finish_task_switch.isra.0+0x153/0x700 [ 15.551058] ? __switch_to+0x47/0xf50 [ 15.551085] ? __schedule+0x10cc/0x2b60 [ 15.551111] ? __pfx_read_tsc+0x10/0x10 [ 15.551133] ? ktime_get_ts64+0x86/0x230 [ 15.551158] kunit_try_run_case+0x1a5/0x480 [ 15.551200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.551223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.551266] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.551294] ? __kthread_parkme+0x82/0x180 [ 15.551316] ? preempt_count_sub+0x50/0x80 [ 15.551341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.551364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.551392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.551421] kthread+0x337/0x6f0 [ 15.551441] ? trace_preempt_on+0x20/0xc0 [ 15.551466] ? __pfx_kthread+0x10/0x10 [ 15.551489] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.551513] ? calculate_sigpending+0x7b/0xa0 [ 15.551540] ? __pfx_kthread+0x10/0x10 [ 15.551563] ret_from_fork+0x116/0x1d0 [ 15.551583] ? __pfx_kthread+0x10/0x10 [ 15.551606] ret_from_fork_asm+0x1a/0x30 [ 15.551648] </TASK> [ 15.551659] [ 15.559527] Allocated by task 302: [ 15.559783] kasan_save_stack+0x45/0x70 [ 15.560014] kasan_save_track+0x18/0x40 [ 15.560241] kasan_save_alloc_info+0x3b/0x50 [ 15.560453] __kasan_kmalloc+0xb7/0xc0 [ 15.560660] __kmalloc_noprof+0x1c9/0x500 [ 15.560828] kunit_kmalloc_array+0x25/0x60 [ 15.561020] copy_user_test_oob+0xab/0x10f0 [ 15.561247] kunit_try_run_case+0x1a5/0x480 [ 15.561436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.561677] kthread+0x337/0x6f0 [ 15.561830] ret_from_fork+0x116/0x1d0 [ 15.562050] ret_from_fork_asm+0x1a/0x30 [ 15.562248] [ 15.562349] The buggy address belongs to the object at ffff888102b2dc00 [ 15.562349] which belongs to the cache kmalloc-128 of size 128 [ 15.562953] The buggy address is located 0 bytes inside of [ 15.562953] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.563486] [ 15.563580] The buggy address belongs to the physical page: [ 15.563830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.564581] flags: 0x200000000000000(node=0|zone=2) [ 15.566720] page_type: f5(slab) [ 15.566858] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.568126] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.569153] page dumped because: kasan: bad access detected [ 15.570035] [ 15.570399] Memory state around the buggy address: [ 15.571266] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.572041] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.572347] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.572905] ^ [ 15.573344] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.573594] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.573956] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user: Failure
Automatically assigned
[ 15.518512] ================================================================== [ 15.519165] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 15.519385] Read of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.519615] [ 15.519802] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.519847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.519860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.519882] Call Trace: [ 15.519907] <TASK> [ 15.519922] dump_stack_lvl+0x73/0xb0 [ 15.519948] print_report+0xd1/0x650 [ 15.519973] ? __virt_addr_valid+0x1db/0x2d0 [ 15.519998] ? _copy_to_user+0x3c/0x70 [ 15.520020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.520046] ? _copy_to_user+0x3c/0x70 [ 15.520068] kasan_report+0x141/0x180 [ 15.520092] ? _copy_to_user+0x3c/0x70 [ 15.520119] kasan_check_range+0x10c/0x1c0 [ 15.520145] __kasan_check_read+0x15/0x20 [ 15.520167] _copy_to_user+0x3c/0x70 [ 15.520188] copy_user_test_oob+0x364/0x10f0 [ 15.520216] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.520242] ? finish_task_switch.isra.0+0x153/0x700 [ 15.520268] ? __switch_to+0x47/0xf50 [ 15.520294] ? __schedule+0x10cc/0x2b60 [ 15.520319] ? __pfx_read_tsc+0x10/0x10 [ 15.520342] ? ktime_get_ts64+0x86/0x230 [ 15.520368] kunit_try_run_case+0x1a5/0x480 [ 15.520391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.520414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.520441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.520468] ? __kthread_parkme+0x82/0x180 [ 15.520490] ? preempt_count_sub+0x50/0x80 [ 15.520514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.520539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.520567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.520595] kthread+0x337/0x6f0 [ 15.520616] ? trace_preempt_on+0x20/0xc0 [ 15.520641] ? __pfx_kthread+0x10/0x10 [ 15.520674] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.520699] ? calculate_sigpending+0x7b/0xa0 [ 15.520725] ? __pfx_kthread+0x10/0x10 [ 15.520748] ret_from_fork+0x116/0x1d0 [ 15.520769] ? __pfx_kthread+0x10/0x10 [ 15.520791] ret_from_fork_asm+0x1a/0x30 [ 15.520823] </TASK> [ 15.520835] [ 15.533423] Allocated by task 302: [ 15.533565] kasan_save_stack+0x45/0x70 [ 15.533747] kasan_save_track+0x18/0x40 [ 15.533886] kasan_save_alloc_info+0x3b/0x50 [ 15.534494] __kasan_kmalloc+0xb7/0xc0 [ 15.535171] __kmalloc_noprof+0x1c9/0x500 [ 15.535427] kunit_kmalloc_array+0x25/0x60 [ 15.535671] copy_user_test_oob+0xab/0x10f0 [ 15.536038] kunit_try_run_case+0x1a5/0x480 [ 15.536263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.536613] kthread+0x337/0x6f0 [ 15.536888] ret_from_fork+0x116/0x1d0 [ 15.537159] ret_from_fork_asm+0x1a/0x30 [ 15.537376] [ 15.537565] The buggy address belongs to the object at ffff888102b2dc00 [ 15.537565] which belongs to the cache kmalloc-128 of size 128 [ 15.538474] The buggy address is located 0 bytes inside of [ 15.538474] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.539060] [ 15.539162] The buggy address belongs to the physical page: [ 15.539571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.540127] flags: 0x200000000000000(node=0|zone=2) [ 15.540366] page_type: f5(slab) [ 15.540729] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.541080] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.541487] page dumped because: kasan: bad access detected [ 15.541907] [ 15.542012] Memory state around the buggy address: [ 15.542303] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.542641] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543111] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.543540] ^ [ 15.544059] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544370] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544963] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user: Failure
Automatically assigned
[ 15.481944] ================================================================== [ 15.483279] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.483803] Write of size 121 at addr ffff888102b2dc00 by task kunit_try_catch/302 [ 15.484538] [ 15.484758] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.484810] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.484823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.484847] Call Trace: [ 15.484860] <TASK> [ 15.484880] dump_stack_lvl+0x73/0xb0 [ 15.484922] print_report+0xd1/0x650 [ 15.485097] ? __virt_addr_valid+0x1db/0x2d0 [ 15.485134] ? _copy_from_user+0x32/0x90 [ 15.485158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.485184] ? _copy_from_user+0x32/0x90 [ 15.485245] kasan_report+0x141/0x180 [ 15.485269] ? _copy_from_user+0x32/0x90 [ 15.485296] kasan_check_range+0x10c/0x1c0 [ 15.485322] __kasan_check_write+0x18/0x20 [ 15.485343] _copy_from_user+0x32/0x90 [ 15.485366] copy_user_test_oob+0x2be/0x10f0 [ 15.485395] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.485420] ? finish_task_switch.isra.0+0x153/0x700 [ 15.485446] ? __switch_to+0x47/0xf50 [ 15.485474] ? __schedule+0x10cc/0x2b60 [ 15.485500] ? __pfx_read_tsc+0x10/0x10 [ 15.485524] ? ktime_get_ts64+0x86/0x230 [ 15.485550] kunit_try_run_case+0x1a5/0x480 [ 15.485574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.485596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.485624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.485651] ? __kthread_parkme+0x82/0x180 [ 15.485673] ? preempt_count_sub+0x50/0x80 [ 15.485698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.485721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.485749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.485778] kthread+0x337/0x6f0 [ 15.485798] ? trace_preempt_on+0x20/0xc0 [ 15.485824] ? __pfx_kthread+0x10/0x10 [ 15.485846] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.485871] ? calculate_sigpending+0x7b/0xa0 [ 15.485909] ? __pfx_kthread+0x10/0x10 [ 15.485932] ret_from_fork+0x116/0x1d0 [ 15.485963] ? __pfx_kthread+0x10/0x10 [ 15.485985] ret_from_fork_asm+0x1a/0x30 [ 15.486019] </TASK> [ 15.486032] [ 15.501995] Allocated by task 302: [ 15.502165] kasan_save_stack+0x45/0x70 [ 15.502468] kasan_save_track+0x18/0x40 [ 15.503265] kasan_save_alloc_info+0x3b/0x50 [ 15.503427] __kasan_kmalloc+0xb7/0xc0 [ 15.503563] __kmalloc_noprof+0x1c9/0x500 [ 15.503718] kunit_kmalloc_array+0x25/0x60 [ 15.503864] copy_user_test_oob+0xab/0x10f0 [ 15.504086] kunit_try_run_case+0x1a5/0x480 [ 15.504296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.504799] kthread+0x337/0x6f0 [ 15.505037] ret_from_fork+0x116/0x1d0 [ 15.505388] ret_from_fork_asm+0x1a/0x30 [ 15.505766] [ 15.505900] The buggy address belongs to the object at ffff888102b2dc00 [ 15.505900] which belongs to the cache kmalloc-128 of size 128 [ 15.506532] The buggy address is located 0 bytes inside of [ 15.506532] allocated 120-byte region [ffff888102b2dc00, ffff888102b2dc78) [ 15.507596] [ 15.507786] The buggy address belongs to the physical page: [ 15.508342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.508596] flags: 0x200000000000000(node=0|zone=2) [ 15.508809] page_type: f5(slab) [ 15.509208] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.509871] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.510585] page dumped because: kasan: bad access detected [ 15.511160] [ 15.511321] Memory state around the buggy address: [ 15.511508] ffff888102b2db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.511917] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512702] >ffff888102b2dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.513284] ^ [ 15.513506] ffff888102b2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514049] ffff888102b2dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514691] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault: Failure
Automatically assigned
[ 15.448635] ================================================================== [ 15.449074] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.449596] Write of size 8 at addr ffff888102b2db78 by task kunit_try_catch/298 [ 15.449957] [ 15.450143] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.450189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.450213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.450235] Call Trace: [ 15.450248] <TASK> [ 15.450263] dump_stack_lvl+0x73/0xb0 [ 15.450302] print_report+0xd1/0x650 [ 15.450326] ? __virt_addr_valid+0x1db/0x2d0 [ 15.450350] ? copy_to_kernel_nofault+0x99/0x260 [ 15.450383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.450407] ? copy_to_kernel_nofault+0x99/0x260 [ 15.450432] kasan_report+0x141/0x180 [ 15.450466] ? copy_to_kernel_nofault+0x99/0x260 [ 15.450495] kasan_check_range+0x10c/0x1c0 [ 15.450528] __kasan_check_write+0x18/0x20 [ 15.450549] copy_to_kernel_nofault+0x99/0x260 [ 15.450575] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.450611] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.450635] ? finish_task_switch.isra.0+0x153/0x700 [ 15.450660] ? __schedule+0x10cc/0x2b60 [ 15.450684] ? trace_hardirqs_on+0x37/0xe0 [ 15.450714] ? __pfx_read_tsc+0x10/0x10 [ 15.450736] ? ktime_get_ts64+0x86/0x230 [ 15.450761] kunit_try_run_case+0x1a5/0x480 [ 15.450784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.450805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.450831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.450856] ? __kthread_parkme+0x82/0x180 [ 15.450885] ? preempt_count_sub+0x50/0x80 [ 15.450919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.450969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.450996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.451062] kthread+0x337/0x6f0 [ 15.451095] ? trace_preempt_on+0x20/0xc0 [ 15.451118] ? __pfx_kthread+0x10/0x10 [ 15.451140] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.451164] ? calculate_sigpending+0x7b/0xa0 [ 15.451190] ? __pfx_kthread+0x10/0x10 [ 15.451213] ret_from_fork+0x116/0x1d0 [ 15.451241] ? __pfx_kthread+0x10/0x10 [ 15.451263] ret_from_fork_asm+0x1a/0x30 [ 15.451304] </TASK> [ 15.451316] [ 15.460370] Allocated by task 298: [ 15.460558] kasan_save_stack+0x45/0x70 [ 15.460769] kasan_save_track+0x18/0x40 [ 15.461136] kasan_save_alloc_info+0x3b/0x50 [ 15.461337] __kasan_kmalloc+0xb7/0xc0 [ 15.461525] __kmalloc_cache_noprof+0x189/0x420 [ 15.461903] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.462199] kunit_try_run_case+0x1a5/0x480 [ 15.462407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.462693] kthread+0x337/0x6f0 [ 15.462864] ret_from_fork+0x116/0x1d0 [ 15.463096] ret_from_fork_asm+0x1a/0x30 [ 15.463303] [ 15.463396] The buggy address belongs to the object at ffff888102b2db00 [ 15.463396] which belongs to the cache kmalloc-128 of size 128 [ 15.463797] The buggy address is located 0 bytes to the right of [ 15.463797] allocated 120-byte region [ffff888102b2db00, ffff888102b2db78) [ 15.464267] [ 15.464437] The buggy address belongs to the physical page: [ 15.464756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.465361] flags: 0x200000000000000(node=0|zone=2) [ 15.465702] page_type: f5(slab) [ 15.465852] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.466231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.466508] page dumped because: kasan: bad access detected [ 15.466758] [ 15.466877] Memory state around the buggy address: [ 15.467343] ffff888102b2da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.467603] ffff888102b2da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.468285] >ffff888102b2db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.468635] ^ [ 15.468854] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469088] ffff888102b2dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.469930] ================================================================== [ 15.427102] ================================================================== [ 15.427690] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.427958] Read of size 8 at addr ffff888102b2db78 by task kunit_try_catch/298 [ 15.428292] [ 15.428404] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.428451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.428464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.428487] Call Trace: [ 15.428499] <TASK> [ 15.428516] dump_stack_lvl+0x73/0xb0 [ 15.428544] print_report+0xd1/0x650 [ 15.428568] ? __virt_addr_valid+0x1db/0x2d0 [ 15.428593] ? copy_to_kernel_nofault+0x225/0x260 [ 15.428617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.428640] ? copy_to_kernel_nofault+0x225/0x260 [ 15.428665] kasan_report+0x141/0x180 [ 15.428688] ? copy_to_kernel_nofault+0x225/0x260 [ 15.428817] __asan_report_load8_noabort+0x18/0x20 [ 15.428843] copy_to_kernel_nofault+0x225/0x260 [ 15.428871] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.428905] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.428930] ? finish_task_switch.isra.0+0x153/0x700 [ 15.428955] ? __schedule+0x10cc/0x2b60 [ 15.428979] ? trace_hardirqs_on+0x37/0xe0 [ 15.429010] ? __pfx_read_tsc+0x10/0x10 [ 15.429033] ? ktime_get_ts64+0x86/0x230 [ 15.429300] kunit_try_run_case+0x1a5/0x480 [ 15.429337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.429358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.429385] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.429411] ? __kthread_parkme+0x82/0x180 [ 15.429433] ? preempt_count_sub+0x50/0x80 [ 15.429458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.429480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.429506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.429532] kthread+0x337/0x6f0 [ 15.429552] ? trace_preempt_on+0x20/0xc0 [ 15.429577] ? __pfx_kthread+0x10/0x10 [ 15.429601] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.429627] ? calculate_sigpending+0x7b/0xa0 [ 15.429654] ? __pfx_kthread+0x10/0x10 [ 15.429678] ret_from_fork+0x116/0x1d0 [ 15.429698] ? __pfx_kthread+0x10/0x10 [ 15.429720] ret_from_fork_asm+0x1a/0x30 [ 15.429752] </TASK> [ 15.429766] [ 15.438507] Allocated by task 298: [ 15.438640] kasan_save_stack+0x45/0x70 [ 15.438787] kasan_save_track+0x18/0x40 [ 15.439120] kasan_save_alloc_info+0x3b/0x50 [ 15.439416] __kasan_kmalloc+0xb7/0xc0 [ 15.439627] __kmalloc_cache_noprof+0x189/0x420 [ 15.439924] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.440194] kunit_try_run_case+0x1a5/0x480 [ 15.440499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440824] kthread+0x337/0x6f0 [ 15.440996] ret_from_fork+0x116/0x1d0 [ 15.441332] ret_from_fork_asm+0x1a/0x30 [ 15.441645] [ 15.441733] The buggy address belongs to the object at ffff888102b2db00 [ 15.441733] which belongs to the cache kmalloc-128 of size 128 [ 15.442263] The buggy address is located 0 bytes to the right of [ 15.442263] allocated 120-byte region [ffff888102b2db00, ffff888102b2db78) [ 15.442751] [ 15.442852] The buggy address belongs to the physical page: [ 15.443116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 15.443648] flags: 0x200000000000000(node=0|zone=2) [ 15.443843] page_type: f5(slab) [ 15.444118] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.444433] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.444668] page dumped because: kasan: bad access detected [ 15.444931] [ 15.445061] Memory state around the buggy address: [ 15.445506] ffff888102b2da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.445952] ffff888102b2da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.446388] >ffff888102b2db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.446609] ^ [ 15.446934] ffff888102b2db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.447323] ffff888102b2dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.447543] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper: Failure
Automatically assigned
[ 14.047964] ================================================================== [ 14.048358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.048682] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.049029] [ 14.049123] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.049202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.049217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.049238] Call Trace: [ 14.049276] <TASK> [ 14.049290] dump_stack_lvl+0x73/0xb0 [ 14.049317] print_report+0xd1/0x650 [ 14.049352] ? __virt_addr_valid+0x1db/0x2d0 [ 14.049376] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.049398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.049421] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.049444] kasan_report+0x141/0x180 [ 14.049467] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.049493] kasan_check_range+0x10c/0x1c0 [ 14.049518] __kasan_check_write+0x18/0x20 [ 14.049538] kasan_atomics_helper+0x5fe/0x5450 [ 14.049562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.049584] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.049610] ? ret_from_fork_asm+0x1a/0x30 [ 14.049651] ? kasan_atomics+0x152/0x310 [ 14.049678] kasan_atomics+0x1dc/0x310 [ 14.049702] ? __pfx_kasan_atomics+0x10/0x10 [ 14.049727] ? __pfx_read_tsc+0x10/0x10 [ 14.049749] ? ktime_get_ts64+0x86/0x230 [ 14.049773] kunit_try_run_case+0x1a5/0x480 [ 14.049795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.049841] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.049867] ? __kthread_parkme+0x82/0x180 [ 14.049889] ? preempt_count_sub+0x50/0x80 [ 14.049924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.049971] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.049997] kthread+0x337/0x6f0 [ 14.050017] ? trace_preempt_on+0x20/0xc0 [ 14.050091] ? __pfx_kthread+0x10/0x10 [ 14.050113] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.050138] ? calculate_sigpending+0x7b/0xa0 [ 14.050163] ? __pfx_kthread+0x10/0x10 [ 14.050186] ret_from_fork+0x116/0x1d0 [ 14.050206] ? __pfx_kthread+0x10/0x10 [ 14.050227] ret_from_fork_asm+0x1a/0x30 [ 14.050257] </TASK> [ 14.050268] [ 14.062857] Allocated by task 282: [ 14.063421] kasan_save_stack+0x45/0x70 [ 14.063912] kasan_save_track+0x18/0x40 [ 14.064401] kasan_save_alloc_info+0x3b/0x50 [ 14.064557] __kasan_kmalloc+0xb7/0xc0 [ 14.064711] __kmalloc_cache_noprof+0x189/0x420 [ 14.064863] kasan_atomics+0x95/0x310 [ 14.065019] kunit_try_run_case+0x1a5/0x480 [ 14.065789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.066296] kthread+0x337/0x6f0 [ 14.066424] ret_from_fork+0x116/0x1d0 [ 14.066919] ret_from_fork_asm+0x1a/0x30 [ 14.067457] [ 14.067554] The buggy address belongs to the object at ffff888102b49680 [ 14.067554] which belongs to the cache kmalloc-64 of size 64 [ 14.068387] The buggy address is located 0 bytes to the right of [ 14.068387] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.069240] [ 14.069532] The buggy address belongs to the physical page: [ 14.069930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.070794] flags: 0x200000000000000(node=0|zone=2) [ 14.071158] page_type: f5(slab) [ 14.071554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.072113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.072583] page dumped because: kasan: bad access detected [ 14.072954] [ 14.073027] Memory state around the buggy address: [ 14.073464] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.074088] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.074313] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.074520] ^ [ 14.074679] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.074956] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.075284] ================================================================== [ 15.147031] ================================================================== [ 15.147283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.147514] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.147762] [ 15.147871] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.147923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.147956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.147978] Call Trace: [ 15.147994] <TASK> [ 15.148010] dump_stack_lvl+0x73/0xb0 [ 15.148036] print_report+0xd1/0x650 [ 15.148058] ? __virt_addr_valid+0x1db/0x2d0 [ 15.148082] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.148104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.148128] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.148151] kasan_report+0x141/0x180 [ 15.148175] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.148202] kasan_check_range+0x10c/0x1c0 [ 15.148227] __kasan_check_write+0x18/0x20 [ 15.148247] kasan_atomics_helper+0x1e12/0x5450 [ 15.148270] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.148293] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.148319] ? ret_from_fork_asm+0x1a/0x30 [ 15.148341] ? kasan_atomics+0x152/0x310 [ 15.148368] kasan_atomics+0x1dc/0x310 [ 15.148392] ? __pfx_kasan_atomics+0x10/0x10 [ 15.148417] ? __pfx_read_tsc+0x10/0x10 [ 15.148439] ? ktime_get_ts64+0x86/0x230 [ 15.148463] kunit_try_run_case+0x1a5/0x480 [ 15.148485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.148505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.148531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.148556] ? __kthread_parkme+0x82/0x180 [ 15.148577] ? preempt_count_sub+0x50/0x80 [ 15.148602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.148643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.148669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.148694] kthread+0x337/0x6f0 [ 15.148715] ? trace_preempt_on+0x20/0xc0 [ 15.148739] ? __pfx_kthread+0x10/0x10 [ 15.148760] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.148784] ? calculate_sigpending+0x7b/0xa0 [ 15.148809] ? __pfx_kthread+0x10/0x10 [ 15.148831] ret_from_fork+0x116/0x1d0 [ 15.148850] ? __pfx_kthread+0x10/0x10 [ 15.148871] ret_from_fork_asm+0x1a/0x30 [ 15.148909] </TASK> [ 15.148920] [ 15.156445] Allocated by task 282: [ 15.156593] kasan_save_stack+0x45/0x70 [ 15.156810] kasan_save_track+0x18/0x40 [ 15.157003] kasan_save_alloc_info+0x3b/0x50 [ 15.157205] __kasan_kmalloc+0xb7/0xc0 [ 15.157372] __kmalloc_cache_noprof+0x189/0x420 [ 15.157526] kasan_atomics+0x95/0x310 [ 15.157685] kunit_try_run_case+0x1a5/0x480 [ 15.157831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.158017] kthread+0x337/0x6f0 [ 15.158138] ret_from_fork+0x116/0x1d0 [ 15.158271] ret_from_fork_asm+0x1a/0x30 [ 15.158410] [ 15.158481] The buggy address belongs to the object at ffff888102b49680 [ 15.158481] which belongs to the cache kmalloc-64 of size 64 [ 15.158979] The buggy address is located 0 bytes to the right of [ 15.158979] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.159520] [ 15.159632] The buggy address belongs to the physical page: [ 15.159882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.160236] flags: 0x200000000000000(node=0|zone=2) [ 15.160464] page_type: f5(slab) [ 15.160592] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.160931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.161213] page dumped because: kasan: bad access detected [ 15.161386] [ 15.161456] Memory state around the buggy address: [ 15.161628] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.161853] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.162185] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.162506] ^ [ 15.162763] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163100] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163410] ================================================================== [ 14.825512] ================================================================== [ 14.826481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.827532] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.828749] [ 14.829198] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.829248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.829263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.829285] Call Trace: [ 14.829300] <TASK> [ 14.829315] dump_stack_lvl+0x73/0xb0 [ 14.829342] print_report+0xd1/0x650 [ 14.829401] ? __virt_addr_valid+0x1db/0x2d0 [ 14.829427] ? kasan_atomics_helper+0x164f/0x5450 [ 14.829450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.829566] ? kasan_atomics_helper+0x164f/0x5450 [ 14.829591] kasan_report+0x141/0x180 [ 14.829615] ? kasan_atomics_helper+0x164f/0x5450 [ 14.829652] kasan_check_range+0x10c/0x1c0 [ 14.829677] __kasan_check_write+0x18/0x20 [ 14.829697] kasan_atomics_helper+0x164f/0x5450 [ 14.829720] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.829743] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.829769] ? ret_from_fork_asm+0x1a/0x30 [ 14.829792] ? kasan_atomics+0x152/0x310 [ 14.829818] kasan_atomics+0x1dc/0x310 [ 14.829841] ? __pfx_kasan_atomics+0x10/0x10 [ 14.829866] ? __pfx_read_tsc+0x10/0x10 [ 14.829888] ? ktime_get_ts64+0x86/0x230 [ 14.829925] kunit_try_run_case+0x1a5/0x480 [ 14.829958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.830004] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.830030] ? __kthread_parkme+0x82/0x180 [ 14.830051] ? preempt_count_sub+0x50/0x80 [ 14.830075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.830096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.830121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.830147] kthread+0x337/0x6f0 [ 14.830166] ? trace_preempt_on+0x20/0xc0 [ 14.830190] ? __pfx_kthread+0x10/0x10 [ 14.830210] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830234] ? calculate_sigpending+0x7b/0xa0 [ 14.830259] ? __pfx_kthread+0x10/0x10 [ 14.830281] ret_from_fork+0x116/0x1d0 [ 14.830301] ? __pfx_kthread+0x10/0x10 [ 14.830323] ret_from_fork_asm+0x1a/0x30 [ 14.830353] </TASK> [ 14.830364] [ 14.845288] Allocated by task 282: [ 14.845425] kasan_save_stack+0x45/0x70 [ 14.845575] kasan_save_track+0x18/0x40 [ 14.845713] kasan_save_alloc_info+0x3b/0x50 [ 14.845861] __kasan_kmalloc+0xb7/0xc0 [ 14.846224] __kmalloc_cache_noprof+0x189/0x420 [ 14.846642] kasan_atomics+0x95/0x310 [ 14.846983] kunit_try_run_case+0x1a5/0x480 [ 14.847352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.848051] kthread+0x337/0x6f0 [ 14.848358] ret_from_fork+0x116/0x1d0 [ 14.848714] ret_from_fork_asm+0x1a/0x30 [ 14.849098] [ 14.849443] The buggy address belongs to the object at ffff888102b49680 [ 14.849443] which belongs to the cache kmalloc-64 of size 64 [ 14.850673] The buggy address is located 0 bytes to the right of [ 14.850673] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.852018] [ 14.852191] The buggy address belongs to the physical page: [ 14.852669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.853075] flags: 0x200000000000000(node=0|zone=2) [ 14.853510] page_type: f5(slab) [ 14.853824] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.854287] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.854519] page dumped because: kasan: bad access detected [ 14.854816] [ 14.854989] Memory state around the buggy address: [ 14.855463] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.856360] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.857086] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.857450] ^ [ 14.857606] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.858311] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.859060] ================================================================== [ 14.493102] ================================================================== [ 14.493333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.493564] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.493815] [ 14.493908] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.493989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.494002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.494023] Call Trace: [ 14.494035] <TASK> [ 14.494049] dump_stack_lvl+0x73/0xb0 [ 14.494073] print_report+0xd1/0x650 [ 14.494097] ? __virt_addr_valid+0x1db/0x2d0 [ 14.494120] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.494143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.494166] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.494189] kasan_report+0x141/0x180 [ 14.494212] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.494240] __asan_report_load4_noabort+0x18/0x20 [ 14.494262] kasan_atomics_helper+0x4a02/0x5450 [ 14.494286] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.494309] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.494333] ? ret_from_fork_asm+0x1a/0x30 [ 14.494355] ? kasan_atomics+0x152/0x310 [ 14.494383] kasan_atomics+0x1dc/0x310 [ 14.494407] ? __pfx_kasan_atomics+0x10/0x10 [ 14.494433] ? __pfx_read_tsc+0x10/0x10 [ 14.494456] ? ktime_get_ts64+0x86/0x230 [ 14.494480] kunit_try_run_case+0x1a5/0x480 [ 14.494502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.494523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.494548] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.494574] ? __kthread_parkme+0x82/0x180 [ 14.494595] ? preempt_count_sub+0x50/0x80 [ 14.494636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.494659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.494683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.494709] kthread+0x337/0x6f0 [ 14.494730] ? trace_preempt_on+0x20/0xc0 [ 14.494753] ? __pfx_kthread+0x10/0x10 [ 14.494774] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.494798] ? calculate_sigpending+0x7b/0xa0 [ 14.494823] ? __pfx_kthread+0x10/0x10 [ 14.494845] ret_from_fork+0x116/0x1d0 [ 14.494864] ? __pfx_kthread+0x10/0x10 [ 14.494885] ret_from_fork_asm+0x1a/0x30 [ 14.494925] </TASK> [ 14.494954] [ 14.503108] Allocated by task 282: [ 14.503294] kasan_save_stack+0x45/0x70 [ 14.503493] kasan_save_track+0x18/0x40 [ 14.503688] kasan_save_alloc_info+0x3b/0x50 [ 14.503911] __kasan_kmalloc+0xb7/0xc0 [ 14.504105] __kmalloc_cache_noprof+0x189/0x420 [ 14.504274] kasan_atomics+0x95/0x310 [ 14.504426] kunit_try_run_case+0x1a5/0x480 [ 14.504635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.504879] kthread+0x337/0x6f0 [ 14.505103] ret_from_fork+0x116/0x1d0 [ 14.505332] ret_from_fork_asm+0x1a/0x30 [ 14.505524] [ 14.505665] The buggy address belongs to the object at ffff888102b49680 [ 14.505665] which belongs to the cache kmalloc-64 of size 64 [ 14.506062] The buggy address is located 0 bytes to the right of [ 14.506062] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.506435] [ 14.506513] The buggy address belongs to the physical page: [ 14.506685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.507005] flags: 0x200000000000000(node=0|zone=2) [ 14.507241] page_type: f5(slab) [ 14.507407] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.507742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.508110] page dumped because: kasan: bad access detected [ 14.508359] [ 14.508451] Memory state around the buggy address: [ 14.508700] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.509023] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.509426] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.509659] ^ [ 14.509815] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.510144] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.510466] ================================================================== [ 14.604193] ================================================================== [ 14.604590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.604977] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.605782] [ 14.605972] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.606015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.606027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.606048] Call Trace: [ 14.606064] <TASK> [ 14.606079] dump_stack_lvl+0x73/0xb0 [ 14.606105] print_report+0xd1/0x650 [ 14.606127] ? __virt_addr_valid+0x1db/0x2d0 [ 14.606151] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.606173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.606196] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.606219] kasan_report+0x141/0x180 [ 14.606241] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.606269] __asan_report_load4_noabort+0x18/0x20 [ 14.606290] kasan_atomics_helper+0x49ce/0x5450 [ 14.606314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.606337] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.606362] ? ret_from_fork_asm+0x1a/0x30 [ 14.606384] ? kasan_atomics+0x152/0x310 [ 14.606414] kasan_atomics+0x1dc/0x310 [ 14.606438] ? __pfx_kasan_atomics+0x10/0x10 [ 14.606463] ? __pfx_read_tsc+0x10/0x10 [ 14.606484] ? ktime_get_ts64+0x86/0x230 [ 14.606509] kunit_try_run_case+0x1a5/0x480 [ 14.606531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.606551] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.606576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.606601] ? __kthread_parkme+0x82/0x180 [ 14.606622] ? preempt_count_sub+0x50/0x80 [ 14.606647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.606669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.606694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.606720] kthread+0x337/0x6f0 [ 14.606740] ? trace_preempt_on+0x20/0xc0 [ 14.606762] ? __pfx_kthread+0x10/0x10 [ 14.606784] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.606806] ? calculate_sigpending+0x7b/0xa0 [ 14.606831] ? __pfx_kthread+0x10/0x10 [ 14.606852] ret_from_fork+0x116/0x1d0 [ 14.606872] ? __pfx_kthread+0x10/0x10 [ 14.606903] ret_from_fork_asm+0x1a/0x30 [ 14.606933] </TASK> [ 14.606958] [ 14.617340] Allocated by task 282: [ 14.617516] kasan_save_stack+0x45/0x70 [ 14.617663] kasan_save_track+0x18/0x40 [ 14.617801] kasan_save_alloc_info+0x3b/0x50 [ 14.617963] __kasan_kmalloc+0xb7/0xc0 [ 14.618290] __kmalloc_cache_noprof+0x189/0x420 [ 14.618697] kasan_atomics+0x95/0x310 [ 14.618902] kunit_try_run_case+0x1a5/0x480 [ 14.619109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.619337] kthread+0x337/0x6f0 [ 14.619511] ret_from_fork+0x116/0x1d0 [ 14.619706] ret_from_fork_asm+0x1a/0x30 [ 14.619875] [ 14.619956] The buggy address belongs to the object at ffff888102b49680 [ 14.619956] which belongs to the cache kmalloc-64 of size 64 [ 14.620459] The buggy address is located 0 bytes to the right of [ 14.620459] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.621066] [ 14.621139] The buggy address belongs to the physical page: [ 14.621475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.621755] flags: 0x200000000000000(node=0|zone=2) [ 14.622595] page_type: f5(slab) [ 14.622806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.623172] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.623490] page dumped because: kasan: bad access detected [ 14.623702] [ 14.623794] Memory state around the buggy address: [ 14.624029] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.624301] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.624598] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.624885] ^ [ 14.625864] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.626565] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.627504] ================================================================== [ 15.241871] ================================================================== [ 15.242831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 15.243337] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.243781] [ 15.244113] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.244166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.244181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.244202] Call Trace: [ 15.244217] <TASK> [ 15.244230] dump_stack_lvl+0x73/0xb0 [ 15.244295] print_report+0xd1/0x650 [ 15.244322] ? __virt_addr_valid+0x1db/0x2d0 [ 15.244347] ? kasan_atomics_helper+0x2006/0x5450 [ 15.244371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.244395] ? kasan_atomics_helper+0x2006/0x5450 [ 15.244418] kasan_report+0x141/0x180 [ 15.244441] ? kasan_atomics_helper+0x2006/0x5450 [ 15.244468] kasan_check_range+0x10c/0x1c0 [ 15.244492] __kasan_check_write+0x18/0x20 [ 15.244513] kasan_atomics_helper+0x2006/0x5450 [ 15.244536] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.244559] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.244585] ? ret_from_fork_asm+0x1a/0x30 [ 15.244607] ? kasan_atomics+0x152/0x310 [ 15.244648] kasan_atomics+0x1dc/0x310 [ 15.244671] ? __pfx_kasan_atomics+0x10/0x10 [ 15.244696] ? __pfx_read_tsc+0x10/0x10 [ 15.244717] ? ktime_get_ts64+0x86/0x230 [ 15.244742] kunit_try_run_case+0x1a5/0x480 [ 15.244764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.244784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.244810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.244835] ? __kthread_parkme+0x82/0x180 [ 15.244856] ? preempt_count_sub+0x50/0x80 [ 15.244881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.244913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.244939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.244965] kthread+0x337/0x6f0 [ 15.244985] ? trace_preempt_on+0x20/0xc0 [ 15.245008] ? __pfx_kthread+0x10/0x10 [ 15.245029] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.245057] ? calculate_sigpending+0x7b/0xa0 [ 15.245082] ? __pfx_kthread+0x10/0x10 [ 15.245104] ret_from_fork+0x116/0x1d0 [ 15.245123] ? __pfx_kthread+0x10/0x10 [ 15.245144] ret_from_fork_asm+0x1a/0x30 [ 15.245174] </TASK> [ 15.245186] [ 15.255020] Allocated by task 282: [ 15.255152] kasan_save_stack+0x45/0x70 [ 15.255342] kasan_save_track+0x18/0x40 [ 15.255537] kasan_save_alloc_info+0x3b/0x50 [ 15.255732] __kasan_kmalloc+0xb7/0xc0 [ 15.255865] __kmalloc_cache_noprof+0x189/0x420 [ 15.256032] kasan_atomics+0x95/0x310 [ 15.256235] kunit_try_run_case+0x1a5/0x480 [ 15.256445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.256702] kthread+0x337/0x6f0 [ 15.256886] ret_from_fork+0x116/0x1d0 [ 15.257185] ret_from_fork_asm+0x1a/0x30 [ 15.257433] [ 15.257519] The buggy address belongs to the object at ffff888102b49680 [ 15.257519] which belongs to the cache kmalloc-64 of size 64 [ 15.257994] The buggy address is located 0 bytes to the right of [ 15.257994] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.258498] [ 15.258599] The buggy address belongs to the physical page: [ 15.258829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.259078] flags: 0x200000000000000(node=0|zone=2) [ 15.259238] page_type: f5(slab) [ 15.259507] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.259931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.260156] page dumped because: kasan: bad access detected [ 15.260325] [ 15.260393] Memory state around the buggy address: [ 15.260562] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.260821] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.261383] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.261599] ^ [ 15.262474] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.263192] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.263650] ================================================================== [ 14.193655] ================================================================== [ 14.194038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 14.194387] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.194756] [ 14.194852] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.194922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.194953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.194977] Call Trace: [ 14.194995] <TASK> [ 14.195010] dump_stack_lvl+0x73/0xb0 [ 14.195036] print_report+0xd1/0x650 [ 14.195060] ? __virt_addr_valid+0x1db/0x2d0 [ 14.195085] ? kasan_atomics_helper+0x992/0x5450 [ 14.195107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.195131] ? kasan_atomics_helper+0x992/0x5450 [ 14.195154] kasan_report+0x141/0x180 [ 14.195177] ? kasan_atomics_helper+0x992/0x5450 [ 14.195206] kasan_check_range+0x10c/0x1c0 [ 14.195231] __kasan_check_write+0x18/0x20 [ 14.195252] kasan_atomics_helper+0x992/0x5450 [ 14.195276] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.195299] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.195324] ? ret_from_fork_asm+0x1a/0x30 [ 14.195347] ? kasan_atomics+0x152/0x310 [ 14.195375] kasan_atomics+0x1dc/0x310 [ 14.195398] ? __pfx_kasan_atomics+0x10/0x10 [ 14.195423] ? __pfx_read_tsc+0x10/0x10 [ 14.195445] ? ktime_get_ts64+0x86/0x230 [ 14.195471] kunit_try_run_case+0x1a5/0x480 [ 14.195494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.195514] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.195541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.195566] ? __kthread_parkme+0x82/0x180 [ 14.195588] ? preempt_count_sub+0x50/0x80 [ 14.195629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.195651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.195677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.195702] kthread+0x337/0x6f0 [ 14.195722] ? trace_preempt_on+0x20/0xc0 [ 14.195746] ? __pfx_kthread+0x10/0x10 [ 14.195767] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.195790] ? calculate_sigpending+0x7b/0xa0 [ 14.195815] ? __pfx_kthread+0x10/0x10 [ 14.195836] ret_from_fork+0x116/0x1d0 [ 14.195855] ? __pfx_kthread+0x10/0x10 [ 14.195877] ret_from_fork_asm+0x1a/0x30 [ 14.195916] </TASK> [ 14.195945] [ 14.204170] Allocated by task 282: [ 14.204336] kasan_save_stack+0x45/0x70 [ 14.204482] kasan_save_track+0x18/0x40 [ 14.204665] kasan_save_alloc_info+0x3b/0x50 [ 14.204879] __kasan_kmalloc+0xb7/0xc0 [ 14.205104] __kmalloc_cache_noprof+0x189/0x420 [ 14.205382] kasan_atomics+0x95/0x310 [ 14.205518] kunit_try_run_case+0x1a5/0x480 [ 14.205791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206058] kthread+0x337/0x6f0 [ 14.206235] ret_from_fork+0x116/0x1d0 [ 14.206433] ret_from_fork_asm+0x1a/0x30 [ 14.206580] [ 14.206653] The buggy address belongs to the object at ffff888102b49680 [ 14.206653] which belongs to the cache kmalloc-64 of size 64 [ 14.207034] The buggy address is located 0 bytes to the right of [ 14.207034] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.207572] [ 14.207666] The buggy address belongs to the physical page: [ 14.208374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.209217] flags: 0x200000000000000(node=0|zone=2) [ 14.209406] page_type: f5(slab) [ 14.209533] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.210344] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.210945] page dumped because: kasan: bad access detected [ 14.211448] [ 14.211738] Memory state around the buggy address: [ 14.212213] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.212526] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.213258] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.213576] ^ [ 14.214042] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.214495] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.215037] ================================================================== [ 15.322028] ================================================================== [ 15.322364] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 15.322623] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.323088] [ 15.323199] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.323241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.323253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.323274] Call Trace: [ 15.323287] <TASK> [ 15.323300] dump_stack_lvl+0x73/0xb0 [ 15.323324] print_report+0xd1/0x650 [ 15.323346] ? __virt_addr_valid+0x1db/0x2d0 [ 15.323369] ? kasan_atomics_helper+0x218a/0x5450 [ 15.323390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.323413] ? kasan_atomics_helper+0x218a/0x5450 [ 15.323435] kasan_report+0x141/0x180 [ 15.323457] ? kasan_atomics_helper+0x218a/0x5450 [ 15.323484] kasan_check_range+0x10c/0x1c0 [ 15.323507] __kasan_check_write+0x18/0x20 [ 15.323526] kasan_atomics_helper+0x218a/0x5450 [ 15.323549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.323572] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.323596] ? ret_from_fork_asm+0x1a/0x30 [ 15.323618] ? kasan_atomics+0x152/0x310 [ 15.323644] kasan_atomics+0x1dc/0x310 [ 15.323667] ? __pfx_kasan_atomics+0x10/0x10 [ 15.323692] ? __pfx_read_tsc+0x10/0x10 [ 15.323712] ? ktime_get_ts64+0x86/0x230 [ 15.323736] kunit_try_run_case+0x1a5/0x480 [ 15.323757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.323777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.323802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.323827] ? __kthread_parkme+0x82/0x180 [ 15.323847] ? preempt_count_sub+0x50/0x80 [ 15.323871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.323902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.323927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.323952] kthread+0x337/0x6f0 [ 15.323971] ? trace_preempt_on+0x20/0xc0 [ 15.323993] ? __pfx_kthread+0x10/0x10 [ 15.324014] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.324037] ? calculate_sigpending+0x7b/0xa0 [ 15.324061] ? __pfx_kthread+0x10/0x10 [ 15.324082] ret_from_fork+0x116/0x1d0 [ 15.324101] ? __pfx_kthread+0x10/0x10 [ 15.324122] ret_from_fork_asm+0x1a/0x30 [ 15.324152] </TASK> [ 15.324162] [ 15.331583] Allocated by task 282: [ 15.331771] kasan_save_stack+0x45/0x70 [ 15.331976] kasan_save_track+0x18/0x40 [ 15.332128] kasan_save_alloc_info+0x3b/0x50 [ 15.332323] __kasan_kmalloc+0xb7/0xc0 [ 15.332457] __kmalloc_cache_noprof+0x189/0x420 [ 15.332613] kasan_atomics+0x95/0x310 [ 15.332799] kunit_try_run_case+0x1a5/0x480 [ 15.333071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.333322] kthread+0x337/0x6f0 [ 15.333466] ret_from_fork+0x116/0x1d0 [ 15.333597] ret_from_fork_asm+0x1a/0x30 [ 15.333761] [ 15.333861] The buggy address belongs to the object at ffff888102b49680 [ 15.333861] which belongs to the cache kmalloc-64 of size 64 [ 15.334413] The buggy address is located 0 bytes to the right of [ 15.334413] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.334862] [ 15.334967] The buggy address belongs to the physical page: [ 15.335222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.335531] flags: 0x200000000000000(node=0|zone=2) [ 15.335707] page_type: f5(slab) [ 15.335844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.336192] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.336421] page dumped because: kasan: bad access detected [ 15.336591] [ 15.336659] Memory state around the buggy address: [ 15.336812] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.337038] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.337260] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.337474] ^ [ 15.337629] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.337955] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.338272] ================================================================== [ 14.075708] ================================================================== [ 14.076200] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.076513] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.076783] [ 14.076958] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.077011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.077024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.077049] Call Trace: [ 14.077063] <TASK> [ 14.077089] dump_stack_lvl+0x73/0xb0 [ 14.077114] print_report+0xd1/0x650 [ 14.077137] ? __virt_addr_valid+0x1db/0x2d0 [ 14.077162] ? kasan_atomics_helper+0x697/0x5450 [ 14.077198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.077221] ? kasan_atomics_helper+0x697/0x5450 [ 14.077253] kasan_report+0x141/0x180 [ 14.077276] ? kasan_atomics_helper+0x697/0x5450 [ 14.077303] kasan_check_range+0x10c/0x1c0 [ 14.077338] __kasan_check_write+0x18/0x20 [ 14.077359] kasan_atomics_helper+0x697/0x5450 [ 14.077383] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.077406] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.077430] ? ret_from_fork_asm+0x1a/0x30 [ 14.077452] ? kasan_atomics+0x152/0x310 [ 14.077480] kasan_atomics+0x1dc/0x310 [ 14.077503] ? __pfx_kasan_atomics+0x10/0x10 [ 14.077528] ? __pfx_read_tsc+0x10/0x10 [ 14.077549] ? ktime_get_ts64+0x86/0x230 [ 14.077574] kunit_try_run_case+0x1a5/0x480 [ 14.077595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077616] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.077652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.077677] ? __kthread_parkme+0x82/0x180 [ 14.077707] ? preempt_count_sub+0x50/0x80 [ 14.077732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.077788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.077814] kthread+0x337/0x6f0 [ 14.077834] ? trace_preempt_on+0x20/0xc0 [ 14.077857] ? __pfx_kthread+0x10/0x10 [ 14.077885] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.077924] ? calculate_sigpending+0x7b/0xa0 [ 14.077959] ? __pfx_kthread+0x10/0x10 [ 14.077982] ret_from_fork+0x116/0x1d0 [ 14.078001] ? __pfx_kthread+0x10/0x10 [ 14.078023] ret_from_fork_asm+0x1a/0x30 [ 14.078054] </TASK> [ 14.078066] [ 14.088252] Allocated by task 282: [ 14.088859] kasan_save_stack+0x45/0x70 [ 14.089220] kasan_save_track+0x18/0x40 [ 14.089405] kasan_save_alloc_info+0x3b/0x50 [ 14.089605] __kasan_kmalloc+0xb7/0xc0 [ 14.090042] __kmalloc_cache_noprof+0x189/0x420 [ 14.090389] kasan_atomics+0x95/0x310 [ 14.090778] kunit_try_run_case+0x1a5/0x480 [ 14.091173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.091537] kthread+0x337/0x6f0 [ 14.092000] ret_from_fork+0x116/0x1d0 [ 14.092277] ret_from_fork_asm+0x1a/0x30 [ 14.092562] [ 14.092880] The buggy address belongs to the object at ffff888102b49680 [ 14.092880] which belongs to the cache kmalloc-64 of size 64 [ 14.094039] The buggy address is located 0 bytes to the right of [ 14.094039] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.094827] [ 14.094943] The buggy address belongs to the physical page: [ 14.095388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.096011] flags: 0x200000000000000(node=0|zone=2) [ 14.096351] page_type: f5(slab) [ 14.096506] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.097148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.097827] page dumped because: kasan: bad access detected [ 14.098312] [ 14.098475] Memory state around the buggy address: [ 14.098667] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.099092] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.099337] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.099626] ^ [ 14.099831] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.100272] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.100605] ================================================================== [ 14.215505] ================================================================== [ 14.215773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.216214] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.216490] [ 14.216603] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.216665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.216679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.216700] Call Trace: [ 14.216716] <TASK> [ 14.216732] dump_stack_lvl+0x73/0xb0 [ 14.216758] print_report+0xd1/0x650 [ 14.216781] ? __virt_addr_valid+0x1db/0x2d0 [ 14.216804] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.216826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.216850] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.216873] kasan_report+0x141/0x180 [ 14.216905] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.216950] kasan_check_range+0x10c/0x1c0 [ 14.216976] __kasan_check_write+0x18/0x20 [ 14.216996] kasan_atomics_helper+0xa2b/0x5450 [ 14.217019] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.217053] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.217079] ? ret_from_fork_asm+0x1a/0x30 [ 14.217102] ? kasan_atomics+0x152/0x310 [ 14.217129] kasan_atomics+0x1dc/0x310 [ 14.217153] ? __pfx_kasan_atomics+0x10/0x10 [ 14.217178] ? __pfx_read_tsc+0x10/0x10 [ 14.217200] ? ktime_get_ts64+0x86/0x230 [ 14.217225] kunit_try_run_case+0x1a5/0x480 [ 14.217247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.217268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.217294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.217320] ? __kthread_parkme+0x82/0x180 [ 14.217342] ? preempt_count_sub+0x50/0x80 [ 14.217366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.217388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.217414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.217440] kthread+0x337/0x6f0 [ 14.217460] ? trace_preempt_on+0x20/0xc0 [ 14.217484] ? __pfx_kthread+0x10/0x10 [ 14.217505] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.217528] ? calculate_sigpending+0x7b/0xa0 [ 14.217553] ? __pfx_kthread+0x10/0x10 [ 14.217575] ret_from_fork+0x116/0x1d0 [ 14.217595] ? __pfx_kthread+0x10/0x10 [ 14.217631] ret_from_fork_asm+0x1a/0x30 [ 14.217662] </TASK> [ 14.217673] [ 14.226087] Allocated by task 282: [ 14.226271] kasan_save_stack+0x45/0x70 [ 14.226437] kasan_save_track+0x18/0x40 [ 14.226573] kasan_save_alloc_info+0x3b/0x50 [ 14.226795] __kasan_kmalloc+0xb7/0xc0 [ 14.227067] __kmalloc_cache_noprof+0x189/0x420 [ 14.227295] kasan_atomics+0x95/0x310 [ 14.227453] kunit_try_run_case+0x1a5/0x480 [ 14.227636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.227888] kthread+0x337/0x6f0 [ 14.228041] ret_from_fork+0x116/0x1d0 [ 14.228175] ret_from_fork_asm+0x1a/0x30 [ 14.228415] [ 14.228509] The buggy address belongs to the object at ffff888102b49680 [ 14.228509] which belongs to the cache kmalloc-64 of size 64 [ 14.229180] The buggy address is located 0 bytes to the right of [ 14.229180] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.229560] [ 14.229659] The buggy address belongs to the physical page: [ 14.229919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.230473] flags: 0x200000000000000(node=0|zone=2) [ 14.230710] page_type: f5(slab) [ 14.230915] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.231190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.231507] page dumped because: kasan: bad access detected [ 14.231748] [ 14.231843] Memory state around the buggy address: [ 14.232111] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.232370] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.232689] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.232973] ^ [ 14.233204] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.233590] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.233984] ================================================================== [ 14.859681] ================================================================== [ 14.859928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.860736] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.861522] [ 14.861702] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.861747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.861759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.861781] Call Trace: [ 14.861797] <TASK> [ 14.861813] dump_stack_lvl+0x73/0xb0 [ 14.861849] print_report+0xd1/0x650 [ 14.861872] ? __virt_addr_valid+0x1db/0x2d0 [ 14.861909] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.861932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.861971] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.861994] kasan_report+0x141/0x180 [ 14.862017] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.862045] kasan_check_range+0x10c/0x1c0 [ 14.862070] __kasan_check_write+0x18/0x20 [ 14.862090] kasan_atomics_helper+0x16e7/0x5450 [ 14.862113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.862136] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.862160] ? ret_from_fork_asm+0x1a/0x30 [ 14.862183] ? kasan_atomics+0x152/0x310 [ 14.862210] kasan_atomics+0x1dc/0x310 [ 14.862233] ? __pfx_kasan_atomics+0x10/0x10 [ 14.862258] ? __pfx_read_tsc+0x10/0x10 [ 14.862280] ? ktime_get_ts64+0x86/0x230 [ 14.862304] kunit_try_run_case+0x1a5/0x480 [ 14.862327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.862346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.862372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.862397] ? __kthread_parkme+0x82/0x180 [ 14.862418] ? preempt_count_sub+0x50/0x80 [ 14.862444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.862466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.862491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.862516] kthread+0x337/0x6f0 [ 14.862536] ? trace_preempt_on+0x20/0xc0 [ 14.862559] ? __pfx_kthread+0x10/0x10 [ 14.862580] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.862604] ? calculate_sigpending+0x7b/0xa0 [ 14.862670] ? __pfx_kthread+0x10/0x10 [ 14.862695] ret_from_fork+0x116/0x1d0 [ 14.862715] ? __pfx_kthread+0x10/0x10 [ 14.862736] ret_from_fork_asm+0x1a/0x30 [ 14.862766] </TASK> [ 14.862777] [ 14.876482] Allocated by task 282: [ 14.876640] kasan_save_stack+0x45/0x70 [ 14.877220] kasan_save_track+0x18/0x40 [ 14.877567] kasan_save_alloc_info+0x3b/0x50 [ 14.878030] __kasan_kmalloc+0xb7/0xc0 [ 14.878203] __kmalloc_cache_noprof+0x189/0x420 [ 14.878376] kasan_atomics+0x95/0x310 [ 14.878513] kunit_try_run_case+0x1a5/0x480 [ 14.878783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.879337] kthread+0x337/0x6f0 [ 14.879696] ret_from_fork+0x116/0x1d0 [ 14.880110] ret_from_fork_asm+0x1a/0x30 [ 14.880477] [ 14.880656] The buggy address belongs to the object at ffff888102b49680 [ 14.880656] which belongs to the cache kmalloc-64 of size 64 [ 14.881735] The buggy address is located 0 bytes to the right of [ 14.881735] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.882126] [ 14.882206] The buggy address belongs to the physical page: [ 14.882377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.882619] flags: 0x200000000000000(node=0|zone=2) [ 14.882783] page_type: f5(slab) [ 14.882915] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.883148] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.883377] page dumped because: kasan: bad access detected [ 14.883549] [ 14.883619] Memory state around the buggy address: [ 14.883772] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.884104] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.884324] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.884539] ^ [ 14.884779] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.885310] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.885657] ================================================================== [ 14.628356] ================================================================== [ 14.629345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.629901] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.631054] [ 14.631240] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.631285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.631298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.631320] Call Trace: [ 14.631335] <TASK> [ 14.631349] dump_stack_lvl+0x73/0xb0 [ 14.631375] print_report+0xd1/0x650 [ 14.631399] ? __virt_addr_valid+0x1db/0x2d0 [ 14.631424] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.631446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.631470] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.631492] kasan_report+0x141/0x180 [ 14.631515] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.631542] kasan_check_range+0x10c/0x1c0 [ 14.631566] __kasan_check_read+0x15/0x20 [ 14.631586] kasan_atomics_helper+0x13b5/0x5450 [ 14.631610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.631634] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.631659] ? ret_from_fork_asm+0x1a/0x30 [ 14.631681] ? kasan_atomics+0x152/0x310 [ 14.631708] kasan_atomics+0x1dc/0x310 [ 14.631732] ? __pfx_kasan_atomics+0x10/0x10 [ 14.631757] ? __pfx_read_tsc+0x10/0x10 [ 14.631779] ? ktime_get_ts64+0x86/0x230 [ 14.631803] kunit_try_run_case+0x1a5/0x480 [ 14.631825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.631845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.631871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.631906] ? __kthread_parkme+0x82/0x180 [ 14.631927] ? preempt_count_sub+0x50/0x80 [ 14.631952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.631973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.631998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.632024] kthread+0x337/0x6f0 [ 14.632045] ? trace_preempt_on+0x20/0xc0 [ 14.632068] ? __pfx_kthread+0x10/0x10 [ 14.632089] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.632158] ? calculate_sigpending+0x7b/0xa0 [ 14.632184] ? __pfx_kthread+0x10/0x10 [ 14.632216] ret_from_fork+0x116/0x1d0 [ 14.632236] ? __pfx_kthread+0x10/0x10 [ 14.632257] ret_from_fork_asm+0x1a/0x30 [ 14.632287] </TASK> [ 14.632298] [ 14.647394] Allocated by task 282: [ 14.647527] kasan_save_stack+0x45/0x70 [ 14.647692] kasan_save_track+0x18/0x40 [ 14.648064] kasan_save_alloc_info+0x3b/0x50 [ 14.648566] __kasan_kmalloc+0xb7/0xc0 [ 14.649012] __kmalloc_cache_noprof+0x189/0x420 [ 14.649584] kasan_atomics+0x95/0x310 [ 14.650068] kunit_try_run_case+0x1a5/0x480 [ 14.650350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650528] kthread+0x337/0x6f0 [ 14.650668] ret_from_fork+0x116/0x1d0 [ 14.651030] ret_from_fork_asm+0x1a/0x30 [ 14.651644] [ 14.651879] The buggy address belongs to the object at ffff888102b49680 [ 14.651879] which belongs to the cache kmalloc-64 of size 64 [ 14.653124] The buggy address is located 0 bytes to the right of [ 14.653124] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.653650] [ 14.653837] The buggy address belongs to the physical page: [ 14.654453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.655248] flags: 0x200000000000000(node=0|zone=2) [ 14.655661] page_type: f5(slab) [ 14.656048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.656647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.657234] page dumped because: kasan: bad access detected [ 14.657412] [ 14.657482] Memory state around the buggy address: [ 14.657638] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.657860] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.658112] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.658587] ^ [ 14.659078] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.659494] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.659741] ================================================================== [ 13.952437] ================================================================== [ 13.953125] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.953505] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.953726] [ 13.953807] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.953857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.953870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.953899] Call Trace: [ 13.953915] <TASK> [ 13.953928] dump_stack_lvl+0x73/0xb0 [ 13.953953] print_report+0xd1/0x650 [ 13.953975] ? __virt_addr_valid+0x1db/0x2d0 [ 13.953999] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.954022] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.954045] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.954068] kasan_report+0x141/0x180 [ 13.954092] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.954120] kasan_check_range+0x10c/0x1c0 [ 13.954145] __kasan_check_write+0x18/0x20 [ 13.954166] kasan_atomics_helper+0x4a0/0x5450 [ 13.954190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.954213] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.954239] ? ret_from_fork_asm+0x1a/0x30 [ 13.954261] ? kasan_atomics+0x152/0x310 [ 13.954289] kasan_atomics+0x1dc/0x310 [ 13.954313] ? __pfx_kasan_atomics+0x10/0x10 [ 13.954339] ? __pfx_read_tsc+0x10/0x10 [ 13.954361] ? ktime_get_ts64+0x86/0x230 [ 13.954386] kunit_try_run_case+0x1a5/0x480 [ 13.954409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.954429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.954456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.954482] ? __kthread_parkme+0x82/0x180 [ 13.954503] ? preempt_count_sub+0x50/0x80 [ 13.954529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.954552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.954579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.954605] kthread+0x337/0x6f0 [ 13.954626] ? trace_preempt_on+0x20/0xc0 [ 13.954649] ? __pfx_kthread+0x10/0x10 [ 13.954673] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.954696] ? calculate_sigpending+0x7b/0xa0 [ 13.954721] ? __pfx_kthread+0x10/0x10 [ 13.954744] ret_from_fork+0x116/0x1d0 [ 13.954763] ? __pfx_kthread+0x10/0x10 [ 13.954785] ret_from_fork_asm+0x1a/0x30 [ 13.954817] </TASK> [ 13.954828] [ 13.971672] Allocated by task 282: [ 13.972100] kasan_save_stack+0x45/0x70 [ 13.972476] kasan_save_track+0x18/0x40 [ 13.972986] kasan_save_alloc_info+0x3b/0x50 [ 13.973400] __kasan_kmalloc+0xb7/0xc0 [ 13.973818] __kmalloc_cache_noprof+0x189/0x420 [ 13.974228] kasan_atomics+0x95/0x310 [ 13.974757] kunit_try_run_case+0x1a5/0x480 [ 13.975055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.975565] kthread+0x337/0x6f0 [ 13.975806] ret_from_fork+0x116/0x1d0 [ 13.976253] ret_from_fork_asm+0x1a/0x30 [ 13.976603] [ 13.976696] The buggy address belongs to the object at ffff888102b49680 [ 13.976696] which belongs to the cache kmalloc-64 of size 64 [ 13.977106] The buggy address is located 0 bytes to the right of [ 13.977106] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.978270] [ 13.978446] The buggy address belongs to the physical page: [ 13.979059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.979779] flags: 0x200000000000000(node=0|zone=2) [ 13.980175] page_type: f5(slab) [ 13.980496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.981170] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.981398] page dumped because: kasan: bad access detected [ 13.981566] [ 13.981643] Memory state around the buggy address: [ 13.982073] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.982807] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.983587] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.984286] ^ [ 13.984824] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.985706] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.986120] ================================================================== [ 14.252818] ================================================================== [ 14.253186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.253516] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.253843] [ 14.253946] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.254008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.254021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.254042] Call Trace: [ 14.254055] <TASK> [ 14.254069] dump_stack_lvl+0x73/0xb0 [ 14.254093] print_report+0xd1/0x650 [ 14.254115] ? __virt_addr_valid+0x1db/0x2d0 [ 14.254140] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.254162] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.254185] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.254207] kasan_report+0x141/0x180 [ 14.254230] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.254257] kasan_check_range+0x10c/0x1c0 [ 14.254282] __kasan_check_write+0x18/0x20 [ 14.254302] kasan_atomics_helper+0xb6a/0x5450 [ 14.254325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.254348] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.254373] ? ret_from_fork_asm+0x1a/0x30 [ 14.254395] ? kasan_atomics+0x152/0x310 [ 14.254422] kasan_atomics+0x1dc/0x310 [ 14.254445] ? __pfx_kasan_atomics+0x10/0x10 [ 14.254471] ? __pfx_read_tsc+0x10/0x10 [ 14.254493] ? ktime_get_ts64+0x86/0x230 [ 14.254518] kunit_try_run_case+0x1a5/0x480 [ 