Date
July 18, 2025, 1:09 p.m.
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 120.543691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree: Failure
Automatically assigned
[ 24.288633] ================================================================== [ 24.290124] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 24.290364] Free of addr ffff888106210001 by task kunit_try_catch/198 [ 24.290558] [ 24.290651] CPU: 0 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.290702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.290715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.290739] Call Trace: [ 24.290753] <TASK> [ 24.290771] dump_stack_lvl+0x73/0xb0 [ 24.291131] print_report+0xd1/0x640 [ 24.291157] ? __virt_addr_valid+0x1db/0x2d0 [ 24.291430] ? kasan_addr_to_slab+0x11/0xa0 [ 24.291457] ? kfree+0x274/0x3f0 [ 24.291479] kasan_report_invalid_free+0x10a/0x130 [ 24.291504] ? kfree+0x274/0x3f0 [ 24.291527] ? kfree+0x274/0x3f0 [ 24.291547] __kasan_kfree_large+0x86/0xd0 [ 24.291567] free_large_kmalloc+0x52/0x110 [ 24.291589] kfree+0x274/0x3f0 [ 24.291614] kmalloc_large_invalid_free+0x120/0x2b0 [ 24.291636] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 24.291658] ? __schedule+0x10da/0x2b60 [ 24.291684] ? __pfx_read_tsc+0x10/0x10 [ 24.291707] ? ktime_get_ts64+0x86/0x230 [ 24.291733] kunit_try_run_case+0x1a5/0x480 [ 24.291759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.291780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.291897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.291929] ? __kthread_parkme+0x82/0x180 [ 24.291950] ? preempt_count_sub+0x50/0x80 [ 24.291973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.291996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.292019] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.292041] kthread+0x337/0x6f0 [ 24.292061] ? trace_preempt_on+0x20/0xc0 [ 24.292087] ? __pfx_kthread+0x10/0x10 [ 24.292108] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.292138] ? calculate_sigpending+0x7b/0xa0 [ 24.292161] ? __pfx_kthread+0x10/0x10 [ 24.292197] ret_from_fork+0x116/0x1d0 [ 24.292216] ? __pfx_kthread+0x10/0x10 [ 24.292236] ret_from_fork_asm+0x1a/0x30 [ 24.292267] </TASK> [ 24.292279] [ 24.307539] The buggy address belongs to the physical page: [ 24.308024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106210 [ 24.308386] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.309174] flags: 0x200000000000040(head|node=0|zone=2) [ 24.309728] page_type: f8(unknown) [ 24.310117] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.310875] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.311639] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.311940] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.312489] head: 0200000000000002 ffffea0004188401 00000000ffffffff 00000000ffffffff [ 24.313064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.313847] page dumped because: kasan: bad access detected [ 24.314057] [ 24.314119] Memory state around the buggy address: [ 24.314275] ffff88810620ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.314480] ffff88810620ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.314688] >ffff888106210000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.315058] ^ [ 24.315365] ffff888106210080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.315567] ffff888106210100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.315830] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf: Failure
Automatically assigned
[ 25.314132] ================================================================== [ 25.315499] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 25.316249] Read of size 1 at addr ffff8881053b7300 by task kunit_try_catch/244 [ 25.317261] [ 25.317616] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.317671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.317684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.317707] Call Trace: [ 25.317719] <TASK> [ 25.317737] dump_stack_lvl+0x73/0xb0 [ 25.317772] print_report+0xd1/0x640 [ 25.317794] ? __virt_addr_valid+0x1db/0x2d0 [ 25.317819] ? ksize_uaf+0x19d/0x6c0 [ 25.317933] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.317961] ? ksize_uaf+0x19d/0x6c0 [ 25.317981] kasan_report+0x141/0x180 [ 25.318002] ? ksize_uaf+0x19d/0x6c0 [ 25.318025] ? ksize_uaf+0x19d/0x6c0 [ 25.318044] __kasan_check_byte+0x3d/0x50 [ 25.318065] ksize+0x20/0x60 [ 25.318086] ksize_uaf+0x19d/0x6c0 [ 25.318106] ? __pfx_ksize_uaf+0x10/0x10 [ 25.318126] ? __schedule+0x10da/0x2b60 [ 25.318149] ? __pfx_read_tsc+0x10/0x10 [ 25.318171] ? ktime_get_ts64+0x86/0x230 [ 25.318196] kunit_try_run_case+0x1a5/0x480 [ 25.318237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.318259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.318292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.318324] ? __kthread_parkme+0x82/0x180 [ 25.318344] ? preempt_count_sub+0x50/0x80 [ 25.318367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.318389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.318411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.318433] kthread+0x337/0x6f0 [ 25.318452] ? trace_preempt_on+0x20/0xc0 [ 25.318475] ? __pfx_kthread+0x10/0x10 [ 25.318494] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.318523] ? calculate_sigpending+0x7b/0xa0 [ 25.318546] ? __pfx_kthread+0x10/0x10 [ 25.318566] ret_from_fork+0x116/0x1d0 [ 25.318584] ? __pfx_kthread+0x10/0x10 [ 25.318604] ret_from_fork_asm+0x1a/0x30 [ 25.318640] </TASK> [ 25.318652] [ 25.332663] Allocated by task 244: [ 25.332858] kasan_save_stack+0x45/0x70 [ 25.333263] kasan_save_track+0x18/0x40 [ 25.333480] kasan_save_alloc_info+0x3b/0x50 [ 25.333685] __kasan_kmalloc+0xb7/0xc0 [ 25.333869] __kmalloc_cache_noprof+0x189/0x420 [ 25.334084] ksize_uaf+0xaa/0x6c0 [ 25.334246] kunit_try_run_case+0x1a5/0x480 [ 25.334686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.335237] kthread+0x337/0x6f0 [ 25.335394] ret_from_fork+0x116/0x1d0 [ 25.335816] ret_from_fork_asm+0x1a/0x30 [ 25.336110] [ 25.336182] Freed by task 244: [ 25.336338] kasan_save_stack+0x45/0x70 [ 25.336467] kasan_save_track+0x18/0x40 [ 25.336693] kasan_save_free_info+0x3f/0x60 [ 25.337123] __kasan_slab_free+0x56/0x70 [ 25.337561] kfree+0x222/0x3f0 [ 25.337905] ksize_uaf+0x12c/0x6c0 [ 25.338332] kunit_try_run_case+0x1a5/0x480 [ 25.338821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.338987] kthread+0x337/0x6f0 [ 25.339096] ret_from_fork+0x116/0x1d0 [ 25.339225] ret_from_fork_asm+0x1a/0x30 [ 25.339350] [ 25.339417] The buggy address belongs to the object at ffff8881053b7300 [ 25.339417] which belongs to the cache kmalloc-128 of size 128 [ 25.339848] The buggy address is located 0 bytes inside of [ 25.339848] freed 128-byte region [ffff8881053b7300, ffff8881053b7380) [ 25.340300] [ 25.340368] The buggy address belongs to the physical page: [ 25.340611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 25.340938] flags: 0x200000000000000(node=0|zone=2) [ 25.341138] page_type: f5(slab) [ 25.341285] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.341698] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.342027] page dumped because: kasan: bad access detected [ 25.342252] [ 25.342318] Memory state around the buggy address: [ 25.342528] ffff8881053b7200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.342799] ffff8881053b7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.343073] >ffff8881053b7300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.343424] ^ [ 25.343563] ffff8881053b7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.344083] ffff8881053b7400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.344358] ================================================================== [ 25.346033] ================================================================== [ 25.346514] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 25.346902] Read of size 1 at addr ffff8881053b7300 by task kunit_try_catch/244 [ 25.347154] [ 25.347251] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.347298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.347310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.347332] Call Trace: [ 25.347351] <TASK> [ 25.347368] dump_stack_lvl+0x73/0xb0 [ 25.347399] print_report+0xd1/0x640 [ 25.347421] ? __virt_addr_valid+0x1db/0x2d0 [ 25.347443] ? ksize_uaf+0x5fe/0x6c0 [ 25.347462] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.347486] ? ksize_uaf+0x5fe/0x6c0 [ 25.347506] kasan_report+0x141/0x180 [ 25.347526] ? ksize_uaf+0x5fe/0x6c0 [ 25.347550] __asan_report_load1_noabort+0x18/0x20 [ 25.347573] ksize_uaf+0x5fe/0x6c0 [ 25.347592] ? __pfx_ksize_uaf+0x10/0x10 [ 25.347612] ? __schedule+0x10da/0x2b60 [ 25.347635] ? __pfx_read_tsc+0x10/0x10 [ 25.347656] ? ktime_get_ts64+0x86/0x230 [ 25.347680] kunit_try_run_case+0x1a5/0x480 [ 25.347703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.347723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.347757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.347861] ? __kthread_parkme+0x82/0x180 [ 25.347882] ? preempt_count_sub+0x50/0x80 [ 25.347905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.347927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.347950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.347971] kthread+0x337/0x6f0 [ 25.347990] ? trace_preempt_on+0x20/0xc0 [ 25.348012] ? __pfx_kthread+0x10/0x10 [ 25.348031] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.348061] ? calculate_sigpending+0x7b/0xa0 [ 25.348084] ? __pfx_kthread+0x10/0x10 [ 25.348104] ret_from_fork+0x116/0x1d0 [ 25.348122] ? __pfx_kthread+0x10/0x10 [ 25.348141] ret_from_fork_asm+0x1a/0x30 [ 25.348171] </TASK> [ 25.348181] [ 25.354963] Allocated by task 244: [ 25.355130] kasan_save_stack+0x45/0x70 [ 25.355320] kasan_save_track+0x18/0x40 [ 25.355471] kasan_save_alloc_info+0x3b/0x50 [ 25.355652] __kasan_kmalloc+0xb7/0xc0 [ 25.356019] __kmalloc_cache_noprof+0x189/0x420 [ 25.356249] ksize_uaf+0xaa/0x6c0 [ 25.356417] kunit_try_run_case+0x1a5/0x480 [ 25.356603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.356880] kthread+0x337/0x6f0 [ 25.357036] ret_from_fork+0x116/0x1d0 [ 25.357207] ret_from_fork_asm+0x1a/0x30 [ 25.357389] [ 25.357451] Freed by task 244: [ 25.357601] kasan_save_stack+0x45/0x70 [ 25.357759] kasan_save_track+0x18/0x40 [ 25.357976] kasan_save_free_info+0x3f/0x60 [ 25.358173] __kasan_slab_free+0x56/0x70 [ 25.358343] kfree+0x222/0x3f0 [ 25.358502] ksize_uaf+0x12c/0x6c0 [ 25.358661] kunit_try_run_case+0x1a5/0x480 [ 25.358909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.359122] kthread+0x337/0x6f0 [ 25.359288] ret_from_fork+0x116/0x1d0 [ 25.359473] ret_from_fork_asm+0x1a/0x30 [ 25.359634] [ 25.359698] The buggy address belongs to the object at ffff8881053b7300 [ 25.359698] which belongs to the cache kmalloc-128 of size 128 [ 25.360280] The buggy address is located 0 bytes inside of [ 25.360280] freed 128-byte region [ffff8881053b7300, ffff8881053b7380) [ 25.360720] [ 25.361035] The buggy address belongs to the physical page: [ 25.361267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 25.361576] flags: 0x200000000000000(node=0|zone=2) [ 25.361887] page_type: f5(slab) [ 25.362034] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.362348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.362568] page dumped because: kasan: bad access detected [ 25.362738] [ 25.362874] Memory state around the buggy address: [ 25.363034] ffff8881053b7200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.363319] ffff8881053b7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.363632] >ffff8881053b7300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.364015] ^ [ 25.364181] ffff8881053b7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.364498] ffff8881053b7400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.364769] ================================================================== [ 25.365986] ================================================================== [ 25.366354] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 25.366655] Read of size 1 at addr ffff8881053b7378 by task kunit_try_catch/244 [ 25.366989] [ 25.367096] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.367141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.367152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.367172] Call Trace: [ 25.367189] <TASK> [ 25.367204] dump_stack_lvl+0x73/0xb0 [ 25.367244] print_report+0xd1/0x640 [ 25.367264] ? __virt_addr_valid+0x1db/0x2d0 [ 25.367286] ? ksize_uaf+0x5e4/0x6c0 [ 25.367305] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.367329] ? ksize_uaf+0x5e4/0x6c0 [ 25.367348] kasan_report+0x141/0x180 [ 25.367368] ? ksize_uaf+0x5e4/0x6c0 [ 25.367392] __asan_report_load1_noabort+0x18/0x20 [ 25.367414] ksize_uaf+0x5e4/0x6c0 [ 25.367434] ? __pfx_ksize_uaf+0x10/0x10 [ 25.367454] ? __schedule+0x10da/0x2b60 [ 25.367476] ? __pfx_read_tsc+0x10/0x10 [ 25.367496] ? ktime_get_ts64+0x86/0x230 [ 25.367519] kunit_try_run_case+0x1a5/0x480 [ 25.367541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.367562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.367594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.367625] ? __kthread_parkme+0x82/0x180 [ 25.367644] ? preempt_count_sub+0x50/0x80 [ 25.367666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.367688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.367710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.367731] kthread+0x337/0x6f0 [ 25.367749] ? trace_preempt_on+0x20/0xc0 [ 25.367773] ? __pfx_kthread+0x10/0x10 [ 25.367794] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.367825] ? calculate_sigpending+0x7b/0xa0 [ 25.367848] ? __pfx_kthread+0x10/0x10 [ 25.367868] ret_from_fork+0x116/0x1d0 [ 25.367885] ? __pfx_kthread+0x10/0x10 [ 25.367904] ret_from_fork_asm+0x1a/0x30 [ 25.367934] </TASK> [ 25.367944] [ 25.377035] Allocated by task 244: [ 25.377657] kasan_save_stack+0x45/0x70 [ 25.378094] kasan_save_track+0x18/0x40 [ 25.378267] kasan_save_alloc_info+0x3b/0x50 [ 25.378479] __kasan_kmalloc+0xb7/0xc0 [ 25.378666] __kmalloc_cache_noprof+0x189/0x420 [ 25.378859] ksize_uaf+0xaa/0x6c0 [ 25.379023] kunit_try_run_case+0x1a5/0x480 [ 25.379230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.379463] kthread+0x337/0x6f0 [ 25.379612] ret_from_fork+0x116/0x1d0 [ 25.379785] ret_from_fork_asm+0x1a/0x30 [ 25.379970] [ 25.380046] Freed by task 244: [ 25.380205] kasan_save_stack+0x45/0x70 [ 25.380640] kasan_save_track+0x18/0x40 [ 25.380776] kasan_save_free_info+0x3f/0x60 [ 25.381010] __kasan_slab_free+0x56/0x70 [ 25.381185] kfree+0x222/0x3f0 [ 25.381361] ksize_uaf+0x12c/0x6c0 [ 25.381547] kunit_try_run_case+0x1a5/0x480 [ 25.381769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.382102] kthread+0x337/0x6f0 [ 25.382277] ret_from_fork+0x116/0x1d0 [ 25.382439] ret_from_fork_asm+0x1a/0x30 [ 25.382642] [ 25.382759] The buggy address belongs to the object at ffff8881053b7300 [ 25.382759] which belongs to the cache kmalloc-128 of size 128 [ 25.383348] The buggy address is located 120 bytes inside of [ 25.383348] freed 128-byte region [ffff8881053b7300, ffff8881053b7380) [ 25.383913] [ 25.384032] The buggy address belongs to the physical page: [ 25.384260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 25.384599] flags: 0x200000000000000(node=0|zone=2) [ 25.385059] page_type: f5(slab) [ 25.385214] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.385565] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.385978] page dumped because: kasan: bad access detected [ 25.386262] [ 25.386349] Memory state around the buggy address: [ 25.386566] ffff8881053b7200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.386931] ffff8881053b7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.387214] >ffff8881053b7300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.387542] ^ [ 25.387908] ffff8881053b7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.388233] ffff8881053b7400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.388543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory: Failure
