Date
June 17, 2025, 6:35 a.m.
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.113334] ================================================================== [ 19.113411] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.113478] Free of addr fff00000c5254000 by task kunit_try_catch/246 [ 19.113705] [ 19.113761] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.113900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.113957] Hardware name: linux,dummy-virt (DT) [ 19.113993] Call trace: [ 19.114074] show_stack+0x20/0x38 (C) [ 19.114180] dump_stack_lvl+0x8c/0xd0 [ 19.114242] print_report+0x118/0x608 [ 19.114318] kasan_report_invalid_free+0xc0/0xe8 [ 19.114368] __kasan_mempool_poison_object+0x14c/0x150 [ 19.114421] mempool_free+0x28c/0x328 [ 19.114467] mempool_double_free_helper+0x150/0x2e8 [ 19.114515] mempool_kmalloc_large_double_free+0xc0/0x118 [ 19.114568] kunit_try_run_case+0x170/0x3f0 [ 19.114616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.114669] kthread+0x328/0x630 [ 19.115125] ret_from_fork+0x10/0x20 [ 19.115214] [ 19.115272] The buggy address belongs to the physical page: [ 19.115314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105254 [ 19.115391] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.115469] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.115560] page_type: f8(unknown) [ 19.115648] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.115762] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.115824] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.116123] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.116276] head: 0bfffe0000000002 ffffc1ffc3149501 00000000ffffffff 00000000ffffffff [ 19.116426] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.116551] page dumped because: kasan: bad access detected [ 19.116629] [ 19.116713] Memory state around the buggy address: [ 19.116771] fff00000c5253f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.116872] fff00000c5253f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.116946] >fff00000c5254000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.116986] ^ [ 19.117016] fff00000c5254080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.117057] fff00000c5254100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.117096] ================================================================== [ 19.099738] ================================================================== [ 19.099801] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.099860] Free of addr fff00000c4fd8700 by task kunit_try_catch/244 [ 19.100112] [ 19.100171] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.100269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.100318] Hardware name: linux,dummy-virt (DT) [ 19.100367] Call trace: [ 19.100392] show_stack+0x20/0x38 (C) [ 19.100455] dump_stack_lvl+0x8c/0xd0 [ 19.100507] print_report+0x118/0x608 [ 19.100571] kasan_report_invalid_free+0xc0/0xe8 [ 19.100800] check_slab_allocation+0xd4/0x108 [ 19.100893] __kasan_mempool_poison_object+0x78/0x150 [ 19.100962] mempool_free+0x28c/0x328 [ 19.101011] mempool_double_free_helper+0x150/0x2e8 [ 19.101060] mempool_kmalloc_double_free+0xc0/0x118 [ 19.101243] kunit_try_run_case+0x170/0x3f0 [ 19.101360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.101431] kthread+0x328/0x630 [ 19.101477] ret_from_fork+0x10/0x20 [ 19.101535] [ 19.101562] Allocated by task 244: [ 19.101608] kasan_save_stack+0x3c/0x68 [ 19.101652] kasan_save_track+0x20/0x40 [ 19.101857] kasan_save_alloc_info+0x40/0x58 [ 19.101945] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.101993] remove_element+0x130/0x1f8 [ 19.102066] mempool_alloc_preallocated+0x58/0xc0 [ 19.102133] mempool_double_free_helper+0x94/0x2e8 [ 19.102187] mempool_kmalloc_double_free+0xc0/0x118 [ 19.102278] kunit_try_run_case+0x170/0x3f0 [ 19.102316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.102360] kthread+0x328/0x630 [ 19.102394] ret_from_fork+0x10/0x20 [ 19.102431] [ 19.102449] Freed by task 244: [ 19.102476] kasan_save_stack+0x3c/0x68 [ 19.102515] kasan_save_track+0x20/0x40 [ 19.102773] kasan_save_free_info+0x4c/0x78 [ 19.102910] __kasan_mempool_poison_object+0xc0/0x150 [ 19.103056] mempool_free+0x28c/0x328 [ 19.103117] mempool_double_free_helper+0x100/0x2e8 [ 19.103183] mempool_kmalloc_double_free+0xc0/0x118 [ 19.103224] kunit_try_run_case+0x170/0x3f0 [ 19.103535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.103618] kthread+0x328/0x630 [ 19.103689] ret_from_fork+0x10/0x20 [ 19.103784] [ 19.103824] The buggy address belongs to the object at fff00000c4fd8700 [ 19.103824] which belongs to the cache kmalloc-128 of size 128 [ 19.103910] The buggy address is located 0 bytes inside of [ 19.103910] 128-byte region [fff00000c4fd8700, fff00000c4fd8780) [ 19.104134] [ 19.104369] The buggy address belongs to the physical page: [ 19.104435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104fd8 [ 19.104536] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.104628] page_type: f5(slab) [ 19.104683] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.104859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.105047] page dumped because: kasan: bad access detected [ 19.105119] [ 19.105186] Memory state around the buggy address: [ 19.105288] fff00000c4fd8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.105375] fff00000c4fd8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.105419] >fff00000c4fd8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.105760] ^ [ 19.105828] fff00000c4fd8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.105913] fff00000c4fd8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.106003] ================================================================== [ 19.122809] ================================================================== [ 19.123025] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.123098] Free of addr fff00000c5254000 by task kunit_try_catch/248 [ 19.123142] [ 19.123199] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.123298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.123336] Hardware name: linux,dummy-virt (DT) [ 19.123371] Call trace: [ 19.123407] show_stack+0x20/0x38 (C) [ 19.123487] dump_stack_lvl+0x8c/0xd0 [ 19.123551] print_report+0x118/0x608 [ 19.123628] kasan_report_invalid_free+0xc0/0xe8 [ 19.123724] __kasan_mempool_poison_pages+0xe0/0xe8 [ 19.123782] mempool_free+0x24c/0x328 [ 19.123827] mempool_double_free_helper+0x150/0x2e8 [ 19.124046] mempool_page_alloc_double_free+0xbc/0x118 [ 19.124121] kunit_try_run_case+0x170/0x3f0 [ 19.124270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.124754] kthread+0x328/0x630 [ 19.124815] ret_from_fork+0x10/0x20 [ 19.124899] [ 19.124936] The buggy address belongs to the physical page: [ 19.125019] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105254 [ 19.125081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.125355] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.125464] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.125510] page dumped because: kasan: bad access detected [ 19.125550] [ 19.125596] Memory state around the buggy address: [ 19.125645] fff00000c5253f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.125705] fff00000c5253f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.125750] >fff00000c5254000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.125788] ^ [ 19.125820] fff00000c5254080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.125864] fff00000c5254100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.125984] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.580414] ================================================================== [ 16.580557] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.580721] Read of size 1 at addr fff00000c119363f by task kunit_try_catch/147 [ 16.580777] [ 16.580815] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.580984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.581018] Hardware name: linux,dummy-virt (DT) [ 16.581053] Call trace: [ 16.581076] show_stack+0x20/0x38 (C) [ 16.581231] dump_stack_lvl+0x8c/0xd0 [ 16.581418] print_report+0x118/0x608 [ 16.581498] kasan_report+0xdc/0x128 [ 16.581564] __asan_report_load1_noabort+0x20/0x30 [ 16.581628] kmalloc_oob_left+0x2ec/0x320 [ 16.581706] kunit_try_run_case+0x170/0x3f0 [ 16.581755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.581808] kthread+0x328/0x630 [ 16.581869] ret_from_fork+0x10/0x20 [ 16.581919] [ 16.581946] Allocated by task 21: [ 16.581986] kasan_save_stack+0x3c/0x68 [ 16.582057] kasan_save_track+0x20/0x40 [ 16.582098] kasan_save_alloc_info+0x40/0x58 [ 16.582134] __kasan_kmalloc+0xd4/0xd8 [ 16.582320] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.582371] build_sched_domains+0x32c/0x3768 [ 16.582413] partition_sched_domains+0x79c/0x1098 [ 16.582454] rebuild_sched_domains_locked+0x494/0xde0 [ 16.582496] cpuset_handle_hotplug+0xab0/0x1480 [ 16.582532] cpuset_update_active_cpus+0x18/0x30 [ 16.582569] sched_cpu_activate+0x2d0/0x388 [ 16.582608] cpuhp_invoke_callback+0x5b8/0x1620 [ 16.582800] cpuhp_thread_fun+0x230/0x5d8 [ 16.582910] smpboot_thread_fn+0x2e8/0x760 [ 16.582997] kthread+0x328/0x630 [ 16.583059] ret_from_fork+0x10/0x20 [ 16.583158] [ 16.583237] Freed by task 21: [ 16.583277] kasan_save_stack+0x3c/0x68 [ 16.583600] kasan_save_track+0x20/0x40 [ 16.583687] kasan_save_free_info+0x4c/0x78 [ 16.583761] __kasan_slab_free+0x6c/0x98 [ 16.583839] kfree+0x214/0x3c8 [ 16.583884] build_sched_domains+0x1c64/0x3768 [ 16.583924] partition_sched_domains+0x79c/0x1098 [ 16.583985] rebuild_sched_domains_locked+0x494/0xde0 [ 16.584024] cpuset_handle_hotplug+0xab0/0x1480 [ 16.584068] cpuset_update_active_cpus+0x18/0x30 [ 16.584112] sched_cpu_activate+0x2d0/0x388 [ 16.584155] cpuhp_invoke_callback+0x5b8/0x1620 [ 16.584204] cpuhp_thread_fun+0x230/0x5d8 [ 16.584248] smpboot_thread_fn+0x2e8/0x760 [ 16.584298] kthread+0x328/0x630 [ 16.584330] ret_from_fork+0x10/0x20 [ 16.584401] [ 16.584442] The buggy address belongs to the object at fff00000c1193620 [ 16.584442] which belongs to the cache kmalloc-16 of size 16 [ 16.584514] The buggy address is located 15 bytes to the right of [ 16.584514] allocated 16-byte region [fff00000c1193620, fff00000c1193630) [ 16.584578] [ 16.584598] The buggy address belongs to the physical page: [ 16.584639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101193 [ 16.584693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.584750] page_type: f5(slab) [ 16.584800] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 16.584850] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.584890] page dumped because: kasan: bad access detected [ 16.584940] [ 16.584957] Memory state around the buggy address: [ 16.584988] fff00000c1193500: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 16.585030] fff00000c1193580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.585071] >fff00000c1193600: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 16.585108] ^ [ 16.585141] fff00000c1193680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585654] fff00000c1193700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585728] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.563350] ================================================================== [ 16.563420] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.563493] Write of size 1 at addr fff00000c748a378 by task kunit_try_catch/145 [ 16.563625] [ 16.563675] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.563771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.563813] Hardware name: linux,dummy-virt (DT) [ 16.563923] Call trace: [ 16.563958] show_stack+0x20/0x38 (C) [ 16.564015] dump_stack_lvl+0x8c/0xd0 [ 16.564084] print_report+0x118/0x608 [ 16.564132] kasan_report+0xdc/0x128 [ 16.564507] __asan_report_store1_noabort+0x20/0x30 [ 16.564601] kmalloc_oob_right+0x538/0x660 [ 16.564674] kunit_try_run_case+0x170/0x3f0 [ 16.564786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.564840] kthread+0x328/0x630 [ 16.564889] ret_from_fork+0x10/0x20 [ 16.564967] [ 16.564986] Allocated by task 145: [ 16.565013] kasan_save_stack+0x3c/0x68 [ 16.565505] kasan_save_track+0x20/0x40 [ 16.565595] kasan_save_alloc_info+0x40/0x58 [ 16.565643] __kasan_kmalloc+0xd4/0xd8 [ 16.565699] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.565757] kmalloc_oob_right+0xb0/0x660 [ 16.565794] kunit_try_run_case+0x170/0x3f0 [ 16.565831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.565873] kthread+0x328/0x630 [ 16.565923] ret_from_fork+0x10/0x20 [ 16.565970] [ 16.566045] The buggy address belongs to the object at fff00000c748a300 [ 16.566045] which belongs to the cache kmalloc-128 of size 128 [ 16.566288] The buggy address is located 5 bytes to the right of [ 16.566288] allocated 115-byte region [fff00000c748a300, fff00000c748a373) [ 16.566830] [ 16.566864] The buggy address belongs to the physical page: [ 16.566895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.566962] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.567194] page_type: f5(slab) [ 16.567241] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.567884] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.567961] page dumped because: kasan: bad access detected [ 16.568048] [ 16.568102] Memory state around the buggy address: [ 16.568161] fff00000c748a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.568271] fff00000c748a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568343] >fff00000c748a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.568434] ^ [ 16.568545] fff00000c748a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568592] fff00000c748a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.568639] ================================================================== [ 16.556216] ================================================================== [ 16.556561] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.557433] Write of size 1 at addr fff00000c748a373 by task kunit_try_catch/145 [ 16.557546] [ 16.558457] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.558614] Tainted: [N]=TEST [ 16.558650] Hardware name: linux,dummy-virt (DT) [ 16.558881] Call trace: [ 16.559075] show_stack+0x20/0x38 (C) [ 16.559220] dump_stack_lvl+0x8c/0xd0 [ 16.559286] print_report+0x118/0x608 [ 16.559337] kasan_report+0xdc/0x128 [ 16.559384] __asan_report_store1_noabort+0x20/0x30 [ 16.559432] kmalloc_oob_right+0x5a4/0x660 [ 16.559478] kunit_try_run_case+0x170/0x3f0 [ 16.559530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.559583] kthread+0x328/0x630 [ 16.559627] ret_from_fork+0x10/0x20 [ 16.559785] [ 16.559828] Allocated by task 145: [ 16.559954] kasan_save_stack+0x3c/0x68 [ 16.560025] kasan_save_track+0x20/0x40 [ 16.560064] kasan_save_alloc_info+0x40/0x58 [ 16.560100] __kasan_kmalloc+0xd4/0xd8 [ 16.560138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.560179] kmalloc_oob_right+0xb0/0x660 [ 16.560215] kunit_try_run_case+0x170/0x3f0 [ 16.560253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.560296] kthread+0x328/0x630 [ 16.560328] ret_from_fork+0x10/0x20 [ 16.560381] [ 16.560442] The buggy address belongs to the object at fff00000c748a300 [ 16.560442] which belongs to the cache kmalloc-128 of size 128 [ 16.560538] The buggy address is located 0 bytes to the right of [ 16.560538] allocated 115-byte region [fff00000c748a300, fff00000c748a373) [ 16.560606] [ 16.560690] The buggy address belongs to the physical page: [ 16.560862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.561156] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.561454] page_type: f5(slab) [ 16.561767] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.561831] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.561953] page dumped because: kasan: bad access detected [ 16.561995] [ 16.562020] Memory state around the buggy address: [ 16.562311] fff00000c748a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.562382] fff00000c748a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.562438] >fff00000c748a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.562492] ^ [ 16.562576] fff00000c748a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.562619] fff00000c748a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.562681] ================================================================== [ 16.569156] ================================================================== [ 16.569317] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.569375] Read of size 1 at addr fff00000c748a380 by task kunit_try_catch/145 [ 16.569424] [ 16.569453] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.569537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.569563] Hardware name: linux,dummy-virt (DT) [ 16.569600] Call trace: [ 16.569623] show_stack+0x20/0x38 (C) [ 16.569672] dump_stack_lvl+0x8c/0xd0 [ 16.569719] print_report+0x118/0x608 [ 16.569777] kasan_report+0xdc/0x128 [ 16.569824] __asan_report_load1_noabort+0x20/0x30 [ 16.569880] kmalloc_oob_right+0x5d0/0x660 [ 16.569938] kunit_try_run_case+0x170/0x3f0 [ 16.569985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.570149] kthread+0x328/0x630 [ 16.570210] ret_from_fork+0x10/0x20 [ 16.570534] [ 16.570557] Allocated by task 145: [ 16.570586] kasan_save_stack+0x3c/0x68 [ 16.570696] kasan_save_track+0x20/0x40 [ 16.570774] kasan_save_alloc_info+0x40/0x58 [ 16.570821] __kasan_kmalloc+0xd4/0xd8 [ 16.570896] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.570979] kmalloc_oob_right+0xb0/0x660 [ 16.571058] kunit_try_run_case+0x170/0x3f0 [ 16.571122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.571184] kthread+0x328/0x630 [ 16.571216] ret_from_fork+0x10/0x20 [ 16.571278] [ 16.571296] The buggy address belongs to the object at fff00000c748a300 [ 16.571296] which belongs to the cache kmalloc-128 of size 128 [ 16.571354] The buggy address is located 13 bytes to the right of [ 16.571354] allocated 115-byte region [fff00000c748a300, fff00000c748a373) [ 16.571573] [ 16.571625] The buggy address belongs to the physical page: [ 16.571673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.571781] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.571848] page_type: f5(slab) [ 16.571886] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.571947] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.571987] page dumped because: kasan: bad access detected [ 16.572218] [ 16.572279] Memory state around the buggy address: [ 16.572340] fff00000c748a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572430] fff00000c748a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.572503] >fff00000c748a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572542] ^ [ 16.572767] fff00000c748a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572833] fff00000c748a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572968] ==================================================================
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.461650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 19.470018] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 19.514952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 19.440368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.327488] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot - bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.305957] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 19.293156] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.242606] ================================================================== [ 22.242693] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.242693] [ 22.242756] Invalid free of 0x00000000bfb720bb (in kfence-#96): [ 22.242811] test_invalid_addr_free+0xec/0x238 [ 22.242862] kunit_try_run_case+0x170/0x3f0 [ 22.242905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.242965] kthread+0x328/0x630 [ 22.243007] ret_from_fork+0x10/0x20 [ 22.243047] [ 22.243071] kfence-#96: 0x00000000c3afe16e-0x000000001740f0f3, size=32, cache=test [ 22.243071] [ 22.243125] allocated by task 318 on cpu 1 at 22.242471s (0.000650s ago): [ 22.243190] test_alloc+0x230/0x628 [ 22.243232] test_invalid_addr_free+0xd4/0x238 [ 22.243273] kunit_try_run_case+0x170/0x3f0 [ 22.243314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.243357] kthread+0x328/0x630 [ 22.243392] ret_from_fork+0x10/0x20 [ 22.243432] [ 22.243478] CPU: 1 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.243561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.243590] Hardware name: linux,dummy-virt (DT) [ 22.243624] ================================================================== [ 22.138611] ================================================================== [ 22.138707] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.138707] [ 22.138773] Invalid free of 0x000000000dc54328 (in kfence-#95): [ 22.138829] test_invalid_addr_free+0x1ac/0x238 [ 22.138880] kunit_try_run_case+0x170/0x3f0 [ 22.138942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.138988] kthread+0x328/0x630 [ 22.139030] ret_from_fork+0x10/0x20 [ 22.139073] [ 22.139098] kfence-#95: 0x00000000acc7e59e-0x00000000f9faf999, size=32, cache=kmalloc-32 [ 22.139098] [ 22.139156] allocated by task 316 on cpu 1 at 22.138454s (0.000697s ago): [ 22.139222] test_alloc+0x29c/0x628 [ 22.139266] test_invalid_addr_free+0xd4/0x238 [ 22.139309] kunit_try_run_case+0x170/0x3f0 [ 22.139350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.139393] kthread+0x328/0x630 [ 22.139430] ret_from_fork+0x10/0x20 [ 22.139470] [ 22.139514] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.139600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.139630] Hardware name: linux,dummy-virt (DT) [ 22.139664] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.847987] ================================================================== [ 50.848069] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.848069] [ 50.848165] Use-after-free read at 0x00000000e623abd4 (in kfence-#152): [ 50.848219] test_krealloc+0x51c/0x830 [ 50.848265] kunit_try_run_case+0x170/0x3f0 [ 50.848312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.848359] kthread+0x328/0x630 [ 50.848398] ret_from_fork+0x10/0x20 [ 50.848441] [ 50.848467] kfence-#152: 0x00000000e623abd4-0x00000000a9fa1bc9, size=32, cache=kmalloc-32 [ 50.848467] [ 50.848523] allocated by task 346 on cpu 1 at 50.847287s (0.001232s ago): [ 50.848594] test_alloc+0x29c/0x628 [ 50.848637] test_krealloc+0xc0/0x830 [ 50.848677] kunit_try_run_case+0x170/0x3f0 [ 50.848718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.848762] kthread+0x328/0x630 [ 50.848798] ret_from_fork+0x10/0x20 [ 50.848839] [ 50.848862] freed by task 346 on cpu 1 at 50.847560s (0.001298s ago): [ 50.848922] krealloc_noprof+0x148/0x360 [ 50.848975] test_krealloc+0x1dc/0x830 [ 50.849013] kunit_try_run_case+0x170/0x3f0 [ 50.849052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.849096] kthread+0x328/0x630 [ 50.849131] ret_from_fork+0x10/0x20 [ 50.849171] [ 50.849216] CPU: 1 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 50.849299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.849330] Hardware name: linux,dummy-virt (DT) [ 50.849364] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.771095] ================================================================== [ 50.771203] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.771203] [ 50.771312] Use-after-free read at 0x0000000010ca14bb (in kfence-#151): [ 50.771369] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.771419] kunit_try_run_case+0x170/0x3f0 [ 50.771466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.771513] kthread+0x328/0x630 [ 50.771553] ret_from_fork+0x10/0x20 [ 50.771595] [ 50.771621] kfence-#151: 0x0000000010ca14bb-0x0000000058982147, size=32, cache=test [ 50.771621] [ 50.771673] allocated by task 344 on cpu 0 at 50.742754s (0.028915s ago): [ 50.771745] test_alloc+0x230/0x628 [ 50.771786] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.771830] kunit_try_run_case+0x170/0x3f0 [ 50.771871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.771914] kthread+0x328/0x630 [ 50.771964] ret_from_fork+0x10/0x20 [ 50.772003] [ 50.772026] freed by task 344 on cpu 0 at 50.742958s (0.029065s ago): [ 50.772084] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.772126] kunit_try_run_case+0x170/0x3f0 [ 50.772166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.772210] kthread+0x328/0x630 [ 50.772244] ret_from_fork+0x10/0x20 [ 50.772285] [ 50.772334] CPU: 0 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 50.772418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.772447] Hardware name: linux,dummy-virt (DT) [ 50.772484] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.778300] ================================================================== [ 27.778459] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.778459] [ 27.778568] Invalid read at 0x000000001b51b034: [ 27.778690] test_invalid_access+0xdc/0x1f0 [ 27.779043] kunit_try_run_case+0x170/0x3f0 [ 27.779155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.779207] kthread+0x328/0x630 [ 27.779253] ret_from_fork+0x10/0x20 [ 27.779332] [ 27.779386] CPU: 1 UID: 0 PID: 340 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 27.779480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.779513] Hardware name: linux,dummy-virt (DT) [ 27.779555] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.546714] ================================================================== [ 27.546813] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.546813] [ 27.546880] Corrupted memory at 0x00000000a0aa9035 [ ! . . . . . . . . . . . . . . . ] (in kfence-#147): [ 27.547207] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.547258] kunit_try_run_case+0x170/0x3f0 [ 27.547301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.547347] kthread+0x328/0x630 [ 27.547384] ret_from_fork+0x10/0x20 [ 27.547427] [ 27.547452] kfence-#147: 0x000000002e07f186-0x000000002601585f, size=73, cache=kmalloc-96 [ 27.547452] [ 27.547509] allocated by task 334 on cpu 0 at 27.546465s (0.001040s ago): [ 27.547571] test_alloc+0x29c/0x628 [ 27.547613] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.547657] kunit_try_run_case+0x170/0x3f0 [ 27.547698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.547743] kthread+0x328/0x630 [ 27.547780] ret_from_fork+0x10/0x20 [ 27.547820] [ 27.547844] freed by task 334 on cpu 0 at 27.546614s (0.001226s ago): [ 27.547908] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.547963] kunit_try_run_case+0x170/0x3f0 [ 27.548003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.548047] kthread+0x328/0x630 [ 27.548084] ret_from_fork+0x10/0x20 [ 27.548123] [ 27.548168] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 27.548253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.548284] Hardware name: linux,dummy-virt (DT) [ 27.548318] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.234774] ================================================================== [ 27.234877] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.234877] [ 27.235002] Out-of-bounds read at 0x00000000df657846 (105B right of kfence-#144): [ 27.235065] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.235118] kunit_try_run_case+0x170/0x3f0 [ 27.235165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.235210] kthread+0x328/0x630 [ 27.235249] ret_from_fork+0x10/0x20 [ 27.235289] [ 27.235316] kfence-#144: 0x00000000901e97b4-0x00000000d440038a, size=73, cache=kmalloc-96 [ 27.235316] [ 27.235367] allocated by task 332 on cpu 0 at 27.234494s (0.000869s ago): [ 27.235441] test_alloc+0x29c/0x628 [ 27.235482] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.235526] kunit_try_run_case+0x170/0x3f0 [ 27.235566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.235608] kthread+0x328/0x630 [ 27.235645] ret_from_fork+0x10/0x20 [ 27.235685] [ 27.235733] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 27.235818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.235847] Hardware name: linux,dummy-virt (DT) [ 27.235885] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.554820] ================================================================== [ 22.554917] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.554917] [ 22.555001] Corrupted memory at 0x00000000e750b7a9 [ ! ] (in kfence-#99): [ 22.555134] test_corruption+0x284/0x378 [ 22.555184] kunit_try_run_case+0x170/0x3f0 [ 22.555228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.555273] kthread+0x328/0x630 [ 22.555312] ret_from_fork+0x10/0x20 [ 22.555353] [ 22.555379] kfence-#99: 0x000000004283102b-0x00000000c913a3d4, size=32, cache=kmalloc-32 [ 22.555379] [ 22.555434] allocated by task 320 on cpu 0 at 22.554518s (0.000913s ago): [ 22.555499] test_alloc+0x29c/0x628 [ 22.555539] test_corruption+0x198/0x378 [ 22.555583] kunit_try_run_case+0x170/0x3f0 [ 22.555623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.555673] kthread+0x328/0x630 [ 22.555710] ret_from_fork+0x10/0x20 [ 22.555751] [ 22.555775] freed by task 320 on cpu 0 at 22.554624s (0.001147s ago): [ 22.555840] test_corruption+0x284/0x378 [ 22.555880] kunit_try_run_case+0x170/0x3f0 [ 22.555921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.555976] kthread+0x328/0x630 [ 22.556013] ret_from_fork+0x10/0x20 [ 22.556052] [ 22.556097] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.556179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.556210] Hardware name: linux,dummy-virt (DT) [ 22.556244] ================================================================== [ 22.346898] ================================================================== [ 22.347029] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.347029] [ 22.347103] Corrupted memory at 0x00000000f7db6952 [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 22.348259] test_corruption+0x278/0x378 [ 22.348316] kunit_try_run_case+0x170/0x3f0 [ 22.348364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.348411] kthread+0x328/0x630 [ 22.348452] ret_from_fork+0x10/0x20 [ 22.348495] [ 22.348520] kfence-#97: 0x00000000a2eb9056-0x0000000053b57ba4, size=32, cache=kmalloc-32 [ 22.348520] [ 22.348578] allocated by task 320 on cpu 0 at 22.346582s (0.001992s ago): [ 22.348644] test_alloc+0x29c/0x628 [ 22.348684] test_corruption+0xdc/0x378 [ 22.348726] kunit_try_run_case+0x170/0x3f0 [ 22.348767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.348811] kthread+0x328/0x630 [ 22.348846] ret_from_fork+0x10/0x20 [ 22.348885] [ 22.348910] freed by task 320 on cpu 0 at 22.346712s (0.002194s ago): [ 22.348984] test_corruption+0x278/0x378 [ 22.349025] kunit_try_run_case+0x170/0x3f0 [ 22.349066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.349110] kthread+0x328/0x630 [ 22.349145] ret_from_fork+0x10/0x20 [ 22.349184] [ 22.349235] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.349319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.349350] Hardware name: linux,dummy-virt (DT) [ 22.349385] ================================================================== [ 22.658683] ================================================================== [ 22.658768] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.658768] [ 22.658831] Corrupted memory at 0x000000005a0f9461 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 22.659154] test_corruption+0x120/0x378 [ 22.659203] kunit_try_run_case+0x170/0x3f0 [ 22.659248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.659292] kthread+0x328/0x630 [ 22.659330] ret_from_fork+0x10/0x20 [ 22.659372] [ 22.659396] kfence-#100: 0x000000008dc6e8c5-0x00000000590c3155, size=32, cache=test [ 22.659396] [ 22.659450] allocated by task 322 on cpu 0 at 22.658540s (0.000906s ago): [ 22.659512] test_alloc+0x230/0x628 [ 22.659554] test_corruption+0xdc/0x378 [ 22.659594] kunit_try_run_case+0x170/0x3f0 [ 22.659634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.659676] kthread+0x328/0x630 [ 22.659713] ret_from_fork+0x10/0x20 [ 22.659752] [ 22.659776] freed by task 322 on cpu 0 at 22.658596s (0.001176s ago): [ 22.659838] test_corruption+0x120/0x378 [ 22.659880] kunit_try_run_case+0x170/0x3f0 [ 22.659923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.659978] kthread+0x328/0x630 [ 22.660015] ret_from_fork+0x10/0x20 [ 22.660055] [ 22.660096] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.660179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.660208] Hardware name: linux,dummy-virt (DT) [ 22.660242] ================================================================== [ 22.866659] ================================================================== [ 22.866754] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.866754] [ 22.866816] Corrupted memory at 0x0000000099b8312d [ ! ] (in kfence-#102): [ 22.866947] test_corruption+0x1d8/0x378 [ 22.866997] kunit_try_run_case+0x170/0x3f0 [ 22.867039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.867086] kthread+0x328/0x630 [ 22.867124] ret_from_fork+0x10/0x20 [ 22.867164] [ 22.867189] kfence-#102: 0x000000008e966ebc-0x00000000989e819d, size=32, cache=test [ 22.867189] [ 22.867248] allocated by task 322 on cpu 0 at 22.866508s (0.000736s ago): [ 22.867314] test_alloc+0x230/0x628 [ 22.867357] test_corruption+0x198/0x378 [ 22.867399] kunit_try_run_case+0x170/0x3f0 [ 22.867441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.867485] kthread+0x328/0x630 [ 22.867521] ret_from_fork+0x10/0x20 [ 22.867561] [ 22.867586] freed by task 322 on cpu 0 at 22.866564s (0.001018s ago): [ 22.867649] test_corruption+0x1d8/0x378 [ 22.867690] kunit_try_run_case+0x170/0x3f0 [ 22.867730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.867774] kthread+0x328/0x630 [ 22.867812] ret_from_fork+0x10/0x20 [ 22.867852] [ 22.867893] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.867986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.868018] Hardware name: linux,dummy-virt (DT) [ 22.868052] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.932242] ================================================================== [ 21.932360] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.932360] [ 21.932429] Invalid free of 0x000000001c3efaa2 (in kfence-#93): [ 21.932493] test_double_free+0x1bc/0x238 [ 21.932543] kunit_try_run_case+0x170/0x3f0 [ 21.932590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.932635] kthread+0x328/0x630 [ 21.932677] ret_from_fork+0x10/0x20 [ 21.932720] [ 21.932745] kfence-#93: 0x000000001c3efaa2-0x000000009dddf49e, size=32, cache=kmalloc-32 [ 21.932745] [ 21.932801] allocated by task 312 on cpu 1 at 21.931938s (0.000859s ago): [ 21.932867] test_alloc+0x29c/0x628 [ 21.932909] test_double_free+0xd4/0x238 [ 21.932966] kunit_try_run_case+0x170/0x3f0 [ 21.933008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.933053] kthread+0x328/0x630 [ 21.933090] ret_from_fork+0x10/0x20 [ 21.933130] [ 21.933154] freed by task 312 on cpu 1 at 21.932016s (0.001134s ago): [ 21.933219] test_double_free+0x1ac/0x238 [ 21.933260] kunit_try_run_case+0x170/0x3f0 [ 21.933300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.933345] kthread+0x328/0x630 [ 21.933382] ret_from_fork+0x10/0x20 [ 21.933422] [ 21.933467] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 21.933551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.933588] Hardware name: linux,dummy-virt (DT) [ 21.933624] ================================================================== [ 22.034714] ================================================================== [ 22.034811] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.034811] [ 22.034875] Invalid free of 0x00000000db1f9ce7 (in kfence-#94): [ 22.034943] test_double_free+0x100/0x238 [ 22.034993] kunit_try_run_case+0x170/0x3f0 [ 22.035062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.035120] kthread+0x328/0x630 [ 22.035160] ret_from_fork+0x10/0x20 [ 22.035246] [ 22.035273] kfence-#94: 0x00000000db1f9ce7-0x00000000ab38c4b5, size=32, cache=test [ 22.035273] [ 22.035328] allocated by task 314 on cpu 1 at 22.034492s (0.000832s ago): [ 22.035393] test_alloc+0x230/0x628 [ 22.035434] test_double_free+0xd4/0x238 [ 22.035476] kunit_try_run_case+0x170/0x3f0 [ 22.035517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.035560] kthread+0x328/0x630 [ 22.035597] ret_from_fork+0x10/0x20 [ 22.035636] [ 22.035660] freed by task 314 on cpu 1 at 22.034559s (0.001097s ago): [ 22.035724] test_double_free+0xf0/0x238 [ 22.035766] kunit_try_run_case+0x170/0x3f0 [ 22.035806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.035852] kthread+0x328/0x630 [ 22.035887] ret_from_fork+0x10/0x20 [ 22.035936] [ 22.035980] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 22.036066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.036097] Hardware name: linux,dummy-virt (DT) [ 22.036131] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.615365] ================================================================== [ 21.615443] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.615443] [ 21.615552] Use-after-free read at 0x000000007aaff54e (in kfence-#90): [ 21.615604] test_use_after_free_read+0x114/0x248 [ 21.615671] kunit_try_run_case+0x170/0x3f0 [ 21.615733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.615779] kthread+0x328/0x630 [ 21.615819] ret_from_fork+0x10/0x20 [ 21.615885] [ 21.615911] kfence-#90: 0x000000007aaff54e-0x000000007f946e6b, size=32, cache=test [ 21.615911] [ 21.616237] allocated by task 306 on cpu 1 at 21.615050s (0.001110s ago): [ 21.616482] test_alloc+0x230/0x628 [ 21.616532] test_use_after_free_read+0xd0/0x248 [ 21.616717] kunit_try_run_case+0x170/0x3f0 [ 21.616778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.616824] kthread+0x328/0x630 [ 21.616861] ret_from_fork+0x10/0x20 [ 21.616920] [ 21.617018] freed by task 306 on cpu 1 at 21.615130s (0.001841s ago): [ 21.617142] test_use_after_free_read+0xf0/0x248 [ 21.617206] kunit_try_run_case+0x170/0x3f0 [ 21.617248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.617309] kthread+0x328/0x630 [ 21.617366] ret_from_fork+0x10/0x20 [ 21.617411] [ 21.617495] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 21.617587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.617617] Hardware name: linux,dummy-virt (DT) [ 21.617651] ================================================================== [ 21.507982] ================================================================== [ 21.508134] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.508134] [ 21.508241] Use-after-free read at 0x0000000077b01c1b (in kfence-#89): [ 21.508291] test_use_after_free_read+0x114/0x248 [ 21.508358] kunit_try_run_case+0x170/0x3f0 [ 21.508405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.508473] kthread+0x328/0x630 [ 21.508530] ret_from_fork+0x10/0x20 [ 21.508588] [ 21.508613] kfence-#89: 0x0000000077b01c1b-0x0000000084b7c886, size=32, cache=kmalloc-32 [ 21.508613] [ 21.508683] allocated by task 304 on cpu 1 at 21.507322s (0.001340s ago): [ 21.508776] test_alloc+0x29c/0x628 [ 21.508826] test_use_after_free_read+0xd0/0x248 [ 21.508870] kunit_try_run_case+0x170/0x3f0 [ 21.508943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.508988] kthread+0x328/0x630 [ 21.509025] ret_from_fork+0x10/0x20 [ 21.509072] [ 21.509214] freed by task 304 on cpu 1 at 21.507400s (0.001728s ago): [ 21.509326] test_use_after_free_read+0x1c0/0x248 [ 21.509557] kunit_try_run_case+0x170/0x3f0 [ 21.509615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.509661] kthread+0x328/0x630 [ 21.509744] ret_from_fork+0x10/0x20 [ 21.509806] [ 21.509855] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 21.510133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.510312] Hardware name: linux,dummy-virt (DT) [ 21.510379] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.398978] ================================================================== [ 21.399075] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.399075] [ 21.399176] Out-of-bounds write at 0x0000000025a8ed8e (1B left of kfence-#88): [ 21.399254] test_out_of_bounds_write+0x100/0x240 [ 21.399322] kunit_try_run_case+0x170/0x3f0 [ 21.399367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.399437] kthread+0x328/0x630 [ 21.399476] ret_from_fork+0x10/0x20 [ 21.399518] [ 21.399544] kfence-#88: 0x0000000075033939-0x00000000556af892, size=32, cache=test [ 21.399544] [ 21.399595] allocated by task 302 on cpu 1 at 21.398859s (0.000733s ago): [ 21.399667] test_alloc+0x230/0x628 [ 21.399914] test_out_of_bounds_write+0xc8/0x240 [ 21.399989] kunit_try_run_case+0x170/0x3f0 [ 21.400050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.400094] kthread+0x328/0x630 [ 21.400146] ret_from_fork+0x10/0x20 [ 21.400198] [ 21.400265] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 21.400357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.400404] Hardware name: linux,dummy-virt (DT) [ 21.400450] ================================================================== [ 21.186945] ================================================================== [ 21.187030] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.187030] [ 21.187158] Out-of-bounds write at 0x0000000004805c33 (1B left of kfence-#86): [ 21.187394] test_out_of_bounds_write+0x100/0x240 [ 21.187561] kunit_try_run_case+0x170/0x3f0 [ 21.187627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.187673] kthread+0x328/0x630 [ 21.187732] ret_from_fork+0x10/0x20 [ 21.187776] [ 21.187807] kfence-#86: 0x00000000d92d34d2-0x00000000c344b6bb, size=32, cache=kmalloc-32 [ 21.187807] [ 21.187900] allocated by task 300 on cpu 1 at 21.186768s (0.001091s ago): [ 21.188025] test_alloc+0x29c/0x628 [ 21.188074] test_out_of_bounds_write+0xc8/0x240 [ 21.188132] kunit_try_run_case+0x170/0x3f0 [ 21.188190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.188240] kthread+0x328/0x630 [ 21.188278] ret_from_fork+0x10/0x20 [ 21.188316] [ 21.188371] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 21.188474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.188504] Hardware name: linux,dummy-virt (DT) [ 21.188539] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.655897] ================================================================== [ 20.656042] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.656042] [ 20.656156] Out-of-bounds read at 0x000000004f8f1550 (32B right of kfence-#81): [ 20.656214] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.656292] kunit_try_run_case+0x170/0x3f0 [ 20.656346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.656391] kthread+0x328/0x630 [ 20.656439] ret_from_fork+0x10/0x20 [ 20.656489] [ 20.656514] kfence-#81: 0x00000000dde16087-0x00000000517fd80c, size=32, cache=kmalloc-32 [ 20.656514] [ 20.656568] allocated by task 296 on cpu 1 at 20.655349s (0.001215s ago): [ 20.656648] test_alloc+0x29c/0x628 [ 20.656698] test_out_of_bounds_read+0x198/0x3e0 [ 20.656748] kunit_try_run_case+0x170/0x3f0 [ 20.656798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.656841] kthread+0x328/0x630 [ 20.656878] ret_from_fork+0x10/0x20 [ 20.656916] [ 20.656970] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.657053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.657081] Hardware name: linux,dummy-virt (DT) [ 20.657114] ================================================================== [ 20.445181] ================================================================== [ 20.445306] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.445306] [ 20.445441] Out-of-bounds read at 0x00000000778c4b84 (1B left of kfence-#79): [ 20.446279] test_out_of_bounds_read+0x114/0x3e0 [ 20.446548] kunit_try_run_case+0x170/0x3f0 [ 20.446677] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.446787] kthread+0x328/0x630 [ 20.446843] ret_from_fork+0x10/0x20 [ 20.447339] [ 20.447601] kfence-#79: 0x000000009f2acde6-0x00000000cbfae64b, size=32, cache=kmalloc-32 [ 20.447601] [ 20.447827] allocated by task 296 on cpu 1 at 20.444196s (0.003545s ago): [ 20.448293] test_alloc+0x29c/0x628 [ 20.448390] test_out_of_bounds_read+0xdc/0x3e0 [ 20.448452] kunit_try_run_case+0x170/0x3f0 [ 20.448502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.448547] kthread+0x328/0x630 [ 20.448584] ret_from_fork+0x10/0x20 [ 20.448704] [ 20.448779] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.448868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.448918] Hardware name: linux,dummy-virt (DT) [ 20.449333] ================================================================== [ 20.975867] ================================================================== [ 20.975965] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.975965] [ 20.976303] Out-of-bounds read at 0x00000000c88b9457 (32B right of kfence-#84): [ 20.976414] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.976770] kunit_try_run_case+0x170/0x3f0 [ 20.976824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.976869] kthread+0x328/0x630 [ 20.977154] ret_from_fork+0x10/0x20 [ 20.977240] [ 20.977266] kfence-#84: 0x000000006748d990-0x00000000e72edd5e, size=32, cache=test [ 20.977266] [ 20.977609] allocated by task 298 on cpu 1 at 20.975756s (0.001845s ago): [ 20.977740] test_alloc+0x230/0x628 [ 20.977786] test_out_of_bounds_read+0x198/0x3e0 [ 20.977828] kunit_try_run_case+0x170/0x3f0 [ 20.978123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.978292] kthread+0x328/0x630 [ 20.978370] ret_from_fork+0x10/0x20 [ 20.978464] [ 20.978524] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.978857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.978984] Hardware name: linux,dummy-virt (DT) [ 20.979054] ================================================================== [ 20.867855] ================================================================== [ 