14.254543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.254564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.254590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.254634] ? __kthread_parkme+0x82/0x180 [ 14.254673] ? preempt_count_sub+0x50/0x80 [ 14.254697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.254719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.254744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.254771] kthread+0x337/0x6f0 [ 14.254792] ? trace_preempt_on+0x20/0xc0 [ 14.254815] ? __pfx_kthread+0x10/0x10 [ 14.254836] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.254859] ? calculate_sigpending+0x7b/0xa0 [ 14.254884] ? __pfx_kthread+0x10/0x10 [ 14.254916] ret_from_fork+0x116/0x1d0 [ 14.254954] ? __pfx_kthread+0x10/0x10 [ 14.254975] ret_from_fork_asm+0x1a/0x30 [ 14.255006] </TASK> [ 14.255017] [ 14.267169] Allocated by task 282: [ 14.267319] kasan_save_stack+0x45/0x70 [ 14.267503] kasan_save_track+0x18/0x40 [ 14.267688] kasan_save_alloc_info+0x3b/0x50 [ 14.268003] __kasan_kmalloc+0xb7/0xc0 [ 14.268309] __kmalloc_cache_noprof+0x189/0x420 [ 14.268470] kasan_atomics+0x95/0x310 [ 14.269231] kunit_try_run_case+0x1a5/0x480 [ 14.269756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.270073] kthread+0x337/0x6f0 [ 14.271096] ret_from_fork+0x116/0x1d0 [ 14.271249] ret_from_fork_asm+0x1a/0x30 [ 14.271455] [ 14.271555] The buggy address belongs to the object at ffff888102b49680 [ 14.271555] which belongs to the cache kmalloc-64 of size 64 [ 14.272069] The buggy address is located 0 bytes to the right of [ 14.272069] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.272859] [ 14.272986] The buggy address belongs to the physical page: [ 14.273271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.273622] flags: 0x200000000000000(node=0|zone=2) [ 14.273845] page_type: f5(slab) [ 14.274169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.274420] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.274649] page dumped because: kasan: bad access detected [ 14.274821] [ 14.274968] Memory state around the buggy address: [ 14.275195] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.275675] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.276080] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.276388] ^ [ 14.276620] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.276992] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.277359] ================================================================== [ 14.886125] ================================================================== [ 14.886444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.886742] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.887045] [ 14.887154] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.887198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.887211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.887231] Call Trace: [ 14.887246] <TASK> [ 14.887260] dump_stack_lvl+0x73/0xb0 [ 14.887285] print_report+0xd1/0x650 [ 14.887307] ? __virt_addr_valid+0x1db/0x2d0 [ 14.887332] ? kasan_atomics_helper+0x177f/0x5450 [ 14.887354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.887378] ? kasan_atomics_helper+0x177f/0x5450 [ 14.887401] kasan_report+0x141/0x180 [ 14.887424] ? kasan_atomics_helper+0x177f/0x5450 [ 14.887451] kasan_check_range+0x10c/0x1c0 [ 14.887476] __kasan_check_write+0x18/0x20 [ 14.887497] kasan_atomics_helper+0x177f/0x5450 [ 14.887521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.887544] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.887569] ? ret_from_fork_asm+0x1a/0x30 [ 14.887592] ? kasan_atomics+0x152/0x310 [ 14.887637] kasan_atomics+0x1dc/0x310 [ 14.887661] ? __pfx_kasan_atomics+0x10/0x10 [ 14.887687] ? __pfx_read_tsc+0x10/0x10 [ 14.887708] ? ktime_get_ts64+0x86/0x230 [ 14.887732] kunit_try_run_case+0x1a5/0x480 [ 14.887754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.887774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.887801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.887825] ? __kthread_parkme+0x82/0x180 [ 14.887847] ? preempt_count_sub+0x50/0x80 [ 14.887870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.887901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.887944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.887971] kthread+0x337/0x6f0 [ 14.887990] ? trace_preempt_on+0x20/0xc0 [ 14.888014] ? __pfx_kthread+0x10/0x10 [ 14.888035] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.888059] ? calculate_sigpending+0x7b/0xa0 [ 14.888085] ? __pfx_kthread+0x10/0x10 [ 14.888107] ret_from_fork+0x116/0x1d0 [ 14.888126] ? __pfx_kthread+0x10/0x10 [ 14.888147] ret_from_fork_asm+0x1a/0x30 [ 14.888178] </TASK> [ 14.888189] [ 14.896517] Allocated by task 282: [ 14.896723] kasan_save_stack+0x45/0x70 [ 14.896950] kasan_save_track+0x18/0x40 [ 14.897248] kasan_save_alloc_info+0x3b/0x50 [ 14.897426] __kasan_kmalloc+0xb7/0xc0 [ 14.897631] __kmalloc_cache_noprof+0x189/0x420 [ 14.897818] kasan_atomics+0x95/0x310 [ 14.897987] kunit_try_run_case+0x1a5/0x480 [ 14.898135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.898318] kthread+0x337/0x6f0 [ 14.898487] ret_from_fork+0x116/0x1d0 [ 14.898749] ret_from_fork_asm+0x1a/0x30 [ 14.898993] [ 14.899094] The buggy address belongs to the object at ffff888102b49680 [ 14.899094] which belongs to the cache kmalloc-64 of size 64 [ 14.899651] The buggy address is located 0 bytes to the right of [ 14.899651] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.900196] [ 14.900296] The buggy address belongs to the physical page: [ 14.900527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.901012] flags: 0x200000000000000(node=0|zone=2) [ 14.901211] page_type: f5(slab) [ 14.901333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.901635] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.901984] page dumped because: kasan: bad access detected [ 14.902238] [ 14.902325] Memory state around the buggy address: [ 14.902481] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.902697] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.902946] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.903176] ^ [ 14.903396] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.903741] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.904211] ================================================================== [ 14.123683] ================================================================== [ 14.123963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.124622] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.124975] [ 14.125348] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.125467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.125496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.125517] Call Trace: [ 14.125532] <TASK> [ 14.125659] dump_stack_lvl+0x73/0xb0 [ 14.125691] print_report+0xd1/0x650 [ 14.125716] ? __virt_addr_valid+0x1db/0x2d0 [ 14.125741] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.125764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.125789] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.125811] kasan_report+0x141/0x180 [ 14.125834] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.125862] kasan_check_range+0x10c/0x1c0 [ 14.125887] __kasan_check_write+0x18/0x20 [ 14.125918] kasan_atomics_helper+0x7c7/0x5450 [ 14.125961] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.125985] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.126009] ? ret_from_fork_asm+0x1a/0x30 [ 14.126032] ? kasan_atomics+0x152/0x310 [ 14.126059] kasan_atomics+0x1dc/0x310 [ 14.126083] ? __pfx_kasan_atomics+0x10/0x10 [ 14.126109] ? __pfx_read_tsc+0x10/0x10 [ 14.126131] ? ktime_get_ts64+0x86/0x230 [ 14.126157] kunit_try_run_case+0x1a5/0x480 [ 14.126179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.126225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.126250] ? __kthread_parkme+0x82/0x180 [ 14.126270] ? preempt_count_sub+0x50/0x80 [ 14.126295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.126343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.126369] kthread+0x337/0x6f0 [ 14.126389] ? trace_preempt_on+0x20/0xc0 [ 14.126413] ? __pfx_kthread+0x10/0x10 [ 14.126435] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.126458] ? calculate_sigpending+0x7b/0xa0 [ 14.126483] ? __pfx_kthread+0x10/0x10 [ 14.126505] ret_from_fork+0x116/0x1d0 [ 14.126526] ? __pfx_kthread+0x10/0x10 [ 14.126549] ret_from_fork_asm+0x1a/0x30 [ 14.126580] </TASK> [ 14.126591] [ 14.138062] Allocated by task 282: [ 14.138409] kasan_save_stack+0x45/0x70 [ 14.138752] kasan_save_track+0x18/0x40 [ 14.138962] kasan_save_alloc_info+0x3b/0x50 [ 14.139451] __kasan_kmalloc+0xb7/0xc0 [ 14.139620] __kmalloc_cache_noprof+0x189/0x420 [ 14.140026] kasan_atomics+0x95/0x310 [ 14.140264] kunit_try_run_case+0x1a5/0x480 [ 14.140438] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140693] kthread+0x337/0x6f0 [ 14.141189] ret_from_fork+0x116/0x1d0 [ 14.141470] ret_from_fork_asm+0x1a/0x30 [ 14.141640] [ 14.141876] The buggy address belongs to the object at ffff888102b49680 [ 14.141876] which belongs to the cache kmalloc-64 of size 64 [ 14.142745] The buggy address is located 0 bytes to the right of [ 14.142745] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.143494] [ 14.143599] The buggy address belongs to the physical page: [ 14.144048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.144402] flags: 0x200000000000000(node=0|zone=2) [ 14.144735] page_type: f5(slab) [ 14.144922] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.145443] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.145991] page dumped because: kasan: bad access detected [ 14.146238] [ 14.146504] Memory state around the buggy address: [ 14.146735] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.147411] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.147773] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.148085] ^ [ 14.148456] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.148797] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.149360] ================================================================== [ 14.168802] ================================================================== [ 14.169265] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 14.169719] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.170009] [ 14.170162] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.170204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.170216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.170237] Call Trace: [ 14.170250] <TASK> [ 14.170264] dump_stack_lvl+0x73/0xb0 [ 14.170288] print_report+0xd1/0x650 [ 14.170311] ? __virt_addr_valid+0x1db/0x2d0 [ 14.170334] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.170356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.170379] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.170402] kasan_report+0x141/0x180 [ 14.170424] ? kasan_atomics_helper+0x8f9/0x5450 [ 14.170451] kasan_check_range+0x10c/0x1c0 [ 14.170477] __kasan_check_write+0x18/0x20 [ 14.170497] kasan_atomics_helper+0x8f9/0x5450 [ 14.170521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.170544] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.170569] ? ret_from_fork_asm+0x1a/0x30 [ 14.170592] ? kasan_atomics+0x152/0x310 [ 14.170619] kasan_atomics+0x1dc/0x310 [ 14.170644] ? __pfx_kasan_atomics+0x10/0x10 [ 14.170671] ? __pfx_read_tsc+0x10/0x10 [ 14.170692] ? ktime_get_ts64+0x86/0x230 [ 14.170717] kunit_try_run_case+0x1a5/0x480 [ 14.170738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.170759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.170786] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.170812] ? __kthread_parkme+0x82/0x180 [ 14.170833] ? preempt_count_sub+0x50/0x80 [ 14.170857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.170880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.170918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.170943] kthread+0x337/0x6f0 [ 14.170963] ? trace_preempt_on+0x20/0xc0 [ 14.170996] ? __pfx_kthread+0x10/0x10 [ 14.171027] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.171050] ? calculate_sigpending+0x7b/0xa0 [ 14.171075] ? __pfx_kthread+0x10/0x10 [ 14.171098] ret_from_fork+0x116/0x1d0 [ 14.171118] ? __pfx_kthread+0x10/0x10 [ 14.171139] ret_from_fork_asm+0x1a/0x30 [ 14.171170] </TASK> [ 14.171181] [ 14.182312] Allocated by task 282: [ 14.182607] kasan_save_stack+0x45/0x70 [ 14.183018] kasan_save_track+0x18/0x40 [ 14.183424] kasan_save_alloc_info+0x3b/0x50 [ 14.183789] __kasan_kmalloc+0xb7/0xc0 [ 14.184159] __kmalloc_cache_noprof+0x189/0x420 [ 14.184398] kasan_atomics+0x95/0x310 [ 14.184576] kunit_try_run_case+0x1a5/0x480 [ 14.185095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.185538] kthread+0x337/0x6f0 [ 14.185840] ret_from_fork+0x116/0x1d0 [ 14.186254] ret_from_fork_asm+0x1a/0x30 [ 14.186560] [ 14.186798] The buggy address belongs to the object at ffff888102b49680 [ 14.186798] which belongs to the cache kmalloc-64 of size 64 [ 14.187851] The buggy address is located 0 bytes to the right of [ 14.187851] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.188839] [ 14.188925] The buggy address belongs to the physical page: [ 14.189323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.189584] flags: 0x200000000000000(node=0|zone=2) [ 14.189836] page_type: f5(slab) [ 14.190033] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.190320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.190687] page dumped because: kasan: bad access detected [ 14.190908] [ 14.191034] Memory state around the buggy address: [ 14.191255] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.191533] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.191790] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.192107] ^ [ 14.192336] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.192685] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.193110] ================================================================== [ 14.361133] ================================================================== [ 14.361369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.361601] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.362104] [ 14.362242] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.362287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.362317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.362352] Call Trace: [ 14.362367] <TASK> [ 14.362382] dump_stack_lvl+0x73/0xb0 [ 14.362422] print_report+0xd1/0x650 [ 14.362445] ? __virt_addr_valid+0x1db/0x2d0 [ 14.362487] ? kasan_atomics_helper+0xe78/0x5450 [ 14.362509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.362550] ? kasan_atomics_helper+0xe78/0x5450 [ 14.362573] kasan_report+0x141/0x180 [ 14.362612] ? kasan_atomics_helper+0xe78/0x5450 [ 14.362689] kasan_check_range+0x10c/0x1c0 [ 14.362729] __kasan_check_write+0x18/0x20 [ 14.362753] kasan_atomics_helper+0xe78/0x5450 [ 14.362791] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.362828] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.362854] ? ret_from_fork_asm+0x1a/0x30 [ 14.362876] ? kasan_atomics+0x152/0x310 [ 14.362913] kasan_atomics+0x1dc/0x310 [ 14.362956] ? __pfx_kasan_atomics+0x10/0x10 [ 14.362984] ? __pfx_read_tsc+0x10/0x10 [ 14.363007] ? ktime_get_ts64+0x86/0x230 [ 14.363031] kunit_try_run_case+0x1a5/0x480 [ 14.363054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.363075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.363102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.363128] ? __kthread_parkme+0x82/0x180 [ 14.363167] ? preempt_count_sub+0x50/0x80 [ 14.363192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.363215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.363257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.363284] kthread+0x337/0x6f0 [ 14.363304] ? trace_preempt_on+0x20/0xc0 [ 14.363327] ? __pfx_kthread+0x10/0x10 [ 14.363349] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.363372] ? calculate_sigpending+0x7b/0xa0 [ 14.363397] ? __pfx_kthread+0x10/0x10 [ 14.363420] ret_from_fork+0x116/0x1d0 [ 14.363439] ? __pfx_kthread+0x10/0x10 [ 14.363461] ret_from_fork_asm+0x1a/0x30 [ 14.363491] </TASK> [ 14.363502] [ 14.373189] Allocated by task 282: [ 14.373319] kasan_save_stack+0x45/0x70 [ 14.373463] kasan_save_track+0x18/0x40 [ 14.373628] kasan_save_alloc_info+0x3b/0x50 [ 14.373790] __kasan_kmalloc+0xb7/0xc0 [ 14.373988] __kmalloc_cache_noprof+0x189/0x420 [ 14.374172] kasan_atomics+0x95/0x310 [ 14.374311] kunit_try_run_case+0x1a5/0x480 [ 14.374456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.374678] kthread+0x337/0x6f0 [ 14.374845] ret_from_fork+0x116/0x1d0 [ 14.375213] ret_from_fork_asm+0x1a/0x30 [ 14.375412] [ 14.375511] The buggy address belongs to the object at ffff888102b49680 [ 14.375511] which belongs to the cache kmalloc-64 of size 64 [ 14.376125] The buggy address is located 0 bytes to the right of [ 14.376125] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.376649] [ 14.376724] The buggy address belongs to the physical page: [ 14.377078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.377322] flags: 0x200000000000000(node=0|zone=2) [ 14.377486] page_type: f5(slab) [ 14.377607] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.377857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.378200] page dumped because: kasan: bad access detected [ 14.378459] [ 14.378555] Memory state around the buggy address: [ 14.378816] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.379203] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.379422] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.379667] ^ [ 14.379924] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.380246] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.380564] ================================================================== [ 14.692593] ================================================================== [ 14.693291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.694141] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.695134] [ 14.695277] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.695339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.695351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.695392] Call Trace: [ 14.695408] <TASK> [ 14.695423] dump_stack_lvl+0x73/0xb0 [ 14.695450] print_report+0xd1/0x650 [ 14.695483] ? __virt_addr_valid+0x1db/0x2d0 [ 14.695507] ? kasan_atomics_helper+0x1467/0x5450 [ 14.695530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.695554] ? kasan_atomics_helper+0x1467/0x5450 [ 14.695576] kasan_report+0x141/0x180 [ 14.695599] ? kasan_atomics_helper+0x1467/0x5450 [ 14.695626] kasan_check_range+0x10c/0x1c0 [ 14.695663] __kasan_check_write+0x18/0x20 [ 14.695684] kasan_atomics_helper+0x1467/0x5450 [ 14.695708] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.695730] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.695756] ? ret_from_fork_asm+0x1a/0x30 [ 14.695778] ? kasan_atomics+0x152/0x310 [ 14.695805] kasan_atomics+0x1dc/0x310 [ 14.695829] ? __pfx_kasan_atomics+0x10/0x10 [ 14.695854] ? __pfx_read_tsc+0x10/0x10 [ 14.695875] ? ktime_get_ts64+0x86/0x230 [ 14.695912] kunit_try_run_case+0x1a5/0x480 [ 14.695933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.695996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.696023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.696049] ? __kthread_parkme+0x82/0x180 [ 14.696069] ? preempt_count_sub+0x50/0x80 [ 14.696094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.696116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.696142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.696168] kthread+0x337/0x6f0 [ 14.696188] ? trace_preempt_on+0x20/0xc0 [ 14.696212] ? __pfx_kthread+0x10/0x10 [ 14.696233] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.696257] ? calculate_sigpending+0x7b/0xa0 [ 14.696281] ? __pfx_kthread+0x10/0x10 [ 14.696304] ret_from_fork+0x116/0x1d0 [ 14.696323] ? __pfx_kthread+0x10/0x10 [ 14.696344] ret_from_fork_asm+0x1a/0x30 [ 14.696375] </TASK> [ 14.696387] [ 14.711140] Allocated by task 282: [ 14.711408] kasan_save_stack+0x45/0x70 [ 14.711742] kasan_save_track+0x18/0x40 [ 14.711883] kasan_save_alloc_info+0x3b/0x50 [ 14.712325] __kasan_kmalloc+0xb7/0xc0 [ 14.712701] __kmalloc_cache_noprof+0x189/0x420 [ 14.713178] kasan_atomics+0x95/0x310 [ 14.713479] kunit_try_run_case+0x1a5/0x480 [ 14.713627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.713804] kthread+0x337/0x6f0 [ 14.714097] ret_from_fork+0x116/0x1d0 [ 14.714489] ret_from_fork_asm+0x1a/0x30 [ 14.714902] [ 14.715102] The buggy address belongs to the object at ffff888102b49680 [ 14.715102] which belongs to the cache kmalloc-64 of size 64 [ 14.716435] The buggy address is located 0 bytes to the right of [ 14.716435] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.717576] [ 14.717673] The buggy address belongs to the physical page: [ 14.718259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.718781] flags: 0x200000000000000(node=0|zone=2) [ 14.719003] page_type: f5(slab) [ 14.719339] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.720287] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.720959] page dumped because: kasan: bad access detected [ 14.721265] [ 14.721355] Memory state around the buggy address: [ 14.721618] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.721930] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.722299] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.722619] ^ [ 14.722847] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.723228] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.723996] ================================================================== [ 15.129532] ================================================================== [ 15.129866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.130251] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.130584] [ 15.130718] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.130760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.130772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.130792] Call Trace: [ 15.130807] <TASK> [ 15.130821] dump_stack_lvl+0x73/0xb0 [ 15.130855] print_report+0xd1/0x650 [ 15.130877] ? __virt_addr_valid+0x1db/0x2d0 [ 15.130911] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.130933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.130957] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.130981] kasan_report+0x141/0x180 [ 15.131004] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.131031] kasan_check_range+0x10c/0x1c0 [ 15.131055] __kasan_check_write+0x18/0x20 [ 15.131109] kasan_atomics_helper+0x1d7a/0x5450 [ 15.131134] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.131157] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.131182] ? ret_from_fork_asm+0x1a/0x30 [ 15.131204] ? kasan_atomics+0x152/0x310 [ 15.131231] kasan_atomics+0x1dc/0x310 [ 15.131256] ? __pfx_kasan_atomics+0x10/0x10 [ 15.131280] ? __pfx_read_tsc+0x10/0x10 [ 15.131302] ? ktime_get_ts64+0x86/0x230 [ 15.131326] kunit_try_run_case+0x1a5/0x480 [ 15.131348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.131369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.131394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.131419] ? __kthread_parkme+0x82/0x180 [ 15.131441] ? preempt_count_sub+0x50/0x80 [ 15.131465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.131487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.131513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.131538] kthread+0x337/0x6f0 [ 15.131559] ? trace_preempt_on+0x20/0xc0 [ 15.131581] ? __pfx_kthread+0x10/0x10 [ 15.131603] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.131633] ? calculate_sigpending+0x7b/0xa0 [ 15.131657] ? __pfx_kthread+0x10/0x10 [ 15.131679] ret_from_fork+0x116/0x1d0 [ 15.131698] ? __pfx_kthread+0x10/0x10 [ 15.131720] ret_from_fork_asm+0x1a/0x30 [ 15.131750] </TASK> [ 15.131760] [ 15.139102] Allocated by task 282: [ 15.139277] kasan_save_stack+0x45/0x70 [ 15.139454] kasan_save_track+0x18/0x40 [ 15.139666] kasan_save_alloc_info+0x3b/0x50 [ 15.139875] __kasan_kmalloc+0xb7/0xc0 [ 15.140072] __kmalloc_cache_noprof+0x189/0x420 [ 15.140296] kasan_atomics+0x95/0x310 [ 15.140480] kunit_try_run_case+0x1a5/0x480 [ 15.140712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.140966] kthread+0x337/0x6f0 [ 15.141144] ret_from_fork+0x116/0x1d0 [ 15.141307] ret_from_fork_asm+0x1a/0x30 [ 15.141467] [ 15.141539] The buggy address belongs to the object at ffff888102b49680 [ 15.141539] which belongs to the cache kmalloc-64 of size 64 [ 15.141922] The buggy address is located 0 bytes to the right of [ 15.141922] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.142473] [ 15.142568] The buggy address belongs to the physical page: [ 15.142842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.143214] flags: 0x200000000000000(node=0|zone=2) [ 15.143425] page_type: f5(slab) [ 15.143580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.143907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.144134] page dumped because: kasan: bad access detected [ 15.144377] [ 15.144469] Memory state around the buggy address: [ 15.144719] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.145053] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.145329] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.145672] ^ [ 15.145865] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146160] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146404] ================================================================== [ 14.572332] ================================================================== [ 14.573045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.573371] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.573594] [ 14.573720] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.573763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.573776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.573797] Call Trace: [ 14.573812] <TASK> [ 14.573827] dump_stack_lvl+0x73/0xb0 [ 14.573851] print_report+0xd1/0x650 [ 14.573873] ? __virt_addr_valid+0x1db/0x2d0 [ 14.573908] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.573932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.573958] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.573982] kasan_report+0x141/0x180 [ 14.574005] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.574032] kasan_check_range+0x10c/0x1c0 [ 14.574058] __kasan_check_write+0x18/0x20 [ 14.574086] kasan_atomics_helper+0x12e6/0x5450 [ 14.574110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.574133] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.574158] ? ret_from_fork_asm+0x1a/0x30 [ 14.574180] ? kasan_atomics+0x152/0x310 [ 14.574210] kasan_atomics+0x1dc/0x310 [ 14.574233] ? __pfx_kasan_atomics+0x10/0x10 [ 14.574259] ? __pfx_read_tsc+0x10/0x10 [ 14.574280] ? ktime_get_ts64+0x86/0x230 [ 14.574305] kunit_try_run_case+0x1a5/0x480 [ 14.574327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.574348] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.574374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.574400] ? __kthread_parkme+0x82/0x180 [ 14.574421] ? preempt_count_sub+0x50/0x80 [ 14.574446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.574467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.574492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.574518] kthread+0x337/0x6f0 [ 14.574538] ? trace_preempt_on+0x20/0xc0 [ 14.574561] ? __pfx_kthread+0x10/0x10 [ 14.574583] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.574606] ? calculate_sigpending+0x7b/0xa0 [ 14.574630] ? __pfx_kthread+0x10/0x10 [ 14.574653] ret_from_fork+0x116/0x1d0 [ 14.574672] ? __pfx_kthread+0x10/0x10 [ 14.574693] ret_from_fork_asm+0x1a/0x30 [ 14.574724] </TASK> [ 14.574746] [ 14.589803] Allocated by task 282: [ 14.590074] kasan_save_stack+0x45/0x70 [ 14.590280] kasan_save_track+0x18/0x40 [ 14.590432] kasan_save_alloc_info+0x3b/0x50 [ 14.590824] __kasan_kmalloc+0xb7/0xc0 [ 14.591215] __kmalloc_cache_noprof+0x189/0x420 [ 14.591647] kasan_atomics+0x95/0x310 [ 14.592007] kunit_try_run_case+0x1a5/0x480 [ 14.592397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.592719] kthread+0x337/0x6f0 [ 14.592842] ret_from_fork+0x116/0x1d0 [ 14.593128] ret_from_fork_asm+0x1a/0x30 [ 14.593494] [ 14.593658] The buggy address belongs to the object at ffff888102b49680 [ 14.593658] which belongs to the cache kmalloc-64 of size 64 [ 14.594843] The buggy address is located 0 bytes to the right of [ 14.594843] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.596027] [ 14.596201] The buggy address belongs to the physical page: [ 14.596435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.596918] flags: 0x200000000000000(node=0|zone=2) [ 14.597132] page_type: f5(slab) [ 14.597482] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.598229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.599013] page dumped because: kasan: bad access detected [ 14.599270] [ 14.599340] Memory state around the buggy address: [ 14.599496] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.599871] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.600576] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.601328] ^ [ 14.601828] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.602571] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.603336] ================================================================== [ 13.928504] ================================================================== [ 13.928847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.929404] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.929647] [ 13.929799] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.929843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.929875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.929905] Call Trace: [ 13.929919] <TASK> [ 13.930009] dump_stack_lvl+0x73/0xb0 [ 13.930039] print_report+0xd1/0x650 [ 13.930063] ? __virt_addr_valid+0x1db/0x2d0 [ 13.930087] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.930109] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.930133] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.930156] kasan_report+0x141/0x180 [ 13.930179] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.930206] __asan_report_load4_noabort+0x18/0x20 [ 13.930227] kasan_atomics_helper+0x4b54/0x5450 [ 13.930251] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.930275] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.930321] ? ret_from_fork_asm+0x1a/0x30 [ 13.930357] ? kasan_atomics+0x152/0x310 [ 13.930397] kasan_atomics+0x1dc/0x310 [ 13.930434] ? __pfx_kasan_atomics+0x10/0x10 [ 13.930459] ? __pfx_read_tsc+0x10/0x10 [ 13.930495] ? ktime_get_ts64+0x86/0x230 [ 13.930519] kunit_try_run_case+0x1a5/0x480 [ 13.930555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.930575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.930601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.930645] ? __kthread_parkme+0x82/0x180 [ 13.930666] ? preempt_count_sub+0x50/0x80 [ 13.930691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.930712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.930764] kthread+0x337/0x6f0 [ 13.930783] ? trace_preempt_on+0x20/0xc0 [ 13.930807] ? __pfx_kthread+0x10/0x10 [ 13.930829] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.930852] ? calculate_sigpending+0x7b/0xa0 [ 13.930876] ? __pfx_kthread+0x10/0x10 [ 13.930907] ret_from_fork+0x116/0x1d0 [ 13.930984] ? __pfx_kthread+0x10/0x10 [ 13.931011] ret_from_fork_asm+0x1a/0x30 [ 13.931042] </TASK> [ 13.931053] [ 13.939811] Allocated by task 282: [ 13.940099] kasan_save_stack+0x45/0x70 [ 13.940257] kasan_save_track+0x18/0x40 [ 13.940448] kasan_save_alloc_info+0x3b/0x50 [ 13.940643] __kasan_kmalloc+0xb7/0xc0 [ 13.940845] __kmalloc_cache_noprof+0x189/0x420 [ 13.941162] kasan_atomics+0x95/0x310 [ 13.941354] kunit_try_run_case+0x1a5/0x480 [ 13.941569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.941824] kthread+0x337/0x6f0 [ 13.942045] ret_from_fork+0x116/0x1d0 [ 13.942225] ret_from_fork_asm+0x1a/0x30 [ 13.942361] [ 13.942458] The buggy address belongs to the object at ffff888102b49680 [ 13.942458] which belongs to the cache kmalloc-64 of size 64 [ 13.943103] The buggy address is located 0 bytes to the right of [ 13.943103] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.944010] [ 13.944197] The buggy address belongs to the physical page: [ 13.944705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.945423] flags: 0x200000000000000(node=0|zone=2) [ 13.945600] page_type: f5(slab) [ 13.946039] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.946722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.947450] page dumped because: kasan: bad access detected [ 13.948024] [ 13.948099] Memory state around the buggy address: [ 13.948251] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.948465] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.948879] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.949591] ^ [ 13.950036] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.950851] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951566] ================================================================== [ 14.101161] ================================================================== [ 14.101522] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.101989] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.102296] [ 14.102425] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.102470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.102483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.102504] Call Trace: [ 14.102520] <TASK> [ 14.102535] dump_stack_lvl+0x73/0xb0 [ 14.102559] print_report+0xd1/0x650 [ 14.102583] ? __virt_addr_valid+0x1db/0x2d0 [ 14.102607] ? kasan_atomics_helper+0x72f/0x5450 [ 14.102640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.102664] ? kasan_atomics_helper+0x72f/0x5450 [ 14.102687] kasan_report+0x141/0x180 [ 14.102710] ? kasan_atomics_helper+0x72f/0x5450 [ 14.102748] kasan_check_range+0x10c/0x1c0 [ 14.102773] __kasan_check_write+0x18/0x20 [ 14.102792] kasan_atomics_helper+0x72f/0x5450 [ 14.102827] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.102850] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.102875] ? ret_from_fork_asm+0x1a/0x30 [ 14.102918] ? kasan_atomics+0x152/0x310 [ 14.102945] kasan_atomics+0x1dc/0x310 [ 14.102968] ? __pfx_kasan_atomics+0x10/0x10 [ 14.102993] ? __pfx_read_tsc+0x10/0x10 [ 14.103015] ? ktime_get_ts64+0x86/0x230 [ 14.103039] kunit_try_run_case+0x1a5/0x480 [ 14.103061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103085] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.103113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.103138] ? __kthread_parkme+0x82/0x180 [ 14.103159] ? preempt_count_sub+0x50/0x80 [ 14.103184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.103243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.103268] kthread+0x337/0x6f0 [ 14.103289] ? trace_preempt_on+0x20/0xc0 [ 14.103311] ? __pfx_kthread+0x10/0x10 [ 14.103333] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.103365] ? calculate_sigpending+0x7b/0xa0 [ 14.103391] ? __pfx_kthread+0x10/0x10 [ 14.103413] ret_from_fork+0x116/0x1d0 [ 14.103443] ? __pfx_kthread+0x10/0x10 [ 14.103464] ret_from_fork_asm+0x1a/0x30 [ 14.103494] </TASK> [ 14.103506] [ 14.111905] Allocated by task 282: [ 14.112035] kasan_save_stack+0x45/0x70 [ 14.112178] kasan_save_track+0x18/0x40 [ 14.112384] kasan_save_alloc_info+0x3b/0x50 [ 14.112623] __kasan_kmalloc+0xb7/0xc0 [ 14.112811] __kmalloc_cache_noprof+0x189/0x420 [ 14.113051] kasan_atomics+0x95/0x310 [ 14.113187] kunit_try_run_case+0x1a5/0x480 [ 14.113330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.113507] kthread+0x337/0x6f0 [ 14.113627] ret_from_fork+0x116/0x1d0 [ 14.113983] ret_from_fork_asm+0x1a/0x30 [ 14.114186] [ 14.114283] The buggy address belongs to the object at ffff888102b49680 [ 14.114283] which belongs to the cache kmalloc-64 of size 64 [ 14.115559] The buggy address is located 0 bytes to the right of [ 14.115559] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.117051] [ 14.117147] The buggy address belongs to the physical page: [ 14.117381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.117711] flags: 0x200000000000000(node=0|zone=2) [ 14.118577] page_type: f5(slab) [ 14.118833] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.119326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.119757] page dumped because: kasan: bad access detected [ 14.120154] [ 14.120257] Memory state around the buggy address: [ 14.120466] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.120967] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.121344] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.121807] ^ [ 14.122196] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.122491] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.122809] ================================================================== [ 15.189328] ================================================================== [ 15.189843] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 15.190253] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.190869] [ 15.191131] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.191183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.191198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.191221] Call Trace: [ 15.191238] <TASK> [ 15.191254] dump_stack_lvl+0x73/0xb0 [ 15.191316] print_report+0xd1/0x650 [ 15.191340] ? __virt_addr_valid+0x1db/0x2d0 [ 15.191365] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.191388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.191411] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.191434] kasan_report+0x141/0x180 [ 15.191458] ? kasan_atomics_helper+0x1f43/0x5450 [ 15.191486] kasan_check_range+0x10c/0x1c0 [ 15.191512] __kasan_check_write+0x18/0x20 [ 15.191531] kasan_atomics_helper+0x1f43/0x5450 [ 15.191555] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.191578] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.191603] ? ret_from_fork_asm+0x1a/0x30 [ 15.191649] ? kasan_atomics+0x152/0x310 [ 15.191676] kasan_atomics+0x1dc/0x310 [ 15.191699] ? __pfx_kasan_atomics+0x10/0x10 [ 15.191724] ? __pfx_read_tsc+0x10/0x10 [ 15.191746] ? ktime_get_ts64+0x86/0x230 [ 15.191771] kunit_try_run_case+0x1a5/0x480 [ 15.191793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.191813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.191839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.191865] ? __kthread_parkme+0x82/0x180 [ 15.191886] ? preempt_count_sub+0x50/0x80 [ 15.191920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.191941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.191966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.191992] kthread+0x337/0x6f0 [ 15.192012] ? trace_preempt_on+0x20/0xc0 [ 15.192035] ? __pfx_kthread+0x10/0x10 [ 15.192056] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.192080] ? calculate_sigpending+0x7b/0xa0 [ 15.192107] ? __pfx_kthread+0x10/0x10 [ 15.192129] ret_from_fork+0x116/0x1d0 [ 15.192148] ? __pfx_kthread+0x10/0x10 [ 15.192169] ret_from_fork_asm+0x1a/0x30 [ 15.192201] </TASK> [ 15.192213] [ 15.203587] Allocated by task 282: [ 15.204012] kasan_save_stack+0x45/0x70 [ 15.204319] kasan_save_track+0x18/0x40 [ 15.204640] kasan_save_alloc_info+0x3b/0x50 [ 15.204849] __kasan_kmalloc+0xb7/0xc0 [ 15.205035] __kmalloc_cache_noprof+0x189/0x420 [ 15.205247] kasan_atomics+0x95/0x310 [ 15.205416] kunit_try_run_case+0x1a5/0x480 [ 15.205589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.206220] kthread+0x337/0x6f0 [ 15.206510] ret_from_fork+0x116/0x1d0 [ 15.206853] ret_from_fork_asm+0x1a/0x30 [ 15.207049] [ 15.207139] The buggy address belongs to the object at ffff888102b49680 [ 15.207139] which belongs to the cache kmalloc-64 of size 64 [ 15.207888] The buggy address is located 0 bytes to the right of [ 15.207888] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.208643] [ 15.208871] The buggy address belongs to the physical page: [ 15.209239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.209795] flags: 0x200000000000000(node=0|zone=2) [ 15.210028] page_type: f5(slab) [ 15.210178] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.210484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.211119] page dumped because: kasan: bad access detected [ 15.211470] [ 15.211713] Memory state around the buggy address: [ 15.212048] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212667] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.212972] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.213264] ^ [ 15.213467] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214103] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214546] ================================================================== [ 13.986864] ================================================================== [ 13.987499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.987986] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.988267] [ 13.988447] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.988492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.988505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.988527] Call Trace: [ 13.988542] <TASK> [ 13.988557] dump_stack_lvl+0x73/0xb0 [ 13.988582] print_report+0xd1/0x650 [ 13.988604] ? __virt_addr_valid+0x1db/0x2d0 [ 13.988628] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.988650] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.988674] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.988707] kasan_report+0x141/0x180 [ 13.988731] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.988758] __asan_report_store4_noabort+0x1b/0x30 [ 13.988780] kasan_atomics_helper+0x4b3a/0x5450 [ 13.988803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.988827] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.988851] ? ret_from_fork_asm+0x1a/0x30 [ 13.988874] ? kasan_atomics+0x152/0x310 [ 13.988914] kasan_atomics+0x1dc/0x310 [ 13.988938] ? __pfx_kasan_atomics+0x10/0x10 [ 13.988973] ? __pfx_read_tsc+0x10/0x10 [ 13.988996] ? ktime_get_ts64+0x86/0x230 [ 13.989020] kunit_try_run_case+0x1a5/0x480 [ 13.989046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.989067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.989094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.989119] ? __kthread_parkme+0x82/0x180 [ 13.989141] ? preempt_count_sub+0x50/0x80 [ 13.989166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.989188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.989213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.989239] kthread+0x337/0x6f0 [ 13.989260] ? trace_preempt_on+0x20/0xc0 [ 13.989283] ? __pfx_kthread+0x10/0x10 [ 13.989304] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.989328] ? calculate_sigpending+0x7b/0xa0 [ 13.989353] ? __pfx_kthread+0x10/0x10 [ 13.989375] ret_from_fork+0x116/0x1d0 [ 13.989394] ? __pfx_kthread+0x10/0x10 [ 13.989416] ret_from_fork_asm+0x1a/0x30 [ 13.989447] </TASK> [ 13.989458] [ 14.007346] Allocated by task 282: [ 14.007936] kasan_save_stack+0x45/0x70 [ 14.008389] kasan_save_track+0x18/0x40 [ 14.008766] kasan_save_alloc_info+0x3b/0x50 [ 14.009259] __kasan_kmalloc+0xb7/0xc0 [ 14.009400] __kmalloc_cache_noprof+0x189/0x420 [ 14.009558] kasan_atomics+0x95/0x310 [ 14.009776] kunit_try_run_case+0x1a5/0x480 [ 14.010192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.010743] kthread+0x337/0x6f0 [ 14.011164] ret_from_fork+0x116/0x1d0 [ 14.011524] ret_from_fork_asm+0x1a/0x30 [ 14.011885] [ 14.012215] The buggy address belongs to the object at ffff888102b49680 [ 14.012215] which belongs to the cache kmalloc-64 of size 64 [ 14.013178] The buggy address is located 0 bytes to the right of [ 14.013178] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.013560] [ 14.013644] The buggy address belongs to the physical page: [ 14.014153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.014890] flags: 0x200000000000000(node=0|zone=2) [ 14.015381] page_type: f5(slab) [ 14.015702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.016401] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.017315] page dumped because: kasan: bad access detected [ 14.017749] [ 14.017822] Memory state around the buggy address: [ 14.018073] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.018721] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.019436] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.020069] ^ [ 14.020231] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.020448] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.020723] ================================================================== [ 15.284263] ================================================================== [ 15.284566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 15.284853] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.285095] [ 15.285258] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.285301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.285312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.285334] Call Trace: [ 15.285347] <TASK> [ 15.285361] dump_stack_lvl+0x73/0xb0 [ 15.285385] print_report+0xd1/0x650 [ 15.285408] ? __virt_addr_valid+0x1db/0x2d0 [ 15.285431] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.285454] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.285478] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.285501] kasan_report+0x141/0x180 [ 15.285524] ? kasan_atomics_helper+0x20c8/0x5450 [ 15.285550] kasan_check_range+0x10c/0x1c0 [ 15.285575] __kasan_check_write+0x18/0x20 [ 15.285596] kasan_atomics_helper+0x20c8/0x5450 [ 15.285619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.285642] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.285678] ? ret_from_fork_asm+0x1a/0x30 [ 15.285700] ? kasan_atomics+0x152/0x310 [ 15.285727] kasan_atomics+0x1dc/0x310 [ 15.285751] ? __pfx_kasan_atomics+0x10/0x10 [ 15.285776] ? __pfx_read_tsc+0x10/0x10 [ 15.285798] ? ktime_get_ts64+0x86/0x230 [ 15.285823] kunit_try_run_case+0x1a5/0x480 [ 15.285846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.285867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.285903] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.285931] ? __kthread_parkme+0x82/0x180 [ 15.285952] ? preempt_count_sub+0x50/0x80 [ 15.285977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.286001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.286027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.286052] kthread+0x337/0x6f0 [ 15.286072] ? trace_preempt_on+0x20/0xc0 [ 15.286095] ? __pfx_kthread+0x10/0x10 [ 15.286117] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.286140] ? calculate_sigpending+0x7b/0xa0 [ 15.286166] ? __pfx_kthread+0x10/0x10 [ 15.286188] ret_from_fork+0x116/0x1d0 [ 15.286207] ? __pfx_kthread+0x10/0x10 [ 15.286229] ret_from_fork_asm+0x1a/0x30 [ 15.286259] </TASK> [ 15.286270] [ 15.293935] Allocated by task 282: [ 15.294094] kasan_save_stack+0x45/0x70 [ 15.294260] kasan_save_track+0x18/0x40 [ 15.294443] kasan_save_alloc_info+0x3b/0x50 [ 15.294642] __kasan_kmalloc+0xb7/0xc0 [ 15.294816] __kmalloc_cache_noprof+0x189/0x420 [ 15.295024] kasan_atomics+0x95/0x310 [ 15.295212] kunit_try_run_case+0x1a5/0x480 [ 15.295398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.295616] kthread+0x337/0x6f0 [ 15.295791] ret_from_fork+0x116/0x1d0 [ 15.295946] ret_from_fork_asm+0x1a/0x30 [ 15.296086] [ 15.296159] The buggy address belongs to the object at ffff888102b49680 [ 15.296159] which belongs to the cache kmalloc-64 of size 64 [ 15.296507] The buggy address is located 0 bytes to the right of [ 15.296507] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.296871] [ 15.296972] The buggy address belongs to the physical page: [ 15.297494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.297973] flags: 0x200000000000000(node=0|zone=2) [ 15.298204] page_type: f5(slab) [ 15.298369] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.298907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.299134] page dumped because: kasan: bad access detected [ 15.299304] [ 15.299373] Memory state around the buggy address: [ 15.299527] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.299743] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.299967] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.300180] ^ [ 15.300422] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.300746] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.303054] ================================================================== [ 15.387343] ================================================================== [ 15.387630] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.388006] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.388608] [ 15.388843] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.388985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.389000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.389085] Call Trace: [ 15.389101] <TASK> [ 15.389115] dump_stack_lvl+0x73/0xb0 [ 15.389142] print_report+0xd1/0x650 [ 15.389165] ? __virt_addr_valid+0x1db/0x2d0 [ 15.389189] ? kasan_atomics_helper+0x5115/0x5450 [ 15.389210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.389233] ? kasan_atomics_helper+0x5115/0x5450 [ 15.389256] kasan_report+0x141/0x180 [ 15.389279] ? kasan_atomics_helper+0x5115/0x5450 [ 15.389306] __asan_report_load8_noabort+0x18/0x20 [ 15.389327] kasan_atomics_helper+0x5115/0x5450 [ 15.389351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.389373] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.389398] ? ret_from_fork_asm+0x1a/0x30 [ 15.389421] ? kasan_atomics+0x152/0x310 [ 15.389448] kasan_atomics+0x1dc/0x310 [ 15.389471] ? __pfx_kasan_atomics+0x10/0x10 [ 15.389496] ? __pfx_read_tsc+0x10/0x10 [ 15.389518] ? ktime_get_ts64+0x86/0x230 [ 15.389543] kunit_try_run_case+0x1a5/0x480 [ 15.389564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.389585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.389611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.389646] ? __kthread_parkme+0x82/0x180 [ 15.389668] ? preempt_count_sub+0x50/0x80 [ 15.389692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.389714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.389740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.389767] kthread+0x337/0x6f0 [ 15.389787] ? trace_preempt_on+0x20/0xc0 [ 15.389811] ? __pfx_kthread+0x10/0x10 [ 15.389832] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.389856] ? calculate_sigpending+0x7b/0xa0 [ 15.389880] ? __pfx_kthread+0x10/0x10 [ 15.389914] ret_from_fork+0x116/0x1d0 [ 15.389934] ? __pfx_kthread+0x10/0x10 [ 15.389954] ret_from_fork_asm+0x1a/0x30 [ 15.389984] </TASK> [ 15.389995] [ 15.399656] Allocated by task 282: [ 15.400161] kasan_save_stack+0x45/0x70 [ 15.400361] kasan_save_track+0x18/0x40 [ 15.400607] kasan_save_alloc_info+0x3b/0x50 [ 15.400796] __kasan_kmalloc+0xb7/0xc0 [ 15.401128] __kmalloc_cache_noprof+0x189/0x420 [ 15.401496] kasan_atomics+0x95/0x310 [ 15.401690] kunit_try_run_case+0x1a5/0x480 [ 15.401998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.402295] kthread+0x337/0x6f0 [ 15.402462] ret_from_fork+0x116/0x1d0 [ 15.402689] ret_from_fork_asm+0x1a/0x30 [ 15.402986] [ 15.403076] The buggy address belongs to the object at ffff888102b49680 [ 15.403076] which belongs to the cache kmalloc-64 of size 64 [ 15.403572] The buggy address is located 0 bytes to the right of [ 15.403572] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.404355] [ 15.404452] The buggy address belongs to the physical page: [ 15.404659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.405156] flags: 0x200000000000000(node=0|zone=2) [ 15.405464] page_type: f5(slab) [ 15.405594] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.406162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.406486] page dumped because: kasan: bad access detected [ 15.406833] [ 15.406920] Memory state around the buggy address: [ 15.407276] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.407571] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.408002] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.408351] ^ [ 15.408612] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409073] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.409352] ================================================================== [ 13.822324] ================================================================== [ 13.823099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.823415] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.824246] [ 13.824371] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.824418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.824430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.824453] Call Trace: [ 13.824464] <TASK> [ 13.824478] dump_stack_lvl+0x73/0xb0 [ 13.824506] print_report+0xd1/0x650 [ 13.824648] ? __virt_addr_valid+0x1db/0x2d0 [ 13.824676] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.824699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.824722] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.824744] kasan_report+0x141/0x180 [ 13.824765] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.824791] __asan_report_load4_noabort+0x18/0x20 [ 13.824811] kasan_atomics_helper+0x4bbc/0x5450 [ 13.824834] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.824856] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.824880] ? ret_from_fork_asm+0x1a/0x30 [ 13.824914] ? kasan_atomics+0x152/0x310 [ 13.824940] kasan_atomics+0x1dc/0x310 [ 13.825011] ? __pfx_kasan_atomics+0x10/0x10 [ 13.825036] ? __pfx_read_tsc+0x10/0x10 [ 13.825065] ? ktime_get_ts64+0x86/0x230 [ 13.825089] kunit_try_run_case+0x1a5/0x480 [ 13.825110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.825129] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.825154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.825178] ? __kthread_parkme+0x82/0x180 [ 13.825199] ? preempt_count_sub+0x50/0x80 [ 13.825222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.825243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.825267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.825291] kthread+0x337/0x6f0 [ 13.825311] ? trace_preempt_on+0x20/0xc0 [ 13.825332] ? __pfx_kthread+0x10/0x10 [ 13.825353] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.825375] ? calculate_sigpending+0x7b/0xa0 [ 13.825398] ? __pfx_kthread+0x10/0x10 [ 13.825419] ret_from_fork+0x116/0x1d0 [ 13.825437] ? __pfx_kthread+0x10/0x10 [ 13.825458] ret_from_fork_asm+0x1a/0x30 [ 13.825486] </TASK> [ 13.825497] [ 13.838311] Allocated by task 282: [ 13.838638] kasan_save_stack+0x45/0x70 [ 13.838937] kasan_save_track+0x18/0x40 [ 13.839316] kasan_save_alloc_info+0x3b/0x50 [ 13.839759] __kasan_kmalloc+0xb7/0xc0 [ 13.840135] __kmalloc_cache_noprof+0x189/0x420 [ 13.840494] kasan_atomics+0x95/0x310 [ 13.840712] kunit_try_run_case+0x1a5/0x480 [ 13.840905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.841173] kthread+0x337/0x6f0 [ 13.841526] ret_from_fork+0x116/0x1d0 [ 13.841711] ret_from_fork_asm+0x1a/0x30 [ 13.841916] [ 13.842043] The buggy address belongs to the object at ffff888102b49680 [ 13.842043] which belongs to the cache kmalloc-64 of size 64 [ 13.842619] The buggy address is located 0 bytes to the right of [ 13.842619] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.843174] [ 13.843314] The buggy address belongs to the physical page: [ 13.843594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.844032] flags: 0x200000000000000(node=0|zone=2) [ 13.844286] page_type: f5(slab) [ 13.844431] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.844885] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.845184] page dumped because: kasan: bad access detected [ 13.845468] [ 13.845579] Memory state around the buggy address: [ 13.845802] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.846347] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.846762] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.847146] ^ [ 13.847344] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.847643] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.847980] ================================================================== [ 14.381055] ================================================================== [ 14.381400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.381701] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.382059] [ 14.382290] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.382334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.382346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.382368] Call Trace: [ 14.382382] <TASK> [ 14.382396] dump_stack_lvl+0x73/0xb0 [ 14.382421] print_report+0xd1/0x650 [ 14.382444] ? __virt_addr_valid+0x1db/0x2d0 [ 14.382468] ? kasan_atomics_helper+0xf10/0x5450 [ 14.382490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.382513] ? kasan_atomics_helper+0xf10/0x5450 [ 14.382536] kasan_report+0x141/0x180 [ 14.382559] ? kasan_atomics_helper+0xf10/0x5450 [ 14.382586] kasan_check_range+0x10c/0x1c0 [ 14.382611] __kasan_check_write+0x18/0x20 [ 14.382639] kasan_atomics_helper+0xf10/0x5450 [ 14.382662] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.382686] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.382711] ? ret_from_fork_asm+0x1a/0x30 [ 14.382733] ? kasan_atomics+0x152/0x310 [ 14.382761] kasan_atomics+0x1dc/0x310 [ 14.382784] ? __pfx_kasan_atomics+0x10/0x10 [ 14.382809] ? __pfx_read_tsc+0x10/0x10 [ 14.382831] ? ktime_get_ts64+0x86/0x230 [ 14.382855] kunit_try_run_case+0x1a5/0x480 [ 14.382877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.382907] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.382934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.382959] ? __kthread_parkme+0x82/0x180 [ 14.382981] ? preempt_count_sub+0x50/0x80 [ 14.383006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.383028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.383053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.383078] kthread+0x337/0x6f0 [ 14.383098] ? trace_preempt_on+0x20/0xc0 [ 14.383121] ? __pfx_kthread+0x10/0x10 [ 14.383142] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.383165] ? calculate_sigpending+0x7b/0xa0 [ 14.383190] ? __pfx_kthread+0x10/0x10 [ 14.383212] ret_from_fork+0x116/0x1d0 [ 14.383231] ? __pfx_kthread+0x10/0x10 [ 14.383253] ret_from_fork_asm+0x1a/0x30 [ 14.383284] </TASK> [ 14.383295] [ 14.392047] Allocated by task 282: [ 14.392231] kasan_save_stack+0x45/0x70 [ 14.392425] kasan_save_track+0x18/0x40 [ 14.392570] kasan_save_alloc_info+0x3b/0x50 [ 14.392731] __kasan_kmalloc+0xb7/0xc0 [ 14.392867] __kmalloc_cache_noprof+0x189/0x420 [ 14.393036] kasan_atomics+0x95/0x310 [ 14.393176] kunit_try_run_case+0x1a5/0x480 [ 14.393323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.393541] kthread+0x337/0x6f0 [ 14.393709] ret_from_fork+0x116/0x1d0 [ 14.393921] ret_from_fork_asm+0x1a/0x30 [ 14.394141] [ 14.394238] The buggy address belongs to the object at ffff888102b49680 [ 14.394238] which belongs to the cache kmalloc-64 of size 64 [ 14.394958] The buggy address is located 0 bytes to the right of [ 14.394958] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.395507] [ 14.395601] The buggy address belongs to the physical page: [ 14.395886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.396138] flags: 0x200000000000000(node=0|zone=2) [ 14.396302] page_type: f5(slab) [ 14.396423] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.397025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.397367] page dumped because: kasan: bad access detected [ 14.397592] [ 14.397695] Memory state around the buggy address: [ 14.397905] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.398244] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.398496] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.398819] ^ [ 14.399015] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.399326] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.399674] ================================================================== [ 14.924133] ================================================================== [ 14.924464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.924756] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.925032] [ 14.925120] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.925162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.925174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.925195] Call Trace: [ 14.925207] <TASK> [ 14.925222] dump_stack_lvl+0x73/0xb0 [ 14.925246] print_report+0xd1/0x650 [ 14.925268] ? __virt_addr_valid+0x1db/0x2d0 [ 14.925291] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.925314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.925337] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.925359] kasan_report+0x141/0x180 [ 14.925382] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.925410] kasan_check_range+0x10c/0x1c0 [ 14.925434] __kasan_check_write+0x18/0x20 [ 14.925455] kasan_atomics_helper+0x18b1/0x5450 [ 14.925478] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.925501] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.925526] ? ret_from_fork_asm+0x1a/0x30 [ 14.925548] ? kasan_atomics+0x152/0x310 [ 14.925574] kasan_atomics+0x1dc/0x310 [ 14.925598] ? __pfx_kasan_atomics+0x10/0x10 [ 14.925622] ? __pfx_read_tsc+0x10/0x10 [ 14.925643] ? ktime_get_ts64+0x86/0x230 [ 14.925667] kunit_try_run_case+0x1a5/0x480 [ 14.925689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.925710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.925735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.925759] ? __kthread_parkme+0x82/0x180 [ 14.925779] ? preempt_count_sub+0x50/0x80 [ 14.925803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.925825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.925850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.925875] kthread+0x337/0x6f0 [ 14.925929] ? trace_preempt_on+0x20/0xc0 [ 14.925955] ? __pfx_kthread+0x10/0x10 [ 14.925985] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.926008] ? calculate_sigpending+0x7b/0xa0 [ 14.926034] ? __pfx_kthread+0x10/0x10 [ 14.926057] ret_from_fork+0x116/0x1d0 [ 14.926078] ? __pfx_kthread+0x10/0x10 [ 14.926099] ret_from_fork_asm+0x1a/0x30 [ 14.926131] </TASK> [ 14.926142] [ 14.933672] Allocated by task 282: [ 14.933859] kasan_save_stack+0x45/0x70 [ 14.934073] kasan_save_track+0x18/0x40 [ 14.934442] kasan_save_alloc_info+0x3b/0x50 [ 14.934629] __kasan_kmalloc+0xb7/0xc0 [ 14.934765] __kmalloc_cache_noprof+0x189/0x420 [ 14.934970] kasan_atomics+0x95/0x310 [ 14.935165] kunit_try_run_case+0x1a5/0x480 [ 14.935372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.935646] kthread+0x337/0x6f0 [ 14.935813] ret_from_fork+0x116/0x1d0 [ 14.936052] ret_from_fork_asm+0x1a/0x30 [ 14.936224] [ 14.936296] The buggy address belongs to the object at ffff888102b49680 [ 14.936296] which belongs to the cache kmalloc-64 of size 64 [ 14.936770] The buggy address is located 0 bytes to the right of [ 14.936770] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.937812] [ 14.938010] The buggy address belongs to the physical page: [ 14.938478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.939170] flags: 0x200000000000000(node=0|zone=2) [ 14.939702] page_type: f5(slab) [ 14.940003] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.940767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.941642] page dumped because: kasan: bad access detected [ 14.942231] [ 14.942395] Memory state around the buggy address: [ 14.942841] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.943573] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.944325] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.944821] ^ [ 14.945129] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945348] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945792] ================================================================== [ 15.000550] ================================================================== [ 15.001161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.001506] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.001911] [ 15.002123] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.002168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.002213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.002235] Call Trace: [ 15.002249] <TASK> [ 15.002274] dump_stack_lvl+0x73/0xb0 [ 15.002302] print_report+0xd1/0x650 [ 15.002325] ? __virt_addr_valid+0x1db/0x2d0 [ 15.002348] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.002371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.002395] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.002445] kasan_report+0x141/0x180 [ 15.002470] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.002497] kasan_check_range+0x10c/0x1c0 [ 15.002533] __kasan_check_write+0x18/0x20 [ 15.002553] kasan_atomics_helper+0x1a7f/0x5450 [ 15.002577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.002601] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.002639] ? ret_from_fork_asm+0x1a/0x30 [ 15.002663] ? kasan_atomics+0x152/0x310 [ 15.002690] kasan_atomics+0x1dc/0x310 [ 15.002714] ? __pfx_kasan_atomics+0x10/0x10 [ 15.002739] ? __pfx_read_tsc+0x10/0x10 [ 15.002761] ? ktime_get_ts64+0x86/0x230 [ 15.002812] kunit_try_run_case+0x1a5/0x480 [ 15.002835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.002855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.002881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.002917] ? __kthread_parkme+0x82/0x180 [ 15.002938] ? preempt_count_sub+0x50/0x80 [ 15.003009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.003032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.003058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.003083] kthread+0x337/0x6f0 [ 15.003103] ? trace_preempt_on+0x20/0xc0 [ 15.003125] ? __pfx_kthread+0x10/0x10 [ 15.003146] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.003171] ? calculate_sigpending+0x7b/0xa0 [ 15.003195] ? __pfx_kthread+0x10/0x10 [ 15.003217] ret_from_fork+0x116/0x1d0 [ 15.003236] ? __pfx_kthread+0x10/0x10 [ 15.003257] ret_from_fork_asm+0x1a/0x30 [ 15.003288] </TASK> [ 15.003299] [ 15.016254] Allocated by task 282: [ 15.016411] kasan_save_stack+0x45/0x70 [ 15.016710] kasan_save_track+0x18/0x40 [ 15.017099] kasan_save_alloc_info+0x3b/0x50 [ 15.017327] __kasan_kmalloc+0xb7/0xc0 [ 15.017521] __kmalloc_cache_noprof+0x189/0x420 [ 15.017913] kasan_atomics+0x95/0x310 [ 15.018211] kunit_try_run_case+0x1a5/0x480 [ 15.018409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.018629] kthread+0x337/0x6f0 [ 15.018785] ret_from_fork+0x116/0x1d0 [ 15.018927] ret_from_fork_asm+0x1a/0x30 [ 15.019125] [ 15.019223] The buggy address belongs to the object at ffff888102b49680 [ 15.019223] which belongs to the cache kmalloc-64 of size 64 [ 15.020092] The buggy address is located 0 bytes to the right of [ 15.020092] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.020688] [ 15.020810] The buggy address belongs to the physical page: [ 15.021104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.021351] flags: 0x200000000000000(node=0|zone=2) [ 15.021517] page_type: f5(slab) [ 15.021702] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.022120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.022762] page dumped because: kasan: bad access detected [ 15.023167] [ 15.023271] Memory state around the buggy address: [ 15.023557] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.023861] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.024220] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.025088] ^ [ 15.025325] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.025633] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.025972] ================================================================== [ 14.149889] ================================================================== [ 14.150154] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.150454] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.150820] [ 14.150979] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.151025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.151038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.151059] Call Trace: [ 14.151074] <TASK> [ 14.151096] dump_stack_lvl+0x73/0xb0 [ 14.151121] print_report+0xd1/0x650 [ 14.151144] ? __virt_addr_valid+0x1db/0x2d0 [ 14.151167] ? kasan_atomics_helper+0x860/0x5450 [ 14.151189] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.151213] ? kasan_atomics_helper+0x860/0x5450 [ 14.151235] kasan_report+0x141/0x180 [ 14.151259] ? kasan_atomics_helper+0x860/0x5450 [ 14.151285] kasan_check_range+0x10c/0x1c0 [ 14.151310] __kasan_check_write+0x18/0x20 [ 14.151330] kasan_atomics_helper+0x860/0x5450 [ 14.151353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.151377] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.151401] ? ret_from_fork_asm+0x1a/0x30 [ 14.151424] ? kasan_atomics+0x152/0x310 [ 14.151450] kasan_atomics+0x1dc/0x310 [ 14.151474] ? __pfx_kasan_atomics+0x10/0x10 [ 14.151498] ? __pfx_read_tsc+0x10/0x10 [ 14.151520] ? ktime_get_ts64+0x86/0x230 [ 14.151544] kunit_try_run_case+0x1a5/0x480 [ 14.151566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.151587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.151612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.151649] ? __kthread_parkme+0x82/0x180 [ 14.151669] ? preempt_count_sub+0x50/0x80 [ 14.151693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.151716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.151740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.151766] kthread+0x337/0x6f0 [ 14.151786] ? trace_preempt_on+0x20/0xc0 [ 14.151810] ? __pfx_kthread+0x10/0x10 [ 14.151832] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.151856] ? calculate_sigpending+0x7b/0xa0 [ 14.151881] ? __pfx_kthread+0x10/0x10 [ 14.151914] ret_from_fork+0x116/0x1d0 [ 14.151933] ? __pfx_kthread+0x10/0x10 [ 14.151954] ret_from_fork_asm+0x1a/0x30 [ 14.151985] </TASK> [ 14.151995] [ 14.160303] Allocated by task 282: [ 14.160433] kasan_save_stack+0x45/0x70 [ 14.160595] kasan_save_track+0x18/0x40 [ 14.161087] kasan_save_alloc_info+0x3b/0x50 [ 14.161290] __kasan_kmalloc+0xb7/0xc0 [ 14.161424] __kmalloc_cache_noprof+0x189/0x420 [ 14.161580] kasan_atomics+0x95/0x310 [ 14.161942] kunit_try_run_case+0x1a5/0x480 [ 14.162154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.162414] kthread+0x337/0x6f0 [ 14.162618] ret_from_fork+0x116/0x1d0 [ 14.162815] ret_from_fork_asm+0x1a/0x30 [ 14.163051] [ 14.163147] The buggy address belongs to the object at ffff888102b49680 [ 14.163147] which belongs to the cache kmalloc-64 of size 64 [ 14.163510] The buggy address is located 0 bytes to the right of [ 14.163510] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.164103] [ 14.164203] The buggy address belongs to the physical page: [ 14.164608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.164978] flags: 0x200000000000000(node=0|zone=2) [ 14.165263] page_type: f5(slab) [ 14.165387] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.165621] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.165848] page dumped because: kasan: bad access detected [ 14.166190] [ 14.166307] Memory state around the buggy address: [ 14.166533] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.166833] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.167261] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.167477] ^ [ 14.167643] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168010] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168324] ================================================================== [ 15.093073] ================================================================== [ 15.093596] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.094270] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.095042] [ 15.095216] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.095260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.095273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.095295] Call Trace: [ 15.095307] <TASK> [ 15.095320] dump_stack_lvl+0x73/0xb0 [ 15.095345] print_report+0xd1/0x650 [ 15.095367] ? __virt_addr_valid+0x1db/0x2d0 [ 15.095391] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.095413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.095437] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.095460] kasan_report+0x141/0x180 [ 15.095482] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.095510] __asan_report_load8_noabort+0x18/0x20 [ 15.095531] kasan_atomics_helper+0x4f30/0x5450 [ 15.095554] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.095577] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.095601] ? ret_from_fork_asm+0x1a/0x30 [ 15.095623] ? kasan_atomics+0x152/0x310 [ 15.095663] kasan_atomics+0x1dc/0x310 [ 15.095687] ? __pfx_kasan_atomics+0x10/0x10 [ 15.095712] ? __pfx_read_tsc+0x10/0x10 [ 15.095733] ? ktime_get_ts64+0x86/0x230 [ 15.095758] kunit_try_run_case+0x1a5/0x480 [ 15.095780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.095801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.095827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.095853] ? __kthread_parkme+0x82/0x180 [ 15.095874] ? preempt_count_sub+0x50/0x80 [ 15.095908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.095930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.095955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.095981] kthread+0x337/0x6f0 [ 15.096000] ? trace_preempt_on+0x20/0xc0 [ 15.096023] ? __pfx_kthread+0x10/0x10 [ 15.096045] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.096068] ? calculate_sigpending+0x7b/0xa0 [ 15.096092] ? __pfx_kthread+0x10/0x10 [ 15.096113] ret_from_fork+0x116/0x1d0 [ 15.096132] ? __pfx_kthread+0x10/0x10 [ 15.096153] ret_from_fork_asm+0x1a/0x30 [ 15.096183] </TASK> [ 15.096194] [ 15.104598] Allocated by task 282: [ 15.104791] kasan_save_stack+0x45/0x70 [ 15.105001] kasan_save_track+0x18/0x40 [ 15.105200] kasan_save_alloc_info+0x3b/0x50 [ 15.105413] __kasan_kmalloc+0xb7/0xc0 [ 15.105615] __kmalloc_cache_noprof+0x189/0x420 [ 15.105812] kasan_atomics+0x95/0x310 [ 15.106036] kunit_try_run_case+0x1a5/0x480 [ 15.106221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.106404] kthread+0x337/0x6f0 [ 15.106524] ret_from_fork+0x116/0x1d0 [ 15.106704] ret_from_fork_asm+0x1a/0x30 [ 15.106916] [ 15.107017] The buggy address belongs to the object at ffff888102b49680 [ 15.107017] which belongs to the cache kmalloc-64 of size 64 [ 15.107562] The buggy address is located 0 bytes to the right of [ 15.107562] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.108079] [ 15.108154] The buggy address belongs to the physical page: [ 15.108345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.108723] flags: 0x200000000000000(node=0|zone=2) [ 15.108955] page_type: f5(slab) [ 15.109119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.109413] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.109675] page dumped because: kasan: bad access detected [ 15.109847] [ 15.109925] Memory state around the buggy address: [ 15.110082] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.110399] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.110726] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.111010] ^ [ 15.111165] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111381] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111594] ================================================================== [ 15.026544] ================================================================== [ 15.027047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.027381] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.027720] [ 15.027877] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.027936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.027999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.028021] Call Trace: [ 15.028075] <TASK> [ 15.028090] dump_stack_lvl+0x73/0xb0 [ 15.028141] print_report+0xd1/0x650 [ 15.028164] ? __virt_addr_valid+0x1db/0x2d0 [ 15.028212] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.028236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.028259] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.028282] kasan_report+0x141/0x180 [ 15.028305] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.028332] kasan_check_range+0x10c/0x1c0 [ 15.028357] __kasan_check_write+0x18/0x20 [ 15.028377] kasan_atomics_helper+0x1b22/0x5450 [ 15.028401] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.028424] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.028449] ? ret_from_fork_asm+0x1a/0x30 [ 15.028471] ? kasan_atomics+0x152/0x310 [ 15.028499] kasan_atomics+0x1dc/0x310 [ 15.028522] ? __pfx_kasan_atomics+0x10/0x10 [ 15.028548] ? __pfx_read_tsc+0x10/0x10 [ 15.028571] ? ktime_get_ts64+0x86/0x230 [ 15.028595] kunit_try_run_case+0x1a5/0x480 [ 15.028617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.028665] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.028692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.028718] ? __kthread_parkme+0x82/0x180 [ 15.028740] ? preempt_count_sub+0x50/0x80 [ 15.028765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.028788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.028813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.028838] kthread+0x337/0x6f0 [ 15.028858] ? trace_preempt_on+0x20/0xc0 [ 15.028881] ? __pfx_kthread+0x10/0x10 [ 15.028914] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.028937] ? calculate_sigpending+0x7b/0xa0 [ 15.028972] ? __pfx_kthread+0x10/0x10 [ 15.028994] ret_from_fork+0x116/0x1d0 [ 15.029014] ? __pfx_kthread+0x10/0x10 [ 15.029035] ret_from_fork_asm+0x1a/0x30 [ 15.029071] </TASK> [ 15.029082] [ 15.040318] Allocated by task 282: [ 15.040469] kasan_save_stack+0x45/0x70 [ 15.042495] kasan_save_track+0x18/0x40 [ 15.042716] kasan_save_alloc_info+0x3b/0x50 [ 15.042869] __kasan_kmalloc+0xb7/0xc0 [ 15.043789] __kmalloc_cache_noprof+0x189/0x420 [ 15.044388] kasan_atomics+0x95/0x310 [ 15.044737] kunit_try_run_case+0x1a5/0x480 [ 15.044902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.045902] kthread+0x337/0x6f0 [ 15.046610] ret_from_fork+0x116/0x1d0 [ 15.046953] ret_from_fork_asm+0x1a/0x30 [ 15.047095] [ 15.047170] The buggy address belongs to the object at ffff888102b49680 [ 15.047170] which belongs to the cache kmalloc-64 of size 64 [ 15.047515] The buggy address is located 0 bytes to the right of [ 15.047515] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.047865] [ 15.048546] The buggy address belongs to the physical page: [ 15.049816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.050865] flags: 0x200000000000000(node=0|zone=2) [ 15.051748] page_type: f5(slab) [ 15.052191] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.053393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.054309] page dumped because: kasan: bad access detected [ 15.055002] [ 15.055240] Memory state around the buggy address: [ 15.055654] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.056406] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.057129] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.057869] ^ [ 15.058586] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059331] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059558] ================================================================== [ 14.791906] ================================================================== [ 14.792741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.793202] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.793581] [ 14.793816] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.793888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.793926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.793947] Call Trace: [ 14.794015] <TASK> [ 14.794031] dump_stack_lvl+0x73/0xb0 [ 14.794062] print_report+0xd1/0x650 [ 14.794110] ? __virt_addr_valid+0x1db/0x2d0 [ 14.794135] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.794181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.794222] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.794256] kasan_report+0x141/0x180 [ 14.794279] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.794307] kasan_check_range+0x10c/0x1c0 [ 14.794332] __kasan_check_write+0x18/0x20 [ 14.794352] kasan_atomics_helper+0x15b6/0x5450 [ 14.794376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.794399] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.794423] ? ret_from_fork_asm+0x1a/0x30 [ 14.794446] ? kasan_atomics+0x152/0x310 [ 14.794497] kasan_atomics+0x1dc/0x310 [ 14.794520] ? __pfx_kasan_atomics+0x10/0x10 [ 14.794545] ? __pfx_read_tsc+0x10/0x10 [ 14.794577] ? ktime_get_ts64+0x86/0x230 [ 14.794602] kunit_try_run_case+0x1a5/0x480 [ 14.794623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.794644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.794670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.794695] ? __kthread_parkme+0x82/0x180 [ 14.794742] ? preempt_count_sub+0x50/0x80 [ 14.794767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.794788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.794836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.794862] kthread+0x337/0x6f0 [ 14.794911] ? trace_preempt_on+0x20/0xc0 [ 14.794944] ? __pfx_kthread+0x10/0x10 [ 14.794965] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.794989] ? calculate_sigpending+0x7b/0xa0 [ 14.795023] ? __pfx_kthread+0x10/0x10 [ 14.795094] ret_from_fork+0x116/0x1d0 [ 14.795116] ? __pfx_kthread+0x10/0x10 [ 14.795138] ret_from_fork_asm+0x1a/0x30 [ 14.795169] </TASK> [ 14.795181] [ 14.809601] Allocated by task 282: [ 14.810052] kasan_save_stack+0x45/0x70 [ 14.810574] kasan_save_track+0x18/0x40 [ 14.811054] kasan_save_alloc_info+0x3b/0x50 [ 14.811479] __kasan_kmalloc+0xb7/0xc0 [ 14.811923] __kmalloc_cache_noprof+0x189/0x420 [ 14.812303] kasan_atomics+0x95/0x310 [ 14.812441] kunit_try_run_case+0x1a5/0x480 [ 14.812587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.813249] kthread+0x337/0x6f0 [ 14.813605] ret_from_fork+0x116/0x1d0 [ 14.814003] ret_from_fork_asm+0x1a/0x30 [ 14.814511] [ 14.814713] The buggy address belongs to the object at ffff888102b49680 [ 14.814713] which belongs to the cache kmalloc-64 of size 64 [ 14.815528] The buggy address is located 0 bytes to the right of [ 14.815528] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.816754] [ 14.816937] The buggy address belongs to the physical page: [ 14.817469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.817877] flags: 0x200000000000000(node=0|zone=2) [ 14.818472] page_type: f5(slab) [ 14.818812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.819607] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.820003] page dumped because: kasan: bad access detected [ 14.820177] [ 14.820246] Memory state around the buggy address: [ 14.820400] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.820614] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.821778] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.822604] ^ [ 14.823421] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824285] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825140] ================================================================== [ 14.474104] ================================================================== [ 14.474446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.474815] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.475213] [ 14.475298] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.475343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.475355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.475376] Call Trace: [ 14.475390] <TASK> [ 14.475405] dump_stack_lvl+0x73/0xb0 [ 14.475428] print_report+0xd1/0x650 [ 14.475451] ? __virt_addr_valid+0x1db/0x2d0 [ 14.475475] ? kasan_atomics_helper+0x1148/0x5450 [ 14.475497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.475522] ? kasan_atomics_helper+0x1148/0x5450 [ 14.475545] kasan_report+0x141/0x180 [ 14.475568] ? kasan_atomics_helper+0x1148/0x5450 [ 14.475596] kasan_check_range+0x10c/0x1c0 [ 14.475639] __kasan_check_write+0x18/0x20 [ 14.475659] kasan_atomics_helper+0x1148/0x5450 [ 14.475683] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.475707] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.475731] ? ret_from_fork_asm+0x1a/0x30 [ 14.475754] ? kasan_atomics+0x152/0x310 [ 14.475780] kasan_atomics+0x1dc/0x310 [ 14.475804] ? __pfx_kasan_atomics+0x10/0x10 [ 14.475828] ? __pfx_read_tsc+0x10/0x10 [ 14.475851] ? ktime_get_ts64+0x86/0x230 [ 14.475875] kunit_try_run_case+0x1a5/0x480 [ 14.475906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475945] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.475973] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475999] ? __kthread_parkme+0x82/0x180 [ 14.476019] ? preempt_count_sub+0x50/0x80 [ 14.476044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.476067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.476092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.476118] kthread+0x337/0x6f0 [ 14.476137] ? trace_preempt_on+0x20/0xc0 [ 14.476161] ? __pfx_kthread+0x10/0x10 [ 14.476182] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.476205] ? calculate_sigpending+0x7b/0xa0 [ 14.476229] ? __pfx_kthread+0x10/0x10 [ 14.476252] ret_from_fork+0x116/0x1d0 [ 14.476271] ? __pfx_kthread+0x10/0x10 [ 14.476292] ret_from_fork_asm+0x1a/0x30 [ 14.476323] </TASK> [ 14.476334] [ 14.485025] Allocated by task 282: [ 14.485181] kasan_save_stack+0x45/0x70 [ 14.485415] kasan_save_track+0x18/0x40 [ 14.485674] kasan_save_alloc_info+0x3b/0x50 [ 14.485872] __kasan_kmalloc+0xb7/0xc0 [ 14.486068] __kmalloc_cache_noprof+0x189/0x420 [ 14.486357] kasan_atomics+0x95/0x310 [ 14.486518] kunit_try_run_case+0x1a5/0x480 [ 14.486689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.486869] kthread+0x337/0x6f0 [ 14.486999] ret_from_fork+0x116/0x1d0 [ 14.487132] ret_from_fork_asm+0x1a/0x30 [ 14.487271] [ 14.487343] The buggy address belongs to the object at ffff888102b49680 [ 14.487343] which belongs to the cache kmalloc-64 of size 64 [ 14.487754] The buggy address is located 0 bytes to the right of [ 14.487754] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.488306] [ 14.488402] The buggy address belongs to the physical page: [ 14.488673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.489068] flags: 0x200000000000000(node=0|zone=2) [ 14.489302] page_type: f5(slab) [ 14.489466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.489805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.490151] page dumped because: kasan: bad access detected [ 14.490406] [ 14.490499] Memory state around the buggy address: [ 14.490676] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.490924] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.491629] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.491901] ^ [ 14.492101] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492383] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.492729] ================================================================== [ 14.437082] ================================================================== [ 14.437432] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.437799] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.438312] [ 14.438422] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.438465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.438477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.438498] Call Trace: [ 14.438513] <TASK> [ 14.438527] dump_stack_lvl+0x73/0xb0 [ 14.438553] print_report+0xd1/0x650 [ 14.438575] ? __virt_addr_valid+0x1db/0x2d0 [ 14.438599] ? kasan_atomics_helper+0x1079/0x5450 [ 14.438643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.438668] ? kasan_atomics_helper+0x1079/0x5450 [ 14.438691] kasan_report+0x141/0x180 [ 14.438714] ? kasan_atomics_helper+0x1079/0x5450 [ 14.438742] kasan_check_range+0x10c/0x1c0 [ 14.438766] __kasan_check_write+0x18/0x20 [ 14.438787] kasan_atomics_helper+0x1079/0x5450 [ 14.438811] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.438835] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.438860] ? ret_from_fork_asm+0x1a/0x30 [ 14.438884] ? kasan_atomics+0x152/0x310 [ 14.438920] kasan_atomics+0x1dc/0x310 [ 14.438962] ? __pfx_kasan_atomics+0x10/0x10 [ 14.438988] ? __pfx_read_tsc+0x10/0x10 [ 14.439010] ? ktime_get_ts64+0x86/0x230 [ 14.439035] kunit_try_run_case+0x1a5/0x480 [ 14.439057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.439077] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.439103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.439128] ? __kthread_parkme+0x82/0x180 [ 14.439149] ? preempt_count_sub+0x50/0x80 [ 14.439174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.439195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.439220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.439245] kthread+0x337/0x6f0 [ 14.439265] ? trace_preempt_on+0x20/0xc0 [ 14.439288] ? __pfx_kthread+0x10/0x10 [ 14.439309] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.439333] ? calculate_sigpending+0x7b/0xa0 [ 14.439357] ? __pfx_kthread+0x10/0x10 [ 14.439380] ret_from_fork+0x116/0x1d0 [ 14.439399] ? __pfx_kthread+0x10/0x10 [ 14.439421] ret_from_fork_asm+0x1a/0x30 [ 14.439450] </TASK> [ 14.439462] [ 14.447636] Allocated by task 282: [ 14.447794] kasan_save_stack+0x45/0x70 [ 14.448055] kasan_save_track+0x18/0x40 [ 14.448194] kasan_save_alloc_info+0x3b/0x50 [ 14.448407] __kasan_kmalloc+0xb7/0xc0 [ 14.448601] __kmalloc_cache_noprof+0x189/0x420 [ 14.448823] kasan_atomics+0x95/0x310 [ 14.449095] kunit_try_run_case+0x1a5/0x480 [ 14.449257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.449434] kthread+0x337/0x6f0 [ 14.449556] ret_from_fork+0x116/0x1d0 [ 14.449712] ret_from_fork_asm+0x1a/0x30 [ 14.449854] [ 14.449956] The buggy address belongs to the object at ffff888102b49680 [ 14.449956] which belongs to the cache kmalloc-64 of size 64 [ 14.450312] The buggy address is located 0 bytes to the right of [ 14.450312] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.450785] [ 14.450880] The buggy address belongs to the physical page: [ 14.451136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.451482] flags: 0x200000000000000(node=0|zone=2) [ 14.451739] page_type: f5(slab) [ 14.451911] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.452247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.452848] page dumped because: kasan: bad access detected [ 14.453301] [ 14.453399] Memory state around the buggy address: [ 14.453637] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.453882] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.454512] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.454809] ^ [ 14.455052] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455317] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.455630] ================================================================== [ 15.112218] ================================================================== [ 15.112723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.113212] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.113542] [ 15.113675] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.113719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.113730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.113751] Call Trace: [ 15.113763] <TASK> [ 15.113777] dump_stack_lvl+0x73/0xb0 [ 15.113801] print_report+0xd1/0x650 [ 15.113824] ? __virt_addr_valid+0x1db/0x2d0 [ 15.113848] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.113871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.113905] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.113927] kasan_report+0x141/0x180 [ 15.113950] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.113977] kasan_check_range+0x10c/0x1c0 [ 15.114002] __kasan_check_write+0x18/0x20 [ 15.114022] kasan_atomics_helper+0x1ce1/0x5450 [ 15.114045] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.114069] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.114093] ? ret_from_fork_asm+0x1a/0x30 [ 15.114115] ? kasan_atomics+0x152/0x310 [ 15.114141] kasan_atomics+0x1dc/0x310 [ 15.114165] ? __pfx_kasan_atomics+0x10/0x10 [ 15.114190] ? __pfx_read_tsc+0x10/0x10 [ 15.114211] ? ktime_get_ts64+0x86/0x230 [ 15.114236] kunit_try_run_case+0x1a5/0x480 [ 15.114258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.114306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.114332] ? __kthread_parkme+0x82/0x180 [ 15.114352] ? preempt_count_sub+0x50/0x80 [ 15.114377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.114424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.114450] kthread+0x337/0x6f0 [ 15.114470] ? trace_preempt_on+0x20/0xc0 [ 15.114492] ? __pfx_kthread+0x10/0x10 [ 15.114514] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.114537] ? calculate_sigpending+0x7b/0xa0 [ 15.114562] ? __pfx_kthread+0x10/0x10 [ 15.114584] ret_from_fork+0x116/0x1d0 [ 15.114603] ? __pfx_kthread+0x10/0x10 [ 15.114645] ret_from_fork_asm+0x1a/0x30 [ 15.114675] </TASK> [ 15.114687] [ 15.121901] Allocated by task 282: [ 15.122079] kasan_save_stack+0x45/0x70 [ 15.122275] kasan_save_track+0x18/0x40 [ 15.122464] kasan_save_alloc_info+0x3b/0x50 [ 15.122704] __kasan_kmalloc+0xb7/0xc0 [ 15.122890] __kmalloc_cache_noprof+0x189/0x420 [ 15.123118] kasan_atomics+0x95/0x310 [ 15.123297] kunit_try_run_case+0x1a5/0x480 [ 15.123442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.123655] kthread+0x337/0x6f0 [ 15.123826] ret_from_fork+0x116/0x1d0 [ 15.124022] ret_from_fork_asm+0x1a/0x30 [ 15.124218] [ 15.124313] The buggy address belongs to the object at ffff888102b49680 [ 15.124313] which belongs to the cache kmalloc-64 of size 64 [ 15.124831] The buggy address is located 0 bytes to the right of [ 15.124831] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.125344] [ 15.125419] The buggy address belongs to the physical page: [ 15.125693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.126022] flags: 0x200000000000000(node=0|zone=2) [ 15.126215] page_type: f5(slab) [ 15.126376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.126683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.126919] page dumped because: kasan: bad access detected [ 15.127090] [ 15.127158] Memory state around the buggy address: [ 15.127329] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.127671] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.127995] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.128307] ^ [ 15.128513] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128811] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.129056] ================================================================== [ 14.418518] ================================================================== [ 14.418852] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.419195] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.419470] [ 14.419558] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.419601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.419614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.419635] Call Trace: [ 14.419648] <TASK> [ 14.419661] dump_stack_lvl+0x73/0xb0 [ 14.419684] print_report+0xd1/0x650 [ 14.419707] ? __virt_addr_valid+0x1db/0x2d0 [ 14.419731] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.419753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.419776] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.419799] kasan_report+0x141/0x180 [ 14.419822] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.419849] __asan_report_load4_noabort+0x18/0x20 [ 14.419870] kasan_atomics_helper+0x4a36/0x5450 [ 14.419927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.419952] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.419978] ? ret_from_fork_asm+0x1a/0x30 [ 14.420000] ? kasan_atomics+0x152/0x310 [ 14.420028] kasan_atomics+0x1dc/0x310 [ 14.420052] ? __pfx_kasan_atomics+0x10/0x10 [ 14.420079] ? __pfx_read_tsc+0x10/0x10 [ 14.420101] ? ktime_get_ts64+0x86/0x230 [ 14.420125] kunit_try_run_case+0x1a5/0x480 [ 14.420147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.420167] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.420193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.420219] ? __kthread_parkme+0x82/0x180 [ 14.420240] ? preempt_count_sub+0x50/0x80 [ 14.420264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.420286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.420312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.420337] kthread+0x337/0x6f0 [ 14.420356] ? trace_preempt_on+0x20/0xc0 [ 14.420379] ? __pfx_kthread+0x10/0x10 [ 14.420401] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.420424] ? calculate_sigpending+0x7b/0xa0 [ 14.420448] ? __pfx_kthread+0x10/0x10 [ 14.420471] ret_from_fork+0x116/0x1d0 [ 14.420489] ? __pfx_kthread+0x10/0x10 [ 14.420511] ret_from_fork_asm+0x1a/0x30 [ 14.420541] </TASK> [ 14.420552] [ 14.429100] Allocated by task 282: [ 14.429380] kasan_save_stack+0x45/0x70 [ 14.429573] kasan_save_track+0x18/0x40 [ 14.429806] kasan_save_alloc_info+0x3b/0x50 [ 14.430028] __kasan_kmalloc+0xb7/0xc0 [ 14.430212] __kmalloc_cache_noprof+0x189/0x420 [ 14.430394] kasan_atomics+0x95/0x310 [ 14.430559] kunit_try_run_case+0x1a5/0x480 [ 14.430776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.431086] kthread+0x337/0x6f0 [ 14.431249] ret_from_fork+0x116/0x1d0 [ 14.431384] ret_from_fork_asm+0x1a/0x30 [ 14.431581] [ 14.431698] The buggy address belongs to the object at ffff888102b49680 [ 14.431698] which belongs to the cache kmalloc-64 of size 64 [ 14.432273] The buggy address is located 0 bytes to the right of [ 14.432273] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.432761] [ 14.432837] The buggy address belongs to the physical page: [ 14.433052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.433298] flags: 0x200000000000000(node=0|zone=2) [ 14.433465] page_type: f5(slab) [ 14.433586] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.433838] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.434279] page dumped because: kasan: bad access detected [ 14.434664] [ 14.434759] Memory state around the buggy address: [ 14.435001] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.435506] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.435734] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.435959] ^ [ 14.436122] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436343] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.436559] ================================================================== [ 14.340520] ================================================================== [ 14.340916] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.341242] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.341461] [ 14.341543] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.341605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.341636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.341658] Call Trace: [ 14.341673] <TASK> [ 14.341688] dump_stack_lvl+0x73/0xb0 [ 14.341734] print_report+0xd1/0x650 [ 14.341758] ? __virt_addr_valid+0x1db/0x2d0 [ 14.341799] ? kasan_atomics_helper+0xde0/0x5450 [ 14.341821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.341844] ? kasan_atomics_helper+0xde0/0x5450 [ 14.341884] kasan_report+0x141/0x180 [ 14.341920] ? kasan_atomics_helper+0xde0/0x5450 [ 14.341970] kasan_check_range+0x10c/0x1c0 [ 14.341996] __kasan_check_write+0x18/0x20 [ 14.342017] kasan_atomics_helper+0xde0/0x5450 [ 14.342040] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.342063] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.342088] ? ret_from_fork_asm+0x1a/0x30 [ 14.342110] ? kasan_atomics+0x152/0x310 [ 14.342137] kasan_atomics+0x1dc/0x310 [ 14.342160] ? __pfx_kasan_atomics+0x10/0x10 [ 14.342186] ? __pfx_read_tsc+0x10/0x10 [ 14.342207] ? ktime_get_ts64+0x86/0x230 [ 14.342232] kunit_try_run_case+0x1a5/0x480 [ 14.342254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342274] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.342300] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.342325] ? __kthread_parkme+0x82/0x180 [ 14.342346] ? preempt_count_sub+0x50/0x80 [ 14.342371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.342418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.342443] kthread+0x337/0x6f0 [ 14.342464] ? trace_preempt_on+0x20/0xc0 [ 14.342486] ? __pfx_kthread+0x10/0x10 [ 14.342509] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.342532] ? calculate_sigpending+0x7b/0xa0 [ 14.342557] ? __pfx_kthread+0x10/0x10 [ 14.342579] ret_from_fork+0x116/0x1d0 [ 14.342598] ? __pfx_kthread+0x10/0x10 [ 14.342627] ret_from_fork_asm+0x1a/0x30 [ 14.342657] </TASK> [ 14.342668] [ 14.351347] Allocated by task 282: [ 14.351481] kasan_save_stack+0x45/0x70 [ 14.351649] kasan_save_track+0x18/0x40 [ 14.351848] kasan_save_alloc_info+0x3b/0x50 [ 14.352261] __kasan_kmalloc+0xb7/0xc0 [ 14.352457] __kmalloc_cache_noprof+0x189/0x420 [ 14.352727] kasan_atomics+0x95/0x310 [ 14.352924] kunit_try_run_case+0x1a5/0x480 [ 14.353260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353529] kthread+0x337/0x6f0 [ 14.353751] ret_from_fork+0x116/0x1d0 [ 14.353908] ret_from_fork_asm+0x1a/0x30 [ 14.354188] [ 14.354287] The buggy address belongs to the object at ffff888102b49680 [ 14.354287] which belongs to the cache kmalloc-64 of size 64 [ 14.354880] The buggy address is located 0 bytes to the right of [ 14.354880] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.355517] [ 14.355695] The buggy address belongs to the physical page: [ 14.356265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.356641] flags: 0x200000000000000(node=0|zone=2) [ 14.356873] page_type: f5(slab) [ 14.357204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.357472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.357723] page dumped because: kasan: bad access detected [ 14.357904] [ 14.358111] Memory state around the buggy address: [ 14.358338] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.358690] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.359064] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.359472] ^ [ 14.359830] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.360227] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.360719] ================================================================== [ 14.234414] ================================================================== [ 14.234754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.235033] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.235360] [ 14.235465] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.235508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.235520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.235542] Call Trace: [ 14.235555] <TASK> [ 14.235569] dump_stack_lvl+0x73/0xb0 [ 14.235595] print_report+0xd1/0x650 [ 14.235634] ? __virt_addr_valid+0x1db/0x2d0 [ 14.235659] ? kasan_atomics_helper+0xac7/0x5450 [ 14.235681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.235705] ? kasan_atomics_helper+0xac7/0x5450 [ 14.235727] kasan_report+0x141/0x180 [ 14.235750] ? kasan_atomics_helper+0xac7/0x5450 [ 14.235776] kasan_check_range+0x10c/0x1c0 [ 14.235801] __kasan_check_write+0x18/0x20 [ 14.235821] kasan_atomics_helper+0xac7/0x5450 [ 14.235844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.235868] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.235901] ? ret_from_fork_asm+0x1a/0x30 [ 14.235923] ? kasan_atomics+0x152/0x310 [ 14.235968] kasan_atomics+0x1dc/0x310 [ 14.235992] ? __pfx_kasan_atomics+0x10/0x10 [ 14.236017] ? __pfx_read_tsc+0x10/0x10 [ 14.236038] ? ktime_get_ts64+0x86/0x230 [ 14.236062] kunit_try_run_case+0x1a5/0x480 [ 14.236083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.236104] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.236129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.236154] ? __kthread_parkme+0x82/0x180 [ 14.236175] ? preempt_count_sub+0x50/0x80 [ 14.236199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.236221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.236246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.236271] kthread+0x337/0x6f0 [ 14.236291] ? trace_preempt_on+0x20/0xc0 [ 14.236314] ? __pfx_kthread+0x10/0x10 [ 14.236335] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.236359] ? calculate_sigpending+0x7b/0xa0 [ 14.236383] ? __pfx_kthread+0x10/0x10 [ 14.236405] ret_from_fork+0x116/0x1d0 [ 14.236424] ? __pfx_kthread+0x10/0x10 [ 14.236445] ret_from_fork_asm+0x1a/0x30 [ 14.236476] </TASK> [ 14.236487] [ 14.244715] Allocated by task 282: [ 14.244906] kasan_save_stack+0x45/0x70 [ 14.245061] kasan_save_track+0x18/0x40 [ 14.245216] kasan_save_alloc_info+0x3b/0x50 [ 14.245515] __kasan_kmalloc+0xb7/0xc0 [ 14.245727] __kmalloc_cache_noprof+0x189/0x420 [ 14.245961] kasan_atomics+0x95/0x310 [ 14.246267] kunit_try_run_case+0x1a5/0x480 [ 14.246418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.246596] kthread+0x337/0x6f0 [ 14.246733] ret_from_fork+0x116/0x1d0 [ 14.246867] ret_from_fork_asm+0x1a/0x30 [ 14.247247] [ 14.247344] The buggy address belongs to the object at ffff888102b49680 [ 14.247344] which belongs to the cache kmalloc-64 of size 64 [ 14.247910] The buggy address is located 0 bytes to the right of [ 14.247910] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.248529] [ 14.248638] The buggy address belongs to the physical page: [ 14.248855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.249237] flags: 0x200000000000000(node=0|zone=2) [ 14.249422] page_type: f5(slab) [ 14.249542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.249799] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.250128] page dumped because: kasan: bad access detected [ 14.250383] [ 14.250475] Memory state around the buggy address: [ 14.250719] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.251070] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.251366] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.251580] ^ [ 14.251734] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.251987] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.252304] ================================================================== [ 14.540845] ================================================================== [ 14.541606] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.542498] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.543237] [ 14.543481] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.543526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.543539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.543561] Call Trace: [ 14.543577] <TASK> [ 14.543593] dump_stack_lvl+0x73/0xb0 [ 14.543620] print_report+0xd1/0x650 [ 14.543642] ? __virt_addr_valid+0x1db/0x2d0 [ 14.543681] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.543704] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.543728] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.543751] kasan_report+0x141/0x180 [ 14.543774] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.543801] __asan_report_load4_noabort+0x18/0x20 [ 14.543822] kasan_atomics_helper+0x49e8/0x5450 [ 14.543845] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.543868] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.543905] ? ret_from_fork_asm+0x1a/0x30 [ 14.543928] ? kasan_atomics+0x152/0x310 [ 14.544027] kasan_atomics+0x1dc/0x310 [ 14.544053] ? __pfx_kasan_atomics+0x10/0x10 [ 14.544079] ? __pfx_read_tsc+0x10/0x10 [ 14.544100] ? ktime_get_ts64+0x86/0x230 [ 14.544125] kunit_try_run_case+0x1a5/0x480 [ 14.544148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544168] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.544194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.544219] ? __kthread_parkme+0x82/0x180 [ 14.544240] ? preempt_count_sub+0x50/0x80 [ 14.544264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.544311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.544336] kthread+0x337/0x6f0 [ 14.544356] ? trace_preempt_on+0x20/0xc0 [ 14.544379] ? __pfx_kthread+0x10/0x10 [ 14.544401] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.544424] ? calculate_sigpending+0x7b/0xa0 [ 14.544449] ? __pfx_kthread+0x10/0x10 [ 14.544470] ret_from_fork+0x116/0x1d0 [ 14.544489] ? __pfx_kthread+0x10/0x10 [ 14.544509] ret_from_fork_asm+0x1a/0x30 [ 14.544540] </TASK> [ 14.544551] [ 14.558004] Allocated by task 282: [ 14.558375] kasan_save_stack+0x45/0x70 [ 14.558812] kasan_save_track+0x18/0x40 [ 14.558964] kasan_save_alloc_info+0x3b/0x50 [ 14.559136] __kasan_kmalloc+0xb7/0xc0 [ 14.559273] __kmalloc_cache_noprof+0x189/0x420 [ 14.559430] kasan_atomics+0x95/0x310 [ 14.559564] kunit_try_run_case+0x1a5/0x480 [ 14.559872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.560427] kthread+0x337/0x6f0 [ 14.560753] ret_from_fork+0x116/0x1d0 [ 14.561234] ret_from_fork_asm+0x1a/0x30 [ 14.561685] [ 14.561845] The buggy address belongs to the object at ffff888102b49680 [ 14.561845] which belongs to the cache kmalloc-64 of size 64 [ 14.563236] The buggy address is located 0 bytes to the right of [ 14.563236] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.564496] [ 14.564628] The buggy address belongs to the physical page: [ 14.564803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.565597] flags: 0x200000000000000(node=0|zone=2) [ 14.566049] page_type: f5(slab) [ 14.566354] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.566971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.567262] page dumped because: kasan: bad access detected [ 14.567729] [ 14.567920] Memory state around the buggy address: [ 14.568433] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.569086] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.569712] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.570106] ^ [ 14.570267] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.570675] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.571364] ================================================================== [ 13.848496] ================================================================== [ 13.848913] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.849329] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.849651] [ 13.849735] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.849796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.849807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.849840] Call Trace: [ 13.849854] <TASK> [ 13.849867] dump_stack_lvl+0x73/0xb0 [ 13.849925] print_report+0xd1/0x650 [ 13.850005] ? __virt_addr_valid+0x1db/0x2d0 [ 13.850030] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.850075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.850097] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.850119] kasan_report+0x141/0x180 [ 13.850142] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.850169] __asan_report_store4_noabort+0x1b/0x30 [ 13.850190] kasan_atomics_helper+0x4ba2/0x5450 [ 13.850213] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.850250] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.850286] ? ret_from_fork_asm+0x1a/0x30 [ 13.850320] ? kasan_atomics+0x152/0x310 [ 13.850346] kasan_atomics+0x1dc/0x310 [ 13.850368] ? __pfx_kasan_atomics+0x10/0x10 [ 13.850392] ? __pfx_read_tsc+0x10/0x10 [ 13.850413] ? ktime_get_ts64+0x86/0x230 [ 13.850437] kunit_try_run_case+0x1a5/0x480 [ 13.850458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.850503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.850527] ? __kthread_parkme+0x82/0x180 [ 13.850546] ? preempt_count_sub+0x50/0x80 [ 13.850570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.850650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.850676] kthread+0x337/0x6f0 [ 13.850695] ? trace_preempt_on+0x20/0xc0 [ 13.850717] ? __pfx_kthread+0x10/0x10 [ 13.850754] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.850777] ? calculate_sigpending+0x7b/0xa0 [ 13.850801] ? __pfx_kthread+0x10/0x10 [ 13.850822] ret_from_fork+0x116/0x1d0 [ 13.850841] ? __pfx_kthread+0x10/0x10 [ 13.850861] ret_from_fork_asm+0x1a/0x30 [ 13.850889] </TASK> [ 13.850909] [ 13.859124] Allocated by task 282: [ 13.859300] kasan_save_stack+0x45/0x70 [ 13.859504] kasan_save_track+0x18/0x40 [ 13.859695] kasan_save_alloc_info+0x3b/0x50 [ 13.860183] __kasan_kmalloc+0xb7/0xc0 [ 13.860323] __kmalloc_cache_noprof+0x189/0x420 [ 13.860475] kasan_atomics+0x95/0x310 [ 13.860603] kunit_try_run_case+0x1a5/0x480 [ 13.860800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.861185] kthread+0x337/0x6f0 [ 13.861374] ret_from_fork+0x116/0x1d0 [ 13.861599] ret_from_fork_asm+0x1a/0x30 [ 13.861829] [ 13.862011] The buggy address belongs to the object at ffff888102b49680 [ 13.862011] which belongs to the cache kmalloc-64 of size 64 [ 13.862550] The buggy address is located 0 bytes to the right of [ 13.862550] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.863148] [ 13.863221] The buggy address belongs to the physical page: [ 13.863386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.863745] flags: 0x200000000000000(node=0|zone=2) [ 13.864113] page_type: f5(slab) [ 13.864302] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.864679] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.865214] page dumped because: kasan: bad access detected [ 13.865481] [ 13.865575] Memory state around the buggy address: [ 13.865725] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.866109] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.866464] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.866821] ^ [ 13.867117] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867443] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867761] ================================================================== [ 14.400096] ================================================================== [ 14.400360] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.400665] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.401036] [ 14.401151] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.401196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.401209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.401231] Call Trace: [ 14.401244] <TASK> [ 14.401258] dump_stack_lvl+0x73/0xb0 [ 14.401282] print_report+0xd1/0x650 [ 14.401305] ? __virt_addr_valid+0x1db/0x2d0 [ 14.401330] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.401353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.401377] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.401400] kasan_report+0x141/0x180 [ 14.401422] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.401450] kasan_check_range+0x10c/0x1c0 [ 14.401474] __kasan_check_write+0x18/0x20 [ 14.401495] kasan_atomics_helper+0xfa9/0x5450 [ 14.401518] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.401541] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.401565] ? ret_from_fork_asm+0x1a/0x30 [ 14.401587] ? kasan_atomics+0x152/0x310 [ 14.401632] kasan_atomics+0x1dc/0x310 [ 14.401657] ? __pfx_kasan_atomics+0x10/0x10 [ 14.401682] ? __pfx_read_tsc+0x10/0x10 [ 14.401703] ? ktime_get_ts64+0x86/0x230 [ 14.401727] kunit_try_run_case+0x1a5/0x480 [ 14.401748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.401770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.401794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.401820] ? __kthread_parkme+0x82/0x180 [ 14.401840] ? preempt_count_sub+0x50/0x80 [ 14.401865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.401887] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.401921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.401965] kthread+0x337/0x6f0 [ 14.401985] ? trace_preempt_on+0x20/0xc0 [ 14.402008] ? __pfx_kthread+0x10/0x10 [ 14.402028] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.402052] ? calculate_sigpending+0x7b/0xa0 [ 14.402077] ? __pfx_kthread+0x10/0x10 [ 14.402098] ret_from_fork+0x116/0x1d0 [ 14.402117] ? __pfx_kthread+0x10/0x10 [ 14.402138] ret_from_fork_asm+0x1a/0x30 [ 14.402169] </TASK> [ 14.402180] [ 14.410630] Allocated by task 282: [ 14.410794] kasan_save_stack+0x45/0x70 [ 14.410949] kasan_save_track+0x18/0x40 [ 14.411139] kasan_save_alloc_info+0x3b/0x50 [ 14.411438] __kasan_kmalloc+0xb7/0xc0 [ 14.411635] __kmalloc_cache_noprof+0x189/0x420 [ 14.411833] kasan_atomics+0x95/0x310 [ 14.412086] kunit_try_run_case+0x1a5/0x480 [ 14.412290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.412481] kthread+0x337/0x6f0 [ 14.412675] ret_from_fork+0x116/0x1d0 [ 14.412836] ret_from_fork_asm+0x1a/0x30 [ 14.413064] [ 14.413151] The buggy address belongs to the object at ffff888102b49680 [ 14.413151] which belongs to the cache kmalloc-64 of size 64 [ 14.413533] The buggy address is located 0 bytes to the right of [ 14.413533] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.414240] [ 14.414340] The buggy address belongs to the physical page: [ 14.414592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.414924] flags: 0x200000000000000(node=0|zone=2) [ 14.415168] page_type: f5(slab) [ 14.415290] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.415521] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.415900] page dumped because: kasan: bad access detected [ 14.416154] [ 14.416251] Memory state around the buggy address: [ 14.416479] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.416724] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.416952] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.417170] ^ [ 14.417324] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.417539] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.418081] ================================================================== [ 14.456198] ================================================================== [ 14.456476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.456735] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.457074] [ 14.457183] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.457225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.457237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.457258] Call Trace: [ 14.457269] <TASK> [ 14.457282] dump_stack_lvl+0x73/0xb0 [ 14.457307] print_report+0xd1/0x650 [ 14.457330] ? __virt_addr_valid+0x1db/0x2d0 [ 14.457354] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.457376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.457399] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.457423] kasan_report+0x141/0x180 [ 14.457446] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.457474] __asan_report_load4_noabort+0x18/0x20 [ 14.457496] kasan_atomics_helper+0x4a1c/0x5450 [ 14.457520] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.457543] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.457568] ? ret_from_fork_asm+0x1a/0x30 [ 14.457591] ? kasan_atomics+0x152/0x310 [ 14.457637] kasan_atomics+0x1dc/0x310 [ 14.457661] ? __pfx_kasan_atomics+0x10/0x10 [ 14.457686] ? __pfx_read_tsc+0x10/0x10 [ 14.457708] ? ktime_get_ts64+0x86/0x230 [ 14.457732] kunit_try_run_case+0x1a5/0x480 [ 14.457755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.457776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.457802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.457828] ? __kthread_parkme+0x82/0x180 [ 14.457849] ? preempt_count_sub+0x50/0x80 [ 14.457873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.457905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.457948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.457974] kthread+0x337/0x6f0 [ 14.457995] ? trace_preempt_on+0x20/0xc0 [ 14.458018] ? __pfx_kthread+0x10/0x10 [ 14.458041] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.458066] ? calculate_sigpending+0x7b/0xa0 [ 14.458091] ? __pfx_kthread+0x10/0x10 [ 14.458114] ret_from_fork+0x116/0x1d0 [ 14.458134] ? __pfx_kthread+0x10/0x10 [ 14.458156] ret_from_fork_asm+0x1a/0x30 [ 14.458186] </TASK> [ 14.458197] [ 14.465944] Allocated by task 282: [ 14.466076] kasan_save_stack+0x45/0x70 [ 14.466271] kasan_save_track+0x18/0x40 [ 14.466447] kasan_save_alloc_info+0x3b/0x50 [ 14.466677] __kasan_kmalloc+0xb7/0xc0 [ 14.466812] __kmalloc_cache_noprof+0x189/0x420 [ 14.466997] kasan_atomics+0x95/0x310 [ 14.467134] kunit_try_run_case+0x1a5/0x480 [ 14.467277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.467455] kthread+0x337/0x6f0 [ 14.467576] ret_from_fork+0x116/0x1d0 [ 14.467791] ret_from_fork_asm+0x1a/0x30 [ 14.468006] [ 14.468103] The buggy address belongs to the object at ffff888102b49680 [ 14.468103] which belongs to the cache kmalloc-64 of size 64 [ 14.468943] The buggy address is located 0 bytes to the right of [ 14.468943] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.469426] [ 14.469528] The buggy address belongs to the physical page: [ 14.469764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.470074] flags: 0x200000000000000(node=0|zone=2) [ 14.470448] page_type: f5(slab) [ 14.470644] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.470911] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.471480] page dumped because: kasan: bad access detected [ 14.471701] [ 14.471796] Memory state around the buggy address: [ 14.472070] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.472330] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.472628] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.472913] ^ [ 14.473124] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473451] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473707] ================================================================== [ 14.660451] ================================================================== [ 14.660989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.661436] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.661802] [ 14.662040] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.662128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.662141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.662164] Call Trace: [ 14.662189] <TASK> [ 14.662205] dump_stack_lvl+0x73/0xb0 [ 14.662232] print_report+0xd1/0x650 [ 14.662266] ? __virt_addr_valid+0x1db/0x2d0 [ 14.662291] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.662313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.662337] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.662361] kasan_report+0x141/0x180 [ 14.662385] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.662412] __asan_report_load8_noabort+0x18/0x20 [ 14.662435] kasan_atomics_helper+0x4eae/0x5450 [ 14.662467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.662491] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.662516] ? ret_from_fork_asm+0x1a/0x30 [ 14.662548] ? kasan_atomics+0x152/0x310 [ 14.662575] kasan_atomics+0x1dc/0x310 [ 14.662598] ? __pfx_kasan_atomics+0x10/0x10 [ 14.662623] ? __pfx_read_tsc+0x10/0x10 [ 14.662645] ? ktime_get_ts64+0x86/0x230 [ 14.662678] kunit_try_run_case+0x1a5/0x480 [ 14.662700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.662721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.662767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.662793] ? __kthread_parkme+0x82/0x180 [ 14.662814] ? preempt_count_sub+0x50/0x80 [ 14.662838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.662860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.662885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.662921] kthread+0x337/0x6f0 [ 14.662984] ? trace_preempt_on+0x20/0xc0 [ 14.663009] ? __pfx_kthread+0x10/0x10 [ 14.663031] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.663053] ? calculate_sigpending+0x7b/0xa0 [ 14.663079] ? __pfx_kthread+0x10/0x10 [ 14.663101] ret_from_fork+0x116/0x1d0 [ 14.663120] ? __pfx_kthread+0x10/0x10 [ 14.663141] ret_from_fork_asm+0x1a/0x30 [ 14.663171] </TASK> [ 14.663183] [ 14.678320] Allocated by task 282: [ 14.678647] kasan_save_stack+0x45/0x70 [ 14.678914] kasan_save_track+0x18/0x40 [ 14.679333] kasan_save_alloc_info+0x3b/0x50 [ 14.679595] __kasan_kmalloc+0xb7/0xc0 [ 14.679812] __kmalloc_cache_noprof+0x189/0x420 [ 14.680284] kasan_atomics+0x95/0x310 [ 14.680538] kunit_try_run_case+0x1a5/0x480 [ 14.680805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.681480] kthread+0x337/0x6f0 [ 14.681801] ret_from_fork+0x116/0x1d0 [ 14.682130] ret_from_fork_asm+0x1a/0x30 [ 14.682378] [ 14.682457] The buggy address belongs to the object at ffff888102b49680 [ 14.682457] which belongs to the cache kmalloc-64 of size 64 [ 14.683175] The buggy address is located 0 bytes to the right of [ 14.683175] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.684407] [ 14.684582] The buggy address belongs to the physical page: [ 14.685129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.685655] flags: 0x200000000000000(node=0|zone=2) [ 14.685927] page_type: f5(slab) [ 14.686442] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.686835] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.687402] page dumped because: kasan: bad access detected [ 14.687990] [ 14.688157] Memory state around the buggy address: [ 14.688606] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.689290] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.689514] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.689969] ^ [ 14.690440] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.691378] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.692125] ================================================================== [ 14.724766] ================================================================== [ 14.725456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.726384] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.727337] [ 14.727539] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.727584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.727607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.727628] Call Trace: [ 14.727644] <TASK> [ 14.727660] dump_stack_lvl+0x73/0xb0 [ 14.727697] print_report+0xd1/0x650 [ 14.727720] ? __virt_addr_valid+0x1db/0x2d0 [ 14.727753] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.727775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.727798] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.727821] kasan_report+0x141/0x180 [ 14.727845] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.727872] __asan_report_store8_noabort+0x1b/0x30 [ 14.727904] kasan_atomics_helper+0x50d4/0x5450 [ 14.727928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.727966] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.727992] ? ret_from_fork_asm+0x1a/0x30 [ 14.728014] ? kasan_atomics+0x152/0x310 [ 14.728041] kasan_atomics+0x1dc/0x310 [ 14.728065] ? __pfx_kasan_atomics+0x10/0x10 [ 14.728090] ? __pfx_read_tsc+0x10/0x10 [ 14.728111] ? ktime_get_ts64+0x86/0x230 [ 14.728136] kunit_try_run_case+0x1a5/0x480 [ 14.728159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.728180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.728206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.728232] ? __kthread_parkme+0x82/0x180 [ 14.728253] ? preempt_count_sub+0x50/0x80 [ 14.728277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.728300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.728352] kthread+0x337/0x6f0 [ 14.728372] ? trace_preempt_on+0x20/0xc0 [ 14.728396] ? __pfx_kthread+0x10/0x10 [ 14.728417] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.728440] ? calculate_sigpending+0x7b/0xa0 [ 14.728466] ? __pfx_kthread+0x10/0x10 [ 14.728488] ret_from_fork+0x116/0x1d0 [ 14.728508] ? __pfx_kthread+0x10/0x10 [ 14.728529] ret_from_fork_asm+0x1a/0x30 [ 14.728561] </TASK> [ 14.728571] [ 14.741564] Allocated by task 282: [ 14.741856] kasan_save_stack+0x45/0x70 [ 14.742321] kasan_save_track+0x18/0x40 [ 14.742721] kasan_save_alloc_info+0x3b/0x50 [ 14.743141] __kasan_kmalloc+0xb7/0xc0 [ 14.743475] __kmalloc_cache_noprof+0x189/0x420 [ 14.743648] kasan_atomics+0x95/0x310 [ 14.744046] kunit_try_run_case+0x1a5/0x480 [ 14.744484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.745097] kthread+0x337/0x6f0 [ 14.745239] ret_from_fork+0x116/0x1d0 [ 14.745610] ret_from_fork_asm+0x1a/0x30 [ 14.745843] [ 14.746042] The buggy address belongs to the object at ffff888102b49680 [ 14.746042] which belongs to the cache kmalloc-64 of size 64 [ 14.746984] The buggy address is located 0 bytes to the right of [ 14.746984] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.747977] [ 14.748163] The buggy address belongs to the physical page: [ 14.748513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.748911] flags: 0x200000000000000(node=0|zone=2) [ 14.749416] page_type: f5(slab) [ 14.749733] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.750357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.751210] page dumped because: kasan: bad access detected [ 14.751390] [ 14.751461] Memory state around the buggy address: [ 14.751617] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.751834] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.752445] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.753198] ^ [ 14.753728] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754405] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755146] ================================================================== [ 14.299380] ================================================================== [ 14.299741] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.300160] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.300604] [ 14.300759] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.300804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.300816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.300839] Call Trace: [ 14.300855] <TASK> [ 14.300869] dump_stack_lvl+0x73/0xb0 [ 14.300907] print_report+0xd1/0x650 [ 14.300930] ? __virt_addr_valid+0x1db/0x2d0 [ 14.300955] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.300976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.300999] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.301022] kasan_report+0x141/0x180 [ 14.301051] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.301078] __asan_report_load4_noabort+0x18/0x20 [ 14.301100] kasan_atomics_helper+0x4a84/0x5450 [ 14.301124] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.301147] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.301172] ? ret_from_fork_asm+0x1a/0x30 [ 14.301194] ? kasan_atomics+0x152/0x310 [ 14.301222] kasan_atomics+0x1dc/0x310 [ 14.301245] ? __pfx_kasan_atomics+0x10/0x10 [ 14.301270] ? __pfx_read_tsc+0x10/0x10 [ 14.301292] ? ktime_get_ts64+0x86/0x230 [ 14.301317] kunit_try_run_case+0x1a5/0x480 [ 14.301339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.301360] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.301386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.301411] ? __kthread_parkme+0x82/0x180 [ 14.301433] ? preempt_count_sub+0x50/0x80 [ 14.301458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.301480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.301505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.301530] kthread+0x337/0x6f0 [ 14.301551] ? trace_preempt_on+0x20/0xc0 [ 14.301576] ? __pfx_kthread+0x10/0x10 [ 14.301597] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.301633] ? calculate_sigpending+0x7b/0xa0 [ 14.301658] ? __pfx_kthread+0x10/0x10 [ 14.301680] ret_from_fork+0x116/0x1d0 [ 14.301698] ? __pfx_kthread+0x10/0x10 [ 14.301720] ret_from_fork_asm+0x1a/0x30 [ 14.301772] </TASK> [ 14.301784] [ 14.310279] Allocated by task 282: [ 14.310412] kasan_save_stack+0x45/0x70 [ 14.310601] kasan_save_track+0x18/0x40 [ 14.310793] kasan_save_alloc_info+0x3b/0x50 [ 14.311020] __kasan_kmalloc+0xb7/0xc0 [ 14.311208] __kmalloc_cache_noprof+0x189/0x420 [ 14.311429] kasan_atomics+0x95/0x310 [ 14.311734] kunit_try_run_case+0x1a5/0x480 [ 14.311882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.312325] kthread+0x337/0x6f0 [ 14.312511] ret_from_fork+0x116/0x1d0 [ 14.312723] ret_from_fork_asm+0x1a/0x30 [ 14.313055] [ 14.313161] The buggy address belongs to the object at ffff888102b49680 [ 14.313161] which belongs to the cache kmalloc-64 of size 64 [ 14.313718] The buggy address is located 0 bytes to the right of [ 14.313718] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.314289] [ 14.314387] The buggy address belongs to the physical page: [ 14.314659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.315044] flags: 0x200000000000000(node=0|zone=2) [ 14.315321] page_type: f5(slab) [ 14.315443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.315700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.315976] page dumped because: kasan: bad access detected [ 14.316270] [ 14.316382] Memory state around the buggy address: [ 14.316776] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.317189] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.317506] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.317904] ^ [ 14.318177] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.318494] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.318837] ================================================================== [ 14.756122] ================================================================== [ 14.756673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.757028] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.757677] [ 14.757764] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.757808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.757822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.757843] Call Trace: [ 14.757857] <TASK> [ 14.757870] dump_stack_lvl+0x73/0xb0 [ 14.757907] print_report+0xd1/0x650 [ 14.757930] ? __virt_addr_valid+0x1db/0x2d0 [ 14.757954] ? kasan_atomics_helper+0x151d/0x5450 [ 14.757976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.758000] ? kasan_atomics_helper+0x151d/0x5450 [ 14.758023] kasan_report+0x141/0x180 [ 14.758046] ? kasan_atomics_helper+0x151d/0x5450 [ 14.758086] kasan_check_range+0x10c/0x1c0 [ 14.758111] __kasan_check_write+0x18/0x20 [ 14.758131] kasan_atomics_helper+0x151d/0x5450 [ 14.758168] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.758192] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.758217] ? ret_from_fork_asm+0x1a/0x30 [ 14.758240] ? kasan_atomics+0x152/0x310 [ 14.758268] kasan_atomics+0x1dc/0x310 [ 14.758293] ? __pfx_kasan_atomics+0x10/0x10 [ 14.758327] ? __pfx_read_tsc+0x10/0x10 [ 14.758349] ? ktime_get_ts64+0x86/0x230 [ 14.758372] kunit_try_run_case+0x1a5/0x480 [ 14.758413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.758434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.758460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.758495] ? __kthread_parkme+0x82/0x180 [ 14.758516] ? preempt_count_sub+0x50/0x80 [ 14.758541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.758563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.758589] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.758615] kthread+0x337/0x6f0 [ 14.758644] ? trace_preempt_on+0x20/0xc0 [ 14.758667] ? __pfx_kthread+0x10/0x10 [ 14.758689] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.758712] ? calculate_sigpending+0x7b/0xa0 [ 14.758736] ? __pfx_kthread+0x10/0x10 [ 14.758759] ret_from_fork+0x116/0x1d0 [ 14.758779] ? __pfx_kthread+0x10/0x10 [ 14.758800] ret_from_fork_asm+0x1a/0x30 [ 14.758831] </TASK> [ 14.758842] [ 14.774211] Allocated by task 282: [ 14.774632] kasan_save_stack+0x45/0x70 [ 14.774887] kasan_save_track+0x18/0x40 [ 14.775219] kasan_save_alloc_info+0x3b/0x50 [ 14.775557] __kasan_kmalloc+0xb7/0xc0 [ 14.775990] __kmalloc_cache_noprof+0x189/0x420 [ 14.776404] kasan_atomics+0x95/0x310 [ 14.776796] kunit_try_run_case+0x1a5/0x480 [ 14.777137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.777321] kthread+0x337/0x6f0 [ 14.777445] ret_from_fork+0x116/0x1d0 [ 14.777579] ret_from_fork_asm+0x1a/0x30 [ 14.777747] [ 14.777927] The buggy address belongs to the object at ffff888102b49680 [ 14.777927] which belongs to the cache kmalloc-64 of size 64 [ 14.779153] The buggy address is located 0 bytes to the right of [ 14.779153] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.780366] [ 14.780539] The buggy address belongs to the physical page: [ 14.781076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.781932] flags: 0x200000000000000(node=0|zone=2) [ 14.782386] page_type: f5(slab) [ 14.782611] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.783058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.783522] page dumped because: kasan: bad access detected [ 14.783694] [ 14.783765] Memory state around the buggy address: [ 14.784783] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.786112] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.787390] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.787627] ^ [ 14.787789] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.789131] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.790371] ================================================================== [ 15.061394] ================================================================== [ 15.062190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.062709] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.063656] [ 15.064063] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.064119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.064134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.064157] Call Trace: [ 15.064175] <TASK> [ 15.064192] dump_stack_lvl+0x73/0xb0 [ 15.064254] print_report+0xd1/0x650 [ 15.064278] ? __virt_addr_valid+0x1db/0x2d0 [ 15.064302] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.064325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.064349] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.064371] kasan_report+0x141/0x180 [ 15.064394] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.064421] kasan_check_range+0x10c/0x1c0 [ 15.064446] __kasan_check_write+0x18/0x20 [ 15.064465] kasan_atomics_helper+0x1c18/0x5450 [ 15.064489] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.064512] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.064537] ? ret_from_fork_asm+0x1a/0x30 [ 15.064560] ? kasan_atomics+0x152/0x310 [ 15.064587] kasan_atomics+0x1dc/0x310 [ 15.064610] ? __pfx_kasan_atomics+0x10/0x10 [ 15.064656] ? __pfx_read_tsc+0x10/0x10 [ 15.064678] ? ktime_get_ts64+0x86/0x230 [ 15.064704] kunit_try_run_case+0x1a5/0x480 [ 15.064726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.064747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.064773] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.064799] ? __kthread_parkme+0x82/0x180 [ 15.064820] ? preempt_count_sub+0x50/0x80 [ 15.064844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.064866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.064899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.064925] kthread+0x337/0x6f0 [ 15.064963] ? trace_preempt_on+0x20/0xc0 [ 15.064987] ? __pfx_kthread+0x10/0x10 [ 15.065008] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.065030] ? calculate_sigpending+0x7b/0xa0 [ 15.065061] ? __pfx_kthread+0x10/0x10 [ 15.065083] ret_from_fork+0x116/0x1d0 [ 15.065102] ? __pfx_kthread+0x10/0x10 [ 15.065123] ret_from_fork_asm+0x1a/0x30 [ 15.065153] </TASK> [ 15.065164] [ 15.079370] Allocated by task 282: [ 15.079775] kasan_save_stack+0x45/0x70 [ 15.080182] kasan_save_track+0x18/0x40 [ 15.080579] kasan_save_alloc_info+0x3b/0x50 [ 15.081055] __kasan_kmalloc+0xb7/0xc0 [ 15.081473] __kmalloc_cache_noprof+0x189/0x420 [ 15.081785] kasan_atomics+0x95/0x310 [ 15.081959] kunit_try_run_case+0x1a5/0x480 [ 15.082123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.082592] kthread+0x337/0x6f0 [ 15.082915] ret_from_fork+0x116/0x1d0 [ 15.083141] ret_from_fork_asm+0x1a/0x30 [ 15.083491] [ 15.083610] The buggy address belongs to the object at ffff888102b49680 [ 15.083610] which belongs to the cache kmalloc-64 of size 64 [ 15.083992] The buggy address is located 0 bytes to the right of [ 