Automatically assigned
[ 25.282906] ================================================================== [ 25.283138] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 25.283728] Read of size 1 at addr ffff888102b0647f by task kunit_try_catch/242 [ 25.284015] [ 25.284250] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.284297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.284309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.284329] Call Trace: [ 25.284345] <TASK> [ 25.284361] dump_stack_lvl+0x73/0xb0 [ 25.284422] print_report+0xd1/0x640 [ 25.284444] ? __virt_addr_valid+0x1db/0x2d0 [ 25.284466] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 25.284494] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.284519] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 25.284540] kasan_report+0x141/0x180 [ 25.284561] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 25.284587] __asan_report_load1_noabort+0x18/0x20 [ 25.284610] ksize_unpoisons_memory+0x7b6/0x9b0 [ 25.284633] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.284654] ? finish_task_switch.isra.0+0x153/0x700 [ 25.284675] ? __switch_to+0x47/0xf80 [ 25.284699] ? __schedule+0x10da/0x2b60 [ 25.284722] ? __pfx_read_tsc+0x10/0x10 [ 25.284742] ? ktime_get_ts64+0x86/0x230 [ 25.284766] kunit_try_run_case+0x1a5/0x480 [ 25.284788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.284809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.284842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.284874] ? __kthread_parkme+0x82/0x180 [ 25.284893] ? preempt_count_sub+0x50/0x80 [ 25.284914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.284936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.284958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.285021] kthread+0x337/0x6f0 [ 25.285042] ? trace_preempt_on+0x20/0xc0 [ 25.285066] ? __pfx_kthread+0x10/0x10 [ 25.285085] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.285126] ? calculate_sigpending+0x7b/0xa0 [ 25.285149] ? __pfx_kthread+0x10/0x10 [ 25.285169] ret_from_fork+0x116/0x1d0 [ 25.285188] ? __pfx_kthread+0x10/0x10 [ 25.285207] ret_from_fork_asm+0x1a/0x30 [ 25.285244] </TASK> [ 25.285255] [ 25.299124] Allocated by task 242: [ 25.299568] kasan_save_stack+0x45/0x70 [ 25.300019] kasan_save_track+0x18/0x40 [ 25.300375] kasan_save_alloc_info+0x3b/0x50 [ 25.300517] __kasan_kmalloc+0xb7/0xc0 [ 25.300638] __kmalloc_cache_noprof+0x189/0x420 [ 25.300804] ksize_unpoisons_memory+0xc7/0x9b0 [ 25.301256] kunit_try_run_case+0x1a5/0x480 [ 25.301805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.302448] kthread+0x337/0x6f0 [ 25.302857] ret_from_fork+0x116/0x1d0 [ 25.303266] ret_from_fork_asm+0x1a/0x30 [ 25.303649] [ 25.303862] The buggy address belongs to the object at ffff888102b06400 [ 25.303862] which belongs to the cache kmalloc-128 of size 128 [ 25.304309] The buggy address is located 12 bytes to the right of [ 25.304309] allocated 115-byte region [ffff888102b06400, ffff888102b06473) [ 25.304673] [ 25.304739] The buggy address belongs to the physical page: [ 25.304910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 25.305145] flags: 0x200000000000000(node=0|zone=2) [ 25.305312] page_type: f5(slab) [ 25.305426] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.305649] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.305867] page dumped because: kasan: bad access detected [ 25.306030] [ 25.306091] Memory state around the buggy address: [ 25.306295] ffff888102b06300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.306882] ffff888102b06380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.307479] >ffff888102b06400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.308128] ^ [ 25.308815] ffff888102b06480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.309522] ffff888102b06500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.310183] ================================================================== [ 25.257475] ================================================================== [ 25.257728] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 25.258698] Read of size 1 at addr ffff888102b06478 by task kunit_try_catch/242 [ 25.259367] [ 25.259465] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.259689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.259703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.259724] Call Trace: [ 25.259736] <TASK> [ 25.259750] dump_stack_lvl+0x73/0xb0 [ 25.259782] print_report+0xd1/0x640 [ 25.259882] ? __virt_addr_valid+0x1db/0x2d0 [ 25.259906] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 25.259928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.259953] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 25.259975] kasan_report+0x141/0x180 [ 25.259996] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 25.260022] __asan_report_load1_noabort+0x18/0x20 [ 25.260045] ksize_unpoisons_memory+0x7e9/0x9b0 [ 25.260067] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.260088] ? finish_task_switch.isra.0+0x153/0x700 [ 25.260109] ? __switch_to+0x47/0xf80 [ 25.260133] ? __schedule+0x10da/0x2b60 [ 25.260155] ? __pfx_read_tsc+0x10/0x10 [ 25.260176] ? ktime_get_ts64+0x86/0x230 [ 25.260199] kunit_try_run_case+0x1a5/0x480 [ 25.260235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.260256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.260289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.260321] ? __kthread_parkme+0x82/0x180 [ 25.260340] ? preempt_count_sub+0x50/0x80 [ 25.260361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.260384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.260405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.260427] kthread+0x337/0x6f0 [ 25.260446] ? trace_preempt_on+0x20/0xc0 [ 25.260468] ? __pfx_kthread+0x10/0x10 [ 25.260487] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.260517] ? calculate_sigpending+0x7b/0xa0 [ 25.260540] ? __pfx_kthread+0x10/0x10 [ 25.260560] ret_from_fork+0x116/0x1d0 [ 25.260578] ? __pfx_kthread+0x10/0x10 [ 25.260597] ret_from_fork_asm+0x1a/0x30 [ 25.260627] </TASK> [ 25.260637] [ 25.271345] Allocated by task 242: [ 25.271668] kasan_save_stack+0x45/0x70 [ 25.271844] kasan_save_track+0x18/0x40 [ 25.272158] kasan_save_alloc_info+0x3b/0x50 [ 25.272380] __kasan_kmalloc+0xb7/0xc0 [ 25.272551] __kmalloc_cache_noprof+0x189/0x420 [ 25.272753] ksize_unpoisons_memory+0xc7/0x9b0 [ 25.272950] kunit_try_run_case+0x1a5/0x480 [ 25.273145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.273887] kthread+0x337/0x6f0 [ 25.274298] ret_from_fork+0x116/0x1d0 [ 25.274464] ret_from_fork_asm+0x1a/0x30 [ 25.274798] [ 25.275071] The buggy address belongs to the object at ffff888102b06400 [ 25.275071] which belongs to the cache kmalloc-128 of size 128 [ 25.275573] The buggy address is located 5 bytes to the right of [ 25.275573] allocated 115-byte region [ffff888102b06400, ffff888102b06473) [ 25.276335] [ 25.276528] The buggy address belongs to the physical page: [ 25.276768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 25.277289] flags: 0x200000000000000(node=0|zone=2) [ 25.277517] page_type: f5(slab) [ 25.277650] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.278205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.278540] page dumped because: kasan: bad access detected [ 25.278772] [ 25.278947] Memory state around the buggy address: [ 25.279151] ffff888102b06300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.279467] ffff888102b06380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.279762] >ffff888102b06400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.280715] ^ [ 25.281368] ffff888102b06480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.281677] ffff888102b06500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.282452] ================================================================== [ 25.231648] ================================================================== [ 25.232231] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 25.233043] Read of size 1 at addr ffff888102b06473 by task kunit_try_catch/242 [ 25.233560] [ 25.234066] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.234123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.234135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.234158] Call Trace: [ 25.234170] <TASK> [ 25.234187] dump_stack_lvl+0x73/0xb0 [ 25.234240] print_report+0xd1/0x640 [ 25.234263] ? __virt_addr_valid+0x1db/0x2d0 [ 25.234288] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 25.234310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.234334] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 25.234357] kasan_report+0x141/0x180 [ 25.234377] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 25.234404] __asan_report_load1_noabort+0x18/0x20 [ 25.234426] ksize_unpoisons_memory+0x81c/0x9b0 [ 25.234449] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 25.234470] ? finish_task_switch.isra.0+0x153/0x700 [ 25.234492] ? __switch_to+0x47/0xf80 [ 25.234518] ? __schedule+0x10da/0x2b60 [ 25.234541] ? __pfx_read_tsc+0x10/0x10 [ 25.234562] ? ktime_get_ts64+0x86/0x230 [ 25.234587] kunit_try_run_case+0x1a5/0x480 [ 25.234612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.234637] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.234670] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.234702] ? __kthread_parkme+0x82/0x180 [ 25.234721] ? preempt_count_sub+0x50/0x80 [ 25.234742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.234765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.234786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.234810] kthread+0x337/0x6f0 [ 25.234828] ? trace_preempt_on+0x20/0xc0 [ 25.234852] ? __pfx_kthread+0x10/0x10 [ 25.234871] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.234900] ? calculate_sigpending+0x7b/0xa0 [ 25.234923] ? __pfx_kthread+0x10/0x10 [ 25.234943] ret_from_fork+0x116/0x1d0 [ 25.234962] ? __pfx_kthread+0x10/0x10 [ 25.234982] ret_from_fork_asm+0x1a/0x30 [ 25.235014] </TASK> [ 25.235025] [ 25.245679] Allocated by task 242: [ 25.246208] kasan_save_stack+0x45/0x70 [ 25.246425] kasan_save_track+0x18/0x40 [ 25.246604] kasan_save_alloc_info+0x3b/0x50 [ 25.246811] __kasan_kmalloc+0xb7/0xc0 [ 25.247421] __kmalloc_cache_noprof+0x189/0x420 [ 25.247587] ksize_unpoisons_memory+0xc7/0x9b0 [ 25.248015] kunit_try_run_case+0x1a5/0x480 [ 25.248379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.248712] kthread+0x337/0x6f0 [ 25.248849] ret_from_fork+0x116/0x1d0 [ 25.249196] ret_from_fork_asm+0x1a/0x30 [ 25.249395] [ 25.249471] The buggy address belongs to the object at ffff888102b06400 [ 25.249471] which belongs to the cache kmalloc-128 of size 128 [ 25.249970] The buggy address is located 0 bytes to the right of [ 25.249970] allocated 115-byte region [ffff888102b06400, ffff888102b06473) [ 25.250473] [ 25.250546] The buggy address belongs to the physical page: [ 25.250799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 25.251125] flags: 0x200000000000000(node=0|zone=2) [ 25.252017] page_type: f5(slab) [ 25.252304] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.252680] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.253313] page dumped because: kasan: bad access detected [ 25.253564] [ 25.253638] Memory state around the buggy address: [ 25.254054] ffff888102b06300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.254481] ffff888102b06380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.254896] >ffff888102b06400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 25.255332] ^ [ 25.255736] ffff888102b06480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.256420] ffff888102b06500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.256719] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive: Failure
Automatically assigned
[ 25.195525] ================================================================== [ 25.195925] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 25.196167] Free of addr ffff888105380c40 by task kunit_try_catch/240 [ 25.196613] [ 25.196748] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.196797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.197010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.197032] Call Trace: [ 25.197043] <TASK> [ 25.197059] dump_stack_lvl+0x73/0xb0 [ 25.197091] print_report+0xd1/0x640 [ 25.197134] ? __virt_addr_valid+0x1db/0x2d0 [ 25.197157] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.197181] ? kfree_sensitive+0x2e/0x90 [ 25.197201] kasan_report_invalid_free+0x10a/0x130 [ 25.197236] ? kfree_sensitive+0x2e/0x90 [ 25.197256] ? kfree_sensitive+0x2e/0x90 [ 25.197274] check_slab_allocation+0x101/0x130 [ 25.197312] __kasan_slab_pre_free+0x28/0x40 [ 25.197333] kfree+0xf0/0x3f0 [ 25.197353] ? add_taint+0x2e/0xa0 [ 25.197376] ? kfree_sensitive+0x2e/0x90 [ 25.197396] kfree_sensitive+0x2e/0x90 [ 25.197415] kmalloc_double_kzfree+0x19c/0x350 [ 25.197437] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.197458] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 25.197498] ? trace_hardirqs_on+0x37/0xe0 [ 25.197534] ? __pfx_read_tsc+0x10/0x10 [ 25.197555] ? ktime_get_ts64+0x86/0x230 [ 25.197592] kunit_try_run_case+0x1a5/0x480 [ 25.197628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.197664] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.197699] ? __kthread_parkme+0x82/0x180 [ 25.197731] ? preempt_count_sub+0x50/0x80 [ 25.197766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.197789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.197863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.197886] kthread+0x337/0x6f0 [ 25.197904] ? trace_preempt_on+0x20/0xc0 [ 25.197926] ? __pfx_kthread+0x10/0x10 [ 25.197945] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.197977] ? calculate_sigpending+0x7b/0xa0 [ 25.198004] ? __pfx_kthread+0x10/0x10 [ 25.198026] ret_from_fork+0x116/0x1d0 [ 25.198045] ? __pfx_kthread+0x10/0x10 [ 25.198064] ret_from_fork_asm+0x1a/0x30 [ 25.198094] </TASK> [ 25.198105] [ 25.209779] Allocated by task 240: [ 25.209987] kasan_save_stack+0x45/0x70 [ 25.210179] kasan_save_track+0x18/0x40 [ 25.210359] kasan_save_alloc_info+0x3b/0x50 [ 25.210541] __kasan_kmalloc+0xb7/0xc0 [ 25.210730] __kmalloc_cache_noprof+0x189/0x420 [ 25.210915] kmalloc_double_kzfree+0xa9/0x350 [ 25.211121] kunit_try_run_case+0x1a5/0x480 [ 25.211735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.211985] kthread+0x337/0x6f0 [ 25.212489] ret_from_fork+0x116/0x1d0 [ 25.212626] ret_from_fork_asm+0x1a/0x30 [ 25.213025] [ 25.213120] Freed by task 240: [ 25.213374] kasan_save_stack+0x45/0x70 [ 25.213664] kasan_save_track+0x18/0x40 [ 25.213866] kasan_save_free_info+0x3f/0x60 [ 25.214348] __kasan_slab_free+0x56/0x70 [ 25.214510] kfree+0x222/0x3f0 [ 25.214668] kfree_sensitive+0x67/0x90 [ 25.215026] kmalloc_double_kzfree+0x12b/0x350 [ 25.215398] kunit_try_run_case+0x1a5/0x480 [ 25.215600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.216044] kthread+0x337/0x6f0 [ 25.216204] ret_from_fork+0x116/0x1d0 [ 25.216376] ret_from_fork_asm+0x1a/0x30 [ 25.216525] [ 25.216618] The buggy address belongs to the object at ffff888105380c40 [ 25.216618] which belongs to the cache kmalloc-16 of size 16 [ 25.217561] The buggy address is located 0 bytes inside of [ 25.217561] 16-byte region [ffff888105380c40, ffff888105380c50) [ 25.217986] [ 25.218122] The buggy address belongs to the physical page: [ 25.218584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105380 [ 25.219099] flags: 0x200000000000000(node=0|zone=2) [ 25.219350] page_type: f5(slab) [ 25.219482] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.219792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.220354] page dumped because: kasan: bad access detected [ 25.220600] [ 25.220683] Memory state around the buggy address: [ 25.221151] ffff888105380b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.221461] ffff888105380b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.221752] >ffff888105380c00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 25.222178] ^ [ 25.222416] ffff888105380c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.222693] ffff888105380d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.223330] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree: Failure