20.867962] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.867962] [ 20.868139] Out-of-bounds read at 0x0000000088e387bf (1B left of kfence-#83): [ 20.868203] test_out_of_bounds_read+0x114/0x3e0 [ 20.868280] kunit_try_run_case+0x170/0x3f0 [ 20.868603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.868648] kthread+0x328/0x630 [ 20.868934] ret_from_fork+0x10/0x20 [ 20.869232] [ 20.869359] kfence-#83: 0x000000000fb95680-0x000000000031acc1, size=32, cache=test [ 20.869359] [ 20.869457] allocated by task 298 on cpu 1 at 20.867401s (0.002034s ago): [ 20.869665] test_alloc+0x230/0x628 [ 20.869719] test_out_of_bounds_read+0xdc/0x3e0 [ 20.869778] kunit_try_run_case+0x170/0x3f0 [ 20.870128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.870262] kthread+0x328/0x630 [ 20.870352] ret_from_fork+0x10/0x20 [ 20.870525] [ 20.870602] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.870760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.870790] Hardware name: linux,dummy-virt (DT) [ 20.870826] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.173035] ================================================================== [ 20.173099] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.173170] Write of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.173233] [ 20.173341] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.173625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.173658] Hardware name: linux,dummy-virt (DT) [ 20.173694] Call trace: [ 20.173725] show_stack+0x20/0x38 (C) [ 20.174355] dump_stack_lvl+0x8c/0xd0 [ 20.174687] print_report+0x118/0x608 [ 20.174774] kasan_report+0xdc/0x128 [ 20.174823] kasan_check_range+0x100/0x1a8 [ 20.174876] __kasan_check_write+0x20/0x30 [ 20.174924] strncpy_from_user+0x3c/0x2a0 [ 20.174986] copy_user_test_oob+0x5c0/0xec8 [ 20.175722] kunit_try_run_case+0x170/0x3f0 [ 20.175890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.176005] kthread+0x328/0x630 [ 20.176053] ret_from_fork+0x10/0x20 [ 20.176106] [ 20.176127] Allocated by task 294: [ 20.176171] kasan_save_stack+0x3c/0x68 [ 20.176283] kasan_save_track+0x20/0x40 [ 20.176325] kasan_save_alloc_info+0x40/0x58 [ 20.176363] __kasan_kmalloc+0xd4/0xd8 [ 20.176410] __kmalloc_noprof+0x198/0x4c8 [ 20.176755] kunit_kmalloc_array+0x34/0x88 [ 20.176849] copy_user_test_oob+0xac/0xec8 [ 20.176891] kunit_try_run_case+0x170/0x3f0 [ 20.177242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.177304] kthread+0x328/0x630 [ 20.177340] ret_from_fork+0x10/0x20 [ 20.177397] [ 20.177421] The buggy address belongs to the object at fff00000c522f000 [ 20.177421] which belongs to the cache kmalloc-128 of size 128 [ 20.177529] The buggy address is located 0 bytes inside of [ 20.177529] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.177603] [ 20.177875] The buggy address belongs to the physical page: [ 20.178001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.178090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.178271] page_type: f5(slab) [ 20.178413] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.178472] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.178517] page dumped because: kasan: bad access detected [ 20.178559] [ 20.178579] Memory state around the buggy address: [ 20.178613] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.178976] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.179064] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.179141] ^ [ 20.179186] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.179231] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.179437] ================================================================== [ 20.180812] ================================================================== [ 20.180868] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.180943] Write of size 1 at addr fff00000c522f078 by task kunit_try_catch/294 [ 20.180996] [ 20.181030] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.181122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.181150] Hardware name: linux,dummy-virt (DT) [ 20.181184] Call trace: [ 20.181210] show_stack+0x20/0x38 (C) [ 20.181261] dump_stack_lvl+0x8c/0xd0 [ 20.181312] print_report+0x118/0x608 [ 20.181360] kasan_report+0xdc/0x128 [ 20.181409] __asan_report_store1_noabort+0x20/0x30 [ 20.181458] strncpy_from_user+0x270/0x2a0 [ 20.181510] copy_user_test_oob+0x5c0/0xec8 [ 20.181562] kunit_try_run_case+0x170/0x3f0 [ 20.181619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.181675] kthread+0x328/0x630 [ 20.181720] ret_from_fork+0x10/0x20 [ 20.181771] [ 20.181792] Allocated by task 294: [ 20.182078] kasan_save_stack+0x3c/0x68 [ 20.182295] kasan_save_track+0x20/0x40 [ 20.182339] kasan_save_alloc_info+0x40/0x58 [ 20.183039] __kasan_kmalloc+0xd4/0xd8 [ 20.183133] __kmalloc_noprof+0x198/0x4c8 [ 20.183708] kunit_kmalloc_array+0x34/0x88 [ 20.183846] copy_user_test_oob+0xac/0xec8 [ 20.183889] kunit_try_run_case+0x170/0x3f0 [ 20.183946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.183995] kthread+0x328/0x630 [ 20.184031] ret_from_fork+0x10/0x20 [ 20.184071] [ 20.184092] The buggy address belongs to the object at fff00000c522f000 [ 20.184092] which belongs to the cache kmalloc-128 of size 128 [ 20.184156] The buggy address is located 0 bytes to the right of [ 20.184156] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.184225] [ 20.184247] The buggy address belongs to the physical page: [ 20.184591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.185122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.185197] page_type: f5(slab) [ 20.185239] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.185594] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.185643] page dumped because: kasan: bad access detected [ 20.185679] [ 20.185699] Memory state around the buggy address: [ 20.185733] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.185779] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.185836] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.185877] ^ [ 20.186568] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.186621] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.186663] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 20.146101] ================================================================== [ 20.146199] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 20.146363] Read of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.146449] [ 20.146796] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.147020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.147088] Hardware name: linux,dummy-virt (DT) [ 20.147522] Call trace: [ 20.147620] show_stack+0x20/0x38 (C) [ 20.147827] dump_stack_lvl+0x8c/0xd0 [ 20.147882] print_report+0x118/0x608 [ 20.148217] kasan_report+0xdc/0x128 [ 20.148298] kasan_check_range+0x100/0x1a8 [ 20.148612] __kasan_check_read+0x20/0x30 [ 20.148721] copy_user_test_oob+0x3c8/0xec8 [ 20.148899] kunit_try_run_case+0x170/0x3f0 [ 20.149052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.149134] kthread+0x328/0x630 [ 20.149180] ret_from_fork+0x10/0x20 [ 20.149550] [ 20.149711] Allocated by task 294: [ 20.149786] kasan_save_stack+0x3c/0x68 [ 20.149973] kasan_save_track+0x20/0x40 [ 20.150118] kasan_save_alloc_info+0x40/0x58 [ 20.150207] __kasan_kmalloc+0xd4/0xd8 [ 20.150323] __kmalloc_noprof+0x198/0x4c8 [ 20.150399] kunit_kmalloc_array+0x34/0x88 [ 20.150457] copy_user_test_oob+0xac/0xec8 [ 20.150498] kunit_try_run_case+0x170/0x3f0 [ 20.150674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.150900] kthread+0x328/0x630 [ 20.151107] ret_from_fork+0x10/0x20 [ 20.151282] [ 20.151340] The buggy address belongs to the object at fff00000c522f000 [ 20.151340] which belongs to the cache kmalloc-128 of size 128 [ 20.151539] The buggy address is located 0 bytes inside of [ 20.151539] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.151610] [ 20.151760] The buggy address belongs to the physical page: [ 20.151843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.152025] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.152392] page_type: f5(slab) [ 20.152610] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.152872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.153161] page dumped because: kasan: bad access detected [ 20.153315] [ 20.153449] Memory state around the buggy address: [ 20.153489] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.153638] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.153876] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.154068] ^ [ 20.154260] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.154320] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.154363] ================================================================== [ 20.137592] ================================================================== [ 20.138002] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 20.138278] Write of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.138342] [ 20.138387] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.138741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.138883] Hardware name: linux,dummy-virt (DT) [ 20.138966] Call trace: [ 20.139081] show_stack+0x20/0x38 (C) [ 20.139178] dump_stack_lvl+0x8c/0xd0 [ 20.139417] print_report+0x118/0x608 [ 20.139644] kasan_report+0xdc/0x128 [ 20.139770] kasan_check_range+0x100/0x1a8 [ 20.139865] __kasan_check_write+0x20/0x30 [ 20.139963] copy_user_test_oob+0x35c/0xec8 [ 20.140050] kunit_try_run_case+0x170/0x3f0 [ 20.140168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.140253] kthread+0x328/0x630 [ 20.140537] ret_from_fork+0x10/0x20 [ 20.140635] [ 20.140757] Allocated by task 294: [ 20.140828] kasan_save_stack+0x3c/0x68 [ 20.140980] kasan_save_track+0x20/0x40 [ 20.141039] kasan_save_alloc_info+0x40/0x58 [ 20.141180] __kasan_kmalloc+0xd4/0xd8 [ 20.141223] __kmalloc_noprof+0x198/0x4c8 [ 20.141527] kunit_kmalloc_array+0x34/0x88 [ 20.141875] copy_user_test_oob+0xac/0xec8 [ 20.141960] kunit_try_run_case+0x170/0x3f0 [ 20.142221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.142301] kthread+0x328/0x630 [ 20.142352] ret_from_fork+0x10/0x20 [ 20.142486] [ 20.142593] The buggy address belongs to the object at fff00000c522f000 [ 20.142593] which belongs to the cache kmalloc-128 of size 128 [ 20.142665] The buggy address is located 0 bytes inside of [ 20.142665] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.142934] [ 20.142970] The buggy address belongs to the physical page: [ 20.143008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.143077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.143134] page_type: f5(slab) [ 20.143178] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.143236] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.143295] page dumped because: kasan: bad access detected [ 20.143331] [ 20.143352] Memory state around the buggy address: [ 20.143389] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143443] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143498] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.143544] ^ [ 20.143589] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143650] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.143692] ================================================================== [ 20.121457] ================================================================== [ 20.121574] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 20.121647] Read of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.121962] [ 20.122286] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.122572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.122610] Hardware name: linux,dummy-virt (DT) [ 20.122649] Call trace: [ 20.122869] show_stack+0x20/0x38 (C) [ 20.123052] dump_stack_lvl+0x8c/0xd0 [ 20.123174] print_report+0x118/0x608 [ 20.123558] kasan_report+0xdc/0x128 [ 20.123647] kasan_check_range+0x100/0x1a8 [ 20.124038] __kasan_check_read+0x20/0x30 [ 20.124174] copy_user_test_oob+0x728/0xec8 [ 20.124281] kunit_try_run_case+0x170/0x3f0 [ 20.124575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.124642] kthread+0x328/0x630 [ 20.124690] ret_from_fork+0x10/0x20 [ 20.124793] [ 20.124819] Allocated by task 294: [ 20.124859] kasan_save_stack+0x3c/0x68 [ 20.124906] kasan_save_track+0x20/0x40 [ 20.124957] kasan_save_alloc_info+0x40/0x58 [ 20.125008] __kasan_kmalloc+0xd4/0xd8 [ 20.125047] __kmalloc_noprof+0x198/0x4c8 [ 20.125089] kunit_kmalloc_array+0x34/0x88 [ 20.125129] copy_user_test_oob+0xac/0xec8 [ 20.125171] kunit_try_run_case+0x170/0x3f0 [ 20.125212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.125262] kthread+0x328/0x630 [ 20.125310] ret_from_fork+0x10/0x20 [ 20.125366] [ 20.125397] The buggy address belongs to the object at fff00000c522f000 [ 20.125397] which belongs to the cache kmalloc-128 of size 128 [ 20.125462] The buggy address is located 0 bytes inside of [ 20.125462] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.125529] [ 20.125589] The buggy address belongs to the physical page: [ 20.125635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.125694] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.125753] page_type: f5(slab) [ 20.125796] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.125856] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.125910] page dumped because: kasan: bad access detected [ 20.126672] [ 20.126946] Memory state around the buggy address: [ 20.127228] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.127675] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.127935] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.128114] ^ [ 20.128287] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.128360] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.128427] ================================================================== [ 20.155965] ================================================================== [ 20.156054] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 20.156140] Write of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.156352] [ 20.156399] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.156759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.156960] Hardware name: linux,dummy-virt (DT) [ 20.157037] Call trace: [ 20.157064] show_stack+0x20/0x38 (C) [ 20.157127] dump_stack_lvl+0x8c/0xd0 [ 20.157180] print_report+0x118/0x608 [ 20.157229] kasan_report+0xdc/0x128 [ 20.157279] kasan_check_range+0x100/0x1a8 [ 20.157330] __kasan_check_write+0x20/0x30 [ 20.157378] copy_user_test_oob+0x434/0xec8 [ 20.157429] kunit_try_run_case+0x170/0x3f0 [ 20.157480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.157589] kthread+0x328/0x630 [ 20.157645] ret_from_fork+0x10/0x20 [ 20.157697] [ 20.157717] Allocated by task 294: [ 20.157749] kasan_save_stack+0x3c/0x68 [ 20.157792] kasan_save_track+0x20/0x40 [ 20.157841] kasan_save_alloc_info+0x40/0x58 [ 20.157881] __kasan_kmalloc+0xd4/0xd8 [ 20.157921] __kmalloc_noprof+0x198/0x4c8 [ 20.158637] kunit_kmalloc_array+0x34/0x88 [ 20.158735] copy_user_test_oob+0xac/0xec8 [ 20.158812] kunit_try_run_case+0x170/0x3f0 [ 20.158854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.159216] kthread+0x328/0x630 [ 20.159420] ret_from_fork+0x10/0x20 [ 20.159502] [ 20.159853] The buggy address belongs to the object at fff00000c522f000 [ 20.159853] which belongs to the cache kmalloc-128 of size 128 [ 20.160044] The buggy address is located 0 bytes inside of [ 20.160044] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.160396] [ 20.160628] The buggy address belongs to the physical page: [ 20.160704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.160772] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.161135] page_type: f5(slab) [ 20.161587] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.161821] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.161999] page dumped because: kasan: bad access detected [ 20.162049] [ 20.162237] Memory state around the buggy address: [ 20.162369] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.162582] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.162667] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.162716] ^ [ 20.162938] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.163152] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.163247] ================================================================== [ 20.164592] ================================================================== [ 20.164655] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.164708] Read of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.164972] [ 20.165017] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.165406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.165562] Hardware name: linux,dummy-virt (DT) [ 20.165614] Call trace: [ 20.165641] show_stack+0x20/0x38 (C) [ 20.165695] dump_stack_lvl+0x8c/0xd0 [ 20.165920] print_report+0x118/0x608 [ 20.166132] kasan_report+0xdc/0x128 [ 20.166267] kasan_check_range+0x100/0x1a8 [ 20.166365] __kasan_check_read+0x20/0x30 [ 20.166483] copy_user_test_oob+0x4a0/0xec8 [ 20.166556] kunit_try_run_case+0x170/0x3f0 [ 20.166613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.166988] kthread+0x328/0x630 [ 20.167048] ret_from_fork+0x10/0x20 [ 20.167099] [ 20.167120] Allocated by task 294: [ 20.167152] kasan_save_stack+0x3c/0x68 [ 20.167195] kasan_save_track+0x20/0x40 [ 20.167238] kasan_save_alloc_info+0x40/0x58 [ 20.167277] __kasan_kmalloc+0xd4/0xd8 [ 20.167315] __kmalloc_noprof+0x198/0x4c8 [ 20.167356] kunit_kmalloc_array+0x34/0x88 [ 20.167395] copy_user_test_oob+0xac/0xec8 [ 20.167436] kunit_try_run_case+0x170/0x3f0 [ 20.167478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.167524] kthread+0x328/0x630 [ 20.167560] ret_from_fork+0x10/0x20 [ 20.167603] [ 20.167624] The buggy address belongs to the object at fff00000c522f000 [ 20.167624] which belongs to the cache kmalloc-128 of size 128 [ 20.167687] The buggy address is located 0 bytes inside of [ 20.167687] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.167754] [ 20.167778] The buggy address belongs to the physical page: [ 20.167812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.167869] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.167921] page_type: f5(slab) [ 20.167974] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.168028] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.168374] page dumped because: kasan: bad access detected [ 20.168519] [ 20.168544] Memory state around the buggy address: [ 20.168592] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.168641] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.168686] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.168727] ^ [ 20.168774] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.168831] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.168879] ================================================================== [ 20.105086] ================================================================== [ 20.105545] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 20.105976] Write of size 121 at addr fff00000c522f000 by task kunit_try_catch/294 [ 20.106061] [ 20.106131] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.106243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.106386] Hardware name: linux,dummy-virt (DT) [ 20.106464] Call trace: [ 20.106603] show_stack+0x20/0x38 (C) [ 20.106669] dump_stack_lvl+0x8c/0xd0 [ 20.106726] print_report+0x118/0x608 [ 20.107049] kasan_report+0xdc/0x128 [ 20.107175] kasan_check_range+0x100/0x1a8 [ 20.107322] __kasan_check_write+0x20/0x30 [ 20.107471] copy_user_test_oob+0x234/0xec8 [ 20.107559] kunit_try_run_case+0x170/0x3f0 [ 20.107728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.107893] kthread+0x328/0x630 [ 20.108155] ret_from_fork+0x10/0x20 [ 20.108299] [ 20.108402] Allocated by task 294: [ 20.108461] kasan_save_stack+0x3c/0x68 [ 20.108802] kasan_save_track+0x20/0x40 [ 20.108895] kasan_save_alloc_info+0x40/0x58 [ 20.108978] __kasan_kmalloc+0xd4/0xd8 [ 20.109051] __kmalloc_noprof+0x198/0x4c8 [ 20.109114] kunit_kmalloc_array+0x34/0x88 [ 20.109341] copy_user_test_oob+0xac/0xec8 [ 20.109398] kunit_try_run_case+0x170/0x3f0 [ 20.109478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.109551] kthread+0x328/0x630 [ 20.109619] ret_from_fork+0x10/0x20 [ 20.109687] [ 20.110025] The buggy address belongs to the object at fff00000c522f000 [ 20.110025] which belongs to the cache kmalloc-128 of size 128 [ 20.110140] The buggy address is located 0 bytes inside of [ 20.110140] allocated 120-byte region [fff00000c522f000, fff00000c522f078) [ 20.110334] [ 20.110392] The buggy address belongs to the physical page: [ 20.110695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522f [ 20.110827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.110902] page_type: f5(slab) [ 20.110972] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.111069] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.111138] page dumped because: kasan: bad access detected [ 20.111204] [ 20.111262] Memory state around the buggy address: [ 20.111352] fff00000c522ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.111429] fff00000c522ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.111477] >fff00000c522f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.111783] ^ [ 20.111859] fff00000c522f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.111919] fff00000c522f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.112002] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 20.052406] ================================================================== [ 20.052479] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 20.052556] Read of size 8 at addr fff00000c4fd8f78 by task kunit_try_catch/290 [ 20.052610] [ 20.052652] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.052764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.052796] Hardware name: linux,dummy-virt (DT) [ 20.052831] Call trace: [ 20.052857] show_stack+0x20/0x38 (C) [ 20.052912] dump_stack_lvl+0x8c/0xd0 [ 20.052985] print_report+0x118/0x608 [ 20.053039] kasan_report+0xdc/0x128 [ 20.053085] __asan_report_load8_noabort+0x20/0x30 [ 20.053136] copy_to_kernel_nofault+0x204/0x250 [ 20.053186] copy_to_kernel_nofault_oob+0x158/0x418 [ 20.053246] kunit_try_run_case+0x170/0x3f0 [ 20.053298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.053353] kthread+0x328/0x630 [ 20.053396] ret_from_fork+0x10/0x20 [ 20.053447] [ 20.053467] Allocated by task 290: [ 20.053499] kasan_save_stack+0x3c/0x68 [ 20.053542] kasan_save_track+0x20/0x40 [ 20.053587] kasan_save_alloc_info+0x40/0x58 [ 20.053627] __kasan_kmalloc+0xd4/0xd8 [ 20.053667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.053710] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.053751] kunit_try_run_case+0x170/0x3f0 [ 20.053791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.053837] kthread+0x328/0x630 [ 20.053872] ret_from_fork+0x10/0x20 [ 20.053909] [ 20.054819] The buggy address belongs to the object at fff00000c4fd8f00 [ 20.054819] which belongs to the cache kmalloc-128 of size 128 [ 20.054901] The buggy address is located 0 bytes to the right of [ 20.054901] allocated 120-byte region [fff00000c4fd8f00, fff00000c4fd8f78) [ 20.055372] [ 20.055823] The buggy address belongs to the physical page: [ 20.055896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104fd8 [ 20.056442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.056517] page_type: f5(slab) [ 20.057028] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.057137] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.057485] page dumped because: kasan: bad access detected [ 20.057550] [ 20.057729] Memory state around the buggy address: [ 20.057811] fff00000c4fd8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.057979] fff00000c4fd8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.058176] >fff00000c4fd8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.058343] ^ [ 20.058474] fff00000c4fd8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.058782] fff00000c4fd9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.058858] ================================================================== [ 20.060226] ================================================================== [ 20.060530] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 20.060715] Write of size 8 at addr fff00000c4fd8f78 by task kunit_try_catch/290 [ 20.060826] [ 20.061196] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 20.061363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.061398] Hardware name: linux,dummy-virt (DT) [ 20.061432] Call trace: [ 20.061456] show_stack+0x20/0x38 (C) [ 20.061790] dump_stack_lvl+0x8c/0xd0 [ 20.061863] print_report+0x118/0x608 [ 20.061917] kasan_report+0xdc/0x128 [ 20.062019] kasan_check_range+0x100/0x1a8 [ 20.062107] __kasan_check_write+0x20/0x30 [ 20.062156] copy_to_kernel_nofault+0x8c/0x250 [ 20.062451] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 20.062672] kunit_try_run_case+0x170/0x3f0 [ 20.062746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.063052] kthread+0x328/0x630 [ 20.063474] ret_from_fork+0x10/0x20 [ 20.063704] [ 20.063893] Allocated by task 290: [ 20.063958] kasan_save_stack+0x3c/0x68 [ 20.064129] kasan_save_track+0x20/0x40 [ 20.064320] kasan_save_alloc_info+0x40/0x58 [ 20.064402] __kasan_kmalloc+0xd4/0xd8 [ 20.064484] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.064751] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.064919] kunit_try_run_case+0x170/0x3f0 [ 20.065008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.065423] kthread+0x328/0x630 [ 20.065532] ret_from_fork+0x10/0x20 [ 20.065616] [ 20.065638] The buggy address belongs to the object at fff00000c4fd8f00 [ 20.065638] which belongs to the cache kmalloc-128 of size 128 [ 20.066004] The buggy address is located 0 bytes to the right of [ 20.066004] allocated 120-byte region [fff00000c4fd8f00, fff00000c4fd8f78) [ 20.066125] [ 20.066257] The buggy address belongs to the physical page: [ 20.066296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104fd8 [ 20.066403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.066648] page_type: f5(slab) [ 20.066736] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.066842] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.066890] page dumped because: kasan: bad access detected [ 20.066950] [ 20.067004] Memory state around the buggy address: [ 20.067419] fff00000c4fd8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.067473] fff00000c4fd8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.067789] >fff00000c4fd8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.067923] ^ [ 20.067994] fff00000c4fd8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.068193] fff00000c4fd9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.068361] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.995407] ================================================================== [ 19.995685] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.995745] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/278 [ 19.995822] [ 19.996177] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.996332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.996376] Hardware name: linux,dummy-virt (DT) [ 19.996420] Call trace: [ 19.996447] show_stack+0x20/0x38 (C) [ 19.996545] dump_stack_lvl+0x8c/0xd0 [ 19.996597] print_report+0x310/0x608 [ 19.996646] kasan_report+0xdc/0x128 [ 19.996695] __asan_report_load1_noabort+0x20/0x30 [ 19.996754] vmalloc_oob+0x51c/0x5d0 [ 19.996801] kunit_try_run_case+0x170/0x3f0 [ 19.996850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.996903] kthread+0x328/0x630 [ 19.996966] ret_from_fork+0x10/0x20 [ 19.997015] [ 19.997045] The buggy address belongs to the virtual mapping at [ 19.997045] [ffff8000800fe000, ffff800080100000) created by: [ 19.997045] vmalloc_oob+0x98/0x5d0 [ 19.997120] [ 19.997144] The buggy address belongs to the physical page: [ 19.997176] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522a [ 19.997230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.997295] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.997348] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.997392] page dumped because: kasan: bad access detected [ 19.997435] [ 19.997455] Memory state around the buggy address: [ 19.997489] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.997547] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.997599] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.997639] ^ [ 19.997692] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.997738] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.997780] ================================================================== [ 19.989101] ================================================================== [ 19.989222] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.989346] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/278 [ 19.989400] [ 19.989724] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.989841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.989870] Hardware name: linux,dummy-virt (DT) [ 19.989908] Call trace: [ 19.989944] show_stack+0x20/0x38 (C) [ 19.990143] dump_stack_lvl+0x8c/0xd0 [ 19.990533] print_report+0x310/0x608 [ 19.990643] kasan_report+0xdc/0x128 [ 19.990854] __asan_report_load1_noabort+0x20/0x30 [ 19.991093] vmalloc_oob+0x578/0x5d0 [ 19.991174] kunit_try_run_case+0x170/0x3f0 [ 19.991486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.991634] kthread+0x328/0x630 [ 19.991716] ret_from_fork+0x10/0x20 [ 19.992048] [ 19.992115] The buggy address belongs to the virtual mapping at [ 19.992115] [ffff8000800fe000, ffff800080100000) created by: [ 19.992115] vmalloc_oob+0x98/0x5d0 [ 19.992440] [ 19.992476] The buggy address belongs to the physical page: [ 19.992647] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10522a [ 19.992742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.993122] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.993226] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.993312] page dumped because: kasan: bad access detected [ 19.993417] [ 19.993469] Memory state around the buggy address: [ 19.993537] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.993716] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.993963] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.994084] ^ [ 19.994151] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.994249] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.994362] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.780552] ================================================================== [ 19.780627] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.781361] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.781470] [ 19.781507] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.781609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.781946] Hardware name: linux,dummy-virt (DT) [ 19.782127] Call trace: [ 19.782183] show_stack+0x20/0x38 (C) [ 19.782344] dump_stack_lvl+0x8c/0xd0 [ 19.782398] print_report+0x118/0x608 [ 19.782448] kasan_report+0xdc/0x128 [ 19.782496] kasan_check_range+0x100/0x1a8 [ 19.782986] __kasan_check_write+0x20/0x30 [ 19.783417] kasan_atomics_helper+0x1058/0x4858 [ 19.783642] kasan_atomics+0x198/0x2e0 [ 19.783715] kunit_try_run_case+0x170/0x3f0 [ 19.783882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.783976] kthread+0x328/0x630 [ 19.784045] ret_from_fork+0x10/0x20 [ 19.784097] [ 19.784119] Allocated by task 274: [ 19.784148] kasan_save_stack+0x3c/0x68 [ 19.784194] kasan_save_track+0x20/0x40 [ 19.784301] kasan_save_alloc_info+0x40/0x58 [ 19.784353] __kasan_kmalloc+0xd4/0xd8 [ 19.784392] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.784433] kasan_atomics+0xb8/0x2e0 [ 19.784472] kunit_try_run_case+0x170/0x3f0 [ 19.784522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.784570] kthread+0x328/0x630 [ 19.784612] ret_from_fork+0x10/0x20 [ 19.784651] [ 19.784673] The buggy address belongs to the object at fff00000c5210800 [ 19.784673] which belongs to the cache kmalloc-64 of size 64 [ 19.784746] The buggy address is located 0 bytes to the right of [ 19.784746] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.784830] [ 19.784861] The buggy address belongs to the physical page: [ 19.784912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.784985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.785039] page_type: f5(slab) [ 19.785081] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.785140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.785185] page dumped because: kasan: bad access detected [ 19.785217] [ 19.785238] Memory state around the buggy address: [ 19.785280] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.785334] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.785388] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.785444] ^ [ 19.785490] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.785551] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.785602] ================================================================== [ 19.909023] ================================================================== [ 19.909079] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.909131] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.909801] [ 19.909853] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.910248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.910334] Hardware name: linux,dummy-virt (DT) [ 19.910415] Call trace: [ 19.910506] show_stack+0x20/0x38 (C) [ 19.910602] dump_stack_lvl+0x8c/0xd0 [ 19.910711] print_report+0x118/0x608 [ 19.910849] kasan_report+0xdc/0x128 [ 19.910900] kasan_check_range+0x100/0x1a8 [ 19.910965] __kasan_check_write+0x20/0x30 [ 19.911011] kasan_atomics_helper+0x1644/0x4858 [ 19.911246] kasan_atomics+0x198/0x2e0 [ 19.911706] kunit_try_run_case+0x170/0x3f0 [ 19.911835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.911897] kthread+0x328/0x630 [ 19.911953] ret_from_fork+0x10/0x20 [ 19.912279] [ 19.912427] Allocated by task 274: [ 19.912711] kasan_save_stack+0x3c/0x68 [ 19.912946] kasan_save_track+0x20/0x40 [ 19.913132] kasan_save_alloc_info+0x40/0x58 [ 19.913218] __kasan_kmalloc+0xd4/0xd8 [ 19.913401] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.913628] kasan_atomics+0xb8/0x2e0 [ 19.913840] kunit_try_run_case+0x170/0x3f0 [ 19.914064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.914155] kthread+0x328/0x630 [ 19.914379] ret_from_fork+0x10/0x20 [ 19.914610] [ 19.914781] The buggy address belongs to the object at fff00000c5210800 [ 19.914781] which belongs to the cache kmalloc-64 of size 64 [ 19.914999] The buggy address is located 0 bytes to the right of [ 19.914999] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.915327] [ 19.915532] The buggy address belongs to the physical page: [ 19.915601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.915678] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.915916] page_type: f5(slab) [ 19.916250] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.916466] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.916585] page dumped because: kasan: bad access detected [ 19.916667] [ 19.916726] Memory state around the buggy address: [ 19.917073] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.917205] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.917293] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.917422] ^ [ 19.917501] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.917743] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.918018] ================================================================== [ 19.705026] ================================================================== [ 19.705171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.705342] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.705604] [ 19.705658] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.705779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.705903] Hardware name: linux,dummy-virt (DT) [ 19.706111] Call trace: [ 19.706154] show_stack+0x20/0x38 (C) [ 19.706553] dump_stack_lvl+0x8c/0xd0 [ 19.707021] print_report+0x118/0x608 [ 19.707419] kasan_report+0xdc/0x128 [ 19.707525] kasan_check_range+0x100/0x1a8 [ 19.707596] __kasan_check_read+0x20/0x30 [ 19.708155] kasan_atomics_helper+0xdd4/0x4858 [ 19.708315] kasan_atomics+0x198/0x2e0 [ 19.708418] kunit_try_run_case+0x170/0x3f0 [ 19.708604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.708836] kthread+0x328/0x630 [ 19.708913] ret_from_fork+0x10/0x20 [ 19.709280] [ 19.709336] Allocated by task 274: [ 19.709371] kasan_save_stack+0x3c/0x68 [ 19.709542] kasan_save_track+0x20/0x40 [ 19.709866] kasan_save_alloc_info+0x40/0x58 [ 19.709952] __kasan_kmalloc+0xd4/0xd8 [ 19.710006] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.710056] kasan_atomics+0xb8/0x2e0 [ 19.710107] kunit_try_run_case+0x170/0x3f0 [ 19.710149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.710204] kthread+0x328/0x630 [ 19.710249] ret_from_fork+0x10/0x20 [ 19.710288] [ 19.710321] The buggy address belongs to the object at fff00000c5210800 [ 19.710321] which belongs to the cache kmalloc-64 of size 64 [ 19.710386] The buggy address is located 0 bytes to the right of [ 19.710386] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.710466] [ 19.710498] The buggy address belongs to the physical page: [ 19.710553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.710620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.710674] page_type: f5(slab) [ 19.710732] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.710796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.710840] page dumped because: kasan: bad access detected [ 19.710895] [ 19.710919] Memory state around the buggy address: [ 19.710962] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.711711] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.711805] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.711849] ^ [ 19.712357] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.712702] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.712788] ================================================================== [ 19.819425] ================================================================== [ 19.819652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.819905] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.820062] [ 19.820098] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.820214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.820256] Hardware name: linux,dummy-virt (DT) [ 19.820602] Call trace: [ 19.820660] show_stack+0x20/0x38 (C) [ 19.820826] dump_stack_lvl+0x8c/0xd0 [ 19.820891] print_report+0x118/0x608 [ 19.821204] kasan_report+0xdc/0x128 [ 19.821288] kasan_check_range+0x100/0x1a8 [ 19.821349] __kasan_check_write+0x20/0x30 [ 19.821396] kasan_atomics_helper+0x11f8/0x4858 [ 19.821860] kasan_atomics+0x198/0x2e0 [ 19.822101] kunit_try_run_case+0x170/0x3f0 [ 19.822206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.822265] kthread+0x328/0x630 [ 19.822486] ret_from_fork+0x10/0x20 [ 19.822667] [ 19.822775] Allocated by task 274: [ 19.823024] kasan_save_stack+0x3c/0x68 [ 19.823174] kasan_save_track+0x20/0x40 [ 19.823350] kasan_save_alloc_info+0x40/0x58 [ 19.823586] __kasan_kmalloc+0xd4/0xd8 [ 19.824008] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.824093] kasan_atomics+0xb8/0x2e0 [ 19.824338] kunit_try_run_case+0x170/0x3f0 [ 19.824548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.824811] kthread+0x328/0x630 [ 19.824908] ret_from_fork+0x10/0x20 [ 19.825354] [ 19.825560] The buggy address belongs to the object at fff00000c5210800 [ 19.825560] which belongs to the cache kmalloc-64 of size 64 [ 19.825673] The buggy address is located 0 bytes to the right of [ 19.825673] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.825753] [ 19.825967] The buggy address belongs to the physical page: [ 19.826015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.826122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.826415] page_type: f5(slab) [ 19.826706] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.826944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.827015] page dumped because: kasan: bad access detected [ 19.827208] [ 19.827403] Memory state around the buggy address: [ 19.827561] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.827640] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.827730] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.828113] ^ [ 19.828190] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.828341] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.828435] ================================================================== [ 19.740535] ================================================================== [ 19.740593] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.740648] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.740966] [ 19.741142] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.741277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.741388] Hardware name: linux,dummy-virt (DT) [ 19.741422] Call trace: [ 19.741449] show_stack+0x20/0x38 (C) [ 19.741669] dump_stack_lvl+0x8c/0xd0 [ 19.741821] print_report+0x118/0x608 [ 19.741990] kasan_report+0xdc/0x128 [ 19.742435] kasan_check_range+0x100/0x1a8 [ 19.742595] __kasan_check_write+0x20/0x30 [ 19.742694] kasan_atomics_helper+0xeb8/0x4858 [ 19.742849] kasan_atomics+0x198/0x2e0 [ 19.742960] kunit_try_run_case+0x170/0x3f0 [ 19.743129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.743206] kthread+0x328/0x630 [ 19.743259] ret_from_fork+0x10/0x20 [ 19.743309] [ 19.743331] Allocated by task 274: [ 19.743855] kasan_save_stack+0x3c/0x68 [ 19.744048] kasan_save_track+0x20/0x40 [ 19.744160] kasan_save_alloc_info+0x40/0x58 [ 19.744392] __kasan_kmalloc+0xd4/0xd8 [ 19.744998] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.745066] kasan_atomics+0xb8/0x2e0 [ 19.745294] kunit_try_run_case+0x170/0x3f0 [ 19.745771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.745991] kthread+0x328/0x630 [ 19.746043] ret_from_fork+0x10/0x20 [ 19.746234] [ 19.746473] The buggy address belongs to the object at fff00000c5210800 [ 19.746473] which belongs to the cache kmalloc-64 of size 64 [ 19.746676] The buggy address is located 0 bytes to the right of [ 19.746676] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.746771] [ 19.747141] The buggy address belongs to the physical page: [ 19.747247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.747525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.747694] page_type: f5(slab) [ 19.747915] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.748233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.748396] page dumped because: kasan: bad access detected [ 19.748484] [ 19.748595] Memory state around the buggy address: [ 19.748655] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.748713] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.748775] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.748989] ^ [ 19.749459] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.749558] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.749767] ================================================================== [ 19.850337] ================================================================== [ 19.850393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.850449] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.850503] [ 19.850537] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.850627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.850656] Hardware name: linux,dummy-virt (DT) [ 19.850689] Call trace: [ 19.850715] show_stack+0x20/0x38 (C) [ 19.850766] dump_stack_lvl+0x8c/0xd0 [ 19.850816] print_report+0x118/0x608 [ 19.850863] kasan_report+0xdc/0x128 [ 19.850912] kasan_check_range+0x100/0x1a8 [ 19.850978] __kasan_check_write+0x20/0x30 [ 19.851024] kasan_atomics_helper+0x1384/0x4858 [ 19.851085] kasan_atomics+0x198/0x2e0 [ 19.851144] kunit_try_run_case+0x170/0x3f0 [ 19.851203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.851260] kthread+0x328/0x630 [ 19.851305] ret_from_fork+0x10/0x20 [ 19.851356] [ 19.851378] Allocated by task 274: [ 19.851419] kasan_save_stack+0x3c/0x68 [ 19.851462] kasan_save_track+0x20/0x40 [ 19.851511] kasan_save_alloc_info+0x40/0x58 [ 19.851552] __kasan_kmalloc+0xd4/0xd8 [ 19.851592] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.851634] kasan_atomics+0xb8/0x2e0 [ 19.851673] kunit_try_run_case+0x170/0x3f0 [ 19.851723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.851771] kthread+0x328/0x630 [ 19.851807] ret_from_fork+0x10/0x20 [ 19.851845] [ 19.851866] The buggy address belongs to the object at fff00000c5210800 [ 19.851866] which belongs to the cache kmalloc-64 of size 64 [ 19.851936] The buggy address is located 0 bytes to the right of [ 19.851936] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.852461] [ 19.852873] The buggy address belongs to the physical page: [ 19.852939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.853007] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.853449] page_type: f5(slab) [ 19.853508] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.853646] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.853704] page dumped because: kasan: bad access detected [ 19.853739] [ 19.854021] Memory state around the buggy address: [ 19.854426] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.854713] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.854767] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.854877] ^ [ 19.854992] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.855122] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.855251] ================================================================== [ 19.684084] ================================================================== [ 19.684939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.685190] Write of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.685274] [ 19.685332] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.685471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.685520] Hardware name: linux,dummy-virt (DT) [ 19.685555] Call trace: [ 19.685588] show_stack+0x20/0x38 (C) [ 19.685733] dump_stack_lvl+0x8c/0xd0 [ 19.685785] print_report+0x118/0x608 [ 19.685833] kasan_report+0xdc/0x128 [ 19.686166] kasan_check_range+0x100/0x1a8 [ 19.686553] __kasan_check_write+0x20/0x30 [ 19.686636] kasan_atomics_helper+0xd3c/0x4858 [ 19.686696] kasan_atomics+0x198/0x2e0 [ 19.686984] kunit_try_run_case+0x170/0x3f0 [ 19.687129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.687345] kthread+0x328/0x630 [ 19.687648] ret_from_fork+0x10/0x20 [ 19.688027] [ 19.688120] Allocated by task 274: [ 19.688186] kasan_save_stack+0x3c/0x68 [ 19.688618] kasan_save_track+0x20/0x40 [ 19.688710] kasan_save_alloc_info+0x40/0x58 [ 19.688770] __kasan_kmalloc+0xd4/0xd8 [ 19.689105] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.689240] kasan_atomics+0xb8/0x2e0 [ 19.689284] kunit_try_run_case+0x170/0x3f0 [ 19.689356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.689571] kthread+0x328/0x630 [ 19.689833] ret_from_fork+0x10/0x20 [ 19.689887] [ 19.689911] The buggy address belongs to the object at fff00000c5210800 [ 19.689911] which belongs to the cache kmalloc-64 of size 64 [ 19.689985] The buggy address is located 0 bytes to the right of [ 19.689985] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.690051] [ 19.690344] The buggy address belongs to the physical page: [ 19.690635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.690802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.690886] page_type: f5(slab) [ 19.691038] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.691114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.691438] page dumped because: kasan: bad access detected [ 19.691580] [ 19.691652] Memory state around the buggy address: [ 19.691778] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.691838] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.691891] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.692186] ^ [ 19.692310] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.692395] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.692707] ================================================================== [ 19.895693] ================================================================== [ 19.895778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.895900] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.895985] [ 19.896021] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.896161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.896192] Hardware name: linux,dummy-virt (DT) [ 19.896227] Call trace: [ 19.896251] show_stack+0x20/0x38 (C) [ 19.896562] dump_stack_lvl+0x8c/0xd0 [ 19.896843] print_report+0x118/0x608 [ 19.897069] kasan_report+0xdc/0x128 [ 19.897139] kasan_check_range+0x100/0x1a8 [ 19.897258] __kasan_check_write+0x20/0x30 [ 19.897333] kasan_atomics_helper+0x15b4/0x4858 [ 19.897386] kasan_atomics+0x198/0x2e0 [ 19.897484] kunit_try_run_case+0x170/0x3f0 [ 19.897536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.897597] kthread+0x328/0x630 [ 19.897641] ret_from_fork+0x10/0x20 [ 19.897692] [ 19.897714] Allocated by task 274: [ 19.897743] kasan_save_stack+0x3c/0x68 [ 19.897788] kasan_save_track+0x20/0x40 [ 19.897830] kasan_save_alloc_info+0x40/0x58 [ 19.897870] __kasan_kmalloc+0xd4/0xd8 [ 19.897911] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.897964] kasan_atomics+0xb8/0x2e0 [ 19.898685] kunit_try_run_case+0x170/0x3f0 [ 19.898789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.898866] kthread+0x328/0x630 [ 19.899037] ret_from_fork+0x10/0x20 [ 19.899160] [ 19.899304] The buggy address belongs to the object at fff00000c5210800 [ 19.899304] which belongs to the cache kmalloc-64 of size 64 [ 19.899598] The buggy address is located 0 bytes to the right of [ 19.899598] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.899738] [ 19.899798] The buggy address belongs to the physical page: [ 19.899845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.899909] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.900111] page_type: f5(slab) [ 19.900314] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.900593] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.900670] page dumped because: kasan: bad access detected [ 19.900774] [ 19.900825] Memory state around the buggy address: [ 19.900881] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.900946] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.901467] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.901523] ^ [ 19.901609] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.901733] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.901801] ================================================================== [ 19.584505] ================================================================== [ 19.584559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.584616] Write of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.584669] [ 19.585169] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.585311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.585647] Hardware name: linux,dummy-virt (DT) [ 19.585889] Call trace: [ 19.586210] show_stack+0x20/0x38 (C) [ 19.586563] dump_stack_lvl+0x8c/0xd0 [ 19.586747] print_report+0x118/0x608 [ 19.586895] kasan_report+0xdc/0x128 [ 19.586984] kasan_check_range+0x100/0x1a8 [ 19.587102] __kasan_check_write+0x20/0x30 [ 19.587189] kasan_atomics_helper+0x99c/0x4858 [ 19.587327] kasan_atomics+0x198/0x2e0 [ 19.587424] kunit_try_run_case+0x170/0x3f0 [ 19.587801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.587984] kthread+0x328/0x630 [ 19.588070] ret_from_fork+0x10/0x20 [ 19.588164] [ 19.588205] Allocated by task 274: [ 19.588263] kasan_save_stack+0x3c/0x68 [ 19.588418] kasan_save_track+0x20/0x40 [ 19.588671] kasan_save_alloc_info+0x40/0x58 [ 19.588850] __kasan_kmalloc+0xd4/0xd8 [ 19.588979] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.589198] kasan_atomics+0xb8/0x2e0 [ 19.589535] kunit_try_run_case+0x170/0x3f0 [ 19.589596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.590075] kthread+0x328/0x630 [ 19.590126] ret_from_fork+0x10/0x20 [ 19.590165] [ 19.590188] The buggy address belongs to the object at fff00000c5210800 [ 19.590188] which belongs to the cache kmalloc-64 of size 64 [ 19.590250] The buggy address is located 0 bytes to the right of [ 19.590250] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.590600] [ 19.590727] The buggy address belongs to the physical page: [ 19.590779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.591084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.591313] page_type: f5(slab) [ 19.591559] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.591711] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.591988] page dumped because: kasan: bad access detected [ 19.592119] [ 19.592561] Memory state around the buggy address: [ 19.592671] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.593151] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.593311] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.593416] ^ [ 19.593693] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.593957] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.594267] ================================================================== [ 19.919100] ================================================================== [ 19.919323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.919388] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.919905] [ 19.920025] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.920148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.920460] Hardware name: linux,dummy-virt (DT) [ 19.920518] Call trace: [ 19.920546] show_stack+0x20/0x38 (C) [ 19.920889] dump_stack_lvl+0x8c/0xd0 [ 19.920975] print_report+0x118/0x608 [ 19.921025] kasan_report+0xdc/0x128 [ 19.921197] __asan_report_load8_noabort+0x20/0x30 [ 19.921261] kasan_atomics_helper+0x3df4/0x4858 [ 19.921312] kasan_atomics+0x198/0x2e0 [ 19.921362] kunit_try_run_case+0x170/0x3f0 [ 19.921431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.921488] kthread+0x328/0x630 [ 19.921543] ret_from_fork+0x10/0x20 [ 19.921602] [ 19.921630] Allocated by task 274: [ 19.921661] kasan_save_stack+0x3c/0x68 [ 19.921705] kasan_save_track+0x20/0x40 [ 19.921744] kasan_save_alloc_info+0x40/0x58 [ 19.921783] __kasan_kmalloc+0xd4/0xd8 [ 19.921833] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.921877] kasan_atomics+0xb8/0x2e0 [ 19.921917] kunit_try_run_case+0x170/0x3f0 [ 19.921969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.922015] kthread+0x328/0x630 [ 19.922566] ret_from_fork+0x10/0x20 [ 19.922651] [ 19.922706] The buggy address belongs to the object at fff00000c5210800 [ 19.922706] which belongs to the cache kmalloc-64 of size 64 [ 19.923089] The buggy address is located 0 bytes to the right of [ 19.923089] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.923787] [ 19.923831] The buggy address belongs to the physical page: [ 19.923886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.923996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.924050] page_type: f5(slab) [ 19.924677] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.924761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.925033] page dumped because: kasan: bad access detected [ 19.925122] [ 19.925348] Memory state around the buggy address: [ 19.925590] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.925712] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.925798] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.925902] ^ [ 19.925989] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.926351] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.926514] ================================================================== [ 19.734661] ================================================================== [ 19.734720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.734777] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.734841] [ 19.735136] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.735262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.735296] Hardware name: linux,dummy-virt (DT) [ 19.735336] Call trace: [ 19.735361] show_stack+0x20/0x38 (C) [ 19.735416] dump_stack_lvl+0x8c/0xd0 [ 19.735477] print_report+0x118/0x608 [ 19.735543] kasan_report+0xdc/0x128 [ 19.735593] __asan_report_store8_noabort+0x20/0x30 [ 19.735646] kasan_atomics_helper+0x3e5c/0x4858 [ 19.735707] kasan_atomics+0x198/0x2e0 [ 19.735757] kunit_try_run_case+0x170/0x3f0 [ 19.735807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.735862] kthread+0x328/0x630 [ 19.735908] ret_from_fork+0x10/0x20 [ 19.735969] [ 19.735990] Allocated by task 274: [ 19.736025] kasan_save_stack+0x3c/0x68 [ 19.736070] kasan_save_track+0x20/0x40 [ 19.736111] kasan_save_alloc_info+0x40/0x58 [ 19.736150] __kasan_kmalloc+0xd4/0xd8 [ 19.736199] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.736243] kasan_atomics+0xb8/0x2e0 [ 19.736281] kunit_try_run_case+0x170/0x3f0 [ 19.736331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.736379] kthread+0x328/0x630 [ 19.736415] ret_from_fork+0x10/0x20 [ 19.736453] [ 19.736473] The buggy address belongs to the object at fff00000c5210800 [ 19.736473] which belongs to the cache kmalloc-64 of size 64 [ 19.736535] The buggy address is located 0 bytes to the right of [ 19.736535] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.736603] [ 19.736624] The buggy address belongs to the physical page: [ 19.736663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.736718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.736777] page_type: f5(slab) [ 19.736821] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.736874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.736919] page dumped because: kasan: bad access detected [ 19.737316] [ 19.737723] Memory state around the buggy address: [ 19.737807] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.737859] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.737905] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.738292] ^ [ 19.738411] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.738916] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.739004] ================================================================== [ 19.724047] ================================================================== [ 19.724249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.724314] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.724367] [ 19.724417] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.724512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.724543] Hardware name: linux,dummy-virt (DT) [ 19.724578] Call trace: [ 19.724603] show_stack+0x20/0x38 (C) [ 19.724656] dump_stack_lvl+0x8c/0xd0 [ 19.724729] print_report+0x118/0x608 [ 19.724780] kasan_report+0xdc/0x128 [ 19.724828] kasan_check_range+0x100/0x1a8 [ 19.724880] __kasan_check_write+0x20/0x30 [ 19.724938] kasan_atomics_helper+0xe44/0x4858 [ 19.724998] kasan_atomics+0x198/0x2e0 [ 19.725046] kunit_try_run_case+0x170/0x3f0 [ 19.725339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.726399] kthread+0x328/0x630 [ 19.726503] ret_from_fork+0x10/0x20 [ 19.726568] [ 19.726590] Allocated by task 274: [ 19.726622] kasan_save_stack+0x3c/0x68 [ 19.726668] kasan_save_track+0x20/0x40 [ 19.726709] kasan_save_alloc_info+0x40/0x58 [ 19.726966] __kasan_kmalloc+0xd4/0xd8 [ 19.727269] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.727616] kasan_atomics+0xb8/0x2e0 [ 19.727959] kunit_try_run_case+0x170/0x3f0 [ 19.728281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.728407] kthread+0x328/0x630 [ 19.728563] ret_from_fork+0x10/0x20 [ 19.728901] [ 19.729016] The buggy address belongs to the object at fff00000c5210800 [ 19.729016] which belongs to the cache kmalloc-64 of size 64 [ 19.729087] The buggy address is located 0 bytes to the right of [ 19.729087] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.729308] [ 19.729364] The buggy address belongs to the physical page: [ 19.729615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.729859] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.730187] page_type: f5(slab) [ 19.730243] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.730299] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.730741] page dumped because: kasan: bad access detected [ 19.730946] [ 19.731040] Memory state around the buggy address: [ 19.731298] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.731754] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.731834] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.732060] ^ [ 19.732121] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.732168] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.732343] ================================================================== [ 19.856064] ================================================================== [ 19.856365] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.856486] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.856562] [ 19.856622] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.856748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.856776] Hardware name: linux,dummy-virt (DT) [ 19.857073] Call trace: [ 19.857124] show_stack+0x20/0x38 (C) [ 19.857207] dump_stack_lvl+0x8c/0xd0 [ 19.857262] print_report+0x118/0x608 [ 19.857329] kasan_report+0xdc/0x128 [ 19.857501] __asan_report_load8_noabort+0x20/0x30 [ 19.857780] kasan_atomics_helper+0x3f04/0x4858 [ 19.857918] kasan_atomics+0x198/0x2e0 [ 19.857987] kunit_try_run_case+0x170/0x3f0 [ 19.858071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.858207] kthread+0x328/0x630 [ 19.858256] ret_from_fork+0x10/0x20 [ 19.858319] [ 19.858348] Allocated by task 274: [ 19.858382] kasan_save_stack+0x3c/0x68 [ 19.858543] kasan_save_track+0x20/0x40 [ 19.859060] kasan_save_alloc_info+0x40/0x58 [ 19.859217] __kasan_kmalloc+0xd4/0xd8 [ 19.859307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.859350] kasan_atomics+0xb8/0x2e0 [ 19.859510] kunit_try_run_case+0x170/0x3f0 [ 19.859713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.859890] kthread+0x328/0x630 [ 19.860112] ret_from_fork+0x10/0x20 [ 19.860182] [ 19.860285] The buggy address belongs to the object at fff00000c5210800 [ 19.860285] which belongs to the cache kmalloc-64 of size 64 [ 19.860359] The buggy address is located 0 bytes to the right of [ 19.860359] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.860700] [ 19.861056] The buggy address belongs to the physical page: [ 19.861217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.861336] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.861481] page_type: f5(slab) [ 19.861527] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.861748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.861943] page dumped because: kasan: bad access detected [ 19.862009] [ 19.862052] Memory state around the buggy address: [ 19.862199] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.862254] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.862583] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.862982] ^ [ 19.863081] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.863216] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.863294] ================================================================== [ 19.864176] ================================================================== [ 19.864490] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.864567] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.864668] [ 19.864705] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.864796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.864845] Hardware name: linux,dummy-virt (DT) [ 19.864880] Call trace: [ 19.864907] show_stack+0x20/0x38 (C) [ 19.864969] dump_stack_lvl+0x8c/0xd0 [ 19.865019] print_report+0x118/0x608 [ 19.865067] kasan_report+0xdc/0x128 [ 19.865249] kasan_check_range+0x100/0x1a8 [ 19.865663] __kasan_check_write+0x20/0x30 [ 19.865829] kasan_atomics_helper+0x1414/0x4858 [ 19.865913] kasan_atomics+0x198/0x2e0 [ 19.866006] kunit_try_run_case+0x170/0x3f0 [ 19.866106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.866319] kthread+0x328/0x630 [ 19.866554] ret_from_fork+0x10/0x20 [ 19.866813] [ 19.866873] Allocated by task 274: [ 19.867049] kasan_save_stack+0x3c/0x68 [ 19.867184] kasan_save_track+0x20/0x40 [ 19.867226] kasan_save_alloc_info+0x40/0x58 [ 19.867282] __kasan_kmalloc+0xd4/0xd8 [ 19.867575] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.867828] kasan_atomics+0xb8/0x2e0 [ 19.867965] kunit_try_run_case+0x170/0x3f0 [ 19.868304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.868539] kthread+0x328/0x630 [ 19.868623] ret_from_fork+0x10/0x20 [ 19.868664] [ 19.868832] The buggy address belongs to the object at fff00000c5210800 [ 19.868832] which belongs to the cache kmalloc-64 of size 64 [ 19.869282] The buggy address is located 0 bytes to the right of [ 19.869282] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.869387] [ 19.869510] The buggy address belongs to the physical page: [ 19.869562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.869779] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.870035] page_type: f5(slab) [ 19.870213] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.870270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.870373] page dumped because: kasan: bad access detected [ 19.870570] [ 19.870869] Memory state around the buggy address: [ 19.871079] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.871164] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.871300] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.871388] ^ [ 19.871562] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.871609] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.871729] ================================================================== [ 19.693524] ================================================================== [ 19.693589] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.693646] Read of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.693699] [ 19.693735] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.693823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.693853] Hardware name: linux,dummy-virt (DT) [ 19.693887] Call trace: [ 19.693911] show_stack+0x20/0x38 (C) [ 19.694596] dump_stack_lvl+0x8c/0xd0 [ 19.694872] print_report+0x118/0x608 [ 19.695304] kasan_report+0xdc/0x128 [ 19.695812] __asan_report_load4_noabort+0x20/0x30 [ 19.696295] kasan_atomics_helper+0x3e04/0x4858 [ 19.696507] kasan_atomics+0x198/0x2e0 [ 19.696873] kunit_try_run_case+0x170/0x3f0 [ 19.697307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.697424] kthread+0x328/0x630 [ 19.697804] ret_from_fork+0x10/0x20 [ 19.697953] [ 19.698011] Allocated by task 274: [ 19.698191] kasan_save_stack+0x3c/0x68 [ 19.698341] kasan_save_track+0x20/0x40 [ 19.698656] kasan_save_alloc_info+0x40/0x58 [ 19.698772] __kasan_kmalloc+0xd4/0xd8 [ 19.698898] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.699085] kasan_atomics+0xb8/0x2e0 [ 19.699283] kunit_try_run_case+0x170/0x3f0 [ 19.699527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.699613] kthread+0x328/0x630 [ 19.699828] ret_from_fork+0x10/0x20 [ 19.699920] [ 19.700249] The buggy address belongs to the object at fff00000c5210800 [ 19.700249] which belongs to the cache kmalloc-64 of size 64 [ 19.700462] The buggy address is located 0 bytes to the right of [ 19.700462] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.700695] [ 19.700826] The buggy address belongs to the physical page: [ 19.700891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.701337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.701458] page_type: f5(slab) [ 19.701583] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.701954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.702096] page dumped because: kasan: bad access detected [ 19.702172] [ 19.702216] Memory state around the buggy address: [ 19.702332] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.702382] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.702434] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.702474] ^ [ 19.702510] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.702729] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.702893] ================================================================== [ 19.570819] ================================================================== [ 19.570877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.571263] Read of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.571335] [ 19.571373] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.571462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.571490] Hardware name: linux,dummy-virt (DT) [ 19.571523] Call trace: [ 19.571547] show_stack+0x20/0x38 (C) [ 19.571614] dump_stack_lvl+0x8c/0xd0 [ 19.571667] print_report+0x118/0x608 [ 19.571724] kasan_report+0xdc/0x128 [ 19.571775] __asan_report_load4_noabort+0x20/0x30 [ 19.571837] kasan_atomics_helper+0x42d8/0x4858 [ 19.571890] kasan_atomics+0x198/0x2e0 [ 19.571958] kunit_try_run_case+0x170/0x3f0 [ 19.572011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.572065] kthread+0x328/0x630 [ 19.572108] ret_from_fork+0x10/0x20 [ 19.572160] [ 19.572181] Allocated by task 274: [ 19.572217] kasan_save_stack+0x3c/0x68 [ 19.572262] kasan_save_track+0x20/0x40 [ 19.572303] kasan_save_alloc_info+0x40/0x58 [ 19.572351] __kasan_kmalloc+0xd4/0xd8 [ 19.572391] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.572434] kasan_atomics+0xb8/0x2e0 [ 19.572472] kunit_try_run_case+0x170/0x3f0 [ 19.572512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.572559] kthread+0x328/0x630 [ 19.572595] ret_from_fork+0x10/0x20 [ 19.572632] [ 19.572662] The buggy address belongs to the object at fff00000c5210800 [ 19.572662] which belongs to the cache kmalloc-64 of size 64 [ 19.572725] The buggy address is located 0 bytes to the right of [ 19.572725] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.572916] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.574367] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.575640] Write of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.578984] __kasan_kmalloc+0xd4/0xd8 [ 19.579234] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.579465] kasan_atomics+0xb8/0x2e0 [ 19.579639] kunit_try_run_case+0x170/0x3f0 [ 19.579729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.579873] kthread+0x328/0x630 [ 19.579911] ret_from_fork+0x10/0x20 [ 19.580004] [ 19.580171] The buggy address belongs to the object at fff00000c5210800 [ 19.580171] which belongs to the cache kmalloc-64 of size 64 [ 19.580392] The buggy address is located 0 bytes to the right of [ 19.580392] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.580679] [ 19.580889] The buggy address belongs to the physical page: [ 19.581106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.581211] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.581419] page_type: f5(slab) [ 19.581555] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.581900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.581996] page dumped because: kasan: bad access detected [ 19.582118] [ 19.582164] Memory state around the buggy address: [ 19.582222] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.582275] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.582320] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.582668] ^ [ 19.582799] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.582981] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.583089] ================================================================== [ 19.872614] ================================================================== [ 19.872671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.872725] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.872785] [ 19.872818] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.872908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.872983] Hardware name: linux,dummy-virt (DT) [ 19.873021] Call trace: [ 19.873055] show_stack+0x20/0x38 (C) [ 19.873125] dump_stack_lvl+0x8c/0xd0 [ 19.873175] print_report+0x118/0x608 [ 19.873234] kasan_report+0xdc/0x128 [ 19.873293] kasan_check_range+0x100/0x1a8 [ 19.873348] __kasan_check_write+0x20/0x30 [ 19.873395] kasan_atomics_helper+0x147c/0x4858 [ 19.873446] kasan_atomics+0x198/0x2e0 [ 19.873494] kunit_try_run_case+0x170/0x3f0 [ 19.873545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.873612] kthread+0x328/0x630 [ 19.873668] ret_from_fork+0x10/0x20 [ 19.873720] [ 19.873747] Allocated by task 274: [ 19.873778] kasan_save_stack+0x3c/0x68 [ 19.873823] kasan_save_track+0x20/0x40 [ 19.873863] kasan_save_alloc_info+0x40/0x58 [ 19.873904] __kasan_kmalloc+0xd4/0xd8 [ 19.873956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.873999] kasan_atomics+0xb8/0x2e0 [ 19.874038] kunit_try_run_case+0x170/0x3f0 [ 19.874079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.874126] kthread+0x328/0x630 [ 19.874161] ret_from_fork+0x10/0x20 [ 19.874200] [ 19.874230] The buggy address belongs to the object at fff00000c5210800 [ 19.874230] which belongs to the cache kmalloc-64 of size 64 [ 19.874292] The buggy address is located 0 bytes to the right of [ 19.874292] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.874363] [ 19.874385] The buggy address belongs to the physical page: [ 19.874428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.874488] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.874536] page_type: f5(slab) [ 19.874577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.874628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.874672] page dumped because: kasan: bad access detected [ 19.874705] [ 19.874725] Memory state around the buggy address: [ 19.874759] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.874805] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.874850] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.874889] ^ [ 19.874924] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.876255] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.876325] ================================================================== [ 19.771839] ================================================================== [ 19.771901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.772094] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.772157] [ 19.772192] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.772283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.772310] Hardware name: linux,dummy-virt (DT) [ 19.772342] Call trace: [ 19.772367] show_stack+0x20/0x38 (C) [ 19.772420] dump_stack_lvl+0x8c/0xd0 [ 19.772472] print_report+0x118/0x608 [ 19.772519] kasan_report+0xdc/0x128 [ 19.772566] kasan_check_range+0x100/0x1a8 [ 19.772616] __kasan_check_write+0x20/0x30 [ 19.772663] kasan_atomics_helper+0xff0/0x4858 [ 19.772712] kasan_atomics+0x198/0x2e0 [ 19.772760] kunit_try_run_case+0x170/0x3f0 [ 19.772809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.772864] kthread+0x328/0x630 [ 19.772917] ret_from_fork+0x10/0x20 [ 19.773521] [ 19.773556] Allocated by task 274: [ 19.773605] kasan_save_stack+0x3c/0x68 [ 19.773675] kasan_save_track+0x20/0x40 [ 19.773719] kasan_save_alloc_info+0x40/0x58 [ 19.773966] __kasan_kmalloc+0xd4/0xd8 [ 19.774023] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.774106] kasan_atomics+0xb8/0x2e0 [ 19.774188] kunit_try_run_case+0x170/0x3f0 [ 19.774370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.774422] kthread+0x328/0x630 [ 19.774457] ret_from_fork+0x10/0x20 [ 19.774839] [ 19.775286] The buggy address belongs to the object at fff00000c5210800 [ 19.775286] which belongs to the cache kmalloc-64 of size 64 [ 19.775474] The buggy address is located 0 bytes to the right of [ 19.775474] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.775898] [ 19.776118] The buggy address belongs to the physical page: [ 19.776170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.777080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.777353] page_type: f5(slab) [ 19.777651] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.777740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.777900] page dumped because: kasan: bad access detected [ 19.777952] [ 19.777974] Memory state around the buggy address: [ 19.778593] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.778670] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.778735] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.778782] ^ [ 19.778819] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.779101] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.779282] ================================================================== [ 19.796659] ================================================================== [ 19.797007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.797190] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.797336] [ 19.797371] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.797944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.798091] Hardware name: linux,dummy-virt (DT) [ 19.798249] Call trace: [ 19.798295] show_stack+0x20/0x38 (C) [ 19.798452] dump_stack_lvl+0x8c/0xd0 [ 19.798588] print_report+0x118/0x608 [ 19.798637] kasan_report+0xdc/0x128 [ 19.798693] kasan_check_range+0x100/0x1a8 [ 19.799166] __kasan_check_write+0x20/0x30 [ 19.799897] kasan_atomics_helper+0x1128/0x4858 [ 19.800034] kasan_atomics+0x198/0x2e0 [ 19.800297] kunit_try_run_case+0x170/0x3f0 [ 19.800380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.800732] kthread+0x328/0x630 [ 19.801110] ret_from_fork+0x10/0x20 [ 19.801575] [ 19.801801] Allocated by task 274: [ 19.801879] kasan_save_stack+0x3c/0x68 [ 19.802091] kasan_save_track+0x20/0x40 [ 19.802441] kasan_save_alloc_info+0x40/0x58 [ 19.802728] __kasan_kmalloc+0xd4/0xd8 [ 19.802920] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.803176] kasan_atomics+0xb8/0x2e0 [ 19.803370] kunit_try_run_case+0x170/0x3f0 [ 19.803479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.803545] kthread+0x328/0x630 [ 19.803582] ret_from_fork+0x10/0x20 [ 19.803797] [ 19.804535] The buggy address belongs to the object at fff00000c5210800 [ 19.804535] which belongs to the cache kmalloc-64 of size 64 [ 19.804625] The buggy address is located 0 bytes to the right of [ 19.804625] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.804894] [ 19.805033] The buggy address belongs to the physical page: [ 19.805092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.805633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.805759] page_type: f5(slab) [ 19.805808] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.805974] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.806110] page dumped because: kasan: bad access detected [ 19.806149] [ 19.806169] Memory state around the buggy address: [ 19.806223] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.806270] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.806332] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.806373] ^ [ 19.806408] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.806469] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.806520] ================================================================== [ 19.876633] ================================================================== [ 19.876861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.876956] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.877175] [ 19.877265] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.877365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.877787] Hardware name: linux,dummy-virt (DT) [ 19.877850] Call trace: [ 19.877891] show_stack+0x20/0x38 (C) [ 19.878092] dump_stack_lvl+0x8c/0xd0 [ 19.878387] print_report+0x118/0x608 [ 19.878515] kasan_report+0xdc/0x128 [ 19.878591] kasan_check_range+0x100/0x1a8 [ 19.878747] __kasan_check_write+0x20/0x30 [ 19.878795] kasan_atomics_helper+0x14e4/0x4858 [ 19.878846] kasan_atomics+0x198/0x2e0 [ 19.879210] kunit_try_run_case+0x170/0x3f0 [ 19.879308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.879501] kthread+0x328/0x630 [ 19.879706] ret_from_fork+0x10/0x20 [ 19.880070] [ 19.880112] Allocated by task 274: [ 19.880216] kasan_save_stack+0x3c/0x68 [ 19.880498] kasan_save_track+0x20/0x40 [ 19.880636] kasan_save_alloc_info+0x40/0x58 [ 19.880705] __kasan_kmalloc+0xd4/0xd8 [ 19.880754] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.881217] kasan_atomics+0xb8/0x2e0 [ 19.881508] kunit_try_run_case+0x170/0x3f0 [ 19.881764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.881859] kthread+0x328/0x630 [ 19.881904] ret_from_fork+0x10/0x20 [ 19.882419] [ 19.882564] The buggy address belongs to the object at fff00000c5210800 [ 19.882564] which belongs to the cache kmalloc-64 of size 64 [ 19.882789] The buggy address is located 0 bytes to the right of [ 19.882789] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.882892] [ 19.882915] The buggy address belongs to the physical page: [ 19.883222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.883394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.883779] page_type: f5(slab) [ 19.884123] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.884296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.884621] page dumped because: kasan: bad access detected [ 19.884807] [ 19.884892] Memory state around the buggy address: [ 19.885010] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.885327] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.885491] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.885583] ^ [ 19.885749] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.885798] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.885878] ================================================================== [ 19.759397] ================================================================== [ 19.759453] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.759507] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.759560] [ 19.760171] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.760281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.760819] Hardware name: linux,dummy-virt (DT) [ 19.760952] Call trace: [ 19.760998] show_stack+0x20/0x38 (C) [ 19.761056] dump_stack_lvl+0x8c/0xd0 [ 19.761127] print_report+0x118/0x608 [ 19.761371] kasan_report+0xdc/0x128 [ 19.761434] kasan_check_range+0x100/0x1a8 [ 19.761487] __kasan_check_write+0x20/0x30 [ 19.762067] kasan_atomics_helper+0xf88/0x4858 [ 19.762162] kasan_atomics+0x198/0x2e0 [ 19.762339] kunit_try_run_case+0x170/0x3f0 [ 19.762538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.763058] kthread+0x328/0x630 [ 19.763283] ret_from_fork+0x10/0x20 [ 19.763493] [ 19.763559] Allocated by task 274: [ 19.763747] kasan_save_stack+0x3c/0x68 [ 19.763979] kasan_save_track+0x20/0x40 [ 19.764131] kasan_save_alloc_info+0x40/0x58 [ 19.764188] __kasan_kmalloc+0xd4/0xd8 [ 19.764254] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.764315] kasan_atomics+0xb8/0x2e0 [ 19.764586] kunit_try_run_case+0x170/0x3f0 [ 19.764671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.764980] kthread+0x328/0x630 [ 19.765267] ret_from_fork+0x10/0x20 [ 19.765600] [ 19.765774] The buggy address belongs to the object at fff00000c5210800 [ 19.765774] which belongs to the cache kmalloc-64 of size 64 [ 19.765843] The buggy address is located 0 bytes to the right of [ 19.765843] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.766511] [ 19.766566] The buggy address belongs to the physical page: [ 19.766857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.766920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.766983] page_type: f5(slab) [ 19.767044] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.767316] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.767514] page dumped because: kasan: bad access detected [ 19.767555] [ 19.767575] Memory state around the buggy address: [ 19.768015] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.768338] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.768820] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.769130] ^ [ 19.769294] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769360] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769601] ================================================================== [ 19.935879] ================================================================== [ 19.935946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.936011] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.936065] [ 19.936097] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.936192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.936220] Hardware name: linux,dummy-virt (DT) [ 19.936265] Call trace: [ 19.936297] show_stack+0x20/0x38 (C) [ 19.936352] dump_stack_lvl+0x8c/0xd0 [ 19.936407] print_report+0x118/0x608 [ 19.936457] kasan_report+0xdc/0x128 [ 19.936505] __asan_report_load8_noabort+0x20/0x30 [ 19.936557] kasan_atomics_helper+0x3e10/0x4858 [ 19.936614] kasan_atomics+0x198/0x2e0 [ 19.936662] kunit_try_run_case+0x170/0x3f0 [ 19.936712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.936768] kthread+0x328/0x630 [ 19.936813] ret_from_fork+0x10/0x20 [ 19.936870] [ 19.936892] Allocated by task 274: [ 19.936941] kasan_save_stack+0x3c/0x68 [ 19.936985] kasan_save_track+0x20/0x40 [ 19.937026] kasan_save_alloc_info+0x40/0x58 [ 19.937066] __kasan_kmalloc+0xd4/0xd8 [ 19.937454] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.937524] kasan_atomics+0xb8/0x2e0 [ 19.938399] kunit_try_run_case+0x170/0x3f0 [ 19.938483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.938554] kthread+0x328/0x630 [ 19.938609] ret_from_fork+0x10/0x20 [ 19.938670] [ 19.938715] The buggy address belongs to the object at fff00000c5210800 [ 19.938715] which belongs to the cache kmalloc-64 of size 64 [ 19.938791] The buggy address is located 0 bytes to the right of [ 19.938791] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.939598] [ 19.939648] The buggy address belongs to the physical page: [ 19.939761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.939823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.940021] page_type: f5(slab) [ 19.940228] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.940303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.940477] page dumped because: kasan: bad access detected [ 19.940702] [ 19.940777] Memory state around the buggy address: [ 19.940862] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.940987] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.941052] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.941375] ^ [ 19.941545] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.941622] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.941735] ================================================================== [ 19.942765] ================================================================== [ 19.942923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.943007] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.943114] [ 19.943147] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.943237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.943404] Hardware name: linux,dummy-virt (DT) [ 19.943593] Call trace: [ 19.943815] show_stack+0x20/0x38 (C) [ 19.944015] dump_stack_lvl+0x8c/0xd0 [ 19.944077] print_report+0x118/0x608 [ 19.944252] kasan_report+0xdc/0x128 [ 19.944350] kasan_check_range+0x100/0x1a8 [ 19.944404] __kasan_check_write+0x20/0x30 [ 19.944453] kasan_atomics_helper+0x175c/0x4858 [ 19.944883] kasan_atomics+0x198/0x2e0 [ 19.945339] kunit_try_run_case+0x170/0x3f0 [ 19.945434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.945774] kthread+0x328/0x630 [ 19.945836] ret_from_fork+0x10/0x20 [ 19.946012] [ 19.946058] Allocated by task 274: [ 19.946370] kasan_save_stack+0x3c/0x68 [ 19.946777] kasan_save_track+0x20/0x40 [ 19.946881] kasan_save_alloc_info+0x40/0x58 [ 19.946934] __kasan_kmalloc+0xd4/0xd8 [ 19.946975] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.947017] kasan_atomics+0xb8/0x2e0 [ 19.947056] kunit_try_run_case+0x170/0x3f0 [ 19.947420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.947537] kthread+0x328/0x630 [ 19.947833] ret_from_fork+0x10/0x20 [ 19.947968] [ 19.947995] The buggy address belongs to the object at fff00000c5210800 [ 19.947995] which belongs to the cache kmalloc-64 of size 64 [ 19.948379] The buggy address is located 0 bytes to the right of [ 19.948379] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.948833] [ 19.948862] The buggy address belongs to the physical page: [ 19.949128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.949538] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.949678] page_type: f5(slab) [ 19.949774] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.949837] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.950024] page dumped because: kasan: bad access detected [ 19.950081] [ 19.950529] Memory state around the buggy address: [ 19.950595] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.950712] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.950808] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.950969] ^ [ 19.951156] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.951404] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.951556] ================================================================== [ 19.751537] ================================================================== [ 19.751645] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.751721] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.751775] [ 19.751875] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.751979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.752023] Hardware name: linux,dummy-virt (DT) [ 19.752058] Call trace: [ 19.752384] show_stack+0x20/0x38 (C) [ 19.752463] dump_stack_lvl+0x8c/0xd0 [ 19.752631] print_report+0x118/0x608 [ 19.752693] kasan_report+0xdc/0x128 [ 19.752856] kasan_check_range+0x100/0x1a8 [ 19.752918] __kasan_check_write+0x20/0x30 [ 19.753198] kasan_atomics_helper+0xf20/0x4858 [ 19.753416] kasan_atomics+0x198/0x2e0 [ 19.753660] kunit_try_run_case+0x170/0x3f0 [ 19.753796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.754131] kthread+0x328/0x630 [ 19.754327] ret_from_fork+0x10/0x20 [ 19.754596] [ 19.754694] Allocated by task 274: [ 19.754839] kasan_save_stack+0x3c/0x68 [ 19.754893] kasan_save_track+0x20/0x40 [ 19.755133] kasan_save_alloc_info+0x40/0x58 [ 19.755331] __kasan_kmalloc+0xd4/0xd8 [ 19.755582] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.755819] kasan_atomics+0xb8/0x2e0 [ 19.755916] kunit_try_run_case+0x170/0x3f0 [ 19.756087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756135] kthread+0x328/0x630 [ 19.756218] ret_from_fork+0x10/0x20 [ 19.756569] [ 19.756729] The buggy address belongs to the object at fff00000c5210800 [ 19.756729] which belongs to the cache kmalloc-64 of size 64 [ 