15.083992] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.085286] [ 15.085476] The buggy address belongs to the physical page: [ 15.086039] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.086765] flags: 0x200000000000000(node=0|zone=2) [ 15.087269] page_type: f5(slab) [ 15.087466] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.087836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.088575] page dumped because: kasan: bad access detected [ 15.089158] [ 15.089328] Memory state around the buggy address: [ 15.089635] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.089921] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.090137] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.090610] ^ [ 15.090789] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091584] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092265] ================================================================== [ 15.339023] ================================================================== [ 15.339355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 15.339682] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.340100] [ 15.340206] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.340245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.340257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.340277] Call Trace: [ 15.340290] <TASK> [ 15.340303] dump_stack_lvl+0x73/0xb0 [ 15.340326] print_report+0xd1/0x650 [ 15.340348] ? __virt_addr_valid+0x1db/0x2d0 [ 15.340370] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.340391] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.340414] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.340435] kasan_report+0x141/0x180 [ 15.340458] ? kasan_atomics_helper+0x4fa5/0x5450 [ 15.340484] __asan_report_load8_noabort+0x18/0x20 [ 15.340505] kasan_atomics_helper+0x4fa5/0x5450 [ 15.340528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.340550] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.340574] ? ret_from_fork_asm+0x1a/0x30 [ 15.340596] ? kasan_atomics+0x152/0x310 [ 15.340623] kasan_atomics+0x1dc/0x310 [ 15.340646] ? __pfx_kasan_atomics+0x10/0x10 [ 15.340670] ? __pfx_read_tsc+0x10/0x10 [ 15.340690] ? ktime_get_ts64+0x86/0x230 [ 15.340714] kunit_try_run_case+0x1a5/0x480 [ 15.340735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.340755] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.340780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.340804] ? __kthread_parkme+0x82/0x180 [ 15.340824] ? preempt_count_sub+0x50/0x80 [ 15.340848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.340869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.340904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.340929] kthread+0x337/0x6f0 [ 15.340948] ? trace_preempt_on+0x20/0xc0 [ 15.340971] ? __pfx_kthread+0x10/0x10 [ 15.340991] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.341015] ? calculate_sigpending+0x7b/0xa0 [ 15.341038] ? __pfx_kthread+0x10/0x10 [ 15.341065] ret_from_fork+0x116/0x1d0 [ 15.341084] ? __pfx_kthread+0x10/0x10 [ 15.341105] ret_from_fork_asm+0x1a/0x30 [ 15.341135] </TASK> [ 15.341145] [ 15.348957] Allocated by task 282: [ 15.349143] kasan_save_stack+0x45/0x70 [ 15.349316] kasan_save_track+0x18/0x40 [ 15.349505] kasan_save_alloc_info+0x3b/0x50 [ 15.349743] __kasan_kmalloc+0xb7/0xc0 [ 15.349917] __kmalloc_cache_noprof+0x189/0x420 [ 15.350117] kasan_atomics+0x95/0x310 [ 15.350250] kunit_try_run_case+0x1a5/0x480 [ 15.350394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.350569] kthread+0x337/0x6f0 [ 15.350690] ret_from_fork+0x116/0x1d0 [ 15.350821] ret_from_fork_asm+0x1a/0x30 [ 15.351038] [ 15.351134] The buggy address belongs to the object at ffff888102b49680 [ 15.351134] which belongs to the cache kmalloc-64 of size 64 [ 15.351668] The buggy address is located 0 bytes to the right of [ 15.351668] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.352535] [ 15.352628] The buggy address belongs to the physical page: [ 15.352882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.353302] flags: 0x200000000000000(node=0|zone=2) [ 15.353468] page_type: f5(slab) [ 15.353587] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.354121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.354469] page dumped because: kasan: bad access detected [ 15.354687] [ 15.356268] Memory state around the buggy address: [ 15.356563] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.357695] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.358304] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.359268] ^ [ 15.359949] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.360561] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361498] ================================================================== [ 15.215742] ================================================================== [ 15.216100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 15.216534] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.217113] [ 15.217324] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.217373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.217394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.217417] Call Trace: [ 15.217432] <TASK> [ 15.217448] dump_stack_lvl+0x73/0xb0 [ 15.217476] print_report+0xd1/0x650 [ 15.217500] ? __virt_addr_valid+0x1db/0x2d0 [ 15.217524] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.217548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.217572] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.217596] kasan_report+0x141/0x180 [ 15.217744] ? kasan_atomics_helper+0x4f71/0x5450 [ 15.217778] __asan_report_load8_noabort+0x18/0x20 [ 15.217801] kasan_atomics_helper+0x4f71/0x5450 [ 15.217825] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.217851] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.217919] ? ret_from_fork_asm+0x1a/0x30 [ 15.217943] ? kasan_atomics+0x152/0x310 [ 15.217969] kasan_atomics+0x1dc/0x310 [ 15.217993] ? __pfx_kasan_atomics+0x10/0x10 [ 15.218018] ? __pfx_read_tsc+0x10/0x10 [ 15.218040] ? ktime_get_ts64+0x86/0x230 [ 15.218066] kunit_try_run_case+0x1a5/0x480 [ 15.218088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.218109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.218136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.218162] ? __kthread_parkme+0x82/0x180 [ 15.218184] ? preempt_count_sub+0x50/0x80 [ 15.218208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.218229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.218254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.218281] kthread+0x337/0x6f0 [ 15.218301] ? trace_preempt_on+0x20/0xc0 [ 15.218324] ? __pfx_kthread+0x10/0x10 [ 15.218345] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.218369] ? calculate_sigpending+0x7b/0xa0 [ 15.218393] ? __pfx_kthread+0x10/0x10 [ 15.218415] ret_from_fork+0x116/0x1d0 [ 15.218435] ? __pfx_kthread+0x10/0x10 [ 15.218455] ret_from_fork_asm+0x1a/0x30 [ 15.218485] </TASK> [ 15.218497] [ 15.229263] Allocated by task 282: [ 15.229438] kasan_save_stack+0x45/0x70 [ 15.230004] kasan_save_track+0x18/0x40 [ 15.230246] kasan_save_alloc_info+0x3b/0x50 [ 15.230577] __kasan_kmalloc+0xb7/0xc0 [ 15.230945] __kmalloc_cache_noprof+0x189/0x420 [ 15.231258] kasan_atomics+0x95/0x310 [ 15.231617] kunit_try_run_case+0x1a5/0x480 [ 15.231968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.232333] kthread+0x337/0x6f0 [ 15.232500] ret_from_fork+0x116/0x1d0 [ 15.232919] ret_from_fork_asm+0x1a/0x30 [ 15.233197] [ 15.233418] The buggy address belongs to the object at ffff888102b49680 [ 15.233418] which belongs to the cache kmalloc-64 of size 64 [ 15.234338] The buggy address is located 0 bytes to the right of [ 15.234338] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.235098] [ 15.235208] The buggy address belongs to the physical page: [ 15.235429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.236064] flags: 0x200000000000000(node=0|zone=2) [ 15.236369] page_type: f5(slab) [ 15.236652] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.237134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.237442] page dumped because: kasan: bad access detected [ 15.237859] [ 15.238102] Memory state around the buggy address: [ 15.238400] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.238877] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.239356] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.240033] ^ [ 15.240314] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240610] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.241276] ================================================================== [ 13.888487] ================================================================== [ 13.888873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.889446] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.889781] [ 13.889887] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.889996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.890009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.890029] Call Trace: [ 13.890042] <TASK> [ 13.890055] dump_stack_lvl+0x73/0xb0 [ 13.890080] print_report+0xd1/0x650 [ 13.890103] ? __virt_addr_valid+0x1db/0x2d0 [ 13.890234] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.890257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.890299] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.890322] kasan_report+0x141/0x180 [ 13.890374] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.890403] __asan_report_store4_noabort+0x1b/0x30 [ 13.890424] kasan_atomics_helper+0x4b6e/0x5450 [ 13.890463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.890487] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.890512] ? ret_from_fork_asm+0x1a/0x30 [ 13.890535] ? kasan_atomics+0x152/0x310 [ 13.890562] kasan_atomics+0x1dc/0x310 [ 13.890585] ? __pfx_kasan_atomics+0x10/0x10 [ 13.890630] ? __pfx_read_tsc+0x10/0x10 [ 13.890652] ? ktime_get_ts64+0x86/0x230 [ 13.890677] kunit_try_run_case+0x1a5/0x480 [ 13.890699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.890765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890790] ? __kthread_parkme+0x82/0x180 [ 13.890810] ? preempt_count_sub+0x50/0x80 [ 13.890834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.891025] kthread+0x337/0x6f0 [ 13.891050] ? trace_preempt_on+0x20/0xc0 [ 13.891074] ? __pfx_kthread+0x10/0x10 [ 13.891109] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.891146] ? calculate_sigpending+0x7b/0xa0 [ 13.891172] ? __pfx_kthread+0x10/0x10 [ 13.891194] ret_from_fork+0x116/0x1d0 [ 13.891212] ? __pfx_kthread+0x10/0x10 [ 13.891234] ret_from_fork_asm+0x1a/0x30 [ 13.891265] </TASK> [ 13.891276] [ 13.899298] Allocated by task 282: [ 13.899429] kasan_save_stack+0x45/0x70 [ 13.899712] kasan_save_track+0x18/0x40 [ 13.899955] kasan_save_alloc_info+0x3b/0x50 [ 13.900162] __kasan_kmalloc+0xb7/0xc0 [ 13.900356] __kmalloc_cache_noprof+0x189/0x420 [ 13.900509] kasan_atomics+0x95/0x310 [ 13.900700] kunit_try_run_case+0x1a5/0x480 [ 13.901236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.901480] kthread+0x337/0x6f0 [ 13.901681] ret_from_fork+0x116/0x1d0 [ 13.901911] ret_from_fork_asm+0x1a/0x30 [ 13.902166] [ 13.902264] The buggy address belongs to the object at ffff888102b49680 [ 13.902264] which belongs to the cache kmalloc-64 of size 64 [ 13.902681] The buggy address is located 0 bytes to the right of [ 13.902681] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.903359] [ 13.903478] The buggy address belongs to the physical page: [ 13.903673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.904178] flags: 0x200000000000000(node=0|zone=2) [ 13.904369] page_type: f5(slab) [ 13.904555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.904988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.905345] page dumped because: kasan: bad access detected [ 13.905605] [ 13.905715] Memory state around the buggy address: [ 13.906111] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.906437] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.906734] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.907167] ^ [ 13.907387] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.907741] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.908126] ================================================================== [ 14.021634] ================================================================== [ 14.022330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.023180] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.023902] [ 14.024153] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.024198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.024210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.024232] Call Trace: [ 14.024246] <TASK> [ 14.024260] dump_stack_lvl+0x73/0xb0 [ 14.024288] print_report+0xd1/0x650 [ 14.024310] ? __virt_addr_valid+0x1db/0x2d0 [ 14.024334] ? kasan_atomics_helper+0x565/0x5450 [ 14.024356] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.024379] ? kasan_atomics_helper+0x565/0x5450 [ 14.024402] kasan_report+0x141/0x180 [ 14.024425] ? kasan_atomics_helper+0x565/0x5450 [ 14.024452] kasan_check_range+0x10c/0x1c0 [ 14.024476] __kasan_check_write+0x18/0x20 [ 14.024497] kasan_atomics_helper+0x565/0x5450 [ 14.024520] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.024543] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.024569] ? ret_from_fork_asm+0x1a/0x30 [ 14.024592] ? kasan_atomics+0x152/0x310 [ 14.024619] kasan_atomics+0x1dc/0x310 [ 14.024652] ? __pfx_kasan_atomics+0x10/0x10 [ 14.024676] ? __pfx_read_tsc+0x10/0x10 [ 14.024698] ? ktime_get_ts64+0x86/0x230 [ 14.024724] kunit_try_run_case+0x1a5/0x480 [ 14.024746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.024767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.024793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.024818] ? __kthread_parkme+0x82/0x180 [ 14.024839] ? preempt_count_sub+0x50/0x80 [ 14.024864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.024886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.024925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.024961] kthread+0x337/0x6f0 [ 14.024981] ? trace_preempt_on+0x20/0xc0 [ 14.025004] ? __pfx_kthread+0x10/0x10 [ 14.025025] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.025054] ? calculate_sigpending+0x7b/0xa0 [ 14.025079] ? __pfx_kthread+0x10/0x10 [ 14.025100] ret_from_fork+0x116/0x1d0 [ 14.025120] ? __pfx_kthread+0x10/0x10 [ 14.025142] ret_from_fork_asm+0x1a/0x30 [ 14.025173] </TASK> [ 14.025184] [ 14.038972] Allocated by task 282: [ 14.039181] kasan_save_stack+0x45/0x70 [ 14.039390] kasan_save_track+0x18/0x40 [ 14.039580] kasan_save_alloc_info+0x3b/0x50 [ 14.039755] __kasan_kmalloc+0xb7/0xc0 [ 14.039919] __kmalloc_cache_noprof+0x189/0x420 [ 14.040194] kasan_atomics+0x95/0x310 [ 14.040392] kunit_try_run_case+0x1a5/0x480 [ 14.040548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.040752] kthread+0x337/0x6f0 [ 14.041049] ret_from_fork+0x116/0x1d0 [ 14.041276] ret_from_fork_asm+0x1a/0x30 [ 14.041460] [ 14.041559] The buggy address belongs to the object at ffff888102b49680 [ 14.041559] which belongs to the cache kmalloc-64 of size 64 [ 14.041993] The buggy address is located 0 bytes to the right of [ 14.041993] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.042817] [ 14.042925] The buggy address belongs to the physical page: [ 14.043193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.043549] flags: 0x200000000000000(node=0|zone=2) [ 14.043885] page_type: f5(slab) [ 14.044051] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.044286] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.044764] page dumped because: kasan: bad access detected [ 14.044963] [ 14.045063] Memory state around the buggy address: [ 14.045290] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.045531] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.045924] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.046276] ^ [ 14.046436] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.046926] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.047207] ================================================================== [ 14.511122] ================================================================== [ 14.511587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.511921] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.512330] [ 14.512417] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.512461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.512474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.512495] Call Trace: [ 14.512509] <TASK> [ 14.512523] dump_stack_lvl+0x73/0xb0 [ 14.512548] print_report+0xd1/0x650 [ 14.512571] ? __virt_addr_valid+0x1db/0x2d0 [ 14.512594] ? kasan_atomics_helper+0x1217/0x5450 [ 14.512639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.512663] ? kasan_atomics_helper+0x1217/0x5450 [ 14.512686] kasan_report+0x141/0x180 [ 14.512709] ? kasan_atomics_helper+0x1217/0x5450 [ 14.512738] kasan_check_range+0x10c/0x1c0 [ 14.512762] __kasan_check_write+0x18/0x20 [ 14.512783] kasan_atomics_helper+0x1217/0x5450 [ 14.512806] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.512830] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.512855] ? ret_from_fork_asm+0x1a/0x30 [ 14.512878] ? kasan_atomics+0x152/0x310 [ 14.512914] kasan_atomics+0x1dc/0x310 [ 14.512938] ? __pfx_kasan_atomics+0x10/0x10 [ 14.512963] ? __pfx_read_tsc+0x10/0x10 [ 14.512986] ? ktime_get_ts64+0x86/0x230 [ 14.513010] kunit_try_run_case+0x1a5/0x480 [ 14.513032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.513082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.513108] ? __kthread_parkme+0x82/0x180 [ 14.513128] ? preempt_count_sub+0x50/0x80 [ 14.513153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.513200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.513226] kthread+0x337/0x6f0 [ 14.513246] ? trace_preempt_on+0x20/0xc0 [ 14.513270] ? __pfx_kthread+0x10/0x10 [ 14.513291] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.513315] ? calculate_sigpending+0x7b/0xa0 [ 14.513339] ? __pfx_kthread+0x10/0x10 [ 14.513361] ret_from_fork+0x116/0x1d0 [ 14.513381] ? __pfx_kthread+0x10/0x10 [ 14.513403] ret_from_fork_asm+0x1a/0x30 [ 14.513432] </TASK> [ 14.513444] [ 14.524817] Allocated by task 282: [ 14.526942] kasan_save_stack+0x45/0x70 [ 14.527181] kasan_save_track+0x18/0x40 [ 14.527753] kasan_save_alloc_info+0x3b/0x50 [ 14.527955] __kasan_kmalloc+0xb7/0xc0 [ 14.528089] __kmalloc_cache_noprof+0x189/0x420 [ 14.528242] kasan_atomics+0x95/0x310 [ 14.528372] kunit_try_run_case+0x1a5/0x480 [ 14.528578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.528774] kthread+0x337/0x6f0 [ 14.530292] ret_from_fork+0x116/0x1d0 [ 14.530500] ret_from_fork_asm+0x1a/0x30 [ 14.531112] [ 14.531220] The buggy address belongs to the object at ffff888102b49680 [ 14.531220] which belongs to the cache kmalloc-64 of size 64 [ 14.531744] The buggy address is located 0 bytes to the right of [ 14.531744] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.532281] [ 14.532383] The buggy address belongs to the physical page: [ 14.532588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.533651] flags: 0x200000000000000(node=0|zone=2) [ 14.533863] page_type: f5(slab) [ 14.534073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.534673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.535189] page dumped because: kasan: bad access detected [ 14.535830] [ 14.536095] Memory state around the buggy address: [ 14.536597] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537368] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.537890] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.538653] ^ [ 14.539096] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.539481] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.539917] ================================================================== [ 14.904586] ================================================================== [ 14.904847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.905539] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.906040] [ 14.906154] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.906198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.906211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.906232] Call Trace: [ 14.906268] <TASK> [ 14.906282] dump_stack_lvl+0x73/0xb0 [ 14.906306] print_report+0xd1/0x650 [ 14.906329] ? __virt_addr_valid+0x1db/0x2d0 [ 14.906354] ? kasan_atomics_helper+0x1818/0x5450 [ 14.906376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.906400] ? kasan_atomics_helper+0x1818/0x5450 [ 14.906440] kasan_report+0x141/0x180 [ 14.906464] ? kasan_atomics_helper+0x1818/0x5450 [ 14.906492] kasan_check_range+0x10c/0x1c0 [ 14.906517] __kasan_check_write+0x18/0x20 [ 14.906538] kasan_atomics_helper+0x1818/0x5450 [ 14.906562] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.906586] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.906624] ? ret_from_fork_asm+0x1a/0x30 [ 14.906647] ? kasan_atomics+0x152/0x310 [ 14.906674] kasan_atomics+0x1dc/0x310 [ 14.906697] ? __pfx_kasan_atomics+0x10/0x10 [ 14.906723] ? __pfx_read_tsc+0x10/0x10 [ 14.906745] ? ktime_get_ts64+0x86/0x230 [ 14.906770] kunit_try_run_case+0x1a5/0x480 [ 14.906792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.906838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.906863] ? __kthread_parkme+0x82/0x180 [ 14.906883] ? preempt_count_sub+0x50/0x80 [ 14.906916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.907007] kthread+0x337/0x6f0 [ 14.907027] ? trace_preempt_on+0x20/0xc0 [ 14.907050] ? __pfx_kthread+0x10/0x10 [ 14.907071] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.907094] ? calculate_sigpending+0x7b/0xa0 [ 14.907118] ? __pfx_kthread+0x10/0x10 [ 14.907140] ret_from_fork+0x116/0x1d0 [ 14.907160] ? __pfx_kthread+0x10/0x10 [ 14.907181] ret_from_fork_asm+0x1a/0x30 [ 14.907211] </TASK> [ 14.907222] [ 14.915642] Allocated by task 282: [ 14.915887] kasan_save_stack+0x45/0x70 [ 14.916195] kasan_save_track+0x18/0x40 [ 14.916375] kasan_save_alloc_info+0x3b/0x50 [ 14.916593] __kasan_kmalloc+0xb7/0xc0 [ 14.916767] __kmalloc_cache_noprof+0x189/0x420 [ 14.917091] kasan_atomics+0x95/0x310 [ 14.917258] kunit_try_run_case+0x1a5/0x480 [ 14.917467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.917668] kthread+0x337/0x6f0 [ 14.917791] ret_from_fork+0x116/0x1d0 [ 14.917972] ret_from_fork_asm+0x1a/0x30 [ 14.918173] [ 14.918270] The buggy address belongs to the object at ffff888102b49680 [ 14.918270] which belongs to the cache kmalloc-64 of size 64 [ 14.918813] The buggy address is located 0 bytes to the right of [ 14.918813] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.919230] [ 14.919309] The buggy address belongs to the physical page: [ 14.919719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.920097] flags: 0x200000000000000(node=0|zone=2) [ 14.920313] page_type: f5(slab) [ 14.920462] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.920803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.921219] page dumped because: kasan: bad access detected [ 14.921459] [ 14.921548] Memory state around the buggy address: [ 14.921761] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.922078] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.922412] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.922728] ^ [ 14.922939] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.923294] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.923656] ================================================================== [ 14.946663] ================================================================== [ 14.947368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.948066] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.948780] [ 14.949014] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.949061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.949073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.949094] Call Trace: [ 14.949110] <TASK> [ 14.949124] dump_stack_lvl+0x73/0xb0 [ 14.949149] print_report+0xd1/0x650 [ 14.949173] ? __virt_addr_valid+0x1db/0x2d0 [ 14.949197] ? kasan_atomics_helper+0x194a/0x5450 [ 14.949220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.949244] ? kasan_atomics_helper+0x194a/0x5450 [ 14.949268] kasan_report+0x141/0x180 [ 14.949291] ? kasan_atomics_helper+0x194a/0x5450 [ 14.949318] kasan_check_range+0x10c/0x1c0 [ 14.949343] __kasan_check_write+0x18/0x20 [ 14.949364] kasan_atomics_helper+0x194a/0x5450 [ 14.949388] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.949411] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.949437] ? ret_from_fork_asm+0x1a/0x30 [ 14.949459] ? kasan_atomics+0x152/0x310 [ 14.949487] kasan_atomics+0x1dc/0x310 [ 14.949510] ? __pfx_kasan_atomics+0x10/0x10 [ 14.949535] ? __pfx_read_tsc+0x10/0x10 [ 14.949557] ? ktime_get_ts64+0x86/0x230 [ 14.949582] kunit_try_run_case+0x1a5/0x480 [ 14.949605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.949634] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.949660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.949686] ? __kthread_parkme+0x82/0x180 [ 14.949707] ? preempt_count_sub+0x50/0x80 [ 14.949731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.949753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.949777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.949803] kthread+0x337/0x6f0 [ 14.949824] ? trace_preempt_on+0x20/0xc0 [ 14.949846] ? __pfx_kthread+0x10/0x10 [ 14.949868] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.949899] ? calculate_sigpending+0x7b/0xa0 [ 14.949934] ? __pfx_kthread+0x10/0x10 [ 14.949965] ret_from_fork+0x116/0x1d0 [ 14.949985] ? __pfx_kthread+0x10/0x10 [ 14.950005] ret_from_fork_asm+0x1a/0x30 [ 14.950036] </TASK> [ 14.950048] [ 14.964533] Allocated by task 282: [ 14.964689] kasan_save_stack+0x45/0x70 [ 14.964835] kasan_save_track+0x18/0x40 [ 14.964984] kasan_save_alloc_info+0x3b/0x50 [ 14.965147] __kasan_kmalloc+0xb7/0xc0 [ 14.965309] __kmalloc_cache_noprof+0x189/0x420 [ 14.965573] kasan_atomics+0x95/0x310 [ 14.965976] kunit_try_run_case+0x1a5/0x480 [ 14.966356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.966959] kthread+0x337/0x6f0 [ 14.967294] ret_from_fork+0x116/0x1d0 [ 14.967692] ret_from_fork_asm+0x1a/0x30 [ 14.967972] [ 14.968147] The buggy address belongs to the object at ffff888102b49680 [ 14.968147] which belongs to the cache kmalloc-64 of size 64 [ 14.969204] The buggy address is located 0 bytes to the right of [ 14.969204] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.970299] [ 14.970474] The buggy address belongs to the physical page: [ 14.970765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.971114] flags: 0x200000000000000(node=0|zone=2) [ 14.971542] page_type: f5(slab) [ 14.971867] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.972448] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.972700] page dumped because: kasan: bad access detected [ 14.973217] [ 14.973403] Memory state around the buggy address: [ 14.973875] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.974523] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.975243] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.975927] ^ [ 14.976330] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.976712] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.976935] ================================================================== [ 15.264413] ================================================================== [ 15.265079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 15.265841] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.266264] [ 15.266352] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.266396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.266408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.266429] Call Trace: [ 15.266444] <TASK> [ 15.266458] dump_stack_lvl+0x73/0xb0 [ 15.266482] print_report+0xd1/0x650 [ 15.266504] ? __virt_addr_valid+0x1db/0x2d0 [ 15.266528] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.266551] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.266574] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.266598] kasan_report+0x141/0x180 [ 15.266621] ? kasan_atomics_helper+0x4f98/0x5450 [ 15.266660] __asan_report_load8_noabort+0x18/0x20 [ 15.266682] kasan_atomics_helper+0x4f98/0x5450 [ 15.266706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.266729] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.266754] ? ret_from_fork_asm+0x1a/0x30 [ 15.266776] ? kasan_atomics+0x152/0x310 [ 15.266803] kasan_atomics+0x1dc/0x310 [ 15.266826] ? __pfx_kasan_atomics+0x10/0x10 [ 15.266852] ? __pfx_read_tsc+0x10/0x10 [ 15.266874] ? ktime_get_ts64+0x86/0x230 [ 15.266909] kunit_try_run_case+0x1a5/0x480 [ 15.266931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.266951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.266976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.267002] ? __kthread_parkme+0x82/0x180 [ 15.267023] ? preempt_count_sub+0x50/0x80 [ 15.267047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.267071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.267096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.267122] kthread+0x337/0x6f0 [ 15.267144] ? trace_preempt_on+0x20/0xc0 [ 15.267167] ? __pfx_kthread+0x10/0x10 [ 15.267188] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.267212] ? calculate_sigpending+0x7b/0xa0 [ 15.267236] ? __pfx_kthread+0x10/0x10 [ 15.267258] ret_from_fork+0x116/0x1d0 [ 15.267277] ? __pfx_kthread+0x10/0x10 [ 15.267299] ret_from_fork_asm+0x1a/0x30 [ 15.267329] </TASK> [ 15.267340] [ 15.276234] Allocated by task 282: [ 15.276372] kasan_save_stack+0x45/0x70 [ 15.276573] kasan_save_track+0x18/0x40 [ 15.276759] kasan_save_alloc_info+0x3b/0x50 [ 15.276980] __kasan_kmalloc+0xb7/0xc0 [ 15.277252] __kmalloc_cache_noprof+0x189/0x420 [ 15.277442] kasan_atomics+0x95/0x310 [ 15.277609] kunit_try_run_case+0x1a5/0x480 [ 15.277801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.278044] kthread+0x337/0x6f0 [ 15.278211] ret_from_fork+0x116/0x1d0 [ 15.278345] ret_from_fork_asm+0x1a/0x30 [ 15.278485] [ 15.278556] The buggy address belongs to the object at ffff888102b49680 [ 15.278556] which belongs to the cache kmalloc-64 of size 64 [ 15.279108] The buggy address is located 0 bytes to the right of [ 15.279108] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.279781] [ 15.279873] The buggy address belongs to the physical page: [ 15.280099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.280416] flags: 0x200000000000000(node=0|zone=2) [ 15.280644] page_type: f5(slab) [ 15.280794] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.281063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.281292] page dumped because: kasan: bad access detected [ 15.281541] [ 15.281641] Memory state around the buggy address: [ 15.281867] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.282208] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.282486] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.282886] ^ [ 15.283103] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283375] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283689] ================================================================== [ 15.363602] ================================================================== [ 15.363977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 15.364937] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.365284] [ 15.365372] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.365416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.365429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.365449] Call Trace: [ 15.365465] <TASK> [ 15.365481] dump_stack_lvl+0x73/0xb0 [ 15.365507] print_report+0xd1/0x650 [ 15.365531] ? __virt_addr_valid+0x1db/0x2d0 [ 15.365555] ? kasan_atomics_helper+0x224c/0x5450 [ 15.365578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.365602] ? kasan_atomics_helper+0x224c/0x5450 [ 15.365624] kasan_report+0x141/0x180 [ 15.365648] ? kasan_atomics_helper+0x224c/0x5450 [ 15.365675] kasan_check_range+0x10c/0x1c0 [ 15.365699] __kasan_check_write+0x18/0x20 [ 15.365719] kasan_atomics_helper+0x224c/0x5450 [ 15.365742] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.365765] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.365929] ? ret_from_fork_asm+0x1a/0x30 [ 15.365953] ? kasan_atomics+0x152/0x310 [ 15.365981] kasan_atomics+0x1dc/0x310 [ 15.366004] ? __pfx_kasan_atomics+0x10/0x10 [ 15.366030] ? __pfx_read_tsc+0x10/0x10 [ 15.366052] ? ktime_get_ts64+0x86/0x230 [ 15.366077] kunit_try_run_case+0x1a5/0x480 [ 15.366099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.366120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.366146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.366171] ? __kthread_parkme+0x82/0x180 [ 15.366193] ? preempt_count_sub+0x50/0x80 [ 15.366217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.366238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.366264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.366290] kthread+0x337/0x6f0 [ 15.366309] ? trace_preempt_on+0x20/0xc0 [ 15.366332] ? __pfx_kthread+0x10/0x10 [ 15.366353] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.366377] ? calculate_sigpending+0x7b/0xa0 [ 15.366401] ? __pfx_kthread+0x10/0x10 [ 15.366423] ret_from_fork+0x116/0x1d0 [ 15.366443] ? __pfx_kthread+0x10/0x10 [ 15.366464] ret_from_fork_asm+0x1a/0x30 [ 15.366494] </TASK> [ 15.366505] [ 15.377014] Allocated by task 282: [ 15.377388] kasan_save_stack+0x45/0x70 [ 15.377704] kasan_save_track+0x18/0x40 [ 15.377850] kasan_save_alloc_info+0x3b/0x50 [ 15.378186] __kasan_kmalloc+0xb7/0xc0 [ 15.378498] __kmalloc_cache_noprof+0x189/0x420 [ 15.378702] kasan_atomics+0x95/0x310 [ 15.379003] kunit_try_run_case+0x1a5/0x480 [ 15.379195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.379439] kthread+0x337/0x6f0 [ 15.379600] ret_from_fork+0x116/0x1d0 [ 15.380041] ret_from_fork_asm+0x1a/0x30 [ 15.380221] [ 15.380293] The buggy address belongs to the object at ffff888102b49680 [ 15.380293] which belongs to the cache kmalloc-64 of size 64 [ 15.380954] The buggy address is located 0 bytes to the right of [ 15.380954] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.381591] [ 15.381855] The buggy address belongs to the physical page: [ 15.382077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.382525] flags: 0x200000000000000(node=0|zone=2) [ 15.382871] page_type: f5(slab) [ 15.383021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.383335] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.383878] page dumped because: kasan: bad access detected [ 15.384140] [ 15.384217] Memory state around the buggy address: [ 15.384544] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.385022] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.385396] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.385790] ^ [ 15.385979] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.386287] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.386595] ================================================================== [ 15.303534] ================================================================== [ 15.303789] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 15.304039] Read of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.304329] [ 15.304415] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.304458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.304470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.304490] Call Trace: [ 15.304505] <TASK> [ 15.304518] dump_stack_lvl+0x73/0xb0 [ 15.304543] print_report+0xd1/0x650 [ 15.304566] ? __virt_addr_valid+0x1db/0x2d0 [ 15.304589] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.304611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.304635] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.304658] kasan_report+0x141/0x180 [ 15.304680] ? kasan_atomics_helper+0x4fb2/0x5450 [ 15.304709] __asan_report_load8_noabort+0x18/0x20 [ 15.304730] kasan_atomics_helper+0x4fb2/0x5450 [ 15.304753] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.304776] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.304800] ? ret_from_fork_asm+0x1a/0x30 [ 15.304823] ? kasan_atomics+0x152/0x310 [ 15.304850] kasan_atomics+0x1dc/0x310 [ 15.304874] ? __pfx_kasan_atomics+0x10/0x10 [ 15.304928] ? __pfx_read_tsc+0x10/0x10 [ 15.304951] ? ktime_get_ts64+0x86/0x230 [ 15.304975] kunit_try_run_case+0x1a5/0x480 [ 15.304998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.305018] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.306979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.307010] ? __kthread_parkme+0x82/0x180 [ 15.307034] ? preempt_count_sub+0x50/0x80 [ 15.307061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.307086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.307112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.307138] kthread+0x337/0x6f0 [ 15.307159] ? trace_preempt_on+0x20/0xc0 [ 15.307183] ? __pfx_kthread+0x10/0x10 [ 15.307204] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.307228] ? calculate_sigpending+0x7b/0xa0 [ 15.307253] ? __pfx_kthread+0x10/0x10 [ 15.307276] ret_from_fork+0x116/0x1d0 [ 15.307295] ? __pfx_kthread+0x10/0x10 [ 15.307316] ret_from_fork_asm+0x1a/0x30 [ 15.307346] </TASK> [ 15.307358] [ 15.314142] Allocated by task 282: [ 15.314324] kasan_save_stack+0x45/0x70 [ 15.314518] kasan_save_track+0x18/0x40 [ 15.314712] kasan_save_alloc_info+0x3b/0x50 [ 15.314935] __kasan_kmalloc+0xb7/0xc0 [ 15.315097] __kmalloc_cache_noprof+0x189/0x420 [ 15.315272] kasan_atomics+0x95/0x310 [ 15.315465] kunit_try_run_case+0x1a5/0x480 [ 15.315677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.315855] kthread+0x337/0x6f0 [ 15.316024] ret_from_fork+0x116/0x1d0 [ 15.316216] ret_from_fork_asm+0x1a/0x30 [ 15.316390] [ 15.316462] The buggy address belongs to the object at ffff888102b49680 [ 15.316462] which belongs to the cache kmalloc-64 of size 64 [ 15.317029] The buggy address is located 0 bytes to the right of [ 15.317029] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.317521] [ 15.317619] The buggy address belongs to the physical page: [ 15.317844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.318163] flags: 0x200000000000000(node=0|zone=2) [ 15.318371] page_type: f5(slab) [ 15.318511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.318853] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.319168] page dumped because: kasan: bad access detected [ 15.319390] [ 15.319480] Memory state around the buggy address: [ 15.319668] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.320046] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.320331] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.320603] ^ [ 15.320810] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321118] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321463] ================================================================== [ 13.908533] ================================================================== [ 13.908919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.909314] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.909648] [ 13.909776] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.909818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.909831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.909872] Call Trace: [ 13.909885] <TASK> [ 13.909907] dump_stack_lvl+0x73/0xb0 [ 13.909998] print_report+0xd1/0x650 [ 13.910046] ? __virt_addr_valid+0x1db/0x2d0 [ 13.910071] ? kasan_atomics_helper+0x3df/0x5450 [ 13.910094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.910118] ? kasan_atomics_helper+0x3df/0x5450 [ 13.910141] kasan_report+0x141/0x180 [ 13.910164] ? kasan_atomics_helper+0x3df/0x5450 [ 13.910208] kasan_check_range+0x10c/0x1c0 [ 13.910233] __kasan_check_read+0x15/0x20 [ 13.910254] kasan_atomics_helper+0x3df/0x5450 [ 13.910277] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.910301] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.910324] ? ret_from_fork_asm+0x1a/0x30 [ 13.910363] ? kasan_atomics+0x152/0x310 [ 13.910392] kasan_atomics+0x1dc/0x310 [ 13.910415] ? __pfx_kasan_atomics+0x10/0x10 [ 13.910441] ? __pfx_read_tsc+0x10/0x10 [ 13.910463] ? ktime_get_ts64+0x86/0x230 [ 13.910488] kunit_try_run_case+0x1a5/0x480 [ 13.910510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.910531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.910557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.910583] ? __kthread_parkme+0x82/0x180 [ 13.910604] ? preempt_count_sub+0x50/0x80 [ 13.910628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.910668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.910694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.910720] kthread+0x337/0x6f0 [ 13.910756] ? trace_preempt_on+0x20/0xc0 [ 13.910780] ? __pfx_kthread+0x10/0x10 [ 13.910802] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.910825] ? calculate_sigpending+0x7b/0xa0 [ 13.910850] ? __pfx_kthread+0x10/0x10 [ 13.910873] ret_from_fork+0x116/0x1d0 [ 13.910900] ? __pfx_kthread+0x10/0x10 [ 13.911023] ret_from_fork_asm+0x1a/0x30 [ 13.911057] </TASK> [ 13.911070] [ 13.919733] Allocated by task 282: [ 13.919974] kasan_save_stack+0x45/0x70 [ 13.920238] kasan_save_track+0x18/0x40 [ 13.920437] kasan_save_alloc_info+0x3b/0x50 [ 13.920730] __kasan_kmalloc+0xb7/0xc0 [ 13.920979] __kmalloc_cache_noprof+0x189/0x420 [ 13.921225] kasan_atomics+0x95/0x310 [ 13.921409] kunit_try_run_case+0x1a5/0x480 [ 13.921628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.921856] kthread+0x337/0x6f0 [ 13.922088] ret_from_fork+0x116/0x1d0 [ 13.922276] ret_from_fork_asm+0x1a/0x30 [ 13.922458] [ 13.922569] The buggy address belongs to the object at ffff888102b49680 [ 13.922569] which belongs to the cache kmalloc-64 of size 64 [ 13.923211] The buggy address is located 0 bytes to the right of [ 13.923211] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.923644] [ 13.923715] The buggy address belongs to the physical page: [ 13.923923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.924485] flags: 0x200000000000000(node=0|zone=2) [ 13.924738] page_type: f5(slab) [ 13.924914] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.925254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.925534] page dumped because: kasan: bad access detected [ 13.925789] [ 13.925884] Memory state around the buggy address: [ 13.926213] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.926514] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.926757] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.927107] ^ [ 13.927330] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.927691] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.928121] ================================================================== [ 14.319443] ================================================================== [ 14.319817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.320153] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.320469] [ 14.320554] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.320598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.320611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.320650] Call Trace: [ 14.320663] <TASK> [ 14.320678] dump_stack_lvl+0x73/0xb0 [ 14.320702] print_report+0xd1/0x650 [ 14.320725] ? __virt_addr_valid+0x1db/0x2d0 [ 14.320749] ? kasan_atomics_helper+0xd47/0x5450 [ 14.320771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.320795] ? kasan_atomics_helper+0xd47/0x5450 [ 14.320818] kasan_report+0x141/0x180 [ 14.320840] ? kasan_atomics_helper+0xd47/0x5450 [ 14.320867] kasan_check_range+0x10c/0x1c0 [ 14.320901] __kasan_check_write+0x18/0x20 [ 14.320923] kasan_atomics_helper+0xd47/0x5450 [ 14.320946] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.320988] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.321013] ? ret_from_fork_asm+0x1a/0x30 [ 14.321034] ? kasan_atomics+0x152/0x310 [ 14.321065] kasan_atomics+0x1dc/0x310 [ 14.321089] ? __pfx_kasan_atomics+0x10/0x10 [ 14.321114] ? __pfx_read_tsc+0x10/0x10 [ 14.321136] ? ktime_get_ts64+0x86/0x230 [ 14.321161] kunit_try_run_case+0x1a5/0x480 [ 14.321183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.321204] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.321231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.321255] ? __kthread_parkme+0x82/0x180 [ 14.321276] ? preempt_count_sub+0x50/0x80 [ 14.321301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.321323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.321348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.321374] kthread+0x337/0x6f0 [ 14.321394] ? trace_preempt_on+0x20/0xc0 [ 14.321417] ? __pfx_kthread+0x10/0x10 [ 14.321439] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.321462] ? calculate_sigpending+0x7b/0xa0 [ 14.321487] ? __pfx_kthread+0x10/0x10 [ 14.321509] ret_from_fork+0x116/0x1d0 [ 14.321528] ? __pfx_kthread+0x10/0x10 [ 14.321550] ret_from_fork_asm+0x1a/0x30 [ 14.321581] </TASK> [ 14.321591] [ 14.331552] Allocated by task 282: [ 14.331727] kasan_save_stack+0x45/0x70 [ 14.331933] kasan_save_track+0x18/0x40 [ 14.332200] kasan_save_alloc_info+0x3b/0x50 [ 14.332437] __kasan_kmalloc+0xb7/0xc0 [ 14.332636] __kmalloc_cache_noprof+0x189/0x420 [ 14.332854] kasan_atomics+0x95/0x310 [ 14.333057] kunit_try_run_case+0x1a5/0x480 [ 14.333268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.333514] kthread+0x337/0x6f0 [ 14.333748] ret_from_fork+0x116/0x1d0 [ 14.333918] ret_from_fork_asm+0x1a/0x30 [ 14.334238] [ 14.334309] The buggy address belongs to the object at ffff888102b49680 [ 14.334309] which belongs to the cache kmalloc-64 of size 64 [ 14.334683] The buggy address is located 0 bytes to the right of [ 14.334683] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.335062] [ 14.335178] The buggy address belongs to the physical page: [ 14.335434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.335884] flags: 0x200000000000000(node=0|zone=2) [ 14.336424] page_type: f5(slab) [ 14.336622] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.337004] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.337514] page dumped because: kasan: bad access detected [ 14.337795] [ 14.337916] Memory state around the buggy address: [ 14.338172] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.338462] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.338714] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.338953] ^ [ 14.339202] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.339610] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.340007] ================================================================== [ 15.164005] ================================================================== [ 15.164317] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.164545] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 15.164907] [ 15.165045] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 15.165089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.165101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.165123] Call Trace: [ 15.165135] <TASK> [ 15.165148] dump_stack_lvl+0x73/0xb0 [ 15.165173] print_report+0xd1/0x650 [ 15.165197] ? __virt_addr_valid+0x1db/0x2d0 [ 15.165219] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.165242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.165265] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.165288] kasan_report+0x141/0x180 [ 15.165311] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.165338] kasan_check_range+0x10c/0x1c0 [ 15.165363] __kasan_check_write+0x18/0x20 [ 15.165383] kasan_atomics_helper+0x1eaa/0x5450 [ 15.165406] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.165430] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.165454] ? ret_from_fork_asm+0x1a/0x30 [ 15.165476] ? kasan_atomics+0x152/0x310 [ 15.165503] kasan_atomics+0x1dc/0x310 [ 15.165527] ? __pfx_kasan_atomics+0x10/0x10 [ 15.165552] ? __pfx_read_tsc+0x10/0x10 [ 15.165573] ? ktime_get_ts64+0x86/0x230 [ 15.165597] kunit_try_run_case+0x1a5/0x480 [ 15.165640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.165661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.165685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.165710] ? __kthread_parkme+0x82/0x180 [ 15.165731] ? preempt_count_sub+0x50/0x80 [ 15.165755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.165777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.165803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.165828] kthread+0x337/0x6f0 [ 15.165848] ? trace_preempt_on+0x20/0xc0 [ 15.165870] ? __pfx_kthread+0x10/0x10 [ 15.165901] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.165924] ? calculate_sigpending+0x7b/0xa0 [ 15.165950] ? __pfx_kthread+0x10/0x10 [ 15.165973] ret_from_fork+0x116/0x1d0 [ 15.165992] ? __pfx_kthread+0x10/0x10 [ 15.166014] ret_from_fork_asm+0x1a/0x30 [ 15.166044] </TASK> [ 15.166056] [ 15.177118] Allocated by task 282: [ 15.177285] kasan_save_stack+0x45/0x70 [ 15.177481] kasan_save_track+0x18/0x40 [ 15.177928] kasan_save_alloc_info+0x3b/0x50 [ 15.178240] __kasan_kmalloc+0xb7/0xc0 [ 15.178608] __kmalloc_cache_noprof+0x189/0x420 [ 15.178980] kasan_atomics+0x95/0x310 [ 15.179168] kunit_try_run_case+0x1a5/0x480 [ 15.179365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.179595] kthread+0x337/0x6f0 [ 15.179761] ret_from_fork+0x116/0x1d0 [ 15.179943] ret_from_fork_asm+0x1a/0x30 [ 15.180127] [ 15.180219] The buggy address belongs to the object at ffff888102b49680 [ 15.180219] which belongs to the cache kmalloc-64 of size 64 [ 15.180698] The buggy address is located 0 bytes to the right of [ 15.180698] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 15.181839] [ 15.182084] The buggy address belongs to the physical page: [ 15.182547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 15.183044] flags: 0x200000000000000(node=0|zone=2) [ 15.183445] page_type: f5(slab) [ 15.183672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.184133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.184579] page dumped because: kasan: bad access detected [ 15.185008] [ 15.185253] Memory state around the buggy address: [ 15.185459] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.185942] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.186238] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.186521] ^ [ 15.187099] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.187541] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.188058] ================================================================== [ 14.277964] ================================================================== [ 14.278530] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.279209] Write of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.279599] [ 14.279797] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.279863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.279884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.279930] Call Trace: [ 14.279949] <TASK> [ 14.279967] dump_stack_lvl+0x73/0xb0 [ 14.280014] print_report+0xd1/0x650 [ 14.280037] ? __virt_addr_valid+0x1db/0x2d0 [ 14.280061] ? kasan_atomics_helper+0xc70/0x5450 [ 14.280082] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.280106] ? kasan_atomics_helper+0xc70/0x5450 [ 14.280128] kasan_report+0x141/0x180 [ 14.280151] ? kasan_atomics_helper+0xc70/0x5450 [ 14.280178] kasan_check_range+0x10c/0x1c0 [ 14.280203] __kasan_check_write+0x18/0x20 [ 14.280223] kasan_atomics_helper+0xc70/0x5450 [ 14.280247] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.280269] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.280294] ? ret_from_fork_asm+0x1a/0x30 [ 14.280317] ? kasan_atomics+0x152/0x310 [ 14.280344] kasan_atomics+0x1dc/0x310 [ 14.280368] ? __pfx_kasan_atomics+0x10/0x10 [ 14.280393] ? __pfx_read_tsc+0x10/0x10 [ 14.280415] ? ktime_get_ts64+0x86/0x230 [ 14.280440] kunit_try_run_case+0x1a5/0x480 [ 14.280462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.280500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.280527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.280553] ? __kthread_parkme+0x82/0x180 [ 14.280574] ? preempt_count_sub+0x50/0x80 [ 14.280599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.280637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.280673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.280699] kthread+0x337/0x6f0 [ 14.280719] ? trace_preempt_on+0x20/0xc0 [ 14.280743] ? __pfx_kthread+0x10/0x10 [ 14.280781] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.280811] ? calculate_sigpending+0x7b/0xa0 [ 14.280836] ? __pfx_kthread+0x10/0x10 [ 14.280871] ret_from_fork+0x116/0x1d0 [ 14.280890] ? __pfx_kthread+0x10/0x10 [ 14.280934] ret_from_fork_asm+0x1a/0x30 [ 14.280976] </TASK> [ 14.280987] [ 14.289818] Allocated by task 282: [ 14.290064] kasan_save_stack+0x45/0x70 [ 14.290274] kasan_save_track+0x18/0x40 [ 14.290471] kasan_save_alloc_info+0x3b/0x50 [ 14.290707] __kasan_kmalloc+0xb7/0xc0 [ 14.290972] __kmalloc_cache_noprof+0x189/0x420 [ 14.291220] kasan_atomics+0x95/0x310 [ 14.291432] kunit_try_run_case+0x1a5/0x480 [ 14.291745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.291965] kthread+0x337/0x6f0 [ 14.292137] ret_from_fork+0x116/0x1d0 [ 14.292341] ret_from_fork_asm+0x1a/0x30 [ 14.292483] [ 14.292557] The buggy address belongs to the object at ffff888102b49680 [ 14.292557] which belongs to the cache kmalloc-64 of size 64 [ 14.292970] The buggy address is located 0 bytes to the right of [ 14.292970] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.293558] [ 14.293658] The buggy address belongs to the physical page: [ 14.294014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.294256] flags: 0x200000000000000(node=0|zone=2) [ 14.294424] page_type: f5(slab) [ 14.294550] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.294782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.295443] page dumped because: kasan: bad access detected [ 14.296013] [ 14.296111] Memory state around the buggy address: [ 14.296335] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.296660] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.297021] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.297590] ^ [ 14.298055] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.298470] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.298776] ================================================================== [ 13.868197] ================================================================== [ 13.868529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.868970] Read of size 4 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 13.869331] [ 13.869443] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.869485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.869496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.869515] Call Trace: [ 13.869527] <TASK> [ 13.869539] dump_stack_lvl+0x73/0xb0 [ 13.869564] print_report+0xd1/0x650 [ 13.869606] ? __virt_addr_valid+0x1db/0x2d0 [ 13.869648] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.869669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.869691] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.869713] kasan_report+0x141/0x180 [ 13.869735] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.869779] __asan_report_load4_noabort+0x18/0x20 [ 13.869799] kasan_atomics_helper+0x4b88/0x5450 [ 13.869821] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.869858] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.869882] ? ret_from_fork_asm+0x1a/0x30 [ 13.869913] ? kasan_atomics+0x152/0x310 [ 13.869992] kasan_atomics+0x1dc/0x310 [ 13.870017] ? __pfx_kasan_atomics+0x10/0x10 [ 13.870041] ? __pfx_read_tsc+0x10/0x10 [ 13.870062] ? ktime_get_ts64+0x86/0x230 [ 13.870086] kunit_try_run_case+0x1a5/0x480 [ 13.870128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.870186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.870225] ? __kthread_parkme+0x82/0x180 [ 13.870245] ? preempt_count_sub+0x50/0x80 [ 13.870268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.870289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.870313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.870337] kthread+0x337/0x6f0 [ 13.870357] ? trace_preempt_on+0x20/0xc0 [ 13.870378] ? __pfx_kthread+0x10/0x10 [ 13.870399] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.870421] ? calculate_sigpending+0x7b/0xa0 [ 13.870445] ? __pfx_kthread+0x10/0x10 [ 13.870466] ret_from_fork+0x116/0x1d0 [ 13.870484] ? __pfx_kthread+0x10/0x10 [ 13.870504] ret_from_fork_asm+0x1a/0x30 [ 13.870533] </TASK> [ 13.870559] [ 13.879166] Allocated by task 282: [ 13.879354] kasan_save_stack+0x45/0x70 [ 13.879583] kasan_save_track+0x18/0x40 [ 13.879783] kasan_save_alloc_info+0x3b/0x50 [ 13.880006] __kasan_kmalloc+0xb7/0xc0 [ 13.880173] __kmalloc_cache_noprof+0x189/0x420 [ 13.880381] kasan_atomics+0x95/0x310 [ 13.880653] kunit_try_run_case+0x1a5/0x480 [ 13.880861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.881212] kthread+0x337/0x6f0 [ 13.881387] ret_from_fork+0x116/0x1d0 [ 13.881550] ret_from_fork_asm+0x1a/0x30 [ 13.881786] [ 13.881907] The buggy address belongs to the object at ffff888102b49680 [ 13.881907] which belongs to the cache kmalloc-64 of size 64 [ 13.882454] The buggy address is located 0 bytes to the right of [ 13.882454] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 13.883115] [ 13.883215] The buggy address belongs to the physical page: [ 13.883453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 13.883818] flags: 0x200000000000000(node=0|zone=2) [ 13.884315] page_type: f5(slab) [ 13.884535] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.885018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.885359] page dumped because: kasan: bad access detected [ 13.885604] [ 13.885691] Memory state around the buggy address: [ 13.885840] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.886173] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.886519] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.886913] ^ [ 13.887228] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887541] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887870] ================================================================== [ 14.977751] ================================================================== [ 14.978231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.978885] Write of size 8 at addr ffff888102b496b0 by task kunit_try_catch/282 [ 14.979431] [ 14.979518] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 14.979562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.979575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.979596] Call Trace: [ 14.979613] <TASK> [ 14.979630] dump_stack_lvl+0x73/0xb0 [ 14.979654] print_report+0xd1/0x650 [ 14.979677] ? __virt_addr_valid+0x1db/0x2d0 [ 14.979701] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.979723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.979747] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.979770] kasan_report+0x141/0x180 [ 14.979793] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.979820] kasan_check_range+0x10c/0x1c0 [ 14.979845] __kasan_check_write+0x18/0x20 [ 14.979866] kasan_atomics_helper+0x19e3/0x5450 [ 14.979890] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.979924] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.979960] ? ret_from_fork_asm+0x1a/0x30 [ 14.979983] ? kasan_atomics+0x152/0x310 [ 14.980010] kasan_atomics+0x1dc/0x310 [ 14.980035] ? __pfx_kasan_atomics+0x10/0x10 [ 14.980060] ? __pfx_read_tsc+0x10/0x10 [ 14.980083] ? ktime_get_ts64+0x86/0x230 [ 14.980108] kunit_try_run_case+0x1a5/0x480 [ 14.980130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.980177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.980203] ? __kthread_parkme+0x82/0x180 [ 14.980224] ? preempt_count_sub+0x50/0x80 [ 14.980249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.980270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.980295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.980320] kthread+0x337/0x6f0 [ 14.980341] ? trace_preempt_on+0x20/0xc0 [ 14.980364] ? __pfx_kthread+0x10/0x10 [ 14.980385] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.980408] ? calculate_sigpending+0x7b/0xa0 [ 14.980433] ? __pfx_kthread+0x10/0x10 [ 14.980456] ret_from_fork+0x116/0x1d0 [ 14.980475] ? __pfx_kthread+0x10/0x10 [ 14.980496] ret_from_fork_asm+0x1a/0x30 [ 14.980527] </TASK> [ 14.980538] [ 14.988988] Allocated by task 282: [ 14.989134] kasan_save_stack+0x45/0x70 [ 14.989302] kasan_save_track+0x18/0x40 [ 14.989439] kasan_save_alloc_info+0x3b/0x50 [ 14.989588] __kasan_kmalloc+0xb7/0xc0 [ 14.989722] __kmalloc_cache_noprof+0x189/0x420 [ 14.990153] kasan_atomics+0x95/0x310 [ 14.990331] kunit_try_run_case+0x1a5/0x480 [ 14.990496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.990751] kthread+0x337/0x6f0 [ 14.990911] ret_from_fork+0x116/0x1d0 [ 14.991617] ret_from_fork_asm+0x1a/0x30 [ 14.991782] [ 14.991880] The buggy address belongs to the object at ffff888102b49680 [ 14.991880] which belongs to the cache kmalloc-64 of size 64 [ 14.992418] The buggy address is located 0 bytes to the right of [ 14.992418] allocated 48-byte region [ffff888102b49680, ffff888102b496b0) [ 14.993771] [ 14.994187] The buggy address belongs to the physical page: [ 14.995063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b49 [ 14.996137] flags: 0x200000000000000(node=0|zone=2) [ 14.996445] page_type: f5(slab) [ 14.996598] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.996947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.997318] page dumped because: kasan: bad access detected [ 14.997572] [ 14.997716] Memory state around the buggy address: [ 14.997935] ffff888102b49580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.998348] ffff888102b49600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.998655] >ffff888102b49680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.999012] ^ [ 14.999202] ffff888102b49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.999456] ffff888102b49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.999863] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop: Failure
Automatically assigned