Automatically assigned
[ 25.173121] ================================================================== [ 25.173685] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 25.174122] Read of size 1 at addr ffff888105380c40 by task kunit_try_catch/240 [ 25.174616] [ 25.174723] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.174774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.174785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.174807] Call Trace: [ 25.174820] <TASK> [ 25.174836] dump_stack_lvl+0x73/0xb0 [ 25.174870] print_report+0xd1/0x640 [ 25.174921] ? __virt_addr_valid+0x1db/0x2d0 [ 25.174945] ? kmalloc_double_kzfree+0x19c/0x350 [ 25.174966] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.174991] ? kmalloc_double_kzfree+0x19c/0x350 [ 25.175013] kasan_report+0x141/0x180 [ 25.175033] ? kmalloc_double_kzfree+0x19c/0x350 [ 25.175057] ? kmalloc_double_kzfree+0x19c/0x350 [ 25.175144] __kasan_check_byte+0x3d/0x50 [ 25.175171] kfree_sensitive+0x22/0x90 [ 25.175192] kmalloc_double_kzfree+0x19c/0x350 [ 25.175303] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 25.175326] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 25.175352] ? trace_hardirqs_on+0x37/0xe0 [ 25.175375] ? __pfx_read_tsc+0x10/0x10 [ 25.175396] ? ktime_get_ts64+0x86/0x230 [ 25.175420] kunit_try_run_case+0x1a5/0x480 [ 25.175445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.175467] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.175502] ? __kthread_parkme+0x82/0x180 [ 25.175521] ? preempt_count_sub+0x50/0x80 [ 25.175544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.175566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.175588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.175610] kthread+0x337/0x6f0 [ 25.175628] ? trace_preempt_on+0x20/0xc0 [ 25.175649] ? __pfx_kthread+0x10/0x10 [ 25.175668] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.175698] ? calculate_sigpending+0x7b/0xa0 [ 25.175720] ? __pfx_kthread+0x10/0x10 [ 25.175741] ret_from_fork+0x116/0x1d0 [ 25.175759] ? __pfx_kthread+0x10/0x10 [ 25.175778] ret_from_fork_asm+0x1a/0x30 [ 25.175858] </TASK> [ 25.175870] [ 25.183662] Allocated by task 240: [ 25.183791] kasan_save_stack+0x45/0x70 [ 25.183990] kasan_save_track+0x18/0x40 [ 25.184169] kasan_save_alloc_info+0x3b/0x50 [ 25.184378] __kasan_kmalloc+0xb7/0xc0 [ 25.184551] __kmalloc_cache_noprof+0x189/0x420 [ 25.184695] kmalloc_double_kzfree+0xa9/0x350 [ 25.184889] kunit_try_run_case+0x1a5/0x480 [ 25.185072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.185385] kthread+0x337/0x6f0 [ 25.185528] ret_from_fork+0x116/0x1d0 [ 25.185699] ret_from_fork_asm+0x1a/0x30 [ 25.185977] [ 25.186071] Freed by task 240: [ 25.186331] kasan_save_stack+0x45/0x70 [ 25.186553] kasan_save_track+0x18/0x40 [ 25.186711] kasan_save_free_info+0x3f/0x60 [ 25.187061] __kasan_slab_free+0x56/0x70 [ 25.187235] kfree+0x222/0x3f0 [ 25.187388] kfree_sensitive+0x67/0x90 [ 25.187585] kmalloc_double_kzfree+0x12b/0x350 [ 25.187746] kunit_try_run_case+0x1a5/0x480 [ 25.188049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.188308] kthread+0x337/0x6f0 [ 25.188465] ret_from_fork+0x116/0x1d0 [ 25.188627] ret_from_fork_asm+0x1a/0x30 [ 25.188902] [ 25.188999] The buggy address belongs to the object at ffff888105380c40 [ 25.188999] which belongs to the cache kmalloc-16 of size 16 [ 25.189513] The buggy address is located 0 bytes inside of [ 25.189513] freed 16-byte region [ffff888105380c40, ffff888105380c50) [ 25.190041] [ 25.190128] The buggy address belongs to the physical page: [ 25.190383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105380 [ 25.190733] flags: 0x200000000000000(node=0|zone=2) [ 25.190959] page_type: f5(slab) [ 25.191082] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.191309] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.191521] page dumped because: kasan: bad access detected [ 25.191782] [ 25.191925] Memory state around the buggy address: [ 25.192169] ffff888105380b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.192510] ffff888105380b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.192828] >ffff888105380c00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 25.193135] ^ [ 25.193646] ffff888105380c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.194038] ffff888105380d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.194308] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2: Failure
Automatically assigned
[ 25.137232] ================================================================== [ 25.138443] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 25.139051] Read of size 1 at addr ffff8881053b82a8 by task kunit_try_catch/236 [ 25.139501] [ 25.139594] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.139644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.139655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.139677] Call Trace: [ 25.139690] <TASK> [ 25.139706] dump_stack_lvl+0x73/0xb0 [ 25.139739] print_report+0xd1/0x640 [ 25.139760] ? __virt_addr_valid+0x1db/0x2d0 [ 25.139784] ? kmalloc_uaf2+0x4a8/0x520 [ 25.139850] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.139875] ? kmalloc_uaf2+0x4a8/0x520 [ 25.139894] kasan_report+0x141/0x180 [ 25.139941] ? kmalloc_uaf2+0x4a8/0x520 [ 25.139965] __asan_report_load1_noabort+0x18/0x20 [ 25.139988] kmalloc_uaf2+0x4a8/0x520 [ 25.140007] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 25.140027] ? __kasan_check_write+0x18/0x20 [ 25.140049] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.140083] ? irqentry_exit+0x2a/0x60 [ 25.140122] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 25.140146] ? trace_hardirqs_on+0x37/0xe0 [ 25.140170] ? __pfx_read_tsc+0x10/0x10 [ 25.140191] ? ktime_get_ts64+0x86/0x230 [ 25.140227] kunit_try_run_case+0x1a5/0x480 [ 25.140252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.140274] ? queued_spin_lock_slowpath+0x116/0xb40 [ 25.140307] ? __kthread_parkme+0x82/0x180 [ 25.140327] ? preempt_count_sub+0x50/0x80 [ 25.140351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.140373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.140395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.140416] kthread+0x337/0x6f0 [ 25.140435] ? trace_preempt_on+0x20/0xc0 [ 25.140456] ? __pfx_kthread+0x10/0x10 [ 25.140475] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.140504] ? calculate_sigpending+0x7b/0xa0 [ 25.140527] ? __pfx_kthread+0x10/0x10 [ 25.140547] ret_from_fork+0x116/0x1d0 [ 25.140565] ? __pfx_kthread+0x10/0x10 [ 25.140585] ret_from_fork_asm+0x1a/0x30 [ 25.140614] </TASK> [ 25.140626] [ 25.151849] Allocated by task 236: [ 25.151981] kasan_save_stack+0x45/0x70 [ 25.152336] kasan_save_track+0x18/0x40 [ 25.152513] kasan_save_alloc_info+0x3b/0x50 [ 25.152707] __kasan_kmalloc+0xb7/0xc0 [ 25.152877] __kmalloc_cache_noprof+0x189/0x420 [ 25.153076] kmalloc_uaf2+0xc6/0x520 [ 25.154075] kunit_try_run_case+0x1a5/0x480 [ 25.154363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.154791] kthread+0x337/0x6f0 [ 25.155150] ret_from_fork+0x116/0x1d0 [ 25.155547] ret_from_fork_asm+0x1a/0x30 [ 25.155931] [ 25.156149] Freed by task 236: [ 25.156429] kasan_save_stack+0x45/0x70 [ 25.156732] kasan_save_track+0x18/0x40 [ 25.157006] kasan_save_free_info+0x3f/0x60 [ 25.157195] __kasan_slab_free+0x56/0x70 [ 25.157378] kfree+0x222/0x3f0 [ 25.157519] kmalloc_uaf2+0x14c/0x520 [ 25.157680] kunit_try_run_case+0x1a5/0x480 [ 25.158375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.158678] kthread+0x337/0x6f0 [ 25.159227] ret_from_fork+0x116/0x1d0 [ 25.159375] ret_from_fork_asm+0x1a/0x30 [ 25.159570] [ 25.159651] The buggy address belongs to the object at ffff8881053b8280 [ 25.159651] which belongs to the cache kmalloc-64 of size 64 [ 25.160189] The buggy address is located 40 bytes inside of [ 25.160189] freed 64-byte region [ffff8881053b8280, ffff8881053b82c0) [ 25.160659] [ 25.160726] The buggy address belongs to the physical page: [ 25.160949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b8 [ 25.161252] flags: 0x200000000000000(node=0|zone=2) [ 25.161522] page_type: f5(slab) [ 25.161678] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.162076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.162346] page dumped because: kasan: bad access detected [ 25.162594] [ 25.162686] Memory state around the buggy address: [ 25.162874] ffff8881053b8180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.163096] ffff8881053b8200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.163475] >ffff8881053b8280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.163783] ^ [ 25.164018] ffff8881053b8300: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 25.164292] ffff8881053b8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.164561] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset: Failure
Automatically assigned
[ 25.095168] ================================================================== [ 25.096262] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 25.097172] Write of size 33 at addr ffff888102b42780 by task kunit_try_catch/234 [ 25.097422] [ 25.097516] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.097567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.097579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.097602] Call Trace: [ 25.097615] <TASK> [ 25.097633] dump_stack_lvl+0x73/0xb0 [ 25.097669] print_report+0xd1/0x640 [ 25.097692] ? __virt_addr_valid+0x1db/0x2d0 [ 25.097718] ? kmalloc_uaf_memset+0x1a3/0x360 [ 25.097739] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.097763] ? kmalloc_uaf_memset+0x1a3/0x360 [ 25.097784] kasan_report+0x141/0x180 [ 25.097805] ? kmalloc_uaf_memset+0x1a3/0x360 [ 25.097830] kasan_check_range+0x10c/0x1c0 [ 25.097852] __asan_memset+0x27/0x50 [ 25.097874] kmalloc_uaf_memset+0x1a3/0x360 [ 25.097893] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 25.097914] ? __schedule+0x10da/0x2b60 [ 25.097938] ? __pfx_read_tsc+0x10/0x10 [ 25.097959] ? ktime_get_ts64+0x86/0x230 [ 25.097985] kunit_try_run_case+0x1a5/0x480 [ 25.098010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.098031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.098063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.098095] ? __kthread_parkme+0x82/0x180 [ 25.098115] ? preempt_count_sub+0x50/0x80 [ 25.098138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.098160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.098182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.098214] kthread+0x337/0x6f0 [ 25.098232] ? trace_preempt_on+0x20/0xc0 [ 25.098256] ? __pfx_kthread+0x10/0x10 [ 25.098275] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.098304] ? calculate_sigpending+0x7b/0xa0 [ 25.098328] ? __pfx_kthread+0x10/0x10 [ 25.098348] ret_from_fork+0x116/0x1d0 [ 25.098366] ? __pfx_kthread+0x10/0x10 [ 25.098385] ret_from_fork_asm+0x1a/0x30 [ 25.098416] </TASK> [ 25.098427] [ 25.113671] Allocated by task 234: [ 25.113925] kasan_save_stack+0x45/0x70 [ 25.114730] kasan_save_track+0x18/0x40 [ 25.115255] kasan_save_alloc_info+0x3b/0x50 [ 25.115845] __kasan_kmalloc+0xb7/0xc0 [ 25.116406] __kmalloc_cache_noprof+0x189/0x420 [ 25.116921] kmalloc_uaf_memset+0xa9/0x360 [ 25.117573] kunit_try_run_case+0x1a5/0x480 [ 25.118134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.118910] kthread+0x337/0x6f0 [ 25.119234] ret_from_fork+0x116/0x1d0 [ 25.119369] ret_from_fork_asm+0x1a/0x30 [ 25.119503] [ 25.119568] Freed by task 234: [ 25.119674] kasan_save_stack+0x45/0x70 [ 25.119808] kasan_save_track+0x18/0x40 [ 25.120328] kasan_save_free_info+0x3f/0x60 [ 25.120479] __kasan_slab_free+0x56/0x70 [ 25.120605] kfree+0x222/0x3f0 [ 25.120713] kmalloc_uaf_memset+0x12b/0x360 [ 25.120879] kunit_try_run_case+0x1a5/0x480 [ 25.121019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.121380] kthread+0x337/0x6f0 [ 25.121547] ret_from_fork+0x116/0x1d0 [ 25.121676] ret_from_fork_asm+0x1a/0x30 [ 25.121844] [ 25.122015] The buggy address belongs to the object at ffff888102b42780 [ 25.122015] which belongs to the cache kmalloc-64 of size 64 [ 25.122608] The buggy address is located 0 bytes inside of [ 25.122608] freed 64-byte region [ffff888102b42780, ffff888102b427c0) [ 25.123322] [ 25.123397] The buggy address belongs to the physical page: [ 25.123566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 25.123901] flags: 0x200000000000000(node=0|zone=2) [ 25.124374] page_type: f5(slab) [ 25.124707] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.125577] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.126337] page dumped because: kasan: bad access detected [ 25.126924] [ 25.127172] Memory state around the buggy address: [ 25.127710] ffff888102b42680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.128172] ffff888102b42700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.128404] >ffff888102b42780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.128623] ^ [ 25.128736] ffff888102b42800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.129472] ffff888102b42880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.130175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf: Failure
Automatically assigned