19.757184] The buggy address is located 0 bytes to the right of [ 19.757184] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.757270] [ 19.757464] The buggy address belongs to the physical page: [ 19.757523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.757592] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.757650] page_type: f5(slab) [ 19.757715] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.757785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.757829] page dumped because: kasan: bad access detected [ 19.757872] [ 19.757893] Memory state around the buggy address: [ 19.757944] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.757989] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.758042] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.758085] ^ [ 19.758143] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.758191] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.758232] ================================================================== [ 19.603589] ================================================================== [ 19.604174] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.604375] Write of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.604499] [ 19.604547] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.604801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.604846] Hardware name: linux,dummy-virt (DT) [ 19.604892] Call trace: [ 19.604920] show_stack+0x20/0x38 (C) [ 19.605172] dump_stack_lvl+0x8c/0xd0 [ 19.605240] print_report+0x118/0x608 [ 19.605293] kasan_report+0xdc/0x128 [ 19.605668] kasan_check_range+0x100/0x1a8 [ 19.605753] __kasan_check_write+0x20/0x30 [ 19.605954] kasan_atomics_helper+0xa6c/0x4858 [ 19.606008] kasan_atomics+0x198/0x2e0 [ 19.606132] kunit_try_run_case+0x170/0x3f0 [ 19.606567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.606668] kthread+0x328/0x630 [ 19.606989] ret_from_fork+0x10/0x20 [ 19.607186] [ 19.607259] Allocated by task 274: [ 19.607469] kasan_save_stack+0x3c/0x68 [ 19.607697] kasan_save_track+0x20/0x40 [ 19.607814] kasan_save_alloc_info+0x40/0x58 [ 19.607984] __kasan_kmalloc+0xd4/0xd8 [ 19.608032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.608201] kasan_atomics+0xb8/0x2e0 [ 19.608481] kunit_try_run_case+0x170/0x3f0 [ 19.608580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.608866] kthread+0x328/0x630 [ 19.609039] ret_from_fork+0x10/0x20 [ 19.609234] [ 19.609334] The buggy address belongs to the object at fff00000c5210800 [ 19.609334] which belongs to the cache kmalloc-64 of size 64 [ 19.609638] The buggy address is located 0 bytes to the right of [ 19.609638] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.609753] [ 19.609780] The buggy address belongs to the physical page: [ 19.610191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.610405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.610492] page_type: f5(slab) [ 19.610868] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.611020] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.611097] page dumped because: kasan: bad access detected [ 19.611235] [ 19.611306] Memory state around the buggy address: [ 19.611378] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.611438] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.611544] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.611611] ^ [ 19.611912] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.612066] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.612209] ================================================================== [ 19.786961] ================================================================== [ 19.787049] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.787113] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.787277] [ 19.787344] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.787500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.787608] Hardware name: linux,dummy-virt (DT) [ 19.787644] Call trace: [ 19.787827] show_stack+0x20/0x38 (C) [ 19.787892] dump_stack_lvl+0x8c/0xd0 [ 19.788243] print_report+0x118/0x608 [ 19.788465] kasan_report+0xdc/0x128 [ 19.789057] kasan_check_range+0x100/0x1a8 [ 19.789159] __kasan_check_write+0x20/0x30 [ 19.789306] kasan_atomics_helper+0x10c0/0x4858 [ 19.789404] kasan_atomics+0x198/0x2e0 [ 19.789456] kunit_try_run_case+0x170/0x3f0 [ 19.789599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.789690] kthread+0x328/0x630 [ 19.789752] ret_from_fork+0x10/0x20 [ 19.789813] [ 19.789837] Allocated by task 274: [ 19.789866] kasan_save_stack+0x3c/0x68 [ 19.790369] kasan_save_track+0x20/0x40 [ 19.790641] kasan_save_alloc_info+0x40/0x58 [ 19.790780] __kasan_kmalloc+0xd4/0xd8 [ 19.790877] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.790956] kasan_atomics+0xb8/0x2e0 [ 19.791159] kunit_try_run_case+0x170/0x3f0 [ 19.791436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.791708] kthread+0x328/0x630 [ 19.791892] ret_from_fork+0x10/0x20 [ 19.792110] [ 19.792192] The buggy address belongs to the object at fff00000c5210800 [ 19.792192] which belongs to the cache kmalloc-64 of size 64 [ 19.792594] The buggy address is located 0 bytes to the right of [ 19.792594] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.792975] [ 19.793125] The buggy address belongs to the physical page: [ 19.793346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.793600] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.793657] page_type: f5(slab) [ 19.793882] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.794153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.794416] page dumped because: kasan: bad access detected [ 19.794491] [ 19.794546] Memory state around the buggy address: [ 19.794612] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.794815] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.794991] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.795094] ^ [ 19.795260] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795359] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795449] ================================================================== [ 19.612881] ================================================================== [ 19.613355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.613430] Write of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.613485] [ 19.613956] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.614204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.614264] Hardware name: linux,dummy-virt (DT) [ 19.614415] Call trace: [ 19.614465] show_stack+0x20/0x38 (C) [ 19.614705] dump_stack_lvl+0x8c/0xd0 [ 19.614772] print_report+0x118/0x608 [ 19.615064] kasan_report+0xdc/0x128 [ 19.615128] kasan_check_range+0x100/0x1a8 [ 19.615181] __kasan_check_write+0x20/0x30 [ 19.615228] kasan_atomics_helper+0xad4/0x4858 [ 19.615281] kasan_atomics+0x198/0x2e0 [ 19.615330] kunit_try_run_case+0x170/0x3f0 [ 19.615481] ret_from_fork+0x10/0x20 [ 19.615821] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.615955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.616370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.616447] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.616500] page_type: f5(slab) [ 19.616542] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.616596] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.616641] page dumped because: kasan: bad access detected [ 19.616676] [ 19.616706] Memory state around the buggy address: [ 19.616750] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.616805] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.616859] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.616899] ^ [ 19.616998] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.617176] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.617223] ================================================================== [ 19.927291] ================================================================== [ 19.927350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.927578] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.927673] [ 19.927706] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.928050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.928176] Hardware name: linux,dummy-virt (DT) [ 19.928278] Call trace: [ 19.928304] show_stack+0x20/0x38 (C) [ 19.928380] dump_stack_lvl+0x8c/0xd0 [ 19.928514] print_report+0x118/0x608 [ 19.928571] kasan_report+0xdc/0x128 [ 19.928784] kasan_check_range+0x100/0x1a8 [ 19.928980] __kasan_check_write+0x20/0x30 [ 19.929226] kasan_atomics_helper+0x16d0/0x4858 [ 19.929307] kasan_atomics+0x198/0x2e0 [ 19.929654] kunit_try_run_case+0x170/0x3f0 [ 19.929998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.930075] kthread+0x328/0x630 [ 19.930134] ret_from_fork+0x10/0x20 [ 19.930498] [ 19.930586] Allocated by task 274: [ 19.930667] kasan_save_stack+0x3c/0x68 [ 19.930962] kasan_save_track+0x20/0x40 [ 19.931072] kasan_save_alloc_info+0x40/0x58 [ 19.931118] __kasan_kmalloc+0xd4/0xd8 [ 19.931618] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.931819] kasan_atomics+0xb8/0x2e0 [ 19.931961] kunit_try_run_case+0x170/0x3f0 [ 19.932222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.932413] kthread+0x328/0x630 [ 19.932498] ret_from_fork+0x10/0x20 [ 19.932693] [ 19.932843] The buggy address belongs to the object at fff00000c5210800 [ 19.932843] which belongs to the cache kmalloc-64 of size 64 [ 19.933183] The buggy address is located 0 bytes to the right of [ 19.933183] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.933314] [ 19.933365] The buggy address belongs to the physical page: [ 19.933723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.934095] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.934406] page_type: f5(slab) [ 19.934457] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.934512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.934554] page dumped because: kasan: bad access detected [ 19.934842] [ 19.934910] Memory state around the buggy address: [ 19.935082] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.935132] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.935200] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.935241] ^ [ 19.935278] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.935345] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.935387] ================================================================== [ 19.902668] ================================================================== [ 19.902723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.902779] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.902877] [ 19.902912] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.903015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.903044] Hardware name: linux,dummy-virt (DT) [ 19.903078] Call trace: [ 19.903346] show_stack+0x20/0x38 (C) [ 19.903420] dump_stack_lvl+0x8c/0xd0 [ 19.903637] print_report+0x118/0x608 [ 19.903846] kasan_report+0xdc/0x128 [ 19.903911] __asan_report_load8_noabort+0x20/0x30 [ 19.904025] kasan_atomics_helper+0x3db0/0x4858 [ 19.904101] kasan_atomics+0x198/0x2e0 [ 19.904167] kunit_try_run_case+0x170/0x3f0 [ 19.904288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.904363] kthread+0x328/0x630 [ 19.904578] ret_from_fork+0x10/0x20 [ 19.904851] [ 19.904887] Allocated by task 274: [ 19.904957] kasan_save_stack+0x3c/0x68 [ 19.905145] kasan_save_track+0x20/0x40 [ 19.905191] kasan_save_alloc_info+0x40/0x58 [ 19.905231] __kasan_kmalloc+0xd4/0xd8 [ 19.905271] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.905313] kasan_atomics+0xb8/0x2e0 [ 19.905847] kunit_try_run_case+0x170/0x3f0 [ 19.906020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.906151] kthread+0x328/0x630 [ 19.906192] ret_from_fork+0x10/0x20 [ 19.906532] [ 19.906633] The buggy address belongs to the object at fff00000c5210800 [ 19.906633] which belongs to the cache kmalloc-64 of size 64 [ 19.906702] The buggy address is located 0 bytes to the right of [ 19.906702] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.906796] [ 19.906953] The buggy address belongs to the physical page: [ 19.906998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.907058] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.907108] page_type: f5(slab) [ 19.907196] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.907264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.907324] page dumped because: kasan: bad access detected [ 19.907360] [ 19.907398] Memory state around the buggy address: [ 19.907432] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.907495] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.907551] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.907600] ^ [ 19.907636] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.907691] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.907742] ================================================================== [ 19.951977] ================================================================== [ 19.952025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.952490] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.952562] [ 19.952625] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.952922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.952990] Hardware name: linux,dummy-virt (DT) [ 19.953025] Call trace: [ 19.953130] show_stack+0x20/0x38 (C) [ 19.953192] dump_stack_lvl+0x8c/0xd0 [ 19.953252] print_report+0x118/0x608 [ 19.953309] kasan_report+0xdc/0x128 [ 19.953778] __asan_report_load8_noabort+0x20/0x30 [ 19.953976] kasan_atomics_helper+0x3e20/0x4858 [ 19.954051] kasan_atomics+0x198/0x2e0 [ 19.954171] kunit_try_run_case+0x170/0x3f0 [ 19.954239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.954387] kthread+0x328/0x630 [ 19.954483] ret_from_fork+0x10/0x20 [ 19.954666] [ 19.954692] Allocated by task 274: [ 19.954876] kasan_save_stack+0x3c/0x68 [ 19.955067] kasan_save_track+0x20/0x40 [ 19.955143] kasan_save_alloc_info+0x40/0x58 [ 19.955346] __kasan_kmalloc+0xd4/0xd8 [ 19.955548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.955603] kasan_atomics+0xb8/0x2e0 [ 19.956002] kunit_try_run_case+0x170/0x3f0 [ 19.956197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.956472] kthread+0x328/0x630 [ 19.956511] ret_from_fork+0x10/0x20 [ 19.956738] [ 19.956895] The buggy address belongs to the object at fff00000c5210800 [ 19.956895] which belongs to the cache kmalloc-64 of size 64 [ 19.957080] The buggy address is located 0 bytes to the right of [ 19.957080] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.957185] [ 19.957229] The buggy address belongs to the physical page: [ 19.957263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.957442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.957520] page_type: f5(slab) [ 19.957579] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.957643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.957704] page dumped because: kasan: bad access detected [ 19.957737] [ 19.957757] Memory state around the buggy address: [ 19.957809] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.957856] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.957916] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.957969] ^ [ 19.958012] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.958695] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.958766] ================================================================== [ 19.809058] ================================================================== [ 19.809141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.809205] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.809258] [ 19.809461] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.809561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.809822] Hardware name: linux,dummy-virt (DT) [ 19.810091] Call trace: [ 19.810135] show_stack+0x20/0x38 (C) [ 19.810198] dump_stack_lvl+0x8c/0xd0 [ 19.810403] print_report+0x118/0x608 [ 19.810495] kasan_report+0xdc/0x128 [ 19.810699] kasan_check_range+0x100/0x1a8 [ 19.810760] __kasan_check_write+0x20/0x30 [ 19.811019] kasan_atomics_helper+0x1190/0x4858 [ 19.811138] kasan_atomics+0x198/0x2e0 [ 19.811383] kunit_try_run_case+0x170/0x3f0 [ 19.811663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.811770] kthread+0x328/0x630 [ 19.812030] ret_from_fork+0x10/0x20 [ 19.812137] [ 19.812289] Allocated by task 274: [ 19.812367] kasan_save_stack+0x3c/0x68 [ 19.812816] kasan_save_track+0x20/0x40 [ 19.812893] kasan_save_alloc_info+0x40/0x58 [ 19.813107] __kasan_kmalloc+0xd4/0xd8 [ 19.813352] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.813405] kasan_atomics+0xb8/0x2e0 [ 19.813647] kunit_try_run_case+0x170/0x3f0 [ 19.813791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.814235] kthread+0x328/0x630 [ 19.814384] ret_from_fork+0x10/0x20 [ 19.814462] [ 19.814485] The buggy address belongs to the object at fff00000c5210800 [ 19.814485] which belongs to the cache kmalloc-64 of size 64 [ 19.814745] The buggy address is located 0 bytes to the right of [ 19.814745] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.815020] [ 19.815427] The buggy address belongs to the physical page: [ 19.815496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.815909] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.816204] page_type: f5(slab) [ 19.816641] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.816736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.816819] page dumped because: kasan: bad access detected [ 19.817066] [ 19.817194] Memory state around the buggy address: [ 19.817498] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.817565] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.817633] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.817683] ^ [ 19.817719] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817770] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817817] ================================================================== [ 19.959770] ================================================================== [ 19.959824] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.959877] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.959941] [ 19.960316] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.960455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.960870] Hardware name: linux,dummy-virt (DT) [ 19.960964] Call trace: [ 19.961010] show_stack+0x20/0x38 (C) [ 19.961426] dump_stack_lvl+0x8c/0xd0 [ 19.961506] print_report+0x118/0x608 [ 19.961653] kasan_report+0xdc/0x128 [ 19.961709] kasan_check_range+0x100/0x1a8 [ 19.961812] __kasan_check_write+0x20/0x30 [ 19.961862] kasan_atomics_helper+0x17ec/0x4858 [ 19.961947] kasan_atomics+0x198/0x2e0 [ 19.962145] kunit_try_run_case+0x170/0x3f0 [ 19.962517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.962670] kthread+0x328/0x630 [ 19.962960] ret_from_fork+0x10/0x20 [ 19.963325] [ 19.963469] Allocated by task 274: [ 19.963535] kasan_save_stack+0x3c/0x68 [ 19.963611] kasan_save_track+0x20/0x40 [ 19.963653] kasan_save_alloc_info+0x40/0x58 [ 19.963856] __kasan_kmalloc+0xd4/0xd8 [ 19.964433] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.964565] kasan_atomics+0xb8/0x2e0 [ 19.964608] kunit_try_run_case+0x170/0x3f0 [ 19.964684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.964934] kthread+0x328/0x630 [ 19.965206] ret_from_fork+0x10/0x20 [ 19.965365] [ 19.965415] The buggy address belongs to the object at fff00000c5210800 [ 19.965415] which belongs to the cache kmalloc-64 of size 64 [ 19.965479] The buggy address is located 0 bytes to the right of [ 19.965479] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.965802] [ 19.966084] The buggy address belongs to the physical page: [ 19.966191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.966333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.966390] page_type: f5(slab) [ 19.966435] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.966488] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.966532] page dumped because: kasan: bad access detected [ 19.966566] [ 19.966586] Memory state around the buggy address: [ 19.966621] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.966667] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.966872] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.967398] ^ [ 19.967486] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.967624] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.967667] ================================================================== [ 19.715048] ================================================================== [ 19.715114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.715175] Read of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.715968] [ 19.716036] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.716134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.716163] Hardware name: linux,dummy-virt (DT) [ 19.716437] Call trace: [ 19.716604] show_stack+0x20/0x38 (C) [ 19.716676] dump_stack_lvl+0x8c/0xd0 [ 19.716728] print_report+0x118/0x608 [ 19.717141] kasan_report+0xdc/0x128 [ 19.717219] __asan_report_load8_noabort+0x20/0x30 [ 19.717273] kasan_atomics_helper+0x3f58/0x4858 [ 19.717325] kasan_atomics+0x198/0x2e0 [ 19.717374] kunit_try_run_case+0x170/0x3f0 [ 19.717662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.717742] kthread+0x328/0x630 [ 19.717787] ret_from_fork+0x10/0x20 [ 19.718154] [ 19.718253] Allocated by task 274: [ 19.718336] kasan_save_stack+0x3c/0x68 [ 19.718415] kasan_save_track+0x20/0x40 [ 19.718495] kasan_save_alloc_info+0x40/0x58 [ 19.718540] __kasan_kmalloc+0xd4/0xd8 [ 19.718856] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.718964] kasan_atomics+0xb8/0x2e0 [ 19.719038] kunit_try_run_case+0x170/0x3f0 [ 19.719378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.719522] kthread+0x328/0x630 [ 19.719561] ret_from_fork+0x10/0x20 [ 19.719637] [ 19.719984] The buggy address belongs to the object at fff00000c5210800 [ 19.719984] which belongs to the cache kmalloc-64 of size 64 [ 19.720418] The buggy address is located 0 bytes to the right of [ 19.720418] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.720500] [ 19.720796] The buggy address belongs to the physical page: [ 19.720985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.721216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.721333] page_type: f5(slab) [ 19.721427] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.721528] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.721767] page dumped because: kasan: bad access detected [ 19.721940] [ 19.722007] Memory state around the buggy address: [ 19.722103] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.722207] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.722255] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.722327] ^ [ 19.722364] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.722409] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.722778] ================================================================== [ 19.838828] ================================================================== [ 19.838882] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.838948] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.839000] [ 19.839426] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.839905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.840092] Hardware name: linux,dummy-virt (DT) [ 19.840160] Call trace: [ 19.840209] show_stack+0x20/0x38 (C) [ 19.840293] dump_stack_lvl+0x8c/0xd0 [ 19.840355] print_report+0x118/0x608 [ 19.840405] kasan_report+0xdc/0x128 [ 19.840645] kasan_check_range+0x100/0x1a8 [ 19.840847] __kasan_check_write+0x20/0x30 [ 19.841010] kasan_atomics_helper+0x12d8/0x4858 [ 19.841317] kasan_atomics+0x198/0x2e0 [ 19.841472] kunit_try_run_case+0x170/0x3f0 [ 19.841816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.841895] kthread+0x328/0x630 [ 19.841951] ret_from_fork+0x10/0x20 [ 19.842213] [ 19.842402] Allocated by task 274: [ 19.842457] kasan_save_stack+0x3c/0x68 [ 19.842672] kasan_save_track+0x20/0x40 [ 19.842807] kasan_save_alloc_info+0x40/0x58 [ 19.843107] __kasan_kmalloc+0xd4/0xd8 [ 19.843731] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.843865] kasan_atomics+0xb8/0x2e0 [ 19.843908] kunit_try_run_case+0x170/0x3f0 [ 19.844286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.844495] kthread+0x328/0x630 [ 19.844693] ret_from_fork+0x10/0x20 [ 19.844778] [ 19.845198] The buggy address belongs to the object at fff00000c5210800 [ 19.845198] which belongs to the cache kmalloc-64 of size 64 [ 19.845428] The buggy address is located 0 bytes to the right of [ 19.845428] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.845641] [ 19.845698] The buggy address belongs to the physical page: [ 19.845751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.846146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.846436] page_type: f5(slab) [ 19.846540] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.846640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.847088] page dumped because: kasan: bad access detected [ 19.847150] [ 19.847205] Memory state around the buggy address: [ 19.847623] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.847800] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.847909] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.848076] ^ [ 19.848145] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.848217] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.848263] ================================================================== [ 19.596528] ================================================================== [ 19.596637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 19.596751] Write of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.596816] [ 19.596881] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.596998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.597026] Hardware name: linux,dummy-virt (DT) [ 19.597063] Call trace: [ 19.597088] show_stack+0x20/0x38 (C) [ 19.597143] dump_stack_lvl+0x8c/0xd0 [ 19.597191] print_report+0x118/0x608 [ 19.597239] kasan_report+0xdc/0x128 [ 19.597286] kasan_check_range+0x100/0x1a8 [ 19.597335] __kasan_check_write+0x20/0x30 [ 19.597381] kasan_atomics_helper+0xa04/0x4858 [ 19.597443] kasan_atomics+0x198/0x2e0 [ 19.597491] kunit_try_run_case+0x170/0x3f0 [ 19.597541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.597611] kthread+0x328/0x630 [ 19.597664] ret_from_fork+0x10/0x20 [ 19.597715] [ 19.597752] Allocated by task 274: [ 19.597782] kasan_save_stack+0x3c/0x68 [ 19.597825] kasan_save_track+0x20/0x40 [ 19.597867] kasan_save_alloc_info+0x40/0x58 [ 19.597910] __kasan_kmalloc+0xd4/0xd8 [ 19.597960] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.598003] kasan_atomics+0xb8/0x2e0 [ 19.598327] kunit_try_run_case+0x170/0x3f0 [ 19.599488] The buggy address belongs to the object at fff00000c5210800 [ 19.599488] which belongs to the cache kmalloc-64 of size 64 [ 19.599711] [ 19.599736] The buggy address belongs to the physical page: [ 19.600072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.600309] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.600570] page_type: f5(slab) [ 19.600794] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.601204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.601310] page dumped because: kasan: bad access detected [ 19.601472] [ 19.601706] Memory state around the buggy address: [ 19.601804] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.602086] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.602269] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.602386] ^ [ 19.602439] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.602485] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.602535] ================================================================== [ 19.829597] ================================================================== [ 19.829660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.829714] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.829915] [ 19.829963] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.830414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.830452] Hardware name: linux,dummy-virt (DT) [ 19.830486] Call trace: [ 19.830528] show_stack+0x20/0x38 (C) [ 19.830593] dump_stack_lvl+0x8c/0xd0 [ 19.830922] print_report+0x118/0x608 [ 19.831334] kasan_report+0xdc/0x128 [ 19.831686] kasan_check_range+0x100/0x1a8 [ 19.831942] __kasan_check_write+0x20/0x30 [ 19.832240] kasan_atomics_helper+0x126c/0x4858 [ 19.832337] kasan_atomics+0x198/0x2e0 [ 19.832426] kunit_try_run_case+0x170/0x3f0 [ 19.832598] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.832718] kthread+0x328/0x630 [ 19.832898] ret_from_fork+0x10/0x20 [ 19.833035] [ 19.833065] Allocated by task 274: [ 19.833097] kasan_save_stack+0x3c/0x68 [ 19.833344] kasan_save_track+0x20/0x40 [ 19.833686] kasan_save_alloc_info+0x40/0x58 [ 19.834119] __kasan_kmalloc+0xd4/0xd8 [ 19.834394] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.834480] kasan_atomics+0xb8/0x2e0 [ 19.834729] kunit_try_run_case+0x170/0x3f0 [ 19.834895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.835221] kthread+0x328/0x630 [ 19.835482] ret_from_fork+0x10/0x20 [ 19.835676] [ 19.835734] The buggy address belongs to the object at fff00000c5210800 [ 19.835734] which belongs to the cache kmalloc-64 of size 64 [ 19.836077] The buggy address is located 0 bytes to the right of [ 19.836077] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.836340] [ 19.836435] The buggy address belongs to the physical page: [ 19.836472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.836630] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.836708] page_type: f5(slab) [ 19.836768] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.836823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.836878] page dumped because: kasan: bad access detected [ 19.836913] [ 19.836944] Memory state around the buggy address: [ 19.836977] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.837025] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.837084] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.837125] ^ [ 19.837170] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.837222] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.837264] ================================================================== [ 19.886470] ================================================================== [ 19.886522] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.886960] Write of size 8 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.887053] [ 19.887086] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.887318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.887481] Hardware name: linux,dummy-virt (DT) [ 19.887525] Call trace: [ 19.887836] show_stack+0x20/0x38 (C) [ 19.887947] dump_stack_lvl+0x8c/0xd0 [ 19.888001] print_report+0x118/0x608 [ 19.888112] kasan_report+0xdc/0x128 [ 19.888200] kasan_check_range+0x100/0x1a8 [ 19.888318] __kasan_check_write+0x20/0x30 [ 19.888376] kasan_atomics_helper+0x154c/0x4858 [ 19.888428] kasan_atomics+0x198/0x2e0 [ 19.888492] kunit_try_run_case+0x170/0x3f0 [ 19.888546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.888740] kthread+0x328/0x630 [ 19.888969] ret_from_fork+0x10/0x20 [ 19.889512] [ 19.889577] Allocated by task 274: [ 19.889612] kasan_save_stack+0x3c/0x68 [ 19.889686] kasan_save_track+0x20/0x40 [ 19.889730] kasan_save_alloc_info+0x40/0x58 [ 19.889970] __kasan_kmalloc+0xd4/0xd8 [ 19.890032] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.890897] kasan_atomics+0xb8/0x2e0 [ 19.891044] kunit_try_run_case+0x170/0x3f0 [ 19.891104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.891160] kthread+0x328/0x630 [ 19.891311] ret_from_fork+0x10/0x20 [ 19.891561] [ 19.891600] The buggy address belongs to the object at fff00000c5210800 [ 19.891600] which belongs to the cache kmalloc-64 of size 64 [ 19.891946] The buggy address is located 0 bytes to the right of [ 19.891946] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.892074] [ 19.892123] The buggy address belongs to the physical page: [ 19.892158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.892430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.892562] page_type: f5(slab) [ 19.892734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.893146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.893394] page dumped because: kasan: bad access detected [ 19.893658] [ 19.893823] Memory state around the buggy address: [ 19.894149] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.894234] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.894374] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.894452] ^ [ 19.894603] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.894670] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.894845] ================================================================== [ 19.674348] ================================================================== [ 19.674547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.674611] Read of size 4 at addr fff00000c5210830 by task kunit_try_catch/274 [ 19.674665] [ 19.674699] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.675151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.675203] Hardware name: linux,dummy-virt (DT) [ 19.675990] Call trace: [ 19.676070] show_stack+0x20/0x38 (C) [ 19.676412] dump_stack_lvl+0x8c/0xd0 [ 19.676487] print_report+0x118/0x608 [ 19.676538] kasan_report+0xdc/0x128 [ 19.676879] __asan_report_load4_noabort+0x20/0x30 [ 19.677225] kasan_atomics_helper+0x3dd8/0x4858 [ 19.677303] kasan_atomics+0x198/0x2e0 [ 19.677479] kunit_try_run_case+0x170/0x3f0 [ 19.677813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.678041] kthread+0x328/0x630 [ 19.678098] ret_from_fork+0x10/0x20 [ 19.678150] [ 19.678180] Allocated by task 274: [ 19.678273] kasan_save_stack+0x3c/0x68 [ 19.678349] kasan_save_track+0x20/0x40 [ 19.678391] kasan_save_alloc_info+0x40/0x58 [ 19.678545] __kasan_kmalloc+0xd4/0xd8 [ 19.678727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.678816] kasan_atomics+0xb8/0x2e0 [ 19.679014] kunit_try_run_case+0x170/0x3f0 [ 19.679261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.679316] kthread+0x328/0x630 [ 19.679375] ret_from_fork+0x10/0x20 [ 19.679422] [ 19.679594] The buggy address belongs to the object at fff00000c5210800 [ 19.679594] which belongs to the cache kmalloc-64 of size 64 [ 19.680011] The buggy address is located 0 bytes to the right of [ 19.680011] allocated 48-byte region [fff00000c5210800, fff00000c5210830) [ 19.680488] [ 19.680690] The buggy address belongs to the physical page: [ 19.680741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105210 [ 19.681052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.681277] page_type: f5(slab) [ 19.681524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.681648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.681716] page dumped because: kasan: bad access detected [ 19.681791] [ 19.681853] Memory state around the buggy address: [ 19.682078] fff00000c5210700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.682318] fff00000c5210780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.682391] >fff00000c5210800: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.682581] ^ [ 19.682803] fff00000c5210880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.682896] fff00000c5210900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.683055] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.320034] ================================================================== [ 19.320089] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 19.320503] [ 19.320875] Call trace: [ 19.320898] show_stack+0x20/0x38 (C) [ 19.321535] kasan_report+0xdc/0x128 [ 19.321709] kasan_bitops_generic+0x110/0x1c8 [ 19.322893] [ 19.323093] kasan_save_track+0x20/0x40 [ 19.324250] The buggy address is located 8 bytes inside of [ 19.324250] allocated 9-byte region [fff00000c1193720, fff00000c1193729) [ 19.325869] ^ [ 19.327363] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.248311] ================================================================== [ 19.248358] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.248404] Read of size 1 at addr fff00000c5211590 by task kunit_try_catch/268 [ 19.248455] [ 19.248485] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.248573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.248603] Hardware name: linux,dummy-virt (DT) [ 19.248636] Call trace: [ 19.248659] show_stack+0x20/0x38 (C) [ 19.248707] dump_stack_lvl+0x8c/0xd0 [ 19.248756] print_report+0x118/0x608 [ 19.248803] kasan_report+0xdc/0x128 [ 19.248852] __asan_report_load1_noabort+0x20/0x30 [ 19.248901] strnlen+0x80/0x88 [ 19.248961] kasan_strings+0x478/0xb00 [ 19.249007] kunit_try_run_case+0x170/0x3f0 [ 19.249056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.249111] kthread+0x328/0x630 [ 19.249153] ret_from_fork+0x10/0x20 [ 19.249203] [ 19.249222] Allocated by task 268: [ 19.249251] kasan_save_stack+0x3c/0x68 [ 19.249294] kasan_save_track+0x20/0x40 [ 19.249334] kasan_save_alloc_info+0x40/0x58 [ 19.249373] __kasan_kmalloc+0xd4/0xd8 [ 19.249412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.249454] kasan_strings+0xc8/0xb00 [ 19.249491] kunit_try_run_case+0x170/0x3f0 [ 19.249532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.249581] kthread+0x328/0x630 [ 19.249615] ret_from_fork+0x10/0x20 [ 19.249652] [ 19.249673] Freed by task 268: [ 19.249700] kasan_save_stack+0x3c/0x68 [ 19.249740] kasan_save_track+0x20/0x40 [ 19.249781] kasan_save_free_info+0x4c/0x78 [ 19.249820] __kasan_slab_free+0x6c/0x98 [ 19.249861] kfree+0x214/0x3c8 [ 19.249896] kasan_strings+0x24c/0xb00 [ 19.249946] kunit_try_run_case+0x170/0x3f0 [ 19.250138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.250198] kthread+0x328/0x630 [ 19.250233] ret_from_fork+0x10/0x20 [ 19.250271] [ 19.250293] The buggy address belongs to the object at fff00000c5211580 [ 19.250293] which belongs to the cache kmalloc-32 of size 32 [ 19.250353] The buggy address is located 16 bytes inside of [ 19.250353] freed 32-byte region [fff00000c5211580, fff00000c52115a0) [ 19.250418] [ 19.250448] The buggy address belongs to the physical page: [ 19.250606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105211 [ 19.250683] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.250733] page_type: f5(slab) [ 19.250780] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.251031] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.251087] page dumped because: kasan: bad access detected [ 19.251120] [ 19.251141] Memory state around the buggy address: [ 19.251172] fff00000c5211480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.251217] fff00000c5211500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.251268] >fff00000c5211580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.262894] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.264268] kunit_try_run_case+0x170/0x3f0 [ 19.264850] Allocated by task 270: [ 19.265217] kasan_save_alloc_info+0x40/0x58 [ 19.265380] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.265694] kthread+0x328/0x630 [ 19.265920] The buggy address is located 8 bytes inside of [ 19.265920] allocated 9-byte region [fff00000c1193720, fff00000c1193729) [ 19.267165] fff00000c1193600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.269852] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.244757] ================================================================== [ 19.244890] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.245488] Read of size 1 at addr fff00000c5211590 by task kunit_try_catch/268 [ 19.245550] [ 19.245591] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.245679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.245708] Hardware name: linux,dummy-virt (DT) [ 19.245742] Call trace: [ 19.245767] show_stack+0x20/0x38 (C) [ 19.245821] dump_stack_lvl+0x8c/0xd0 [ 19.245870] print_report+0x118/0x608 [ 19.245919] kasan_report+0xdc/0x128 [ 19.245979] __asan_report_load1_noabort+0x20/0x30 [ 19.246036] strlen+0xa8/0xb0 [ 19.246081] kasan_strings+0x418/0xb00 [ 19.246130] kunit_try_run_case+0x170/0x3f0 [ 19.246180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.246236] kthread+0x328/0x630 [ 19.246281] ret_from_fork+0x10/0x20 [ 19.246331] [ 19.246351] Allocated by task 268: [ 19.246379] kasan_save_stack+0x3c/0x68 [ 19.246423] kasan_save_track+0x20/0x40 [ 19.246461] kasan_save_alloc_info+0x40/0x58 [ 19.246500] __kasan_kmalloc+0xd4/0xd8 [ 19.246539] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.246581] kasan_strings+0xc8/0xb00 [ 19.246617] kunit_try_run_case+0x170/0x3f0 [ 19.246657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.246703] kthread+0x328/0x630 [ 19.246738] ret_from_fork+0x10/0x20 [ 19.246775] [ 19.246794] Freed by task 268: [ 19.246823] kasan_save_stack+0x3c/0x68 [ 19.246861] kasan_save_track+0x20/0x40 [ 19.246900] kasan_save_free_info+0x4c/0x78 [ 19.246947] __kasan_slab_free+0x6c/0x98 [ 19.246988] kfree+0x214/0x3c8 [ 19.247022] kasan_strings+0x24c/0xb00 [ 19.247059] kunit_try_run_case+0x170/0x3f0 [ 19.247097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.247143] kthread+0x328/0x630 [ 19.247177] ret_from_fork+0x10/0x20 [ 19.247216] [ 19.247235] The buggy address belongs to the object at fff00000c5211580 [ 19.247235] which belongs to the cache kmalloc-32 of size 32 [ 19.247295] The buggy address is located 16 bytes inside of [ 19.247295] freed 32-byte region [fff00000c5211580, fff00000c52115a0) [ 19.247360] [ 19.247380] The buggy address belongs to the physical page: [ 19.247413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105211 [ 19.247468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.247519] page_type: f5(slab) [ 19.247560] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.247613] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.247657] page dumped because: kasan: bad access detected [ 19.247690] [ 19.247709] Memory state around the buggy address: [ 19.247742] fff00000c5211480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.247788] fff00000c5211500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.247835] >fff00000c5211580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.247874] ^ [ 19.247906] fff00000c5211600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.248062] fff00000c5211680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.248106] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.237257] ================================================================== [ 19.237313] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.237365] Read of size 1 at addr fff00000c5211590 by task kunit_try_catch/268 [ 19.237417] [ 19.237450] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.237729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.237883] Hardware name: linux,dummy-virt (DT) [ 19.238098] Call trace: [ 19.238243] show_stack+0x20/0x38 (C) [ 19.238442] dump_stack_lvl+0x8c/0xd0 [ 19.238744] print_report+0x118/0x608 [ 19.238797] kasan_report+0xdc/0x128 [ 19.238844] __asan_report_load1_noabort+0x20/0x30 [ 19.238894] kasan_strings+0x95c/0xb00 [ 19.238960] kunit_try_run_case+0x170/0x3f0 [ 19.239431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.239829] kthread+0x328/0x630 [ 19.239884] ret_from_fork+0x10/0x20 [ 19.240224] [ 19.240248] Allocated by task 268: [ 19.240375] kasan_save_stack+0x3c/0x68 [ 19.240479] kasan_save_track+0x20/0x40 [ 19.240543] kasan_save_alloc_info+0x40/0x58 [ 19.240698] __kasan_kmalloc+0xd4/0xd8 [ 19.240778] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.240920] kasan_strings+0xc8/0xb00 [ 19.241003] kunit_try_run_case+0x170/0x3f0 [ 19.241045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241092] kthread+0x328/0x630 [ 19.241127] ret_from_fork+0x10/0x20 [ 19.241204] [ 19.241229] Freed by task 268: [ 19.241643] kasan_save_stack+0x3c/0x68 [ 19.241844] kasan_save_track+0x20/0x40 [ 19.242117] kasan_save_free_info+0x4c/0x78 [ 19.242175] __kasan_slab_free+0x6c/0x98 [ 19.242215] kfree+0x214/0x3c8 [ 19.242252] kasan_strings+0x24c/0xb00 [ 19.242290] kunit_try_run_case+0x170/0x3f0 [ 19.242330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.242466] kthread+0x328/0x630 [ 19.242520] ret_from_fork+0x10/0x20 [ 19.242560] [ 19.242583] The buggy address belongs to the object at fff00000c5211580 [ 19.242583] which belongs to the cache kmalloc-32 of size 32 [ 19.242646] The buggy address is located 16 bytes inside of [ 19.242646] freed 32-byte region [fff00000c5211580, fff00000c52115a0) [ 19.242711] [ 19.242733] The buggy address belongs to the physical page: [ 19.242767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105211 [ 19.242823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.242898] page_type: f5(slab) [ 19.242952] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.243071] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.243167] page dumped because: kasan: bad access detected [ 19.243215] [ 19.243235] Memory state around the buggy address: [ 19.243271] fff00000c5211480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.243318] fff00000c5211500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.243403] >fff00000c5211580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.243491] ^ [ 19.243655] fff00000c5211600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.243867] fff00000c5211680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.243910] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.153885] ================================================================== [ 