[ 13.728771] ================================================================== [ 13.729165] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.729485] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.729832] [ 13.729975] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.730023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.730035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.730056] Call Trace: [ 13.730069] <TASK> [ 13.730082] dump_stack_lvl+0x73/0xb0 [ 13.730106] print_report+0xd1/0x650 [ 13.730128] ? __virt_addr_valid+0x1db/0x2d0 [ 13.730150] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.730178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.730200] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.730228] kasan_report+0x141/0x180 [ 13.730249] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.730281] kasan_check_range+0x10c/0x1c0 [ 13.730305] __kasan_check_write+0x18/0x20 [ 13.730324] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.730352] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.730380] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.730404] ? trace_hardirqs_on+0x37/0xe0 [ 13.730425] ? kasan_bitops_generic+0x92/0x1c0 [ 13.730452] kasan_bitops_generic+0x121/0x1c0 [ 13.730475] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.730500] ? __pfx_read_tsc+0x10/0x10 [ 13.730521] ? ktime_get_ts64+0x86/0x230 [ 13.730543] kunit_try_run_case+0x1a5/0x480 [ 13.730563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.730582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.730607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.730651] ? __kthread_parkme+0x82/0x180 [ 13.730671] ? preempt_count_sub+0x50/0x80 [ 13.730694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.730714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.730738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.730763] kthread+0x337/0x6f0 [ 13.730781] ? trace_preempt_on+0x20/0xc0 [ 13.730803] ? __pfx_kthread+0x10/0x10 [ 13.730823] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.730844] ? calculate_sigpending+0x7b/0xa0 [ 13.730869] ? __pfx_kthread+0x10/0x10 [ 13.730889] ret_from_fork+0x116/0x1d0 [ 13.730915] ? __pfx_kthread+0x10/0x10 [ 13.730981] ret_from_fork_asm+0x1a/0x30 [ 13.731012] </TASK> [ 13.731023] [ 13.743162] Allocated by task 278: [ 13.743303] kasan_save_stack+0x45/0x70 [ 13.744103] kasan_save_track+0x18/0x40 [ 13.744409] kasan_save_alloc_info+0x3b/0x50 [ 13.744573] __kasan_kmalloc+0xb7/0xc0 [ 13.745293] __kmalloc_cache_noprof+0x189/0x420 [ 13.746632] kasan_bitops_generic+0x92/0x1c0 [ 13.747131] kunit_try_run_case+0x1a5/0x480 [ 13.747284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.747476] kthread+0x337/0x6f0 [ 13.748208] ret_from_fork+0x116/0x1d0 [ 13.748709] ret_from_fork_asm+0x1a/0x30 [ 13.748882] [ 13.749002] The buggy address belongs to the object at ffff888102ae9140 [ 13.749002] which belongs to the cache kmalloc-16 of size 16 [ 13.749713] The buggy address is located 8 bytes inside of [ 13.749713] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.750386] [ 13.750489] The buggy address belongs to the physical page: [ 13.750997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.751306] flags: 0x200000000000000(node=0|zone=2) [ 13.751554] page_type: f5(slab) [ 13.751705] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.752220] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.752658] page dumped because: kasan: bad access detected [ 13.752854] [ 13.752955] Memory state around the buggy address: [ 13.753297] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.753845] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.754309] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.754606] ^ [ 13.754845] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755276] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.755576] ================================================================== [ 13.776147] ================================================================== [ 13.776483] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.777076] Read of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.777402] [ 13.777501] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.777542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.777553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.777572] Call Trace: [ 13.777587] <TASK> [ 13.777601] dump_stack_lvl+0x73/0xb0 [ 13.777624] print_report+0xd1/0x650 [ 13.777645] ? __virt_addr_valid+0x1db/0x2d0 [ 13.777668] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.777695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.777717] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.777745] kasan_report+0x141/0x180 [ 13.777783] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.777815] kasan_check_range+0x10c/0x1c0 [ 13.777839] __kasan_check_read+0x15/0x20 [ 13.777858] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.777886] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.777925] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.777948] ? trace_hardirqs_on+0x37/0xe0 [ 13.777970] ? kasan_bitops_generic+0x92/0x1c0 [ 13.777997] kasan_bitops_generic+0x121/0x1c0 [ 13.778021] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.778046] ? __pfx_read_tsc+0x10/0x10 [ 13.778066] ? ktime_get_ts64+0x86/0x230 [ 13.778090] kunit_try_run_case+0x1a5/0x480 [ 13.778111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778130] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.778155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.778180] ? __kthread_parkme+0x82/0x180 [ 13.778200] ? preempt_count_sub+0x50/0x80 [ 13.778223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.778268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.778292] kthread+0x337/0x6f0 [ 13.778311] ? trace_preempt_on+0x20/0xc0 [ 13.778332] ? __pfx_kthread+0x10/0x10 [ 13.778353] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.778375] ? calculate_sigpending+0x7b/0xa0 [ 13.778399] ? __pfx_kthread+0x10/0x10 [ 13.778420] ret_from_fork+0x116/0x1d0 [ 13.778438] ? __pfx_kthread+0x10/0x10 [ 13.778459] ret_from_fork_asm+0x1a/0x30 [ 13.778488] </TASK> [ 13.778498] [ 13.786850] Allocated by task 278: [ 13.786998] kasan_save_stack+0x45/0x70 [ 13.787143] kasan_save_track+0x18/0x40 [ 13.787278] kasan_save_alloc_info+0x3b/0x50 [ 13.787535] __kasan_kmalloc+0xb7/0xc0 [ 13.787778] __kmalloc_cache_noprof+0x189/0x420 [ 13.788014] kasan_bitops_generic+0x92/0x1c0 [ 13.788221] kunit_try_run_case+0x1a5/0x480 [ 13.788423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.788646] kthread+0x337/0x6f0 [ 13.788767] ret_from_fork+0x116/0x1d0 [ 13.788906] ret_from_fork_asm+0x1a/0x30 [ 13.789048] [ 13.789118] The buggy address belongs to the object at ffff888102ae9140 [ 13.789118] which belongs to the cache kmalloc-16 of size 16 [ 13.789966] The buggy address is located 8 bytes inside of [ 13.789966] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.790502] [ 13.790600] The buggy address belongs to the physical page: [ 13.791249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.791626] flags: 0x200000000000000(node=0|zone=2) [ 13.791860] page_type: f5(slab) [ 13.792121] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.792373] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.792617] page dumped because: kasan: bad access detected [ 13.792882] [ 13.793050] Memory state around the buggy address: [ 13.793277] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.793565] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.793887] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.794292] ^ [ 13.794504] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794821] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.795046] ================================================================== [ 13.756265] ================================================================== [ 13.756563] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.757162] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.757462] [ 13.757578] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.757622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.757633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.757655] Call Trace: [ 13.757668] <TASK> [ 13.757682] dump_stack_lvl+0x73/0xb0 [ 13.757708] print_report+0xd1/0x650 [ 13.757730] ? __virt_addr_valid+0x1db/0x2d0 [ 13.757754] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.757782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.757823] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.757851] kasan_report+0x141/0x180 [ 13.757873] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.757916] kasan_check_range+0x10c/0x1c0 [ 13.757939] __kasan_check_write+0x18/0x20 [ 13.757959] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.757986] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.758015] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.758038] ? trace_hardirqs_on+0x37/0xe0 [ 13.758059] ? kasan_bitops_generic+0x92/0x1c0 [ 13.758085] kasan_bitops_generic+0x121/0x1c0 [ 13.758158] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.758186] ? __pfx_read_tsc+0x10/0x10 [ 13.758207] ? ktime_get_ts64+0x86/0x230 [ 13.758230] kunit_try_run_case+0x1a5/0x480 [ 13.758251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.758270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.758295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.758318] ? __kthread_parkme+0x82/0x180 [ 13.758338] ? preempt_count_sub+0x50/0x80 [ 13.758361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.758382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.758406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.758430] kthread+0x337/0x6f0 [ 13.758449] ? trace_preempt_on+0x20/0xc0 [ 13.758470] ? __pfx_kthread+0x10/0x10 [ 13.758490] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.758511] ? calculate_sigpending+0x7b/0xa0 [ 13.758535] ? __pfx_kthread+0x10/0x10 [ 13.758555] ret_from_fork+0x116/0x1d0 [ 13.758574] ? __pfx_kthread+0x10/0x10 [ 13.758593] ret_from_fork_asm+0x1a/0x30 [ 13.758623] </TASK> [ 13.758653] [ 13.767546] Allocated by task 278: [ 13.767834] kasan_save_stack+0x45/0x70 [ 13.768155] kasan_save_track+0x18/0x40 [ 13.768346] kasan_save_alloc_info+0x3b/0x50 [ 13.768538] __kasan_kmalloc+0xb7/0xc0 [ 13.768771] __kmalloc_cache_noprof+0x189/0x420 [ 13.768985] kasan_bitops_generic+0x92/0x1c0 [ 13.769170] kunit_try_run_case+0x1a5/0x480 [ 13.769316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.769493] kthread+0x337/0x6f0 [ 13.769622] ret_from_fork+0x116/0x1d0 [ 13.769806] ret_from_fork_asm+0x1a/0x30 [ 13.770146] [ 13.770243] The buggy address belongs to the object at ffff888102ae9140 [ 13.770243] which belongs to the cache kmalloc-16 of size 16 [ 13.770855] The buggy address is located 8 bytes inside of [ 13.770855] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.771301] [ 13.771408] The buggy address belongs to the physical page: [ 13.771694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.772255] flags: 0x200000000000000(node=0|zone=2) [ 13.772447] page_type: f5(slab) [ 13.772615] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.773048] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.773351] page dumped because: kasan: bad access detected [ 13.773550] [ 13.773620] Memory state around the buggy address: [ 13.773772] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.774074] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.774392] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.774823] ^ [ 13.775177] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775475] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775772] ================================================================== [ 13.663478] ================================================================== [ 13.664055] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.664465] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.664781] [ 13.664864] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.664917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.664930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.664951] Call Trace: [ 13.664963] <TASK> [ 13.664976] dump_stack_lvl+0x73/0xb0 [ 13.664999] print_report+0xd1/0x650 [ 13.665021] ? __virt_addr_valid+0x1db/0x2d0 [ 13.665048] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.665075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.665098] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.665125] kasan_report+0x141/0x180 [ 13.665148] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.665179] kasan_check_range+0x10c/0x1c0 [ 13.665203] __kasan_check_write+0x18/0x20 [ 13.665221] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.665249] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.665277] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.665301] ? trace_hardirqs_on+0x37/0xe0 [ 13.665321] ? kasan_bitops_generic+0x92/0x1c0 [ 13.665348] kasan_bitops_generic+0x121/0x1c0 [ 13.665371] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.665396] ? __pfx_read_tsc+0x10/0x10 [ 13.665415] ? ktime_get_ts64+0x86/0x230 [ 13.665439] kunit_try_run_case+0x1a5/0x480 [ 13.665459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.665478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.665503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.665526] ? __kthread_parkme+0x82/0x180 [ 13.665546] ? preempt_count_sub+0x50/0x80 [ 13.665569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.665589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.665614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.665688] kthread+0x337/0x6f0 [ 13.665709] ? trace_preempt_on+0x20/0xc0 [ 13.665731] ? __pfx_kthread+0x10/0x10 [ 13.665750] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.665773] ? calculate_sigpending+0x7b/0xa0 [ 13.665796] ? __pfx_kthread+0x10/0x10 [ 13.665818] ret_from_fork+0x116/0x1d0 [ 13.665835] ? __pfx_kthread+0x10/0x10 [ 13.665855] ret_from_fork_asm+0x1a/0x30 [ 13.665884] </TASK> [ 13.665904] [ 13.674486] Allocated by task 278: [ 13.674673] kasan_save_stack+0x45/0x70 [ 13.675042] kasan_save_track+0x18/0x40 [ 13.675240] kasan_save_alloc_info+0x3b/0x50 [ 13.675428] __kasan_kmalloc+0xb7/0xc0 [ 13.675560] __kmalloc_cache_noprof+0x189/0x420 [ 13.675715] kasan_bitops_generic+0x92/0x1c0 [ 13.675862] kunit_try_run_case+0x1a5/0x480 [ 13.676021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.676279] kthread+0x337/0x6f0 [ 13.676448] ret_from_fork+0x116/0x1d0 [ 13.676638] ret_from_fork_asm+0x1a/0x30 [ 13.677544] [ 13.677676] The buggy address belongs to the object at ffff888102ae9140 [ 13.677676] which belongs to the cache kmalloc-16 of size 16 [ 13.678215] The buggy address is located 8 bytes inside of [ 13.678215] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.678565] [ 13.678638] The buggy address belongs to the physical page: [ 13.678809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.679551] flags: 0x200000000000000(node=0|zone=2) [ 13.680064] page_type: f5(slab) [ 13.680222] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.680527] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.681066] page dumped because: kasan: bad access detected [ 13.681242] [ 13.681310] Memory state around the buggy address: [ 13.681506] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.682230] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.682532] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.682807] ^ [ 13.683106] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.683326] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.683647] ================================================================== [ 13.643628] ================================================================== [ 13.644073] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.644372] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.644757] [ 13.644862] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.644920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.644932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.644952] Call Trace: [ 13.644964] <TASK> [ 13.644976] dump_stack_lvl+0x73/0xb0 [ 13.644999] print_report+0xd1/0x650 [ 13.645021] ? __virt_addr_valid+0x1db/0x2d0 [ 13.645049] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.645077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.645098] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.645169] kasan_report+0x141/0x180 [ 13.645193] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.645224] kasan_check_range+0x10c/0x1c0 [ 13.645248] __kasan_check_write+0x18/0x20 [ 13.645267] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.645294] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.645322] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.645347] ? trace_hardirqs_on+0x37/0xe0 [ 13.645367] ? kasan_bitops_generic+0x92/0x1c0 [ 13.645394] kasan_bitops_generic+0x121/0x1c0 [ 13.645417] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.645442] ? __pfx_read_tsc+0x10/0x10 [ 13.645462] ? ktime_get_ts64+0x86/0x230 [ 13.645484] kunit_try_run_case+0x1a5/0x480 [ 13.645504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.645524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.645549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.645572] ? __kthread_parkme+0x82/0x180 [ 13.645592] ? preempt_count_sub+0x50/0x80 [ 13.645615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.645636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.645660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.645684] kthread+0x337/0x6f0 [ 13.645702] ? trace_preempt_on+0x20/0xc0 [ 13.645724] ? __pfx_kthread+0x10/0x10 [ 13.645745] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.645766] ? calculate_sigpending+0x7b/0xa0 [ 13.645789] ? __pfx_kthread+0x10/0x10 [ 13.645810] ret_from_fork+0x116/0x1d0 [ 13.645828] ? __pfx_kthread+0x10/0x10 [ 13.645848] ret_from_fork_asm+0x1a/0x30 [ 13.645876] </TASK> [ 13.645887] [ 13.655358] Allocated by task 278: [ 13.655510] kasan_save_stack+0x45/0x70 [ 13.655702] kasan_save_track+0x18/0x40 [ 13.655911] kasan_save_alloc_info+0x3b/0x50 [ 13.656112] __kasan_kmalloc+0xb7/0xc0 [ 13.656290] __kmalloc_cache_noprof+0x189/0x420 [ 13.656487] kasan_bitops_generic+0x92/0x1c0 [ 13.656777] kunit_try_run_case+0x1a5/0x480 [ 13.657005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.657252] kthread+0x337/0x6f0 [ 13.657405] ret_from_fork+0x116/0x1d0 [ 13.657559] ret_from_fork_asm+0x1a/0x30 [ 13.657783] [ 13.657882] The buggy address belongs to the object at ffff888102ae9140 [ 13.657882] which belongs to the cache kmalloc-16 of size 16 [ 13.658404] The buggy address is located 8 bytes inside of [ 13.658404] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.658906] [ 13.659016] The buggy address belongs to the physical page: [ 13.659296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.659603] flags: 0x200000000000000(node=0|zone=2) [ 13.659834] page_type: f5(slab) [ 13.659990] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.660321] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.660615] page dumped because: kasan: bad access detected [ 13.660862] [ 13.660961] Memory state around the buggy address: [ 13.661312] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.661553] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.661768] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.662034] ^ [ 13.662526] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.662784] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.663010] ================================================================== [ 13.795423] ================================================================== [ 13.795756] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.796357] Read of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.796838] [ 13.796960] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.797003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.797014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.797035] Call Trace: [ 13.797055] <TASK> [ 13.797069] dump_stack_lvl+0x73/0xb0 [ 13.797094] print_report+0xd1/0x650 [ 13.797116] ? __virt_addr_valid+0x1db/0x2d0 [ 13.797139] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.797166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.797189] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.797217] kasan_report+0x141/0x180 [ 13.797239] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.797271] __asan_report_load8_noabort+0x18/0x20 [ 13.797292] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.797319] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.797348] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.797372] ? trace_hardirqs_on+0x37/0xe0 [ 13.797393] ? kasan_bitops_generic+0x92/0x1c0 [ 13.797420] kasan_bitops_generic+0x121/0x1c0 [ 13.797444] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.797519] ? __pfx_read_tsc+0x10/0x10 [ 13.797540] ? ktime_get_ts64+0x86/0x230 [ 13.797564] kunit_try_run_case+0x1a5/0x480 [ 13.797585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.797629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.797654] ? __kthread_parkme+0x82/0x180 [ 13.797674] ? preempt_count_sub+0x50/0x80 [ 13.797697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.797718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.797742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.797766] kthread+0x337/0x6f0 [ 13.797786] ? trace_preempt_on+0x20/0xc0 [ 13.797809] ? __pfx_kthread+0x10/0x10 [ 13.797830] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.797852] ? calculate_sigpending+0x7b/0xa0 [ 13.797876] ? __pfx_kthread+0x10/0x10 [ 13.797921] ret_from_fork+0x116/0x1d0 [ 13.797939] ? __pfx_kthread+0x10/0x10 [ 13.797971] ret_from_fork_asm+0x1a/0x30 [ 13.798001] </TASK> [ 13.798012] [ 13.806955] Allocated by task 278: [ 13.807141] kasan_save_stack+0x45/0x70 [ 13.807343] kasan_save_track+0x18/0x40 [ 13.807507] kasan_save_alloc_info+0x3b/0x50 [ 13.807661] __kasan_kmalloc+0xb7/0xc0 [ 13.807792] __kmalloc_cache_noprof+0x189/0x420 [ 13.809232] kasan_bitops_generic+0x92/0x1c0 [ 13.809430] kunit_try_run_case+0x1a5/0x480 [ 13.809688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.810051] kthread+0x337/0x6f0 [ 13.810210] ret_from_fork+0x116/0x1d0 [ 13.810404] ret_from_fork_asm+0x1a/0x30 [ 13.810575] [ 13.810699] The buggy address belongs to the object at ffff888102ae9140 [ 13.810699] which belongs to the cache kmalloc-16 of size 16 [ 13.811274] The buggy address is located 8 bytes inside of [ 13.811274] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.811784] [ 13.811911] The buggy address belongs to the physical page: [ 13.812216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.812524] flags: 0x200000000000000(node=0|zone=2) [ 13.812802] page_type: f5(slab) [ 13.812995] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.813298] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.813843] page dumped because: kasan: bad access detected [ 13.814174] [ 13.814273] Memory state around the buggy address: [ 13.814472] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.814804] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.815213] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.815496] ^ [ 13.815791] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816148] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.816481] ================================================================== [ 13.623162] ================================================================== [ 13.623490] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.623862] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.624227] [ 13.624325] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.624367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.624378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.624398] Call Trace: [ 13.624412] <TASK> [ 13.624425] dump_stack_lvl+0x73/0xb0 [ 13.624449] print_report+0xd1/0x650 [ 13.624471] ? __virt_addr_valid+0x1db/0x2d0 [ 13.624493] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.624520] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.624543] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.624571] kasan_report+0x141/0x180 [ 13.624593] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.624625] kasan_check_range+0x10c/0x1c0 [ 13.624880] __kasan_check_write+0x18/0x20 [ 13.624918] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.625178] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.625214] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.625238] ? trace_hardirqs_on+0x37/0xe0 [ 13.625259] ? kasan_bitops_generic+0x92/0x1c0 [ 13.625287] kasan_bitops_generic+0x121/0x1c0 [ 13.625311] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.625336] ? __pfx_read_tsc+0x10/0x10 [ 13.625357] ? ktime_get_ts64+0x86/0x230 [ 13.625379] kunit_try_run_case+0x1a5/0x480 [ 13.625400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.625419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.625443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.625467] ? __kthread_parkme+0x82/0x180 [ 13.625487] ? preempt_count_sub+0x50/0x80 [ 13.625511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.625532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.625555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.625579] kthread+0x337/0x6f0 [ 13.625599] ? trace_preempt_on+0x20/0xc0 [ 13.625620] ? __pfx_kthread+0x10/0x10 [ 13.625654] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.625676] ? calculate_sigpending+0x7b/0xa0 [ 13.625700] ? __pfx_kthread+0x10/0x10 [ 13.625721] ret_from_fork+0x116/0x1d0 [ 13.625739] ? __pfx_kthread+0x10/0x10 [ 13.625759] ret_from_fork_asm+0x1a/0x30 [ 13.625788] </TASK> [ 13.625797] [ 13.634837] Allocated by task 278: [ 13.635142] kasan_save_stack+0x45/0x70 [ 13.635310] kasan_save_track+0x18/0x40 [ 13.635446] kasan_save_alloc_info+0x3b/0x50 [ 13.635594] __kasan_kmalloc+0xb7/0xc0 [ 13.635781] __kmalloc_cache_noprof+0x189/0x420 [ 13.636018] kasan_bitops_generic+0x92/0x1c0 [ 13.636338] kunit_try_run_case+0x1a5/0x480 [ 13.636595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.636850] kthread+0x337/0x6f0 [ 13.637078] ret_from_fork+0x116/0x1d0 [ 13.637221] ret_from_fork_asm+0x1a/0x30 [ 13.637361] [ 13.637431] The buggy address belongs to the object at ffff888102ae9140 [ 13.637431] which belongs to the cache kmalloc-16 of size 16 [ 13.637836] The buggy address is located 8 bytes inside of [ 13.637836] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.638379] [ 13.638473] The buggy address belongs to the physical page: [ 13.638938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.639412] flags: 0x200000000000000(node=0|zone=2) [ 13.639585] page_type: f5(slab) [ 13.639745] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.640258] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.640485] page dumped because: kasan: bad access detected [ 13.640905] [ 13.641147] Memory state around the buggy address: [ 13.641382] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.641744] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.642124] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.642369] ^ [ 13.642542] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.642831] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.643167] ================================================================== [ 13.703841] ================================================================== [ 13.704195] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.704557] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.704831] [ 13.706264] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.706313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.706326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.706346] Call Trace: [ 13.706360] <TASK> [ 13.706373] dump_stack_lvl+0x73/0xb0 [ 13.706400] print_report+0xd1/0x650 [ 13.706423] ? __virt_addr_valid+0x1db/0x2d0 [ 13.706446] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.706473] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.706496] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.706524] kasan_report+0x141/0x180 [ 13.706546] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.706578] kasan_check_range+0x10c/0x1c0 [ 13.706883] __kasan_check_write+0x18/0x20 [ 13.706916] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.707006] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.707035] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.707060] ? trace_hardirqs_on+0x37/0xe0 [ 13.707080] ? kasan_bitops_generic+0x92/0x1c0 [ 13.707108] kasan_bitops_generic+0x121/0x1c0 [ 13.707132] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.707156] ? __pfx_read_tsc+0x10/0x10 [ 13.707177] ? ktime_get_ts64+0x86/0x230 [ 13.707200] kunit_try_run_case+0x1a5/0x480 [ 13.707220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.707240] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.707265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.707290] ? __kthread_parkme+0x82/0x180 [ 13.707310] ? preempt_count_sub+0x50/0x80 [ 13.707332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.707353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.707377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.707401] kthread+0x337/0x6f0 [ 13.707420] ? trace_preempt_on+0x20/0xc0 [ 13.707441] ? __pfx_kthread+0x10/0x10 [ 13.707461] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.707483] ? calculate_sigpending+0x7b/0xa0 [ 13.707507] ? __pfx_kthread+0x10/0x10 [ 13.707527] ret_from_fork+0x116/0x1d0 [ 13.707545] ? __pfx_kthread+0x10/0x10 [ 13.707565] ret_from_fork_asm+0x1a/0x30 [ 13.707594] </TASK> [ 13.707604] [ 13.719051] Allocated by task 278: [ 13.719222] kasan_save_stack+0x45/0x70 [ 13.719406] kasan_save_track+0x18/0x40 [ 13.719603] kasan_save_alloc_info+0x3b/0x50 [ 13.719801] __kasan_kmalloc+0xb7/0xc0 [ 13.720594] __kmalloc_cache_noprof+0x189/0x420 [ 13.720923] kasan_bitops_generic+0x92/0x1c0 [ 13.721467] kunit_try_run_case+0x1a5/0x480 [ 13.721754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.722168] kthread+0x337/0x6f0 [ 13.722343] ret_from_fork+0x116/0x1d0 [ 13.722661] ret_from_fork_asm+0x1a/0x30 [ 13.723005] [ 13.723099] The buggy address belongs to the object at ffff888102ae9140 [ 13.723099] which belongs to the cache kmalloc-16 of size 16 [ 13.723569] The buggy address is located 8 bytes inside of [ 13.723569] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.724157] [ 13.724254] The buggy address belongs to the physical page: [ 13.724467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.724815] flags: 0x200000000000000(node=0|zone=2) [ 13.725127] page_type: f5(slab) [ 13.725291] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.725550] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.725917] page dumped because: kasan: bad access detected [ 13.726303] [ 13.726400] Memory state around the buggy address: [ 13.726592] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.726946] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.727229] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.727507] ^ [ 13.727739] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.728006] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.728328] ================================================================== [ 13.684113] ================================================================== [ 13.684434] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.684815] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.685172] [ 13.685280] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.685322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.685333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.685353] Call Trace: [ 13.685366] <TASK> [ 13.685378] dump_stack_lvl+0x73/0xb0 [ 13.685402] print_report+0xd1/0x650 [ 13.685423] ? __virt_addr_valid+0x1db/0x2d0 [ 13.685447] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.685474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.685497] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.685525] kasan_report+0x141/0x180 [ 13.685547] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.685579] kasan_check_range+0x10c/0x1c0 [ 13.685602] __kasan_check_write+0x18/0x20 [ 13.685622] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.685650] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.685730] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.685755] ? trace_hardirqs_on+0x37/0xe0 [ 13.685777] ? kasan_bitops_generic+0x92/0x1c0 [ 13.685804] kasan_bitops_generic+0x121/0x1c0 [ 13.685828] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.685853] ? __pfx_read_tsc+0x10/0x10 [ 13.685874] ? ktime_get_ts64+0x86/0x230 [ 13.685910] kunit_try_run_case+0x1a5/0x480 [ 13.685933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.685986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.686012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.686036] ? __kthread_parkme+0x82/0x180 [ 13.686056] ? preempt_count_sub+0x50/0x80 [ 13.686080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.686101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.686125] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.686149] kthread+0x337/0x6f0 [ 13.686168] ? trace_preempt_on+0x20/0xc0 [ 13.686190] ? __pfx_kthread+0x10/0x10 [ 13.686209] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.686231] ? calculate_sigpending+0x7b/0xa0 [ 13.686255] ? __pfx_kthread+0x10/0x10 [ 13.686276] ret_from_fork+0x116/0x1d0 [ 13.686294] ? __pfx_kthread+0x10/0x10 [ 13.686314] ret_from_fork_asm+0x1a/0x30 [ 13.686343] </TASK> [ 13.686353] [ 13.695127] Allocated by task 278: [ 13.695259] kasan_save_stack+0x45/0x70 [ 13.695460] kasan_save_track+0x18/0x40 [ 13.695662] kasan_save_alloc_info+0x3b/0x50 [ 13.695874] __kasan_kmalloc+0xb7/0xc0 [ 13.696094] __kmalloc_cache_noprof+0x189/0x420 [ 13.696310] kasan_bitops_generic+0x92/0x1c0 [ 13.696495] kunit_try_run_case+0x1a5/0x480 [ 13.696696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.697159] kthread+0x337/0x6f0 [ 13.697326] ret_from_fork+0x116/0x1d0 [ 13.697486] ret_from_fork_asm+0x1a/0x30 [ 13.697702] [ 13.697775] The buggy address belongs to the object at ffff888102ae9140 [ 13.697775] which belongs to the cache kmalloc-16 of size 16 [ 13.698187] The buggy address is located 8 bytes inside of [ 13.698187] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.698543] [ 13.698618] The buggy address belongs to the physical page: [ 13.698916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.699558] flags: 0x200000000000000(node=0|zone=2) [ 13.699864] page_type: f5(slab) [ 13.699996] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.700229] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.700453] page dumped because: kasan: bad access detected [ 13.700624] [ 13.700787] Memory state around the buggy address: [ 13.701166] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.701492] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.702200] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.702525] ^ [ 13.702965] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.703239] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.703499] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop: Failure
Automatically assigned
[ 13.478549] ================================================================== [ 13.479104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.479368] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.479591] [ 13.479694] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.479738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.479750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.479771] Call Trace: [ 13.479783] <TASK> [ 13.479795] dump_stack_lvl+0x73/0xb0 [ 13.479818] print_report+0xd1/0x650 [ 13.479840] ? __virt_addr_valid+0x1db/0x2d0 [ 13.479862] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.479887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.479928] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.479999] kasan_report+0x141/0x180 [ 13.480023] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.480053] kasan_check_range+0x10c/0x1c0 [ 13.480076] __kasan_check_write+0x18/0x20 [ 13.480095] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.480120] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.480147] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.480171] ? trace_hardirqs_on+0x37/0xe0 [ 13.480191] ? kasan_bitops_generic+0x92/0x1c0 [ 13.480218] kasan_bitops_generic+0x116/0x1c0 [ 13.480271] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.480295] ? __pfx_read_tsc+0x10/0x10 [ 13.480316] ? ktime_get_ts64+0x86/0x230 [ 13.480338] kunit_try_run_case+0x1a5/0x480 [ 13.480360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.481107] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.481151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.481179] ? __kthread_parkme+0x82/0x180 [ 13.481199] ? preempt_count_sub+0x50/0x80 [ 13.481222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.481244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.481269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.481294] kthread+0x337/0x6f0 [ 13.481312] ? trace_preempt_on+0x20/0xc0 [ 13.481334] ? __pfx_kthread+0x10/0x10 [ 13.481354] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.481377] ? calculate_sigpending+0x7b/0xa0 [ 13.481400] ? __pfx_kthread+0x10/0x10 [ 13.481421] ret_from_fork+0x116/0x1d0 [ 13.481438] ? __pfx_kthread+0x10/0x10 [ 13.481459] ret_from_fork_asm+0x1a/0x30 [ 13.481488] </TASK> [ 13.481499] [ 13.494933] Allocated by task 278: [ 13.495178] kasan_save_stack+0x45/0x70 [ 13.495465] kasan_save_track+0x18/0x40 [ 13.495683] kasan_save_alloc_info+0x3b/0x50 [ 13.495928] __kasan_kmalloc+0xb7/0xc0 [ 13.496060] __kmalloc_cache_noprof+0x189/0x420 [ 13.496304] kasan_bitops_generic+0x92/0x1c0 [ 13.496605] kunit_try_run_case+0x1a5/0x480 [ 13.496884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.497163] kthread+0x337/0x6f0 [ 13.497550] ret_from_fork+0x116/0x1d0 [ 13.497932] ret_from_fork_asm+0x1a/0x30 [ 13.498149] [ 13.498246] The buggy address belongs to the object at ffff888102ae9140 [ 13.498246] which belongs to the cache kmalloc-16 of size 16 [ 13.498650] The buggy address is located 8 bytes inside of [ 13.498650] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.499364] [ 13.499473] The buggy address belongs to the physical page: [ 13.499717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.500051] flags: 0x200000000000000(node=0|zone=2) [ 13.500313] page_type: f5(slab) [ 13.500493] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.500960] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.501328] page dumped because: kasan: bad access detected [ 13.501503] [ 13.501598] Memory state around the buggy address: [ 13.501850] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.502303] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.502561] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.502966] ^ [ 13.503467] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.504070] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.504346] ================================================================== [ 13.600505] ================================================================== [ 13.600750] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.601374] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.601753] [ 13.601857] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.601909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.601920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.601940] Call Trace: [ 13.601985] <TASK> [ 13.601999] dump_stack_lvl+0x73/0xb0 [ 13.602026] print_report+0xd1/0x650 [ 13.602086] ? __virt_addr_valid+0x1db/0x2d0 [ 13.602111] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.602137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.602159] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.602185] kasan_report+0x141/0x180 [ 13.602217] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.602246] kasan_check_range+0x10c/0x1c0 [ 13.602280] __kasan_check_write+0x18/0x20 [ 13.602300] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.602325] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.602352] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.602376] ? trace_hardirqs_on+0x37/0xe0 [ 13.602396] ? kasan_bitops_generic+0x92/0x1c0 [ 13.602423] kasan_bitops_generic+0x116/0x1c0 [ 13.602447] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.602472] ? __pfx_read_tsc+0x10/0x10 [ 13.602502] ? ktime_get_ts64+0x86/0x230 [ 13.602525] kunit_try_run_case+0x1a5/0x480 [ 13.602546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.602574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.602600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.602624] ? __kthread_parkme+0x82/0x180 [ 13.602654] ? preempt_count_sub+0x50/0x80 [ 13.602686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.602706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.602730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.602764] kthread+0x337/0x6f0 [ 13.602783] ? trace_preempt_on+0x20/0xc0 [ 13.602804] ? __pfx_kthread+0x10/0x10 [ 13.602824] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.602846] ? calculate_sigpending+0x7b/0xa0 [ 13.602868] ? __pfx_kthread+0x10/0x10 [ 13.602889] ret_from_fork+0x116/0x1d0 [ 13.602916] ? __pfx_kthread+0x10/0x10 [ 13.602936] ret_from_fork_asm+0x1a/0x30 [ 13.602965] </TASK> [ 13.602976] [ 13.612139] Allocated by task 278: [ 13.612330] kasan_save_stack+0x45/0x70 [ 13.612528] kasan_save_track+0x18/0x40 [ 13.612739] kasan_save_alloc_info+0x3b/0x50 [ 13.612984] __kasan_kmalloc+0xb7/0xc0 [ 13.613207] __kmalloc_cache_noprof+0x189/0x420 [ 13.613412] kasan_bitops_generic+0x92/0x1c0 [ 13.613558] kunit_try_run_case+0x1a5/0x480 [ 13.613718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.614034] kthread+0x337/0x6f0 [ 13.614206] ret_from_fork+0x116/0x1d0 [ 13.614390] ret_from_fork_asm+0x1a/0x30 [ 13.614590] [ 13.614704] The buggy address belongs to the object at ffff888102ae9140 [ 13.614704] which belongs to the cache kmalloc-16 of size 16 [ 13.615196] The buggy address is located 8 bytes inside of [ 13.615196] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.615776] [ 13.615875] The buggy address belongs to the physical page: [ 13.616322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.616687] flags: 0x200000000000000(node=0|zone=2) [ 13.616852] page_type: f5(slab) [ 13.617081] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.617435] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.617789] page dumped because: kasan: bad access detected [ 13.618106] [ 13.618185] Memory state around the buggy address: [ 13.618402] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.618687] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.619112] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.619411] ^ [ 13.619702] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.620077] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.620396] ================================================================== [ 13.438698] ================================================================== [ 13.438955] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.439373] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.439911] [ 13.440125] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.440171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.440181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.440202] Call Trace: [ 13.440213] <TASK> [ 13.440225] dump_stack_lvl+0x73/0xb0 [ 13.440250] print_report+0xd1/0x650 [ 13.440272] ? __virt_addr_valid+0x1db/0x2d0 [ 13.440295] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440320] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.440342] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440367] kasan_report+0x141/0x180 [ 13.440389] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440419] kasan_check_range+0x10c/0x1c0 [ 13.440441] __kasan_check_write+0x18/0x20 [ 13.440460] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440486] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.440511] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.440535] ? trace_hardirqs_on+0x37/0xe0 [ 13.440556] ? kasan_bitops_generic+0x92/0x1c0 [ 13.440583] kasan_bitops_generic+0x116/0x1c0 [ 13.440606] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.440631] ? __pfx_read_tsc+0x10/0x10 [ 13.440651] ? ktime_get_ts64+0x86/0x230 [ 13.440674] kunit_try_run_case+0x1a5/0x480 [ 13.440695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.440715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.440739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.440763] ? __kthread_parkme+0x82/0x180 [ 13.440783] ? preempt_count_sub+0x50/0x80 [ 13.440806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.440827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.440851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.440875] kthread+0x337/0x6f0 [ 13.440918] ? trace_preempt_on+0x20/0xc0 [ 13.440940] ? __pfx_kthread+0x10/0x10 [ 13.440971] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.440993] ? calculate_sigpending+0x7b/0xa0 [ 13.441015] ? __pfx_kthread+0x10/0x10 [ 13.441036] ret_from_fork+0x116/0x1d0 [ 13.441058] ? __pfx_kthread+0x10/0x10 [ 13.441079] ret_from_fork_asm+0x1a/0x30 [ 13.441108] </TASK> [ 13.441117] [ 13.450036] Allocated by task 278: [ 13.450169] kasan_save_stack+0x45/0x70 [ 13.450312] kasan_save_track+0x18/0x40 [ 13.450448] kasan_save_alloc_info+0x3b/0x50 [ 13.450596] __kasan_kmalloc+0xb7/0xc0 [ 13.450785] __kmalloc_cache_noprof+0x189/0x420 [ 13.451022] kasan_bitops_generic+0x92/0x1c0 [ 13.451238] kunit_try_run_case+0x1a5/0x480 [ 13.451480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.451833] kthread+0x337/0x6f0 [ 13.452037] ret_from_fork+0x116/0x1d0 [ 13.452173] ret_from_fork_asm+0x1a/0x30 [ 13.452313] [ 13.452383] The buggy address belongs to the object at ffff888102ae9140 [ 13.452383] which belongs to the cache kmalloc-16 of size 16 [ 13.452965] The buggy address is located 8 bytes inside of [ 13.452965] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.453496] [ 13.453588] The buggy address belongs to the physical page: [ 13.454051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.454365] flags: 0x200000000000000(node=0|zone=2) [ 13.454548] page_type: f5(slab) [ 13.454681] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.455038] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.455503] page dumped because: kasan: bad access detected [ 13.455769] [ 13.455840] Memory state around the buggy address: [ 13.456010] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.456230] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.456443] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.456725] ^ [ 13.456988] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.457316] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.457822] ================================================================== [ 13.504818] ================================================================== [ 13.505305] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.505853] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.506198] [ 13.506336] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.506398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.506409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.506429] Call Trace: [ 13.506442] <TASK> [ 13.506456] dump_stack_lvl+0x73/0xb0 [ 13.506481] print_report+0xd1/0x650 [ 13.506502] ? __virt_addr_valid+0x1db/0x2d0 [ 13.506524] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.506568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.506590] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.506616] kasan_report+0x141/0x180 [ 13.506650] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.506680] kasan_check_range+0x10c/0x1c0 [ 13.506719] __kasan_check_write+0x18/0x20 [ 13.506739] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.506764] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.506804] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.506827] ? trace_hardirqs_on+0x37/0xe0 [ 13.506861] ? kasan_bitops_generic+0x92/0x1c0 [ 13.506926] kasan_bitops_generic+0x116/0x1c0 [ 13.506966] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.506992] ? __pfx_read_tsc+0x10/0x10 [ 13.507013] ? ktime_get_ts64+0x86/0x230 [ 13.507036] kunit_try_run_case+0x1a5/0x480 [ 13.507057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.507076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.507101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.507125] ? __kthread_parkme+0x82/0x180 [ 13.507145] ? preempt_count_sub+0x50/0x80 [ 13.507168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.507189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.507212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.507237] kthread+0x337/0x6f0 [ 13.507255] ? trace_preempt_on+0x20/0xc0 [ 13.507277] ? __pfx_kthread+0x10/0x10 [ 13.507297] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.507319] ? calculate_sigpending+0x7b/0xa0 [ 13.507342] ? __pfx_kthread+0x10/0x10 [ 13.507364] ret_from_fork+0x116/0x1d0 [ 13.507382] ? __pfx_kthread+0x10/0x10 [ 13.507467] ret_from_fork_asm+0x1a/0x30 [ 13.507499] </TASK> [ 13.507509] [ 13.517871] Allocated by task 278: [ 13.518071] kasan_save_stack+0x45/0x70 [ 13.518276] kasan_save_track+0x18/0x40 [ 13.518816] kasan_save_alloc_info+0x3b/0x50 [ 13.519359] __kasan_kmalloc+0xb7/0xc0 [ 13.519682] __kmalloc_cache_noprof+0x189/0x420 [ 13.520080] kasan_bitops_generic+0x92/0x1c0 [ 13.520238] kunit_try_run_case+0x1a5/0x480 [ 13.520383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.520559] kthread+0x337/0x6f0 [ 13.520886] ret_from_fork+0x116/0x1d0 [ 13.521470] ret_from_fork_asm+0x1a/0x30 [ 13.521909] [ 13.522185] The buggy address belongs to the object at ffff888102ae9140 [ 13.522185] which belongs to the cache kmalloc-16 of size 16 [ 13.523355] The buggy address is located 8 bytes inside of [ 13.523355] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.524332] [ 13.524411] The buggy address belongs to the physical page: [ 13.524584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.524833] flags: 0x200000000000000(node=0|zone=2) [ 13.525359] page_type: f5(slab) [ 13.525717] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.526844] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.527685] page dumped because: kasan: bad access detected [ 13.528336] [ 13.528629] Memory state around the buggy address: [ 13.529179] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.529871] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.530303] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.531054] ^ [ 13.531447] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.531683] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.531908] ================================================================== [ 13.458249] ================================================================== [ 13.458702] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.459240] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.459465] [ 13.459546] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.459586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.459597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.459617] Call Trace: [ 13.459630] <TASK> [ 13.459642] dump_stack_lvl+0x73/0xb0 [ 13.459665] print_report+0xd1/0x650 [ 13.459686] ? __virt_addr_valid+0x1db/0x2d0 [ 13.459710] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.459735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.459757] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.459782] kasan_report+0x141/0x180 [ 13.459804] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.459833] kasan_check_range+0x10c/0x1c0 [ 13.459856] __kasan_check_write+0x18/0x20 [ 13.459875] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.459913] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.459938] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.459963] ? trace_hardirqs_on+0x37/0xe0 [ 13.459983] ? kasan_bitops_generic+0x92/0x1c0 [ 13.460010] kasan_bitops_generic+0x116/0x1c0 [ 13.460033] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.460058] ? __pfx_read_tsc+0x10/0x10 [ 13.460078] ? ktime_get_ts64+0x86/0x230 [ 13.460102] kunit_try_run_case+0x1a5/0x480 [ 13.460123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460188] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.460214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.460238] ? __kthread_parkme+0x82/0x180 [ 13.460258] ? preempt_count_sub+0x50/0x80 [ 13.460281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.460327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.460351] kthread+0x337/0x6f0 [ 13.460370] ? trace_preempt_on+0x20/0xc0 [ 13.460391] ? __pfx_kthread+0x10/0x10 [ 13.460411] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.460434] ? calculate_sigpending+0x7b/0xa0 [ 13.460459] ? __pfx_kthread+0x10/0x10 [ 13.460480] ret_from_fork+0x116/0x1d0 [ 13.460498] ? __pfx_kthread+0x10/0x10 [ 13.460519] ret_from_fork_asm+0x1a/0x30 [ 13.460549] </TASK> [ 13.460558] [ 13.468772] Allocated by task 278: [ 13.469006] kasan_save_stack+0x45/0x70 [ 13.469216] kasan_save_track+0x18/0x40 [ 13.469407] kasan_save_alloc_info+0x3b/0x50 [ 13.469566] __kasan_kmalloc+0xb7/0xc0 [ 13.469818] __kmalloc_cache_noprof+0x189/0x420 [ 13.470136] kasan_bitops_generic+0x92/0x1c0 [ 13.470326] kunit_try_run_case+0x1a5/0x480 [ 13.470506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.470746] kthread+0x337/0x6f0 [ 13.470868] ret_from_fork+0x116/0x1d0 [ 13.471012] ret_from_fork_asm+0x1a/0x30 [ 13.471384] [ 13.471492] The buggy address belongs to the object at ffff888102ae9140 [ 13.471492] which belongs to the cache kmalloc-16 of size 16 [ 13.472080] The buggy address is located 8 bytes inside of [ 13.472080] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.472582] [ 13.472694] The buggy address belongs to the physical page: [ 13.472927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.473199] flags: 0x200000000000000(node=0|zone=2) [ 13.473363] page_type: f5(slab) [ 13.473484] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.473729] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.474073] page dumped because: kasan: bad access detected [ 13.474320] [ 13.474410] Memory state around the buggy address: [ 13.474590] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.475004] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.475219] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.477286] ^ [ 13.477475] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.477726] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.478061] ================================================================== [ 13.532780] ================================================================== [ 13.533581] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.534536] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.535122] [ 13.535215] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.535258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.535270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.535290] Call Trace: [ 13.535304] <TASK> [ 13.535318] dump_stack_lvl+0x73/0xb0 [ 13.535346] print_report+0xd1/0x650 [ 13.535367] ? __virt_addr_valid+0x1db/0x2d0 [ 13.535389] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.535414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.535437] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.535462] kasan_report+0x141/0x180 [ 13.535485] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.535516] kasan_check_range+0x10c/0x1c0 [ 13.535539] __kasan_check_write+0x18/0x20 [ 13.535559] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.535585] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.535612] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.535636] ? trace_hardirqs_on+0x37/0xe0 [ 13.535656] ? kasan_bitops_generic+0x92/0x1c0 [ 13.535683] kasan_bitops_generic+0x116/0x1c0 [ 13.535706] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.535731] ? __pfx_read_tsc+0x10/0x10 [ 13.535751] ? ktime_get_ts64+0x86/0x230 [ 13.535775] kunit_try_run_case+0x1a5/0x480 [ 13.535796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.535815] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.535839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.535863] ? __kthread_parkme+0x82/0x180 [ 13.535884] ? preempt_count_sub+0x50/0x80 [ 13.535920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.535951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.535976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.536001] kthread+0x337/0x6f0 [ 13.536020] ? trace_preempt_on+0x20/0xc0 [ 13.536041] ? __pfx_kthread+0x10/0x10 [ 13.536061] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.536083] ? calculate_sigpending+0x7b/0xa0 [ 13.536107] ? __pfx_kthread+0x10/0x10 [ 13.536128] ret_from_fork+0x116/0x1d0 [ 13.536146] ? __pfx_kthread+0x10/0x10 [ 13.536176] ret_from_fork_asm+0x1a/0x30 [ 13.536206] </TASK> [ 13.536216] [ 13.552839] Allocated by task 278: [ 13.553318] kasan_save_stack+0x45/0x70 [ 13.553539] kasan_save_track+0x18/0x40 [ 13.553735] kasan_save_alloc_info+0x3b/0x50 [ 13.554262] __kasan_kmalloc+0xb7/0xc0 [ 13.554694] __kmalloc_cache_noprof+0x189/0x420 [ 13.555163] kasan_bitops_generic+0x92/0x1c0 [ 13.555316] kunit_try_run_case+0x1a5/0x480 [ 13.555462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555646] kthread+0x337/0x6f0 [ 13.555976] ret_from_fork+0x116/0x1d0 [ 13.556348] ret_from_fork_asm+0x1a/0x30 [ 13.556867] [ 13.557056] The buggy address belongs to the object at ffff888102ae9140 [ 13.557056] which belongs to the cache kmalloc-16 of size 16 [ 13.558286] The buggy address is located 8 bytes inside of [ 13.558286] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.559374] [ 13.559452] The buggy address belongs to the physical page: [ 13.559624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.560497] flags: 0x200000000000000(node=0|zone=2) [ 13.561053] page_type: f5(slab) [ 13.561366] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.562107] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.562651] page dumped because: kasan: bad access detected [ 13.563130] [ 13.563316] Memory state around the buggy address: [ 13.563670] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.564293] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.564828] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.565274] ^ [ 13.565453] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565746] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.566428] ================================================================== [ 13.567339] ================================================================== [ 13.568257] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.569287] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.569625] [ 13.569813] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.569857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.569881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.569911] Call Trace: [ 13.569925] <TASK> [ 13.569939] dump_stack_lvl+0x73/0xb0 [ 13.569964] print_report+0xd1/0x650 [ 13.569986] ? __virt_addr_valid+0x1db/0x2d0 [ 13.570009] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.570034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.570100] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.570139] kasan_report+0x141/0x180 [ 13.570161] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.570191] kasan_check_range+0x10c/0x1c0 [ 13.570215] __kasan_check_write+0x18/0x20 [ 13.570234] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.570259] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.570286] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.570310] ? trace_hardirqs_on+0x37/0xe0 [ 13.570331] ? kasan_bitops_generic+0x92/0x1c0 [ 13.570358] kasan_bitops_generic+0x116/0x1c0 [ 13.570381] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.570406] ? __pfx_read_tsc+0x10/0x10 [ 13.570426] ? ktime_get_ts64+0x86/0x230 [ 13.570449] kunit_try_run_case+0x1a5/0x480 [ 13.570469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.570489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.570515] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.570539] ? __kthread_parkme+0x82/0x180 [ 13.570560] ? preempt_count_sub+0x50/0x80 [ 13.570583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.570605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.570637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.570662] kthread+0x337/0x6f0 [ 13.570681] ? trace_preempt_on+0x20/0xc0 [ 13.570702] ? __pfx_kthread+0x10/0x10 [ 13.570722] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.570744] ? calculate_sigpending+0x7b/0xa0 [ 13.570768] ? __pfx_kthread+0x10/0x10 [ 13.570788] ret_from_fork+0x116/0x1d0 [ 13.570806] ? __pfx_kthread+0x10/0x10 [ 13.570826] ret_from_fork_asm+0x1a/0x30 [ 13.570856] </TASK> [ 13.570866] [ 13.586883] Allocated by task 278: [ 13.587138] kasan_save_stack+0x45/0x70 [ 13.587549] kasan_save_track+0x18/0x40 [ 13.588020] kasan_save_alloc_info+0x3b/0x50 [ 13.588336] __kasan_kmalloc+0xb7/0xc0 [ 13.588474] __kmalloc_cache_noprof+0x189/0x420 [ 13.588637] kasan_bitops_generic+0x92/0x1c0 [ 13.589076] kunit_try_run_case+0x1a5/0x480 [ 13.589631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.590291] kthread+0x337/0x6f0 [ 13.590627] ret_from_fork+0x116/0x1d0 [ 13.591089] ret_from_fork_asm+0x1a/0x30 [ 13.591450] [ 13.591523] The buggy address belongs to the object at ffff888102ae9140 [ 13.591523] which belongs to the cache kmalloc-16 of size 16 [ 13.592537] The buggy address is located 8 bytes inside of [ 13.592537] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.593484] [ 13.593563] The buggy address belongs to the physical page: [ 13.593780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.594504] flags: 0x200000000000000(node=0|zone=2) [ 13.595059] page_type: f5(slab) [ 13.595184] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.595414] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.595646] page dumped because: kasan: bad access detected [ 13.596148] [ 13.596372] Memory state around the buggy address: [ 13.596813] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.597655] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.598405] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.599207] ^ [ 13.599697] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.599928] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.600143] ================================================================== [ 13.418198] ================================================================== [ 13.418647] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.419477] Write of size 8 at addr ffff888102ae9148 by task kunit_try_catch/278 [ 13.419907] [ 13.420130] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.420179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.420191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.420212] Call Trace: [ 13.420224] <TASK> [ 13.420238] dump_stack_lvl+0x73/0xb0 [ 13.420265] print_report+0xd1/0x650 [ 13.420288] ? __virt_addr_valid+0x1db/0x2d0 [ 13.420311] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.420335] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.420358] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.420384] kasan_report+0x141/0x180 [ 13.420406] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.420436] kasan_check_range+0x10c/0x1c0 [ 13.420460] __kasan_check_write+0x18/0x20 [ 13.420479] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.420504] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.420531] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.420556] ? trace_hardirqs_on+0x37/0xe0 [ 13.420578] ? kasan_bitops_generic+0x92/0x1c0 [ 13.420606] kasan_bitops_generic+0x116/0x1c0 [ 13.420640] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.420665] ? __pfx_read_tsc+0x10/0x10 [ 13.420687] ? ktime_get_ts64+0x86/0x230 [ 13.420711] kunit_try_run_case+0x1a5/0x480 [ 13.420731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.420752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.420776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.420801] ? __kthread_parkme+0x82/0x180 [ 13.420820] ? preempt_count_sub+0x50/0x80 [ 13.420844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.420865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.420889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.420927] kthread+0x337/0x6f0 [ 13.420992] ? trace_preempt_on+0x20/0xc0 [ 13.421015] ? __pfx_kthread+0x10/0x10 [ 13.421035] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.421064] ? calculate_sigpending+0x7b/0xa0 [ 13.421088] ? __pfx_kthread+0x10/0x10 [ 13.421109] ret_from_fork+0x116/0x1d0 [ 13.421127] ? __pfx_kthread+0x10/0x10 [ 13.421148] ret_from_fork_asm+0x1a/0x30 [ 13.421177] </TASK> [ 13.421188] [ 13.429912] Allocated by task 278: [ 13.430083] kasan_save_stack+0x45/0x70 [ 13.430232] kasan_save_track+0x18/0x40 [ 13.430429] kasan_save_alloc_info+0x3b/0x50 [ 13.430611] __kasan_kmalloc+0xb7/0xc0 [ 13.430852] __kmalloc_cache_noprof+0x189/0x420 [ 13.431105] kasan_bitops_generic+0x92/0x1c0 [ 13.431279] kunit_try_run_case+0x1a5/0x480 [ 13.431456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.431710] kthread+0x337/0x6f0 [ 13.431850] ret_from_fork+0x116/0x1d0 [ 13.432085] ret_from_fork_asm+0x1a/0x30 [ 13.432275] [ 13.432363] The buggy address belongs to the object at ffff888102ae9140 [ 13.432363] which belongs to the cache kmalloc-16 of size 16 [ 13.432755] The buggy address is located 8 bytes inside of [ 13.432755] allocated 9-byte region [ffff888102ae9140, ffff888102ae9149) [ 13.433124] [ 13.433196] The buggy address belongs to the physical page: [ 13.433443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 13.434322] flags: 0x200000000000000(node=0|zone=2) [ 13.434498] page_type: f5(slab) [ 13.434618] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.434849] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.435585] page dumped because: kasan: bad access detected [ 13.436041] [ 13.436119] Memory state around the buggy address: [ 13.436399] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 13.436726] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 13.437009] >ffff888102ae9100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 13.437261] ^ [ 13.437448] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.437763] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.438194] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
Automatically assigned
[ 13.371747] ================================================================== [ 13.371993] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.372329] Read of size 1 at addr ffff88810278df50 by task kunit_try_catch/276 [ 13.372612] [ 13.372733] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.372776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.372787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.372807] Call Trace: [ 13.372820] <TASK> [ 13.372836] dump_stack_lvl+0x73/0xb0 [ 13.372859] print_report+0xd1/0x650 [ 13.372881] ? __virt_addr_valid+0x1db/0x2d0 [ 13.372917] ? strlen+0x8f/0xb0 [ 13.372936] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.373029] ? strlen+0x8f/0xb0 [ 13.373054] kasan_report+0x141/0x180 [ 13.373077] ? strlen+0x8f/0xb0 [ 13.373099] __asan_report_load1_noabort+0x18/0x20 [ 13.373123] strlen+0x8f/0xb0 [ 13.373142] kasan_strings+0x57b/0xe80 [ 13.373162] ? trace_hardirqs_on+0x37/0xe0 [ 13.373184] ? __pfx_kasan_strings+0x10/0x10 [ 13.373204] ? finish_task_switch.isra.0+0x153/0x700 [ 13.373225] ? __switch_to+0x47/0xf50 [ 13.373249] ? __schedule+0x10cc/0x2b60 [ 13.373272] ? __pfx_read_tsc+0x10/0x10 [ 13.373292] ? ktime_get_ts64+0x86/0x230 [ 13.373316] kunit_try_run_case+0x1a5/0x480 [ 13.373336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.373356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.373379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.373403] ? __kthread_parkme+0x82/0x180 [ 13.373423] ? preempt_count_sub+0x50/0x80 [ 13.373445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.373466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.373490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.373515] kthread+0x337/0x6f0 [ 13.373533] ? trace_preempt_on+0x20/0xc0 [ 13.373555] ? __pfx_kthread+0x10/0x10 [ 13.373576] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.373598] ? calculate_sigpending+0x7b/0xa0 [ 13.373621] ? __pfx_kthread+0x10/0x10 [ 13.373642] ret_from_fork+0x116/0x1d0 [ 13.373660] ? __pfx_kthread+0x10/0x10 [ 13.373680] ret_from_fork_asm+0x1a/0x30 [ 13.373710] </TASK> [ 13.373719] [ 13.381837] Allocated by task 276: [ 13.382106] kasan_save_stack+0x45/0x70 [ 13.382319] kasan_save_track+0x18/0x40 [ 13.382513] kasan_save_alloc_info+0x3b/0x50 [ 13.382720] __kasan_kmalloc+0xb7/0xc0 [ 13.382854] __kmalloc_cache_noprof+0x189/0x420 [ 13.383024] kasan_strings+0xc0/0xe80 [ 13.383323] kunit_try_run_case+0x1a5/0x480 [ 13.383547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.383858] kthread+0x337/0x6f0 [ 13.384110] ret_from_fork+0x116/0x1d0 [ 13.384276] ret_from_fork_asm+0x1a/0x30 [ 13.384461] [ 13.384532] Freed by task 276: [ 13.384709] kasan_save_stack+0x45/0x70 [ 13.384908] kasan_save_track+0x18/0x40 [ 13.385060] kasan_save_free_info+0x3f/0x60 [ 13.385336] __kasan_slab_free+0x56/0x70 [ 13.385513] kfree+0x222/0x3f0 [ 13.385637] kasan_strings+0x2aa/0xe80 [ 13.385828] kunit_try_run_case+0x1a5/0x480 [ 13.386006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.386181] kthread+0x337/0x6f0 [ 13.386300] ret_from_fork+0x116/0x1d0 [ 13.386430] ret_from_fork_asm+0x1a/0x30 [ 13.386567] [ 13.386635] The buggy address belongs to the object at ffff88810278df40 [ 13.386635] which belongs to the cache kmalloc-32 of size 32 [ 13.387405] The buggy address is located 16 bytes inside of [ 13.387405] freed 32-byte region [ffff88810278df40, ffff88810278df60) [ 13.387927] [ 13.388214] The buggy address belongs to the physical page: [ 13.388439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10278d [ 13.388851] flags: 0x200000000000000(node=0|zone=2) [ 13.389163] page_type: f5(slab) [ 13.389316] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.389599] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.389824] page dumped because: kasan: bad access detected [ 13.390206] [ 13.390303] Memory state around the buggy address: [ 13.390533] ffff88810278de00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.390986] ffff88810278de80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.391308] >ffff88810278df00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.391566] ^ [ 13.391818] ffff88810278df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.392046] ffff88810278e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.392524] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
Automatically assigned
[ 13.341720] ================================================================== [ 13.342144] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.342453] Read of size 1 at addr ffff88810278df50 by task kunit_try_catch/276 [ 13.342748] [ 13.342831] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.342872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.342883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.342914] Call Trace: [ 13.342927] <TASK> [ 13.342939] dump_stack_lvl+0x73/0xb0 [ 13.342961] print_report+0xd1/0x650 [ 13.342985] ? __virt_addr_valid+0x1db/0x2d0 [ 13.343008] ? kasan_strings+0xcbc/0xe80 [ 13.343027] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.343050] ? kasan_strings+0xcbc/0xe80 [ 13.343071] kasan_report+0x141/0x180 [ 13.343093] ? kasan_strings+0xcbc/0xe80 [ 13.343118] __asan_report_load1_noabort+0x18/0x20 [ 13.343143] kasan_strings+0xcbc/0xe80 [ 13.343162] ? trace_hardirqs_on+0x37/0xe0 [ 13.343184] ? __pfx_kasan_strings+0x10/0x10 [ 13.343206] ? finish_task_switch.isra.0+0x153/0x700 [ 13.343227] ? __switch_to+0x47/0xf50 [ 13.343252] ? __schedule+0x10cc/0x2b60 [ 13.343275] ? __pfx_read_tsc+0x10/0x10 [ 13.343295] ? ktime_get_ts64+0x86/0x230 [ 13.343317] kunit_try_run_case+0x1a5/0x480 [ 13.343338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.343358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.343382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.343406] ? __kthread_parkme+0x82/0x180 [ 13.343426] ? preempt_count_sub+0x50/0x80 [ 13.343449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.343470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.343494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.343518] kthread+0x337/0x6f0 [ 13.343537] ? trace_preempt_on+0x20/0xc0 [ 13.343559] ? __pfx_kthread+0x10/0x10 [ 13.343578] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.343600] ? calculate_sigpending+0x7b/0xa0 [ 13.343624] ? __pfx_kthread+0x10/0x10 [ 13.343799] ret_from_fork+0x116/0x1d0 [ 13.343821] ? __pfx_kthread+0x10/0x10 [ 13.343841] ret_from_fork_asm+0x1a/0x30 [ 13.343872] </TASK> [ 13.343910] [ 13.353036] Allocated by task 276: [ 13.353238] kasan_save_stack+0x45/0x70 [ 13.353431] kasan_save_track+0x18/0x40 [ 13.353600] kasan_save_alloc_info+0x3b/0x50 [ 13.354602] __kasan_kmalloc+0xb7/0xc0 [ 13.354759] __kmalloc_cache_noprof+0x189/0x420 [ 13.354928] kasan_strings+0xc0/0xe80 [ 13.355652] kunit_try_run_case+0x1a5/0x480 [ 13.355948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.356216] kthread+0x337/0x6f0 [ 13.356378] ret_from_fork+0x116/0x1d0 [ 13.356548] ret_from_fork_asm+0x1a/0x30 [ 13.357251] [ 13.357431] Freed by task 276: [ 13.357744] kasan_save_stack+0x45/0x70 [ 13.358150] kasan_save_track+0x18/0x40 [ 13.358338] kasan_save_free_info+0x3f/0x60 [ 13.358534] __kasan_slab_free+0x56/0x70 [ 13.359288] kfree+0x222/0x3f0 [ 13.359488] kasan_strings+0x2aa/0xe80 [ 13.359984] kunit_try_run_case+0x1a5/0x480 [ 13.360364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.360760] kthread+0x337/0x6f0 [ 13.360938] ret_from_fork+0x116/0x1d0 [ 13.361363] ret_from_fork_asm+0x1a/0x30 [ 13.361561] [ 13.361834] The buggy address belongs to the object at ffff88810278df40 [ 13.361834] which belongs to the cache kmalloc-32 of size 32 [ 13.362829] The buggy address is located 16 bytes inside of [ 13.362829] freed 32-byte region [ffff88810278df40, ffff88810278df60) [ 13.364080] [ 13.364199] The buggy address belongs to the physical page: [ 13.364430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10278d [ 13.365255] flags: 0x200000000000000(node=0|zone=2) [ 13.365569] page_type: f5(slab) [ 13.365843] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.366234] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.366543] page dumped because: kasan: bad access detected [ 13.367401] [ 13.367530] Memory state around the buggy address: [ 13.368049] ffff88810278de00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.368558] ffff88810278de80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.369150] >ffff88810278df00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.369451] ^ [ 13.369960] ffff88810278df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.370667] ffff88810278e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.371331] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
Automatically assigned
[ 13.318882] ================================================================== [ 13.319941] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.320424] Read of size 1 at addr ffff88810278df50 by task kunit_try_catch/276 [ 13.320775] [ 13.320873] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.320935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.320947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.320969] Call Trace: [ 13.320979] <TASK> [ 13.320995] dump_stack_lvl+0x73/0xb0 [ 13.321020] print_report+0xd1/0x650 [ 13.321105] ? __virt_addr_valid+0x1db/0x2d0 [ 13.321132] ? strcmp+0xb0/0xc0 [ 13.321150] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.321174] ? strcmp+0xb0/0xc0 [ 13.321193] kasan_report+0x141/0x180 [ 13.321215] ? strcmp+0xb0/0xc0 [ 13.321237] __asan_report_load1_noabort+0x18/0x20 [ 13.321262] strcmp+0xb0/0xc0 [ 13.321281] kasan_strings+0x431/0xe80 [ 13.321300] ? trace_hardirqs_on+0x37/0xe0 [ 13.321324] ? __pfx_kasan_strings+0x10/0x10 [ 13.321344] ? finish_task_switch.isra.0+0x153/0x700 [ 13.321366] ? __switch_to+0x47/0xf50 [ 13.321392] ? __schedule+0x10cc/0x2b60 [ 13.321415] ? __pfx_read_tsc+0x10/0x10 [ 13.321436] ? ktime_get_ts64+0x86/0x230 [ 13.321460] kunit_try_run_case+0x1a5/0x480 [ 13.321482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.321501] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.321526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.321550] ? __kthread_parkme+0x82/0x180 [ 13.321570] ? preempt_count_sub+0x50/0x80 [ 13.321592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.321614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.321638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.321663] kthread+0x337/0x6f0 [ 13.321682] ? trace_preempt_on+0x20/0xc0 [ 13.321712] ? __pfx_kthread+0x10/0x10 [ 13.321731] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.321754] ? calculate_sigpending+0x7b/0xa0 [ 13.321777] ? __pfx_kthread+0x10/0x10 [ 13.321798] ret_from_fork+0x116/0x1d0 [ 13.321816] ? __pfx_kthread+0x10/0x10 [ 13.321836] ret_from_fork_asm+0x1a/0x30 [ 13.321866] </TASK> [ 13.321877] [ 13.329912] Allocated by task 276: [ 13.330134] kasan_save_stack+0x45/0x70 [ 13.330342] kasan_save_track+0x18/0x40 [ 13.330515] kasan_save_alloc_info+0x3b/0x50 [ 13.330682] __kasan_kmalloc+0xb7/0xc0 [ 13.330880] __kmalloc_cache_noprof+0x189/0x420 [ 13.331303] kasan_strings+0xc0/0xe80 [ 13.331479] kunit_try_run_case+0x1a5/0x480 [ 13.331689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.331873] kthread+0x337/0x6f0 [ 13.332166] ret_from_fork+0x116/0x1d0 [ 13.332354] ret_from_fork_asm+0x1a/0x30 [ 13.332680] [ 13.332764] Freed by task 276: [ 13.332875] kasan_save_stack+0x45/0x70 [ 13.333192] kasan_save_track+0x18/0x40 [ 13.333437] kasan_save_free_info+0x3f/0x60 [ 13.333617] __kasan_slab_free+0x56/0x70 [ 13.333788] kfree+0x222/0x3f0 [ 13.333968] kasan_strings+0x2aa/0xe80 [ 13.334122] kunit_try_run_case+0x1a5/0x480 [ 13.334330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.334532] kthread+0x337/0x6f0 [ 13.334650] ret_from_fork+0x116/0x1d0 [ 13.334782] ret_from_fork_asm+0x1a/0x30 [ 13.334928] [ 13.334998] The buggy address belongs to the object at ffff88810278df40 [ 13.334998] which belongs to the cache kmalloc-32 of size 32 [ 13.335449] The buggy address is located 16 bytes inside of [ 13.335449] freed 32-byte region [ffff88810278df40, ffff88810278df60) [ 13.336513] [ 13.336589] The buggy address belongs to the physical page: [ 13.336760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10278d [ 13.337014] flags: 0x200000000000000(node=0|zone=2) [ 13.337180] page_type: f5(slab) [ 13.337395] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.337907] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.338323] page dumped because: kasan: bad access detected [ 13.338575] [ 13.338707] Memory state around the buggy address: [ 13.339158] ffff88810278de00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.339403] ffff88810278de80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.339777] >ffff88810278df00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.340004] ^ [ 13.340522] ffff88810278df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.340871] ffff88810278e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.341242] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