[ 25.061527] ================================================================== [ 25.061989] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 25.062220] Read of size 1 at addr ffff888105380c28 by task kunit_try_catch/232 [ 25.062436] [ 25.062520] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.062569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.062580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.062601] Call Trace: [ 25.062613] <TASK> [ 25.062636] dump_stack_lvl+0x73/0xb0 [ 25.062667] print_report+0xd1/0x640 [ 25.062689] ? __virt_addr_valid+0x1db/0x2d0 [ 25.062712] ? kmalloc_uaf+0x320/0x380 [ 25.062730] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.062755] ? kmalloc_uaf+0x320/0x380 [ 25.062774] kasan_report+0x141/0x180 [ 25.062794] ? kmalloc_uaf+0x320/0x380 [ 25.062817] __asan_report_load1_noabort+0x18/0x20 [ 25.062841] kmalloc_uaf+0x320/0x380 [ 25.062860] ? __pfx_kmalloc_uaf+0x10/0x10 [ 25.062879] ? __schedule+0x10da/0x2b60 [ 25.062902] ? __pfx_read_tsc+0x10/0x10 [ 25.062923] ? ktime_get_ts64+0x86/0x230 [ 25.062947] kunit_try_run_case+0x1a5/0x480 [ 25.062971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.062992] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.063025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.063056] ? __kthread_parkme+0x82/0x180 [ 25.063075] ? preempt_count_sub+0x50/0x80 [ 25.063097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.063118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.063140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.063161] kthread+0x337/0x6f0 [ 25.063180] ? trace_preempt_on+0x20/0xc0 [ 25.063607] ? __pfx_kthread+0x10/0x10 [ 25.063646] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.063696] ? calculate_sigpending+0x7b/0xa0 [ 25.063723] ? __pfx_kthread+0x10/0x10 [ 25.063750] ret_from_fork+0x116/0x1d0 [ 25.063770] ? __pfx_kthread+0x10/0x10 [ 25.063967] ret_from_fork_asm+0x1a/0x30 [ 25.064001] </TASK> [ 25.064040] [ 25.076858] Allocated by task 232: [ 25.077174] kasan_save_stack+0x45/0x70 [ 25.077602] kasan_save_track+0x18/0x40 [ 25.077835] kasan_save_alloc_info+0x3b/0x50 [ 25.078171] __kasan_kmalloc+0xb7/0xc0 [ 25.078533] __kmalloc_cache_noprof+0x189/0x420 [ 25.078738] kmalloc_uaf+0xaa/0x380 [ 25.078955] kunit_try_run_case+0x1a5/0x480 [ 25.079337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.079674] kthread+0x337/0x6f0 [ 25.079814] ret_from_fork+0x116/0x1d0 [ 25.080294] ret_from_fork_asm+0x1a/0x30 [ 25.080522] [ 25.080595] Freed by task 232: [ 25.080776] kasan_save_stack+0x45/0x70 [ 25.081281] kasan_save_track+0x18/0x40 [ 25.081444] kasan_save_free_info+0x3f/0x60 [ 25.081668] __kasan_slab_free+0x56/0x70 [ 25.082118] kfree+0x222/0x3f0 [ 25.082373] kmalloc_uaf+0x12c/0x380 [ 25.082662] kunit_try_run_case+0x1a5/0x480 [ 25.082912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.083396] kthread+0x337/0x6f0 [ 25.083562] ret_from_fork+0x116/0x1d0 [ 25.083731] ret_from_fork_asm+0x1a/0x30 [ 25.083975] [ 25.084065] The buggy address belongs to the object at ffff888105380c20 [ 25.084065] which belongs to the cache kmalloc-16 of size 16 [ 25.085149] The buggy address is located 8 bytes inside of [ 25.085149] freed 16-byte region [ffff888105380c20, ffff888105380c30) [ 25.085753] [ 25.085858] The buggy address belongs to the physical page: [ 25.086247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105380 [ 25.086785] flags: 0x200000000000000(node=0|zone=2) [ 25.087254] page_type: f5(slab) [ 25.087527] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.087896] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.088351] page dumped because: kasan: bad access detected [ 25.088607] [ 25.088696] Memory state around the buggy address: [ 25.089152] ffff888105380b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.089460] ffff888105380b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.089751] >ffff888105380c00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 25.090283] ^ [ 25.090525] ffff888105380c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.090972] ffff888105380d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.091256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size: Failure
Automatically assigned
[ 25.038605] ================================================================== [ 25.039331] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 25.039630] Read of size 64 at addr ffff8881053b8004 by task kunit_try_catch/230 [ 25.039924] [ 25.040084] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.040133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.040145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.040166] Call Trace: [ 25.040178] <TASK> [ 25.040195] dump_stack_lvl+0x73/0xb0 [ 25.040237] print_report+0xd1/0x640 [ 25.040259] ? __virt_addr_valid+0x1db/0x2d0 [ 25.040284] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 25.040307] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.040332] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 25.040355] kasan_report+0x141/0x180 [ 25.040376] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 25.040403] kasan_check_range+0x10c/0x1c0 [ 25.040425] __asan_memmove+0x27/0x70 [ 25.040449] kmalloc_memmove_invalid_size+0x16f/0x330 [ 25.040472] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 25.040496] ? __schedule+0x10da/0x2b60 [ 25.040519] ? __pfx_read_tsc+0x10/0x10 [ 25.040540] ? ktime_get_ts64+0x86/0x230 [ 25.040564] kunit_try_run_case+0x1a5/0x480 [ 25.040589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.040610] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.040643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.040675] ? __kthread_parkme+0x82/0x180 [ 25.040695] ? preempt_count_sub+0x50/0x80 [ 25.040717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.040739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.040761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.040783] kthread+0x337/0x6f0 [ 25.040802] ? trace_preempt_on+0x20/0xc0 [ 25.040824] ? __pfx_kthread+0x10/0x10 [ 25.040844] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.040873] ? calculate_sigpending+0x7b/0xa0 [ 25.040897] ? __pfx_kthread+0x10/0x10 [ 25.040917] ret_from_fork+0x116/0x1d0 [ 25.040935] ? __pfx_kthread+0x10/0x10 [ 25.040954] ret_from_fork_asm+0x1a/0x30 [ 25.040984] </TASK> [ 25.040995] [ 25.048858] Allocated by task 230: [ 25.049042] kasan_save_stack+0x45/0x70 [ 25.049247] kasan_save_track+0x18/0x40 [ 25.049432] kasan_save_alloc_info+0x3b/0x50 [ 25.049640] __kasan_kmalloc+0xb7/0xc0 [ 25.049818] __kmalloc_cache_noprof+0x189/0x420 [ 25.049994] kmalloc_memmove_invalid_size+0xac/0x330 [ 25.050281] kunit_try_run_case+0x1a5/0x480 [ 25.050498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.050716] kthread+0x337/0x6f0 [ 25.050933] ret_from_fork+0x116/0x1d0 [ 25.051094] ret_from_fork_asm+0x1a/0x30 [ 25.051263] [ 25.051327] The buggy address belongs to the object at ffff8881053b8000 [ 25.051327] which belongs to the cache kmalloc-64 of size 64 [ 25.051675] The buggy address is located 4 bytes inside of [ 25.051675] allocated 64-byte region [ffff8881053b8000, ffff8881053b8040) [ 25.052654] [ 25.052747] The buggy address belongs to the physical page: [ 25.052986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b8 [ 25.053292] flags: 0x200000000000000(node=0|zone=2) [ 25.053455] page_type: f5(slab) [ 25.053578] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.053855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.054179] page dumped because: kasan: bad access detected [ 25.054473] [ 25.054587] Memory state around the buggy address: [ 25.055014] ffff8881053b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.055321] ffff8881053b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.055534] >ffff8881053b8000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.055738] ^ [ 25.056250] ffff8881053b8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.056578] ffff8881053b8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.056888] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size: Failure
Automatically assigned
[ 25.014172] ================================================================== [ 25.014731] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 25.015711] Read of size 18446744073709551614 at addr ffff888102b42584 by task kunit_try_catch/228 [ 25.016269] [ 25.016377] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.016426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.016437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.016459] Call Trace: [ 25.016470] <TASK> [ 25.016487] dump_stack_lvl+0x73/0xb0 [ 25.016519] print_report+0xd1/0x640 [ 25.016541] ? __virt_addr_valid+0x1db/0x2d0 [ 25.016564] ? kmalloc_memmove_negative_size+0x171/0x330 [ 25.016587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.016612] ? kmalloc_memmove_negative_size+0x171/0x330 [ 25.016655] kasan_report+0x141/0x180 [ 25.016677] ? kmalloc_memmove_negative_size+0x171/0x330 [ 25.016704] kasan_check_range+0x10c/0x1c0 [ 25.016727] __asan_memmove+0x27/0x70 [ 25.016749] kmalloc_memmove_negative_size+0x171/0x330 [ 25.016774] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 25.016872] ? __schedule+0x10da/0x2b60 [ 25.016900] ? __pfx_read_tsc+0x10/0x10 [ 25.016922] ? ktime_get_ts64+0x86/0x230 [ 25.016946] kunit_try_run_case+0x1a5/0x480 [ 25.016970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.016991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.017024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.017056] ? __kthread_parkme+0x82/0x180 [ 25.017076] ? preempt_count_sub+0x50/0x80 [ 25.017098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.017121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.017143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.017165] kthread+0x337/0x6f0 [ 25.017184] ? trace_preempt_on+0x20/0xc0 [ 25.017220] ? __pfx_kthread+0x10/0x10 [ 25.017240] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.017269] ? calculate_sigpending+0x7b/0xa0 [ 25.017293] ? __pfx_kthread+0x10/0x10 [ 25.017313] ret_from_fork+0x116/0x1d0 [ 25.017331] ? __pfx_kthread+0x10/0x10 [ 25.017350] ret_from_fork_asm+0x1a/0x30 [ 25.017380] </TASK> [ 25.017391] [ 25.024653] Allocated by task 228: [ 25.024781] kasan_save_stack+0x45/0x70 [ 25.024987] kasan_save_track+0x18/0x40 [ 25.025384] kasan_save_alloc_info+0x3b/0x50 [ 25.025570] __kasan_kmalloc+0xb7/0xc0 [ 25.025698] __kmalloc_cache_noprof+0x189/0x420 [ 25.026053] kmalloc_memmove_negative_size+0xac/0x330 [ 25.026303] kunit_try_run_case+0x1a5/0x480 [ 25.026506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.026729] kthread+0x337/0x6f0 [ 25.026867] ret_from_fork+0x116/0x1d0 [ 25.027042] ret_from_fork_asm+0x1a/0x30 [ 25.027299] [ 25.027376] The buggy address belongs to the object at ffff888102b42580 [ 25.027376] which belongs to the cache kmalloc-64 of size 64 [ 25.028080] The buggy address is located 4 bytes inside of [ 25.028080] 64-byte region [ffff888102b42580, ffff888102b425c0) [ 25.028500] [ 25.028600] The buggy address belongs to the physical page: [ 25.028848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b42 [ 25.029282] flags: 0x200000000000000(node=0|zone=2) [ 25.029510] page_type: f5(slab) [ 25.029672] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.029951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.030253] page dumped because: kasan: bad access detected [ 25.030466] [ 25.030554] Memory state around the buggy address: [ 25.030742] ffff888102b42480: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 25.031022] ffff888102b42500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.031393] >ffff888102b42580: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 25.031605] ^ [ 25.031715] ffff888102b42600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.031923] ffff888102b42680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.032128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16: Failure
Automatically assigned
[ 24.994121] ================================================================== [ 24.994604] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 24.995075] Write of size 16 at addr ffff8881053b7269 by task kunit_try_catch/226 [ 24.995357] [ 24.995466] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.995515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.995526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.995547] Call Trace: [ 24.995560] <TASK> [ 24.995575] dump_stack_lvl+0x73/0xb0 [ 24.995607] print_report+0xd1/0x640 [ 24.995628] ? __virt_addr_valid+0x1db/0x2d0 [ 24.995651] ? kmalloc_oob_memset_16+0x166/0x330 [ 24.995671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.995696] ? kmalloc_oob_memset_16+0x166/0x330 [ 24.995716] kasan_report+0x141/0x180 [ 24.995737] ? kmalloc_oob_memset_16+0x166/0x330 [ 24.995762] kasan_check_range+0x10c/0x1c0 [ 24.995784] __asan_memset+0x27/0x50 [ 24.995987] kmalloc_oob_memset_16+0x166/0x330 [ 24.996010] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 24.996031] ? __schedule+0x2070/0x2b60 [ 24.996054] ? __pfx_read_tsc+0x10/0x10 [ 24.996077] ? ktime_get_ts64+0x86/0x230 [ 24.996101] kunit_try_run_case+0x1a5/0x480 [ 24.996126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.996147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.996180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.996228] ? __kthread_parkme+0x82/0x180 [ 24.996248] ? preempt_count_sub+0x50/0x80 [ 24.996270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.996292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.996315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.996337] kthread+0x337/0x6f0 [ 24.996356] ? trace_preempt_on+0x20/0xc0 [ 24.996378] ? __pfx_kthread+0x10/0x10 [ 24.996397] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.996426] ? calculate_sigpending+0x7b/0xa0 [ 24.996449] ? __pfx_kthread+0x10/0x10 [ 24.996470] ret_from_fork+0x116/0x1d0 [ 24.996489] ? __pfx_kthread+0x10/0x10 [ 24.996508] ret_from_fork_asm+0x1a/0x30 [ 24.996537] </TASK> [ 24.996547] [ 25.003776] Allocated by task 226: [ 25.003950] kasan_save_stack+0x45/0x70 [ 25.004090] kasan_save_track+0x18/0x40 [ 25.004231] kasan_save_alloc_info+0x3b/0x50 [ 25.004375] __kasan_kmalloc+0xb7/0xc0 [ 25.004742] __kmalloc_cache_noprof+0x189/0x420 [ 25.004955] kmalloc_oob_memset_16+0xac/0x330 [ 25.005163] kunit_try_run_case+0x1a5/0x480 [ 25.005418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.005629] kthread+0x337/0x6f0 [ 25.005744] ret_from_fork+0x116/0x1d0 [ 25.005931] ret_from_fork_asm+0x1a/0x30 [ 25.006304] [ 25.006395] The buggy address belongs to the object at ffff8881053b7200 [ 25.006395] which belongs to the cache kmalloc-128 of size 128 [ 25.007021] The buggy address is located 105 bytes inside of [ 25.007021] allocated 120-byte region [ffff8881053b7200, ffff8881053b7278) [ 25.007521] [ 25.007596] The buggy address belongs to the physical page: [ 25.007831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 25.008137] flags: 0x200000000000000(node=0|zone=2) [ 25.008351] page_type: f5(slab) [ 25.008491] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 25.008779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 25.009062] page dumped because: kasan: bad access detected [ 25.009369] [ 25.009436] Memory state around the buggy address: [ 25.009583] ffff8881053b7100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.009793] ffff8881053b7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.010000] >ffff8881053b7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 25.010218] ^ [ 25.010861] ffff8881053b7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.011171] ffff8881053b7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.011490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8: Failure
Automatically assigned