19.154138] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.154254] Read of size 1 at addr ffffa31870c6f64d by task kunit_try_catch/254 [ 19.154357] [ 19.154506] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.154628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.154657] Hardware name: linux,dummy-virt (DT) [ 19.154692] Call trace: [ 19.154963] show_stack+0x20/0x38 (C) [ 19.155026] dump_stack_lvl+0x8c/0xd0 [ 19.155172] print_report+0x310/0x608 [ 19.155279] kasan_report+0xdc/0x128 [ 19.155403] __asan_report_load1_noabort+0x20/0x30 [ 19.155487] kasan_global_oob_right+0x230/0x270 [ 19.155590] kunit_try_run_case+0x170/0x3f0 [ 19.155659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.155729] kthread+0x328/0x630 [ 19.156040] ret_from_fork+0x10/0x20 [ 19.156208] [ 19.156323] The buggy address belongs to the variable: [ 19.156359] global_array+0xd/0x40 [ 19.156473] [ 19.156640] The buggy address belongs to the virtual mapping at [ 19.156640] [ffffa3186ee30000, ffffa31870d21000) created by: [ 19.156640] paging_init+0x66c/0x7d0 [ 19.157341] [ 19.157552] The buggy address belongs to the physical page: [ 19.157635] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47c6f [ 19.157697] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.157778] raw: 03fffe0000002000 ffffc1ffc01f1bc8 ffffc1ffc01f1bc8 0000000000000000 [ 19.157854] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.157903] page dumped because: kasan: bad access detected [ 19.157960] [ 19.157981] Memory state around the buggy address: [ 19.158017] ffffa31870c6f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.158104] ffffa31870c6f580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.158423] >ffffa31870c6f600: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 19.158523] ^ [ 19.158562] ffffa31870c6f680: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 19.158645] ffffa31870c6f700: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 19.158689] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.132124] ================================================================== [ 19.132237] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.132322] Free of addr fff00000c4fd8b01 by task kunit_try_catch/250 [ 19.132386] [ 19.132433] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.132526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.132563] Hardware name: linux,dummy-virt (DT) [ 19.132692] Call trace: [ 19.132718] show_stack+0x20/0x38 (C) [ 19.132880] dump_stack_lvl+0x8c/0xd0 [ 19.132970] print_report+0x118/0x608 [ 19.133023] kasan_report_invalid_free+0xc0/0xe8 [ 19.133075] check_slab_allocation+0xfc/0x108 [ 19.133125] __kasan_mempool_poison_object+0x78/0x150 [ 19.133258] mempool_free+0x28c/0x328 [ 19.133401] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.133510] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.133565] kunit_try_run_case+0x170/0x3f0 [ 19.133648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.133724] kthread+0x328/0x630 [ 19.133768] ret_from_fork+0x10/0x20 [ 19.133820] [ 19.133837] Allocated by task 250: [ 19.133878] kasan_save_stack+0x3c/0x68 [ 19.134005] kasan_save_track+0x20/0x40 [ 19.134143] kasan_save_alloc_info+0x40/0x58 [ 19.134320] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.134409] remove_element+0x130/0x1f8 [ 19.134516] mempool_alloc_preallocated+0x58/0xc0 [ 19.134591] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 19.134637] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.134677] kunit_try_run_case+0x170/0x3f0 [ 19.134852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.134900] kthread+0x328/0x630 [ 19.135084] ret_from_fork+0x10/0x20 [ 19.135167] [ 19.135244] The buggy address belongs to the object at fff00000c4fd8b00 [ 19.135244] which belongs to the cache kmalloc-128 of size 128 [ 19.135333] The buggy address is located 1 bytes inside of [ 19.135333] 128-byte region [fff00000c4fd8b00, fff00000c4fd8b80) [ 19.135410] [ 19.135480] The buggy address belongs to the physical page: [ 19.135541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104fd8 [ 19.135641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.135729] page_type: f5(slab) [ 19.135772] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.136148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.136270] page dumped because: kasan: bad access detected [ 19.136332] [ 19.136389] Memory state around the buggy address: [ 19.136441] fff00000c4fd8a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.136603] fff00000c4fd8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.136880] >fff00000c4fd8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.137011] ^ [ 19.137081] fff00000c4fd8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.137196] fff00000c4fd8c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.137263] ================================================================== [ 19.143713] ================================================================== [ 19.143811] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.143872] Free of addr fff00000c5254001 by task kunit_try_catch/252 [ 19.143947] [ 19.143993] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.144104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.144148] Hardware name: linux,dummy-virt (DT) [ 19.144202] Call trace: [ 19.144225] show_stack+0x20/0x38 (C) [ 19.144293] dump_stack_lvl+0x8c/0xd0 [ 19.144346] print_report+0x118/0x608 [ 19.144590] kasan_report_invalid_free+0xc0/0xe8 [ 19.144710] __kasan_mempool_poison_object+0xfc/0x150 [ 19.144794] mempool_free+0x28c/0x328 [ 19.144852] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.144917] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.145178] kunit_try_run_case+0x170/0x3f0 [ 19.145278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.145374] kthread+0x328/0x630 [ 19.145419] ret_from_fork+0x10/0x20 [ 19.145486] [ 19.145531] The buggy address belongs to the physical page: [ 19.145592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105254 [ 19.145652] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.145701] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.145756] page_type: f8(unknown) [ 19.146013] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.146208] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.146294] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.146353] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.146462] head: 0bfffe0000000002 ffffc1ffc3149501 00000000ffffffff 00000000ffffffff [ 19.146513] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.146555] page dumped because: kasan: bad access detected [ 19.146587] [ 19.146605] Memory state around the buggy address: [ 19.146638] fff00000c5253f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.146683] fff00000c5253f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.146725] >fff00000c5254000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.146803] ^ [ 19.147016] fff00000c5254080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.147088] fff00000c5254100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.147157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.229288] ================================================================== [ 19.229350] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.229411] Read of size 1 at addr fff00000c5211590 by task kunit_try_catch/268 [ 19.229464] [ 19.229502] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.229658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.229900] Hardware name: linux,dummy-virt (DT) [ 19.230304] Call trace: [ 19.230460] show_stack+0x20/0x38 (C) [ 19.230527] dump_stack_lvl+0x8c/0xd0 [ 19.230578] print_report+0x118/0x608 [ 19.230631] kasan_report+0xdc/0x128 [ 19.230680] __asan_report_load1_noabort+0x20/0x30 [ 19.230729] strcmp+0xc0/0xc8 [ 19.230797] kasan_strings+0x340/0xb00 [ 19.230873] kunit_try_run_case+0x170/0x3f0 [ 19.231331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.231484] kthread+0x328/0x630 [ 19.231551] ret_from_fork+0x10/0x20 [ 19.231703] [ 19.231732] Allocated by task 268: [ 19.231763] kasan_save_stack+0x3c/0x68 [ 19.232030] kasan_save_track+0x20/0x40 [ 19.232120] kasan_save_alloc_info+0x40/0x58 [ 19.232210] __kasan_kmalloc+0xd4/0xd8 [ 19.232253] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.232298] kasan_strings+0xc8/0xb00 [ 19.232337] kunit_try_run_case+0x170/0x3f0 [ 19.232378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.232424] kthread+0x328/0x630 [ 19.232470] ret_from_fork+0x10/0x20 [ 19.232509] [ 19.232531] Freed by task 268: [ 19.232660] kasan_save_stack+0x3c/0x68 [ 19.232702] kasan_save_track+0x20/0x40 [ 19.232742] kasan_save_free_info+0x4c/0x78 [ 19.232780] __kasan_slab_free+0x6c/0x98 [ 19.233280] kfree+0x214/0x3c8 [ 19.233320] kasan_strings+0x24c/0xb00 [ 19.233360] kunit_try_run_case+0x170/0x3f0 [ 19.233401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233852] kthread+0x328/0x630 [ 19.233954] ret_from_fork+0x10/0x20 [ 19.234056] [ 19.234084] The buggy address belongs to the object at fff00000c5211580 [ 19.234084] which belongs to the cache kmalloc-32 of size 32 [ 19.234303] The buggy address is located 16 bytes inside of [ 19.234303] freed 32-byte region [fff00000c5211580, fff00000c52115a0) [ 19.234462] [ 19.234494] The buggy address belongs to the physical page: [ 19.234580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105211 [ 19.234639] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.234691] page_type: f5(slab) [ 19.234735] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.234790] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.234835] page dumped because: kasan: bad access detected [ 19.234880] [ 19.234945] Memory state around the buggy address: [ 19.234980] fff00000c5211480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.235061] fff00000c5211500: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.235107] >fff00000c5211580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.235536] ^ [ 19.235788] fff00000c5211600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.235961] fff00000c5211680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.236004] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.208822] ================================================================== [ 19.208886] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.208963] Read of size 1 at addr fff00000c52113d8 by task kunit_try_catch/266 [ 19.209021] [ 19.209060] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.209153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.209183] Hardware name: linux,dummy-virt (DT) [ 19.209229] Call trace: [ 19.209253] show_stack+0x20/0x38 (C) [ 19.209332] dump_stack_lvl+0x8c/0xd0 [ 19.209392] print_report+0x118/0x608 [ 19.209480] kasan_report+0xdc/0x128 [ 19.209529] __asan_report_load1_noabort+0x20/0x30 [ 19.209588] memcmp+0x198/0x1d8 [ 19.209642] kasan_memcmp+0x16c/0x300 [ 19.209856] kunit_try_run_case+0x170/0x3f0 [ 19.209945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.210180] kthread+0x328/0x630 [ 19.210329] ret_from_fork+0x10/0x20 [ 19.210378] [ 19.210404] Allocated by task 266: [ 19.210526] kasan_save_stack+0x3c/0x68 [ 19.210594] kasan_save_track+0x20/0x40 [ 19.210722] kasan_save_alloc_info+0x40/0x58 [ 19.210800] __kasan_kmalloc+0xd4/0xd8 [ 19.210839] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.210884] kasan_memcmp+0xbc/0x300 [ 19.210921] kunit_try_run_case+0x170/0x3f0 [ 19.211425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.211708] kthread+0x328/0x630 [ 19.211744] ret_from_fork+0x10/0x20 [ 19.211898] [ 19.211972] The buggy address belongs to the object at fff00000c52113c0 [ 19.211972] which belongs to the cache kmalloc-32 of size 32 [ 19.212288] The buggy address is located 0 bytes to the right of [ 19.212288] allocated 24-byte region [fff00000c52113c0, fff00000c52113d8) [ 19.212356] [ 19.212382] The buggy address belongs to the physical page: [ 19.212414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105211 [ 19.212742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.212909] page_type: f5(slab) [ 19.213060] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.213170] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.213221] page dumped because: kasan: bad access detected [ 19.213343] [ 19.213365] Memory state around the buggy address: [ 19.213398] fff00000c5211280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.213507] fff00000c5211300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.213555] >fff00000c5211380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.213602] ^ [ 19.213700] fff00000c5211400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.213907] fff00000c5211480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214291] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.191520] ================================================================== [ 19.191600] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.192015] Read of size 1 at addr ffff800080a57b4a by task kunit_try_catch/262 [ 19.192112] [ 19.192156] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.192250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.192279] Hardware name: linux,dummy-virt (DT) [ 19.192313] Call trace: [ 19.192339] show_stack+0x20/0x38 (C) [ 19.192553] dump_stack_lvl+0x8c/0xd0 [ 19.192720] print_report+0x310/0x608 [ 19.192783] kasan_report+0xdc/0x128 [ 19.192840] __asan_report_load1_noabort+0x20/0x30 [ 19.192895] kasan_alloca_oob_right+0x2dc/0x340 [ 19.192992] kunit_try_run_case+0x170/0x3f0 [ 19.193046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.193102] kthread+0x328/0x630 [ 19.193147] ret_from_fork+0x10/0x20 [ 19.193291] [ 19.193406] The buggy address belongs to stack of task kunit_try_catch/262 [ 19.193576] [ 19.193613] The buggy address belongs to the virtual mapping at [ 19.193613] [ffff800080a50000, ffff800080a59000) created by: [ 19.193613] kernel_clone+0x150/0x7a8 [ 19.193708] [ 19.193741] The buggy address belongs to the physical page: [ 19.193795] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050af [ 19.193871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.194136] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.194278] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.194358] page dumped because: kasan: bad access detected [ 19.194430] [ 19.194496] Memory state around the buggy address: [ 19.194592] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.194681] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.194768] >ffff800080a57b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.194809] ^ [ 19.194979] ffff800080a57b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.195027] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.195215] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.183168] ================================================================== [ 19.183268] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.183338] Read of size 1 at addr ffff800080a57b5f by task kunit_try_catch/260 [ 19.183393] [ 19.183546] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.183838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.183892] Hardware name: linux,dummy-virt (DT) [ 19.183947] Call trace: [ 19.183983] show_stack+0x20/0x38 (C) [ 19.184042] dump_stack_lvl+0x8c/0xd0 [ 19.184105] print_report+0x310/0x608 [ 19.184157] kasan_report+0xdc/0x128 [ 19.184207] __asan_report_load1_noabort+0x20/0x30 [ 19.184262] kasan_alloca_oob_left+0x2b8/0x310 [ 19.184316] kunit_try_run_case+0x170/0x3f0 [ 19.184367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.184424] kthread+0x328/0x630 [ 19.184468] ret_from_fork+0x10/0x20 [ 19.184521] [ 19.184546] The buggy address belongs to stack of task kunit_try_catch/260 [ 19.184637] [ 19.184670] The buggy address belongs to the virtual mapping at [ 19.184670] [ffff800080a50000, ffff800080a59000) created by: [ 19.184670] kernel_clone+0x150/0x7a8 [ 19.184754] [ 19.184778] The buggy address belongs to the physical page: [ 19.184815] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050af [ 19.184875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.184962] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.185017] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.185062] page dumped because: kasan: bad access detected [ 19.185096] [ 19.185117] Memory state around the buggy address: [ 19.185152] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.185198] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.185246] >ffff800080a57b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.185759] ^ [ 19.185846] ffff800080a57b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.185903] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.185960] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.171591] ================================================================== [ 19.171692] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.171762] Read of size 1 at addr ffff800080a57c2a by task kunit_try_catch/258 [ 19.171818] [ 19.171856] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.171978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.172009] Hardware name: linux,dummy-virt (DT) [ 19.172045] Call trace: [ 19.172074] show_stack+0x20/0x38 (C) [ 19.172128] dump_stack_lvl+0x8c/0xd0 [ 19.172192] print_report+0x310/0x608 [ 19.172245] kasan_report+0xdc/0x128 [ 19.172294] __asan_report_load1_noabort+0x20/0x30 [ 19.172353] kasan_stack_oob+0x238/0x270 [ 19.172402] kunit_try_run_case+0x170/0x3f0 [ 19.172454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.172512] kthread+0x328/0x630 [ 19.172568] ret_from_fork+0x10/0x20 [ 19.172621] [ 19.172681] The buggy address belongs to stack of task kunit_try_catch/258 [ 19.172811] and is located at offset 138 in frame: [ 19.172851] kasan_stack_oob+0x0/0x270 [ 19.172991] [ 19.173025] This frame has 4 objects: [ 19.173117] [48, 49) '__assertion' [ 19.173154] [64, 72) 'array' [ 19.173188] [96, 112) '__assertion' [ 19.173234] [128, 138) 'stack_array' [ 19.173633] [ 19.173688] The buggy address belongs to the virtual mapping at [ 19.173688] [ffff800080a50000, ffff800080a59000) created by: [ 19.173688] kernel_clone+0x150/0x7a8 [ 19.173778] [ 19.173821] The buggy address belongs to the physical page: [ 19.173859] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050af [ 19.173937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.174006] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.174104] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.174308] page dumped because: kasan: bad access detected [ 19.174375] [ 19.174415] Memory state around the buggy address: [ 19.174453] ffff800080a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.174522] ffff800080a57b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.174588] >ffff800080a57c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.174692] ^ [ 19.174763] ffff800080a57c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.174883] ffff800080a57d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.174961] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.092483] ================================================================== [ 19.092562] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.092639] Read of size 1 at addr fff00000c5250000 by task kunit_try_catch/242 [ 19.092692] [ 19.092734] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.092826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.092854] Hardware name: linux,dummy-virt (DT) [ 19.092889] Call trace: [ 19.092916] show_stack+0x20/0x38 (C) [ 19.092989] dump_stack_lvl+0x8c/0xd0 [ 19.093042] print_report+0x118/0x608 [ 19.093092] kasan_report+0xdc/0x128 [ 19.093139] __asan_report_load1_noabort+0x20/0x30 [ 19.093187] mempool_uaf_helper+0x314/0x340 [ 19.093235] mempool_page_alloc_uaf+0xc0/0x118 [ 19.093284] kunit_try_run_case+0x170/0x3f0 [ 19.093335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.093388] kthread+0x328/0x630 [ 19.093433] ret_from_fork+0x10/0x20 [ 19.093484] [ 19.093507] The buggy address belongs to the physical page: [ 19.093541] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105250 [ 19.093603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.093672] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.093723] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.093767] page dumped because: kasan: bad access detected [ 19.093799] [ 19.093817] Memory state around the buggy address: [ 19.093850] fff00000c524ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.093894] fff00000c524ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.093946] >fff00000c5250000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.093985] ^ [ 19.094013] fff00000c5250080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.094074] fff00000c5250100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.094115] ================================================================== [ 19.015149] ================================================================== [ 19.015224] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.015294] Read of size 1 at addr fff00000c5250000 by task kunit_try_catch/238 [ 19.016794] [ 19.017241] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.017458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.017585] Hardware name: linux,dummy-virt (DT) [ 19.017886] Call trace: [ 19.017986] show_stack+0x20/0x38 (C) [ 19.018273] dump_stack_lvl+0x8c/0xd0 [ 19.018364] print_report+0x118/0x608 [ 19.018417] kasan_report+0xdc/0x128 [ 19.018587] __asan_report_load1_noabort+0x20/0x30 [ 19.018649] mempool_uaf_helper+0x314/0x340 [ 19.018698] mempool_kmalloc_large_uaf+0xc4/0x120 [ 19.019159] kunit_try_run_case+0x170/0x3f0 [ 19.019216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.019268] kthread+0x328/0x630 [ 19.019310] ret_from_fork+0x10/0x20 [ 19.019692] [ 19.019720] The buggy address belongs to the physical page: [ 19.019755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105250 [ 19.020338] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.020540] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.020691] page_type: f8(unknown) [ 19.020737] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.020862] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.021130] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.021233] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.021282] head: 0bfffe0000000002 ffffc1ffc3149401 00000000ffffffff 00000000ffffffff [ 19.021807] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.022068] page dumped because: kasan: bad access detected [ 19.022107] [ 19.022259] Memory state around the buggy address: [ 19.022308] fff00000c524ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.022356] fff00000c524ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.022400] >fff00000c5250000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.022459] ^ [ 19.022490] fff00000c5250080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.022981] fff00000c5250100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.023157] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.989467] ================================================================== [ 18.989548] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.989643] Read of size 1 at addr fff00000c4fd8300 by task kunit_try_catch/236 [ 18.989696] [ 18.989739] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 18.989832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.989864] Hardware name: linux,dummy-virt (DT) [ 18.989899] Call trace: [ 18.989938] show_stack+0x20/0x38 (C) [ 18.989992] dump_stack_lvl+0x8c/0xd0 [ 18.990060] print_report+0x118/0x608 [ 18.990110] kasan_report+0xdc/0x128 [ 18.990157] __asan_report_load1_noabort+0x20/0x30 [ 18.990207] mempool_uaf_helper+0x314/0x340 [ 18.990254] mempool_kmalloc_uaf+0xc4/0x120 [ 18.990301] kunit_try_run_case+0x170/0x3f0 [ 18.990353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.990407] kthread+0x328/0x630 [ 18.990466] ret_from_fork+0x10/0x20 [ 18.990517] [ 18.990536] Allocated by task 236: [ 18.990566] kasan_save_stack+0x3c/0x68 [ 18.990609] kasan_save_track+0x20/0x40 [ 18.990648] kasan_save_alloc_info+0x40/0x58 [ 18.990684] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.990729] remove_element+0x130/0x1f8 [ 18.990769] mempool_alloc_preallocated+0x58/0xc0 [ 18.990809] mempool_uaf_helper+0xa4/0x340 [ 18.990846] mempool_kmalloc_uaf+0xc4/0x120 [ 18.990885] kunit_try_run_case+0x170/0x3f0 [ 18.990922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.990984] kthread+0x328/0x630 [ 18.991016] ret_from_fork+0x10/0x20 [ 18.991053] [ 18.991073] Freed by task 236: [ 18.991099] kasan_save_stack+0x3c/0x68 [ 18.991136] kasan_save_track+0x20/0x40 [ 18.991174] kasan_save_free_info+0x4c/0x78 [ 18.991210] __kasan_mempool_poison_object+0xc0/0x150 [ 18.991253] mempool_free+0x28c/0x328 [ 18.991287] mempool_uaf_helper+0x104/0x340 [ 18.991325] mempool_kmalloc_uaf+0xc4/0x120 [ 18.991364] kunit_try_run_case+0x170/0x3f0 [ 18.991401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.991446] kthread+0x328/0x630 [ 18.991478] ret_from_fork+0x10/0x20 [ 18.991515] [ 18.991534] The buggy address belongs to the object at fff00000c4fd8300 [ 18.991534] which belongs to the cache kmalloc-128 of size 128 [ 18.991595] The buggy address is located 0 bytes inside of [ 18.991595] freed 128-byte region [fff00000c4fd8300, fff00000c4fd8380) [ 18.991658] [ 18.991679] The buggy address belongs to the physical page: [ 18.991714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104fd8 [ 18.991770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.991822] page_type: f5(slab) [ 18.991865] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.991915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.991967] page dumped because: kasan: bad access detected [ 18.991999] [ 18.992017] Memory state around the buggy address: [ 18.992049] fff00000c4fd8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.992093] fff00000c4fd8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.992137] >fff00000c4fd8300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.992176] ^ [ 18.992203] fff00000c4fd8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.992247] fff00000c4fd8400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.992287] ================================================================== [ 19.043339] ================================================================== [ 19.043846] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.043950] Read of size 1 at addr fff00000c5227240 by task kunit_try_catch/240 [ 19.044003] [ 19.044045] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 19.044138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.044164] Hardware name: linux,dummy-virt (DT) [ 19.044197] Call trace: [ 19.044220] show_stack+0x20/0x38 (C) [ 19.044272] dump_stack_lvl+0x8c/0xd0 [ 19.046033] print_report+0x118/0x608 [ 19.046699] kasan_report+0xdc/0x128 [ 19.046759] __asan_report_load1_noabort+0x20/0x30 [ 19.046810] mempool_uaf_helper+0x314/0x340 [ 19.047176] mempool_slab_uaf+0xc0/0x118 [ 19.047606] kunit_try_run_case+0x170/0x3f0 [ 19.047661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.047717] kthread+0x328/0x630 [ 19.047760] ret_from_fork+0x10/0x20 [ 19.047811] [ 19.047833] Allocated by task 240: [ 19.049179] kasan_save_stack+0x3c/0x68 [ 19.049591] kasan_save_track+0x20/0x40 [ 19.050093] kasan_save_alloc_info+0x40/0x58 [ 19.050512] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.050807] remove_element+0x16c/0x1f8 [ 19.050856] mempool_alloc_preallocated+0x58/0xc0 [ 19.050900] mempool_uaf_helper+0xa4/0x340 [ 19.051547] mempool_slab_uaf+0xc0/0x118 [ 19.052103] kunit_try_run_case+0x170/0x3f0 [ 19.052388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.052746] kthread+0x328/0x630 [ 19.053130] ret_from_fork+0x10/0x20 [ 19.053414] [ 19.053563] Freed by task 240: [ 19.053602] kasan_save_stack+0x3c/0x68 [ 19.053951] kasan_save_track+0x20/0x40 [ 19.054000] kasan_save_free_info+0x4c/0x78 [ 19.054618] __kasan_mempool_poison_object+0xc0/0x150 [ 19.054672] mempool_free+0x28c/0x328 [ 19.054921] mempool_uaf_helper+0x104/0x340 [ 19.055000] mempool_slab_uaf+0xc0/0x118 [ 19.055841] kunit_try_run_case+0x170/0x3f0 [ 19.055940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.055986] kthread+0x328/0x630 [ 19.056743] ret_from_fork+0x10/0x20 [ 19.056999] [ 19.057036] The buggy address belongs to the object at fff00000c5227240 [ 19.057036] which belongs to the cache test_cache of size 123 [ 19.057590] The buggy address is located 0 bytes inside of [ 19.057590] freed 123-byte region [fff00000c5227240, fff00000c52272bb) [ 19.058182] [ 19.058209] The buggy address belongs to the physical page: [ 19.058246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105227 [ 19.058307] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.059276] page_type: f5(slab) [ 19.059535] raw: 0bfffe0000000000 fff00000c115db40 dead000000000122 0000000000000000 [ 19.059589] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.060519] page dumped because: kasan: bad access detected [ 19.060808] [ 19.061073] Memory state around the buggy address: [ 19.061226] fff00000c5227100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.061506] fff00000c5227180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.061956] >fff00000c5227200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.062734] ^ [ 19.062823] fff00000c5227280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.063317] fff00000c5227300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.063815] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.897102] ================================================================== [ 18.897183] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.897267] Read of size 1 at addr fff00000c748af73 by task kunit_try_catch/230 [ 18.897319] [ 18.897361] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 18.897454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897482] Hardware name: linux,dummy-virt (DT) [ 18.897515] Call trace: [ 18.897540] show_stack+0x20/0x38 (C) [ 18.897602] dump_stack_lvl+0x8c/0xd0 [ 18.897653] print_report+0x118/0x608 [ 18.897703] kasan_report+0xdc/0x128 [ 18.897748] __asan_report_load1_noabort+0x20/0x30 [ 18.897796] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.897846] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.897895] kunit_try_run_case+0x170/0x3f0 [ 18.897959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.898015] kthread+0x328/0x630 [ 18.898271] ret_from_fork+0x10/0x20 [ 18.898332] [ 18.898351] Allocated by task 230: [ 18.898383] kasan_save_stack+0x3c/0x68 [ 18.898426] kasan_save_track+0x20/0x40 [ 18.898465] kasan_save_alloc_info+0x40/0x58 [ 18.898502] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.898547] remove_element+0x130/0x1f8 [ 18.898585] mempool_alloc_preallocated+0x58/0xc0 [ 18.898626] mempool_oob_right_helper+0x98/0x2f0 [ 18.898666] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.898707] kunit_try_run_case+0x170/0x3f0 [ 18.898745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.898789] kthread+0x328/0x630 [ 18.898822] ret_from_fork+0x10/0x20 [ 18.898859] [ 18.898879] The buggy address belongs to the object at fff00000c748af00 [ 18.898879] which belongs to the cache kmalloc-128 of size 128 [ 18.898956] The buggy address is located 0 bytes to the right of [ 18.898956] allocated 115-byte region [fff00000c748af00, fff00000c748af73) [ 18.899023] [ 18.899045] The buggy address belongs to the physical page: [ 18.899081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 18.899138] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.899191] page_type: f5(slab) [ 18.899236] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.899289] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 18.899331] page dumped because: kasan: bad access detected [ 18.899365] [ 18.899383] Memory state around the buggy address: [ 18.899419] fff00000c748ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.899463] fff00000c748ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.899510] >fff00000c748af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.899551] ^ [ 18.899594] fff00000c748af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.899637] fff00000c748b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.899677] ================================================================== [ 18.916875] ================================================================== [ 18.922319] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.922405] Read of size 1 at addr fff00000c52242bb by task kunit_try_catch/234 [ 18.922458] [ 18.922496] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 18.923110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.923485] Hardware name: linux,dummy-virt (DT) [ 18.924006] Call trace: [ 18.924042] show_stack+0x20/0x38 (C) [ 18.924099] dump_stack_lvl+0x8c/0xd0 [ 18.924151] print_report+0x118/0x608 [ 18.924200] kasan_report+0xdc/0x128 [ 18.924247] __asan_report_load1_noabort+0x20/0x30 [ 18.924296] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.924345] mempool_slab_oob_right+0xc0/0x118 [ 18.924393] kunit_try_run_case+0x170/0x3f0 [ 18.925808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.926157] kthread+0x328/0x630 [ 18.926250] ret_from_fork+0x10/0x20 [ 18.926823] [ 18.926913] Allocated by task 234: [ 18.927133] kasan_save_stack+0x3c/0x68 [ 18.927348] kasan_save_track+0x20/0x40 [ 18.927392] kasan_save_alloc_info+0x40/0x58 [ 18.927431] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.928364] remove_element+0x16c/0x1f8 [ 18.928692] mempool_alloc_preallocated+0x58/0xc0 [ 18.928748] mempool_oob_right_helper+0x98/0x2f0 [ 18.929017] mempool_slab_oob_right+0xc0/0x118 [ 18.929395] kunit_try_run_case+0x170/0x3f0 [ 18.929939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.929998] kthread+0x328/0x630 [ 18.930250] ret_from_fork+0x10/0x20 [ 18.930752] [ 18.930782] The buggy address belongs to the object at fff00000c5224240 [ 18.930782] which belongs to the cache test_cache of size 123 [ 18.930978] The buggy address is located 0 bytes to the right of [ 18.930978] allocated 123-byte region [fff00000c5224240, fff00000c52242bb) [ 18.931151] [ 18.931190] The buggy address belongs to the physical page: [ 18.931223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105224 [ 18.931283] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.932047] page_type: f5(slab) [ 18.932106] raw: 0bfffe0000000000 fff00000c115da00 dead000000000122 0000000000000000 [ 18.932597] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.932840] page dumped because: kasan: bad access detected [ 18.933211] [ 18.933398] Memory state around the buggy address: [ 18.933518] fff00000c5224180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.933847] fff00000c5224200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.933907] >fff00000c5224280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.933956] ^ [ 18.933993] fff00000c5224300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.934035] fff00000c5224380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.934075] ================================================================== [ 18.905371] ================================================================== [ 18.905430] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.905488] Read of size 1 at addr fff00000c5252001 by task kunit_try_catch/232 [ 18.905538] [ 18.905578] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 18.905669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.905697] Hardware name: linux,dummy-virt (DT) [ 18.905746] Call trace: [ 18.905771] show_stack+0x20/0x38 (C) [ 18.905823] dump_stack_lvl+0x8c/0xd0 [ 18.905922] print_report+0x118/0x608 [ 18.905990] kasan_report+0xdc/0x128 [ 18.906034] __asan_report_load1_noabort+0x20/0x30 [ 18.906096] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.906215] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.906342] kunit_try_run_case+0x170/0x3f0 [ 18.906392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.906444] kthread+0x328/0x630 [ 18.906498] ret_from_fork+0x10/0x20 [ 18.906658] [ 18.906723] The buggy address belongs to the physical page: [ 18.906794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105250 [ 18.906852] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.906899] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.907002] page_type: f8(unknown) [ 18.907058] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.907109] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.907176] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.907225] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.907275] head: 0bfffe0000000002 ffffc1ffc3149401 00000000ffffffff 00000000ffffffff [ 18.907324] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.907364] page dumped because: kasan: bad access detected [ 18.907396] [ 18.907414] Memory state around the buggy address: [ 18.907445] fff00000c5251f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.907488] fff00000c5251f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.907532] >fff00000c5252000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.907571] ^ [ 18.907600] fff00000c5252080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.907643] fff00000c5252100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.907682] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.345616] ================================================================== [ 18.345714] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.345807] Read of size 1 at addr fff00000c5a8f500 by task kunit_try_catch/224 [ 18.345861] [ 18.345906] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 18.346016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.346084] Hardware name: linux,dummy-virt (DT) [ 18.346121] Call trace: [ 18.346173] show_stack+0x20/0x38 (C) [ 18.346236] dump_stack_lvl+0x8c/0xd0 [ 18.346287] print_report+0x118/0x608 [ 18.346337] kasan_report+0xdc/0x128 [ 18.346384] __kasan_check_byte+0x54/0x70 [ 18.346432] kmem_cache_destroy+0x34/0x218 [ 18.346480] kmem_cache_double_destroy+0x174/0x300 [ 18.346530] kunit_try_run_case+0x170/0x3f0 [ 18.346582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.346633] kthread+0x328/0x630 [ 18.346679] ret_from_fork+0x10/0x20 [ 18.346729] [ 18.346747] Allocated by task 224: [ 18.346780] kasan_save_stack+0x3c/0x68 [ 18.346822] kasan_save_track+0x20/0x40 [ 18.346862] kasan_save_alloc_info+0x40/0x58 [ 18.346901] __kasan_slab_alloc+0xa8/0xb0 [ 18.346950] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.346994] __kmem_cache_create_args+0x178/0x280 [ 18.347033] kmem_cache_double_destroy+0xc0/0x300 [ 18.347073] kunit_try_run_case+0x170/0x3f0 [ 18.347112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.347155] kthread+0x328/0x630 [ 18.347189] ret_from_fork+0x10/0x20 [ 18.347225] [ 18.347243] Freed by task 224: [ 18.347271] kasan_save_stack+0x3c/0x68 [ 18.347308] kasan_save_track+0x20/0x40 [ 18.347346] kasan_save_free_info+0x4c/0x78 [ 18.347382] __kasan_slab_free+0x6c/0x98 [ 18.347420] kmem_cache_free+0x260/0x468 [ 18.347457] slab_kmem_cache_release+0x38/0x50 [ 18.347497] kmem_cache_release+0x1c/0x30 [ 18.347534] kobject_put+0x17c/0x420 [ 18.347570] sysfs_slab_release+0x1c/0x30 [ 18.347607] kmem_cache_destroy+0x118/0x218 [ 18.347647] kmem_cache_double_destroy+0x128/0x300 [ 18.347686] kunit_try_run_case+0x170/0x3f0 [ 18.347723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.347769] kthread+0x328/0x630 [ 18.347801] ret_from_fork+0x10/0x20 [ 18.347839] [ 18.347858] The buggy address belongs to the object at fff00000c5a8f500 [ 18.347858] which belongs to the cache kmem_cache of size 208 [ 18.347918] The buggy address is located 0 bytes inside of [ 18.347918] freed 208-byte region [fff00000c5a8f500, fff00000c5a8f5d0) [ 18.347990] [ 18.348014] The buggy address belongs to the physical page: [ 18.348049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8f [ 18.348107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.348163] page_type: f5(slab) [ 18.348208] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.348260] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.348303] page dumped because: kasan: bad access detected [ 18.348337] [ 18.348355] Memory state around the buggy address: [ 18.348390] fff00000c5a8f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.348434] fff00000c5a8f480: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348478] >fff00000c5a8f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.348518] ^ [ 18.348545] fff00000c5a8f580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.348589] fff00000c5a8f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348627] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.111205] ================================================================== [ 18.111309] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.111395] Read of size 1 at addr fff00000c507c000 by task kunit_try_catch/222 [ 18.111450] [ 18.111496] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 18.111589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.111617] Hardware name: linux,dummy-virt (DT) [ 18.111652] Call trace: [ 18.111679] show_stack+0x20/0x38 (C) [ 18.111733] dump_stack_lvl+0x8c/0xd0 [ 18.111786] print_report+0x118/0x608 [ 18.111836] kasan_report+0xdc/0x128 [ 18.111883] __asan_report_load1_noabort+0x20/0x30 [ 18.111949] kmem_cache_rcu_uaf+0x388/0x468 [ 18.112000] kunit_try_run_case+0x170/0x3f0 [ 18.112054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.112108] kthread+0x328/0x630 [ 18.112153] ret_from_fork+0x10/0x20 [ 18.112203] [ 18.112222] Allocated by task 222: [ 18.112256] kasan_save_stack+0x3c/0x68 [ 18.112299] kasan_save_track+0x20/0x40 [ 18.112337] kasan_save_alloc_info+0x40/0x58 [ 18.112375] __kasan_slab_alloc+0xa8/0xb0 [ 18.112413] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.112454] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.112492] kunit_try_run_case+0x170/0x3f0 [ 18.112529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.112573] kthread+0x328/0x630 [ 18.112606] ret_from_fork+0x10/0x20 [ 18.112642] [ 18.112660] Freed by task 0: [ 18.112687] kasan_save_stack+0x3c/0x68 [ 18.112723] kasan_save_track+0x20/0x40 [ 18.112761] kasan_save_free_info+0x4c/0x78 [ 18.112796] __kasan_slab_free+0x6c/0x98 [ 18.112834] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.112874] rcu_core+0x9f4/0x1e20 [ 18.112913] rcu_core_si+0x18/0x30 [ 18.115987] handle_softirqs+0x374/0xb28 [ 18.116033] __do_softirq+0x1c/0x28 [ 18.116071] [ 18.116092] Last potentially related work creation: [ 18.116120] kasan_save_stack+0x3c/0x68 [ 18.116160] kasan_record_aux_stack+0xb4/0xc8 [ 18.116198] kmem_cache_free+0x120/0x468 [ 18.116238] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.116277] kunit_try_run_case+0x170/0x3f0 [ 18.116314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.116358] kthread+0x328/0x630 [ 18.116391] ret_from_fork+0x10/0x20 [ 18.116427] [ 18.116447] The buggy address belongs to the object at fff00000c507c000 [ 18.116447] which belongs to the cache test_cache of size 200 [ 18.116510] The buggy address is located 0 bytes inside of [ 18.116510] freed 200-byte region [fff00000c507c000, fff00000c507c0c8) [ 18.116574] [ 18.116597] The buggy address belongs to the physical page: [ 18.116632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10507c [ 18.116692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.116745] page_type: f5(slab) [ 18.116788] raw: 0bfffe0000000000 fff00000c115d8c0 dead000000000122 0000000000000000 [ 18.116840] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.116883] page dumped because: kasan: bad access detected [ 18.116916] [ 18.116942] Memory state around the buggy address: [ 18.117021] fff00000c507bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117102] fff00000c507bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117225] >fff00000c507c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.117283] ^ [ 18.117331] fff00000c507c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.117375] fff00000c507c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117427] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.794538] ================================================================== [ 17.794643] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.794958] Free of addr fff00000c507a001 by task kunit_try_catch/220 [ 17.795223] [ 17.795464] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.795991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.796220] Hardware name: linux,dummy-virt (DT) [ 17.796461] Call trace: [ 17.796732] show_stack+0x20/0x38 (C) [ 17.796920] dump_stack_lvl+0x8c/0xd0 [ 17.797095] print_report+0x118/0x608 [ 17.797321] kasan_report_invalid_free+0xc0/0xe8 [ 17.797780] check_slab_allocation+0xfc/0x108 [ 17.797867] __kasan_slab_pre_free+0x2c/0x48 [ 17.798131] kmem_cache_free+0xf0/0x468 [ 17.798321] kmem_cache_invalid_free+0x184/0x3c8 [ 17.798422] kunit_try_run_case+0x170/0x3f0 [ 17.798480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.798787] kthread+0x328/0x630 [ 17.798969] ret_from_fork+0x10/0x20 [ 17.799078] [ 17.799171] Allocated by task 220: [ 17.799228] kasan_save_stack+0x3c/0x68 [ 17.799662] kasan_save_track+0x20/0x40 [ 17.799750] kasan_save_alloc_info+0x40/0x58 [ 17.800084] __kasan_slab_alloc+0xa8/0xb0 [ 17.800232] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.800319] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.800746] kunit_try_run_case+0x170/0x3f0 [ 17.800835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.800990] kthread+0x328/0x630 [ 17.801028] ret_from_fork+0x10/0x20 [ 17.801099] [ 17.801243] The buggy address belongs to the object at fff00000c507a000 [ 17.801243] which belongs to the cache test_cache of size 200 [ 17.801464] The buggy address is located 1 bytes inside of [ 17.801464] 200-byte region [fff00000c507a000, fff00000c507a0c8) [ 17.801585] [ 17.801704] The buggy address belongs to the physical page: [ 17.801753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10507a [ 17.801848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.802190] page_type: f5(slab) [ 17.802373] raw: 0bfffe0000000000 fff00000c115d780 dead000000000122 0000000000000000 [ 17.802657] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.802747] page dumped because: kasan: bad access detected [ 17.802885] [ 17.802936] Memory state around the buggy address: [ 17.802986] fff00000c5079f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.803213] fff00000c5079f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.803367] >fff00000c507a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.803938] ^ [ 17.804120] fff00000c507a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.804196] fff00000c507a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.804643] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.753672] ================================================================== [ 17.753754] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.753833] Free of addr fff00000c5079000 by task kunit_try_catch/218 [ 17.753876] [ 17.754117] CPU: 1 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.754910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.755027] Hardware name: linux,dummy-virt (DT) [ 17.755067] Call trace: [ 17.755561] show_stack+0x20/0x38 (C) [ 17.755866] dump_stack_lvl+0x8c/0xd0 [ 17.756113] print_report+0x118/0x608 [ 17.756546] kasan_report_invalid_free+0xc0/0xe8 [ 17.756679] check_slab_allocation+0xd4/0x108 [ 17.756763] __kasan_slab_pre_free+0x2c/0x48 [ 17.757108] kmem_cache_free+0xf0/0x468 [ 17.757199] kmem_cache_double_free+0x190/0x3c8 [ 17.757388] kunit_try_run_case+0x170/0x3f0 [ 17.757719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.757829] kthread+0x328/0x630 [ 17.758255] ret_from_fork+0x10/0x20 [ 17.758385] [ 17.758447] Allocated by task 218: [ 17.758561] kasan_save_stack+0x3c/0x68 [ 17.758643] kasan_save_track+0x20/0x40 [ 17.758866] kasan_save_alloc_info+0x40/0x58 [ 17.758920] __kasan_slab_alloc+0xa8/0xb0 [ 17.759097] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.759173] kmem_cache_double_free+0x12c/0x3c8 [ 17.759267] kunit_try_run_case+0x170/0x3f0 [ 17.759333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.759405] kthread+0x328/0x630 [ 17.759574] ret_from_fork+0x10/0x20 [ 17.759659] [ 17.759809] Freed by task 218: [ 17.759843] kasan_save_stack+0x3c/0x68 [ 17.759911] kasan_save_track+0x20/0x40 [ 17.760135] kasan_save_free_info+0x4c/0x78 [ 17.760422] __kasan_slab_free+0x6c/0x98 [ 17.760635] kmem_cache_free+0x260/0x468 [ 17.760703] kmem_cache_double_free+0x140/0x3c8 [ 17.761081] kunit_try_run_case+0x170/0x3f0 [ 17.761145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.761583] kthread+0x328/0x630 [ 17.761656] ret_from_fork+0x10/0x20 [ 17.761813] [ 17.761835] The buggy address belongs to the object at fff00000c5079000 [ 17.761835] which belongs to the cache test_cache of size 200 [ 17.762045] The buggy address is located 0 bytes inside of [ 17.762045] 200-byte region [fff00000c5079000, fff00000c50790c8) [ 17.762248] [ 17.762316] The buggy address belongs to the physical page: [ 17.762425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105079 [ 17.762489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.762553] page_type: f5(slab) [ 17.762953] raw: 0bfffe0000000000 fff00000c115d640 dead000000000122 0000000000000000 [ 17.763057] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.763521] page dumped because: kasan: bad access detected [ 17.763590] [ 17.763707] Memory state around the buggy address: [ 17.763764] fff00000c5078f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.763816] fff00000c5078f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.764134] >fff00000c5079000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.764199] ^ [ 17.764251] fff00000c5079080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.764558] fff00000c5079100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.764663] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.483224] ================================================================== [ 17.483297] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.484115] Read of size 1 at addr fff00000c50100c8 by task kunit_try_catch/216 [ 17.484389] [ 17.484444] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.484770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.484814] Hardware name: linux,dummy-virt (DT) [ 17.484865] Call trace: [ 17.484892] show_stack+0x20/0x38 (C) [ 17.485157] dump_stack_lvl+0x8c/0xd0 [ 17.485373] print_report+0x118/0x608 [ 17.485742] kasan_report+0xdc/0x128 [ 17.485999] __asan_report_load1_noabort+0x20/0x30 [ 17.486230] kmem_cache_oob+0x344/0x430 [ 17.486290] kunit_try_run_case+0x170/0x3f0 [ 17.486527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.486787] kthread+0x328/0x630 [ 17.487050] ret_from_fork+0x10/0x20 [ 17.487199] [ 17.487294] Allocated by task 216: [ 17.487545] kasan_save_stack+0x3c/0x68 [ 17.487702] kasan_save_track+0x20/0x40 [ 17.487904] kasan_save_alloc_info+0x40/0x58 [ 17.487993] __kasan_slab_alloc+0xa8/0xb0 [ 17.488105] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.488286] kmem_cache_oob+0x12c/0x430 [ 17.488344] kunit_try_run_case+0x170/0x3f0 [ 17.488522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.488749] kthread+0x328/0x630 [ 17.488831] ret_from_fork+0x10/0x20 [ 17.488870] [ 17.489027] The buggy address belongs to the object at fff00000c5010000 [ 17.489027] which belongs to the cache test_cache of size 200 [ 17.489282] The buggy address is located 0 bytes to the right of [ 17.489282] allocated 200-byte region [fff00000c5010000, fff00000c50100c8) [ 17.489358] [ 17.489578] The buggy address belongs to the physical page: [ 17.489766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105010 [ 17.489858] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.490114] page_type: f5(slab) [ 17.490276] raw: 0bfffe0000000000 fff00000c115d500 dead000000000122 0000000000000000 [ 17.490402] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.490595] page dumped because: kasan: bad access detected [ 17.490814] [ 17.490864] Memory state around the buggy address: [ 17.490941] fff00000c500ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.491060] fff00000c5010000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.491134] >fff00000c5010080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.491180] ^ [ 17.491334] fff00000c5010100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.491625] fff00000c5010180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.492021] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.439231] ================================================================== [ 17.439313] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.439386] Read of size 8 at addr fff00000c4f8cd40 by task kunit_try_catch/209 [ 17.439440] [ 17.439478] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.439573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.439600] Hardware name: linux,dummy-virt (DT) [ 17.439633] Call trace: [ 17.439658] show_stack+0x20/0x38 (C) [ 17.439710] dump_stack_lvl+0x8c/0xd0 [ 17.439761] print_report+0x118/0x608 [ 17.439808] kasan_report+0xdc/0x128 [ 17.439856] __asan_report_load8_noabort+0x20/0x30 [ 17.439904] workqueue_uaf+0x480/0x4a8 [ 17.439968] kunit_try_run_case+0x170/0x3f0 [ 17.440018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.440072] kthread+0x328/0x630 [ 17.440115] ret_from_fork+0x10/0x20 [ 17.440163] [ 17.440181] Allocated by task 209: [ 17.440209] kasan_save_stack+0x3c/0x68 [ 17.440251] kasan_save_track+0x20/0x40 [ 17.440289] kasan_save_alloc_info+0x40/0x58 [ 17.440326] __kasan_kmalloc+0xd4/0xd8 [ 17.440364] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.440405] workqueue_uaf+0x13c/0x4a8 [ 17.440442] kunit_try_run_case+0x170/0x3f0 [ 17.440479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.440523] kthread+0x328/0x630 [ 17.440556] ret_from_fork+0x10/0x20 [ 17.440593] [ 17.440611] Freed by task 57: [ 17.440636] kasan_save_stack+0x3c/0x68 [ 17.440674] kasan_save_track+0x20/0x40 [ 17.440710] kasan_save_free_info+0x4c/0x78 [ 17.440746] __kasan_slab_free+0x6c/0x98 [ 17.440783] kfree+0x214/0x3c8 [ 17.440822] workqueue_uaf_work+0x18/0x30 [ 17.440860] process_one_work+0x530/0xf98 [ 17.440899] worker_thread+0x618/0xf38 [ 17.441013] kthread+0x328/0x630 [ 17.441076] ret_from_fork+0x10/0x20 [ 17.441168] [ 17.441194] Last potentially related work creation: [ 17.441264] kasan_save_stack+0x3c/0x68 [ 17.441310] kasan_record_aux_stack+0xb4/0xc8 [ 17.441369] __queue_work+0x65c/0xfe0 [ 17.441471] queue_work_on+0xbc/0xf8 [ 17.441512] workqueue_uaf+0x210/0x4a8 [ 17.441550] kunit_try_run_case+0x170/0x3f0 [ 17.441596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.441887] kthread+0x328/0x630 [ 17.442390] ret_from_fork+0x10/0x20 [ 17.442501] [ 17.442571] The buggy address belongs to the object at fff00000c4f8cd40 [ 17.442571] which belongs to the cache kmalloc-32 of size 32 [ 17.442633] The buggy address is located 0 bytes inside of [ 17.442633] freed 32-byte region [fff00000c4f8cd40, fff00000c4f8cd60) [ 17.443002] [ 17.443059] The buggy address belongs to the physical page: [ 17.443142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f8c [ 17.443250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.443339] page_type: f5(slab) [ 17.443746] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.443889] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.444071] page dumped because: kasan: bad access detected [ 17.444162] [ 17.444292] Memory state around the buggy address: [ 17.444364] fff00000c4f8cc00: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 17.444528] fff00000c4f8cc80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.444772] >fff00000c4f8cd00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.445006] ^ [ 17.445060] fff00000c4f8cd80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.445751] fff00000c4f8ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.445942] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.388241] ================================================================== [ 17.388400] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.388481] Read of size 4 at addr fff00000c4f8cb40 by task swapper/1/0 [ 17.388530] [ 17.389347] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.390756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.391010] Hardware name: linux,dummy-virt (DT) [ 17.391363] Call trace: [ 17.391449] show_stack+0x20/0x38 (C) [ 17.392177] dump_stack_lvl+0x8c/0xd0 [ 17.392774] print_report+0x118/0x608 [ 17.392843] kasan_report+0xdc/0x128 [ 17.393517] __asan_report_load4_noabort+0x20/0x30 [ 17.394177] rcu_uaf_reclaim+0x64/0x70 [ 17.394258] rcu_core+0x9f4/0x1e20 [ 17.394688] rcu_core_si+0x18/0x30 [ 17.394749] handle_softirqs+0x374/0xb28 [ 17.394800] __do_softirq+0x1c/0x28 [ 17.394845] ____do_softirq+0x18/0x30 [ 17.394889] call_on_irq_stack+0x24/0x30 [ 17.394949] do_softirq_own_stack+0x24/0x38 [ 17.396441] __irq_exit_rcu+0x1fc/0x318 [ 17.397674] irq_exit_rcu+0x1c/0x80 [ 17.397803] el1_interrupt+0x38/0x58 [ 17.397857] el1h_64_irq_handler+0x18/0x28 [ 17.398320] el1h_64_irq+0x6c/0x70 [ 17.399447] arch_local_irq_enable+0x4/0x8 (P) [ 17.399516] do_idle+0x384/0x4e8 [ 17.400686] cpu_startup_entry+0x64/0x80 [ 17.401299] secondary_start_kernel+0x288/0x340 [ 17.401709] __secondary_switched+0xc0/0xc8 [ 17.401941] [ 17.402195] Allocated by task 207: [ 17.402436] kasan_save_stack+0x3c/0x68 [ 17.402839] kasan_save_track+0x20/0x40 [ 17.403147] kasan_save_alloc_info+0x40/0x58 [ 17.403562] __kasan_kmalloc+0xd4/0xd8 [ 17.403612] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.403657] rcu_uaf+0xb0/0x2d8 [ 17.404415] kunit_try_run_case+0x170/0x3f0 [ 17.404994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.405059] kthread+0x328/0x630 [ 17.405597] ret_from_fork+0x10/0x20 [ 17.406099] [ 17.406570] Freed by task 0: [ 17.406646] kasan_save_stack+0x3c/0x68 [ 17.406731] kasan_save_track+0x20/0x40 [ 17.406769] kasan_save_free_info+0x4c/0x78 [ 17.406807] __kasan_slab_free+0x6c/0x98 [ 17.406845] kfree+0x214/0x3c8 [ 17.407676] rcu_uaf_reclaim+0x28/0x70 [ 17.408584] rcu_core+0x9f4/0x1e20 [ 17.408655] rcu_core_si+0x18/0x30 [ 17.408691] handle_softirqs+0x374/0xb28 [ 17.408730] __do_softirq+0x1c/0x28 [ 17.408767] [ 17.408808] Last potentially related work creation: [ 17.410384] kasan_save_stack+0x3c/0x68 [ 17.410629] kasan_record_aux_stack+0xb4/0xc8 [ 17.410689] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.410735] call_rcu+0x18/0x30 [ 17.410769] rcu_uaf+0x14c/0x2d8 [ 17.410805] kunit_try_run_case+0x170/0x3f0 [ 17.411290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.411995] kthread+0x328/0x630 [ 17.412534] ret_from_fork+0x10/0x20 [ 17.412788] [ 17.413219] The buggy address belongs to the object at fff00000c4f8cb40 [ 17.413219] which belongs to the cache kmalloc-32 of size 32 [ 17.413674] The buggy address is located 0 bytes inside of [ 17.413674] freed 32-byte region [fff00000c4f8cb40, fff00000c4f8cb60) [ 17.413744] [ 17.413768] The buggy address belongs to the physical page: [ 17.413802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104f8c [ 17.414945] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.415613] page_type: f5(slab) [ 17.415815] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.416472] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.416727] page dumped because: kasan: bad access detected [ 17.417709] [ 17.417903] Memory state around the buggy address: [ 17.417976] fff00000c4f8ca00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.418157] fff00000c4f8ca80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.418377] >fff00000c4f8cb00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.418494] ^ [ 17.418674] fff00000c4f8cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.418725] fff00000c4f8cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.418767] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.143872] ================================================================== [ 17.144568] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.144772] Read of size 1 at addr fff00000c748ac78 by task kunit_try_catch/205 [ 17.144836] [ 17.144871] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.144972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.144999] Hardware name: linux,dummy-virt (DT) [ 17.145179] Call trace: [ 17.145215] show_stack+0x20/0x38 (C) [ 17.145300] dump_stack_lvl+0x8c/0xd0 [ 17.145763] print_report+0x118/0x608 [ 17.145838] kasan_report+0xdc/0x128 [ 17.145990] __asan_report_load1_noabort+0x20/0x30 [ 17.146056] ksize_uaf+0x544/0x5f8 [ 17.146117] kunit_try_run_case+0x170/0x3f0 [ 17.146520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.146647] kthread+0x328/0x630 [ 17.146747] ret_from_fork+0x10/0x20 [ 17.146834] [ 17.146977] Allocated by task 205: [ 17.147016] kasan_save_stack+0x3c/0x68 [ 17.147129] kasan_save_track+0x20/0x40 [ 17.147186] kasan_save_alloc_info+0x40/0x58 [ 17.147225] __kasan_kmalloc+0xd4/0xd8 [ 17.147273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.147315] ksize_uaf+0xb8/0x5f8 [ 17.147367] kunit_try_run_case+0x170/0x3f0 [ 17.147407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.147461] kthread+0x328/0x630 [ 17.147495] ret_from_fork+0x10/0x20 [ 17.147532] [ 17.147550] Freed by task 205: [ 17.147578] kasan_save_stack+0x3c/0x68 [ 17.147617] kasan_save_track+0x20/0x40 [ 17.147662] kasan_save_free_info+0x4c/0x78 [ 17.147700] __kasan_slab_free+0x6c/0x98 [ 17.147739] kfree+0x214/0x3c8 [ 17.147798] ksize_uaf+0x11c/0x5f8 [ 17.147844] kunit_try_run_case+0x170/0x3f0 [ 17.147883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.147937] kthread+0x328/0x630 [ 17.147992] ret_from_fork+0x10/0x20 [ 17.148030] [ 17.148048] The buggy address belongs to the object at fff00000c748ac00 [ 17.148048] which belongs to the cache kmalloc-128 of size 128 [ 17.148126] The buggy address is located 120 bytes inside of [ 17.148126] freed 128-byte region [fff00000c748ac00, fff00000c748ac80) [ 17.148195] [ 17.148223] The buggy address belongs to the physical page: [ 17.148260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 17.148324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.148372] page_type: f5(slab) [ 17.148412] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.148465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.148507] page dumped because: kasan: bad access detected [ 17.148539] [ 17.148564] Memory state around the buggy address: [ 17.148596] fff00000c748ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.148641] fff00000c748ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.148684] >fff00000c748ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.148721] ^ [ 17.148777] fff00000c748ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.148825] fff00000c748ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.148879] ================================================================== [ 17.133659] ================================================================== [ 17.133746] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.134219] Read of size 1 at addr fff00000c748ac00 by task kunit_try_catch/205 [ 17.134289] [ 17.134558] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.134829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.134883] Hardware name: linux,dummy-virt (DT) [ 17.134950] Call trace: [ 17.135037] show_stack+0x20/0x38 (C) [ 17.135117] dump_stack_lvl+0x8c/0xd0 [ 17.135259] print_report+0x118/0x608 [ 17.135328] kasan_report+0xdc/0x128 [ 17.135808] __asan_report_load1_noabort+0x20/0x30 [ 17.135904] ksize_uaf+0x598/0x5f8 [ 17.136059] kunit_try_run_case+0x170/0x3f0 [ 17.136137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.136383] kthread+0x328/0x630 [ 17.136580] ret_from_fork+0x10/0x20 [ 17.136640] [ 17.136948] Allocated by task 205: [ 17.137095] kasan_save_stack+0x3c/0x68 [ 17.137282] kasan_save_track+0x20/0x40 [ 17.137371] kasan_save_alloc_info+0x40/0x58 [ 17.137540] __kasan_kmalloc+0xd4/0xd8 [ 17.137601] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.137687] ksize_uaf+0xb8/0x5f8 [ 17.137892] kunit_try_run_case+0x170/0x3f0 [ 17.138102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.138220] kthread+0x328/0x630 [ 17.138392] ret_from_fork+0x10/0x20 [ 17.138467] [ 17.138660] Freed by task 205: [ 17.138694] kasan_save_stack+0x3c/0x68 [ 17.138947] kasan_save_track+0x20/0x40 [ 17.139024] kasan_save_free_info+0x4c/0x78 [ 17.139186] __kasan_slab_free+0x6c/0x98 [ 17.139349] kfree+0x214/0x3c8 [ 17.139428] ksize_uaf+0x11c/0x5f8 [ 17.139512] kunit_try_run_case+0x170/0x3f0 [ 17.139646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.139706] kthread+0x328/0x630 [ 17.139973] ret_from_fork+0x10/0x20 [ 17.140242] [ 17.140335] The buggy address belongs to the object at fff00000c748ac00 [ 17.140335] which belongs to the cache kmalloc-128 of size 128 [ 17.140430] The buggy address is located 0 bytes inside of [ 17.140430] freed 128-byte region [fff00000c748ac00, fff00000c748ac80) [ 17.140577] [ 17.140639] The buggy address belongs to the physical page: [ 17.140697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 17.141028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.141199] page_type: f5(slab) [ 17.141343] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.141434] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.141596] page dumped because: kasan: bad access detected [ 17.141666] [ 17.141684] Memory state around the buggy address: [ 17.142074] fff00000c748ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.142140] fff00000c748ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.142275] >fff00000c748ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.142362] ^ [ 17.142416] fff00000c748ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.142547] fff00000c748ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.142630] ================================================================== [ 17.123886] ================================================================== [ 17.123973] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.124039] Read of size 1 at addr fff00000c748ac00 by task kunit_try_catch/205 [ 17.124093] [ 17.124131] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.124240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.124270] Hardware name: linux,dummy-virt (DT) [ 17.124302] Call trace: [ 17.124329] show_stack+0x20/0x38 (C) [ 17.124381] dump_stack_lvl+0x8c/0xd0 [ 17.124444] print_report+0x118/0x608 [ 17.124501] kasan_report+0xdc/0x128 [ 17.124548] __kasan_check_byte+0x54/0x70 [ 17.124597] ksize+0x30/0x88 [ 17.124642] ksize_uaf+0x168/0x5f8 [ 17.124686] kunit_try_run_case+0x170/0x3f0 [ 17.124737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.124800] kthread+0x328/0x630 [ 17.124845] ret_from_fork+0x10/0x20 [ 17.124903] [ 17.125438] Allocated by task 205: [ 17.125494] kasan_save_stack+0x3c/0x68 [ 17.125960] kasan_save_track+0x20/0x40 [ 17.126029] kasan_save_alloc_info+0x40/0x58 [ 17.126579] __kasan_kmalloc+0xd4/0xd8 [ 17.126946] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.127251] ksize_uaf+0xb8/0x5f8 [ 17.127400] kunit_try_run_case+0x170/0x3f0 [ 17.127537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.127806] kthread+0x328/0x630 [ 17.127850] ret_from_fork+0x10/0x20 [ 17.128226] [ 17.128306] Freed by task 205: [ 17.128355] kasan_save_stack+0x3c/0x68 [ 17.128457] kasan_save_track+0x20/0x40 [ 17.128806] kasan_save_free_info+0x4c/0x78 [ 17.129032] __kasan_slab_free+0x6c/0x98 [ 17.129318] kfree+0x214/0x3c8 [ 17.129509] ksize_uaf+0x11c/0x5f8 [ 17.129601] kunit_try_run_case+0x170/0x3f0 [ 17.129667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.129777] kthread+0x328/0x630 [ 17.129842] ret_from_fork+0x10/0x20 [ 17.130041] [ 17.130073] The buggy address belongs to the object at fff00000c748ac00 [ 17.130073] which belongs to the cache kmalloc-128 of size 128 [ 17.130326] The buggy address is located 0 bytes inside of [ 17.130326] freed 128-byte region [fff00000c748ac00, fff00000c748ac80) [ 17.130416] [ 17.130481] The buggy address belongs to the physical page: [ 17.130545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 17.130616] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.130970] page_type: f5(slab) [ 17.131136] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.131212] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.131350] page dumped because: kasan: bad access detected [ 17.131411] [ 17.131589] Memory state around the buggy address: [ 17.131750] fff00000c748ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.131991] fff00000c748ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.132077] >fff00000c748ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.132199] ^ [ 17.132248] fff00000c748ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.132293] fff00000c748ad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.132471] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.090233] ================================================================== [ 17.090442] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.090546] Read of size 1 at addr fff00000c748ab73 by task kunit_try_catch/203 [ 17.090859] [ 17.091087] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.091477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.091640] Hardware name: linux,dummy-virt (DT) [ 17.091692] Call trace: [ 17.091738] show_stack+0x20/0x38 (C) [ 17.091991] dump_stack_lvl+0x8c/0xd0 [ 17.092490] print_report+0x118/0x608 [ 17.092654] kasan_report+0xdc/0x128 [ 17.092751] __asan_report_load1_noabort+0x20/0x30 [ 17.093012] ksize_unpoisons_memory+0x628/0x740 [ 17.093223] kunit_try_run_case+0x170/0x3f0 [ 17.093301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.093427] kthread+0x328/0x630 [ 17.093511] ret_from_fork+0x10/0x20 [ 17.093778] [ 17.094049] Allocated by task 203: [ 17.094118] kasan_save_stack+0x3c/0x68 [ 17.094526] kasan_save_track+0x20/0x40 [ 17.094604] kasan_save_alloc_info+0x40/0x58 [ 17.094758] __kasan_kmalloc+0xd4/0xd8 [ 17.094846] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.094999] ksize_unpoisons_memory+0xc0/0x740 [ 17.095067] kunit_try_run_case+0x170/0x3f0 [ 17.095105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.095152] kthread+0x328/0x630 [ 17.095186] ret_from_fork+0x10/0x20 [ 17.095703] [ 17.095766] The buggy address belongs to the object at fff00000c748ab00 [ 17.095766] which belongs to the cache kmalloc-128 of size 128 [ 17.095874] The buggy address is located 0 bytes to the right of [ 17.095874] allocated 115-byte region [fff00000c748ab00, fff00000c748ab73) [ 17.096077] [ 17.096116] The buggy address belongs to the physical page: [ 17.096161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 17.096369] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.096541] page_type: f5(slab) [ 17.096626] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.096859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.097013] page dumped because: kasan: bad access detected [ 17.097084] [ 17.097103] Memory state around the buggy address: [ 17.097138] fff00000c748aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.097194] fff00000c748aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.097532] >fff00000c748ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.097657] ^ [ 17.097774] fff00000c748ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.097904] fff00000c748ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.097999] ================================================================== [ 17.105784] ================================================================== [ 17.105842] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.105897] Read of size 1 at addr fff00000c748ab7f by task kunit_try_catch/203 [ 17.105960] [ 17.106128] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.106230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.106311] Hardware name: linux,dummy-virt (DT) [ 17.106438] Call trace: [ 17.106597] show_stack+0x20/0x38 (C) [ 17.106692] dump_stack_lvl+0x8c/0xd0 [ 17.106772] print_report+0x118/0x608 [ 17.106959] kasan_report+0xdc/0x128 [ 17.107046] __asan_report_load1_noabort+0x20/0x30 [ 17.107172] ksize_unpoisons_memory+0x690/0x740 [ 17.107657] kunit_try_run_case+0x170/0x3f0 [ 17.107762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.107838] kthread+0x328/0x630 [ 17.108001] ret_from_fork+0x10/0x20 [ 17.108063] [ 17.108088] Allocated by task 203: [ 17.108301] kasan_save_stack+0x3c/0x68 [ 17.108465] kasan_save_track+0x20/0x40 [ 17.108584] kasan_save_alloc_info+0x40/0x58 [ 17.108671] __kasan_kmalloc+0xd4/0xd8 [ 17.108806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.108873] ksize_unpoisons_memory+0xc0/0x740 [ 17.108942] kunit_try_run_case+0x170/0x3f0 [ 17.109126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.109363] kthread+0x328/0x630 [ 17.109426] ret_from_fork+0x10/0x20 [ 17.109591] [ 17.109652] The buggy address belongs to the object at fff00000c748ab00 [ 17.109652] which belongs to the cache kmalloc-128 of size 128 [ 17.110061] The buggy address is located 12 bytes to the right of [ 17.110061] allocated 115-byte region [fff00000c748ab00, fff00000c748ab73) [ 17.110168] [ 17.110315] The buggy address belongs to the physical page: [ 17.110365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 17.110510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.110579] page_type: f5(slab) [ 17.110620] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.110687] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.111069] page dumped because: kasan: bad access detected [ 17.111181] [ 17.111244] Memory state around the buggy address: [ 17.111313] fff00000c748aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.111439] fff00000c748aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.111506] >fff00000c748ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.111770] ^ [ 17.111863] fff00000c748ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.112182] fff00000c748ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.112300] ================================================================== [ 17.099421] ================================================================== [ 17.099480] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.100000] Read of size 1 at addr fff00000c748ab78 by task kunit_try_catch/203 [ 17.100082] [ 17.100117] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.100273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.100333] Hardware name: linux,dummy-virt (DT) [ 17.100378] Call trace: [ 17.100401] show_stack+0x20/0x38 (C) [ 17.100834] dump_stack_lvl+0x8c/0xd0 [ 17.101000] print_report+0x118/0x608 [ 17.101065] kasan_report+0xdc/0x128 [ 17.101129] __asan_report_load1_noabort+0x20/0x30 [ 17.101182] ksize_unpoisons_memory+0x618/0x740 [ 17.101230] kunit_try_run_case+0x170/0x3f0 [ 17.101318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.101386] kthread+0x328/0x630 [ 17.101431] ret_from_fork+0x10/0x20 [ 17.101481] [ 17.101499] Allocated by task 203: [ 17.101529] kasan_save_stack+0x3c/0x68 [ 17.101579] kasan_save_track+0x20/0x40 [ 17.101619] kasan_save_alloc_info+0x40/0x58 [ 17.101657] __kasan_kmalloc+0xd4/0xd8 [ 17.101695] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.101736] ksize_unpoisons_memory+0xc0/0x740 [ 17.101775] kunit_try_run_case+0x170/0x3f0 [ 17.101814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.101857] kthread+0x328/0x630 [ 17.101891] ret_from_fork+0x10/0x20 [ 17.101939] [ 17.101958] The buggy address belongs to the object at fff00000c748ab00 [ 17.101958] which belongs to the cache kmalloc-128 of size 128 [ 17.102019] The buggy address is located 5 bytes to the right of [ 17.102019] allocated 115-byte region [fff00000c748ab00, fff00000c748ab73) [ 17.102504] [ 17.102527] The buggy address belongs to the physical page: [ 17.102738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 17.102985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.103126] page_type: f5(slab) [ 17.103261] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.103339] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.103474] page dumped because: kasan: bad access detected [ 17.103510] [ 17.103664] Memory state around the buggy address: [ 17.103919] fff00000c748aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.104081] fff00000c748aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.104146] >fff00000c748ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.104290] ^ [ 17.104356] fff00000c748ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.104636] fff00000c748ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.104716] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.068600] ================================================================== [ 17.068685] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.068743] Free of addr fff00000c1193700 by task kunit_try_catch/201 [ 17.069086] [ 17.069122] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.069297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.069354] Hardware name: linux,dummy-virt (DT) [ 17.069389] Call trace: [ 17.069420] show_stack+0x20/0x38 (C) [ 17.069748] dump_stack_lvl+0x8c/0xd0 [ 17.069954] print_report+0x118/0x608 [ 17.070018] kasan_report_invalid_free+0xc0/0xe8 [ 17.070199] check_slab_allocation+0xd4/0x108 [ 17.070287] __kasan_slab_pre_free+0x2c/0x48 [ 17.070420] kfree+0xe8/0x3c8 [ 17.070466] kfree_sensitive+0x3c/0xb0 [ 17.070518] kmalloc_double_kzfree+0x168/0x308 [ 17.070709] kunit_try_run_case+0x170/0x3f0 [ 17.070978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.071105] kthread+0x328/0x630 [ 17.071194] ret_from_fork+0x10/0x20 [ 17.071342] [ 17.071363] Allocated by task 201: [ 17.071406] kasan_save_stack+0x3c/0x68 [ 17.071452] kasan_save_track+0x20/0x40 [ 17.071501] kasan_save_alloc_info+0x40/0x58 [ 17.071540] __kasan_kmalloc+0xd4/0xd8 [ 17.071589] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.071640] kmalloc_double_kzfree+0xb8/0x308 [ 17.071686] kunit_try_run_case+0x170/0x3f0 [ 17.071734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.071788] kthread+0x328/0x630 [ 17.071823] ret_from_fork+0x10/0x20 [ 17.071860] [ 17.071881] Freed by task 201: [ 17.071922] kasan_save_stack+0x3c/0x68 [ 17.072140] kasan_save_track+0x20/0x40 [ 17.072512] kasan_save_free_info+0x4c/0x78 [ 17.072658] __kasan_slab_free+0x6c/0x98 [ 17.072702] kfree+0x214/0x3c8 [ 17.072911] kfree_sensitive+0x80/0xb0 [ 17.073017] kmalloc_double_kzfree+0x11c/0x308 [ 17.073206] kunit_try_run_case+0x170/0x3f0 [ 17.073399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.073512] kthread+0x328/0x630 [ 17.073577] ret_from_fork+0x10/0x20 [ 17.073990] [ 17.074402] The buggy address belongs to the object at fff00000c1193700 [ 17.074402] which belongs to the cache kmalloc-16 of size 16 [ 17.074480] The buggy address is located 0 bytes inside of [ 17.074480] 16-byte region [fff00000c1193700, fff00000c1193710) [ 17.074899] [ 17.074986] The buggy address belongs to the physical page: [ 17.075051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101193 [ 17.075110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.075161] page_type: f5(slab) [ 17.075404] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 17.075648] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.075722] page dumped because: kasan: bad access detected [ 17.076403] [ 17.076569] Memory state around the buggy address: [ 17.076649] fff00000c1193600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.076770] fff00000c1193680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.076826] >fff00000c1193700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.076975] ^ [ 17.077052] fff00000c1193780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.077119] fff00000c1193800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.077391] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.057076] ================================================================== [ 17.057157] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.057483] Read of size 1 at addr fff00000c1193700 by task kunit_try_catch/201 [ 17.057554] [ 17.057676] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.057778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.057805] Hardware name: linux,dummy-virt (DT) [ 17.057997] Call trace: [ 17.058026] show_stack+0x20/0x38 (C) [ 17.058321] dump_stack_lvl+0x8c/0xd0 [ 17.058416] print_report+0x118/0x608 [ 17.058570] kasan_report+0xdc/0x128 [ 17.058658] __kasan_check_byte+0x54/0x70 [ 17.058728] kfree_sensitive+0x30/0xb0 [ 17.059113] kmalloc_double_kzfree+0x168/0x308 [ 17.059197] kunit_try_run_case+0x170/0x3f0 [ 17.059343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.059427] kthread+0x328/0x630 [ 17.059574] ret_from_fork+0x10/0x20 [ 17.059682] [ 17.059702] Allocated by task 201: [ 17.059948] kasan_save_stack+0x3c/0x68 [ 17.060122] kasan_save_track+0x20/0x40 [ 17.060186] kasan_save_alloc_info+0x40/0x58 [ 17.060399] __kasan_kmalloc+0xd4/0xd8 [ 17.060509] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.060747] kmalloc_double_kzfree+0xb8/0x308 [ 17.060838] kunit_try_run_case+0x170/0x3f0 [ 17.060992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.061066] kthread+0x328/0x630 [ 17.061128] ret_from_fork+0x10/0x20 [ 17.061358] [ 17.061534] Freed by task 201: [ 17.061697] kasan_save_stack+0x3c/0x68 [ 17.061789] kasan_save_track+0x20/0x40 [ 17.061865] kasan_save_free_info+0x4c/0x78 [ 17.062021] __kasan_slab_free+0x6c/0x98 [ 17.062064] kfree+0x214/0x3c8 [ 17.062100] kfree_sensitive+0x80/0xb0 [ 17.062140] kmalloc_double_kzfree+0x11c/0x308 [ 17.062185] kunit_try_run_case+0x170/0x3f0 [ 17.062612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.062750] kthread+0x328/0x630 [ 17.062834] ret_from_fork+0x10/0x20 [ 17.062900] [ 17.063041] The buggy address belongs to the object at fff00000c1193700 [ 17.063041] which belongs to the cache kmalloc-16 of size 16 [ 17.063294] The buggy address is located 0 bytes inside of [ 17.063294] freed 16-byte region [fff00000c1193700, fff00000c1193710) [ 17.063723] [ 17.063777] The buggy address belongs to the physical page: [ 17.063833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101193 [ 17.063943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.064116] page_type: f5(slab) [ 17.064182] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 17.064385] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.064614] page dumped because: kasan: bad access detected [ 17.064676] [ 17.064753] Memory state around the buggy address: [ 17.064823] fff00000c1193600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.064908] fff00000c1193680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.065013] >fff00000c1193700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065079] ^ [ 17.065128] fff00000c1193780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065195] fff00000c1193800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065562] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.026047] ================================================================== [ 17.026224] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.026317] Read of size 1 at addr fff00000c505c7a8 by task kunit_try_catch/197 [ 17.026577] [ 17.026977] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.027150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.027179] Hardware name: linux,dummy-virt (DT) [ 17.027214] Call trace: [ 17.027238] show_stack+0x20/0x38 (C) [ 17.027295] dump_stack_lvl+0x8c/0xd0 [ 17.027345] print_report+0x118/0x608 [ 17.027406] kasan_report+0xdc/0x128 [ 17.027460] __asan_report_load1_noabort+0x20/0x30 [ 17.027509] kmalloc_uaf2+0x3f4/0x468 [ 17.027558] kunit_try_run_case+0x170/0x3f0 [ 17.027609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.027663] kthread+0x328/0x630 [ 17.027707] ret_from_fork+0x10/0x20 [ 17.027766] [ 17.027793] Allocated by task 197: [ 17.027830] kasan_save_stack+0x3c/0x68 [ 17.027884] kasan_save_track+0x20/0x40 [ 17.027938] kasan_save_alloc_info+0x40/0x58 [ 17.027977] __kasan_kmalloc+0xd4/0xd8 [ 17.028015] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.028066] kmalloc_uaf2+0xc4/0x468 [ 17.028102] kunit_try_run_case+0x170/0x3f0 [ 17.028147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.028203] kthread+0x328/0x630 [ 17.028237] ret_from_fork+0x10/0x20 [ 17.028273] [ 17.028292] Freed by task 197: [ 17.028334] kasan_save_stack+0x3c/0x68 [ 17.028380] kasan_save_track+0x20/0x40 [ 17.028428] kasan_save_free_info+0x4c/0x78 [ 17.028466] __kasan_slab_free+0x6c/0x98 [ 17.028504] kfree+0x214/0x3c8 [ 17.028537] kmalloc_uaf2+0x134/0x468 [ 17.028573] kunit_try_run_case+0x170/0x3f0 [ 17.028610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.028654] kthread+0x328/0x630 [ 17.028687] ret_from_fork+0x10/0x20 [ 17.028722] [ 17.028742] The buggy address belongs to the object at fff00000c505c780 [ 17.028742] which belongs to the cache kmalloc-64 of size 64 [ 17.028811] The buggy address is located 40 bytes inside of [ 17.028811] freed 64-byte region [fff00000c505c780, fff00000c505c7c0) [ 17.028881] [ 17.028911] The buggy address belongs to the physical page: [ 17.028989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10505c [ 17.029384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.029708] page_type: f5(slab) [ 17.030024] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.030081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.030720] page dumped because: kasan: bad access detected [ 17.030786] [ 17.030837] Memory state around the buggy address: [ 17.030985] fff00000c505c680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.031054] fff00000c505c700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.031099] >fff00000c505c780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.031165] ^ [ 17.031578] fff00000c505c800: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.031652] fff00000c505c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031740] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.006213] ================================================================== [ 17.006331] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.006477] Write of size 33 at addr fff00000c505c600 by task kunit_try_catch/195 [ 17.006550] [ 17.006719] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 17.006817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.007082] Hardware name: linux,dummy-virt (DT) [ 17.007483] Call trace: [ 17.007539] show_stack+0x20/0x38 (C) [ 17.007638] dump_stack_lvl+0x8c/0xd0 [ 17.008047] print_report+0x118/0x608 [ 17.008127] kasan_report+0xdc/0x128 [ 17.008244] kasan_check_range+0x100/0x1a8 [ 17.008320] __asan_memset+0x34/0x78 [ 17.008512] kmalloc_uaf_memset+0x170/0x310 [ 17.008597] kunit_try_run_case+0x170/0x3f0 [ 17.008774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.008863] kthread+0x328/0x630 [ 17.008909] ret_from_fork+0x10/0x20 [ 17.008970] [ 17.008990] Allocated by task 195: [ 17.009019] kasan_save_stack+0x3c/0x68 [ 17.009072] kasan_save_track+0x20/0x40 [ 17.009109] kasan_save_alloc_info+0x40/0x58 [ 17.009147] __kasan_kmalloc+0xd4/0xd8 [ 17.009183] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.009226] kmalloc_uaf_memset+0xb8/0x310 [ 17.009271] kunit_try_run_case+0x170/0x3f0 [ 17.009310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.009354] kthread+0x328/0x630 [ 17.009385] ret_from_fork+0x10/0x20 [ 17.009422] [ 17.009446] Freed by task 195: [ 17.009480] kasan_save_stack+0x3c/0x68 [ 17.009523] kasan_save_track+0x20/0x40 [ 17.009576] kasan_save_free_info+0x4c/0x78 [ 17.009615] __kasan_slab_free+0x6c/0x98 [ 17.009652] kfree+0x214/0x3c8 [ 17.009685] kmalloc_uaf_memset+0x11c/0x310 [ 17.009723] kunit_try_run_case+0x170/0x3f0 [ 17.009761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.009811] kthread+0x328/0x630 [ 17.009845] ret_from_fork+0x10/0x20 [ 17.009881] [ 17.009902] The buggy address belongs to the object at fff00000c505c600 [ 17.009902] which belongs to the cache kmalloc-64 of size 64 [ 17.009971] The buggy address is located 0 bytes inside of [ 17.009971] freed 64-byte region [fff00000c505c600, fff00000c505c640) [ 17.010035] [ 17.010506] The buggy address belongs to the physical page: [ 17.010553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10505c [ 17.010616] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.011044] page_type: f5(slab) [ 17.011301] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.011445] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.011666] page dumped because: kasan: bad access detected [ 17.011874] [ 17.012024] Memory state around the buggy address: [ 17.012182] fff00000c505c500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.012266] fff00000c505c580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.012700] >fff00000c505c600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.012765] ^ [ 17.012796] fff00000c505c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.013027] fff00000c505c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.013140] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.987451] ================================================================== [ 16.987522] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.987896] Read of size 1 at addr fff00000c11936e8 by task kunit_try_catch/193 [ 16.988008] [ 16.988126] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.988236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.988265] Hardware name: linux,dummy-virt (DT) [ 16.988454] Call trace: [ 16.988603] show_stack+0x20/0x38 (C) [ 16.988672] dump_stack_lvl+0x8c/0xd0 [ 16.988972] print_report+0x118/0x608 [ 16.989096] kasan_report+0xdc/0x128 [ 16.989149] __asan_report_load1_noabort+0x20/0x30 [ 16.989217] kmalloc_uaf+0x300/0x338 [ 16.989323] kunit_try_run_case+0x170/0x3f0 [ 16.989381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.989451] kthread+0x328/0x630 [ 16.989635] ret_from_fork+0x10/0x20 [ 16.989888] [ 16.989922] Allocated by task 193: [ 16.989967] kasan_save_stack+0x3c/0x68 [ 16.990100] kasan_save_track+0x20/0x40 [ 16.990212] kasan_save_alloc_info+0x40/0x58 [ 16.990368] __kasan_kmalloc+0xd4/0xd8 [ 16.990414] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.990464] kmalloc_uaf+0xb8/0x338 [ 16.990500] kunit_try_run_case+0x170/0x3f0 [ 16.990795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.990978] kthread+0x328/0x630 [ 16.991066] ret_from_fork+0x10/0x20 [ 16.991192] [ 16.991214] Freed by task 193: [ 16.991265] kasan_save_stack+0x3c/0x68 [ 16.991532] kasan_save_track+0x20/0x40 [ 16.991797] kasan_save_free_info+0x4c/0x78 [ 16.991844] __kasan_slab_free+0x6c/0x98 [ 16.991901] kfree+0x214/0x3c8 [ 16.991989] kmalloc_uaf+0x11c/0x338 [ 16.992027] kunit_try_run_case+0x170/0x3f0 [ 16.992066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.992122] kthread+0x328/0x630 [ 16.992155] ret_from_fork+0x10/0x20 [ 16.992193] [ 16.992214] The buggy address belongs to the object at fff00000c11936e0 [ 16.992214] which belongs to the cache kmalloc-16 of size 16 [ 16.992277] The buggy address is located 8 bytes inside of [ 16.992277] freed 16-byte region [fff00000c11936e0, fff00000c11936f0) [ 16.992363] [ 16.992395] The