Automatically assigned
[ 13.287542] ================================================================== [ 13.288655] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.288863] Read of size 1 at addr ffff888102b45d18 by task kunit_try_catch/274 [ 13.289096] [ 13.289182] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.289226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.289237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.289258] Call Trace: [ 13.289269] <TASK> [ 13.289284] dump_stack_lvl+0x73/0xb0 [ 13.289309] print_report+0xd1/0x650 [ 13.289331] ? __virt_addr_valid+0x1db/0x2d0 [ 13.289354] ? memcmp+0x1b4/0x1d0 [ 13.289372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.289395] ? memcmp+0x1b4/0x1d0 [ 13.289413] kasan_report+0x141/0x180 [ 13.289435] ? memcmp+0x1b4/0x1d0 [ 13.289458] __asan_report_load1_noabort+0x18/0x20 [ 13.289483] memcmp+0x1b4/0x1d0 [ 13.289503] kasan_memcmp+0x18f/0x390 [ 13.289523] ? trace_hardirqs_on+0x37/0xe0 [ 13.289545] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.289564] ? finish_task_switch.isra.0+0x153/0x700 [ 13.289586] ? __switch_to+0x47/0xf50 [ 13.289614] ? __pfx_read_tsc+0x10/0x10 [ 13.289634] ? ktime_get_ts64+0x86/0x230 [ 13.289658] kunit_try_run_case+0x1a5/0x480 [ 13.289679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.289723] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.289747] ? __kthread_parkme+0x82/0x180 [ 13.289767] ? preempt_count_sub+0x50/0x80 [ 13.289789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.289809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.289833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.289857] kthread+0x337/0x6f0 [ 13.289876] ? trace_preempt_on+0x20/0xc0 [ 13.289907] ? __pfx_kthread+0x10/0x10 [ 13.290659] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.290690] ? calculate_sigpending+0x7b/0xa0 [ 13.290717] ? __pfx_kthread+0x10/0x10 [ 13.290740] ret_from_fork+0x116/0x1d0 [ 13.290759] ? __pfx_kthread+0x10/0x10 [ 13.290778] ret_from_fork_asm+0x1a/0x30 [ 13.290808] </TASK> [ 13.290820] [ 13.300687] Allocated by task 274: [ 13.300872] kasan_save_stack+0x45/0x70 [ 13.301286] kasan_save_track+0x18/0x40 [ 13.301579] kasan_save_alloc_info+0x3b/0x50 [ 13.301910] __kasan_kmalloc+0xb7/0xc0 [ 13.302231] __kmalloc_cache_noprof+0x189/0x420 [ 13.302446] kasan_memcmp+0xb7/0x390 [ 13.302607] kunit_try_run_case+0x1a5/0x480 [ 13.303101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.303531] kthread+0x337/0x6f0 [ 13.303858] ret_from_fork+0x116/0x1d0 [ 13.304193] ret_from_fork_asm+0x1a/0x30 [ 13.304391] [ 13.304485] The buggy address belongs to the object at ffff888102b45d00 [ 13.304485] which belongs to the cache kmalloc-32 of size 32 [ 13.305589] The buggy address is located 0 bytes to the right of [ 13.305589] allocated 24-byte region [ffff888102b45d00, ffff888102b45d18) [ 13.306372] [ 13.306473] The buggy address belongs to the physical page: [ 13.306856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b45 [ 13.307406] flags: 0x200000000000000(node=0|zone=2) [ 13.307759] page_type: f5(slab) [ 13.307939] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.308254] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.308553] page dumped because: kasan: bad access detected [ 13.309109] [ 13.309205] Memory state around the buggy address: [ 13.309645] ffff888102b45c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.310150] ffff888102b45c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.310447] >ffff888102b45d00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311149] ^ [ 13.311372] ffff888102b45d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311702] ffff888102b45e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.312171] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
Automatically assigned
[ 13.257669] ================================================================== [ 13.258341] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.258673] Read of size 1 at addr ffff888103b4fc4a by task kunit_try_catch/270 [ 13.259147] [ 13.259356] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.259405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.259418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.259440] Call Trace: [ 13.259453] <TASK> [ 13.259467] dump_stack_lvl+0x73/0xb0 [ 13.259595] print_report+0xd1/0x650 [ 13.259621] ? __virt_addr_valid+0x1db/0x2d0 [ 13.259657] ? kasan_alloca_oob_right+0x329/0x390 [ 13.259679] ? kasan_addr_to_slab+0x11/0xa0 [ 13.259700] ? kasan_alloca_oob_right+0x329/0x390 [ 13.259723] kasan_report+0x141/0x180 [ 13.259744] ? kasan_alloca_oob_right+0x329/0x390 [ 13.259771] __asan_report_load1_noabort+0x18/0x20 [ 13.259796] kasan_alloca_oob_right+0x329/0x390 [ 13.259820] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.259842] ? finish_task_switch.isra.0+0x153/0x700 [ 13.259864] ? __ww_mutex_lock.constprop.0+0xc5e/0x1e90 [ 13.259890] ? trace_hardirqs_on+0x37/0xe0 [ 13.259925] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.259959] ? __schedule+0x10cc/0x2b60 [ 13.259982] ? __pfx_read_tsc+0x10/0x10 [ 13.260002] ? ktime_get_ts64+0x86/0x230 [ 13.260025] kunit_try_run_case+0x1a5/0x480 [ 13.260047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.260066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.260090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.260114] ? __kthread_parkme+0x82/0x180 [ 13.260134] ? preempt_count_sub+0x50/0x80 [ 13.260156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.260177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.260202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.260227] kthread+0x337/0x6f0 [ 13.260246] ? trace_preempt_on+0x20/0xc0 [ 13.260268] ? __pfx_kthread+0x10/0x10 [ 13.260289] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.260313] ? calculate_sigpending+0x7b/0xa0 [ 13.260338] ? __pfx_kthread+0x10/0x10 [ 13.260359] ret_from_fork+0x116/0x1d0 [ 13.260377] ? __pfx_kthread+0x10/0x10 [ 13.260397] ret_from_fork_asm+0x1a/0x30 [ 13.260428] </TASK> [ 13.260439] [ 13.271477] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.272139] [ 13.272234] The buggy address belongs to the physical page: [ 13.272440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b4f [ 13.273058] flags: 0x200000000000000(node=0|zone=2) [ 13.273290] raw: 0200000000000000 ffffea00040ed3c8 ffffea00040ed3c8 0000000000000000 [ 13.273816] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.274452] page dumped because: kasan: bad access detected [ 13.274648] [ 13.274795] Memory state around the buggy address: [ 13.275239] ffff888103b4fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.275533] ffff888103b4fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.275885] >ffff888103b4fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.276471] ^ [ 13.276753] ffff888103b4fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.277313] ffff888103b4fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.277729] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
Automatically assigned
[ 13.235988] ================================================================== [ 13.236416] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.236766] Read of size 1 at addr ffff888102d37c3f by task kunit_try_catch/268 [ 13.237066] [ 13.237178] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.237221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.237233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.237254] Call Trace: [ 13.237265] <TASK> [ 13.237278] dump_stack_lvl+0x73/0xb0 [ 13.237302] print_report+0xd1/0x650 [ 13.237324] ? __virt_addr_valid+0x1db/0x2d0 [ 13.237368] ? kasan_alloca_oob_left+0x320/0x380 [ 13.237390] ? kasan_addr_to_slab+0x11/0xa0 [ 13.237411] ? kasan_alloca_oob_left+0x320/0x380 [ 13.237435] kasan_report+0x141/0x180 [ 13.237457] ? kasan_alloca_oob_left+0x320/0x380 [ 13.237483] __asan_report_load1_noabort+0x18/0x20 [ 13.237507] kasan_alloca_oob_left+0x320/0x380 [ 13.237531] ? finish_task_switch.isra.0+0x153/0x700 [ 13.237554] ? __ww_mutex_lock.constprop.0+0xc5e/0x1e90 [ 13.237581] ? trace_hardirqs_on+0x37/0xe0 [ 13.237603] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.237628] ? __schedule+0x10cc/0x2b60 [ 13.237651] ? __pfx_read_tsc+0x10/0x10 [ 13.237671] ? ktime_get_ts64+0x86/0x230 [ 13.237694] kunit_try_run_case+0x1a5/0x480 [ 13.237715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.237734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.237758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.237782] ? __kthread_parkme+0x82/0x180 [ 13.237813] ? preempt_count_sub+0x50/0x80 [ 13.237835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.237856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.237879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.237914] kthread+0x337/0x6f0 [ 13.237933] ? trace_preempt_on+0x20/0xc0 [ 13.237966] ? __pfx_kthread+0x10/0x10 [ 13.237986] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.238009] ? calculate_sigpending+0x7b/0xa0 [ 13.238032] ? __pfx_kthread+0x10/0x10 [ 13.238053] ret_from_fork+0x116/0x1d0 [ 13.238071] ? __pfx_kthread+0x10/0x10 [ 13.238091] ret_from_fork_asm+0x1a/0x30 [ 13.238121] </TASK> [ 13.238131] [ 13.249237] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.249693] [ 13.249883] The buggy address belongs to the physical page: [ 13.250191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d37 [ 13.250532] flags: 0x200000000000000(node=0|zone=2) [ 13.250806] raw: 0200000000000000 0000000000000000 ffffea00040b4dc8 0000000000000000 [ 13.251362] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.251773] page dumped because: kasan: bad access detected [ 13.252141] [ 13.252228] Memory state around the buggy address: [ 13.252437] ffff888102d37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.252931] ffff888102d37b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.253397] >ffff888102d37c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.253935] ^ [ 13.254323] ffff888102d37c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.254733] ffff888102d37d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.255127] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
Automatically assigned
[ 13.213785] ================================================================== [ 13.214404] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.214630] Read of size 1 at addr ffff888103a87d02 by task kunit_try_catch/266 [ 13.214852] [ 13.214968] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.215014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.215026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.215048] Call Trace: [ 13.215059] <TASK> [ 13.215074] dump_stack_lvl+0x73/0xb0 [ 13.215100] print_report+0xd1/0x650 [ 13.215122] ? __virt_addr_valid+0x1db/0x2d0 [ 13.215146] ? kasan_stack_oob+0x2b5/0x300 [ 13.215165] ? kasan_addr_to_slab+0x11/0xa0 [ 13.215185] ? kasan_stack_oob+0x2b5/0x300 [ 13.215206] kasan_report+0x141/0x180 [ 13.215228] ? kasan_stack_oob+0x2b5/0x300 [ 13.215252] __asan_report_load1_noabort+0x18/0x20 [ 13.215276] kasan_stack_oob+0x2b5/0x300 [ 13.215297] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.215317] ? finish_task_switch.isra.0+0x153/0x700 [ 13.215340] ? __switch_to+0x47/0xf50 [ 13.215366] ? __schedule+0x10cc/0x2b60 [ 13.215389] ? __pfx_read_tsc+0x10/0x10 [ 13.215410] ? ktime_get_ts64+0x86/0x230 [ 13.215434] kunit_try_run_case+0x1a5/0x480 [ 13.215456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.215500] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.215525] ? __kthread_parkme+0x82/0x180 [ 13.215544] ? preempt_count_sub+0x50/0x80 [ 13.215567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.215587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.215612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.215942] kthread+0x337/0x6f0 [ 13.215970] ? trace_preempt_on+0x20/0xc0 [ 13.215993] ? __pfx_kthread+0x10/0x10 [ 13.216014] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.216037] ? calculate_sigpending+0x7b/0xa0 [ 13.216061] ? __pfx_kthread+0x10/0x10 [ 13.216082] ret_from_fork+0x116/0x1d0 [ 13.216100] ? __pfx_kthread+0x10/0x10 [ 13.216120] ret_from_fork_asm+0x1a/0x30 [ 13.216150] </TASK> [ 13.216161] [ 13.225384] The buggy address belongs to stack of task kunit_try_catch/266 [ 13.225771] and is located at offset 138 in frame: [ 13.226087] kasan_stack_oob+0x0/0x300 [ 13.226376] [ 13.226471] This frame has 4 objects: [ 13.226714] [48, 49) '__assertion' [ 13.226737] [64, 72) 'array' [ 13.226921] [96, 112) '__assertion' [ 13.227092] [128, 138) 'stack_array' [ 13.227252] [ 13.227493] The buggy address belongs to the physical page: [ 13.227816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a87 [ 13.228078] flags: 0x200000000000000(node=0|zone=2) [ 13.228253] raw: 0200000000000000 ffffea00040ea1c8 ffffea00040ea1c8 0000000000000000 [ 13.228484] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.228813] page dumped because: kasan: bad access detected [ 13.229226] [ 13.229318] Memory state around the buggy address: [ 13.229538] ffff888103a87c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.230072] ffff888103a87c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.230369] >ffff888103a87d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.230604] ^ [ 13.230941] ffff888103a87d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.231342] ffff888103a87e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.231747] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
Automatically assigned
[ 13.193913] ================================================================== [ 13.194720] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.195125] Read of size 1 at addr ffffffffbae78e4d by task kunit_try_catch/262 [ 13.195438] [ 13.195565] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.195608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.195620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.195640] Call Trace: [ 13.195653] <TASK> [ 13.195667] dump_stack_lvl+0x73/0xb0 [ 13.195694] print_report+0xd1/0x650 [ 13.195716] ? __virt_addr_valid+0x1db/0x2d0 [ 13.195740] ? kasan_global_oob_right+0x286/0x2d0 [ 13.195762] ? kasan_addr_to_slab+0x11/0xa0 [ 13.195783] ? kasan_global_oob_right+0x286/0x2d0 [ 13.195806] kasan_report+0x141/0x180 [ 13.195827] ? kasan_global_oob_right+0x286/0x2d0 [ 13.195854] __asan_report_load1_noabort+0x18/0x20 [ 13.195878] kasan_global_oob_right+0x286/0x2d0 [ 13.195914] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.195940] ? __schedule+0x10cc/0x2b60 [ 13.195964] ? __pfx_read_tsc+0x10/0x10 [ 13.195985] ? ktime_get_ts64+0x86/0x230 [ 13.196010] kunit_try_run_case+0x1a5/0x480 [ 13.196033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.196052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.196077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.196101] ? __kthread_parkme+0x82/0x180 [ 13.196122] ? preempt_count_sub+0x50/0x80 [ 13.196145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.196167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.196192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.196217] kthread+0x337/0x6f0 [ 13.196236] ? trace_preempt_on+0x20/0xc0 [ 13.196259] ? __pfx_kthread+0x10/0x10 [ 13.196279] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.196301] ? calculate_sigpending+0x7b/0xa0 [ 13.196325] ? __pfx_kthread+0x10/0x10 [ 13.196347] ret_from_fork+0x116/0x1d0 [ 13.196365] ? __pfx_kthread+0x10/0x10 [ 13.196386] ret_from_fork_asm+0x1a/0x30 [ 13.196416] </TASK> [ 13.196426] [ 13.204238] The buggy address belongs to the variable: [ 13.204494] global_array+0xd/0x40 [ 13.204751] [ 13.204846] The buggy address belongs to the physical page: [ 13.205255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x149678 [ 13.205557] flags: 0x200000000002000(reserved|node=0|zone=2) [ 13.205750] raw: 0200000000002000 ffffea0005259e08 ffffea0005259e08 0000000000000000 [ 13.205997] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.206434] page dumped because: kasan: bad access detected [ 13.206685] [ 13.206780] Memory state around the buggy address: [ 13.207001] ffffffffbae78d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.207327] ffffffffbae78d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.207565] >ffffffffbae78e00: 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 [ 13.207980] ^ [ 13.208188] ffffffffbae78e80: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 13.208404] ffffffffbae78f00: 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 13.208762] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper: Failure
Automatically assigned
[ 13.142432] ================================================================== [ 13.142951] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.143408] Free of addr ffff888102793201 by task kunit_try_catch/258 [ 13.143692] [ 13.143794] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.143837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.143848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.143868] Call Trace: [ 13.143879] <TASK> [ 13.143905] dump_stack_lvl+0x73/0xb0 [ 13.143930] print_report+0xd1/0x650 [ 13.143952] ? __virt_addr_valid+0x1db/0x2d0 [ 13.143977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.143999] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144024] kasan_report_invalid_free+0x10a/0x130 [ 13.144132] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144160] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144185] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144211] check_slab_allocation+0x11f/0x130 [ 13.144233] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.144257] mempool_free+0x2ec/0x380 [ 13.144278] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.144304] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.144328] ? update_load_avg+0x1be/0x21b0 [ 13.144351] ? dequeue_entities+0x27e/0x1740 [ 13.144376] ? finish_task_switch.isra.0+0x153/0x700 [ 13.144402] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.144425] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.144452] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.144470] ? __pfx_mempool_kfree+0x10/0x10 [ 13.144491] ? __pfx_read_tsc+0x10/0x10 [ 13.144512] ? ktime_get_ts64+0x86/0x230 [ 13.144534] kunit_try_run_case+0x1a5/0x480 [ 13.144554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.144574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.144600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.144624] ? __kthread_parkme+0x82/0x180 [ 13.144644] ? preempt_count_sub+0x50/0x80 [ 13.144680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.144700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.144724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.144749] kthread+0x337/0x6f0 [ 13.144768] ? trace_preempt_on+0x20/0xc0 [ 13.144791] ? __pfx_kthread+0x10/0x10 [ 13.144812] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.144835] ? calculate_sigpending+0x7b/0xa0 [ 13.144858] ? __pfx_kthread+0x10/0x10 [ 13.144880] ret_from_fork+0x116/0x1d0 [ 13.144909] ? __pfx_kthread+0x10/0x10 [ 13.144930] ret_from_fork_asm+0x1a/0x30 [ 13.144975] </TASK> [ 13.144986] [ 13.160755] Allocated by task 258: [ 13.161048] kasan_save_stack+0x45/0x70 [ 13.161202] kasan_save_track+0x18/0x40 [ 13.161337] kasan_save_alloc_info+0x3b/0x50 [ 13.161487] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.161674] remove_element+0x11e/0x190 [ 13.161845] mempool_alloc_preallocated+0x4d/0x90 [ 13.162272] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.162483] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.162726] kunit_try_run_case+0x1a5/0x480 [ 13.162870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.163373] kthread+0x337/0x6f0 [ 13.163545] ret_from_fork+0x116/0x1d0 [ 13.163759] ret_from_fork_asm+0x1a/0x30 [ 13.163925] [ 13.164000] The buggy address belongs to the object at ffff888102793200 [ 13.164000] which belongs to the cache kmalloc-128 of size 128 [ 13.164522] The buggy address is located 1 bytes inside of [ 13.164522] 128-byte region [ffff888102793200, ffff888102793280) [ 13.165230] [ 13.165307] The buggy address belongs to the physical page: [ 13.165553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102793 [ 13.165923] flags: 0x200000000000000(node=0|zone=2) [ 13.166086] page_type: f5(slab) [ 13.166395] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.166746] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.167167] page dumped because: kasan: bad access detected [ 13.167415] [ 13.167507] Memory state around the buggy address: [ 13.167668] ffff888102793100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.167991] ffff888102793180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.168303] >ffff888102793200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.168522] ^ [ 13.168746] ffff888102793280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.169374] ffff888102793300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.169638] ================================================================== [ 13.173582] ================================================================== [ 13.174120] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.174567] Free of addr ffff888102c48001 by task kunit_try_catch/260 [ 13.174910] [ 13.175012] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.175114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.175128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.175149] Call Trace: [ 13.175163] <TASK> [ 13.175176] dump_stack_lvl+0x73/0xb0 [ 13.175201] print_report+0xd1/0x650 [ 13.175224] ? __virt_addr_valid+0x1db/0x2d0 [ 13.175247] ? kasan_addr_to_slab+0x11/0xa0 [ 13.175267] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.175293] kasan_report_invalid_free+0x10a/0x130 [ 13.175317] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.175346] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.175371] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.175395] mempool_free+0x2ec/0x380 [ 13.175416] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.175442] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.175471] ? finish_task_switch.isra.0+0x153/0x700 [ 13.175497] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.175522] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.175550] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.175569] ? __pfx_mempool_kfree+0x10/0x10 [ 13.175591] ? __pfx_read_tsc+0x10/0x10 [ 13.175611] ? ktime_get_ts64+0x86/0x230 [ 13.175645] kunit_try_run_case+0x1a5/0x480 [ 13.175666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.175686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.175711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.175735] ? __kthread_parkme+0x82/0x180 [ 13.175755] ? preempt_count_sub+0x50/0x80 [ 13.175777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.175798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.175822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.175847] kthread+0x337/0x6f0 [ 13.175865] ? trace_preempt_on+0x20/0xc0 [ 13.175887] ? __pfx_kthread+0x10/0x10 [ 13.175921] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.175943] ? calculate_sigpending+0x7b/0xa0 [ 13.175976] ? __pfx_kthread+0x10/0x10 [ 13.175999] ret_from_fork+0x116/0x1d0 [ 13.176016] ? __pfx_kthread+0x10/0x10 [ 13.176037] ret_from_fork_asm+0x1a/0x30 [ 13.176067] </TASK> [ 13.176076] [ 13.184727] The buggy address belongs to the physical page: [ 13.184975] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c48 [ 13.185240] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.185469] flags: 0x200000000000040(head|node=0|zone=2) [ 13.185844] page_type: f8(unknown) [ 13.186157] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.186475] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.186809] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.187347] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.187643] head: 0200000000000002 ffffea00040b1201 00000000ffffffff 00000000ffffffff [ 13.188060] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.188349] page dumped because: kasan: bad access detected [ 13.188526] [ 13.188597] Memory state around the buggy address: [ 13.188820] ffff888102c47f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.189154] ffff888102c47f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.189470] >ffff888102c48000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.189829] ^ [ 13.190106] ffff888102c48080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.190409] ffff888102c48100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.190696] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure
Automatically assigned
[ 13.069545] ================================================================== [ 13.070191] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.070624] Free of addr ffff88810276ee00 by task kunit_try_catch/252 [ 13.071057] [ 13.071194] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.071289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.071303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.071324] Call Trace: [ 13.071336] <TASK> [ 13.071350] dump_stack_lvl+0x73/0xb0 [ 13.071378] print_report+0xd1/0x650 [ 13.071400] ? __virt_addr_valid+0x1db/0x2d0 [ 13.071423] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.071469] ? mempool_double_free_helper+0x184/0x370 [ 13.071495] kasan_report_invalid_free+0x10a/0x130 [ 13.071519] ? mempool_double_free_helper+0x184/0x370 [ 13.071544] ? mempool_double_free_helper+0x184/0x370 [ 13.071567] ? mempool_double_free_helper+0x184/0x370 [ 13.071590] check_slab_allocation+0x101/0x130 [ 13.071626] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.071662] mempool_free+0x2ec/0x380 [ 13.071685] mempool_double_free_helper+0x184/0x370 [ 13.071708] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.071731] ? update_load_avg+0x1be/0x21b0 [ 13.071756] ? update_load_avg+0x1be/0x21b0 [ 13.071776] ? update_curr+0x80/0x810 [ 13.071798] ? finish_task_switch.isra.0+0x153/0x700 [ 13.071822] mempool_kmalloc_double_free+0xed/0x140 [ 13.071846] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.071872] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.071890] ? __pfx_mempool_kfree+0x10/0x10 [ 13.071924] ? __pfx_read_tsc+0x10/0x10 [ 13.072010] ? ktime_get_ts64+0x86/0x230 [ 13.072037] kunit_try_run_case+0x1a5/0x480 [ 13.072061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.072080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.072104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.072130] ? __kthread_parkme+0x82/0x180 [ 13.072151] ? preempt_count_sub+0x50/0x80 [ 13.072173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.072195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.072219] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.072244] kthread+0x337/0x6f0 [ 13.072263] ? trace_preempt_on+0x20/0xc0 [ 13.072285] ? __pfx_kthread+0x10/0x10 [ 13.072305] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.072327] ? calculate_sigpending+0x7b/0xa0 [ 13.072351] ? __pfx_kthread+0x10/0x10 [ 13.072371] ret_from_fork+0x116/0x1d0 [ 13.072390] ? __pfx_kthread+0x10/0x10 [ 13.072410] ret_from_fork_asm+0x1a/0x30 [ 13.072440] </TASK> [ 13.072451] [ 13.083408] Allocated by task 252: [ 13.083613] kasan_save_stack+0x45/0x70 [ 13.083794] kasan_save_track+0x18/0x40 [ 13.084021] kasan_save_alloc_info+0x3b/0x50 [ 13.084259] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.084491] remove_element+0x11e/0x190 [ 13.084698] mempool_alloc_preallocated+0x4d/0x90 [ 13.085009] mempool_double_free_helper+0x8a/0x370 [ 13.085328] mempool_kmalloc_double_free+0xed/0x140 [ 13.085600] kunit_try_run_case+0x1a5/0x480 [ 13.085805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.086075] kthread+0x337/0x6f0 [ 13.086245] ret_from_fork+0x116/0x1d0 [ 13.086374] ret_from_fork_asm+0x1a/0x30 [ 13.086510] [ 13.086578] Freed by task 252: [ 13.086922] kasan_save_stack+0x45/0x70 [ 13.087121] kasan_save_track+0x18/0x40 [ 13.087305] kasan_save_free_info+0x3f/0x60 [ 13.087514] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.087937] mempool_free+0x2ec/0x380 [ 13.088205] mempool_double_free_helper+0x109/0x370 [ 13.088412] mempool_kmalloc_double_free+0xed/0x140 [ 13.088572] kunit_try_run_case+0x1a5/0x480 [ 13.089012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.089348] kthread+0x337/0x6f0 [ 13.089570] ret_from_fork+0x116/0x1d0 [ 13.089769] ret_from_fork_asm+0x1a/0x30 [ 13.089976] [ 13.090070] The buggy address belongs to the object at ffff88810276ee00 [ 13.090070] which belongs to the cache kmalloc-128 of size 128 [ 13.090842] The buggy address is located 0 bytes inside of [ 13.090842] 128-byte region [ffff88810276ee00, ffff88810276ee80) [ 13.091696] [ 13.091796] The buggy address belongs to the physical page: [ 13.092151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 13.092428] flags: 0x200000000000000(node=0|zone=2) [ 13.092717] page_type: f5(slab) [ 13.093130] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.093395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.093780] page dumped because: kasan: bad access detected [ 13.094133] [ 13.094256] Memory state around the buggy address: [ 13.094433] ffff88810276ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.094841] ffff88810276ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.095200] >ffff88810276ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.095636] ^ [ 13.095776] ffff88810276ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.096306] ffff88810276ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.096582] ================================================================== [ 13.102138] ================================================================== [ 13.102615] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.103199] Free of addr ffff888103b0c000 by task kunit_try_catch/254 [ 13.103486] [ 13.103600] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.103645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.103657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.103678] Call Trace: [ 13.103689] <TASK> [ 13.103705] dump_stack_lvl+0x73/0xb0 [ 13.103732] print_report+0xd1/0x650 [ 13.103754] ? __virt_addr_valid+0x1db/0x2d0 [ 13.103778] ? kasan_addr_to_slab+0x11/0xa0 [ 13.103800] ? mempool_double_free_helper+0x184/0x370 [ 13.103826] kasan_report_invalid_free+0x10a/0x130 [ 13.103867] ? mempool_double_free_helper+0x184/0x370 [ 13.103906] ? mempool_double_free_helper+0x184/0x370 [ 13.103929] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.103954] mempool_free+0x2ec/0x380 [ 13.103977] mempool_double_free_helper+0x184/0x370 [ 13.104000] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.104026] ? __kasan_check_write+0x18/0x20 [ 13.104046] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.104068] ? finish_task_switch.isra.0+0x153/0x700 [ 13.104094] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.104119] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.104144] ? __kasan_check_write+0x18/0x20 [ 13.104367] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.104388] ? __pfx_mempool_kfree+0x10/0x10 [ 13.104410] ? __pfx_read_tsc+0x10/0x10 [ 13.104433] ? ktime_get_ts64+0x86/0x230 [ 13.104453] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.104482] kunit_try_run_case+0x1a5/0x480 [ 13.104505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.104526] ? queued_spin_lock_slowpath+0x116/0xb40 [ 13.104552] ? __kthread_parkme+0x82/0x180 [ 13.104573] ? preempt_count_sub+0x50/0x80 [ 13.104596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.104617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.104657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.104682] kthread+0x337/0x6f0 [ 13.104700] ? trace_preempt_on+0x20/0xc0 [ 13.104723] ? __pfx_kthread+0x10/0x10 [ 13.104744] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.104766] ? calculate_sigpending+0x7b/0xa0 [ 13.104790] ? __pfx_kthread+0x10/0x10 [ 13.104812] ret_from_fork+0x116/0x1d0 [ 13.104830] ? __pfx_kthread+0x10/0x10 [ 13.104851] ret_from_fork_asm+0x1a/0x30 [ 13.104880] </TASK> [ 13.104902] [ 13.114183] The buggy address belongs to the physical page: [ 13.114456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b0c [ 13.114834] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.115322] flags: 0x200000000000040(head|node=0|zone=2) [ 13.115533] page_type: f8(unknown) [ 13.115716] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.116195] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.116504] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.116831] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.117208] head: 0200000000000002 ffffea00040ec301 00000000ffffffff 00000000ffffffff [ 13.117479] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.117741] page dumped because: kasan: bad access detected [ 13.118013] [ 13.118107] Memory state around the buggy address: [ 13.118398] ffff888103b0bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.118815] ffff888103b0bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.119207] >ffff888103b0c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.119444] ^ [ 13.119612] ffff888103b0c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.119962] ffff888103b0c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.120413] ================================================================== [ 13.124208] ================================================================== [ 13.124694] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.125033] Free of addr ffff888102c44000 by task kunit_try_catch/256 [ 13.125370] [ 13.125457] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.125500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.125512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.125533] Call Trace: [ 13.125544] <TASK> [ 13.125557] dump_stack_lvl+0x73/0xb0 [ 13.125582] print_report+0xd1/0x650 [ 13.125605] ? __virt_addr_valid+0x1db/0x2d0 [ 13.125629] ? kasan_addr_to_slab+0x11/0xa0 [ 13.125663] ? mempool_double_free_helper+0x184/0x370 [ 13.125688] kasan_report_invalid_free+0x10a/0x130 [ 13.125713] ? mempool_double_free_helper+0x184/0x370 [ 13.125738] ? mempool_double_free_helper+0x184/0x370 [ 13.125762] __kasan_mempool_poison_pages+0x115/0x130 [ 13.125788] mempool_free+0x290/0x380 [ 13.125810] mempool_double_free_helper+0x184/0x370 [ 13.125834] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.125859] ? __kasan_check_write+0x18/0x20 [ 13.125880] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.125914] ? finish_task_switch.isra.0+0x153/0x700 [ 13.125939] mempool_page_alloc_double_free+0xe8/0x140 [ 13.126020] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.126049] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.126069] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.126091] ? __pfx_read_tsc+0x10/0x10 [ 13.126112] ? ktime_get_ts64+0x86/0x230 [ 13.126135] kunit_try_run_case+0x1a5/0x480 [ 13.126156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.126176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.126201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.126225] ? __kthread_parkme+0x82/0x180 [ 13.126246] ? preempt_count_sub+0x50/0x80 [ 13.126268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.126289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.126313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.126338] kthread+0x337/0x6f0 [ 13.126356] ? trace_preempt_on+0x20/0xc0 [ 13.126379] ? __pfx_kthread+0x10/0x10 [ 13.126399] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.126422] ? calculate_sigpending+0x7b/0xa0 [ 13.126446] ? __pfx_kthread+0x10/0x10 [ 13.126466] ret_from_fork+0x116/0x1d0 [ 13.126485] ? __pfx_kthread+0x10/0x10 [ 13.126505] ret_from_fork_asm+0x1a/0x30 [ 13.126535] </TASK> [ 13.126545] [ 13.135306] The buggy address belongs to the physical page: [ 13.135558] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c44 [ 13.135877] flags: 0x200000000000000(node=0|zone=2) [ 13.136187] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.136452] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.136866] page dumped because: kasan: bad access detected [ 13.137205] [ 13.137279] Memory state around the buggy address: [ 13.137450] ffff888102c43f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.137837] ffff888102c43f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.138177] >ffff888102c44000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.138394] ^ [ 13.138509] ffff888102c44080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.138775] ffff888102c44100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.139231] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 13.043002] ================================================================== [ 13.043423] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.043653] Read of size 1 at addr ffff888103b0c000 by task kunit_try_catch/250 [ 13.043872] [ 13.044925] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.044981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.044995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.045016] Call Trace: [ 13.045029] <TASK> [ 13.045050] dump_stack_lvl+0x73/0xb0 [ 13.045078] print_report+0xd1/0x650 [ 13.045100] ? __virt_addr_valid+0x1db/0x2d0 [ 13.045123] ? mempool_uaf_helper+0x392/0x400 [ 13.045144] ? kasan_addr_to_slab+0x11/0xa0 [ 13.045165] ? mempool_uaf_helper+0x392/0x400 [ 13.045186] kasan_report+0x141/0x180 [ 13.045209] ? mempool_uaf_helper+0x392/0x400 [ 13.045236] __asan_report_load1_noabort+0x18/0x20 [ 13.045260] mempool_uaf_helper+0x392/0x400 [ 13.045283] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.045306] ? __kasan_check_write+0x18/0x20 [ 13.045325] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.045348] ? finish_task_switch.isra.0+0x153/0x700 [ 13.045373] mempool_page_alloc_uaf+0xed/0x140 [ 13.045396] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.045422] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.045442] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.045465] ? __pfx_read_tsc+0x10/0x10 [ 13.045487] ? ktime_get_ts64+0x86/0x230 [ 13.045511] kunit_try_run_case+0x1a5/0x480 [ 13.045533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.045553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.045578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.045602] ? __kthread_parkme+0x82/0x180 [ 13.045622] ? preempt_count_sub+0x50/0x80 [ 13.045645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.045666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.045690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.045714] kthread+0x337/0x6f0 [ 13.045733] ? trace_preempt_on+0x20/0xc0 [ 13.045756] ? __pfx_kthread+0x10/0x10 [ 13.045776] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.045798] ? calculate_sigpending+0x7b/0xa0 [ 13.045822] ? __pfx_kthread+0x10/0x10 [ 13.045843] ret_from_fork+0x116/0x1d0 [ 13.045861] ? __pfx_kthread+0x10/0x10 [ 13.045882] ret_from_fork_asm+0x1a/0x30 [ 13.045921] </TASK> [ 13.045931] [ 13.061255] The buggy address belongs to the physical page: [ 13.061500] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b0c [ 13.062213] flags: 0x200000000000000(node=0|zone=2) [ 13.062476] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.062838] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.063470] page dumped because: kasan: bad access detected [ 13.063835] [ 13.063974] Memory state around the buggy address: [ 13.064400] ffff888103b0bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.064770] ffff888103b0bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.065322] >ffff888103b0c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.065750] ^ [ 13.065925] ffff888103b0c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.066453] ffff888103b0c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.066796] ================================================================== [ 12.976834] ================================================================== [ 12.977617] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.977942] Read of size 1 at addr ffff888103b0c000 by task kunit_try_catch/246 [ 12.978670] [ 12.978824] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.978973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.979068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.979091] Call Trace: [ 12.979103] <TASK> [ 12.979202] dump_stack_lvl+0x73/0xb0 [ 12.979238] print_report+0xd1/0x650 [ 12.979261] ? __virt_addr_valid+0x1db/0x2d0 [ 12.979286] ? mempool_uaf_helper+0x392/0x400 [ 12.979308] ? kasan_addr_to_slab+0x11/0xa0 [ 12.979330] ? mempool_uaf_helper+0x392/0x400 [ 12.979354] kasan_report+0x141/0x180 [ 12.979376] ? mempool_uaf_helper+0x392/0x400 [ 12.979404] __asan_report_load1_noabort+0x18/0x20 [ 12.979431] mempool_uaf_helper+0x392/0x400 [ 12.979454] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.979481] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.979505] ? finish_task_switch.isra.0+0x153/0x700 [ 12.979533] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.979557] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.979586] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.979609] ? __pfx_mempool_kfree+0x10/0x10 [ 12.979645] ? __pfx_read_tsc+0x10/0x10 [ 12.979668] ? ktime_get_ts64+0x86/0x230 [ 12.979694] kunit_try_run_case+0x1a5/0x480 [ 12.979719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.979742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.979771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.979798] ? __kthread_parkme+0x82/0x180 [ 12.979819] ? preempt_count_sub+0x50/0x80 [ 12.979843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.979866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.979903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.979931] kthread+0x337/0x6f0 [ 12.980003] ? trace_preempt_on+0x20/0xc0 [ 12.980029] ? __pfx_kthread+0x10/0x10 [ 12.980051] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.980075] ? calculate_sigpending+0x7b/0xa0 [ 12.980101] ? __pfx_kthread+0x10/0x10 [ 12.980125] ret_from_fork+0x116/0x1d0 [ 12.980143] ? __pfx_kthread+0x10/0x10 [ 12.980165] ret_from_fork_asm+0x1a/0x30 [ 12.980198] </TASK> [ 12.980208] [ 12.992490] The buggy address belongs to the physical page: [ 12.992868] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b0c [ 12.993357] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.993851] flags: 0x200000000000040(head|node=0|zone=2) [ 12.994230] page_type: f8(unknown) [ 12.994366] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.994948] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.995291] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.995741] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.996308] head: 0200000000000002 ffffea00040ec301 00000000ffffffff 00000000ffffffff [ 12.996711] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.997173] page dumped because: kasan: bad access detected [ 12.997518] [ 12.997617] Memory state around the buggy address: [ 12.998094] ffff888103b0bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.998432] ffff888103b0bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.998937] >ffff888103b0c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.999382] ^ [ 12.999630] ffff888103b0c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.000011] ffff888103b0c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.000480] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 13.005230] ================================================================== [ 13.005727] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.006615] Read of size 1 at addr ffff888102791240 by task kunit_try_catch/248 [ 13.007060] [ 13.007459] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 13.007509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.007523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.007544] Call Trace: [ 13.007556] <TASK> [ 13.007571] dump_stack_lvl+0x73/0xb0 [ 13.007600] print_report+0xd1/0x650 [ 13.007622] ? __virt_addr_valid+0x1db/0x2d0 [ 13.007646] ? mempool_uaf_helper+0x392/0x400 [ 13.007668] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.007691] ? mempool_uaf_helper+0x392/0x400 [ 13.007714] kasan_report+0x141/0x180 [ 13.007736] ? mempool_uaf_helper+0x392/0x400 [ 13.007762] __asan_report_load1_noabort+0x18/0x20 [ 13.007786] mempool_uaf_helper+0x392/0x400 [ 13.007809] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.007834] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.007855] ? finish_task_switch.isra.0+0x153/0x700 [ 13.007882] mempool_slab_uaf+0xea/0x140 [ 13.007919] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.008018] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.008044] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.008066] ? __pfx_read_tsc+0x10/0x10 [ 13.008086] ? ktime_get_ts64+0x86/0x230 [ 13.008111] kunit_try_run_case+0x1a5/0x480 [ 13.008132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.008151] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.008176] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.008201] ? __kthread_parkme+0x82/0x180 [ 13.008223] ? preempt_count_sub+0x50/0x80 [ 13.008246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.008267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.008291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.008315] kthread+0x337/0x6f0 [ 13.008334] ? trace_preempt_on+0x20/0xc0 [ 13.008356] ? __pfx_kthread+0x10/0x10 [ 13.008378] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.008399] ? calculate_sigpending+0x7b/0xa0 [ 13.008423] ? __pfx_kthread+0x10/0x10 [ 13.008444] ret_from_fork+0x116/0x1d0 [ 13.008462] ? __pfx_kthread+0x10/0x10 [ 13.008481] ret_from_fork_asm+0x1a/0x30 [ 13.008512] </TASK> [ 13.008524] [ 13.021204] Allocated by task 248: [ 13.021399] kasan_save_stack+0x45/0x70 [ 13.021593] kasan_save_track+0x18/0x40 [ 13.022034] kasan_save_alloc_info+0x3b/0x50 [ 13.022207] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.022376] remove_element+0x11e/0x190 [ 13.022506] mempool_alloc_preallocated+0x4d/0x90 [ 13.022655] mempool_uaf_helper+0x96/0x400 [ 13.022792] mempool_slab_uaf+0xea/0x140 [ 13.023291] kunit_try_run_case+0x1a5/0x480 [ 13.023935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.024413] kthread+0x337/0x6f0 [ 13.024554] ret_from_fork+0x116/0x1d0 [ 13.024695] ret_from_fork_asm+0x1a/0x30 [ 13.025146] [ 13.025322] Freed by task 248: [ 13.025653] kasan_save_stack+0x45/0x70 [ 13.026079] kasan_save_track+0x18/0x40 [ 13.026547] kasan_save_free_info+0x3f/0x60 [ 13.027036] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.027513] mempool_free+0x2ec/0x380 [ 13.027863] mempool_uaf_helper+0x11a/0x400 [ 13.028031] mempool_slab_uaf+0xea/0x140 [ 13.028509] kunit_try_run_case+0x1a5/0x480 [ 13.028954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.029165] kthread+0x337/0x6f0 [ 13.029496] ret_from_fork+0x116/0x1d0 [ 13.029916] ret_from_fork_asm+0x1a/0x30 [ 13.030322] [ 13.030498] The buggy address belongs to the object at ffff888102791240 [ 13.030498] which belongs to the cache test_cache of size 123 [ 13.030940] The buggy address is located 0 bytes inside of [ 13.030940] freed 123-byte region [ffff888102791240, ffff8881027912bb) [ 13.031444] [ 13.031547] The buggy address belongs to the physical page: [ 13.031781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102791 [ 13.032191] flags: 0x200000000000000(node=0|zone=2) [ 13.032401] page_type: f5(slab) [ 13.032554] raw: 0200000000000000 ffff8881018ce640 dead000000000122 0000000000000000 [ 13.033189] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.033496] page dumped because: kasan: bad access detected [ 13.033798] [ 13.033906] Memory state around the buggy address: [ 13.034244] ffff888102791100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.034567] ffff888102791180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.034912] >ffff888102791200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.035193] ^ [ 13.035436] ffff888102791280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.035826] ffff888102791300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.036195] ================================================================== [ 12.936426] ================================================================== [ 12.936838] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.937097] Read of size 1 at addr ffff888102b2d800 by task kunit_try_catch/244 [ 12.937319] [ 12.937405] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.937450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.937461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.937481] Call Trace: [ 12.937493] <TASK> [ 12.937508] dump_stack_lvl+0x73/0xb0 [ 12.937534] print_report+0xd1/0x650 [ 12.937556] ? __virt_addr_valid+0x1db/0x2d0 [ 12.937579] ? mempool_uaf_helper+0x392/0x400 [ 12.937600] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.937623] ? mempool_uaf_helper+0x392/0x400 [ 12.937645] kasan_report+0x141/0x180 [ 12.937666] ? mempool_uaf_helper+0x392/0x400 [ 12.937693] __asan_report_load1_noabort+0x18/0x20 [ 12.937716] mempool_uaf_helper+0x392/0x400 [ 12.937739] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.937763] ? __kasan_check_write+0x18/0x20 [ 12.937783] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.937805] ? finish_task_switch.isra.0+0x153/0x700 [ 12.937832] mempool_kmalloc_uaf+0xef/0x140 [ 12.937854] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.937878] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.938711] ? __pfx_mempool_kfree+0x10/0x10 [ 12.938754] ? __pfx_read_tsc+0x10/0x10 [ 12.938779] ? ktime_get_ts64+0x86/0x230 [ 12.938804] kunit_try_run_case+0x1a5/0x480 [ 12.938829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.938849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.938875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.938909] ? __kthread_parkme+0x82/0x180 [ 12.938935] ? preempt_count_sub+0x50/0x80 [ 12.938958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.938979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.939003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.939027] kthread+0x337/0x6f0 [ 12.939046] ? trace_preempt_on+0x20/0xc0 [ 12.939069] ? __pfx_kthread+0x10/0x10 [ 12.939089] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.939111] ? calculate_sigpending+0x7b/0xa0 [ 12.939135] ? __pfx_kthread+0x10/0x10 [ 12.939156] ret_from_fork+0x116/0x1d0 [ 12.939175] ? __pfx_kthread+0x10/0x10 [ 12.939195] ret_from_fork_asm+0x1a/0x30 [ 12.939225] </TASK> [ 12.939236] [ 12.949072] Allocated by task 244: [ 12.949264] kasan_save_stack+0x45/0x70 [ 12.949411] kasan_save_track+0x18/0x40 [ 12.949555] kasan_save_alloc_info+0x3b/0x50 [ 12.949810] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.950135] remove_element+0x11e/0x190 [ 12.950457] mempool_alloc_preallocated+0x4d/0x90 [ 12.950648] mempool_uaf_helper+0x96/0x400 [ 12.950857] mempool_kmalloc_uaf+0xef/0x140 [ 12.951132] kunit_try_run_case+0x1a5/0x480 [ 12.951375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.951637] kthread+0x337/0x6f0 [ 12.951813] ret_from_fork+0x116/0x1d0 [ 12.951954] ret_from_fork_asm+0x1a/0x30 [ 12.952103] [ 12.952281] Freed by task 244: [ 12.952443] kasan_save_stack+0x45/0x70 [ 12.952635] kasan_save_track+0x18/0x40 [ 12.952793] kasan_save_free_info+0x3f/0x60 [ 12.952951] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.953444] mempool_free+0x2ec/0x380 [ 12.953587] mempool_uaf_helper+0x11a/0x400 [ 12.955052] mempool_kmalloc_uaf+0xef/0x140 [ 12.956085] kunit_try_run_case+0x1a5/0x480 [ 12.956975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957751] kthread+0x337/0x6f0 [ 12.958457] ret_from_fork+0x116/0x1d0 [ 12.959221] ret_from_fork_asm+0x1a/0x30 [ 12.959378] [ 12.959452] The buggy address belongs to the object at ffff888102b2d800 [ 12.959452] which belongs to the cache kmalloc-128 of size 128 [ 12.959863] The buggy address is located 0 bytes inside of [ 12.959863] freed 128-byte region [ffff888102b2d800, ffff888102b2d880) [ 12.960217] [ 12.960291] The buggy address belongs to the physical page: [ 12.960466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 12.960714] flags: 0x200000000000000(node=0|zone=2) [ 12.960882] page_type: f5(slab) [ 12.962671] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.964096] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.965413] page dumped because: kasan: bad access detected [ 12.966252] [ 12.966585] Memory state around the buggy address: [ 12.967437] ffff888102b2d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.968539] ffff888102b2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.969580] >ffff888102b2d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.970776] ^ [ 12.971365] ffff888102b2d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.972183] ffff888102b2d900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.973072] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper: Failure
Automatically assigned
[ 12.906835] ================================================================== [ 12.907560] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.908499] Read of size 1 at addr ffff88810278d2bb by task kunit_try_catch/242 [ 12.909017] [ 12.909539] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.909590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.909602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.909623] Call Trace: [ 12.909647] <TASK> [ 12.909662] dump_stack_lvl+0x73/0xb0 [ 12.909689] print_report+0xd1/0x650 [ 12.909745] ? __virt_addr_valid+0x1db/0x2d0 [ 12.909768] ? mempool_oob_right_helper+0x318/0x380 [ 12.909791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.909814] ? mempool_oob_right_helper+0x318/0x380 [ 12.909838] kasan_report+0x141/0x180 [ 12.909859] ? mempool_oob_right_helper+0x318/0x380 [ 12.909887] __asan_report_load1_noabort+0x18/0x20 [ 12.909923] mempool_oob_right_helper+0x318/0x380 [ 12.909947] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.909974] ? finish_task_switch.isra.0+0x153/0x700 [ 12.910000] mempool_slab_oob_right+0xed/0x140 [ 12.910082] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.910112] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.910133] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.910154] ? __pfx_read_tsc+0x10/0x10 [ 12.910174] ? ktime_get_ts64+0x86/0x230 [ 12.910198] kunit_try_run_case+0x1a5/0x480 [ 12.910219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.910238] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.910263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.910287] ? __kthread_parkme+0x82/0x180 [ 12.910307] ? preempt_count_sub+0x50/0x80 [ 12.910329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.910350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.910374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.910398] kthread+0x337/0x6f0 [ 12.910417] ? trace_preempt_on+0x20/0xc0 [ 12.910438] ? __pfx_kthread+0x10/0x10 [ 12.910458] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.910480] ? calculate_sigpending+0x7b/0xa0 [ 12.910503] ? __pfx_kthread+0x10/0x10 [ 12.910524] ret_from_fork+0x116/0x1d0 [ 12.910542] ? __pfx_kthread+0x10/0x10 [ 12.910562] ret_from_fork_asm+0x1a/0x30 [ 12.910592] </TASK> [ 12.910602] [ 12.919825] Allocated by task 242: [ 12.920083] kasan_save_stack+0x45/0x70 [ 12.920282] kasan_save_track+0x18/0x40 [ 12.920491] kasan_save_alloc_info+0x3b/0x50 [ 12.920714] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.920886] remove_element+0x11e/0x190 [ 12.921335] mempool_alloc_preallocated+0x4d/0x90 [ 12.921564] mempool_oob_right_helper+0x8a/0x380 [ 12.921726] mempool_slab_oob_right+0xed/0x140 [ 12.922290] kunit_try_run_case+0x1a5/0x480 [ 12.922460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.922790] kthread+0x337/0x6f0 [ 12.922976] ret_from_fork+0x116/0x1d0 [ 12.923233] ret_from_fork_asm+0x1a/0x30 [ 12.923376] [ 12.923447] The buggy address belongs to the object at ffff88810278d240 [ 12.923447] which belongs to the cache test_cache of size 123 [ 12.924208] The buggy address is located 0 bytes to the right of [ 12.924208] allocated 123-byte region [ffff88810278d240, ffff88810278d2bb) [ 12.924813] [ 12.925044] The buggy address belongs to the physical page: [ 12.925343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10278d [ 12.925712] flags: 0x200000000000000(node=0|zone=2) [ 12.926228] page_type: f5(slab) [ 12.926419] raw: 0200000000000000 ffff8881018ce500 dead000000000122 0000000000000000 [ 12.926815] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.927353] page dumped because: kasan: bad access detected [ 12.927600] [ 12.927700] Memory state around the buggy address: [ 12.928014] ffff88810278d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.928349] ffff88810278d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.928687] >ffff88810278d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.929070] ^ [ 12.929344] ffff88810278d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.929611] ffff88810278d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.930162] ================================================================== [ 12.850188] ================================================================== [ 12.850630] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.851134] Read of size 1 at addr ffff88810276ea73 by task kunit_try_catch/238 [ 12.851483] [ 12.851655] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.851735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.851747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.851788] Call Trace: [ 12.851802] <TASK> [ 12.851820] dump_stack_lvl+0x73/0xb0 [ 12.851851] print_report+0xd1/0x650 [ 12.851873] ? __virt_addr_valid+0x1db/0x2d0 [ 12.851908] ? mempool_oob_right_helper+0x318/0x380 [ 12.851930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.852015] ? mempool_oob_right_helper+0x318/0x380 [ 12.852112] kasan_report+0x141/0x180 [ 12.852137] ? mempool_oob_right_helper+0x318/0x380 [ 12.852177] __asan_report_load1_noabort+0x18/0x20 [ 12.852203] mempool_oob_right_helper+0x318/0x380 [ 12.852228] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.852250] ? update_load_avg+0x1be/0x21b0 [ 12.852276] ? dequeue_entities+0x27e/0x1740 [ 12.852301] ? finish_task_switch.isra.0+0x153/0x700 [ 12.852329] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.852353] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.852379] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.852400] ? __pfx_mempool_kfree+0x10/0x10 [ 12.852423] ? __pfx_read_tsc+0x10/0x10 [ 12.852446] ? ktime_get_ts64+0x86/0x230 [ 12.852471] kunit_try_run_case+0x1a5/0x480 [ 12.852497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.852518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.852543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.852569] ? __kthread_parkme+0x82/0x180 [ 12.852591] ? preempt_count_sub+0x50/0x80 [ 12.852614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.852644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.852669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.852693] kthread+0x337/0x6f0 [ 12.852714] ? trace_preempt_on+0x20/0xc0 [ 12.852738] ? __pfx_kthread+0x10/0x10 [ 12.852758] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.852781] ? calculate_sigpending+0x7b/0xa0 [ 12.852805] ? __pfx_kthread+0x10/0x10 [ 12.852827] ret_from_fork+0x116/0x1d0 [ 12.852845] ? __pfx_kthread+0x10/0x10 [ 12.852865] ret_from_fork_asm+0x1a/0x30 [ 12.852908] </TASK> [ 12.852919] [ 12.863572] Allocated by task 238: [ 12.863808] kasan_save_stack+0x45/0x70 [ 12.864185] kasan_save_track+0x18/0x40 [ 12.864388] kasan_save_alloc_info+0x3b/0x50 [ 12.864664] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.864982] remove_element+0x11e/0x190 [ 12.865217] mempool_alloc_preallocated+0x4d/0x90 [ 12.865573] mempool_oob_right_helper+0x8a/0x380 [ 12.865918] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.866218] kunit_try_run_case+0x1a5/0x480 [ 12.866399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.866589] kthread+0x337/0x6f0 [ 12.866884] ret_from_fork+0x116/0x1d0 [ 12.867355] ret_from_fork_asm+0x1a/0x30 [ 12.867575] [ 12.867673] The buggy address belongs to the object at ffff88810276ea00 [ 12.867673] which belongs to the cache kmalloc-128 of size 128 [ 12.868277] The buggy address is located 0 bytes to the right of [ 12.868277] allocated 115-byte region [ffff88810276ea00, ffff88810276ea73) [ 12.868982] [ 12.869157] The buggy address belongs to the physical page: [ 12.869437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 12.869808] flags: 0x200000000000000(node=0|zone=2) [ 12.870265] page_type: f5(slab) [ 12.870400] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.870778] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.871216] page dumped because: kasan: bad access detected [ 12.871538] [ 12.871637] Memory state around the buggy address: [ 12.871885] ffff88810276e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.872349] ffff88810276e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.872721] >ffff88810276ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.873132] ^ [ 12.873397] ffff88810276ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.873775] ffff88810276eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.874071] ================================================================== [ 12.878114] ================================================================== [ 12.878640] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.879347] Read of size 1 at addr ffff888103b0a001 by task kunit_try_catch/240 [ 12.879829] [ 12.879959] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.880009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.880021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.880043] Call Trace: [ 12.880056] <TASK> [ 12.880146] dump_stack_lvl+0x73/0xb0 [ 12.880179] print_report+0xd1/0x650 [ 12.880201] ? __virt_addr_valid+0x1db/0x2d0 [ 12.880225] ? mempool_oob_right_helper+0x318/0x380 [ 12.880247] ? kasan_addr_to_slab+0x11/0xa0 [ 12.880268] ? mempool_oob_right_helper+0x318/0x380 [ 12.880291] kasan_report+0x141/0x180 [ 12.880313] ? mempool_oob_right_helper+0x318/0x380 [ 12.880341] __asan_report_load1_noabort+0x18/0x20 [ 12.880365] mempool_oob_right_helper+0x318/0x380 [ 12.880389] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.880415] ? __pfx_sched_clock_cpu+0x10/0x10 [ 12.880439] ? finish_task_switch.isra.0+0x153/0x700 [ 12.880466] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.880490] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.880517] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.880538] ? __pfx_mempool_kfree+0x10/0x10 [ 12.880559] ? __pfx_read_tsc+0x10/0x10 [ 12.880581] ? ktime_get_ts64+0x86/0x230 [ 12.880606] kunit_try_run_case+0x1a5/0x480 [ 12.880690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.880711] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.880739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.880763] ? __kthread_parkme+0x82/0x180 [ 12.880783] ? preempt_count_sub+0x50/0x80 [ 12.880806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.880827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.880852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.880875] kthread+0x337/0x6f0 [ 12.880907] ? trace_preempt_on+0x20/0xc0 [ 12.880931] ? __pfx_kthread+0x10/0x10 [ 12.880976] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.880999] ? calculate_sigpending+0x7b/0xa0 [ 12.881025] ? __pfx_kthread+0x10/0x10 [ 12.881051] ret_from_fork+0x116/0x1d0 [ 12.881069] ? __pfx_kthread+0x10/0x10 [ 12.881089] ret_from_fork_asm+0x1a/0x30 [ 12.881119] </TASK> [ 12.881131] [ 12.892732] The buggy address belongs to the physical page: [ 12.893301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b08 [ 12.893604] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.894329] flags: 0x200000000000040(head|node=0|zone=2) [ 12.894575] page_type: f8(unknown) [ 12.894919] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.895358] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.895829] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.896253] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.896556] head: 0200000000000002 ffffea00040ec201 00000000ffffffff 00000000ffffffff [ 12.897225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.897505] page dumped because: kasan: bad access detected [ 12.898064] [ 12.898160] Memory state around the buggy address: [ 12.898533] ffff888103b09f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.899124] ffff888103b09f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.899439] >ffff888103b0a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.899890] ^ [ 12.900323] ffff888103b0a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.900802] ffff888103b0a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.901236] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
Automatically assigned
[ 12.266507] ================================================================== [ 12.267793] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.268478] Read of size 1 at addr ffff888101b4cb40 by task kunit_try_catch/232 [ 12.269427] [ 12.269881] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.269996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.270010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.270033] Call Trace: [ 12.270046] <TASK> [ 12.270063] dump_stack_lvl+0x73/0xb0 [ 12.270093] print_report+0xd1/0x650 [ 12.270115] ? __virt_addr_valid+0x1db/0x2d0 [ 12.270140] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.270164] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.270187] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.270213] kasan_report+0x141/0x180 [ 12.270235] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.270263] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.270288] __kasan_check_byte+0x3d/0x50 [ 12.270310] kmem_cache_destroy+0x25/0x1d0 [ 12.270333] kmem_cache_double_destroy+0x1bf/0x380 [ 12.270358] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.270382] ? finish_task_switch.isra.0+0x153/0x700 [ 12.270405] ? __switch_to+0x47/0xf50 [ 12.270434] ? __pfx_read_tsc+0x10/0x10 [ 12.270456] ? ktime_get_ts64+0x86/0x230 [ 12.270481] kunit_try_run_case+0x1a5/0x480 [ 12.270504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.270523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.270550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.270574] ? __kthread_parkme+0x82/0x180 [ 12.270594] ? preempt_count_sub+0x50/0x80 [ 12.270761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.270792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.270818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.270856] kthread+0x337/0x6f0 [ 12.270874] ? trace_preempt_on+0x20/0xc0 [ 12.270964] ? __pfx_kthread+0x10/0x10 [ 12.270987] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.271009] ? calculate_sigpending+0x7b/0xa0 [ 12.271034] ? __pfx_kthread+0x10/0x10 [ 12.271055] ret_from_fork+0x116/0x1d0 [ 12.271074] ? __pfx_kthread+0x10/0x10 [ 12.271094] ret_from_fork_asm+0x1a/0x30 [ 12.271125] </TASK> [ 12.271135] [ 12.287394] Allocated by task 232: [ 12.287716] kasan_save_stack+0x45/0x70 [ 12.287867] kasan_save_track+0x18/0x40 [ 12.288360] kasan_save_alloc_info+0x3b/0x50 [ 12.288804] __kasan_slab_alloc+0x91/0xa0 [ 12.289255] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.289423] __kmem_cache_create_args+0x169/0x240 [ 12.289587] kmem_cache_double_destroy+0xd5/0x380 [ 12.290173] kunit_try_run_case+0x1a5/0x480 [ 12.290571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.291174] kthread+0x337/0x6f0 [ 12.291452] ret_from_fork+0x116/0x1d0 [ 12.291822] ret_from_fork_asm+0x1a/0x30 [ 12.292265] [ 12.292409] Freed by task 232: [ 12.292565] kasan_save_stack+0x45/0x70 [ 12.293047] kasan_save_track+0x18/0x40 [ 12.293189] kasan_save_free_info+0x3f/0x60 [ 12.293335] __kasan_slab_free+0x56/0x70 [ 12.293472] kmem_cache_free+0x249/0x420 [ 12.293609] slab_kmem_cache_release+0x2e/0x40 [ 12.294160] kmem_cache_release+0x16/0x20 [ 12.294552] kobject_put+0x181/0x450 [ 12.294983] sysfs_slab_release+0x16/0x20 [ 12.295376] kmem_cache_destroy+0xf0/0x1d0 [ 12.295778] kmem_cache_double_destroy+0x14e/0x380 [ 12.296409] kunit_try_run_case+0x1a5/0x480 [ 12.296768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.297033] kthread+0x337/0x6f0 [ 12.297392] ret_from_fork+0x116/0x1d0 [ 12.297732] ret_from_fork_asm+0x1a/0x30 [ 12.298027] [ 12.298302] The buggy address belongs to the object at ffff888101b4cb40 [ 12.298302] which belongs to the cache kmem_cache of size 208 [ 12.299090] The buggy address is located 0 bytes inside of [ 12.299090] freed 208-byte region [ffff888101b4cb40, ffff888101b4cc10) [ 12.299670] [ 12.299745] The buggy address belongs to the physical page: [ 12.299926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b4c [ 12.300927] flags: 0x200000000000000(node=0|zone=2) [ 12.301448] page_type: f5(slab) [ 12.301800] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.302582] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.303163] page dumped because: kasan: bad access detected [ 12.303501] [ 12.303572] Memory state around the buggy address: [ 12.303763] ffff888101b4ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.304383] ffff888101b4ca80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.304598] >ffff888101b4cb00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.305434] ^ [ 12.306109] ffff888101b4cb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.306583] ffff888101b4cc00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.307110] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf: Failure