[ 24.969373] ================================================================== [ 24.969813] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 24.970060] Write of size 8 at addr ffff8881053b7171 by task kunit_try_catch/224 [ 24.970340] [ 24.970449] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.970499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.970511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.970534] Call Trace: [ 24.970546] <TASK> [ 24.970564] dump_stack_lvl+0x73/0xb0 [ 24.970597] print_report+0xd1/0x640 [ 24.970625] ? __virt_addr_valid+0x1db/0x2d0 [ 24.970651] ? kmalloc_oob_memset_8+0x166/0x330 [ 24.970671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.970696] ? kmalloc_oob_memset_8+0x166/0x330 [ 24.970716] kasan_report+0x141/0x180 [ 24.970737] ? kmalloc_oob_memset_8+0x166/0x330 [ 24.970763] kasan_check_range+0x10c/0x1c0 [ 24.970785] __asan_memset+0x27/0x50 [ 24.970825] kmalloc_oob_memset_8+0x166/0x330 [ 24.970848] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 24.970870] ? __schedule+0x10da/0x2b60 [ 24.970893] ? __pfx_read_tsc+0x10/0x10 [ 24.970916] ? ktime_get_ts64+0x86/0x230 [ 24.970941] kunit_try_run_case+0x1a5/0x480 [ 24.970967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.970988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.971021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.971053] ? __kthread_parkme+0x82/0x180 [ 24.971074] ? preempt_count_sub+0x50/0x80 [ 24.971097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.971119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.971141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.971163] kthread+0x337/0x6f0 [ 24.971182] ? trace_preempt_on+0x20/0xc0 [ 24.971216] ? __pfx_kthread+0x10/0x10 [ 24.971236] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.971265] ? calculate_sigpending+0x7b/0xa0 [ 24.971288] ? __pfx_kthread+0x10/0x10 [ 24.971309] ret_from_fork+0x116/0x1d0 [ 24.971327] ? __pfx_kthread+0x10/0x10 [ 24.971347] ret_from_fork_asm+0x1a/0x30 [ 24.971378] </TASK> [ 24.971389] [ 24.983091] Allocated by task 224: [ 24.983286] kasan_save_stack+0x45/0x70 [ 24.983491] kasan_save_track+0x18/0x40 [ 24.983679] kasan_save_alloc_info+0x3b/0x50 [ 24.983881] __kasan_kmalloc+0xb7/0xc0 [ 24.984052] __kmalloc_cache_noprof+0x189/0x420 [ 24.984290] kmalloc_oob_memset_8+0xac/0x330 [ 24.984497] kunit_try_run_case+0x1a5/0x480 [ 24.984678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.985073] kthread+0x337/0x6f0 [ 24.985245] ret_from_fork+0x116/0x1d0 [ 24.985433] ret_from_fork_asm+0x1a/0x30 [ 24.985579] [ 24.985669] The buggy address belongs to the object at ffff8881053b7100 [ 24.985669] which belongs to the cache kmalloc-128 of size 128 [ 24.986260] The buggy address is located 113 bytes inside of [ 24.986260] allocated 120-byte region [ffff8881053b7100, ffff8881053b7178) [ 24.986667] [ 24.986734] The buggy address belongs to the physical page: [ 24.986900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 24.987240] flags: 0x200000000000000(node=0|zone=2) [ 24.987723] page_type: f5(slab) [ 24.987850] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.988075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.988548] page dumped because: kasan: bad access detected [ 24.988793] [ 24.988880] Memory state around the buggy address: [ 24.989100] ffff8881053b7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.989457] ffff8881053b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.989735] >ffff8881053b7100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.990100] ^ [ 24.990382] ffff8881053b7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.990676] ffff8881053b7200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.991006] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4: Failure
Automatically assigned
[ 24.945360] ================================================================== [ 24.946270] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 24.946631] Write of size 4 at addr ffff888102b06375 by task kunit_try_catch/222 [ 24.947080] [ 24.947191] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.947254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.947266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.947289] Call Trace: [ 24.947302] <TASK> [ 24.947320] dump_stack_lvl+0x73/0xb0 [ 24.947353] print_report+0xd1/0x640 [ 24.947375] ? __virt_addr_valid+0x1db/0x2d0 [ 24.947399] ? kmalloc_oob_memset_4+0x166/0x330 [ 24.947420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.947445] ? kmalloc_oob_memset_4+0x166/0x330 [ 24.947466] kasan_report+0x141/0x180 [ 24.947486] ? kmalloc_oob_memset_4+0x166/0x330 [ 24.947512] kasan_check_range+0x10c/0x1c0 [ 24.947534] __asan_memset+0x27/0x50 [ 24.947556] kmalloc_oob_memset_4+0x166/0x330 [ 24.947578] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 24.947600] ? __schedule+0x10da/0x2b60 [ 24.947623] ? __pfx_read_tsc+0x10/0x10 [ 24.947645] ? ktime_get_ts64+0x86/0x230 [ 24.947670] kunit_try_run_case+0x1a5/0x480 [ 24.947694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.947717] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.947750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.947783] ? __kthread_parkme+0x82/0x180 [ 24.947802] ? preempt_count_sub+0x50/0x80 [ 24.947824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.947847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.947869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.947891] kthread+0x337/0x6f0 [ 24.947910] ? trace_preempt_on+0x20/0xc0 [ 24.947933] ? __pfx_kthread+0x10/0x10 [ 24.947952] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.947981] ? calculate_sigpending+0x7b/0xa0 [ 24.948005] ? __pfx_kthread+0x10/0x10 [ 24.948026] ret_from_fork+0x116/0x1d0 [ 24.948044] ? __pfx_kthread+0x10/0x10 [ 24.948063] ret_from_fork_asm+0x1a/0x30 [ 24.948093] </TASK> [ 24.948105] [ 24.955565] Allocated by task 222: [ 24.955747] kasan_save_stack+0x45/0x70 [ 24.955916] kasan_save_track+0x18/0x40 [ 24.956101] kasan_save_alloc_info+0x3b/0x50 [ 24.956455] __kasan_kmalloc+0xb7/0xc0 [ 24.956625] __kmalloc_cache_noprof+0x189/0x420 [ 24.956817] kmalloc_oob_memset_4+0xac/0x330 [ 24.957082] kunit_try_run_case+0x1a5/0x480 [ 24.957322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.957545] kthread+0x337/0x6f0 [ 24.957704] ret_from_fork+0x116/0x1d0 [ 24.957936] ret_from_fork_asm+0x1a/0x30 [ 24.958132] [ 24.958196] The buggy address belongs to the object at ffff888102b06300 [ 24.958196] which belongs to the cache kmalloc-128 of size 128 [ 24.958561] The buggy address is located 117 bytes inside of [ 24.958561] allocated 120-byte region [ffff888102b06300, ffff888102b06378) [ 24.959090] [ 24.959180] The buggy address belongs to the physical page: [ 24.959437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 24.959743] flags: 0x200000000000000(node=0|zone=2) [ 24.959903] page_type: f5(slab) [ 24.960022] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.960461] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.960812] page dumped because: kasan: bad access detected [ 24.961260] [ 24.961341] Memory state around the buggy address: [ 24.961493] ffff888102b06200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.961704] ffff888102b06280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.962146] >ffff888102b06300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.962472] ^ [ 24.962797] ffff888102b06380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.963108] ffff888102b06400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.963388] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2: Failure
Automatically assigned
[ 24.920682] ================================================================== [ 24.921376] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 24.921667] Write of size 2 at addr ffff8881053b7077 by task kunit_try_catch/220 [ 24.922075] [ 24.922187] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.922250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.922262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.922284] Call Trace: [ 24.922297] <TASK> [ 24.922313] dump_stack_lvl+0x73/0xb0 [ 24.922349] print_report+0xd1/0x640 [ 24.922373] ? __virt_addr_valid+0x1db/0x2d0 [ 24.922398] ? kmalloc_oob_memset_2+0x166/0x330 [ 24.922418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.922443] ? kmalloc_oob_memset_2+0x166/0x330 [ 24.922464] kasan_report+0x141/0x180 [ 24.922485] ? kmalloc_oob_memset_2+0x166/0x330 [ 24.922509] kasan_check_range+0x10c/0x1c0 [ 24.922532] __asan_memset+0x27/0x50 [ 24.922554] kmalloc_oob_memset_2+0x166/0x330 [ 24.922576] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 24.922597] ? __schedule+0x10da/0x2b60 [ 24.922626] ? __pfx_read_tsc+0x10/0x10 [ 24.922648] ? ktime_get_ts64+0x86/0x230 [ 24.922674] kunit_try_run_case+0x1a5/0x480 [ 24.922698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.922719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.922755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.922787] ? __kthread_parkme+0x82/0x180 [ 24.922809] ? preempt_count_sub+0x50/0x80 [ 24.922843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.922866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.922888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.922910] kthread+0x337/0x6f0 [ 24.922929] ? trace_preempt_on+0x20/0xc0 [ 24.922952] ? __pfx_kthread+0x10/0x10 [ 24.922972] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.923001] ? calculate_sigpending+0x7b/0xa0 [ 24.923024] ? __pfx_kthread+0x10/0x10 [ 24.923045] ret_from_fork+0x116/0x1d0 [ 24.923063] ? __pfx_kthread+0x10/0x10 [ 24.923094] ret_from_fork_asm+0x1a/0x30 [ 24.923125] </TASK> [ 24.923136] [ 24.930163] Allocated by task 220: [ 24.930352] kasan_save_stack+0x45/0x70 [ 24.930549] kasan_save_track+0x18/0x40 [ 24.930788] kasan_save_alloc_info+0x3b/0x50 [ 24.931053] __kasan_kmalloc+0xb7/0xc0 [ 24.931320] __kmalloc_cache_noprof+0x189/0x420 [ 24.931550] kmalloc_oob_memset_2+0xac/0x330 [ 24.931694] kunit_try_run_case+0x1a5/0x480 [ 24.931832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.932052] kthread+0x337/0x6f0 [ 24.932326] ret_from_fork+0x116/0x1d0 [ 24.932494] ret_from_fork_asm+0x1a/0x30 [ 24.932682] [ 24.932747] The buggy address belongs to the object at ffff8881053b7000 [ 24.932747] which belongs to the cache kmalloc-128 of size 128 [ 24.933223] The buggy address is located 119 bytes inside of [ 24.933223] allocated 120-byte region [ffff8881053b7000, ffff8881053b7078) [ 24.933699] [ 24.933793] The buggy address belongs to the physical page: [ 24.934012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 24.934411] flags: 0x200000000000000(node=0|zone=2) [ 24.934650] page_type: f5(slab) [ 24.934792] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.935018] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.935251] page dumped because: kasan: bad access detected [ 24.935415] [ 24.935476] Memory state around the buggy address: [ 24.935624] ffff8881053b6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.935936] ffff8881053b6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.936456] >ffff8881053b7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.937149] ^ [ 24.937456] ffff8881053b7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.937664] ffff8881053b7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.937869] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset: Failure
Automatically assigned
[ 24.891920] ================================================================== [ 24.892606] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 24.892869] Write of size 128 at addr ffff8881012bcf00 by task kunit_try_catch/218 [ 24.893730] [ 24.893898] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.893952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.893963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.893985] Call Trace: [ 24.893998] <TASK> [ 24.894014] dump_stack_lvl+0x73/0xb0 [ 24.894047] print_report+0xd1/0x640 [ 24.894070] ? __virt_addr_valid+0x1db/0x2d0 [ 24.894093] ? kmalloc_oob_in_memset+0x15f/0x320 [ 24.894114] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.894139] ? kmalloc_oob_in_memset+0x15f/0x320 [ 24.894160] kasan_report+0x141/0x180 [ 24.894181] ? kmalloc_oob_in_memset+0x15f/0x320 [ 24.894221] kasan_check_range+0x10c/0x1c0 [ 24.894243] __asan_memset+0x27/0x50 [ 24.894266] kmalloc_oob_in_memset+0x15f/0x320 [ 24.894287] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 24.894308] ? __schedule+0x10da/0x2b60 [ 24.894332] ? __pfx_read_tsc+0x10/0x10 [ 24.894354] ? ktime_get_ts64+0x86/0x230 [ 24.894378] kunit_try_run_case+0x1a5/0x480 [ 24.894402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.894423] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.894456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.894489] ? __kthread_parkme+0x82/0x180 [ 24.894510] ? preempt_count_sub+0x50/0x80 [ 24.894533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.894555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.894577] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.894599] kthread+0x337/0x6f0 [ 24.894622] ? trace_preempt_on+0x20/0xc0 [ 24.894645] ? __pfx_kthread+0x10/0x10 [ 24.894665] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.894694] ? calculate_sigpending+0x7b/0xa0 [ 24.894719] ? __pfx_kthread+0x10/0x10 [ 24.894741] ret_from_fork+0x116/0x1d0 [ 24.894759] ? __pfx_kthread+0x10/0x10 [ 24.894779] ret_from_fork_asm+0x1a/0x30 [ 24.894821] </TASK> [ 24.894832] [ 24.906489] Allocated by task 218: [ 24.906626] kasan_save_stack+0x45/0x70 [ 24.906769] kasan_save_track+0x18/0x40 [ 24.907162] kasan_save_alloc_info+0x3b/0x50 [ 24.907542] __kasan_kmalloc+0xb7/0xc0 [ 24.907887] __kmalloc_cache_noprof+0x189/0x420 [ 24.908444] kmalloc_oob_in_memset+0xac/0x320 [ 24.908845] kunit_try_run_case+0x1a5/0x480 [ 24.909270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.909742] kthread+0x337/0x6f0 [ 24.910030] ret_from_fork+0x116/0x1d0 [ 24.910398] ret_from_fork_asm+0x1a/0x30 [ 24.910813] [ 24.910969] The buggy address belongs to the object at ffff8881012bcf00 [ 24.910969] which belongs to the cache kmalloc-128 of size 128 [ 24.911835] The buggy address is located 0 bytes inside of [ 24.911835] allocated 120-byte region [ffff8881012bcf00, ffff8881012bcf78) [ 24.912273] [ 24.912411] The buggy address belongs to the physical page: [ 24.912907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1012bc [ 24.913643] flags: 0x200000000000000(node=0|zone=2) [ 24.913977] page_type: f5(slab) [ 24.914130] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.914518] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.914744] page dumped because: kasan: bad access detected [ 24.915192] [ 24.915327] Memory state around the buggy address: [ 24.915518] ffff8881012bce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.915730] ffff8881012bce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.915937] >ffff8881012bcf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.916276] ^ [ 24.916559] ffff8881012bcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.916839] ffff8881012bd000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.917169] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc: Failure
Automatically assigned