buggy address belongs to the physical page: [ 16.992443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101193 [ 16.992509] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.992561] page_type: f5(slab) [ 16.992612] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 16.992665] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.992716] page dumped because: kasan: bad access detected [ 16.992748] [ 16.992766] Memory state around the buggy address: [ 16.992830] fff00000c1193580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.992875] fff00000c1193600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.992918] >fff00000c1193680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.993212] ^ [ 16.993373] fff00000c1193700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.993483] fff00000c1193780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.993820] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.960482] ================================================================== [ 16.960561] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.960636] Read of size 64 at addr fff00000c505c304 by task kunit_try_catch/191 [ 16.960888] [ 16.960973] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.961153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.961192] Hardware name: linux,dummy-virt (DT) [ 16.961226] Call trace: [ 16.961249] show_stack+0x20/0x38 (C) [ 16.961562] dump_stack_lvl+0x8c/0xd0 [ 16.961638] print_report+0x118/0x608 [ 16.961685] kasan_report+0xdc/0x128 [ 16.961731] kasan_check_range+0x100/0x1a8 [ 16.961870] __asan_memmove+0x3c/0x98 [ 16.961944] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.962055] kunit_try_run_case+0x170/0x3f0 [ 16.962155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.962564] kthread+0x328/0x630 [ 16.962663] ret_from_fork+0x10/0x20 [ 16.962817] [ 16.962866] Allocated by task 191: [ 16.962995] kasan_save_stack+0x3c/0x68 [ 16.963091] kasan_save_track+0x20/0x40 [ 16.963208] kasan_save_alloc_info+0x40/0x58 [ 16.963248] __kasan_kmalloc+0xd4/0xd8 [ 16.963645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.963778] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.963846] kunit_try_run_case+0x170/0x3f0 [ 16.963980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.964069] kthread+0x328/0x630 [ 16.964144] ret_from_fork+0x10/0x20 [ 16.964490] [ 16.964543] The buggy address belongs to the object at fff00000c505c300 [ 16.964543] which belongs to the cache kmalloc-64 of size 64 [ 16.964708] The buggy address is located 4 bytes inside of [ 16.964708] allocated 64-byte region [fff00000c505c300, fff00000c505c340) [ 16.964879] [ 16.964944] The buggy address belongs to the physical page: [ 16.964985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10505c [ 16.965060] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.965170] page_type: f5(slab) [ 16.965219] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.965422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.965679] page dumped because: kasan: bad access detected [ 16.965801] [ 16.965834] Memory state around the buggy address: [ 16.965945] fff00000c505c200: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.966102] fff00000c505c280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.966189] >fff00000c505c300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.966234] ^ [ 16.966271] fff00000c505c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.966664] fff00000c505c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.966739] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.940141] ================================================================== [ 16.940220] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.940285] Read of size 18446744073709551614 at addr fff00000c505c104 by task kunit_try_catch/189 [ 16.940559] [ 16.940773] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.940882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.940910] Hardware name: linux,dummy-virt (DT) [ 16.941460] Call trace: [ 16.941505] show_stack+0x20/0x38 (C) [ 16.941743] dump_stack_lvl+0x8c/0xd0 [ 16.941813] print_report+0x118/0x608 [ 16.941893] kasan_report+0xdc/0x128 [ 16.941955] kasan_check_range+0x100/0x1a8 [ 16.942022] __asan_memmove+0x3c/0x98 [ 16.942138] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.942345] kunit_try_run_case+0x170/0x3f0 [ 16.942584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.942759] kthread+0x328/0x630 [ 16.942862] ret_from_fork+0x10/0x20 [ 16.943018] [ 16.943086] Allocated by task 189: [ 16.943211] kasan_save_stack+0x3c/0x68 [ 16.943257] kasan_save_track+0x20/0x40 [ 16.943320] kasan_save_alloc_info+0x40/0x58 [ 16.943497] __kasan_kmalloc+0xd4/0xd8 [ 16.943734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.943815] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.943952] kunit_try_run_case+0x170/0x3f0 [ 16.944011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.944237] kthread+0x328/0x630 [ 16.944517] ret_from_fork+0x10/0x20 [ 16.945285] [ 16.945342] The buggy address belongs to the object at fff00000c505c100 [ 16.945342] which belongs to the cache kmalloc-64 of size 64 [ 16.945417] The buggy address is located 4 bytes inside of [ 16.945417] 64-byte region [fff00000c505c100, fff00000c505c140) [ 16.945498] [ 16.945520] The buggy address belongs to the physical page: [ 16.945605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10505c [ 16.946154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.946250] page_type: f5(slab) [ 16.946311] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.946364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.946904] page dumped because: kasan: bad access detected [ 16.947602] [ 16.947652] Memory state around the buggy address: [ 16.947699] fff00000c505c000: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.947778] fff00000c505c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.947847] >fff00000c505c100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.948196] ^ [ 16.948379] fff00000c505c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948488] fff00000c505c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.948556] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.924859] ================================================================== [ 16.925286] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.925580] Write of size 16 at addr fff00000c748aa69 by task kunit_try_catch/187 [ 16.925665] [ 16.925745] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.925893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.925951] Hardware name: linux,dummy-virt (DT) [ 16.925986] Call trace: [ 16.926054] show_stack+0x20/0x38 (C) [ 16.926145] dump_stack_lvl+0x8c/0xd0 [ 16.926261] print_report+0x118/0x608 [ 16.926338] kasan_report+0xdc/0x128 [ 16.926455] kasan_check_range+0x100/0x1a8 [ 16.926505] __asan_memset+0x34/0x78 [ 16.926797] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.927003] kunit_try_run_case+0x170/0x3f0 [ 16.927100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.927559] kthread+0x328/0x630 [ 16.927643] ret_from_fork+0x10/0x20 [ 16.927870] [ 16.927944] Allocated by task 187: [ 16.928075] kasan_save_stack+0x3c/0x68 [ 16.928123] kasan_save_track+0x20/0x40 [ 16.928181] kasan_save_alloc_info+0x40/0x58 [ 16.928220] __kasan_kmalloc+0xd4/0xd8 [ 16.928268] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.928313] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.928352] kunit_try_run_case+0x170/0x3f0 [ 16.928401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.928454] kthread+0x328/0x630 [ 16.928494] ret_from_fork+0x10/0x20 [ 16.928541] [ 16.928578] The buggy address belongs to the object at fff00000c748aa00 [ 16.928578] which belongs to the cache kmalloc-128 of size 128 [ 16.928637] The buggy address is located 105 bytes inside of [ 16.928637] allocated 120-byte region [fff00000c748aa00, fff00000c748aa78) [ 16.928708] [ 16.928736] The buggy address belongs to the physical page: [ 16.928769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.928828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.928889] page_type: f5(slab) [ 16.928940] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.928989] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.929028] page dumped because: kasan: bad access detected [ 16.929335] [ 16.929362] Memory state around the buggy address: [ 16.929403] fff00000c748a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.929447] fff00000c748a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929502] >fff00000c748aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.929552] ^ [ 16.929599] fff00000c748aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929643] fff00000c748ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.929694] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.908969] ================================================================== [ 16.909032] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.909089] Write of size 8 at addr fff00000c748a971 by task kunit_try_catch/185 [ 16.909139] [ 16.909174] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.909522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.909566] Hardware name: linux,dummy-virt (DT) [ 16.909607] Call trace: [ 16.909710] show_stack+0x20/0x38 (C) [ 16.909777] dump_stack_lvl+0x8c/0xd0 [ 16.909843] print_report+0x118/0x608 [ 16.909963] kasan_report+0xdc/0x128 [ 16.910011] kasan_check_range+0x100/0x1a8 [ 16.910413] __asan_memset+0x34/0x78 [ 16.910498] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.910644] kunit_try_run_case+0x170/0x3f0 [ 16.910737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.910887] kthread+0x328/0x630 [ 16.910992] ret_from_fork+0x10/0x20 [ 16.911364] [ 16.911425] Allocated by task 185: [ 16.911492] kasan_save_stack+0x3c/0x68 [ 16.911546] kasan_save_track+0x20/0x40 [ 16.911618] kasan_save_alloc_info+0x40/0x58 [ 16.911674] __kasan_kmalloc+0xd4/0xd8 [ 16.911711] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.911759] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.911796] kunit_try_run_case+0x170/0x3f0 [ 16.911833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.911875] kthread+0x328/0x630 [ 16.911923] ret_from_fork+0x10/0x20 [ 16.911971] [ 16.911998] The buggy address belongs to the object at fff00000c748a900 [ 16.911998] which belongs to the cache kmalloc-128 of size 128 [ 16.912056] The buggy address is located 113 bytes inside of [ 16.912056] allocated 120-byte region [fff00000c748a900, fff00000c748a978) [ 16.912117] [ 16.912145] The buggy address belongs to the physical page: [ 16.912181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.912254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.912303] page_type: f5(slab) [ 16.912352] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.912411] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.912451] page dumped because: kasan: bad access detected [ 16.912481] [ 16.912499] Memory state around the buggy address: [ 16.912530] fff00000c748a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.912571] fff00000c748a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.912620] >fff00000c748a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.912666] ^ [ 16.912705] fff00000c748a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.912756] fff00000c748aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.912793] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.888187] ================================================================== [ 16.888251] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.888314] Write of size 4 at addr fff00000c748a875 by task kunit_try_catch/183 [ 16.888908] [ 16.889135] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.889233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.889338] Hardware name: linux,dummy-virt (DT) [ 16.889372] Call trace: [ 16.889430] show_stack+0x20/0x38 (C) [ 16.889494] dump_stack_lvl+0x8c/0xd0 [ 16.889787] print_report+0x118/0x608 [ 16.889863] kasan_report+0xdc/0x128 [ 16.890225] kasan_check_range+0x100/0x1a8 [ 16.890344] __asan_memset+0x34/0x78 [ 16.890437] kmalloc_oob_memset_4+0x150/0x300 [ 16.890583] kunit_try_run_case+0x170/0x3f0 [ 16.890672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.890870] kthread+0x328/0x630 [ 16.891122] ret_from_fork+0x10/0x20 [ 16.891198] [ 16.891334] Allocated by task 183: [ 16.891416] kasan_save_stack+0x3c/0x68 [ 16.891494] kasan_save_track+0x20/0x40 [ 16.891648] kasan_save_alloc_info+0x40/0x58 [ 16.891797] __kasan_kmalloc+0xd4/0xd8 [ 16.891837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.891918] kmalloc_oob_memset_4+0xb0/0x300 [ 16.892307] kunit_try_run_case+0x170/0x3f0 [ 16.892469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.892553] kthread+0x328/0x630 [ 16.892691] ret_from_fork+0x10/0x20 [ 16.892731] [ 16.892769] The buggy address belongs to the object at fff00000c748a800 [ 16.892769] which belongs to the cache kmalloc-128 of size 128 [ 16.892868] The buggy address is located 117 bytes inside of [ 16.892868] allocated 120-byte region [fff00000c748a800, fff00000c748a878) [ 16.893140] [ 16.893275] The buggy address belongs to the physical page: [ 16.894185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.894251] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.894357] page_type: f5(slab) [ 16.894420] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.894503] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.894561] page dumped because: kasan: bad access detected [ 16.894835] [ 16.895222] Memory state around the buggy address: [ 16.895395] fff00000c748a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.895469] fff00000c748a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.895659] >fff00000c748a800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.895769] ^ [ 16.895993] fff00000c748a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.896072] fff00000c748a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.896125] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.868539] ================================================================== [ 16.868679] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.868743] Write of size 2 at addr fff00000c748a777 by task kunit_try_catch/181 [ 16.868793] [ 16.868837] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.868936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.868962] Hardware name: linux,dummy-virt (DT) [ 16.869233] Call trace: [ 16.869273] show_stack+0x20/0x38 (C) [ 16.869338] dump_stack_lvl+0x8c/0xd0 [ 16.869679] print_report+0x118/0x608 [ 16.869845] kasan_report+0xdc/0x128 [ 16.869920] kasan_check_range+0x100/0x1a8 [ 16.869980] __asan_memset+0x34/0x78 [ 16.870033] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.870079] kunit_try_run_case+0x170/0x3f0 [ 16.870128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.870179] kthread+0x328/0x630 [ 16.870242] ret_from_fork+0x10/0x20 [ 16.870302] [ 16.870321] Allocated by task 181: [ 16.870350] kasan_save_stack+0x3c/0x68 [ 16.870391] kasan_save_track+0x20/0x40 [ 16.870428] kasan_save_alloc_info+0x40/0x58 [ 16.870473] __kasan_kmalloc+0xd4/0xd8 [ 16.870525] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.870565] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.870602] kunit_try_run_case+0x170/0x3f0 [ 16.870639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.870681] kthread+0x328/0x630 [ 16.870713] ret_from_fork+0x10/0x20 [ 16.870748] [ 16.870767] The buggy address belongs to the object at fff00000c748a700 [ 16.870767] which belongs to the cache kmalloc-128 of size 128 [ 16.870824] The buggy address is located 119 bytes inside of [ 16.870824] allocated 120-byte region [fff00000c748a700, fff00000c748a778) [ 16.870893] [ 16.870914] The buggy address belongs to the physical page: [ 16.871617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.871843] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.871973] page_type: f5(slab) [ 16.872138] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.872375] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.872484] page dumped because: kasan: bad access detected [ 16.872778] [ 16.872981] Memory state around the buggy address: [ 16.873087] fff00000c748a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.873173] fff00000c748a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.873571] >fff00000c748a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.873699] ^ [ 16.873777] fff00000c748a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.873987] fff00000c748a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.874078] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.848725] ================================================================== [ 16.848819] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.849277] Write of size 128 at addr fff00000c748a600 by task kunit_try_catch/179 [ 16.849564] [ 16.849815] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.850119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850180] Hardware name: linux,dummy-virt (DT) [ 16.850314] Call trace: [ 16.850378] show_stack+0x20/0x38 (C) [ 16.850464] dump_stack_lvl+0x8c/0xd0 [ 16.850595] print_report+0x118/0x608 [ 16.850646] kasan_report+0xdc/0x128 [ 16.850691] kasan_check_range+0x100/0x1a8 [ 16.850739] __asan_memset+0x34/0x78 [ 16.850782] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.851217] kunit_try_run_case+0x170/0x3f0 [ 16.851388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.851478] kthread+0x328/0x630 [ 16.851620] ret_from_fork+0x10/0x20 [ 16.851683] [ 16.851701] Allocated by task 179: [ 16.851740] kasan_save_stack+0x3c/0x68 [ 16.852122] kasan_save_track+0x20/0x40 [ 16.852237] kasan_save_alloc_info+0x40/0x58 [ 16.852321] __kasan_kmalloc+0xd4/0xd8 [ 16.852361] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.852441] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.852856] kunit_try_run_case+0x170/0x3f0 [ 16.852995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.853066] kthread+0x328/0x630 [ 16.853137] ret_from_fork+0x10/0x20 [ 16.853306] [ 16.853522] The buggy address belongs to the object at fff00000c748a600 [ 16.853522] which belongs to the cache kmalloc-128 of size 128 [ 16.853689] The buggy address is located 0 bytes inside of [ 16.853689] allocated 120-byte region [fff00000c748a600, fff00000c748a678) [ 16.853808] [ 16.853960] The buggy address belongs to the physical page: [ 16.854027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.854146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.854196] page_type: f5(slab) [ 16.854360] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.854626] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854764] page dumped because: kasan: bad access detected [ 16.854824] [ 16.854875] Memory state around the buggy address: [ 16.855011] fff00000c748a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.855085] fff00000c748a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855143] >fff00000c748a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.855193] ^ [ 16.855531] fff00000c748a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855626] fff00000c748a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855740] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.829362] ================================================================== [ 16.829426] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.829483] Read of size 16 at addr fff00000c11936c0 by task kunit_try_catch/177 [ 16.829534] [ 16.829998] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.830208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.830277] Hardware name: linux,dummy-virt (DT) [ 16.830477] Call trace: [ 16.830503] show_stack+0x20/0x38 (C) [ 16.830560] dump_stack_lvl+0x8c/0xd0 [ 16.830612] print_report+0x118/0x608 [ 16.830659] kasan_report+0xdc/0x128 [ 16.830804] __asan_report_load16_noabort+0x20/0x30 [ 16.830884] kmalloc_uaf_16+0x3bc/0x438 [ 16.831012] kunit_try_run_case+0x170/0x3f0 [ 16.831072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.831268] kthread+0x328/0x630 [ 16.831322] ret_from_fork+0x10/0x20 [ 16.831492] [ 16.831552] Allocated by task 177: [ 16.831652] kasan_save_stack+0x3c/0x68 [ 16.831696] kasan_save_track+0x20/0x40 [ 16.831871] kasan_save_alloc_info+0x40/0x58 [ 16.831919] __kasan_kmalloc+0xd4/0xd8 [ 16.832224] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.832301] kmalloc_uaf_16+0x140/0x438 [ 16.832404] kunit_try_run_case+0x170/0x3f0 [ 16.832481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.832525] kthread+0x328/0x630 [ 16.832843] ret_from_fork+0x10/0x20 [ 16.832971] [ 16.833043] Freed by task 177: [ 16.833134] kasan_save_stack+0x3c/0x68 [ 16.833212] kasan_save_track+0x20/0x40 [ 16.833377] kasan_save_free_info+0x4c/0x78 [ 16.833601] __kasan_slab_free+0x6c/0x98 [ 16.833700] kfree+0x214/0x3c8 [ 16.833736] kmalloc_uaf_16+0x190/0x438 [ 16.833800] kunit_try_run_case+0x170/0x3f0 [ 16.834113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.834212] kthread+0x328/0x630 [ 16.834331] ret_from_fork+0x10/0x20 [ 16.834381] [ 16.834400] The buggy address belongs to the object at fff00000c11936c0 [ 16.834400] which belongs to the cache kmalloc-16 of size 16 [ 16.834464] The buggy address is located 0 bytes inside of [ 16.834464] freed 16-byte region [fff00000c11936c0, fff00000c11936d0) [ 16.834669] [ 16.834832] The buggy address belongs to the physical page: [ 16.834941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101193 [ 16.835027] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.835093] page_type: f5(slab) [ 16.835294] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 16.835359] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.835506] page dumped because: kasan: bad access detected [ 16.835586] [ 16.835695] Memory state around the buggy address: [ 16.835754] fff00000c1193580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.836064] fff00000c1193600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.836145] >fff00000c1193680: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 16.836281] ^ [ 16.836347] fff00000c1193700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836470] fff00000c1193780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836562] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.816682] ================================================================== [ 16.816753] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.817010] Write of size 16 at addr fff00000c1193660 by task kunit_try_catch/175 [ 16.817089] [ 16.817135] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.817298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.817327] Hardware name: linux,dummy-virt (DT) [ 16.817359] Call trace: [ 16.817399] show_stack+0x20/0x38 (C) [ 16.817631] dump_stack_lvl+0x8c/0xd0 [ 16.817802] print_report+0x118/0x608 [ 16.817857] kasan_report+0xdc/0x128 [ 16.817911] __asan_report_store16_noabort+0x20/0x30 [ 16.817970] kmalloc_oob_16+0x3a0/0x3f8 [ 16.818015] kunit_try_run_case+0x170/0x3f0 [ 16.818177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.818427] kthread+0x328/0x630 [ 16.818578] ret_from_fork+0x10/0x20 [ 16.818744] [ 16.818794] Allocated by task 175: [ 16.818861] kasan_save_stack+0x3c/0x68 [ 16.819028] kasan_save_track+0x20/0x40 [ 16.819105] kasan_save_alloc_info+0x40/0x58 [ 16.819149] __kasan_kmalloc+0xd4/0xd8 [ 16.819192] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.819232] kmalloc_oob_16+0xb4/0x3f8 [ 16.819267] kunit_try_run_case+0x170/0x3f0 [ 16.819304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.819405] kthread+0x328/0x630 [ 16.819460] ret_from_fork+0x10/0x20 [ 16.819495] [ 16.819514] The buggy address belongs to the object at fff00000c1193660 [ 16.819514] which belongs to the cache kmalloc-16 of size 16 [ 16.819581] The buggy address is located 0 bytes inside of [ 16.819581] allocated 13-byte region [fff00000c1193660, fff00000c119366d) [ 16.819647] [ 16.819678] The buggy address belongs to the physical page: [ 16.819718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101193 [ 16.819773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.819832] page_type: f5(slab) [ 16.819881] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 16.820184] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.820402] page dumped because: kasan: bad access detected [ 16.820475] [ 16.820599] Memory state around the buggy address: [ 16.820644] fff00000c1193500: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 16.820689] fff00000c1193580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.820774] >fff00000c1193600: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 16.821018] ^ [ 16.821095] fff00000c1193680: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.821307] fff00000c1193700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.821607] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.799647] ================================================================== [ 16.799702] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.799756] Read of size 1 at addr fff00000c176ba00 by task kunit_try_catch/173 [ 16.799807] [ 16.800084] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.800302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.800332] Hardware name: linux,dummy-virt (DT) [ 16.800407] Call trace: [ 16.800593] show_stack+0x20/0x38 (C) [ 16.800792] dump_stack_lvl+0x8c/0xd0 [ 16.800856] print_report+0x118/0x608 [ 16.800966] kasan_report+0xdc/0x128 [ 16.801018] __asan_report_load1_noabort+0x20/0x30 [ 16.801065] krealloc_uaf+0x4c8/0x520 [ 16.801110] kunit_try_run_case+0x170/0x3f0 [ 16.801163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.801399] kthread+0x328/0x630 [ 16.801486] ret_from_fork+0x10/0x20 [ 16.801552] [ 16.801576] Allocated by task 173: [ 16.801741] kasan_save_stack+0x3c/0x68 [ 16.801817] kasan_save_track+0x20/0x40 [ 16.802029] kasan_save_alloc_info+0x40/0x58 [ 16.802141] __kasan_kmalloc+0xd4/0xd8 [ 16.802324] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.802492] krealloc_uaf+0xc8/0x520 [ 16.802629] kunit_try_run_case+0x170/0x3f0 [ 16.802672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.803070] kthread+0x328/0x630 [ 16.803172] ret_from_fork+0x10/0x20 [ 16.803246] [ 16.803344] Freed by task 173: [ 16.803402] kasan_save_stack+0x3c/0x68 [ 16.803485] kasan_save_track+0x20/0x40 [ 16.803636] kasan_save_free_info+0x4c/0x78 [ 16.803828] __kasan_slab_free+0x6c/0x98 [ 16.803954] kfree+0x214/0x3c8 [ 16.804131] krealloc_uaf+0x12c/0x520 [ 16.804274] kunit_try_run_case+0x170/0x3f0 [ 16.804352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.804413] kthread+0x328/0x630 [ 16.804445] ret_from_fork+0x10/0x20 [ 16.804698] [ 16.804859] The buggy address belongs to the object at fff00000c176ba00 [ 16.804859] which belongs to the cache kmalloc-256 of size 256 [ 16.805006] The buggy address is located 0 bytes inside of [ 16.805006] freed 256-byte region [fff00000c176ba00, fff00000c176bb00) [ 16.805097] [ 16.805216] The buggy address belongs to the physical page: [ 16.805282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.805575] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.805697] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.805778] page_type: f5(slab) [ 16.805942] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.806015] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.806133] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.806184] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.806342] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.806439] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.806636] page dumped because: kasan: bad access detected [ 16.806745] [ 16.806944] Memory state around the buggy address: [ 16.807056] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.807193] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.807259] >fff00000c176ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.807318] ^ [ 16.807437] fff00000c176ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.807481] fff00000c176bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.807554] ================================================================== [ 16.792308] ================================================================== [ 16.792391] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.792450] Read of size 1 at addr fff00000c176ba00 by task kunit_try_catch/173 [ 16.792516] [ 16.792700] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.792848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.793001] Hardware name: linux,dummy-virt (DT) [ 16.793060] Call trace: [ 16.793100] show_stack+0x20/0x38 (C) [ 16.793154] dump_stack_lvl+0x8c/0xd0 [ 16.793310] print_report+0x118/0x608 [ 16.793394] kasan_report+0xdc/0x128 [ 16.793577] __kasan_check_byte+0x54/0x70 [ 16.793643] krealloc_noprof+0x44/0x360 [ 16.793710] krealloc_uaf+0x180/0x520 [ 16.793787] kunit_try_run_case+0x170/0x3f0 [ 16.793854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.793923] kthread+0x328/0x630 [ 16.793984] ret_from_fork+0x10/0x20 [ 16.794033] [ 16.794066] Allocated by task 173: [ 16.794096] kasan_save_stack+0x3c/0x68 [ 16.794137] kasan_save_track+0x20/0x40 [ 16.794175] kasan_save_alloc_info+0x40/0x58 [ 16.794334] __kasan_kmalloc+0xd4/0xd8 [ 16.794371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.794484] krealloc_uaf+0xc8/0x520 [ 16.794660] kunit_try_run_case+0x170/0x3f0 [ 16.794750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.794870] kthread+0x328/0x630 [ 16.794914] ret_from_fork+0x10/0x20 [ 16.794960] [ 16.794988] Freed by task 173: [ 16.795323] kasan_save_stack+0x3c/0x68 [ 16.795407] kasan_save_track+0x20/0x40 [ 16.795478] kasan_save_free_info+0x4c/0x78 [ 16.795579] __kasan_slab_free+0x6c/0x98 [ 16.795618] kfree+0x214/0x3c8 [ 16.795651] krealloc_uaf+0x12c/0x520 [ 16.795879] kunit_try_run_case+0x170/0x3f0 [ 16.795990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.796036] kthread+0x328/0x630 [ 16.796069] ret_from_fork+0x10/0x20 [ 16.796158] [ 16.796425] The buggy address belongs to the object at fff00000c176ba00 [ 16.796425] which belongs to the cache kmalloc-256 of size 256 [ 16.796607] The buggy address is located 0 bytes inside of [ 16.796607] freed 256-byte region [fff00000c176ba00, fff00000c176bb00) [ 16.796682] [ 16.796702] The buggy address belongs to the physical page: [ 16.796766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.796910] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.796969] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.797135] page_type: f5(slab) [ 16.797193] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.797244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.797305] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.797353] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.797401] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.797448] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.797487] page dumped because: kasan: bad access detected [ 16.797527] [ 16.797545] Memory state around the buggy address: [ 16.797582] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797624] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797666] >fff00000c176ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.797703] ^ [ 16.797730] fff00000c176ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.797770] fff00000c176bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797807] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.717542] ================================================================== [ 16.717716] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.717845] Write of size 1 at addr fff00000c176b8da by task kunit_try_catch/167 [ 16.717894] [ 16.717934] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.718180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.718434] Hardware name: linux,dummy-virt (DT) [ 16.718517] Call trace: [ 16.718540] show_stack+0x20/0x38 (C) [ 16.718592] dump_stack_lvl+0x8c/0xd0 [ 16.718664] print_report+0x118/0x608 [ 16.718719] kasan_report+0xdc/0x128 [ 16.718766] __asan_report_store1_noabort+0x20/0x30 [ 16.719102] krealloc_less_oob_helper+0xa80/0xc50 [ 16.719183] krealloc_less_oob+0x20/0x38 [ 16.719228] kunit_try_run_case+0x170/0x3f0 [ 16.719282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.719522] kthread+0x328/0x630 [ 16.719823] ret_from_fork+0x10/0x20 [ 16.719884] [ 16.719904] Allocated by task 167: [ 16.719943] kasan_save_stack+0x3c/0x68 [ 16.719985] kasan_save_track+0x20/0x40 [ 16.720022] kasan_save_alloc_info+0x40/0x58 [ 16.720098] __kasan_krealloc+0x118/0x178 [ 16.720242] krealloc_noprof+0x128/0x360 [ 16.720280] krealloc_less_oob_helper+0x168/0xc50 [ 16.720451] krealloc_less_oob+0x20/0x38 [ 16.720615] kunit_try_run_case+0x170/0x3f0 [ 16.720653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.720696] kthread+0x328/0x630 [ 16.720728] ret_from_fork+0x10/0x20 [ 16.720762] [ 16.720780] The buggy address belongs to the object at fff00000c176b800 [ 16.720780] which belongs to the cache kmalloc-256 of size 256 [ 16.720881] The buggy address is located 17 bytes to the right of [ 16.720881] allocated 201-byte region [fff00000c176b800, fff00000c176b8c9) [ 16.720961] [ 16.720982] The buggy address belongs to the physical page: [ 16.721015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.721069] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.721115] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.721386] page_type: f5(slab) [ 16.721655] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.721707] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.721756] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.721805] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.722274] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.722410] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.722557] page dumped because: kasan: bad access detected [ 16.722620] [ 16.722700] Memory state around the buggy address: [ 16.722738] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.722781] fff00000c176b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.722823] >fff00000c176b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.722862] ^ [ 16.722979] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.723022] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.723060] ================================================================== [ 16.708747] ================================================================== [ 16.708959] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.709065] Write of size 1 at addr fff00000c176b8d0 by task kunit_try_catch/167 [ 16.709250] [ 16.709391] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.709601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.709722] Hardware name: linux,dummy-virt (DT) [ 16.709871] Call trace: [ 16.709893] show_stack+0x20/0x38 (C) [ 16.710200] dump_stack_lvl+0x8c/0xd0 [ 16.710356] print_report+0x118/0x608 [ 16.710404] kasan_report+0xdc/0x128 [ 16.710725] __asan_report_store1_noabort+0x20/0x30 [ 16.711029] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.711305] krealloc_less_oob+0x20/0x38 [ 16.711356] kunit_try_run_case+0x170/0x3f0 [ 16.711405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.711599] kthread+0x328/0x630 [ 16.711641] ret_from_fork+0x10/0x20 [ 16.711794] [ 16.711815] Allocated by task 167: [ 16.711946] kasan_save_stack+0x3c/0x68 [ 16.711993] kasan_save_track+0x20/0x40 [ 16.712303] kasan_save_alloc_info+0x40/0x58 [ 16.712442] __kasan_krealloc+0x118/0x178 [ 16.712480] krealloc_noprof+0x128/0x360 [ 16.712557] krealloc_less_oob_helper+0x168/0xc50 [ 16.712717] krealloc_less_oob+0x20/0x38 [ 16.712754] kunit_try_run_case+0x170/0x3f0 [ 16.712832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.713247] kthread+0x328/0x630 [ 16.713284] ret_from_fork+0x10/0x20 [ 16.713521] [ 16.713540] The buggy address belongs to the object at fff00000c176b800 [ 16.713540] which belongs to the cache kmalloc-256 of size 256 [ 16.713866] The buggy address is located 7 bytes to the right of [ 16.713866] allocated 201-byte region [fff00000c176b800, fff00000c176b8c9) [ 16.714182] [ 16.714204] The buggy address belongs to the physical page: [ 16.714236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.714483] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.714556] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.714834] page_type: f5(slab) [ 16.714878] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.714941] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.714991] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.715039] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.715088] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.715135] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.715174] page dumped because: kasan: bad access detected [ 16.715204] [ 16.715223] Memory state around the buggy address: [ 16.715253] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715294] fff00000c176b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.715336] >fff00000c176b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.715375] ^ [ 16.715422] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715463] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715624] ================================================================== [ 16.779744] ================================================================== [ 16.779792] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.779882] Write of size 1 at addr fff00000c50b60ea by task kunit_try_catch/171 [ 16.780063] [ 16.780257] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.780427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.780454] Hardware name: linux,dummy-virt (DT) [ 16.780505] Call trace: [ 16.780528] show_stack+0x20/0x38 (C) [ 16.780599] dump_stack_lvl+0x8c/0xd0 [ 16.780812] print_report+0x118/0x608 [ 16.780870] kasan_report+0xdc/0x128 [ 16.781033] __asan_report_store1_noabort+0x20/0x30 [ 16.781164] krealloc_less_oob_helper+0xae4/0xc50 [ 16.781231] krealloc_large_less_oob+0x20/0x38 [ 16.781288] kunit_try_run_case+0x170/0x3f0 [ 16.781353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.781446] kthread+0x328/0x630 [ 16.781506] ret_from_fork+0x10/0x20 [ 16.781563] [ 16.781604] The buggy address belongs to the physical page: [ 16.781654] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.781707] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.781944] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.782199] page_type: f8(unknown) [ 16.782252] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.782369] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.782652] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.782952] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.783052] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.783137] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.783203] page dumped because: kasan: bad access detected [ 16.783235] [ 16.783252] Memory state around the buggy address: [ 16.783283] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.783326] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.783625] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.783667] ^ [ 16.783705] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.783748] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.783785] ================================================================== [ 16.770691] ================================================================== [ 16.770870] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.771004] Write of size 1 at addr fff00000c50b60d0 by task kunit_try_catch/171 [ 16.771055] [ 16.771087] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.771171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.771196] Hardware name: linux,dummy-virt (DT) [ 16.771227] Call trace: [ 16.771492] show_stack+0x20/0x38 (C) [ 16.771565] dump_stack_lvl+0x8c/0xd0 [ 16.771631] print_report+0x118/0x608 [ 16.771678] kasan_report+0xdc/0x128 [ 16.771723] __asan_report_store1_noabort+0x20/0x30 [ 16.771798] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.771881] krealloc_large_less_oob+0x20/0x38 [ 16.771957] kunit_try_run_case+0x170/0x3f0 [ 16.772012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.772085] kthread+0x328/0x630 [ 16.772146] ret_from_fork+0x10/0x20 [ 16.772212] [ 16.772241] The buggy address belongs to the physical page: [ 16.772289] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.772361] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.772419] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.772486] page_type: f8(unknown) [ 16.772526] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.772594] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.772790] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.773013] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.773075] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.773194] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.773253] page dumped because: kasan: bad access detected [ 16.773290] [ 16.773308] Memory state around the buggy address: [ 16.773361] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.773469] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.773515] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.773577] ^ [ 16.773616] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.773657] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.773744] ================================================================== [ 16.702024] ================================================================== [ 16.702199] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.702258] Write of size 1 at addr fff00000c176b8c9 by task kunit_try_catch/167 [ 16.702418] [ 16.702455] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.702635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.702662] Hardware name: linux,dummy-virt (DT) [ 16.702695] Call trace: [ 16.702718] show_stack+0x20/0x38 (C) [ 16.702768] dump_stack_lvl+0x8c/0xd0 [ 16.702817] print_report+0x118/0x608 [ 16.702864] kasan_report+0xdc/0x128 [ 16.703221] __asan_report_store1_noabort+0x20/0x30 [ 16.703398] krealloc_less_oob_helper+0xa48/0xc50 [ 16.703511] krealloc_less_oob+0x20/0x38 [ 16.703725] kunit_try_run_case+0x170/0x3f0 [ 16.703794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.703887] kthread+0x328/0x630 [ 16.703941] ret_from_fork+0x10/0x20 [ 16.704046] [ 16.704103] Allocated by task 167: [ 16.704132] kasan_save_stack+0x3c/0x68 [ 16.704254] kasan_save_track+0x20/0x40 [ 16.704293] kasan_save_alloc_info+0x40/0x58 [ 16.704330] __kasan_krealloc+0x118/0x178 [ 16.704369] krealloc_noprof+0x128/0x360 [ 16.704413] krealloc_less_oob_helper+0x168/0xc50 [ 16.704467] krealloc_less_oob+0x20/0x38 [ 16.704632] kunit_try_run_case+0x170/0x3f0 [ 16.704804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.704869] kthread+0x328/0x630 [ 16.704953] ret_from_fork+0x10/0x20 [ 16.704988] [ 16.705008] The buggy address belongs to the object at fff00000c176b800 [ 16.705008] which belongs to the cache kmalloc-256 of size 256 [ 16.705065] The buggy address is located 0 bytes to the right of [ 16.705065] allocated 201-byte region [fff00000c176b800, fff00000c176b8c9) [ 16.705128] [ 16.705148] The buggy address belongs to the physical page: [ 16.705180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.705577] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.705797] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.706189] page_type: f5(slab) [ 16.706235] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.706285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.706334] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.706421] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.706737] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.706981] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.707058] page dumped because: kasan: bad access detected [ 16.707089] [ 16.707106] Memory state around the buggy address: [ 16.707138] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707416] fff00000c176b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.707463] >fff00000c176b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.707513] ^ [ 16.707575] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707617] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707698] ================================================================== [ 16.784032] ================================================================== [ 16.784073] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.784422] Write of size 1 at addr fff00000c50b60eb by task kunit_try_catch/171 [ 16.784501] [ 16.784540] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.784633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.784668] Hardware name: linux,dummy-virt (DT) [ 16.784701] Call trace: [ 16.784731] show_stack+0x20/0x38 (C) [ 16.784787] dump_stack_lvl+0x8c/0xd0 [ 16.784835] print_report+0x118/0x608 [ 16.784881] kasan_report+0xdc/0x128 [ 16.784939] __asan_report_store1_noabort+0x20/0x30 [ 16.784987] krealloc_less_oob_helper+0xa58/0xc50 [ 16.785035] krealloc_large_less_oob+0x20/0x38 [ 16.785083] kunit_try_run_case+0x170/0x3f0 [ 16.785139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.785191] kthread+0x328/0x630 [ 16.785233] ret_from_fork+0x10/0x20 [ 16.785280] [ 16.785300] The buggy address belongs to the physical page: [ 16.785331] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.785384] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.785432] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.785482] page_type: f8(unknown) [ 16.785521] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.785575] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.785623] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.785671] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.785718] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.785765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.785804] page dumped because: kasan: bad access detected [ 16.785841] [ 16.785859] Memory state around the buggy address: [ 16.785888] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.785938] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.785979] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.786015] ^ [ 16.786052] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.786094] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.786130] ================================================================== [ 16.773799] ================================================================== [ 16.773833] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.773885] Write of size 1 at addr fff00000c50b60da by task kunit_try_catch/171 [ 16.774144] [ 16.774356] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.774521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.774602] Hardware name: linux,dummy-virt (DT) [ 16.774678] Call trace: [ 16.774801] show_stack+0x20/0x38 (C) [ 16.774897] dump_stack_lvl+0x8c/0xd0 [ 16.775044] print_report+0x118/0x608 [ 16.775091] kasan_report+0xdc/0x128 [ 16.775161] __asan_report_store1_noabort+0x20/0x30 [ 16.775209] krealloc_less_oob_helper+0xa80/0xc50 [ 16.775426] krealloc_large_less_oob+0x20/0x38 [ 16.775599] kunit_try_run_case+0x170/0x3f0 [ 16.775696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.775817] kthread+0x328/0x630 [ 16.775870] ret_from_fork+0x10/0x20 [ 16.775959] [ 16.776188] The buggy address belongs to the physical page: [ 16.776327] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.776439] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.776530] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.776689] page_type: f8(unknown) [ 16.776748] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.776826] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.776994] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.777087] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.777136] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.777358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.777496] page dumped because: kasan: bad access detected [ 16.777642] [ 16.777734] Memory state around the buggy address: [ 16.777861] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.777962] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.778092] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.778204] ^ [ 16.778290] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.778405] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.778443] ================================================================== [ 16.730876] ================================================================== [ 16.730923] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.730988] Write of size 1 at addr fff00000c176b8eb by task kunit_try_catch/167 [ 16.731066] [ 16.731098] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.731372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.731401] Hardware name: linux,dummy-virt (DT) [ 16.731431] Call trace: [ 16.731453] show_stack+0x20/0x38 (C) [ 16.731687] dump_stack_lvl+0x8c/0xd0 [ 16.731859] print_report+0x118/0x608 [ 16.731970] kasan_report+0xdc/0x128 [ 16.732108] __asan_report_store1_noabort+0x20/0x30 [ 16.732157] krealloc_less_oob_helper+0xa58/0xc50 [ 16.732211] krealloc_less_oob+0x20/0x38 [ 16.732356] kunit_try_run_case+0x170/0x3f0 [ 16.732427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.732479] kthread+0x328/0x630 [ 16.732521] ret_from_fork+0x10/0x20 [ 16.732573] [ 16.732655] Allocated by task 167: [ 16.732705] kasan_save_stack+0x3c/0x68 [ 16.732820] kasan_save_track+0x20/0x40 [ 16.732948] kasan_save_alloc_info+0x40/0x58 [ 16.732984] __kasan_krealloc+0x118/0x178 [ 16.733021] krealloc_noprof+0x128/0x360 [ 16.733058] krealloc_less_oob_helper+0x168/0xc50 [ 16.733122] krealloc_less_oob+0x20/0x38 [ 16.733442] kunit_try_run_case+0x170/0x3f0 [ 16.733496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.733539] kthread+0x328/0x630 [ 16.733699] ret_from_fork+0x10/0x20 [ 16.733742] [ 16.733761] The buggy address belongs to the object at fff00000c176b800 [ 16.733761] which belongs to the cache kmalloc-256 of size 256 [ 16.733818] The buggy address is located 34 bytes to the right of [ 16.733818] allocated 201-byte region [fff00000c176b800, fff00000c176b8c9) [ 16.734095] [ 16.734294] The buggy address belongs to the physical page: [ 16.734329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.734383] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.734545] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.734596] page_type: f5(slab) [ 16.734691] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.734774] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.734847] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.734895] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.734955] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.735026] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.735065] page dumped because: kasan: bad access detected [ 16.735095] [ 16.735115] Memory state around the buggy address: [ 16.735145] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735186] fff00000c176b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.735228] >fff00000c176b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.735556] ^ [ 16.735601] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735644] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735707] ================================================================== [ 16.723770] ================================================================== [ 16.723907] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.724376] Write of size 1 at addr fff00000c176b8ea by task kunit_try_catch/167 [ 16.724697] [ 16.724838] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.725043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.725076] Hardware name: linux,dummy-virt (DT) [ 16.725107] Call trace: [ 16.725129] show_stack+0x20/0x38 (C) [ 16.725180] dump_stack_lvl+0x8c/0xd0 [ 16.725233] print_report+0x118/0x608 [ 16.725461] kasan_report+0xdc/0x128 [ 16.725619] __asan_report_store1_noabort+0x20/0x30 [ 16.725758] krealloc_less_oob_helper+0xae4/0xc50 [ 16.725852] krealloc_less_oob+0x20/0x38 [ 16.725896] kunit_try_run_case+0x170/0x3f0 [ 16.725954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.726006] kthread+0x328/0x630 [ 16.726077] ret_from_fork+0x10/0x20 [ 16.726124] [ 16.726334] Allocated by task 167: [ 16.726454] kasan_save_stack+0x3c/0x68 [ 16.726881] kasan_save_track+0x20/0x40 [ 16.726944] kasan_save_alloc_info+0x40/0x58 [ 16.726981] __kasan_krealloc+0x118/0x178 [ 16.727082] krealloc_noprof+0x128/0x360 [ 16.727120] krealloc_less_oob_helper+0x168/0xc50 [ 16.727172] krealloc_less_oob+0x20/0x38 [ 16.727209] kunit_try_run_case+0x170/0x3f0 [ 16.727305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.727377] kthread+0x328/0x630 [ 16.727410] ret_from_fork+0x10/0x20 [ 16.727531] [ 16.727551] The buggy address belongs to the object at fff00000c176b800 [ 16.727551] which belongs to the cache kmalloc-256 of size 256 [ 16.727608] The buggy address is located 33 bytes to the right of [ 16.727608] allocated 201-byte region [fff00000c176b800, fff00000c176b8c9) [ 16.727672] [ 16.727692] The buggy address belongs to the physical page: [ 16.727724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.727776] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.727824] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.727895] page_type: f5(slab) [ 16.727943] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.727993] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.728043] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.728144] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.728346] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.728573] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.728613] page dumped because: kasan: bad access detected [ 16.728731] [ 16.728761] Memory state around the buggy address: [ 16.728791] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728833] fff00000c176b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.729442] >fff00000c176b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.729556] ^ [ 16.729603] fff00000c176b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.729655] fff00000c176b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.729696] ================================================================== [ 16.765950] ================================================================== [ 16.766011] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.766647] Write of size 1 at addr fff00000c50b60c9 by task kunit_try_catch/171 [ 16.766699] [ 16.766898] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.767403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.767772] Hardware name: linux,dummy-virt (DT) [ 16.767826] Call trace: [ 16.767849] show_stack+0x20/0x38 (C) [ 16.768065] dump_stack_lvl+0x8c/0xd0 [ 16.768155] print_report+0x118/0x608 [ 16.768227] kasan_report+0xdc/0x128 [ 16.768298] __asan_report_store1_noabort+0x20/0x30 [ 16.768494] krealloc_less_oob_helper+0xa48/0xc50 [ 16.768548] krealloc_large_less_oob+0x20/0x38 [ 16.768603] kunit_try_run_case+0x170/0x3f0 [ 16.768653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.768705] kthread+0x328/0x630 [ 16.768797] ret_from_fork+0x10/0x20 [ 16.768850] [ 16.768877] The buggy address belongs to the physical page: [ 16.768912] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.769000] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.769049] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.769103] page_type: f8(unknown) [ 16.769144] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.769204] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.769254] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.769327] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.769376] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.769424] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.769463] page dumped because: kasan: bad access detected [ 16.769495] [ 16.769528] Memory state around the buggy address: [ 16.769559] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.769605] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.769657] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.769695] ^ [ 16.769740] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.769783] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.769835] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.678763] ================================================================== [ 16.678854] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.678920] Write of size 1 at addr fff00000c176b6eb by task kunit_try_catch/165 [ 16.679008] [ 16.679057] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.679144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.679189] Hardware name: linux,dummy-virt (DT) [ 16.679221] Call trace: [ 16.679245] show_stack+0x20/0x38 (C) [ 16.679295] dump_stack_lvl+0x8c/0xd0 [ 16.679493] print_report+0x118/0x608 [ 16.679555] kasan_report+0xdc/0x128 [ 16.679625] __asan_report_store1_noabort+0x20/0x30 [ 16.679718] krealloc_more_oob_helper+0x60c/0x678 [ 16.679825] krealloc_more_oob+0x20/0x38 [ 16.679917] kunit_try_run_case+0x170/0x3f0 [ 16.680053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.680164] kthread+0x328/0x630 [ 16.680245] ret_from_fork+0x10/0x20 [ 16.680381] [ 16.680443] Allocated by task 165: [ 16.680501] kasan_save_stack+0x3c/0x68 [ 16.680607] kasan_save_track+0x20/0x40 [ 16.680695] kasan_save_alloc_info+0x40/0x58 [ 16.680732] __kasan_krealloc+0x118/0x178 [ 16.680769] krealloc_noprof+0x128/0x360 [ 16.681089] krealloc_more_oob_helper+0x168/0x678 [ 16.681196] krealloc_more_oob+0x20/0x38 [ 16.681285] kunit_try_run_case+0x170/0x3f0 [ 16.681371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.681488] kthread+0x328/0x630 [ 16.681547] ret_from_fork+0x10/0x20 [ 16.681623] [ 16.681720] The buggy address belongs to the object at fff00000c176b600 [ 16.681720] which belongs to the cache kmalloc-256 of size 256 [ 16.681818] The buggy address is located 0 bytes to the right of [ 16.681818] allocated 235-byte region [fff00000c176b600, fff00000c176b6eb) [ 16.681893] [ 16.682074] The buggy address belongs to the physical page: [ 16.682293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.682406] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.682492] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.682570] page_type: f5(slab) [ 16.682621] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.682848] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.683005] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.683106] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.683239] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.683318] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.683402] page dumped because: kasan: bad access detected [ 16.683504] [ 16.683558] Memory state around the buggy address: [ 16.683633] fff00000c176b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.683734] fff00000c176b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.683803] >fff00000c176b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.683912] ^ [ 16.683981] fff00000c176b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684046] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684248] ================================================================== [ 16.751376] ================================================================== [ 16.751616] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.752223] Write of size 1 at addr fff00000c50b60f0 by task kunit_try_catch/169 [ 16.752528] [ 16.752560] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.752984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.753013] Hardware name: linux,dummy-virt (DT) [ 16.753232] Call trace: [ 16.753262] show_stack+0x20/0x38 (C) [ 16.753320] dump_stack_lvl+0x8c/0xd0 [ 16.753368] print_report+0x118/0x608 [ 16.753415] kasan_report+0xdc/0x128 [ 16.753460] __asan_report_store1_noabort+0x20/0x30 [ 16.753507] krealloc_more_oob_helper+0x5c0/0x678 [ 16.753556] krealloc_large_more_oob+0x20/0x38 [ 16.753608] kunit_try_run_case+0x170/0x3f0 [ 16.753655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.753706] kthread+0x328/0x630 [ 16.753747] ret_from_fork+0x10/0x20 [ 16.753794] [ 16.753814] The buggy address belongs to the physical page: [ 16.754227] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.754533] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.754735] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.754902] page_type: f8(unknown) [ 16.754973] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.755024] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.755096] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.755145] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.755262] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.755311] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.755351] page dumped because: kasan: bad access detected [ 16.755381] [ 16.755399] Memory state around the buggy address: [ 16.755431] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.755480] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.755524] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.755672] ^ [ 16.755803] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.755846] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.755884] ================================================================== [ 16.685198] ================================================================== [ 16.685245] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.685494] Write of size 1 at addr fff00000c176b6f0 by task kunit_try_catch/165 [ 16.685561] [ 16.685597] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.685681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.685791] Hardware name: linux,dummy-virt (DT) [ 16.685875] Call trace: [ 16.685908] show_stack+0x20/0x38 (C) [ 16.686009] dump_stack_lvl+0x8c/0xd0 [ 16.686114] print_report+0x118/0x608 [ 16.686166] kasan_report+0xdc/0x128 [ 16.686211] __asan_report_store1_noabort+0x20/0x30 [ 16.686577] krealloc_more_oob_helper+0x5c0/0x678 [ 16.686671] krealloc_more_oob+0x20/0x38 [ 16.686718] kunit_try_run_case+0x170/0x3f0 [ 16.686790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.686843] kthread+0x328/0x630 [ 16.686884] ret_from_fork+0x10/0x20 [ 16.686942] [ 16.686960] Allocated by task 165: [ 16.686988] kasan_save_stack+0x3c/0x68 [ 16.687224] kasan_save_track+0x20/0x40 [ 16.687267] kasan_save_alloc_info+0x40/0x58 [ 16.687383] __kasan_krealloc+0x118/0x178 [ 16.687606] krealloc_noprof+0x128/0x360 [ 16.687643] krealloc_more_oob_helper+0x168/0x678 [ 16.687682] krealloc_more_oob+0x20/0x38 [ 16.687718] kunit_try_run_case+0x170/0x3f0 [ 16.687755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.687797] kthread+0x328/0x630 [ 16.687836] ret_from_fork+0x10/0x20 [ 16.688008] [ 16.688028] The buggy address belongs to the object at fff00000c176b600 [ 16.688028] which belongs to the cache kmalloc-256 of size 256 [ 16.688086] The buggy address is located 5 bytes to the right of [ 16.688086] allocated 235-byte region [fff00000c176b600, fff00000c176b6eb) [ 16.688149] [ 16.688169] The buggy address belongs to the physical page: [ 16.688201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10176a [ 16.688253] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.688300] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.688350] page_type: f5(slab) [ 16.688388] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.688437] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.688486] head: 0bfffe0000000040 fff00000c0001b40 dead000000000100 dead000000000122 [ 16.688533] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.688581] head: 0bfffe0000000001 ffffc1ffc305da81 00000000ffffffff 00000000ffffffff [ 16.688629] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.688669] page dumped because: kasan: bad access detected [ 16.688699] [ 16.688716] Memory state around the buggy address: [ 16.688746] fff00000c176b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688788] fff00000c176b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.688829] >fff00000c176b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.688903] ^ [ 16.688951] fff00000c176b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688991] fff00000c176b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689029] ================================================================== [ 16.744545] ================================================================== [ 16.744602] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.744664] Write of size 1 at addr fff00000c50b60eb by task kunit_try_catch/169 [ 16.744714] [ 16.744749] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.744835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.744870] Hardware name: linux,dummy-virt (DT) [ 16.745229] Call trace: [ 16.745324] show_stack+0x20/0x38 (C) [ 16.745739] dump_stack_lvl+0x8c/0xd0 [ 16.745922] print_report+0x118/0x608 [ 16.745983] kasan_report+0xdc/0x128 [ 16.746399] __asan_report_store1_noabort+0x20/0x30 [ 16.746584] krealloc_more_oob_helper+0x60c/0x678 [ 16.746635] krealloc_large_more_oob+0x20/0x38 [ 16.746683] kunit_try_run_case+0x170/0x3f0 [ 16.746732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.747080] kthread+0x328/0x630 [ 16.747211] ret_from_fork+0x10/0x20 [ 16.747669] [ 16.747711] The buggy address belongs to the physical page: [ 16.747744] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050b4 [ 16.747866] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.747915] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.748017] page_type: f8(unknown) [ 16.748066] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.748293] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.748403] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.748566] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.748695] head: 0bfffe0000000002 ffffc1ffc3142d01 00000000ffffffff 00000000ffffffff [ 16.748744] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.748783] page dumped because: kasan: bad access detected [ 16.748814] [ 16.748832] Memory state around the buggy address: [ 16.748865] fff00000c50b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.748943] fff00000c50b6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.748984] >fff00000c50b6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.749021] ^ [ 16.749060] fff00000c50b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.749101] fff00000c50b6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.749139] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.670957] ================================================================== [ 16.671047] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.671123] Read of size 1 at addr fff00000c5280000 by task kunit_try_catch/163 [ 16.671299] [ 16.671338] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.671533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.671562] Hardware name: linux,dummy-virt (DT) [ 16.671595] Call trace: [ 16.671617] show_stack+0x20/0x38 (C) [ 16.671700] dump_stack_lvl+0x8c/0xd0 [ 16.671758] print_report+0x118/0x608 [ 16.671807] kasan_report+0xdc/0x128 [ 16.671853] __asan_report_load1_noabort+0x20/0x30 [ 16.671900] page_alloc_uaf+0x328/0x350 [ 16.671976] kunit_try_run_case+0x170/0x3f0 [ 16.672026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.672079] kthread+0x328/0x630 [ 16.672139] ret_from_fork+0x10/0x20 [ 16.672198] [ 16.672218] The buggy address belongs to the physical page: [ 16.672249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105280 [ 16.672381] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.672430] page_type: f0(buddy) [ 16.672630] raw: 0bfffe0000000000 fff00000ff616170 ffffc1ffc31a4008 0000000000000000 [ 16.672705] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 16.672754] page dumped because: kasan: bad access detected [ 16.672793] [ 16.672820] Memory state around the buggy address: [ 16.672854] fff00000c527ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.673021] fff00000c527ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.673067] >fff00000c5280000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.673105] ^ [ 16.673242] fff00000c5280080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.673317] fff00000c5280100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.673368] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 16.655476] ================================================================== [ 16.655593] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.655793] Free of addr fff00000c177c001 by task kunit_try_catch/159 [ 16.655952] [ 16.655998] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.656090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.656116] Hardware name: linux,dummy-virt (DT) [ 16.656325] Call trace: [ 16.656374] show_stack+0x20/0x38 (C) [ 16.656449] dump_stack_lvl+0x8c/0xd0 [ 16.656500] print_report+0x118/0x608 [ 16.656569] kasan_report_invalid_free+0xc0/0xe8 [ 16.656624] __kasan_kfree_large+0x5c/0xa8 [ 16.656688] free_large_kmalloc+0x64/0x190 [ 16.656755] kfree+0x270/0x3c8 [ 16.656808] kmalloc_large_invalid_free+0x108/0x270 [ 16.656857] kunit_try_run_case+0x170/0x3f0 [ 16.656915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.656984] kthread+0x328/0x630 [ 16.657025] ret_from_fork+0x10/0x20 [ 16.657074] [ 16.657121] The buggy address belongs to the physical page: [ 16.657359] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10177c [ 16.657427] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.657473] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.657527] page_type: f8(unknown) [ 16.657697] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.657822] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.657982] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.658086] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.658176] head: 0bfffe0000000002 ffffc1ffc305df01 00000000ffffffff 00000000ffffffff [ 16.658225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.658286] page dumped because: kasan: bad access detected [ 16.658318] [ 16.658336] Memory state around the buggy address: [ 16.658368] fff00000c177bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.658539] fff00000c177bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.658658] >fff00000c177c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.658770] ^ [ 16.658835] fff00000c177c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.658923] fff00000c177c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.659001] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.645083] ================================================================== [ 16.645159] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.645523] Read of size 1 at addr fff00000c177c000 by task kunit_try_catch/157 [ 16.645646] [ 16.645726] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.645838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.645865] Hardware name: linux,dummy-virt (DT) [ 16.645898] Call trace: [ 16.645989] show_stack+0x20/0x38 (C) [ 16.646143] dump_stack_lvl+0x8c/0xd0 [ 16.646242] print_report+0x118/0x608 [ 16.646302] kasan_report+0xdc/0x128 [ 16.646348] __asan_report_load1_noabort+0x20/0x30 [ 16.646411] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.646627] kunit_try_run_case+0x170/0x3f0 [ 16.646903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.647023] kthread+0x328/0x630 [ 16.647097] ret_from_fork+0x10/0x20 [ 16.647236] [ 16.647285] The buggy address belongs to the physical page: [ 16.647346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10177c [ 16.647426] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.647524] raw: 0bfffe0000000000 fff00000da495c80 fff00000da495c80 0000000000000000 [ 16.647594] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.647635] page dumped because: kasan: bad access detected [ 16.647938] [ 16.648074] Memory state around the buggy address: [ 16.648144] fff00000c177bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.648289] fff00000c177bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.648369] >fff00000c177c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.648466] ^ [ 16.648577] fff00000c177c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.648644] fff00000c177c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.648697] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.628850] ================================================================== [ 16.629142] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.629217] Write of size 1 at addr fff00000c177a00a by task kunit_try_catch/155 [ 16.629268] [ 16.629307] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.629488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.629581] Hardware name: linux,dummy-virt (DT) [ 16.629654] Call trace: [ 16.629695] show_stack+0x20/0x38 (C) [ 16.629750] dump_stack_lvl+0x8c/0xd0 [ 16.629799] print_report+0x118/0x608 [ 16.629846] kasan_report+0xdc/0x128 [ 16.630103] __asan_report_store1_noabort+0x20/0x30 [ 16.630199] kmalloc_large_oob_right+0x278/0x2b8 [ 16.630259] kunit_try_run_case+0x170/0x3f0 [ 16.630348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.630487] kthread+0x328/0x630 [ 16.630530] ret_from_fork+0x10/0x20 [ 16.630579] [ 16.630619] The buggy address belongs to the physical page: [ 16.630654] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101778 [ 16.630710] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.630969] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.631141] page_type: f8(unknown) [ 16.631515] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.631587] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.631685] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.631757] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.631867] head: 0bfffe0000000002 ffffc1ffc305de01 00000000ffffffff 00000000ffffffff [ 16.631974] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.632049] page dumped because: kasan: bad access detected [ 16.632149] [ 16.632197] Memory state around the buggy address: [ 16.632260] fff00000c1779f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.632591] fff00000c1779f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.632666] >fff00000c177a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.632737] ^ [ 16.632785] fff00000c177a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.632849] fff00000c177a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.632902] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.617264] ================================================================== [ 16.617330] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.617406] Write of size 1 at addr fff00000c6055f00 by task kunit_try_catch/153 [ 16.617542] [ 16.617757] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.617881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.617909] Hardware name: linux,dummy-virt (DT) [ 16.617953] Call trace: [ 16.617983] show_stack+0x20/0x38 (C) [ 16.618064] dump_stack_lvl+0x8c/0xd0 [ 16.618115] print_report+0x118/0x608 [ 16.618285] kasan_report+0xdc/0x128 [ 16.618390] __asan_report_store1_noabort+0x20/0x30 [ 16.618502] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.618616] kunit_try_run_case+0x170/0x3f0 [ 16.618715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.618813] kthread+0x328/0x630 [ 16.618875] ret_from_fork+0x10/0x20 [ 16.618960] [ 16.618980] Allocated by task 153: [ 16.619009] kasan_save_stack+0x3c/0x68 [ 16.619295] kasan_save_track+0x20/0x40 [ 16.619371] kasan_save_alloc_info+0x40/0x58 [ 16.619453] __kasan_kmalloc+0xd4/0xd8 [ 16.619545] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.619650] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.619699] kunit_try_run_case+0x170/0x3f0 [ 16.619738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.619907] kthread+0x328/0x630 [ 16.620095] ret_from_fork+0x10/0x20 [ 16.620185] [ 16.620224] The buggy address belongs to the object at fff00000c6054000 [ 16.620224] which belongs to the cache kmalloc-8k of size 8192 [ 16.620300] The buggy address is located 0 bytes to the right of [ 16.620300] allocated 7936-byte region [fff00000c6054000, fff00000c6055f00) [ 16.620395] [ 16.620441] The buggy address belongs to the physical page: [ 16.620476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106050 [ 16.620657] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.620851] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.620970] page_type: f5(slab) [ 16.621036] raw: 0bfffe0000000040 fff00000c0002280 dead000000000100 dead000000000122 [ 16.621103] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.621162] head: 0bfffe0000000040 fff00000c0002280 dead000000000100 dead000000000122 [ 16.621211] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.621269] head: 0bfffe0000000003 ffffc1ffc3181401 00000000ffffffff 00000000ffffffff [ 16.621317] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.621356] page dumped because: kasan: bad access detected [ 16.621387] [ 16.621405] Memory state around the buggy address: [ 16.621451] fff00000c6055e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.621493] fff00000c6055e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.621537] >fff00000c6055f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621589] ^ [ 16.621625] fff00000c6055f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621675] fff00000c6056000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.603106] ================================================================== [ 16.603169] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.603252] Write of size 1 at addr fff00000c748a478 by task kunit_try_catch/151 [ 16.603304] [ 16.603367] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.603466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.603493] Hardware name: linux,dummy-virt (DT) [ 16.603558] Call trace: [ 16.603598] show_stack+0x20/0x38 (C) [ 16.603650] dump_stack_lvl+0x8c/0xd0 [ 16.603699] print_report+0x118/0x608 [ 16.603752] kasan_report+0xdc/0x128 [ 16.604035] __asan_report_store1_noabort+0x20/0x30 [ 16.604104] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.604198] kunit_try_run_case+0x170/0x3f0 [ 16.604253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.604371] kthread+0x328/0x630 [ 16.604415] ret_from_fork+0x10/0x20 [ 16.604484] [ 16.604502] Allocated by task 151: [ 16.604560] kasan_save_stack+0x3c/0x68 [ 16.604639] kasan_save_track+0x20/0x40 [ 16.604696] kasan_save_alloc_info+0x40/0x58 [ 16.604734] __kasan_kmalloc+0xd4/0xd8 [ 16.604770] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.604831] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.604873] kunit_try_run_case+0x170/0x3f0 [ 16.605041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.605238] kthread+0x328/0x630 [ 16.605304] ret_from_fork+0x10/0x20 [ 16.605385] [ 16.605424] The buggy address belongs to the object at fff00000c748a400 [ 16.605424] which belongs to the cache kmalloc-128 of size 128 [ 16.605511] The buggy address is located 0 bytes to the right of [ 16.605511] allocated 120-byte region [fff00000c748a400, fff00000c748a478) [ 16.605606] [ 16.605675] The buggy address belongs to the physical page: [ 16.605711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.605786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.605838] page_type: f5(slab) [ 16.605882] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.605961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.606020] page dumped because: kasan: bad access detected [ 16.606090] [ 16.606110] Memory state around the buggy address: [ 16.606141] fff00000c748a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.606195] fff00000c748a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.606237] >fff00000c748a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.606274] ^ [ 16.606315] fff00000c748a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.606356] fff00000c748a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.606667] ================================================================== [ 16.607732] ================================================================== [ 16.607798] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.607851] Write of size 1 at addr fff00000c748a578 by task kunit_try_catch/151 [ 16.607908] [ 16.607951] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.608037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.608073] Hardware name: linux,dummy-virt (DT) [ 16.608105] Call trace: [ 16.608135] show_stack+0x20/0x38 (C) [ 16.608184] dump_stack_lvl+0x8c/0xd0 [ 16.608232] print_report+0x118/0x608 [ 16.608278] kasan_report+0xdc/0x128 [ 16.608336] __asan_report_store1_noabort+0x20/0x30 [ 16.608393] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.608448] kunit_try_run_case+0x170/0x3f0 [ 16.608500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.608553] kthread+0x328/0x630 [ 16.608595] ret_from_fork+0x10/0x20 [ 16.608642] [ 16.608669] Allocated by task 151: [ 16.608697] kasan_save_stack+0x3c/0x68 [ 16.608737] kasan_save_track+0x20/0x40 [ 16.608774] kasan_save_alloc_info+0x40/0x58 [ 16.608819] __kasan_kmalloc+0xd4/0xd8 [ 16.608863] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.608907] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.608959] kunit_try_run_case+0x170/0x3f0 [ 16.608995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.609037] kthread+0x328/0x630 [ 16.609068] ret_from_fork+0x10/0x20 [ 16.609103] [ 16.609121] The buggy address belongs to the object at fff00000c748a500 [ 16.609121] which belongs to the cache kmalloc-128 of size 128 [ 16.609176] The buggy address is located 0 bytes to the right of [ 16.609176] allocated 120-byte region [fff00000c748a500, fff00000c748a578) [ 16.609238] [ 16.609257] The buggy address belongs to the physical page: [ 16.609314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a [ 16.609820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.609887] page_type: f5(slab) [ 16.609939] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.610009] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.610147] page dumped because: kasan: bad access detected [ 16.610229] [ 16.610280] Memory state around the buggy address: [ 16.610330] fff00000c748a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.610400] fff00000c748a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610452] >fff00000c748a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.610527] ^ [ 16.610594] fff00000c748a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610635] fff00000c748a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610672] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.592186] ================================================================== [ 16.592284] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.592357] Read of size 1 at addr fff00000c50d9000 by task kunit_try_catch/149 [ 16.592424] [ 16.592459] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 16.592546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.592572] Hardware name: linux,dummy-virt (DT) [ 16.592735] Call trace: [ 16.592893] show_stack+0x20/0x38 (C) [ 16.592974] dump_stack_lvl+0x8c/0xd0 [ 16.593024] print_report+0x118/0x608 [ 16.593072] kasan_report+0xdc/0x128 [ 16.593117] __asan_report_load1_noabort+0x20/0x30 [ 16.593166] kmalloc_node_oob_right+0x2f4/0x330 [ 16.593232] kunit_try_run_case+0x170/0x3f0 [ 16.593298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.593365] kthread+0x328/0x630 [ 16.593424] ret_from_fork+0x10/0x20 [ 16.593490] [ 16.593509] Allocated by task 149: [ 16.593555] kasan_save_stack+0x3c/0x68 [ 16.593620] kasan_save_track+0x20/0x40 [ 16.593664] kasan_save_alloc_info+0x40/0x58 [ 16.593701] __kasan_kmalloc+0xd4/0xd8 [ 16.593745] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.593787] kmalloc_node_oob_right+0xbc/0x330 [ 16.594156] kunit_try_run_case+0x170/0x3f0 [ 16.594251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.594316] kthread+0x328/0x630 [ 16.594367] ret_from_fork+0x10/0x20 [ 16.594403] [ 16.594446] The buggy address belongs to the object at fff00000c50d8000 [ 16.594446] which belongs to the cache kmalloc-4k of size 4096 [ 16.594507] The buggy address is located 0 bytes to the right of [ 16.594507] allocated 4096-byte region [fff00000c50d8000, fff00000c50d9000) [ 16.594571] [ 16.594591] The buggy address belongs to the physical page: [ 16.594876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1050d8 [ 16.595129] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.595202] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.595302] page_type: f5(slab) [ 16.595344] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.595394] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.595463] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.595521] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.595570] head: 0bfffe0000000003 ffffc1ffc3143601 00000000ffffffff 00000000ffffffff [ 16.595619] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.595692] page dumped because: kasan: bad access detected [ 16.595729] [ 16.595755] Memory state around the buggy address: [ 16.595786] fff00000c50d8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.595838] fff00000c50d8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.595888] >fff00000c50d9000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.595950] ^ [ 16.595978] fff00000c50d9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.596020] fff00000c50d9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.596067] ==================================================================
Failure - log-parser-boot - exception-warning-libmathint_log-at-intlog10
------------[ cut here ]------------ [ 96.088104] WARNING: lib/math/int_log.c:120 at intlog10+0x38/0x48, CPU#0: kunit_try_catch/665 [ 96.089664] Modules linked in: [ 96.089876] CPU: 0 UID: 0 PID: 665 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 96.090673] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 96.091343] Hardware name: linux,dummy-virt (DT) [ 96.091885] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.092755] pc : intlog10+0x38/0x48 [ 96.093218] lr : intlog10_test+0xe4/0x200 [ 96.093821] sp : ffff8000822d7c10 [ 96.094308] x29: ffff8000822d7c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.095032] x26: 1ffe00001829c0c1 x25: 0000000000000000 x24: ffff8000822d7ce0 [ 96.095653] x23: ffff8000822d7d00 x22: 0000000000000000 x21: 1ffff0001045af82 [ 96.096029] x20: ffffa3186cddba40 x19: ffff800080087990 x18: 00000000ec37b5e6 [ 96.096378] x17: 0000000000000001 x16: fff00000c473603c x15: fff00000ff616b08 [ 96.096723] x14: 0000000000018fff x13: 1ffe00001b4923cd x12: ffff74630e187381 [ 96.097092] x11: 1ffff4630e187380 x10: ffff74630e187380 x9 : ffffa3186a43e654 [ 96.097510] x8 : ffffa31870c39c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.097934] x5 : ffff70001045af82 x4 : 1ffff00010010f3a x3 : 1ffff4630d9bb748 [ 96.098408] x2 : 1ffff4630d9bb748 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.098980] Call trace: [ 96.099188] intlog10+0x38/0x48 (P) [ 96.099441] kunit_try_run_case+0x170/0x3f0 [ 96.099705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.100043] kthread+0x328/0x630 [ 96.100224] ret_from_fork+0x10/0x20 [ 96.100419] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-libmathint_log-at-intlog2
------------[ cut here ]------------ [ 96.033785] WARNING: lib/math/int_log.c:63 at intlog2+0xd8/0xf8, CPU#0: kunit_try_catch/647 [ 96.037503] Modules linked in: [ 96.038096] CPU: 0 UID: 0 PID: 647 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 96.039350] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 96.039834] Hardware name: linux,dummy-virt (DT) [ 96.040502] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.041316] pc : intlog2+0xd8/0xf8 [ 96.041798] lr : intlog2_test+0xe4/0x200 [ 96.042319] sp : ffff8000821d7c10 [ 96.042877] x29: ffff8000821d7c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.043885] x26: 1ffe0000197a6281 x25: 0000000000000000 x24: ffff8000821d7ce0 [ 96.044728] x23: ffff8000821d7d00 x22: 0000000000000000 x21: 1ffff0001043af82 [ 96.045475] x20: ffffa3186cddb940 x19: ffff800080087990 x18: 000000000efa4df6 [ 96.046276] x17: 0000000000000001 x16: fff00000c473603c x15: fff00000ff616b08 [ 96.047191] x14: 0000000000018fff x13: 1ffe00001b4923cd x12: ffff74630e187381 [ 96.047742] x11: 1ffff4630e187380 x10: ffff74630e187380 x9 : ffffa3186a43e854 [ 96.048102] x8 : ffffa31870c39c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.048448] x5 : ffff70001043af82 x4 : 1ffff00010010f3a x3 : 1ffff4630d9bb728 [ 96.048785] x2 : 1ffff4630d9bb728 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.049559] Call trace: [ 96.049877] intlog2+0xd8/0xf8 (P) [ 96.050302] kunit_try_run_case+0x170/0x3f0 [ 96.050793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.051469] kthread+0x328/0x630 [ 96.051857] ret_from_fork+0x10/0x20 [ 96.052335] ---[ end trace 0000000000000000 ]---
Failure - kunit - lib_ratelimit_lib_ratelimit
<8>[ 289.327203] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=lib_ratelimit_lib_ratelimit RESULT=fail>
Failure - kunit - lib_ratelimit_test_ratelimit_smoke
(no logs available)
Failure - log-parser-boot - internal-error-oops-oops-smp
KNOWN ISSUE - LKFT: Dragonboard 845c: Internal error: Oops: ufs_qcom_setup_clocks
[ 95.137544] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.144081] Modules linked in: [ 95.144705] CPU: 1 UID: 0 PID: 541 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250617 #1 PREEMPT [ 95.145698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.146249] Hardware name: linux,dummy-virt (DT) [ 95.146812] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.147421] pc : kunit_test_null_dereference+0x70/0x170 [ 95.147701] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.147987] sp : ffff800080f77d30 [ 95.148420] x29: ffff800080f77d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.149084] x26: 1ffe000018a10061 x25: 0000000000000000 x24: 0000000000000004 [ 95.149437] x23: fff00000c508030c x22: ffffa3186a42bba8 x21: fff00000c1274108 [ 95.149787] x20: 1ffff000101eefa6 x19: ffff800080087990 x18: 000000004d6a63a0 [ 95.150686] x17: 0000000000000001 x16: fff00000da491d28 x15: fff00000ff616b08 [ 95.151471] x14: 0000000000018fff x13: 1ffe00001b492389 x12: fffd80001824f3a4 [ 95.152209] x11: 1ffe00001824f3a3 x10: fffd80001824f3a3 x9 : ffffa3186a423010 [ 95.152990] x8 : ffff800080f77c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.153712] x5 : ffff7000101eefa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.154570] x2 : dfff800000000000 x1 : fff00000c1279440 x0 : ffff800080087990 [ 95.155434] Call trace: [ 95.155743] kunit_test_null_dereference+0x70/0x170 (P) [ 95.156334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.156875] kthread+0x328/0x630 [ 95.157196] ret_from_fork+0x10/0x20 [ 95.157632] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.158202] ---[ end trace 0000000000000000 ]---