Automatically assigned
[ 12.207149] ================================================================== [ 12.207659] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.208126] Read of size 1 at addr ffff888102789000 by task kunit_try_catch/230 [ 12.208406] [ 12.208531] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.208579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.208590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.208612] Call Trace: [ 12.208624] <TASK> [ 12.208641] dump_stack_lvl+0x73/0xb0 [ 12.208669] print_report+0xd1/0x650 [ 12.208691] ? __virt_addr_valid+0x1db/0x2d0 [ 12.208716] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.208738] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.208761] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.208820] kasan_report+0x141/0x180 [ 12.208842] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.208880] __asan_report_load1_noabort+0x18/0x20 [ 12.208912] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.208935] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.208957] ? finish_task_switch.isra.0+0x153/0x700 [ 12.208979] ? __switch_to+0x47/0xf50 [ 12.209008] ? __pfx_read_tsc+0x10/0x10 [ 12.209030] ? ktime_get_ts64+0x86/0x230 [ 12.209105] kunit_try_run_case+0x1a5/0x480 [ 12.209130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.209149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.209175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.209199] ? __kthread_parkme+0x82/0x180 [ 12.209219] ? preempt_count_sub+0x50/0x80 [ 12.209241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.209261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.209285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.209309] kthread+0x337/0x6f0 [ 12.209328] ? trace_preempt_on+0x20/0xc0 [ 12.209351] ? __pfx_kthread+0x10/0x10 [ 12.209371] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.209392] ? calculate_sigpending+0x7b/0xa0 [ 12.209416] ? __pfx_kthread+0x10/0x10 [ 12.209436] ret_from_fork+0x116/0x1d0 [ 12.209454] ? __pfx_kthread+0x10/0x10 [ 12.209474] ret_from_fork_asm+0x1a/0x30 [ 12.209504] </TASK> [ 12.209515] [ 12.220368] Allocated by task 230: [ 12.220621] kasan_save_stack+0x45/0x70 [ 12.221008] kasan_save_track+0x18/0x40 [ 12.221392] kasan_save_alloc_info+0x3b/0x50 [ 12.221593] __kasan_slab_alloc+0x91/0xa0 [ 12.221991] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.222338] kmem_cache_rcu_uaf+0x155/0x510 [ 12.222608] kunit_try_run_case+0x1a5/0x480 [ 12.222850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.223335] kthread+0x337/0x6f0 [ 12.223467] ret_from_fork+0x116/0x1d0 [ 12.223791] ret_from_fork_asm+0x1a/0x30 [ 12.224149] [ 12.224352] Freed by task 0: [ 12.224484] kasan_save_stack+0x45/0x70 [ 12.224954] kasan_save_track+0x18/0x40 [ 12.225136] kasan_save_free_info+0x3f/0x60 [ 12.225343] __kasan_slab_free+0x56/0x70 [ 12.225524] slab_free_after_rcu_debug+0xe4/0x310 [ 12.226221] rcu_core+0x66f/0x1c40 [ 12.226390] rcu_core_si+0x12/0x20 [ 12.226518] handle_softirqs+0x209/0x730 [ 12.226951] __irq_exit_rcu+0xc9/0x110 [ 12.227337] irq_exit_rcu+0x12/0x20 [ 12.227522] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.227751] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.228252] [ 12.228332] Last potentially related work creation: [ 12.228730] kasan_save_stack+0x45/0x70 [ 12.229163] kasan_record_aux_stack+0xb2/0xc0 [ 12.229395] kmem_cache_free+0x131/0x420 [ 12.229669] kmem_cache_rcu_uaf+0x194/0x510 [ 12.229870] kunit_try_run_case+0x1a5/0x480 [ 12.230334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230655] kthread+0x337/0x6f0 [ 12.230855] ret_from_fork+0x116/0x1d0 [ 12.231242] ret_from_fork_asm+0x1a/0x30 [ 12.231400] [ 12.231496] The buggy address belongs to the object at ffff888102789000 [ 12.231496] which belongs to the cache test_cache of size 200 [ 12.232681] The buggy address is located 0 bytes inside of [ 12.232681] freed 200-byte region [ffff888102789000, ffff8881027890c8) [ 12.233334] [ 12.233442] The buggy address belongs to the physical page: [ 12.233909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102789 [ 12.234373] flags: 0x200000000000000(node=0|zone=2) [ 12.234587] page_type: f5(slab) [ 12.235045] raw: 0200000000000000 ffff8881018ce280 dead000000000122 0000000000000000 [ 12.235361] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.235796] page dumped because: kasan: bad access detected [ 12.236220] [ 12.236322] Memory state around the buggy address: [ 12.236698] ffff888102788f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.237178] ffff888102788f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.237570] >ffff888102789000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.238123] ^ [ 12.238264] ffff888102789080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.238597] ffff888102789100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.239159] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
Automatically assigned
[ 12.135758] ================================================================== [ 12.136875] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.137120] Free of addr ffff888102787001 by task kunit_try_catch/228 [ 12.137318] [ 12.137427] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.137471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.137482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.137502] Call Trace: [ 12.137513] <TASK> [ 12.137528] dump_stack_lvl+0x73/0xb0 [ 12.137553] print_report+0xd1/0x650 [ 12.137574] ? __virt_addr_valid+0x1db/0x2d0 [ 12.137598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.137619] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.137644] kasan_report_invalid_free+0x10a/0x130 [ 12.137668] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.137737] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.137761] check_slab_allocation+0x11f/0x130 [ 12.137795] __kasan_slab_pre_free+0x28/0x40 [ 12.137815] kmem_cache_free+0xed/0x420 [ 12.137835] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.137856] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.137884] kmem_cache_invalid_free+0x1d8/0x460 [ 12.137917] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.137941] ? finish_task_switch.isra.0+0x153/0x700 [ 12.137963] ? __switch_to+0x47/0xf50 [ 12.137990] ? __pfx_read_tsc+0x10/0x10 [ 12.138011] ? ktime_get_ts64+0x86/0x230 [ 12.138071] kunit_try_run_case+0x1a5/0x480 [ 12.138119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.138160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.138187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.138211] ? __kthread_parkme+0x82/0x180 [ 12.138230] ? preempt_count_sub+0x50/0x80 [ 12.138252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.138273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.138297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.138320] kthread+0x337/0x6f0 [ 12.138339] ? trace_preempt_on+0x20/0xc0 [ 12.138362] ? __pfx_kthread+0x10/0x10 [ 12.138382] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.138403] ? calculate_sigpending+0x7b/0xa0 [ 12.138427] ? __pfx_kthread+0x10/0x10 [ 12.138448] ret_from_fork+0x116/0x1d0 [ 12.138465] ? __pfx_kthread+0x10/0x10 [ 12.138485] ret_from_fork_asm+0x1a/0x30 [ 12.138515] </TASK> [ 12.138525] [ 12.155811] Allocated by task 228: [ 12.156289] kasan_save_stack+0x45/0x70 [ 12.156474] kasan_save_track+0x18/0x40 [ 12.156610] kasan_save_alloc_info+0x3b/0x50 [ 12.157159] __kasan_slab_alloc+0x91/0xa0 [ 12.157575] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.158123] kmem_cache_invalid_free+0x157/0x460 [ 12.158286] kunit_try_run_case+0x1a5/0x480 [ 12.158429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.158604] kthread+0x337/0x6f0 [ 12.158960] ret_from_fork+0x116/0x1d0 [ 12.159562] ret_from_fork_asm+0x1a/0x30 [ 12.160130] [ 12.160344] The buggy address belongs to the object at ffff888102787000 [ 12.160344] which belongs to the cache test_cache of size 200 [ 12.161656] The buggy address is located 1 bytes inside of [ 12.161656] 200-byte region [ffff888102787000, ffff8881027870c8) [ 12.162274] [ 12.162443] The buggy address belongs to the physical page: [ 12.163054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102787 [ 12.163536] flags: 0x200000000000000(node=0|zone=2) [ 12.163925] page_type: f5(slab) [ 12.164448] raw: 0200000000000000 ffff8881018ce140 dead000000000122 0000000000000000 [ 12.165263] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.165583] page dumped because: kasan: bad access detected [ 12.166145] [ 12.166380] Memory state around the buggy address: [ 12.166923] ffff888102786f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.167385] ffff888102786f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.167609] >ffff888102787000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.168329] ^ [ 12.168740] ffff888102787080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.169466] ffff888102787100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.169881] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
Automatically assigned
[ 12.101323] ================================================================== [ 12.101767] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.102312] Free of addr ffff888102b42000 by task kunit_try_catch/226 [ 12.102588] [ 12.102698] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.102742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.102753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.102773] Call Trace: [ 12.102784] <TASK> [ 12.102799] dump_stack_lvl+0x73/0xb0 [ 12.102826] print_report+0xd1/0x650 [ 12.102848] ? __virt_addr_valid+0x1db/0x2d0 [ 12.102872] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.102905] ? kmem_cache_double_free+0x1e5/0x480 [ 12.102930] kasan_report_invalid_free+0x10a/0x130 [ 12.102956] ? kmem_cache_double_free+0x1e5/0x480 [ 12.103002] ? kmem_cache_double_free+0x1e5/0x480 [ 12.103027] check_slab_allocation+0x101/0x130 [ 12.103048] __kasan_slab_pre_free+0x28/0x40 [ 12.103069] kmem_cache_free+0xed/0x420 [ 12.103175] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.103196] ? kmem_cache_double_free+0x1e5/0x480 [ 12.103223] kmem_cache_double_free+0x1e5/0x480 [ 12.103248] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.103272] ? finish_task_switch.isra.0+0x153/0x700 [ 12.103295] ? __switch_to+0x47/0xf50 [ 12.103323] ? __pfx_read_tsc+0x10/0x10 [ 12.103344] ? ktime_get_ts64+0x86/0x230 [ 12.103368] kunit_try_run_case+0x1a5/0x480 [ 12.103389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.103409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.103434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.103481] ? __kthread_parkme+0x82/0x180 [ 12.103501] ? preempt_count_sub+0x50/0x80 [ 12.103537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.103558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.103582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.103605] kthread+0x337/0x6f0 [ 12.103624] ? trace_preempt_on+0x20/0xc0 [ 12.103646] ? __pfx_kthread+0x10/0x10 [ 12.103667] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.103689] ? calculate_sigpending+0x7b/0xa0 [ 12.103713] ? __pfx_kthread+0x10/0x10 [ 12.103735] ret_from_fork+0x116/0x1d0 [ 12.103754] ? __pfx_kthread+0x10/0x10 [ 12.103775] ret_from_fork_asm+0x1a/0x30 [ 12.103807] </TASK> [ 12.103818] [ 12.115643] Allocated by task 226: [ 12.116167] kasan_save_stack+0x45/0x70 [ 12.116464] kasan_save_track+0x18/0x40 [ 12.116641] kasan_save_alloc_info+0x3b/0x50 [ 12.116945] __kasan_slab_alloc+0x91/0xa0 [ 12.117306] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.117518] kmem_cache_double_free+0x14f/0x480 [ 12.117714] kunit_try_run_case+0x1a5/0x480 [ 12.118141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.118466] kthread+0x337/0x6f0 [ 12.118637] ret_from_fork+0x116/0x1d0 [ 12.118869] ret_from_fork_asm+0x1a/0x30 [ 12.119190] [ 12.119281] Freed by task 226: [ 12.119421] kasan_save_stack+0x45/0x70 [ 12.119604] kasan_save_track+0x18/0x40 [ 12.120146] kasan_save_free_info+0x3f/0x60 [ 12.120304] __kasan_slab_free+0x56/0x70 [ 12.120623] kmem_cache_free+0x249/0x420 [ 12.120796] kmem_cache_double_free+0x16a/0x480 [ 12.121184] kunit_try_run_case+0x1a5/0x480 [ 12.121364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.121609] kthread+0x337/0x6f0 [ 12.122089] ret_from_fork+0x116/0x1d0 [ 12.122281] ret_from_fork_asm+0x1a/0x30 [ 12.122421] [ 12.122518] The buggy address belongs to the object at ffff888102b42000 [ 12.122518] which belongs to the cache test_cache of size 200 [ 12.123336] The buggy address is located 0 bytes inside of [ 12.123336] 200-byte region [ffff888102b42000, ffff888102b420c8) [ 12.124129] [ 12.124235] The buggy address belongs to the physical page: [ 12.124462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 12.124953] flags: 0x200000000000000(node=0|zone=2) [ 12.125196] page_type: f5(slab) [ 12.125349] raw: 0200000000000000 ffff888101b4ca00 dead000000000122 0000000000000000 [ 12.125953] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.126293] page dumped because: kasan: bad access detected [ 12.126535] [ 12.126794] Memory state around the buggy address: [ 12.126974] ffff888102b41f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.127502] ffff888102b41f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.127958] >ffff888102b42000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.128407] ^ [ 12.128533] ffff888102b42080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.128970] ffff888102b42100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.129322] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
Automatically assigned
[ 12.055856] ================================================================== [ 12.056409] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.057509] Read of size 1 at addr ffff888102b3f0c8 by task kunit_try_catch/224 [ 12.058733] [ 12.059274] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.059325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.059337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.059359] Call Trace: [ 12.059371] <TASK> [ 12.059388] dump_stack_lvl+0x73/0xb0 [ 12.059417] print_report+0xd1/0x650 [ 12.059439] ? __virt_addr_valid+0x1db/0x2d0 [ 12.059462] ? kmem_cache_oob+0x402/0x530 [ 12.059484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.059506] ? kmem_cache_oob+0x402/0x530 [ 12.059528] kasan_report+0x141/0x180 [ 12.059549] ? kmem_cache_oob+0x402/0x530 [ 12.059576] __asan_report_load1_noabort+0x18/0x20 [ 12.059599] kmem_cache_oob+0x402/0x530 [ 12.059627] ? trace_hardirqs_on+0x37/0xe0 [ 12.059651] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.059673] ? finish_task_switch.isra.0+0x153/0x700 [ 12.059694] ? __switch_to+0x47/0xf50 [ 12.059723] ? __pfx_read_tsc+0x10/0x10 [ 12.059743] ? ktime_get_ts64+0x86/0x230 [ 12.059767] kunit_try_run_case+0x1a5/0x480 [ 12.059789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.059808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.059833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.059857] ? __kthread_parkme+0x82/0x180 [ 12.059876] ? preempt_count_sub+0x50/0x80 [ 12.059907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.059927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.059951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.059974] kthread+0x337/0x6f0 [ 12.059993] ? trace_preempt_on+0x20/0xc0 [ 12.060013] ? __pfx_kthread+0x10/0x10 [ 12.060033] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.060054] ? calculate_sigpending+0x7b/0xa0 [ 12.060078] ? __pfx_kthread+0x10/0x10 [ 12.060098] ret_from_fork+0x116/0x1d0 [ 12.060116] ? __pfx_kthread+0x10/0x10 [ 12.060136] ret_from_fork_asm+0x1a/0x30 [ 12.060166] </TASK> [ 12.060176] [ 12.073367] Allocated by task 224: [ 12.073536] kasan_save_stack+0x45/0x70 [ 12.073967] kasan_save_track+0x18/0x40 [ 12.074307] kasan_save_alloc_info+0x3b/0x50 [ 12.074504] __kasan_slab_alloc+0x91/0xa0 [ 12.075024] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.075251] kmem_cache_oob+0x157/0x530 [ 12.075431] kunit_try_run_case+0x1a5/0x480 [ 12.075618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.075841] kthread+0x337/0x6f0 [ 12.076345] ret_from_fork+0x116/0x1d0 [ 12.076550] ret_from_fork_asm+0x1a/0x30 [ 12.076795] [ 12.076866] The buggy address belongs to the object at ffff888102b3f000 [ 12.076866] which belongs to the cache test_cache of size 200 [ 12.077613] The buggy address is located 0 bytes to the right of [ 12.077613] allocated 200-byte region [ffff888102b3f000, ffff888102b3f0c8) [ 12.078254] [ 12.078360] The buggy address belongs to the physical page: [ 12.078603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3f [ 12.078956] flags: 0x200000000000000(node=0|zone=2) [ 12.079199] page_type: f5(slab) [ 12.079428] raw: 0200000000000000 ffff888101b4c8c0 dead000000000122 0000000000000000 [ 12.079771] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.080279] page dumped because: kasan: bad access detected [ 12.080469] [ 12.080563] Memory state around the buggy address: [ 12.080884] ffff888102b3ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.081288] ffff888102b3f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.081588] >ffff888102b3f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.081934] ^ [ 12.082239] ffff888102b3f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.082539] ffff888102b3f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.082859] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
Automatically assigned
[ 12.022429] ================================================================== [ 12.022904] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.023199] Read of size 8 at addr ffff888102782600 by task kunit_try_catch/217 [ 12.023537] [ 12.023652] CPU: 1 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 12.023696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.023707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.023728] Call Trace: [ 12.023739] <TASK> [ 12.023770] dump_stack_lvl+0x73/0xb0 [ 12.023798] print_report+0xd1/0x650 [ 12.023819] ? __virt_addr_valid+0x1db/0x2d0 [ 12.023843] ? workqueue_uaf+0x4d6/0x560 [ 12.023863] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.023885] ? workqueue_uaf+0x4d6/0x560 [ 12.023917] kasan_report+0x141/0x180 [ 12.023938] ? workqueue_uaf+0x4d6/0x560 [ 12.024008] __asan_report_load8_noabort+0x18/0x20 [ 12.024029] workqueue_uaf+0x4d6/0x560 [ 12.024050] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.024072] ? __schedule+0x10cc/0x2b60 [ 12.024095] ? __pfx_read_tsc+0x10/0x10 [ 12.024116] ? ktime_get_ts64+0x86/0x230 [ 12.024140] kunit_try_run_case+0x1a5/0x480 [ 12.024161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.024180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.024205] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.024228] ? __kthread_parkme+0x82/0x180 [ 12.024248] ? preempt_count_sub+0x50/0x80 [ 12.024271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.024291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.024338] kthread+0x337/0x6f0 [ 12.024357] ? trace_preempt_on+0x20/0xc0 [ 12.024380] ? __pfx_kthread+0x10/0x10 [ 12.024399] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.024421] ? calculate_sigpending+0x7b/0xa0 [ 12.024445] ? __pfx_kthread+0x10/0x10 [ 12.024465] ret_from_fork+0x116/0x1d0 [ 12.024482] ? __pfx_kthread+0x10/0x10 [ 12.024502] ret_from_fork_asm+0x1a/0x30 [ 12.024532] </TASK> [ 12.024543] [ 12.032030] Allocated by task 217: [ 12.032186] kasan_save_stack+0x45/0x70 [ 12.032351] kasan_save_track+0x18/0x40 [ 12.032546] kasan_save_alloc_info+0x3b/0x50 [ 12.032733] __kasan_kmalloc+0xb7/0xc0 [ 12.032928] __kmalloc_cache_noprof+0x189/0x420 [ 12.033143] workqueue_uaf+0x152/0x560 [ 12.033312] kunit_try_run_case+0x1a5/0x480 [ 12.033502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.033716] kthread+0x337/0x6f0 [ 12.034077] ret_from_fork+0x116/0x1d0 [ 12.034219] ret_from_fork_asm+0x1a/0x30 [ 12.034359] [ 12.034456] Freed by task 44: [ 12.034606] kasan_save_stack+0x45/0x70 [ 12.034797] kasan_save_track+0x18/0x40 [ 12.034999] kasan_save_free_info+0x3f/0x60 [ 12.035316] __kasan_slab_free+0x56/0x70 [ 12.035469] kfree+0x222/0x3f0 [ 12.035586] workqueue_uaf_work+0x12/0x20 [ 12.035749] process_one_work+0x5ee/0xf60 [ 12.035995] worker_thread+0x758/0x1220 [ 12.036366] kthread+0x337/0x6f0 [ 12.036521] ret_from_fork+0x116/0x1d0 [ 12.036653] ret_from_fork_asm+0x1a/0x30 [ 12.036791] [ 12.036862] Last potentially related work creation: [ 12.037025] kasan_save_stack+0x45/0x70 [ 12.037165] kasan_record_aux_stack+0xb2/0xc0 [ 12.037418] __queue_work+0x626/0xeb0 [ 12.037606] queue_work_on+0xb6/0xc0 [ 12.037792] workqueue_uaf+0x26d/0x560 [ 12.037996] kunit_try_run_case+0x1a5/0x480 [ 12.038387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.038560] kthread+0x337/0x6f0 [ 12.038678] ret_from_fork+0x116/0x1d0 [ 12.038807] ret_from_fork_asm+0x1a/0x30 [ 12.039107] [ 12.039206] The buggy address belongs to the object at ffff888102782600 [ 12.039206] which belongs to the cache kmalloc-32 of size 32 [ 12.039905] The buggy address is located 0 bytes inside of [ 12.039905] freed 32-byte region [ffff888102782600, ffff888102782620) [ 12.040435] [ 12.040531] The buggy address belongs to the physical page: [ 12.040800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102782 [ 12.041141] flags: 0x200000000000000(node=0|zone=2) [ 12.041328] page_type: f5(slab) [ 12.041449] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.041976] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.042330] page dumped because: kasan: bad access detected [ 12.042587] [ 12.042772] Memory state around the buggy address: [ 12.043026] ffff888102782500: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 12.043310] ffff888102782580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.043608] >ffff888102782600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.043919] ^ [ 12.044099] ffff888102782680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.044396] ffff888102782700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.044711] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
Automatically assigned
[ 11.975051] ================================================================== [ 11.975509] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.975821] Read of size 4 at addr ffff888102b37a40 by task swapper/0/0 [ 11.976182] [ 11.976338] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.976383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.976394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.976416] Call Trace: [ 11.976440] <IRQ> [ 11.976455] dump_stack_lvl+0x73/0xb0 [ 11.976482] print_report+0xd1/0x650 [ 11.976504] ? __virt_addr_valid+0x1db/0x2d0 [ 11.976528] ? rcu_uaf_reclaim+0x50/0x60 [ 11.976547] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.976569] ? rcu_uaf_reclaim+0x50/0x60 [ 11.976590] kasan_report+0x141/0x180 [ 11.976612] ? rcu_uaf_reclaim+0x50/0x60 [ 11.976673] __asan_report_load4_noabort+0x18/0x20 [ 11.976695] rcu_uaf_reclaim+0x50/0x60 [ 11.976715] rcu_core+0x66f/0x1c40 [ 11.976744] ? __pfx_rcu_core+0x10/0x10 [ 11.976764] ? ktime_get+0x6b/0x150 [ 11.976786] ? handle_softirqs+0x18e/0x730 [ 11.976810] rcu_core_si+0x12/0x20 [ 11.976829] handle_softirqs+0x209/0x730 [ 11.976848] ? hrtimer_interrupt+0x2fe/0x780 [ 11.976875] ? __pfx_handle_softirqs+0x10/0x10 [ 11.976910] __irq_exit_rcu+0xc9/0x110 [ 11.976945] irq_exit_rcu+0x12/0x20 [ 11.976965] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.976992] </IRQ> [ 11.977018] <TASK> [ 11.977028] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.977158] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.977365] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 a8 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.977443] RSP: 0000:ffffffffb9a07dd8 EFLAGS: 00010206 [ 11.977535] RAX: ffff8881a025d000 RBX: ffffffffb9a1cac0 RCX: ffffffffb88b1245 [ 11.977581] RDX: ffffed102b60618b RSI: 0000000000000004 RDI: 0000000000012834 [ 11.977623] RBP: ffffffffb9a07de0 R08: 0000000000000001 R09: ffffed102b60618a [ 11.977663] R10: ffff88815b030c53 R11: 0000000000000000 R12: 0000000000000000 [ 11.977704] R13: fffffbfff7343958 R14: ffffffffba5c2890 R15: 0000000000000000 [ 11.977759] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.977809] ? default_idle+0xd/0x20 [ 11.977828] arch_cpu_idle+0xd/0x20 [ 11.977847] default_idle_call+0x48/0x80 [ 11.977866] do_idle+0x379/0x4f0 [ 11.977904] ? __pfx_do_idle+0x10/0x10 [ 11.977926] ? trace_preempt_on+0x20/0xc0 [ 11.977959] ? schedule+0x86/0x2e0 [ 11.977979] ? preempt_count_sub+0x50/0x80 [ 11.978002] cpu_startup_entry+0x5c/0x70 [ 11.978025] rest_init+0x11a/0x140 [ 11.978043] ? acpi_subsystem_init+0x5d/0x150 [ 11.978068] start_kernel+0x330/0x410 [ 11.978088] x86_64_start_reservations+0x1c/0x30 [ 11.978109] x86_64_start_kernel+0x10d/0x120 [ 11.978129] common_startup_64+0x13e/0x148 [ 11.978160] </TASK> [ 11.978171] [ 11.994416] Allocated by task 215: [ 11.994588] kasan_save_stack+0x45/0x70 [ 11.995339] kasan_save_track+0x18/0x40 [ 11.995774] kasan_save_alloc_info+0x3b/0x50 [ 11.996056] __kasan_kmalloc+0xb7/0xc0 [ 11.996238] __kmalloc_cache_noprof+0x189/0x420 [ 11.996438] rcu_uaf+0xb0/0x330 [ 11.996589] kunit_try_run_case+0x1a5/0x480 [ 11.997136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.997383] kthread+0x337/0x6f0 [ 11.997543] ret_from_fork+0x116/0x1d0 [ 11.998116] ret_from_fork_asm+0x1a/0x30 [ 11.998401] [ 11.998646] Freed by task 0: [ 11.999117] kasan_save_stack+0x45/0x70 [ 11.999320] kasan_save_track+0x18/0x40 [ 11.999503] kasan_save_free_info+0x3f/0x60 [ 12.000152] __kasan_slab_free+0x56/0x70 [ 12.000406] kfree+0x222/0x3f0 [ 12.000701] rcu_uaf_reclaim+0x1f/0x60 [ 12.001144] rcu_core+0x66f/0x1c40 [ 12.001323] rcu_core_si+0x12/0x20 [ 12.001478] handle_softirqs+0x209/0x730 [ 12.002064] __irq_exit_rcu+0xc9/0x110 [ 12.002338] irq_exit_rcu+0x12/0x20 [ 12.002792] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.003442] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.003885] [ 12.004107] Last potentially related work creation: [ 12.004329] kasan_save_stack+0x45/0x70 [ 12.004518] kasan_record_aux_stack+0xb2/0xc0 [ 12.005173] __call_rcu_common.constprop.0+0x72/0x9d0 [ 12.005567] call_rcu+0x12/0x20 [ 12.005885] rcu_uaf+0x168/0x330 [ 12.006297] kunit_try_run_case+0x1a5/0x480 [ 12.006500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.007113] kthread+0x337/0x6f0 [ 12.007351] ret_from_fork+0x116/0x1d0 [ 12.007711] ret_from_fork_asm+0x1a/0x30 [ 12.008162] [ 12.008271] The buggy address belongs to the object at ffff888102b37a40 [ 12.008271] which belongs to the cache kmalloc-32 of size 32 [ 12.009219] The buggy address is located 0 bytes inside of [ 12.009219] freed 32-byte region [ffff888102b37a40, ffff888102b37a60) [ 12.010220] [ 12.010320] The buggy address belongs to the physical page: [ 12.010553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b37 [ 12.011535] flags: 0x200000000000000(node=0|zone=2) [ 12.012301] page_type: f5(slab) [ 12.012553] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.012887] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.013467] page dumped because: kasan: bad access detected [ 12.014021] [ 12.014202] Memory state around the buggy address: [ 12.014569] ffff888102b37900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.014884] ffff888102b37980: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.015783] >ffff888102b37a00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.016403] ^ [ 12.016651] ffff888102b37a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.017196] ffff888102b37b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.017591] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
Automatically assigned
[ 11.868331] ================================================================== [ 11.868746] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.869197] Read of size 1 at addr ffff888102b2d500 by task kunit_try_catch/213 [ 11.870038] [ 11.870287] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.870333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.870344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.870364] Call Trace: [ 11.870375] <TASK> [ 11.870390] dump_stack_lvl+0x73/0xb0 [ 11.870417] print_report+0xd1/0x650 [ 11.870438] ? __virt_addr_valid+0x1db/0x2d0 [ 11.870462] ? ksize_uaf+0x19d/0x6c0 [ 11.870481] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.870503] ? ksize_uaf+0x19d/0x6c0 [ 11.870524] kasan_report+0x141/0x180 [ 11.870545] ? ksize_uaf+0x19d/0x6c0 [ 11.870568] ? ksize_uaf+0x19d/0x6c0 [ 11.870588] __kasan_check_byte+0x3d/0x50 [ 11.870609] ksize+0x20/0x60 [ 11.870628] ksize_uaf+0x19d/0x6c0 [ 11.870647] ? __pfx_ksize_uaf+0x10/0x10 [ 11.870668] ? __schedule+0x10cc/0x2b60 [ 11.870691] ? __pfx_read_tsc+0x10/0x10 [ 11.870712] ? ktime_get_ts64+0x86/0x230 [ 11.870735] kunit_try_run_case+0x1a5/0x480 [ 11.870755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.870774] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.870798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.870821] ? __kthread_parkme+0x82/0x180 [ 11.870841] ? preempt_count_sub+0x50/0x80 [ 11.870864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.870884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.870919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.870952] kthread+0x337/0x6f0 [ 11.870970] ? trace_preempt_on+0x20/0xc0 [ 11.870992] ? __pfx_kthread+0x10/0x10 [ 11.871013] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.871035] ? calculate_sigpending+0x7b/0xa0 [ 11.871058] ? __pfx_kthread+0x10/0x10 [ 11.871079] ret_from_fork+0x116/0x1d0 [ 11.871096] ? __pfx_kthread+0x10/0x10 [ 11.871116] ret_from_fork_asm+0x1a/0x30 [ 11.871145] </TASK> [ 11.871155] [ 11.885422] Allocated by task 213: [ 11.885621] kasan_save_stack+0x45/0x70 [ 11.885800] kasan_save_track+0x18/0x40 [ 11.886208] kasan_save_alloc_info+0x3b/0x50 [ 11.886756] __kasan_kmalloc+0xb7/0xc0 [ 11.887158] __kmalloc_cache_noprof+0x189/0x420 [ 11.887683] ksize_uaf+0xaa/0x6c0 [ 11.887811] kunit_try_run_case+0x1a5/0x480 [ 11.887981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.888164] kthread+0x337/0x6f0 [ 11.888285] ret_from_fork+0x116/0x1d0 [ 11.888416] ret_from_fork_asm+0x1a/0x30 [ 11.888554] [ 11.888670] Freed by task 213: [ 11.889062] kasan_save_stack+0x45/0x70 [ 11.889473] kasan_save_track+0x18/0x40 [ 11.889856] kasan_save_free_info+0x3f/0x60 [ 11.890328] __kasan_slab_free+0x56/0x70 [ 11.890725] kfree+0x222/0x3f0 [ 11.891284] ksize_uaf+0x12c/0x6c0 [ 11.891611] kunit_try_run_case+0x1a5/0x480 [ 11.892005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.892545] kthread+0x337/0x6f0 [ 11.892909] ret_from_fork+0x116/0x1d0 [ 11.893311] ret_from_fork_asm+0x1a/0x30 [ 11.893661] [ 11.893735] The buggy address belongs to the object at ffff888102b2d500 [ 11.893735] which belongs to the cache kmalloc-128 of size 128 [ 11.894524] The buggy address is located 0 bytes inside of [ 11.894524] freed 128-byte region [ffff888102b2d500, ffff888102b2d580) [ 11.895647] [ 11.895836] The buggy address belongs to the physical page: [ 11.896295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 11.896788] flags: 0x200000000000000(node=0|zone=2) [ 11.897070] page_type: f5(slab) [ 11.897381] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.898194] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.898759] page dumped because: kasan: bad access detected [ 11.898954] [ 11.899113] Memory state around the buggy address: [ 11.899573] ffff888102b2d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.900295] ffff888102b2d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.900753] >ffff888102b2d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.901130] ^ [ 11.901513] ffff888102b2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.902322] ffff888102b2d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.902536] ================================================================== [ 11.930570] ================================================================== [ 11.930794] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.931420] Read of size 1 at addr ffff888102b2d578 by task kunit_try_catch/213 [ 11.931920] [ 11.932551] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.932596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.932607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.932627] Call Trace: [ 11.932642] <TASK> [ 11.932656] dump_stack_lvl+0x73/0xb0 [ 11.932683] print_report+0xd1/0x650 [ 11.932704] ? __virt_addr_valid+0x1db/0x2d0 [ 11.932726] ? ksize_uaf+0x5e4/0x6c0 [ 11.932746] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.932768] ? ksize_uaf+0x5e4/0x6c0 [ 11.932789] kasan_report+0x141/0x180 [ 11.932810] ? ksize_uaf+0x5e4/0x6c0 [ 11.932835] __asan_report_load1_noabort+0x18/0x20 [ 11.932858] ksize_uaf+0x5e4/0x6c0 [ 11.932878] ? __pfx_ksize_uaf+0x10/0x10 [ 11.932914] ? __schedule+0x10cc/0x2b60 [ 11.932937] ? __pfx_read_tsc+0x10/0x10 [ 11.932969] ? ktime_get_ts64+0x86/0x230 [ 11.932992] kunit_try_run_case+0x1a5/0x480 [ 11.933013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.933032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.933059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.933083] ? __kthread_parkme+0x82/0x180 [ 11.933101] ? preempt_count_sub+0x50/0x80 [ 11.933125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.933145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.933168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.933192] kthread+0x337/0x6f0 [ 11.933210] ? trace_preempt_on+0x20/0xc0 [ 11.933231] ? __pfx_kthread+0x10/0x10 [ 11.933251] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.933273] ? calculate_sigpending+0x7b/0xa0 [ 11.933295] ? __pfx_kthread+0x10/0x10 [ 11.933316] ret_from_fork+0x116/0x1d0 [ 11.933334] ? __pfx_kthread+0x10/0x10 [ 11.933354] ret_from_fork_asm+0x1a/0x30 [ 11.933384] </TASK> [ 11.933393] [ 11.942072] Allocated by task 213: [ 11.942399] kasan_save_stack+0x45/0x70 [ 11.942551] kasan_save_track+0x18/0x40 [ 11.942695] kasan_save_alloc_info+0x3b/0x50 [ 11.942846] __kasan_kmalloc+0xb7/0xc0 [ 11.942991] __kmalloc_cache_noprof+0x189/0x420 [ 11.943148] ksize_uaf+0xaa/0x6c0 [ 11.943271] kunit_try_run_case+0x1a5/0x480 [ 11.943412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.943586] kthread+0x337/0x6f0 [ 11.943705] ret_from_fork+0x116/0x1d0 [ 11.943836] ret_from_fork_asm+0x1a/0x30 [ 11.944831] [ 11.945160] Freed by task 213: [ 11.945676] kasan_save_stack+0x45/0x70 [ 11.946320] kasan_save_track+0x18/0x40 [ 11.946890] kasan_save_free_info+0x3f/0x60 [ 11.947516] __kasan_slab_free+0x56/0x70 [ 11.948270] kfree+0x222/0x3f0 [ 11.948763] ksize_uaf+0x12c/0x6c0 [ 11.949443] kunit_try_run_case+0x1a5/0x480 [ 11.950170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.950884] kthread+0x337/0x6f0 [ 11.951384] ret_from_fork+0x116/0x1d0 [ 11.951916] ret_from_fork_asm+0x1a/0x30 [ 11.952574] [ 11.952937] The buggy address belongs to the object at ffff888102b2d500 [ 11.952937] which belongs to the cache kmalloc-128 of size 128 [ 11.954423] The buggy address is located 120 bytes inside of [ 11.954423] freed 128-byte region [ffff888102b2d500, ffff888102b2d580) [ 11.954919] [ 11.955007] The buggy address belongs to the physical page: [ 11.955255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 11.955563] flags: 0x200000000000000(node=0|zone=2) [ 11.955804] page_type: f5(slab) [ 11.956530] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.957056] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.957571] page dumped because: kasan: bad access detected [ 11.957985] [ 11.958085] Memory state around the buggy address: [ 11.958462] ffff888102b2d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.958865] ffff888102b2d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.959305] >ffff888102b2d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.959716] ^ [ 11.960134] ffff888102b2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.960457] ffff888102b2d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.961066] ================================================================== [ 11.903334] ================================================================== [ 11.903974] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.904606] Read of size 1 at addr ffff888102b2d500 by task kunit_try_catch/213 [ 11.905295] [ 11.905526] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.905572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.905583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.905602] Call Trace: [ 11.905614] <TASK> [ 11.905627] dump_stack_lvl+0x73/0xb0 [ 11.905651] print_report+0xd1/0x650 [ 11.905672] ? __virt_addr_valid+0x1db/0x2d0 [ 11.905694] ? ksize_uaf+0x5fe/0x6c0 [ 11.905715] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.905737] ? ksize_uaf+0x5fe/0x6c0 [ 11.905758] kasan_report+0x141/0x180 [ 11.905779] ? ksize_uaf+0x5fe/0x6c0 [ 11.905804] __asan_report_load1_noabort+0x18/0x20 [ 11.905828] ksize_uaf+0x5fe/0x6c0 [ 11.905848] ? __pfx_ksize_uaf+0x10/0x10 [ 11.905869] ? __schedule+0x10cc/0x2b60 [ 11.905901] ? __pfx_read_tsc+0x10/0x10 [ 11.905922] ? ktime_get_ts64+0x86/0x230 [ 11.906093] kunit_try_run_case+0x1a5/0x480 [ 11.906123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.906142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.906167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.906190] ? __kthread_parkme+0x82/0x180 [ 11.906210] ? preempt_count_sub+0x50/0x80 [ 11.906232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.906253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.906276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.906299] kthread+0x337/0x6f0 [ 11.906318] ? trace_preempt_on+0x20/0xc0 [ 11.906340] ? __pfx_kthread+0x10/0x10 [ 11.906360] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.906382] ? calculate_sigpending+0x7b/0xa0 [ 11.906404] ? __pfx_kthread+0x10/0x10 [ 11.906425] ret_from_fork+0x116/0x1d0 [ 11.906442] ? __pfx_kthread+0x10/0x10 [ 11.906462] ret_from_fork_asm+0x1a/0x30 [ 11.906491] </TASK> [ 11.906500] [ 11.915633] Allocated by task 213: [ 11.915818] kasan_save_stack+0x45/0x70 [ 11.915980] kasan_save_track+0x18/0x40 [ 11.916116] kasan_save_alloc_info+0x3b/0x50 [ 11.916328] __kasan_kmalloc+0xb7/0xc0 [ 11.916517] __kmalloc_cache_noprof+0x189/0x420 [ 11.916806] ksize_uaf+0xaa/0x6c0 [ 11.916938] kunit_try_run_case+0x1a5/0x480 [ 11.917086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.917277] kthread+0x337/0x6f0 [ 11.917452] ret_from_fork+0x116/0x1d0 [ 11.917642] ret_from_fork_asm+0x1a/0x30 [ 11.918150] [ 11.918244] Freed by task 213: [ 11.918357] kasan_save_stack+0x45/0x70 [ 11.918501] kasan_save_track+0x18/0x40 [ 11.920473] kasan_save_free_info+0x3f/0x60 [ 11.920636] __kasan_slab_free+0x56/0x70 [ 11.920774] kfree+0x222/0x3f0 [ 11.920909] ksize_uaf+0x12c/0x6c0 [ 11.921036] kunit_try_run_case+0x1a5/0x480 [ 11.921182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.921520] kthread+0x337/0x6f0 [ 11.921646] ret_from_fork+0x116/0x1d0 [ 11.921830] ret_from_fork_asm+0x1a/0x30 [ 11.922213] [ 11.922291] The buggy address belongs to the object at ffff888102b2d500 [ 11.922291] which belongs to the cache kmalloc-128 of size 128 [ 11.922976] The buggy address is located 0 bytes inside of [ 11.922976] freed 128-byte region [ffff888102b2d500, ffff888102b2d580) [ 11.923321] [ 11.923705] The buggy address belongs to the physical page: [ 11.924101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 11.924464] flags: 0x200000000000000(node=0|zone=2) [ 11.924698] page_type: f5(slab) [ 11.924853] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.925149] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.925378] page dumped because: kasan: bad access detected [ 11.925553] [ 11.927924] Memory state around the buggy address: [ 11.928348] ffff888102b2d400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.928815] ffff888102b2d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.929343] >ffff888102b2d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.929558] ^ [ 11.929675] ffff888102b2d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.929885] ffff888102b2d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.930119] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
Automatically assigned
[ 11.829942] ================================================================== [ 11.830171] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.830410] Read of size 1 at addr ffff88810276e77f by task kunit_try_catch/211 [ 11.830633] [ 11.830717] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.830758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.830769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.830787] Call Trace: [ 11.830800] <TASK> [ 11.830812] dump_stack_lvl+0x73/0xb0 [ 11.830834] print_report+0xd1/0x650 [ 11.830856] ? __virt_addr_valid+0x1db/0x2d0 [ 11.830879] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.830967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.830992] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.831016] kasan_report+0x141/0x180 [ 11.831039] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.831067] __asan_report_load1_noabort+0x18/0x20 [ 11.831092] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.831176] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.831201] ? finish_task_switch.isra.0+0x153/0x700 [ 11.831224] ? __switch_to+0x47/0xf50 [ 11.831249] ? __schedule+0x10cc/0x2b60 [ 11.831271] ? __pfx_read_tsc+0x10/0x10 [ 11.831292] ? ktime_get_ts64+0x86/0x230 [ 11.831315] kunit_try_run_case+0x1a5/0x480 [ 11.831337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.831357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.831382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.831407] ? __kthread_parkme+0x82/0x180 [ 11.831427] ? preempt_count_sub+0x50/0x80 [ 11.831450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.831474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.831500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.831527] kthread+0x337/0x6f0 [ 11.831546] ? trace_preempt_on+0x20/0xc0 [ 11.831568] ? __pfx_kthread+0x10/0x10 [ 11.831588] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.831611] ? calculate_sigpending+0x7b/0xa0 [ 11.831635] ? __pfx_kthread+0x10/0x10 [ 11.831656] ret_from_fork+0x116/0x1d0 [ 11.831674] ? __pfx_kthread+0x10/0x10 [ 11.831694] ret_from_fork_asm+0x1a/0x30 [ 11.831725] </TASK> [ 11.831734] [ 11.849855] Allocated by task 211: [ 11.850268] kasan_save_stack+0x45/0x70 [ 11.850882] kasan_save_track+0x18/0x40 [ 11.851265] kasan_save_alloc_info+0x3b/0x50 [ 11.851422] __kasan_kmalloc+0xb7/0xc0 [ 11.851555] __kmalloc_cache_noprof+0x189/0x420 [ 11.851964] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.852540] kunit_try_run_case+0x1a5/0x480 [ 11.853086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.853619] kthread+0x337/0x6f0 [ 11.854042] ret_from_fork+0x116/0x1d0 [ 11.854452] ret_from_fork_asm+0x1a/0x30 [ 11.854778] [ 11.855149] The buggy address belongs to the object at ffff88810276e700 [ 11.855149] which belongs to the cache kmalloc-128 of size 128 [ 11.855638] The buggy address is located 12 bytes to the right of [ 11.855638] allocated 115-byte region [ffff88810276e700, ffff88810276e773) [ 11.857030] [ 11.857269] The buggy address belongs to the physical page: [ 11.857466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 11.857938] flags: 0x200000000000000(node=0|zone=2) [ 11.858613] page_type: f5(slab) [ 11.859055] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.859623] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.859853] page dumped because: kasan: bad access detected [ 11.860541] [ 11.860664] Memory state around the buggy address: [ 11.860824] ffff88810276e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.861444] ffff88810276e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.862174] >ffff88810276e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.862966] ^ [ 11.863391] ffff88810276e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.863611] ffff88810276e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.864359] ================================================================== [ 11.791006] ================================================================== [ 11.791570] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.791997] Read of size 1 at addr ffff88810276e773 by task kunit_try_catch/211 [ 11.792270] [ 11.792382] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.792427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.792438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.792458] Call Trace: [ 11.792468] <TASK> [ 11.792482] dump_stack_lvl+0x73/0xb0 [ 11.792508] print_report+0xd1/0x650 [ 11.792531] ? __virt_addr_valid+0x1db/0x2d0 [ 11.792556] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.792580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.792604] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.792639] kasan_report+0x141/0x180 [ 11.792662] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.792691] __asan_report_load1_noabort+0x18/0x20 [ 11.792716] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.792741] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.792765] ? finish_task_switch.isra.0+0x153/0x700 [ 11.792789] ? __switch_to+0x47/0xf50 [ 11.792816] ? __schedule+0x10cc/0x2b60 [ 11.792839] ? __pfx_read_tsc+0x10/0x10 [ 11.792861] ? ktime_get_ts64+0x86/0x230 [ 11.792885] kunit_try_run_case+0x1a5/0x480 [ 11.792920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.792940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.792966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.792991] ? __kthread_parkme+0x82/0x180 [ 11.793012] ? preempt_count_sub+0x50/0x80 [ 11.793036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.793062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.793088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.793114] kthread+0x337/0x6f0 [ 11.793134] ? trace_preempt_on+0x20/0xc0 [ 11.793157] ? __pfx_kthread+0x10/0x10 [ 11.793223] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.793249] ? calculate_sigpending+0x7b/0xa0 [ 11.793276] ? __pfx_kthread+0x10/0x10 [ 11.793298] ret_from_fork+0x116/0x1d0 [ 11.793317] ? __pfx_kthread+0x10/0x10 [ 11.793338] ret_from_fork_asm+0x1a/0x30 [ 11.793369] </TASK> [ 11.793379] [ 11.801585] Allocated by task 211: [ 11.801768] kasan_save_stack+0x45/0x70 [ 11.801926] kasan_save_track+0x18/0x40 [ 11.802063] kasan_save_alloc_info+0x3b/0x50 [ 11.802271] __kasan_kmalloc+0xb7/0xc0 [ 11.802464] __kmalloc_cache_noprof+0x189/0x420 [ 11.802784] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.803010] kunit_try_run_case+0x1a5/0x480 [ 11.803155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.803668] kthread+0x337/0x6f0 [ 11.803850] ret_from_fork+0x116/0x1d0 [ 11.804111] ret_from_fork_asm+0x1a/0x30 [ 11.804321] [ 11.804392] The buggy address belongs to the object at ffff88810276e700 [ 11.804392] which belongs to the cache kmalloc-128 of size 128 [ 11.805083] The buggy address is located 0 bytes to the right of [ 11.805083] allocated 115-byte region [ffff88810276e700, ffff88810276e773) [ 11.805470] [ 11.805541] The buggy address belongs to the physical page: [ 11.805716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 11.806082] flags: 0x200000000000000(node=0|zone=2) [ 11.806312] page_type: f5(slab) [ 11.806476] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.807118] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.807354] page dumped because: kasan: bad access detected [ 11.807799] [ 11.807910] Memory state around the buggy address: [ 11.808155] ffff88810276e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.808401] ffff88810276e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.808617] >ffff88810276e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.809057] ^ [ 11.809367] ffff88810276e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.809649] ffff88810276e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.809989] ================================================================== [ 11.810445] ================================================================== [ 11.810804] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.811267] Read of size 1 at addr ffff88810276e778 by task kunit_try_catch/211 [ 11.811579] [ 11.811692] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.811732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.811743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.811762] Call Trace: [ 11.811774] <TASK> [ 11.811786] dump_stack_lvl+0x73/0xb0 [ 11.811811] print_report+0xd1/0x650 [ 11.811833] ? __virt_addr_valid+0x1db/0x2d0 [ 11.811856] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.811881] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.811920] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.811990] kasan_report+0x141/0x180 [ 11.812016] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.812045] __asan_report_load1_noabort+0x18/0x20 [ 11.812071] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.812096] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.812120] ? finish_task_switch.isra.0+0x153/0x700 [ 11.812144] ? __switch_to+0x47/0xf50 [ 11.812169] ? __schedule+0x10cc/0x2b60 [ 11.812192] ? __pfx_read_tsc+0x10/0x10 [ 11.812213] ? ktime_get_ts64+0x86/0x230 [ 11.812237] kunit_try_run_case+0x1a5/0x480 [ 11.812259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.812281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.812308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.812333] ? __kthread_parkme+0x82/0x180 [ 11.812353] ? preempt_count_sub+0x50/0x80 [ 11.812376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.812399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.812425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.812452] kthread+0x337/0x6f0 [ 11.812472] ? trace_preempt_on+0x20/0xc0 [ 11.812494] ? __pfx_kthread+0x10/0x10 [ 11.812515] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.812538] ? calculate_sigpending+0x7b/0xa0 [ 11.812562] ? __pfx_kthread+0x10/0x10 [ 11.812584] ret_from_fork+0x116/0x1d0 [ 11.812603] ? __pfx_kthread+0x10/0x10 [ 11.812623] ret_from_fork_asm+0x1a/0x30 [ 11.812666] </TASK> [ 11.812676] [ 11.820709] Allocated by task 211: [ 11.820837] kasan_save_stack+0x45/0x70 [ 11.820993] kasan_save_track+0x18/0x40 [ 11.821133] kasan_save_alloc_info+0x3b/0x50 [ 11.821390] __kasan_kmalloc+0xb7/0xc0 [ 11.821589] __kmalloc_cache_noprof+0x189/0x420 [ 11.821818] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.822055] kunit_try_run_case+0x1a5/0x480 [ 11.822457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.822733] kthread+0x337/0x6f0 [ 11.822890] ret_from_fork+0x116/0x1d0 [ 11.823198] ret_from_fork_asm+0x1a/0x30 [ 11.823370] [ 11.823442] The buggy address belongs to the object at ffff88810276e700 [ 11.823442] which belongs to the cache kmalloc-128 of size 128 [ 11.823798] The buggy address is located 5 bytes to the right of [ 11.823798] allocated 115-byte region [ffff88810276e700, ffff88810276e773) [ 11.824349] [ 11.824442] The buggy address belongs to the physical page: [ 11.824744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 11.825112] flags: 0x200000000000000(node=0|zone=2) [ 11.825318] page_type: f5(slab) [ 11.825435] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.825766] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.826528] page dumped because: kasan: bad access detected [ 11.826932] [ 11.827068] Memory state around the buggy address: [ 11.827305] ffff88810276e600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.827603] ffff88810276e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.827854] >ffff88810276e700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.828843] ^ [ 11.829090] ffff88810276e780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.829317] ffff88810276e800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.829529] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive: Failure
Automatically assigned
[ 11.763472] ================================================================== [ 11.764057] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.764347] Free of addr ffff888102ae9120 by task kunit_try_catch/209 [ 11.764639] [ 11.764746] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.764786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.764796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.764815] Call Trace: [ 11.764825] <TASK> [ 11.764838] dump_stack_lvl+0x73/0xb0 [ 11.764861] print_report+0xd1/0x650 [ 11.764883] ? __virt_addr_valid+0x1db/0x2d0 [ 11.764918] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.764940] ? kfree_sensitive+0x2e/0x90 [ 11.764960] kasan_report_invalid_free+0x10a/0x130 [ 11.764984] ? kfree_sensitive+0x2e/0x90 [ 11.765005] ? kfree_sensitive+0x2e/0x90 [ 11.765197] check_slab_allocation+0x101/0x130 [ 11.765220] __kasan_slab_pre_free+0x28/0x40 [ 11.765241] kfree+0xf0/0x3f0 [ 11.765262] ? kfree_sensitive+0x2e/0x90 [ 11.765284] kfree_sensitive+0x2e/0x90 [ 11.765303] kmalloc_double_kzfree+0x19c/0x350 [ 11.765326] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.765349] ? __schedule+0x10cc/0x2b60 [ 11.765373] ? __pfx_read_tsc+0x10/0x10 [ 11.765393] ? ktime_get_ts64+0x86/0x230 [ 11.765417] kunit_try_run_case+0x1a5/0x480 [ 11.765437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.765456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.765480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.765504] ? __kthread_parkme+0x82/0x180 [ 11.765524] ? preempt_count_sub+0x50/0x80 [ 11.765546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.765567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.765590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.765614] kthread+0x337/0x6f0 [ 11.765644] ? trace_preempt_on+0x20/0xc0 [ 11.765665] ? __pfx_kthread+0x10/0x10 [ 11.765685] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.765707] ? calculate_sigpending+0x7b/0xa0 [ 11.765730] ? __pfx_kthread+0x10/0x10 [ 11.765750] ret_from_fork+0x116/0x1d0 [ 11.765768] ? __pfx_kthread+0x10/0x10 [ 11.765788] ret_from_fork_asm+0x1a/0x30 [ 11.765817] </TASK> [ 11.765827] [ 11.774218] Allocated by task 209: [ 11.774405] kasan_save_stack+0x45/0x70 [ 11.774556] kasan_save_track+0x18/0x40 [ 11.774737] kasan_save_alloc_info+0x3b/0x50 [ 11.775043] __kasan_kmalloc+0xb7/0xc0 [ 11.775217] __kmalloc_cache_noprof+0x189/0x420 [ 11.775398] kmalloc_double_kzfree+0xa9/0x350 [ 11.775546] kunit_try_run_case+0x1a5/0x480 [ 11.775687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.775934] kthread+0x337/0x6f0 [ 11.776211] ret_from_fork+0x116/0x1d0 [ 11.776402] ret_from_fork_asm+0x1a/0x30 [ 11.776598] [ 11.776754] Freed by task 209: [ 11.776932] kasan_save_stack+0x45/0x70 [ 11.777141] kasan_save_track+0x18/0x40 [ 11.777393] kasan_save_free_info+0x3f/0x60 [ 11.777543] __kasan_slab_free+0x56/0x70 [ 11.777844] kfree+0x222/0x3f0 [ 11.778152] kfree_sensitive+0x67/0x90 [ 11.778328] kmalloc_double_kzfree+0x12b/0x350 [ 11.778519] kunit_try_run_case+0x1a5/0x480 [ 11.778727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.779005] kthread+0x337/0x6f0 [ 11.779164] ret_from_fork+0x116/0x1d0 [ 11.779311] ret_from_fork_asm+0x1a/0x30 [ 11.779508] [ 11.779578] The buggy address belongs to the object at ffff888102ae9120 [ 11.779578] which belongs to the cache kmalloc-16 of size 16 [ 11.779939] The buggy address is located 0 bytes inside of [ 11.779939] 16-byte region [ffff888102ae9120, ffff888102ae9130) [ 11.780419] [ 11.780518] The buggy address belongs to the physical page: [ 11.780934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 11.781527] flags: 0x200000000000000(node=0|zone=2) [ 11.781686] page_type: f5(slab) [ 11.781804] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.782535] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.783080] page dumped because: kasan: bad access detected [ 11.783286] [ 11.783354] Memory state around the buggy address: [ 11.783511] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.783836] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.784238] >ffff888102ae9100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.784525] ^ [ 11.784697] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.785012] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.785324] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
Automatically assigned
[ 11.741748] ================================================================== [ 11.742505] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.742820] Read of size 1 at addr ffff888102ae9120 by task kunit_try_catch/209 [ 11.743158] [ 11.743322] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.743368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.743378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.743398] Call Trace: [ 11.743409] <TASK> [ 11.743423] dump_stack_lvl+0x73/0xb0 [ 11.743449] print_report+0xd1/0x650 [ 11.743471] ? __virt_addr_valid+0x1db/0x2d0 [ 11.743494] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.743516] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.743538] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.743561] kasan_report+0x141/0x180 [ 11.743583] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.743608] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.743642] __kasan_check_byte+0x3d/0x50 [ 11.743664] kfree_sensitive+0x22/0x90 [ 11.743686] kmalloc_double_kzfree+0x19c/0x350 [ 11.743708] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.743732] ? __schedule+0x10cc/0x2b60 [ 11.743756] ? __pfx_read_tsc+0x10/0x10 [ 11.743776] ? ktime_get_ts64+0x86/0x230 [ 11.743799] kunit_try_run_case+0x1a5/0x480 [ 11.743820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.743839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.743863] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.743887] ? __kthread_parkme+0x82/0x180 [ 11.743921] ? preempt_count_sub+0x50/0x80 [ 11.743988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.744012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.744036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.744060] kthread+0x337/0x6f0 [ 11.744079] ? trace_preempt_on+0x20/0xc0 [ 11.744100] ? __pfx_kthread+0x10/0x10 [ 11.744120] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.744143] ? calculate_sigpending+0x7b/0xa0 [ 11.744166] ? __pfx_kthread+0x10/0x10 [ 11.744187] ret_from_fork+0x116/0x1d0 [ 11.744205] ? __pfx_kthread+0x10/0x10 [ 11.744225] ret_from_fork_asm+0x1a/0x30 [ 11.744255] </TASK> [ 11.744265] [ 11.752093] Allocated by task 209: [ 11.752286] kasan_save_stack+0x45/0x70 [ 11.752574] kasan_save_track+0x18/0x40 [ 11.752827] kasan_save_alloc_info+0x3b/0x50 [ 11.753175] __kasan_kmalloc+0xb7/0xc0 [ 11.753320] __kmalloc_cache_noprof+0x189/0x420 [ 11.753477] kmalloc_double_kzfree+0xa9/0x350 [ 11.753669] kunit_try_run_case+0x1a5/0x480 [ 11.753873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.754154] kthread+0x337/0x6f0 [ 11.754427] ret_from_fork+0x116/0x1d0 [ 11.754565] ret_from_fork_asm+0x1a/0x30 [ 11.754703] [ 11.754773] Freed by task 209: [ 11.754883] kasan_save_stack+0x45/0x70 [ 11.755240] kasan_save_track+0x18/0x40 [ 11.755448] kasan_save_free_info+0x3f/0x60 [ 11.755661] __kasan_slab_free+0x56/0x70 [ 11.755860] kfree+0x222/0x3f0 [ 11.756102] kfree_sensitive+0x67/0x90 [ 11.756251] kmalloc_double_kzfree+0x12b/0x350 [ 11.756411] kunit_try_run_case+0x1a5/0x480 [ 11.756610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.756908] kthread+0x337/0x6f0 [ 11.757113] ret_from_fork+0x116/0x1d0 [ 11.757256] ret_from_fork_asm+0x1a/0x30 [ 11.757450] [ 11.757544] The buggy address belongs to the object at ffff888102ae9120 [ 11.757544] which belongs to the cache kmalloc-16 of size 16 [ 11.757972] The buggy address is located 0 bytes inside of [ 11.757972] freed 16-byte region [ffff888102ae9120, ffff888102ae9130) [ 11.758363] [ 11.758467] The buggy address belongs to the physical page: [ 11.758716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae9 [ 11.759082] flags: 0x200000000000000(node=0|zone=2) [ 11.759339] page_type: f5(slab) [ 11.759615] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.760183] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.760496] page dumped because: kasan: bad access detected [ 11.760736] [ 11.760837] Memory state around the buggy address: [ 11.761135] ffff888102ae9000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.761411] ffff888102ae9080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.761733] >ffff888102ae9100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.761964] ^ [ 11.762165] ffff888102ae9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.762554] ffff888102ae9200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.762857] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
Automatically assigned
[ 11.713880] ================================================================== [ 11.714430] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.714745] Read of size 1 at addr ffff888102b3b3a8 by task kunit_try_catch/205 [ 11.715038] [ 11.715283] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.715331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.715342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.715363] Call Trace: [ 11.715374] <TASK> [ 11.715389] dump_stack_lvl+0x73/0xb0 [ 11.715416] print_report+0xd1/0x650 [ 11.715437] ? __virt_addr_valid+0x1db/0x2d0 [ 11.715460] ? kmalloc_uaf2+0x4a8/0x520 [ 11.715480] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.715502] ? kmalloc_uaf2+0x4a8/0x520 [ 11.715522] kasan_report+0x141/0x180 [ 11.715543] ? kmalloc_uaf2+0x4a8/0x520 [ 11.715567] __asan_report_load1_noabort+0x18/0x20 [ 11.715591] kmalloc_uaf2+0x4a8/0x520 [ 11.715611] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.715632] ? __kasan_check_write+0x18/0x20 [ 11.715651] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.715691] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.715716] ? __pfx_read_tsc+0x10/0x10 [ 11.715738] ? ktime_get_ts64+0x86/0x230 [ 11.715762] kunit_try_run_case+0x1a5/0x480 [ 11.715784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.715803] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 11.715826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.715850] ? __kthread_parkme+0x82/0x180 [ 11.715870] ? preempt_count_sub+0x50/0x80 [ 11.715905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.715925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.716001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.716028] kthread+0x337/0x6f0 [ 11.716047] ? trace_preempt_on+0x20/0xc0 [ 11.716071] ? __pfx_kthread+0x10/0x10 [ 11.716091] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.716112] ? calculate_sigpending+0x7b/0xa0 [ 11.716137] ? __pfx_kthread+0x10/0x10 [ 11.716158] ret_from_fork+0x116/0x1d0 [ 11.716176] ? __pfx_kthread+0x10/0x10 [ 11.716195] ret_from_fork_asm+0x1a/0x30 [ 11.716225] </TASK> [ 11.716236] [ 11.724068] Allocated by task 205: [ 11.724229] kasan_save_stack+0x45/0x70 [ 11.724372] kasan_save_track+0x18/0x40 [ 11.724508] kasan_save_alloc_info+0x3b/0x50 [ 11.724657] __kasan_kmalloc+0xb7/0xc0 [ 11.724900] __kmalloc_cache_noprof+0x189/0x420 [ 11.725313] kmalloc_uaf2+0xc6/0x520 [ 11.725499] kunit_try_run_case+0x1a5/0x480 [ 11.725780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.726089] kthread+0x337/0x6f0 [ 11.726231] ret_from_fork+0x116/0x1d0 [ 11.726421] ret_from_fork_asm+0x1a/0x30 [ 11.726599] [ 11.726668] Freed by task 205: [ 11.726778] kasan_save_stack+0x45/0x70 [ 11.726925] kasan_save_track+0x18/0x40 [ 11.727060] kasan_save_free_info+0x3f/0x60 [ 11.727263] __kasan_slab_free+0x56/0x70 [ 11.727578] kfree+0x222/0x3f0 [ 11.727741] kmalloc_uaf2+0x14c/0x520 [ 11.727933] kunit_try_run_case+0x1a5/0x480 [ 11.728133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.728447] kthread+0x337/0x6f0 [ 11.728660] ret_from_fork+0x116/0x1d0 [ 11.728807] ret_from_fork_asm+0x1a/0x30 [ 11.729010] [ 11.729123] The buggy address belongs to the object at ffff888102b3b380 [ 11.729123] which belongs to the cache kmalloc-64 of size 64 [ 11.729738] The buggy address is located 40 bytes inside of [ 11.729738] freed 64-byte region [ffff888102b3b380, ffff888102b3b3c0) [ 11.730530] [ 11.730649] The buggy address belongs to the physical page: [ 11.730831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3b [ 11.731087] flags: 0x200000000000000(node=0|zone=2) [ 11.731250] page_type: f5(slab) [ 11.731418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.733023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.733367] page dumped because: kasan: bad access detected [ 11.733601] [ 11.733847] Memory state around the buggy address: [ 11.734792] ffff888102b3b280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.735340] ffff888102b3b300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.735842] >ffff888102b3b380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.736203] ^ [ 11.736399] ffff888102b3b400: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.736934] ffff888102b3b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.737637] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
Automatically assigned
[ 11.680807] ================================================================== [ 11.682096] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.682572] Write of size 33 at addr ffff88810277f480 by task kunit_try_catch/203 [ 11.683287] [ 11.683502] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.683546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.683558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.683578] Call Trace: [ 11.683589] <TASK> [ 11.683603] dump_stack_lvl+0x73/0xb0 [ 11.683629] print_report+0xd1/0x650 [ 11.683661] ? __virt_addr_valid+0x1db/0x2d0 [ 11.683684] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.683705] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.683727] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.683748] kasan_report+0x141/0x180 [ 11.683769] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.683795] kasan_check_range+0x10c/0x1c0 [ 11.683818] __asan_memset+0x27/0x50 [ 11.683837] kmalloc_uaf_memset+0x1a3/0x360 [ 11.683857] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.683879] ? __schedule+0x10cc/0x2b60 [ 11.683915] ? __pfx_read_tsc+0x10/0x10 [ 11.683936] ? ktime_get_ts64+0x86/0x230 [ 11.684001] kunit_try_run_case+0x1a5/0x480 [ 11.684022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.684042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.684065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.684089] ? __kthread_parkme+0x82/0x180 [ 11.684109] ? preempt_count_sub+0x50/0x80 [ 11.684132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.684152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.684176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.684200] kthread+0x337/0x6f0 [ 11.684220] ? trace_preempt_on+0x20/0xc0 [ 11.684241] ? __pfx_kthread+0x10/0x10 [ 11.684261] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.684283] ? calculate_sigpending+0x7b/0xa0 [ 11.684308] ? __pfx_kthread+0x10/0x10 [ 11.684330] ret_from_fork+0x116/0x1d0 [ 11.684349] ? __pfx_kthread+0x10/0x10 [ 11.684369] ret_from_fork_asm+0x1a/0x30 [ 11.684399] </TASK> [ 11.684409] [ 11.696608] Allocated by task 203: [ 11.696946] kasan_save_stack+0x45/0x70 [ 11.697312] kasan_save_track+0x18/0x40 [ 11.697473] kasan_save_alloc_info+0x3b/0x50 [ 11.697698] __kasan_kmalloc+0xb7/0xc0 [ 11.698263] __kmalloc_cache_noprof+0x189/0x420 [ 11.698706] kmalloc_uaf_memset+0xa9/0x360 [ 11.699154] kunit_try_run_case+0x1a5/0x480 [ 11.699530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.699813] kthread+0x337/0x6f0 [ 11.699957] ret_from_fork+0x116/0x1d0 [ 11.700355] ret_from_fork_asm+0x1a/0x30 [ 11.700714] [ 11.700909] Freed by task 203: [ 11.701293] kasan_save_stack+0x45/0x70 [ 11.701449] kasan_save_track+0x18/0x40 [ 11.701586] kasan_save_free_info+0x3f/0x60 [ 11.701763] __kasan_slab_free+0x56/0x70 [ 11.701921] kfree+0x222/0x3f0 [ 11.702046] kmalloc_uaf_memset+0x12b/0x360 [ 11.702317] kunit_try_run_case+0x1a5/0x480 [ 11.702484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.702821] kthread+0x337/0x6f0 [ 11.703034] ret_from_fork+0x116/0x1d0 [ 11.703218] ret_from_fork_asm+0x1a/0x30 [ 11.703390] [ 11.703461] The buggy address belongs to the object at ffff88810277f480 [ 11.703461] which belongs to the cache kmalloc-64 of size 64 [ 11.703952] The buggy address is located 0 bytes inside of [ 11.703952] freed 64-byte region [ffff88810277f480, ffff88810277f4c0) [ 11.704434] [ 11.704534] The buggy address belongs to the physical page: [ 11.704804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10277f [ 11.705159] flags: 0x200000000000000(node=0|zone=2) [ 11.705403] page_type: f5(slab) [ 11.705557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.705787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.706243] page dumped because: kasan: bad access detected [ 11.706430] [ 11.706498] Memory state around the buggy address: [ 11.706774] ffff88810277f380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 11.707322] ffff88810277f400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.707613] >ffff88810277f480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.707883] ^ [ 11.708132] ffff88810277f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.708408] ffff88810277f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.708690] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
Automatically assigned
[ 11.639187] ================================================================== [ 11.639571] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.639883] Read of size 1 at addr ffff88810188eec8 by task kunit_try_catch/201 [ 11.640608] [ 11.640830] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.641035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.641052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.641072] Call Trace: [ 11.641089] <TASK> [ 11.641103] dump_stack_lvl+0x73/0xb0 [ 11.641129] print_report+0xd1/0x650 [ 11.641150] ? __virt_addr_valid+0x1db/0x2d0 [ 11.641172] ? kmalloc_uaf+0x320/0x380 [ 11.641191] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.641213] ? kmalloc_uaf+0x320/0x380 [ 11.641233] kasan_report+0x141/0x180 [ 11.641254] ? kmalloc_uaf+0x320/0x380 [ 11.641278] __asan_report_load1_noabort+0x18/0x20 [ 11.641302] kmalloc_uaf+0x320/0x380 [ 11.641322] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.641344] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.641368] kunit_try_run_case+0x1a5/0x480 [ 11.641388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.641407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.641430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.641454] ? __kthread_parkme+0x82/0x180 [ 11.641474] ? preempt_count_sub+0x50/0x80 [ 11.641496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.641516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.641540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.641564] kthread+0x337/0x6f0 [ 11.641583] ? trace_preempt_on+0x20/0xc0 [ 11.641605] ? __pfx_kthread+0x10/0x10 [ 11.641625] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.641655] ? calculate_sigpending+0x7b/0xa0 [ 11.641678] ? __pfx_kthread+0x10/0x10 [ 11.641699] ret_from_fork+0x116/0x1d0 [ 11.641716] ? __pfx_kthread+0x10/0x10 [ 11.641736] ret_from_fork_asm+0x1a/0x30 [ 11.641765] </TASK> [ 11.641775] [ 11.653635] Allocated by task 201: [ 11.654129] kasan_save_stack+0x45/0x70 [ 11.654296] kasan_save_track+0x18/0x40 [ 11.654709] kasan_save_alloc_info+0x3b/0x50 [ 11.655171] __kasan_kmalloc+0xb7/0xc0 [ 11.655312] __kmalloc_cache_noprof+0x189/0x420 [ 11.655468] kmalloc_uaf+0xaa/0x380 [ 11.655593] kunit_try_run_case+0x1a5/0x480 [ 11.656010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.656544] kthread+0x337/0x6f0 [ 11.656928] ret_from_fork+0x116/0x1d0 [ 11.657356] ret_from_fork_asm+0x1a/0x30 [ 11.657767] [ 11.657933] Freed by task 201: [ 11.658363] kasan_save_stack+0x45/0x70 [ 11.658617] kasan_save_track+0x18/0x40 [ 11.658755] kasan_save_free_info+0x3f/0x60 [ 11.658912] __kasan_slab_free+0x56/0x70 [ 11.659299] kfree+0x222/0x3f0 [ 11.661015] kmalloc_uaf+0x12c/0x380 [ 11.661225] kunit_try_run_case+0x1a5/0x480 [ 11.661440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.661682] kthread+0x337/0x6f0 [ 11.661846] ret_from_fork+0x116/0x1d0 [ 11.663276] ret_from_fork_asm+0x1a/0x30 [ 11.664381] [ 11.665102] The buggy address belongs to the object at ffff88810188eec0 [ 11.665102] which belongs to the cache kmalloc-16 of size 16 [ 11.667189] The buggy address is located 8 bytes inside of [ 11.667189] freed 16-byte region [ffff88810188eec0, ffff88810188eed0) [ 11.668436] [ 11.668519] The buggy address belongs to the physical page: [ 11.668698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10188e [ 11.669483] flags: 0x200000000000000(node=0|zone=2) [ 11.670146] page_type: f5(slab) [ 11.670451] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.671255] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.671920] page dumped because: kasan: bad access detected [ 11.672509] [ 11.672613] Memory state around the buggy address: [ 11.673046] ffff88810188ed80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.673294] ffff88810188ee00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 11.674068] >ffff88810188ee80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 11.674734] ^ [ 11.675321] ffff88810188ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.675542] ffff88810188ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.675983] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
Automatically assigned
[ 11.601672] ================================================================== [ 11.602824] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.603101] Read of size 64 at addr ffff88810277f304 by task kunit_try_catch/199 [ 11.603322] [ 11.603409] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.603453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.603466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.603487] Call Trace: [ 11.603498] <TASK> [ 11.603513] dump_stack_lvl+0x73/0xb0 [ 11.603539] print_report+0xd1/0x650 [ 11.603561] ? __virt_addr_valid+0x1db/0x2d0 [ 11.603585] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.603608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.603630] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.603653] kasan_report+0x141/0x180 [ 11.603675] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.603703] kasan_check_range+0x10c/0x1c0 [ 11.603725] __asan_memmove+0x27/0x70 [ 11.603744] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.603768] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.603793] ? __schedule+0x10cc/0x2b60 [ 11.603816] ? __pfx_read_tsc+0x10/0x10 [ 11.603837] ? ktime_get_ts64+0x86/0x230 [ 11.603861] kunit_try_run_case+0x1a5/0x480 [ 11.603882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.604169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.604200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.604400] ? __kthread_parkme+0x82/0x180 [ 11.604426] ? preempt_count_sub+0x50/0x80 [ 11.604463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.604485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.604509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.604533] kthread+0x337/0x6f0 [ 11.604553] ? trace_preempt_on+0x20/0xc0 [ 11.604575] ? __pfx_kthread+0x10/0x10 [ 11.604595] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.604634] ? calculate_sigpending+0x7b/0xa0 [ 11.604658] ? __pfx_kthread+0x10/0x10 [ 11.604678] ret_from_fork+0x116/0x1d0 [ 11.604696] ? __pfx_kthread+0x10/0x10 [ 11.604715] ret_from_fork_asm+0x1a/0x30 [ 11.604745] </TASK> [ 11.604756] [ 11.619747] Allocated by task 199: [ 11.619888] kasan_save_stack+0x45/0x70 [ 11.620259] kasan_save_track+0x18/0x40 [ 11.620599] kasan_save_alloc_info+0x3b/0x50 [ 11.621010] __kasan_kmalloc+0xb7/0xc0 [ 11.621344] __kmalloc_cache_noprof+0x189/0x420 [ 11.621758] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.622451] kunit_try_run_case+0x1a5/0x480 [ 11.622863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.623447] kthread+0x337/0x6f0 [ 11.623820] ret_from_fork+0x116/0x1d0 [ 11.624269] ret_from_fork_asm+0x1a/0x30 [ 11.624652] [ 11.624819] The buggy address belongs to the object at ffff88810277f300 [ 11.624819] which belongs to the cache kmalloc-64 of size 64 [ 11.626045] The buggy address is located 4 bytes inside of [ 11.626045] allocated 64-byte region [ffff88810277f300, ffff88810277f340) [ 11.627222] [ 11.627388] The buggy address belongs to the physical page: [ 11.628084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10277f [ 11.628931] flags: 0x200000000000000(node=0|zone=2) [ 11.629458] page_type: f5(slab) [ 11.629817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.630528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.631290] page dumped because: kasan: bad access detected [ 11.631467] [ 11.631536] Memory state around the buggy address: [ 11.631712] ffff88810277f200: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 11.632402] ffff88810277f280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.633171] >ffff88810277f300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.633954] ^ [ 11.634451] ffff88810277f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.635123] ffff88810277f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.635661] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
Automatically assigned
[ 11.571700] ================================================================== [ 11.572469] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.573067] Read of size 18446744073709551614 at addr ffff888102b3b104 by task kunit_try_catch/197 [ 11.573758] [ 11.574018] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.574067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.574078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.574099] Call Trace: [ 11.574233] <TASK> [ 11.574255] dump_stack_lvl+0x73/0xb0 [ 11.574284] print_report+0xd1/0x650 [ 11.574306] ? __virt_addr_valid+0x1db/0x2d0 [ 11.574328] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.574353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.574375] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.574420] kasan_report+0x141/0x180 [ 11.574442] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.574471] kasan_check_range+0x10c/0x1c0 [ 11.574495] __asan_memmove+0x27/0x70 [ 11.574514] kmalloc_memmove_negative_size+0x171/0x330 [ 11.574538] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.574562] ? __schedule+0x10cc/0x2b60 [ 11.574585] ? __pfx_read_tsc+0x10/0x10 [ 11.574605] ? ktime_get_ts64+0x86/0x230 [ 11.574653] kunit_try_run_case+0x1a5/0x480 [ 11.574674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.574693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.574717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.574740] ? __kthread_parkme+0x82/0x180 [ 11.574759] ? preempt_count_sub+0x50/0x80 [ 11.574783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.574803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.574827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.574851] kthread+0x337/0x6f0 [ 11.574870] ? trace_preempt_on+0x20/0xc0 [ 11.574903] ? __pfx_kthread+0x10/0x10 [ 11.574923] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.574957] ? calculate_sigpending+0x7b/0xa0 [ 11.574979] ? __pfx_kthread+0x10/0x10 [ 11.575000] ret_from_fork+0x116/0x1d0 [ 11.575018] ? __pfx_kthread+0x10/0x10 [ 11.575037] ret_from_fork_asm+0x1a/0x30 [ 11.575066] </TASK> [ 11.575077] [ 11.587288] Allocated by task 197: [ 11.587606] kasan_save_stack+0x45/0x70 [ 11.588060] kasan_save_track+0x18/0x40 [ 11.588369] kasan_save_alloc_info+0x3b/0x50 [ 11.588714] __kasan_kmalloc+0xb7/0xc0 [ 11.589039] __kmalloc_cache_noprof+0x189/0x420 [ 11.589372] kmalloc_memmove_negative_size+0xac/0x330 [ 11.589790] kunit_try_run_case+0x1a5/0x480 [ 11.589960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.590468] kthread+0x337/0x6f0 [ 11.590797] ret_from_fork+0x116/0x1d0 [ 11.591197] ret_from_fork_asm+0x1a/0x30 [ 11.591353] [ 11.591450] The buggy address belongs to the object at ffff888102b3b100 [ 11.591450] which belongs to the cache kmalloc-64 of size 64 [ 11.592323] The buggy address is located 4 bytes inside of [ 11.592323] 64-byte region [ffff888102b3b100, ffff888102b3b140) [ 11.593040] [ 11.593155] The buggy address belongs to the physical page: [ 11.593508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3b [ 11.594121] flags: 0x200000000000000(node=0|zone=2) [ 11.594431] page_type: f5(slab) [ 11.594604] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.595138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.595541] page dumped because: kasan: bad access detected [ 11.595960] [ 11.596071] Memory state around the buggy address: [ 11.596438] ffff888102b3b000: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 11.596835] ffff888102b3b080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.597264] >ffff888102b3b100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.597668] ^ [ 11.597860] ffff888102b3b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.598361] ffff888102b3b200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.598824] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
Automatically assigned
[ 11.530514] ================================================================== [ 11.531879] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.533021] Write of size 16 at addr ffff88810276e669 by task kunit_try_catch/195 [ 11.533995] [ 11.534345] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.534394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.534405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.534425] Call Trace: [ 11.534437] <TASK> [ 11.534451] dump_stack_lvl+0x73/0xb0 [ 11.534480] print_report+0xd1/0x650 [ 11.534502] ? __virt_addr_valid+0x1db/0x2d0 [ 11.534526] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.534548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.534573] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.534596] kasan_report+0x141/0x180 [ 11.534778] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.534817] kasan_check_range+0x10c/0x1c0 [ 11.534842] __asan_memset+0x27/0x50 [ 11.534862] kmalloc_oob_memset_16+0x166/0x330 [ 11.534949] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.534975] ? __schedule+0x10cc/0x2b60 [ 11.534998] ? __pfx_read_tsc+0x10/0x10 [ 11.535021] ? ktime_get_ts64+0x86/0x230 [ 11.535045] kunit_try_run_case+0x1a5/0x480 [ 11.535067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.535087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.535112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.535137] ? __kthread_parkme+0x82/0x180 [ 11.535158] ? preempt_count_sub+0x50/0x80 [ 11.535182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.535204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.535230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.535256] kthread+0x337/0x6f0 [ 11.535275] ? trace_preempt_on+0x20/0xc0 [ 11.535299] ? __pfx_kthread+0x10/0x10 [ 11.535320] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.535344] ? calculate_sigpending+0x7b/0xa0 [ 11.535369] ? __pfx_kthread+0x10/0x10 [ 11.535390] ret_from_fork+0x116/0x1d0 [ 11.535408] ? __pfx_kthread+0x10/0x10 [ 11.535429] ret_from_fork_asm+0x1a/0x30 [ 11.535459] </TASK> [ 11.535470] [ 11.553550] Allocated by task 195: [ 11.553926] kasan_save_stack+0x45/0x70 [ 11.554541] kasan_save_track+0x18/0x40 [ 11.555032] kasan_save_alloc_info+0x3b/0x50 [ 11.555666] __kasan_kmalloc+0xb7/0xc0 [ 11.556145] __kmalloc_cache_noprof+0x189/0x420 [ 11.556761] kmalloc_oob_memset_16+0xac/0x330 [ 11.557242] kunit_try_run_case+0x1a5/0x480 [ 11.557399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.557578] kthread+0x337/0x6f0 [ 11.557713] ret_from_fork+0x116/0x1d0 [ 11.558165] ret_from_fork_asm+0x1a/0x30 [ 11.558570] [ 11.558746] The buggy address belongs to the object at ffff88810276e600 [ 11.558746] which belongs to the cache kmalloc-128 of size 128 [ 11.560329] The buggy address is located 105 bytes inside of [ 11.560329] allocated 120-byte region [ffff88810276e600, ffff88810276e678) [ 11.561014] [ 11.561207] The buggy address belongs to the physical page: [ 11.561715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 11.562471] flags: 0x200000000000000(node=0|zone=2) [ 11.562651] page_type: f5(slab) [ 11.562988] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.563805] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.564334] page dumped because: kasan: bad access detected [ 11.564611] [ 11.564698] Memory state around the buggy address: [ 11.564854] ffff88810276e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.565523] ffff88810276e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.566242] >ffff88810276e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.566959] ^ [ 11.567684] ffff88810276e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.568200] ffff88810276e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.568409] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
Automatically assigned
[ 11.509606] ================================================================== [ 11.510045] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.510357] Write of size 8 at addr ffff888102b2d471 by task kunit_try_catch/193 [ 11.510647] [ 11.510753] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.510794] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.510804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.510823] Call Trace: [ 11.510834] <TASK> [ 11.510847] dump_stack_lvl+0x73/0xb0 [ 11.510871] print_report+0xd1/0x650 [ 11.510901] ? __virt_addr_valid+0x1db/0x2d0 [ 11.510924] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.510957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.510978] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.511000] kasan_report+0x141/0x180 [ 11.511021] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.511047] kasan_check_range+0x10c/0x1c0 [ 11.511070] __asan_memset+0x27/0x50 [ 11.511097] kmalloc_oob_memset_8+0x166/0x330 [ 11.511119] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.511141] ? __schedule+0x10cc/0x2b60 [ 11.511164] ? __pfx_read_tsc+0x10/0x10 [ 11.511184] ? ktime_get_ts64+0x86/0x230 [ 11.511208] kunit_try_run_case+0x1a5/0x480 [ 11.511228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.511247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.511271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.511295] ? __kthread_parkme+0x82/0x180 [ 11.511314] ? preempt_count_sub+0x50/0x80 [ 11.511337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.511357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.511381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.511404] kthread+0x337/0x6f0 [ 11.511423] ? trace_preempt_on+0x20/0xc0 [ 11.511445] ? __pfx_kthread+0x10/0x10 [ 11.511464] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.511487] ? calculate_sigpending+0x7b/0xa0 [ 11.511509] ? __pfx_kthread+0x10/0x10 [ 11.511530] ret_from_fork+0x116/0x1d0 [ 11.511547] ? __pfx_kthread+0x10/0x10 [ 11.511567] ret_from_fork_asm+0x1a/0x30 [ 11.511596] </TASK> [ 11.511606] [ 11.519098] Allocated by task 193: [ 11.519223] kasan_save_stack+0x45/0x70 [ 11.519363] kasan_save_track+0x18/0x40 [ 11.519498] kasan_save_alloc_info+0x3b/0x50 [ 11.519681] __kasan_kmalloc+0xb7/0xc0 [ 11.520088] __kmalloc_cache_noprof+0x189/0x420 [ 11.520311] kmalloc_oob_memset_8+0xac/0x330 [ 11.520522] kunit_try_run_case+0x1a5/0x480 [ 11.520736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.521073] kthread+0x337/0x6f0 [ 11.521230] ret_from_fork+0x116/0x1d0 [ 11.521403] ret_from_fork_asm+0x1a/0x30 [ 11.521543] [ 11.521638] The buggy address belongs to the object at ffff888102b2d400 [ 11.521638] which belongs to the cache kmalloc-128 of size 128 [ 11.522307] The buggy address is located 113 bytes inside of [ 11.522307] allocated 120-byte region [ffff888102b2d400, ffff888102b2d478) [ 11.522788] [ 11.522869] The buggy address belongs to the physical page: [ 11.523150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 11.523476] flags: 0x200000000000000(node=0|zone=2) [ 11.523726] page_type: f5(slab) [ 11.523890] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.524250] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.524728] page dumped because: kasan: bad access detected [ 11.524926] [ 11.524994] Memory state around the buggy address: [ 11.525156] ffff888102b2d300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.525372] ffff888102b2d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.525676] >ffff888102b2d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.526114] ^ [ 11.526336] ffff888102b2d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.526548] ffff888102b2d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.526757] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
Automatically assigned
[ 11.487265] ================================================================== [ 11.487757] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.488161] Write of size 4 at addr ffff888102b2d375 by task kunit_try_catch/191 [ 11.488459] [ 11.488571] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.488615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.488626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.488647] Call Trace: [ 11.488660] <TASK> [ 11.488675] dump_stack_lvl+0x73/0xb0 [ 11.488702] print_report+0xd1/0x650 [ 11.488724] ? __virt_addr_valid+0x1db/0x2d0 [ 11.488748] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.488782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.488804] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.488826] kasan_report+0x141/0x180 [ 11.488847] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.488873] kasan_check_range+0x10c/0x1c0 [ 11.488907] __asan_memset+0x27/0x50 [ 11.488927] kmalloc_oob_memset_4+0x166/0x330 [ 11.488993] ? __kasan_check_write+0x18/0x20 [ 11.489015] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.489036] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.489067] ? trace_hardirqs_on+0x37/0xe0 [ 11.489090] ? __pfx_read_tsc+0x10/0x10 [ 11.489112] ? ktime_get_ts64+0x86/0x230 [ 11.489135] kunit_try_run_case+0x1a5/0x480 [ 11.489157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489178] ? queued_spin_lock_slowpath+0x116/0xb40 [ 11.489203] ? __kthread_parkme+0x82/0x180 [ 11.489223] ? preempt_count_sub+0x50/0x80 [ 11.489246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.489267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.489292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.489315] kthread+0x337/0x6f0 [ 11.489334] ? trace_preempt_on+0x20/0xc0 [ 11.489355] ? __pfx_kthread+0x10/0x10 [ 11.489375] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.489397] ? calculate_sigpending+0x7b/0xa0 [ 11.489420] ? __pfx_kthread+0x10/0x10 [ 11.489440] ret_from_fork+0x116/0x1d0 [ 11.489458] ? __pfx_kthread+0x10/0x10 [ 11.489478] ret_from_fork_asm+0x1a/0x30 [ 11.489508] </TASK> [ 11.489519] [ 11.497306] Allocated by task 191: [ 11.497441] kasan_save_stack+0x45/0x70 [ 11.497587] kasan_save_track+0x18/0x40 [ 11.497723] kasan_save_alloc_info+0x3b/0x50 [ 11.497965] __kasan_kmalloc+0xb7/0xc0 [ 11.498155] __kmalloc_cache_noprof+0x189/0x420 [ 11.498377] kmalloc_oob_memset_4+0xac/0x330 [ 11.498596] kunit_try_run_case+0x1a5/0x480 [ 11.498819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.499433] kthread+0x337/0x6f0 [ 11.499610] ret_from_fork+0x116/0x1d0 [ 11.499810] ret_from_fork_asm+0x1a/0x30 [ 11.500068] [ 11.500164] The buggy address belongs to the object at ffff888102b2d300 [ 11.500164] which belongs to the cache kmalloc-128 of size 128 [ 11.500677] The buggy address is located 117 bytes inside of [ 11.500677] allocated 120-byte region [ffff888102b2d300, ffff888102b2d378) [ 11.501205] [ 11.501304] The buggy address belongs to the physical page: [ 11.501565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2d [ 11.501866] flags: 0x200000000000000(node=0|zone=2) [ 11.502040] page_type: f5(slab) [ 11.502162] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.502392] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.502723] page dumped because: kasan: bad access detected [ 11.503327] [ 11.503436] Memory state around the buggy address: [ 11.503680] ffff888102b2d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.503917] ffff888102b2d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.504523] >ffff888102b2d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.504800] ^ [ 11.505180] ffff888102b2d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.505638] ffff888102b2d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.505922] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf: Failure
Automatically assigned
[ 10.952315] ================================================================== [ 10.953812] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.954068] Read of size 1 at addr ffff888103ac0000 by task kunit_try_catch/171 [ 10.954727] [ 10.954914] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.954960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.954971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.954992] Call Trace: [ 10.955003] <TASK> [ 10.955027] dump_stack_lvl+0x73/0xb0 [ 10.955054] print_report+0xd1/0x650 [ 10.955075] ? __virt_addr_valid+0x1db/0x2d0 [ 10.955106] ? page_alloc_uaf+0x356/0x3d0 [ 10.955127] ? kasan_addr_to_slab+0x11/0xa0 [ 10.955148] ? page_alloc_uaf+0x356/0x3d0 [ 10.955169] kasan_report+0x141/0x180 [ 10.955190] ? page_alloc_uaf+0x356/0x3d0 [ 10.955216] __asan_report_load1_noabort+0x18/0x20 [ 10.955240] page_alloc_uaf+0x356/0x3d0 [ 10.955261] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.955283] ? __schedule+0x10cc/0x2b60 [ 10.955306] ? __pfx_read_tsc+0x10/0x10 [ 10.955327] ? ktime_get_ts64+0x86/0x230 [ 10.955351] kunit_try_run_case+0x1a5/0x480 [ 10.955373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.955392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.955416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.955439] ? __kthread_parkme+0x82/0x180 [ 10.955459] ? preempt_count_sub+0x50/0x80 [ 10.955483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.955503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.955527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.955551] kthread+0x337/0x6f0 [ 10.955569] ? trace_preempt_on+0x20/0xc0 [ 10.955593] ? __pfx_kthread+0x10/0x10 [ 10.955613] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.955644] ? calculate_sigpending+0x7b/0xa0 [ 10.955668] ? __pfx_kthread+0x10/0x10 [ 10.955688] ret_from_fork+0x116/0x1d0 [ 10.955706] ? __pfx_kthread+0x10/0x10 [ 10.955726] ret_from_fork_asm+0x1a/0x30 [ 10.955756] </TASK> [ 10.955766] [ 10.966386] The buggy address belongs to the physical page: [ 10.966625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac0 [ 10.967049] flags: 0x200000000000000(node=0|zone=2) [ 10.967216] page_type: f0(buddy) [ 10.967342] raw: 0200000000000000 ffff88817fffc4f0 ffff88817fffc4f0 0000000000000000 [ 10.967749] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 10.968080] page dumped because: kasan: bad access detected [ 10.968305] [ 10.968377] Memory state around the buggy address: [ 10.968566] ffff888103abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.968780] ffff888103abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.969231] >ffff888103ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.969553] ^ [ 10.969742] ffff888103ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.970043] ffff888103ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.970297] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
Automatically assigned
[ 10.918654] ================================================================== [ 10.919430] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.920011] Free of addr ffff888102c28001 by task kunit_try_catch/167 [ 10.920683] [ 10.921011] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.921062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.921074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.921094] Call Trace: [ 10.921106] <TASK> [ 10.921140] dump_stack_lvl+0x73/0xb0 [ 10.921170] print_report+0xd1/0x650 [ 10.921193] ? __virt_addr_valid+0x1db/0x2d0 [ 10.921218] ? kasan_addr_to_slab+0x11/0xa0 [ 10.921238] ? kfree+0x274/0x3f0 [ 10.921259] kasan_report_invalid_free+0x10a/0x130 [ 10.921283] ? kfree+0x274/0x3f0 [ 10.921306] ? kfree+0x274/0x3f0 [ 10.921326] __kasan_kfree_large+0x86/0xd0 [ 10.921348] free_large_kmalloc+0x4b/0x110 [ 10.921370] kfree+0x274/0x3f0 [ 10.921395] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.921417] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.921440] ? __schedule+0x10cc/0x2b60 [ 10.921464] ? __pfx_read_tsc+0x10/0x10 [ 10.921485] ? ktime_get_ts64+0x86/0x230 [ 10.921510] kunit_try_run_case+0x1a5/0x480 [ 10.921531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.921550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.921576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.921601] ? __kthread_parkme+0x82/0x180 [ 10.921622] ? preempt_count_sub+0x50/0x80 [ 10.921659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.921680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.921703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.921728] kthread+0x337/0x6f0 [ 10.921747] ? trace_preempt_on+0x20/0xc0 [ 10.921769] ? __pfx_kthread+0x10/0x10 [ 10.921789] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.921811] ? calculate_sigpending+0x7b/0xa0 [ 10.921835] ? __pfx_kthread+0x10/0x10 [ 10.921856] ret_from_fork+0x116/0x1d0 [ 10.921875] ? __pfx_kthread+0x10/0x10 [ 10.921906] ret_from_fork_asm+0x1a/0x30 [ 10.921937] </TASK> [ 10.921959] [ 10.934104] The buggy address belongs to the physical page: [ 10.934668] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c28 [ 10.935586] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.936228] flags: 0x200000000000040(head|node=0|zone=2) [ 10.936413] page_type: f8(unknown) [ 10.936542] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.937125] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.937807] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.938744] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.939406] head: 0200000000000002 ffffea00040b0a01 00000000ffffffff 00000000ffffffff [ 10.939665] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.940383] page dumped because: kasan: bad access detected [ 10.940880] [ 10.941090] Memory state around the buggy address: [ 10.941515] ffff888102c27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.941856] ffff888102c27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.942562] >ffff888102c28000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.943005] ^ [ 10.943321] ffff888102c28080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.943755] ffff888102c28100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.944443] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf: Failure
Automatically assigned
[ 10.891408] ================================================================== [ 10.892684] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.893400] Read of size 1 at addr ffff888102418000 by task kunit_try_catch/165 [ 10.893958] [ 10.894049] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.894093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.894104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.894124] Call Trace: [ 10.894135] <TASK> [ 10.894149] dump_stack_lvl+0x73/0xb0 [ 10.894175] print_report+0xd1/0x650 [ 10.894196] ? __virt_addr_valid+0x1db/0x2d0 [ 10.894219] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.894239] ? kasan_addr_to_slab+0x11/0xa0 [ 10.894259] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.894280] kasan_report+0x141/0x180 [ 10.894302] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.894327] __asan_report_load1_noabort+0x18/0x20 [ 10.894351] kmalloc_large_uaf+0x2f1/0x340 [ 10.894371] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.894392] ? __schedule+0x10cc/0x2b60 [ 10.894415] ? __pfx_read_tsc+0x10/0x10 [ 10.894435] ? ktime_get_ts64+0x86/0x230 [ 10.894458] kunit_try_run_case+0x1a5/0x480 [ 10.894478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.894497] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.894521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.894545] ? __kthread_parkme+0x82/0x180 [ 10.894564] ? preempt_count_sub+0x50/0x80 [ 10.894587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.894607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.894639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.894662] kthread+0x337/0x6f0 [ 10.894681] ? trace_preempt_on+0x20/0xc0 [ 10.894702] ? __pfx_kthread+0x10/0x10 [ 10.894722] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.894743] ? calculate_sigpending+0x7b/0xa0 [ 10.894766] ? __pfx_kthread+0x10/0x10 [ 10.894787] ret_from_fork+0x116/0x1d0 [ 10.894804] ? __pfx_kthread+0x10/0x10 [ 10.894824] ret_from_fork_asm+0x1a/0x30 [ 10.894853] </TASK> [ 10.894862] [ 10.907358] The buggy address belongs to the physical page: [ 10.907909] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102418 [ 10.908738] flags: 0x200000000000000(node=0|zone=2) [ 10.909284] raw: 0200000000000000 ffff88815b039f80 ffff88815b039f80 0000000000000000 [ 10.909727] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.910165] page dumped because: kasan: bad access detected [ 10.910338] [ 10.910411] Memory state around the buggy address: [ 10.910564] ffff888102417f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.911338] ffff888102417f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.912096] >ffff888102418000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.912750] ^ [ 10.913149] ffff888102418080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.913565] ffff888102418100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.914235] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
Automatically assigned
[ 10.858626] ================================================================== [ 10.859786] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.860045] Write of size 1 at addr ffff88810241a00a by task kunit_try_catch/163 [ 10.860267] [ 10.860354] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.860397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.860408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.860428] Call Trace: [ 10.860439] <TASK> [ 10.860453] dump_stack_lvl+0x73/0xb0 [ 10.860478] print_report+0xd1/0x650 [ 10.860499] ? __virt_addr_valid+0x1db/0x2d0 [ 10.860521] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.860542] ? kasan_addr_to_slab+0x11/0xa0 [ 10.860562] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.860584] kasan_report+0x141/0x180 [ 10.860606] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.860632] __asan_report_store1_noabort+0x1b/0x30 [ 10.860651] kmalloc_large_oob_right+0x2e9/0x330 [ 10.860673] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.860695] ? __schedule+0x10cc/0x2b60 [ 10.860718] ? __pfx_read_tsc+0x10/0x10 [ 10.860738] ? ktime_get_ts64+0x86/0x230 [ 10.860761] kunit_try_run_case+0x1a5/0x480 [ 10.860781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.860800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.860824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.860847] ? __kthread_parkme+0x82/0x180 [ 10.860867] ? preempt_count_sub+0x50/0x80 [ 10.860889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.860929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.860953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.860976] kthread+0x337/0x6f0 [ 10.860995] ? trace_preempt_on+0x20/0xc0 [ 10.861017] ? __pfx_kthread+0x10/0x10 [ 10.861037] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.861062] ? calculate_sigpending+0x7b/0xa0 [ 10.861085] ? __pfx_kthread+0x10/0x10 [ 10.861106] ret_from_fork+0x116/0x1d0 [ 10.861123] ? __pfx_kthread+0x10/0x10 [ 10.861142] ret_from_fork_asm+0x1a/0x30 [ 10.861171] </TASK> [ 10.861180] [ 10.877588] The buggy address belongs to the physical page: [ 10.878117] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102418 [ 10.879029] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.879700] flags: 0x200000000000040(head|node=0|zone=2) [ 10.880555] page_type: f8(unknown) [ 10.880995] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.881433] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.881666] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.881907] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.882139] head: 0200000000000002 ffffea0004090601 00000000ffffffff 00000000ffffffff [ 10.883074] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.883405] page dumped because: kasan: bad access detected [ 10.883653] [ 10.883744] Memory state around the buggy address: [ 10.883969] ffff888102419f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.884265] ffff888102419f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.884555] >ffff88810241a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.884824] ^ [ 10.886318] ffff88810241a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.886541] ffff88810241a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.886786] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right: Failure
Automatically assigned
[ 10.822009] ================================================================== [ 10.823004] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.823492] Write of size 1 at addr ffff888102a0df00 by task kunit_try_catch/161 [ 10.824809] [ 10.825995] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.826452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.826466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.826486] Call Trace: [ 10.826498] <TASK> [ 10.826512] dump_stack_lvl+0x73/0xb0 [ 10.826541] print_report+0xd1/0x650 [ 10.826563] ? __virt_addr_valid+0x1db/0x2d0 [ 10.826591] ? kmalloc_big_oob_right+0x316/0x370 [ 10.826635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.826658] ? kmalloc_big_oob_right+0x316/0x370 [ 10.826680] kasan_report+0x141/0x180 [ 10.826701] ? kmalloc_big_oob_right+0x316/0x370 [ 10.826727] __asan_report_store1_noabort+0x1b/0x30 [ 10.826747] kmalloc_big_oob_right+0x316/0x370 [ 10.826769] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.826791] ? __schedule+0x10cc/0x2b60 [ 10.826814] ? __pfx_read_tsc+0x10/0x10 [ 10.826834] ? ktime_get_ts64+0x86/0x230 [ 10.826856] kunit_try_run_case+0x1a5/0x480 [ 10.826877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.826908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.826950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.826976] ? __kthread_parkme+0x82/0x180 [ 10.826995] ? preempt_count_sub+0x50/0x80 [ 10.827019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.827039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.827062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.827086] kthread+0x337/0x6f0 [ 10.827104] ? trace_preempt_on+0x20/0xc0 [ 10.827126] ? __pfx_kthread+0x10/0x10 [ 10.827145] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.827167] ? calculate_sigpending+0x7b/0xa0 [ 10.827191] ? __pfx_kthread+0x10/0x10 [ 10.827212] ret_from_fork+0x116/0x1d0 [ 10.827229] ? __pfx_kthread+0x10/0x10 [ 10.827249] ret_from_fork_asm+0x1a/0x30 [ 10.827278] </TASK> [ 10.827288] [ 10.840973] Allocated by task 161: [ 10.841441] kasan_save_stack+0x45/0x70 [ 10.841860] kasan_save_track+0x18/0x40 [ 10.842337] kasan_save_alloc_info+0x3b/0x50 [ 10.842847] __kasan_kmalloc+0xb7/0xc0 [ 10.843294] __kmalloc_cache_noprof+0x189/0x420 [ 10.843450] kmalloc_big_oob_right+0xa9/0x370 [ 10.843595] kunit_try_run_case+0x1a5/0x480 [ 10.843998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.844586] kthread+0x337/0x6f0 [ 10.845005] ret_from_fork+0x116/0x1d0 [ 10.845452] ret_from_fork_asm+0x1a/0x30 [ 10.845903] [ 10.846133] The buggy address belongs to the object at ffff888102a0c000 [ 10.846133] which belongs to the cache kmalloc-8k of size 8192 [ 10.847121] The buggy address is located 0 bytes to the right of [ 10.847121] allocated 7936-byte region [ffff888102a0c000, ffff888102a0df00) [ 10.847995] [ 10.848220] The buggy address belongs to the physical page: [ 10.848868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 10.849816] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.850397] flags: 0x200000000000040(head|node=0|zone=2) [ 10.850687] page_type: f5(slab) [ 10.851073] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.851694] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.851940] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.852174] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.852407] head: 0200000000000003 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 10.852639] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.852880] page dumped because: kasan: bad access detected [ 10.853455] [ 10.853614] Memory state around the buggy address: [ 10.854204] ffff888102a0de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.854729] ffff888102a0de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.854961] >ffff888102a0df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.855172] ^ [ 10.855287] ffff888102a0df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.855501] ffff888102a0e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.855733] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right: Failure
Automatically assigned
[ 10.768569] ================================================================== [ 10.769267] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.769788] Write of size 1 at addr ffff88810276e478 by task kunit_try_catch/159 [ 10.770040] [ 10.770371] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.770417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.770430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.770450] Call Trace: [ 10.770461] <TASK> [ 10.770475] dump_stack_lvl+0x73/0xb0 [ 10.770501] print_report+0xd1/0x650 [ 10.770523] ? __virt_addr_valid+0x1db/0x2d0 [ 10.770546] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.770570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.770592] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.770617] kasan_report+0x141/0x180 [ 10.770638] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.770667] __asan_report_store1_noabort+0x1b/0x30 [ 10.770688] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.770712] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.770737] ? __schedule+0x10cc/0x2b60 [ 10.770759] ? __pfx_read_tsc+0x10/0x10 [ 10.770779] ? ktime_get_ts64+0x86/0x230 [ 10.770803] kunit_try_run_case+0x1a5/0x480 [ 10.770823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.770842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.770866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.770889] ? __kthread_parkme+0x82/0x180 [ 10.770923] ? preempt_count_sub+0x50/0x80 [ 10.770946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.770966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.770989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.771013] kthread+0x337/0x6f0 [ 10.771032] ? trace_preempt_on+0x20/0xc0 [ 10.771054] ? __pfx_kthread+0x10/0x10 [ 10.771135] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.771158] ? calculate_sigpending+0x7b/0xa0 [ 10.771181] ? __pfx_kthread+0x10/0x10 [ 10.771202] ret_from_fork+0x116/0x1d0 [ 10.771220] ? __pfx_kthread+0x10/0x10 [ 10.771239] ret_from_fork_asm+0x1a/0x30 [ 10.771269] </TASK> [ 10.771279] [ 10.781578] Allocated by task 159: [ 10.782043] kasan_save_stack+0x45/0x70 [ 10.782305] kasan_save_track+0x18/0x40 [ 10.782680] kasan_save_alloc_info+0x3b/0x50 [ 10.783018] __kasan_kmalloc+0xb7/0xc0 [ 10.783259] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.783495] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.783935] kunit_try_run_case+0x1a5/0x480 [ 10.784487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.784851] kthread+0x337/0x6f0 [ 10.785224] ret_from_fork+0x116/0x1d0 [ 10.785406] ret_from_fork_asm+0x1a/0x30 [ 10.785580] [ 10.786150] The buggy address belongs to the object at ffff88810276e400 [ 10.786150] which belongs to the cache kmalloc-128 of size 128 [ 10.787058] The buggy address is located 0 bytes to the right of [ 10.787058] allocated 120-byte region [ffff88810276e400, ffff88810276e478) [ 10.787580] [ 10.787987] The buggy address belongs to the physical page: [ 10.788451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 10.789367] flags: 0x200000000000000(node=0|zone=2) [ 10.789684] page_type: f5(slab) [ 10.790004] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.790321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.790630] page dumped because: kasan: bad access detected [ 10.790855] [ 10.790946] Memory state around the buggy address: [ 10.791153] ffff88810276e300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.791443] ffff88810276e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.792398] >ffff88810276e400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.793086] ^ [ 10.793592] ffff88810276e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.794332] ffff88810276e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.794622] ================================================================== [ 10.796188] ================================================================== [ 10.796702] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.797339] Write of size 1 at addr ffff88810276e578 by task kunit_try_catch/159 [ 10.797887] [ 10.798147] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 10.798193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.798205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.798224] Call Trace: [ 10.798243] <TASK> [ 10.798256] dump_stack_lvl+0x73/0xb0 [ 10.798282] print_report+0xd1/0x650 [ 10.798303] ? __virt_addr_valid+0x1db/0x2d0 [ 10.798326] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.798350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.798372] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.798397] kasan_report+0x141/0x180 [ 10.798418] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.798447] __asan_report_store1_noabort+0x1b/0x30 [ 10.798466] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.798490] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.798515] ? __schedule+0x10cc/0x2b60 [ 10.798537] ? __pfx_read_tsc+0x10/0x10 [ 10.798557] ? ktime_get_ts64+0x86/0x230 [ 10.798580] kunit_try_run_case+0x1a5/0x480 [ 10.798600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.798619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.798748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.798773] ? __kthread_parkme+0x82/0x180 [ 10.798792] ? preempt_count_sub+0x50/0x80 [ 10.798816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.798836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.798860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.798929] kthread+0x337/0x6f0 [ 10.798958] ? trace_preempt_on+0x20/0xc0 [ 10.798979] ? __pfx_kthread+0x10/0x10 [ 10.798999] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.799020] ? calculate_sigpending+0x7b/0xa0 [ 10.799044] ? __pfx_kthread+0x10/0x10 [ 10.799064] ret_from_fork+0x116/0x1d0 [ 10.799081] ? __pfx_kthread+0x10/0x10 [ 10.799101] ret_from_fork_asm+0x1a/0x30 [ 10.799130] </TASK> [ 10.799139] [ 10.809080] Allocated by task 159: [ 10.809214] kasan_save_stack+0x45/0x70 [ 10.809416] kasan_save_track+0x18/0x40 [ 10.809614] kasan_save_alloc_info+0x3b/0x50 [ 10.810102] __kasan_kmalloc+0xb7/0xc0 [ 10.810363] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.810719] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.810980] kunit_try_run_case+0x1a5/0x480 [ 10.811243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.811575] kthread+0x337/0x6f0 [ 10.811921] ret_from_fork+0x116/0x1d0 [ 10.812076] ret_from_fork_asm+0x1a/0x30 [ 10.812324] [ 10.812422] The buggy address belongs to the object at ffff88810276e500 [ 10.812422] which belongs to the cache kmalloc-128 of size 128 [ 10.813086] The buggy address is located 0 bytes to the right of [ 10.813086] allocated 120-byte region [ffff88810276e500, ffff88810276e578) [ 10.813876] [ 10.813989] The buggy address belongs to the physical page: [ 10.814275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10276e [ 10.814611] flags: 0x200000000000000(node=0|zone=2) [ 10.815084] page_type: f5(slab) [ 10.815312] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.815780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.816186] page dumped because: kasan: bad access detected [ 10.816377] [ 10.816469] Memory state around the buggy address: [ 10.816806] ffff88810276e400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.817336] ffff88810276e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.817643] >ffff88810276e500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.818058] ^ [ 10.818404] ffff88810276e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.818821] ffff88810276e600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.819168] ==================================================================
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count: Failure
Automatically assigned
------------[ cut here ]------------ [ 143.960647] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 143.960743] WARNING: CPU: 1 PID: 2622 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 143.962282] Modules linked in: [ 143.962451] CPU: 1 UID: 0 PID: 2622 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 143.963690] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.964400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.965289] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 143.965798] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 8d 27 80 00 48 c7 c1 00 19 df b8 4c 89 f2 48 c7 c7 c0 15 df b8 48 89 c6 e8 d4 cf 73 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 143.966872] RSP: 0000:ffff888108bbfd18 EFLAGS: 00010286 [ 143.967433] RAX: 0000000000000000 RBX: ffff88810aaa1000 RCX: 1ffffffff7364c5c [ 143.968063] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.968308] RBP: ffff888108bbfd48 R08: 0000000000000000 R09: fffffbfff7364c5c [ 143.968524] R10: 0000000000000003 R11: 000000000003ab80 R12: ffff888108b25800 [ 143.968755] R13: ffff88810aaa10f8 R14: ffff88810a21ee80 R15: ffff8881003c7b40 [ 143.968981] FS: 0000000000000000(0000) GS:ffff8881a035d000(0000) knlGS:0000000000000000 [ 143.969737] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.970593] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 143.970959] DR0: ffffffffbae67404 DR1: ffffffffbae67409 DR2: ffffffffbae6740a [ 143.971172] DR3: ffffffffbae6740b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.971383] Call Trace: [ 143.971482] <TASK> [ 143.971572] ? trace_preempt_on+0x20/0xc0 [ 143.971745] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 143.972011] drm_gem_shmem_free_wrapper+0x12/0x20 [ 143.972171] __kunit_action_free+0x57/0x70 [ 143.972378] kunit_remove_resource+0x133/0x200 [ 143.972746] ? preempt_count_sub+0x50/0x80 [ 143.973204] kunit_cleanup+0x7a/0x120 [ 143.973593] kunit_try_run_case_cleanup+0xbd/0xf0 [ 143.974100] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 143.974642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.975252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.975800] kthread+0x337/0x6f0 [ 143.976169] ? trace_preempt_on+0x20/0xc0 [ 143.976554] ? __pfx_kthread+0x10/0x10 [ 143.977104] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.977552] ? calculate_sigpending+0x7b/0xa0 [ 143.978069] ? __pfx_kthread+0x10/0x10 [ 143.978439] ret_from_fork+0x116/0x1d0 [ 143.978813] ? __pfx_kthread+0x10/0x10 [ 143.979263] ret_from_fork_asm+0x1a/0x30 [ 143.979648] </TASK> [ 143.979893] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init: Failure
Automatically assigned
------------[ cut here ]------------ [ 143.832407] WARNING: CPU: 0 PID: 2603 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 143.833526] Modules linked in: [ 143.834027] CPU: 0 UID: 0 PID: 2603 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 143.835254] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.835576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.836781] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 143.837153] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 143.837672] RSP: 0000:ffff888108a9fb30 EFLAGS: 00010246 [ 143.838031] RAX: dffffc0000000000 RBX: ffff888108a9fc28 RCX: 0000000000000000 [ 143.838555] RDX: 1ffff11021153f8e RSI: ffff888108a9fc28 RDI: ffff888108a9fc70 [ 143.838823] RBP: ffff888108a9fb70 R08: ffff888108b3b000 R09: ffffffffb8de1c20 [ 143.839711] R10: 0000000000000003 R11: 000000006fbe7596 R12: ffff888108b3b000 [ 143.840538] R13: ffff8881003c7ae8 R14: ffff888108a9fba8 R15: 0000000000000000 [ 143.840969] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 143.841470] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.841745] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 143.842480] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 143.843077] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.843371] Call Trace: [ 143.843471] <TASK> [ 143.843560] ? add_dr+0xc1/0x1d0 [ 143.843724] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 143.843920] ? add_dr+0x148/0x1d0 [ 143.844346] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.844987] ? __drmm_add_action+0x1a4/0x280 [ 143.845527] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.846227] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.846761] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.847296] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.847794] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.848072] kunit_try_run_case+0x1a5/0x480 [ 143.848554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.849155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.849717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.849947] ? __kthread_parkme+0x82/0x180 [ 143.850423] ? preempt_count_sub+0x50/0x80 [ 143.850896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.851432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.851625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.851820] kthread+0x337/0x6f0 [ 143.852001] ? trace_preempt_on+0x20/0xc0 [ 143.852195] ? __pfx_kthread+0x10/0x10 [ 143.852393] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.852568] ? calculate_sigpending+0x7b/0xa0 [ 143.852766] ? __pfx_kthread+0x10/0x10 [ 143.853105] ret_from_fork+0x116/0x1d0 [ 143.853268] ? __pfx_kthread+0x10/0x10 [ 143.853488] ret_from_fork_asm+0x1a/0x30 [ 143.853650] </TASK> [ 143.853795] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head: Failure
Automatically assigned
------------[ cut here ]------------ [ 143.792910] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 143.793125] WARNING: CPU: 0 PID: 2599 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 143.794813] Modules linked in: [ 143.795119] CPU: 0 UID: 0 PID: 2599 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 143.796369] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.796701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.797066] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 143.797570] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 bb 41 87 00 48 c7 c1 e0 cb dd b8 4c 89 fa 48 c7 c7 40 cc dd b8 48 89 c6 e8 02 ea 7a fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 143.799197] RSP: 0000:ffff888108ab7b68 EFLAGS: 00010282 [ 143.799816] RAX: 0000000000000000 RBX: ffff888108ab7c40 RCX: 1ffffffff7364c5c [ 143.800525] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.800907] RBP: ffff888108ab7b90 R08: 0000000000000000 R09: fffffbfff7364c5c [ 143.801672] R10: 0000000000000003 R11: 00000000000393d8 R12: ffff888108ab7c18 [ 143.802328] R13: ffff888108562800 R14: ffff888108b39000 R15: ffff88810a234300 [ 143.802552] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 143.803284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.803941] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 143.804628] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 143.805101] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.805325] Call Trace: [ 143.805430] <TASK> [ 143.805539] drm_test_framebuffer_free+0x1ab/0x610 [ 143.806015] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 143.806594] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.807275] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.807893] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.808472] ? __schedule+0x10cc/0x2b60 [ 143.808918] ? __pfx_read_tsc+0x10/0x10 [ 143.809390] ? ktime_get_ts64+0x86/0x230 [ 143.809821] kunit_try_run_case+0x1a5/0x480 [ 143.810058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.810539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.810870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.811261] ? __kthread_parkme+0x82/0x180 [ 143.811754] ? preempt_count_sub+0x50/0x80 [ 143.812288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.812709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.812913] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.813623] kthread+0x337/0x6f0 [ 143.814056] ? trace_preempt_on+0x20/0xc0 [ 143.814478] ? __pfx_kthread+0x10/0x10 [ 143.814898] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.815214] ? calculate_sigpending+0x7b/0xa0 [ 143.815383] ? __pfx_kthread+0x10/0x10 [ 143.815525] ret_from_fork+0x116/0x1d0 [ 143.815685] ? __pfx_kthread+0x10/0x10 [ 143.815844] ret_from_fork_asm+0x1a/0x30 [ 143.816213] </TASK> [ 143.816610] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register: Failure
Automatically assigned
------------[ cut here ]------------ [ 142.532890] WARNING: CPU: 0 PID: 2029 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.533735] Modules linked in: [ 142.534304] CPU: 0 UID: 0 PID: 2029 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 142.535700] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.536428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.537177] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.538024] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 03 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.539235] RSP: 0000:ffff888102107c90 EFLAGS: 00010246 [ 142.540174] RAX: dffffc0000000000 RBX: ffff88810393c000 RCX: 0000000000000000 [ 142.540775] RDX: 1ffff11020727832 RSI: ffffffffb6042cf8 RDI: ffff88810393c190 [ 142.541234] RBP: ffff888102107ca0 R08: 1ffff11020078f69 R09: ffffed1020420f65 [ 142.541607] R10: 0000000000000003 R11: ffffffffb55869f8 R12: 0000000000000000 [ 142.542079] R13: ffff888102107d38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 142.542354] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 142.542799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.543354] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 142.543637] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 142.544167] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.544593] Call Trace: [ 142.544711] <TASK> [ 142.544847] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 142.545240] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 142.545656] ? __schedule+0x10cc/0x2b60 [ 142.545860] ? __pfx_read_tsc+0x10/0x10 [ 142.546053] ? ktime_get_ts64+0x86/0x230 [ 142.546415] kunit_try_run_case+0x1a5/0x480 [ 142.546618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.547148] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.547418] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.547701] ? __kthread_parkme+0x82/0x180 [ 142.547914] ? preempt_count_sub+0x50/0x80 [ 142.548078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.548478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.548827] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.549119] kthread+0x337/0x6f0 [ 142.549378] ? trace_preempt_on+0x20/0xc0 [ 142.549613] ? __pfx_kthread+0x10/0x10 [ 142.549788] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.550187] ? calculate_sigpending+0x7b/0xa0 [ 142.550408] ? __pfx_kthread+0x10/0x10 [ 142.550603] ret_from_fork+0x116/0x1d0 [ 142.550756] ? __pfx_kthread+0x10/0x10 [ 142.550929] ret_from_fork_asm+0x1a/0x30 [ 142.551149] </TASK> [ 142.551276] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 142.607610] WARNING: CPU: 0 PID: 2037 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 142.608463] Modules linked in: [ 142.608685] CPU: 0 UID: 0 PID: 2037 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 142.609397] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 142.609809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 142.610397] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 142.610820] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 03 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 142.611752] RSP: 0000:ffff8881035cfc90 EFLAGS: 00010246 [ 142.612243] RAX: dffffc0000000000 RBX: ffff888108064000 RCX: 0000000000000000 [ 142.612673] RDX: 1ffff1102100c832 RSI: ffffffffb6042cf8 RDI: ffff888108064190 [ 142.613310] RBP: ffff8881035cfca0 R08: 1ffff11020078f69 R09: ffffed10206b9f65 [ 142.613775] R10: 0000000000000003 R11: ffffffffb55869f8 R12: 0000000000000000 [ 142.614481] R13: ffff8881035cfd38 R14: ffff8881003c7c50 R15: ffff8881003c7c58 [ 142.614840] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 142.615483] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.615864] CR2: 00007ffff7ffe000 CR3: 00000001482bc000 CR4: 00000000000006f0 [ 142.616403] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 142.616892] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 142.617334] Call Trace: [ 142.617482] <TASK> [ 142.617604] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 142.618335] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 142.618932] ? __schedule+0x10cc/0x2b60 [ 142.619477] ? __pfx_read_tsc+0x10/0x10 [ 142.620041] ? ktime_get_ts64+0x86/0x230 [ 142.620547] kunit_try_run_case+0x1a5/0x480 [ 142.621204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.621734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 142.622347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 142.622707] ? __kthread_parkme+0x82/0x180 [ 142.622854] ? preempt_count_sub+0x50/0x80 [ 142.623066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 142.623669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 142.624320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 142.625032] kthread+0x337/0x6f0 [ 142.625398] ? trace_preempt_on+0x20/0xc0 [ 142.625707] ? __pfx_kthread+0x10/0x10 [ 142.626154] ? _raw_spin_unlock_irq+0x47/0x80 [ 142.626316] ? calculate_sigpending+0x7b/0xa0 [ 142.626470] ? __pfx_kthread+0x10/0x10 [ 142.626608] ret_from_fork+0x116/0x1d0 [ 142.626784] ? __pfx_kthread+0x10/0x10 [ 142.627164] ret_from_fork_asm+0x1a/0x30 [ 142.627323] </TASK> [ 142.627451] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10: Failure
Automatically assigned
------------[ cut here ]------------ [ 105.171474] WARNING: CPU: 0 PID: 721 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 105.172326] Modules linked in: [ 105.172483] CPU: 0 UID: 0 PID: 721 Comm: kunit_try_catch Tainted: G B D W N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 105.172820] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 105.173112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.173978] RIP: 0010:intlog10+0x2a/0x40 [ 105.174395] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 a6 86 02 90 <0f> 0b 90 31 c0 e9 3c a6 86 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 105.175469] RSP: 0000:ffff888109ddfcb0 EFLAGS: 00010246 [ 105.176203] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff110213bbfb4 [ 105.176672] RDX: 1ffffffff7193dcc RSI: 1ffff110213bbfb3 RDI: 0000000000000000 [ 105.177002] RBP: ffff888109ddfd60 R08: 0000000000000000 R09: ffffed10207f4a20 [ 105.177229] R10: ffff888103fa5107 R11: 0000000000000000 R12: 1ffff110213bbf97 [ 105.177441] R13: ffffffffb8c9ee60 R14: 0000000000000000 R15: ffff888109ddfd38 [ 105.177656] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 105.178567] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.179683] CR2: ffff88815a80000a CR3: 00000001482bc000 CR4: 00000000000006f0 [ 105.180588] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 105.181538] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 105.182449] Call Trace: [ 105.183057] <TASK> [ 105.183495] ? intlog10_test+0xf2/0x220 [ 105.184120] ? __pfx_intlog10_test+0x10/0x10 [ 105.184586] ? __schedule+0x10cc/0x2b60 [ 105.184740] ? __pfx_read_tsc+0x10/0x10 [ 105.184898] ? ktime_get_ts64+0x86/0x230 [ 105.185603] kunit_try_run_case+0x1a5/0x480 [ 105.186186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.186747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 105.187421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 105.187813] ? __kthread_parkme+0x82/0x180 [ 105.188148] ? preempt_count_sub+0x50/0x80 [ 105.188726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.189437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 105.189947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 105.190724] kthread+0x337/0x6f0 [ 105.190865] ? trace_preempt_on+0x20/0xc0 [ 105.191286] ? __pfx_kthread+0x10/0x10 [ 105.191670] ? _raw_spin_unlock_irq+0x47/0x80 [ 105.192208] ? calculate_sigpending+0x7b/0xa0 [ 105.192410] ? __pfx_kthread+0x10/0x10 [ 105.192554] ret_from_fork+0x116/0x1d0 [ 105.192842] ? __pfx_kthread+0x10/0x10 [ 105.193316] ret_from_fork_asm+0x1a/0x30 [ 105.193754] </TASK> [ 105.194115] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
KNOWN ISSUE - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2: Failure
Automatically assigned
------------[ cut here ]------------ [ 105.122440] WARNING: CPU: 0 PID: 703 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 105.122815] Modules linked in: [ 105.123053] CPU: 0 UID: 0 PID: 703 Comm: kunit_try_catch Tainted: G B D N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 105.124181] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 105.124825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.125796] RIP: 0010:intlog2+0xdf/0x110 [ 105.126018] Code: c9 b8 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 af 23 52 ff 8b 45 e4 eb [ 105.127547] RSP: 0000:ffff888109ae7cb0 EFLAGS: 00010246 [ 105.127936] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff1102135cfb4 [ 105.128678] RDX: 1ffffffff7193e20 RSI: 1ffff1102135cfb3 RDI: 0000000000000000 [ 105.129276] RBP: ffff888109ae7d60 R08: 0000000000000000 R09: ffffed10207db340 [ 105.129494] R10: ffff888103ed9a07 R11: 0000000000000000 R12: 1ffff1102135cf97 [ 105.129901] R13: ffffffffb8c9f100 R14: 0000000000000000 R15: ffff888109ae7d38 [ 105.130674] FS: 0000000000000000(0000) GS:ffff8881a025d000(0000) knlGS:0000000000000000 [ 105.131477] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.132064] CR2: ffff88815a80000a CR3: 00000001482bc000 CR4: 00000000000006f0 [ 105.132605] DR0: ffffffffbae67400 DR1: ffffffffbae67401 DR2: ffffffffbae67403 [ 105.132820] DR3: ffffffffbae67405 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 105.133239] Call Trace: [ 105.133376] <TASK> [ 105.133563] ? intlog2_test+0xf2/0x220 [ 105.133763] ? __pfx_intlog2_test+0x10/0x10 [ 105.134090] ? __schedule+0x10cc/0x2b60 [ 105.134328] ? __pfx_read_tsc+0x10/0x10 [ 105.134534] ? ktime_get_ts64+0x86/0x230 [ 105.134683] kunit_try_run_case+0x1a5/0x480 [ 105.135004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.135235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 105.135450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 105.135798] ? __kthread_parkme+0x82/0x180 [ 105.135976] ? preempt_count_sub+0x50/0x80 [ 105.136223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 105.136558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 105.136823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 105.137095] kthread+0x337/0x6f0 [ 105.137398] ? trace_preempt_on+0x20/0xc0 [ 105.137626] ? __pfx_kthread+0x10/0x10 [ 105.137925] ? _raw_spin_unlock_irq+0x47/0x80 [ 105.138194] ? calculate_sigpending+0x7b/0xa0 [ 105.138415] ? __pfx_kthread+0x10/0x10 [ 105.138624] ret_from_fork+0x116/0x1d0 [ 105.138905] ? __pfx_kthread+0x10/0x10 [ 105.139103] ret_from_fork_asm+0x1a/0x30 [ 105.139499] </TASK> [ 105.139635] ---[ end trace 0000000000000000 ]---
Failure - kunit - lib_ratelimit_lib_ratelimit
KNOWN ISSUE - kunit/lib_ratelimit_lib_ratelimit: Failure
Automatically assigned
<8>[ 263.034761] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_lib_ratelimit RESULT=fail>
Failure - kunit - lib_ratelimit_test_ratelimit_smoke
KNOWN ISSUE - kunit/lib_ratelimit_test_ratelimit_smoke: Failure
Automatically assigned
<8>[ 262.852063] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_test_ratelimit_smoke RESULT=fail>
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_2
[ 11.471098] ================================================================== [ 11.472197] BUG: KFENCE: memory corruption in kmalloc_oob_memset_2+0x187/0x330 [ 11.472197] [ 11.472563] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#35): [ 11.473512] kmalloc_oob_memset_2+0x187/0x330 [ 11.473731] kunit_try_run_case+0x1a5/0x480 [ 11.473938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.474175] kthread+0x337/0x6f0 [ 11.474316] ret_from_fork+0x116/0x1d0 [ 11.474512] ret_from_fork_asm+0x1a/0x30 [ 11.474671] [ 11.474990] kfence-#35: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 11.474990] [ 11.475552] allocated by task 189 on cpu 0 at 11.469078s (0.006418s ago): [ 11.475947] kmalloc_oob_memset_2+0xac/0x330 [ 11.476154] kunit_try_run_case+0x1a5/0x480 [ 11.476493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.476825] kthread+0x337/0x6f0 [ 11.476971] ret_from_fork+0x116/0x1d0 [ 11.477173] ret_from_fork_asm+0x1a/0x30 [ 11.477453] [ 11.477686] freed by task 189 on cpu 0 at 11.470627s (0.006987s ago): [ 11.477951] kmalloc_oob_memset_2+0x187/0x330 [ 11.478173] kunit_try_run_case+0x1a5/0x480 [ 11.478380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.478615] kthread+0x337/0x6f0 [ 11.478914] ret_from_fork+0x116/0x1d0 [ 11.479052] ret_from_fork_asm+0x1a/0x30 [ 11.479280] [ 11.479479] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250605 #1 PREEMPT(voluntary) [ 11.480110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.480261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.480657] ==================================================================