[ 61.330741] ================================================================== [ 61.331249] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 61.331249] [ 61.331685] Use-after-free read at 0x(____ptrval____) (in kfence-#158): [ 61.331948] test_krealloc+0x6fc/0xbe0 [ 61.332117] kunit_try_run_case+0x1a5/0x480 [ 61.332435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 61.332624] kthread+0x337/0x6f0 [ 61.332740] ret_from_fork+0x116/0x1d0 [ 61.333108] ret_from_fork_asm+0x1a/0x30 [ 61.333384] [ 61.333479] kfence-#158: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 61.333479] [ 61.333941] allocated by task 385 on cpu 1 at 61.330093s (0.003845s ago): [ 61.334295] test_alloc+0x364/0x10f0 [ 61.334434] test_krealloc+0xad/0xbe0 [ 61.334562] kunit_try_run_case+0x1a5/0x480 [ 61.334750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 61.334987] kthread+0x337/0x6f0 [ 61.335197] ret_from_fork+0x116/0x1d0 [ 61.335333] ret_from_fork_asm+0x1a/0x30 [ 61.335465] [ 61.335529] freed by task 385 on cpu 1 at 61.330378s (0.005149s ago): [ 61.335808] krealloc_noprof+0x108/0x340 [ 61.336036] test_krealloc+0x226/0xbe0 [ 61.336276] kunit_try_run_case+0x1a5/0x480 [ 61.336525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 61.336754] kthread+0x337/0x6f0 [ 61.336867] ret_from_fork+0x116/0x1d0 [ 61.337105] ret_from_fork_asm+0x1a/0x30 [ 61.337316] [ 61.337501] CPU: 1 UID: 0 PID: 385 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 61.338087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.338240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 61.338656] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16: Failure
Automatically assigned
[ 24.853252] ================================================================== [ 24.853626] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 24.854194] Read of size 16 at addr ffff888105380c00 by task kunit_try_catch/216 [ 24.854848] [ 24.855020] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.855070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.855081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.855103] Call Trace: [ 24.855115] <TASK> [ 24.855131] dump_stack_lvl+0x73/0xb0 [ 24.855165] print_report+0xd1/0x640 [ 24.855188] ? __virt_addr_valid+0x1db/0x2d0 [ 24.855228] ? kmalloc_uaf_16+0x47b/0x4c0 [ 24.855247] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.855272] ? kmalloc_uaf_16+0x47b/0x4c0 [ 24.855292] kasan_report+0x141/0x180 [ 24.855313] ? kmalloc_uaf_16+0x47b/0x4c0 [ 24.855337] __asan_report_load16_noabort+0x18/0x20 [ 24.855361] kmalloc_uaf_16+0x47b/0x4c0 [ 24.855381] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 24.855401] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.855426] ? trace_hardirqs_on+0x37/0xe0 [ 24.855449] ? __pfx_read_tsc+0x10/0x10 [ 24.855471] ? ktime_get_ts64+0x86/0x230 [ 24.855511] kunit_try_run_case+0x1a5/0x480 [ 24.855554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.855588] ? queued_spin_lock_slowpath+0x116/0xb40 [ 24.855623] ? __kthread_parkme+0x82/0x180 [ 24.855643] ? preempt_count_sub+0x50/0x80 [ 24.855665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.855687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.855710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.855732] kthread+0x337/0x6f0 [ 24.855750] ? trace_preempt_on+0x20/0xc0 [ 24.855772] ? __pfx_kthread+0x10/0x10 [ 24.855791] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.855838] ? calculate_sigpending+0x7b/0xa0 [ 24.855862] ? __pfx_kthread+0x10/0x10 [ 24.855882] ret_from_fork+0x116/0x1d0 [ 24.855901] ? __pfx_kthread+0x10/0x10 [ 24.855920] ret_from_fork_asm+0x1a/0x30 [ 24.855951] </TASK> [ 24.855962] [ 24.868450] Allocated by task 216: [ 24.868593] kasan_save_stack+0x45/0x70 [ 24.868739] kasan_save_track+0x18/0x40 [ 24.869110] kasan_save_alloc_info+0x3b/0x50 [ 24.869515] __kasan_kmalloc+0xb7/0xc0 [ 24.869836] __kmalloc_cache_noprof+0x189/0x420 [ 24.870319] kmalloc_uaf_16+0x15b/0x4c0 [ 24.870734] kunit_try_run_case+0x1a5/0x480 [ 24.871190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.871514] kthread+0x337/0x6f0 [ 24.871631] ret_from_fork+0x116/0x1d0 [ 24.871758] ret_from_fork_asm+0x1a/0x30 [ 24.872235] [ 24.872388] Freed by task 216: [ 24.872655] kasan_save_stack+0x45/0x70 [ 24.873022] kasan_save_track+0x18/0x40 [ 24.873494] kasan_save_free_info+0x3f/0x60 [ 24.873881] __kasan_slab_free+0x56/0x70 [ 24.874336] kfree+0x222/0x3f0 [ 24.874675] kmalloc_uaf_16+0x1d6/0x4c0 [ 24.875078] kunit_try_run_case+0x1a5/0x480 [ 24.875240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.875407] kthread+0x337/0x6f0 [ 24.875519] ret_from_fork+0x116/0x1d0 [ 24.875643] ret_from_fork_asm+0x1a/0x30 [ 24.875775] [ 24.875977] The buggy address belongs to the object at ffff888105380c00 [ 24.875977] which belongs to the cache kmalloc-16 of size 16 [ 24.877113] The buggy address is located 0 bytes inside of [ 24.877113] freed 16-byte region [ffff888105380c00, ffff888105380c10) [ 24.878340] [ 24.878504] The buggy address belongs to the physical page: [ 24.879088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105380 [ 24.879833] flags: 0x200000000000000(node=0|zone=2) [ 24.880405] page_type: f5(slab) [ 24.880540] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 24.880764] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.881447] page dumped because: kasan: bad access detected [ 24.881934] [ 24.882102] Memory state around the buggy address: [ 24.882714] ffff888105380b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.883365] ffff888105380b80: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 24.883581] >ffff888105380c00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.883787] ^ [ 24.884167] ffff888105380c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.884871] ffff888105380d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.885836] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16: Failure
Automatically assigned
[ 24.820095] ================================================================== [ 24.820649] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 24.821641] Write of size 16 at addr ffff888102abfb60 by task kunit_try_catch/214 [ 24.822592] [ 24.822978] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.823035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.823048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.823071] Call Trace: [ 24.823085] <TASK> [ 24.823103] dump_stack_lvl+0x73/0xb0 [ 24.823139] print_report+0xd1/0x640 [ 24.823161] ? __virt_addr_valid+0x1db/0x2d0 [ 24.823186] ? kmalloc_oob_16+0x452/0x4a0 [ 24.823216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.823240] ? kmalloc_oob_16+0x452/0x4a0 [ 24.823260] kasan_report+0x141/0x180 [ 24.823281] ? kmalloc_oob_16+0x452/0x4a0 [ 24.823304] __asan_report_store16_noabort+0x1b/0x30 [ 24.823328] kmalloc_oob_16+0x452/0x4a0 [ 24.823348] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 24.823370] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 24.823394] kunit_try_run_case+0x1a5/0x480 [ 24.823420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.823441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.823475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.823507] ? __kthread_parkme+0x82/0x180 [ 24.823528] ? preempt_count_sub+0x50/0x80 [ 24.823551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.823573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.823595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.823617] kthread+0x337/0x6f0 [ 24.823636] ? trace_preempt_on+0x20/0xc0 [ 24.823660] ? __pfx_kthread+0x10/0x10 [ 24.823679] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.823708] ? calculate_sigpending+0x7b/0xa0 [ 24.823731] ? __pfx_kthread+0x10/0x10 [ 24.823752] ret_from_fork+0x116/0x1d0 [ 24.823771] ? __pfx_kthread+0x10/0x10 [ 24.823791] ret_from_fork_asm+0x1a/0x30 [ 24.823822] </TASK> [ 24.823833] [ 24.836830] Allocated by task 214: [ 24.837189] kasan_save_stack+0x45/0x70 [ 24.837564] kasan_save_track+0x18/0x40 [ 24.837943] kasan_save_alloc_info+0x3b/0x50 [ 24.838402] __kasan_kmalloc+0xb7/0xc0 [ 24.838800] __kmalloc_cache_noprof+0x189/0x420 [ 24.839220] kmalloc_oob_16+0xa8/0x4a0 [ 24.839451] kunit_try_run_case+0x1a5/0x480 [ 24.839826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.840106] kthread+0x337/0x6f0 [ 24.840423] ret_from_fork+0x116/0x1d0 [ 24.840815] ret_from_fork_asm+0x1a/0x30 [ 24.841063] [ 24.841175] The buggy address belongs to the object at ffff888102abfb60 [ 24.841175] which belongs to the cache kmalloc-16 of size 16 [ 24.842020] The buggy address is located 0 bytes inside of [ 24.842020] allocated 13-byte region [ffff888102abfb60, ffff888102abfb6d) [ 24.842999] [ 24.843160] The buggy address belongs to the physical page: [ 24.843616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abf [ 24.844038] flags: 0x200000000000000(node=0|zone=2) [ 24.844527] page_type: f5(slab) [ 24.844854] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.845474] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.845731] page dumped because: kasan: bad access detected [ 24.846265] [ 24.846436] Memory state around the buggy address: [ 24.846919] ffff888102abfa00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 24.847557] ffff888102abfa80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.847869] >ffff888102abfb00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 24.848126] ^ [ 24.848331] ffff888102abfb80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.848541] ffff888102abfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.848747] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf: Failure
Automatically assigned
[ 24.743070] ================================================================== [ 24.743739] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 24.744146] Read of size 1 at addr ffff88810500d800 by task kunit_try_catch/212 [ 24.744557] [ 24.744658] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.744710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.744722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.744744] Call Trace: [ 24.744757] <TASK> [ 24.744775] dump_stack_lvl+0x73/0xb0 [ 24.745143] print_report+0xd1/0x640 [ 24.745168] ? __virt_addr_valid+0x1db/0x2d0 [ 24.745205] ? krealloc_uaf+0x1b8/0x5e0 [ 24.745225] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.745250] ? krealloc_uaf+0x1b8/0x5e0 [ 24.745270] kasan_report+0x141/0x180 [ 24.745293] ? krealloc_uaf+0x1b8/0x5e0 [ 24.745316] ? krealloc_uaf+0x1b8/0x5e0 [ 24.745336] __kasan_check_byte+0x3d/0x50 [ 24.745357] krealloc_noprof+0x3f/0x340 [ 24.745384] krealloc_uaf+0x1b8/0x5e0 [ 24.745404] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.745424] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.745454] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.745478] kunit_try_run_case+0x1a5/0x480 [ 24.745503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.745524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.745558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.745589] ? __kthread_parkme+0x82/0x180 [ 24.745609] ? preempt_count_sub+0x50/0x80 [ 24.745632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.745654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.745676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.745698] kthread+0x337/0x6f0 [ 24.745717] ? trace_preempt_on+0x20/0xc0 [ 24.745740] ? __pfx_kthread+0x10/0x10 [ 24.745759] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.745809] ? calculate_sigpending+0x7b/0xa0 [ 24.745851] ? __pfx_kthread+0x10/0x10 [ 24.745872] ret_from_fork+0x116/0x1d0 [ 24.745892] ? __pfx_kthread+0x10/0x10 [ 24.745912] ret_from_fork_asm+0x1a/0x30 [ 24.745943] </TASK> [ 24.745955] [ 24.756050] Allocated by task 212: [ 24.756894] kasan_save_stack+0x45/0x70 [ 24.757078] kasan_save_track+0x18/0x40 [ 24.757528] kasan_save_alloc_info+0x3b/0x50 [ 24.757965] __kasan_kmalloc+0xb7/0xc0 [ 24.758297] __kmalloc_cache_noprof+0x189/0x420 [ 24.758658] krealloc_uaf+0xbb/0x5e0 [ 24.759031] kunit_try_run_case+0x1a5/0x480 [ 24.759242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.759477] kthread+0x337/0x6f0 [ 24.759645] ret_from_fork+0x116/0x1d0 [ 24.760342] ret_from_fork_asm+0x1a/0x30 [ 24.760531] [ 24.760927] Freed by task 212: [ 24.761246] kasan_save_stack+0x45/0x70 [ 24.761571] kasan_save_track+0x18/0x40 [ 24.761769] kasan_save_free_info+0x3f/0x60 [ 24.762314] __kasan_slab_free+0x56/0x70 [ 24.762602] kfree+0x222/0x3f0 [ 24.763024] krealloc_uaf+0x13d/0x5e0 [ 24.763181] kunit_try_run_case+0x1a5/0x480 [ 24.763643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.764167] kthread+0x337/0x6f0 [ 24.764332] ret_from_fork+0x116/0x1d0 [ 24.764744] ret_from_fork_asm+0x1a/0x30 [ 24.765185] [ 24.765267] The buggy address belongs to the object at ffff88810500d800 [ 24.765267] which belongs to the cache kmalloc-256 of size 256 [ 24.766305] The buggy address is located 0 bytes inside of [ 24.766305] freed 256-byte region [ffff88810500d800, ffff88810500d900) [ 24.767099] [ 24.767211] The buggy address belongs to the physical page: [ 24.767619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.768314] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.768999] flags: 0x200000000000040(head|node=0|zone=2) [ 24.769258] page_type: f5(slab) [ 24.769436] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.770076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.770567] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.771092] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.771568] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.772207] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.772706] page dumped because: kasan: bad access detected [ 24.772981] [ 24.773074] Memory state around the buggy address: [ 24.773310] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.773604] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.773907] >ffff88810500d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.774681] ^ [ 24.775041] ffff88810500d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.775523] ffff88810500d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.776136] ================================================================== [ 24.779605] ================================================================== [ 24.780022] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 24.780344] Read of size 1 at addr ffff88810500d800 by task kunit_try_catch/212 [ 24.780656] [ 24.780756] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.780804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.780815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.780837] Call Trace: [ 24.780850] <TASK> [ 24.780868] dump_stack_lvl+0x73/0xb0 [ 24.780900] print_report+0xd1/0x640 [ 24.780922] ? __virt_addr_valid+0x1db/0x2d0 [ 24.780945] ? krealloc_uaf+0x53c/0x5e0 [ 24.780964] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.780990] ? krealloc_uaf+0x53c/0x5e0 [ 24.781010] kasan_report+0x141/0x180 [ 24.781031] ? krealloc_uaf+0x53c/0x5e0 [ 24.781055] __asan_report_load1_noabort+0x18/0x20 [ 24.781078] krealloc_uaf+0x53c/0x5e0 [ 24.781099] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.781118] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.781148] ? __pfx_krealloc_uaf+0x10/0x10 [ 24.781173] kunit_try_run_case+0x1a5/0x480 [ 24.781207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.781228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.781263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.781684] ? __kthread_parkme+0x82/0x180 [ 24.781712] ? preempt_count_sub+0x50/0x80 [ 24.781736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.781760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.781783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.781819] kthread+0x337/0x6f0 [ 24.781856] ? trace_preempt_on+0x20/0xc0 [ 24.781882] ? __pfx_kthread+0x10/0x10 [ 24.781901] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.781932] ? calculate_sigpending+0x7b/0xa0 [ 24.781955] ? __pfx_kthread+0x10/0x10 [ 24.781975] ret_from_fork+0x116/0x1d0 [ 24.781995] ? __pfx_kthread+0x10/0x10 [ 24.782014] ret_from_fork_asm+0x1a/0x30 [ 24.782045] </TASK> [ 24.782056] [ 24.793577] Allocated by task 212: [ 24.793775] kasan_save_stack+0x45/0x70 [ 24.794529] kasan_save_track+0x18/0x40 [ 24.794805] kasan_save_alloc_info+0x3b/0x50 [ 24.795206] __kasan_kmalloc+0xb7/0xc0 [ 24.795758] __kmalloc_cache_noprof+0x189/0x420 [ 24.796245] krealloc_uaf+0xbb/0x5e0 [ 24.796430] kunit_try_run_case+0x1a5/0x480 [ 24.796717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.797382] kthread+0x337/0x6f0 [ 24.797564] ret_from_fork+0x116/0x1d0 [ 24.797705] ret_from_fork_asm+0x1a/0x30 [ 24.798220] [ 24.798290] Freed by task 212: [ 24.798444] kasan_save_stack+0x45/0x70 [ 24.798643] kasan_save_track+0x18/0x40 [ 24.798807] kasan_save_free_info+0x3f/0x60 [ 24.799444] __kasan_slab_free+0x56/0x70 [ 24.799740] kfree+0x222/0x3f0 [ 24.800074] krealloc_uaf+0x13d/0x5e0 [ 24.800546] kunit_try_run_case+0x1a5/0x480 [ 24.801012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.801322] kthread+0x337/0x6f0 [ 24.801792] ret_from_fork+0x116/0x1d0 [ 24.802238] ret_from_fork_asm+0x1a/0x30 [ 24.802389] [ 24.802458] The buggy address belongs to the object at ffff88810500d800 [ 24.802458] which belongs to the cache kmalloc-256 of size 256 [ 24.802819] The buggy address is located 0 bytes inside of [ 24.802819] freed 256-byte region [ffff88810500d800, ffff88810500d900) [ 24.803159] [ 24.803747] The buggy address belongs to the physical page: [ 24.804525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.805547] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.806098] flags: 0x200000000000040(head|node=0|zone=2) [ 24.806364] page_type: f5(slab) [ 24.806538] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.806881] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.807729] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.808369] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.808764] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.809452] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.809906] page dumped because: kasan: bad access detected [ 24.810158] [ 24.810236] Memory state around the buggy address: [ 24.810462] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.810782] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.811085] >ffff88810500d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.811963] ^ [ 24.812452] ffff88810500d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.812754] ffff88810500d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.813301] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper: Failure
Automatically assigned
[ 24.446139] ================================================================== [ 24.446457] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 24.446799] Write of size 1 at addr ffff88810500d6d0 by task kunit_try_catch/206 [ 24.447099] [ 24.448069] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.448126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.448139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.448160] Call Trace: [ 24.448173] <TASK> [ 24.448207] dump_stack_lvl+0x73/0xb0 [ 24.448241] print_report+0xd1/0x640 [ 24.448265] ? __virt_addr_valid+0x1db/0x2d0 [ 24.448289] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 24.448311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.448336] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 24.448359] kasan_report+0x141/0x180 [ 24.448380] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 24.448406] __asan_report_store1_noabort+0x1b/0x30 [ 24.448429] krealloc_less_oob_helper+0xe23/0x11d0 [ 24.448453] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.448475] ? finish_task_switch.isra.0+0x153/0x700 [ 24.448496] ? __switch_to+0x47/0xf80 [ 24.448521] ? __schedule+0x10da/0x2b60 [ 24.448544] ? __pfx_read_tsc+0x10/0x10 [ 24.448568] krealloc_less_oob+0x1c/0x30 [ 24.448588] kunit_try_run_case+0x1a5/0x480 [ 24.448611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.448632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.448664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.448696] ? __kthread_parkme+0x82/0x180 [ 24.448715] ? preempt_count_sub+0x50/0x80 [ 24.448736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.448758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.448857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.448883] kthread+0x337/0x6f0 [ 24.448902] ? trace_preempt_on+0x20/0xc0 [ 24.448925] ? __pfx_kthread+0x10/0x10 [ 24.448944] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.448974] ? calculate_sigpending+0x7b/0xa0 [ 24.448997] ? __pfx_kthread+0x10/0x10 [ 24.449017] ret_from_fork+0x116/0x1d0 [ 24.449035] ? __pfx_kthread+0x10/0x10 [ 24.449055] ret_from_fork_asm+0x1a/0x30 [ 24.449085] </TASK> [ 24.449095] [ 24.461134] Allocated by task 206: [ 24.461429] kasan_save_stack+0x45/0x70 [ 24.461631] kasan_save_track+0x18/0x40 [ 24.461821] kasan_save_alloc_info+0x3b/0x50 [ 24.462014] __kasan_krealloc+0x190/0x1f0 [ 24.462208] krealloc_noprof+0xf3/0x340 [ 24.462385] krealloc_less_oob_helper+0x1aa/0x11d0 [ 24.462596] krealloc_less_oob+0x1c/0x30 [ 24.462776] kunit_try_run_case+0x1a5/0x480 [ 24.462968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.463781] kthread+0x337/0x6f0 [ 24.464244] ret_from_fork+0x116/0x1d0 [ 24.464407] ret_from_fork_asm+0x1a/0x30 [ 24.464605] [ 24.464678] The buggy address belongs to the object at ffff88810500d600 [ 24.464678] which belongs to the cache kmalloc-256 of size 256 [ 24.465513] The buggy address is located 7 bytes to the right of [ 24.465513] allocated 201-byte region [ffff88810500d600, ffff88810500d6c9) [ 24.466457] [ 24.466569] The buggy address belongs to the physical page: [ 24.467109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.467588] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.467924] flags: 0x200000000000040(head|node=0|zone=2) [ 24.468162] page_type: f5(slab) [ 24.468311] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.468642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.468951] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.469941] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.470385] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.470930] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.471330] page dumped because: kasan: bad access detected [ 24.471688] [ 24.471760] Memory state around the buggy address: [ 24.472283] ffff88810500d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.472680] ffff88810500d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.473324] >ffff88810500d680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.473768] ^ [ 24.474224] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.474658] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.475206] ================================================================== [ 24.606549] ================================================================== [ 24.606997] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 24.607264] Write of size 1 at addr ffff888102b3e0c9 by task kunit_try_catch/210 [ 24.608058] [ 24.608266] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.608537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.608555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.608578] Call Trace: [ 24.608593] <TASK> [ 24.608611] dump_stack_lvl+0x73/0xb0 [ 24.608647] print_report+0xd1/0x640 [ 24.608671] ? __virt_addr_valid+0x1db/0x2d0 [ 24.608695] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 24.608717] ? kasan_addr_to_slab+0x11/0xa0 [ 24.608737] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 24.608759] kasan_report+0x141/0x180 [ 24.608783] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 24.608835] __asan_report_store1_noabort+0x1b/0x30 [ 24.608872] krealloc_less_oob_helper+0xd70/0x11d0 [ 24.608897] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.608920] ? finish_task_switch.isra.0+0x153/0x700 [ 24.608941] ? __switch_to+0x47/0xf80 [ 24.608967] ? __schedule+0x10da/0x2b60 [ 24.608990] ? __pfx_read_tsc+0x10/0x10 [ 24.609014] krealloc_large_less_oob+0x1c/0x30 [ 24.609037] kunit_try_run_case+0x1a5/0x480 [ 24.609061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.609082] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.609114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.609146] ? __kthread_parkme+0x82/0x180 [ 24.609167] ? preempt_count_sub+0x50/0x80 [ 24.609203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.609225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.609247] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.609269] kthread+0x337/0x6f0 [ 24.609288] ? trace_preempt_on+0x20/0xc0 [ 24.609311] ? __pfx_kthread+0x10/0x10 [ 24.609330] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.609359] ? calculate_sigpending+0x7b/0xa0 [ 24.609382] ? __pfx_kthread+0x10/0x10 [ 24.609402] ret_from_fork+0x116/0x1d0 [ 24.609420] ? __pfx_kthread+0x10/0x10 [ 24.609439] ret_from_fork_asm+0x1a/0x30 [ 24.609469] </TASK> [ 24.609482] [ 24.627143] The buggy address belongs to the physical page: [ 24.627859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.628764] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.629349] flags: 0x200000000000040(head|node=0|zone=2) [ 24.629541] page_type: f8(unknown) [ 24.629669] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.630532] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.631696] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.632730] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.633545] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.634079] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.634943] page dumped because: kasan: bad access detected [ 24.635571] [ 24.635673] Memory state around the buggy address: [ 24.636357] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.636990] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.637228] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.637437] ^ [ 24.637608] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.637967] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.638567] ================================================================== [ 24.689017] ================================================================== [ 24.689451] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 24.689701] Write of size 1 at addr ffff888102b3e0ea by task kunit_try_catch/210 [ 24.689920] [ 24.689998] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.690041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.690053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.690085] Call Trace: [ 24.690118] <TASK> [ 24.690132] dump_stack_lvl+0x73/0xb0 [ 24.690161] print_report+0xd1/0x640 [ 24.690183] ? __virt_addr_valid+0x1db/0x2d0 [ 24.690217] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 24.690239] ? kasan_addr_to_slab+0x11/0xa0 [ 24.690259] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 24.690281] kasan_report+0x141/0x180 [ 24.690303] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 24.690331] __asan_report_store1_noabort+0x1b/0x30 [ 24.690355] krealloc_less_oob_helper+0xe90/0x11d0 [ 24.690379] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.690402] ? finish_task_switch.isra.0+0x153/0x700 [ 24.690423] ? __switch_to+0x47/0xf80 [ 24.690447] ? __schedule+0x10da/0x2b60 [ 24.690470] ? __pfx_read_tsc+0x10/0x10 [ 24.690493] krealloc_large_less_oob+0x1c/0x30 [ 24.690514] kunit_try_run_case+0x1a5/0x480 [ 24.690539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.690560] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.690593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.690631] ? __kthread_parkme+0x82/0x180 [ 24.690650] ? preempt_count_sub+0x50/0x80 [ 24.690671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.690694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.690716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.690738] kthread+0x337/0x6f0 [ 24.690757] ? trace_preempt_on+0x20/0xc0 [ 24.690779] ? __pfx_kthread+0x10/0x10 [ 24.690821] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.690864] ? calculate_sigpending+0x7b/0xa0 [ 24.690888] ? __pfx_kthread+0x10/0x10 [ 24.690909] ret_from_fork+0x116/0x1d0 [ 24.690927] ? __pfx_kthread+0x10/0x10 [ 24.690946] ret_from_fork_asm+0x1a/0x30 [ 24.690976] </TASK> [ 24.690986] [ 24.705232] The buggy address belongs to the physical page: [ 24.705745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.706381] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.707075] flags: 0x200000000000040(head|node=0|zone=2) [ 24.707583] page_type: f8(unknown) [ 24.707902] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.708561] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.709325] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.709560] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.709787] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.710519] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.711345] page dumped because: kasan: bad access detected [ 24.711868] [ 24.712021] Memory state around the buggy address: [ 24.712446] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.713108] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.713811] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.714027] ^ [ 24.714233] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.714736] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.715117] ================================================================== [ 24.640347] ================================================================== [ 24.640952] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 24.641514] Write of size 1 at addr ffff888102b3e0d0 by task kunit_try_catch/210 [ 24.641747] [ 24.641837] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.641884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.641896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.641918] Call Trace: [ 24.641931] <TASK> [ 24.641947] dump_stack_lvl+0x73/0xb0 [ 24.641980] print_report+0xd1/0x640 [ 24.642003] ? __virt_addr_valid+0x1db/0x2d0 [ 24.642027] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 24.642051] ? kasan_addr_to_slab+0x11/0xa0 [ 24.642071] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 24.642094] kasan_report+0x141/0x180 [ 24.642115] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 24.642141] __asan_report_store1_noabort+0x1b/0x30 [ 24.642218] krealloc_less_oob_helper+0xe23/0x11d0 [ 24.642243] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.642295] ? finish_task_switch.isra.0+0x153/0x700 [ 24.642316] ? __switch_to+0x47/0xf80 [ 24.642352] ? __schedule+0x10da/0x2b60 [ 24.642375] ? __pfx_read_tsc+0x10/0x10 [ 24.642400] krealloc_large_less_oob+0x1c/0x30 [ 24.642422] kunit_try_run_case+0x1a5/0x480 [ 24.642446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.642467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.642514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.642546] ? __kthread_parkme+0x82/0x180 [ 24.642566] ? preempt_count_sub+0x50/0x80 [ 24.642587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.642610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.642640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.642664] kthread+0x337/0x6f0 [ 24.642683] ? trace_preempt_on+0x20/0xc0 [ 24.642705] ? __pfx_kthread+0x10/0x10 [ 24.642725] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.642754] ? calculate_sigpending+0x7b/0xa0 [ 24.642777] ? __pfx_kthread+0x10/0x10 [ 24.642821] ret_from_fork+0x116/0x1d0 [ 24.642840] ? __pfx_kthread+0x10/0x10 [ 24.642860] ret_from_fork_asm+0x1a/0x30 [ 24.642901] </TASK> [ 24.642912] [ 24.651409] The buggy address belongs to the physical page: [ 24.651879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.652813] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.653628] flags: 0x200000000000040(head|node=0|zone=2) [ 24.654231] page_type: f8(unknown) [ 24.654594] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.655434] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.656301] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.657216] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.658100] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.658897] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.659540] page dumped because: kasan: bad access detected [ 24.659926] [ 24.659991] Memory state around the buggy address: [ 24.660138] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.660354] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.660559] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.660762] ^ [ 24.660933] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.661137] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.661849] ================================================================== [ 24.662728] ================================================================== [ 24.663406] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 24.664226] Write of size 1 at addr ffff888102b3e0da by task kunit_try_catch/210 [ 24.665015] [ 24.665198] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.665245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.665257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.665279] Call Trace: [ 24.665295] <TASK> [ 24.665308] dump_stack_lvl+0x73/0xb0 [ 24.665340] print_report+0xd1/0x640 [ 24.665363] ? __virt_addr_valid+0x1db/0x2d0 [ 24.665386] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 24.665408] ? kasan_addr_to_slab+0x11/0xa0 [ 24.665428] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 24.665451] kasan_report+0x141/0x180 [ 24.665474] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 24.665501] __asan_report_store1_noabort+0x1b/0x30 [ 24.665526] krealloc_less_oob_helper+0xec6/0x11d0 [ 24.665556] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.665582] ? finish_task_switch.isra.0+0x153/0x700 [ 24.665603] ? __switch_to+0x47/0xf80 [ 24.665628] ? __schedule+0x10da/0x2b60 [ 24.665651] ? __pfx_read_tsc+0x10/0x10 [ 24.665676] krealloc_large_less_oob+0x1c/0x30 [ 24.665698] kunit_try_run_case+0x1a5/0x480 [ 24.665722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.665743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.665781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.665814] ? __kthread_parkme+0x82/0x180 [ 24.665835] ? preempt_count_sub+0x50/0x80 [ 24.665858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.665880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.665904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.665925] kthread+0x337/0x6f0 [ 24.665944] ? trace_preempt_on+0x20/0xc0 [ 24.665966] ? __pfx_kthread+0x10/0x10 [ 24.665986] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.666015] ? calculate_sigpending+0x7b/0xa0 [ 24.666038] ? __pfx_kthread+0x10/0x10 [ 24.666058] ret_from_fork+0x116/0x1d0 [ 24.666092] ? __pfx_kthread+0x10/0x10 [ 24.666111] ret_from_fork_asm+0x1a/0x30 [ 24.666141] </TASK> [ 24.666151] [ 24.679688] The buggy address belongs to the physical page: [ 24.680250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.680935] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.681478] flags: 0x200000000000040(head|node=0|zone=2) [ 24.681761] page_type: f8(unknown) [ 24.681885] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.682393] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.683092] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.683626] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.684046] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.684316] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.684539] page dumped because: kasan: bad access detected [ 24.684702] [ 24.684764] Memory state around the buggy address: [ 24.685230] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.685674] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.686058] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.686312] ^ [ 24.686555] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.687285] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.688108] ================================================================== [ 24.476469] ================================================================== [ 24.477107] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 24.477439] Write of size 1 at addr ffff88810500d6da by task kunit_try_catch/206 [ 24.478110] [ 24.478246] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.478296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.478307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.478329] Call Trace: [ 24.478347] <TASK> [ 24.478363] dump_stack_lvl+0x73/0xb0 [ 24.478397] print_report+0xd1/0x640 [ 24.478420] ? __virt_addr_valid+0x1db/0x2d0 [ 24.478443] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 24.478466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.478490] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 24.478513] kasan_report+0x141/0x180 [ 24.478534] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 24.478560] __asan_report_store1_noabort+0x1b/0x30 [ 24.478583] krealloc_less_oob_helper+0xec6/0x11d0 [ 24.478607] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.478635] ? finish_task_switch.isra.0+0x153/0x700 [ 24.478656] ? __switch_to+0x47/0xf80 [ 24.478681] ? __schedule+0x10da/0x2b60 [ 24.478703] ? __pfx_read_tsc+0x10/0x10 [ 24.478727] krealloc_less_oob+0x1c/0x30 [ 24.478747] kunit_try_run_case+0x1a5/0x480 [ 24.478771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.479054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.479091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.479124] ? __kthread_parkme+0x82/0x180 [ 24.479143] ? preempt_count_sub+0x50/0x80 [ 24.479165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.479199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.479222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.479244] kthread+0x337/0x6f0 [ 24.479263] ? trace_preempt_on+0x20/0xc0 [ 24.479285] ? __pfx_kthread+0x10/0x10 [ 24.479305] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.479334] ? calculate_sigpending+0x7b/0xa0 [ 24.479358] ? __pfx_kthread+0x10/0x10 [ 24.479378] ret_from_fork+0x116/0x1d0 [ 24.479397] ? __pfx_kthread+0x10/0x10 [ 24.479416] ret_from_fork_asm+0x1a/0x30 [ 24.479446] </TASK> [ 24.479457] [ 24.491564] Allocated by task 206: [ 24.491714] kasan_save_stack+0x45/0x70 [ 24.491927] kasan_save_track+0x18/0x40 [ 24.492123] kasan_save_alloc_info+0x3b/0x50 [ 24.492320] __kasan_krealloc+0x190/0x1f0 [ 24.492505] krealloc_noprof+0xf3/0x340 [ 24.492676] krealloc_less_oob_helper+0x1aa/0x11d0 [ 24.492888] krealloc_less_oob+0x1c/0x30 [ 24.493067] kunit_try_run_case+0x1a5/0x480 [ 24.494082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.494307] kthread+0x337/0x6f0 [ 24.494671] ret_from_fork+0x116/0x1d0 [ 24.495081] ret_from_fork_asm+0x1a/0x30 [ 24.495291] [ 24.495361] The buggy address belongs to the object at ffff88810500d600 [ 24.495361] which belongs to the cache kmalloc-256 of size 256 [ 24.496242] The buggy address is located 17 bytes to the right of [ 24.496242] allocated 201-byte region [ffff88810500d600, ffff88810500d6c9) [ 24.497014] [ 24.497118] The buggy address belongs to the physical page: [ 24.497483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.498239] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.498741] flags: 0x200000000000040(head|node=0|zone=2) [ 24.499196] page_type: f5(slab) [ 24.499337] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.499962] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.500410] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.500940] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.501285] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.501610] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.502346] page dumped because: kasan: bad access detected [ 24.502679] [ 24.503042] Memory state around the buggy address: [ 24.503271] ffff88810500d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.503645] ffff88810500d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.504191] >ffff88810500d680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.504631] ^ [ 24.505139] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.505520] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.506158] ================================================================== [ 24.716187] ================================================================== [ 24.716878] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 24.717408] Write of size 1 at addr ffff888102b3e0eb by task kunit_try_catch/210 [ 24.717837] [ 24.718008] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.718052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.718063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.718095] Call Trace: [ 24.718112] <TASK> [ 24.718126] dump_stack_lvl+0x73/0xb0 [ 24.718161] print_report+0xd1/0x640 [ 24.718183] ? __virt_addr_valid+0x1db/0x2d0 [ 24.718216] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 24.718239] ? kasan_addr_to_slab+0x11/0xa0 [ 24.718259] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 24.718281] kasan_report+0x141/0x180 [ 24.718302] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 24.718330] __asan_report_store1_noabort+0x1b/0x30 [ 24.718353] krealloc_less_oob_helper+0xd47/0x11d0 [ 24.718377] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.718400] ? finish_task_switch.isra.0+0x153/0x700 [ 24.718421] ? __switch_to+0x47/0xf80 [ 24.718446] ? __schedule+0x10da/0x2b60 [ 24.718468] ? __pfx_read_tsc+0x10/0x10 [ 24.718491] krealloc_large_less_oob+0x1c/0x30 [ 24.718513] kunit_try_run_case+0x1a5/0x480 [ 24.718537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.718558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.718591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.718629] ? __kthread_parkme+0x82/0x180 [ 24.718649] ? preempt_count_sub+0x50/0x80 [ 24.718670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.718692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.718714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.718736] kthread+0x337/0x6f0 [ 24.718755] ? trace_preempt_on+0x20/0xc0 [ 24.718777] ? __pfx_kthread+0x10/0x10 [ 24.718815] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.718844] ? calculate_sigpending+0x7b/0xa0 [ 24.718874] ? __pfx_kthread+0x10/0x10 [ 24.718895] ret_from_fork+0x116/0x1d0 [ 24.718913] ? __pfx_kthread+0x10/0x10 [ 24.718932] ret_from_fork_asm+0x1a/0x30 [ 24.718963] </TASK> [ 24.718972] [ 24.731349] The buggy address belongs to the physical page: [ 24.731761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.732076] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.732308] flags: 0x200000000000040(head|node=0|zone=2) [ 24.732496] page_type: f8(unknown) [ 24.732783] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.733534] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.734391] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.734622] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.735036] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.735300] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.735522] page dumped because: kasan: bad access detected [ 24.735684] [ 24.735745] Memory state around the buggy address: [ 24.735891] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.736382] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.736859] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 24.737597] ^ [ 24.738259] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.738942] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.739384] ================================================================== [ 24.534310] ================================================================== [ 24.534904] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 24.535337] Write of size 1 at addr ffff88810500d6eb by task kunit_try_catch/206 [ 24.535636] [ 24.535730] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.535777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.535789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.535810] Call Trace: [ 24.535829] <TASK> [ 24.535846] dump_stack_lvl+0x73/0xb0 [ 24.536418] print_report+0xd1/0x640 [ 24.536443] ? __virt_addr_valid+0x1db/0x2d0 [ 24.536466] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 24.536488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.536513] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 24.536536] kasan_report+0x141/0x180 [ 24.536557] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 24.536584] __asan_report_store1_noabort+0x1b/0x30 [ 24.536607] krealloc_less_oob_helper+0xd47/0x11d0 [ 24.536631] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.536654] ? finish_task_switch.isra.0+0x153/0x700 [ 24.536675] ? __switch_to+0x47/0xf80 [ 24.536700] ? __schedule+0x10da/0x2b60 [ 24.536723] ? __pfx_read_tsc+0x10/0x10 [ 24.536747] krealloc_less_oob+0x1c/0x30 [ 24.536767] kunit_try_run_case+0x1a5/0x480 [ 24.536810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.536832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.536865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.536897] ? __kthread_parkme+0x82/0x180 [ 24.536917] ? preempt_count_sub+0x50/0x80 [ 24.536939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.536962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.536984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.537005] kthread+0x337/0x6f0 [ 24.537024] ? trace_preempt_on+0x20/0xc0 [ 24.537046] ? __pfx_kthread+0x10/0x10 [ 24.537065] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.537094] ? calculate_sigpending+0x7b/0xa0 [ 24.537118] ? __pfx_kthread+0x10/0x10 [ 24.537138] ret_from_fork+0x116/0x1d0 [ 24.537156] ? __pfx_kthread+0x10/0x10 [ 24.537176] ret_from_fork_asm+0x1a/0x30 [ 24.537217] </TASK> [ 24.537227] [ 24.547561] Allocated by task 206: [ 24.547884] kasan_save_stack+0x45/0x70 [ 24.548071] kasan_save_track+0x18/0x40 [ 24.548258] kasan_save_alloc_info+0x3b/0x50 [ 24.548443] __kasan_krealloc+0x190/0x1f0 [ 24.548620] krealloc_noprof+0xf3/0x340 [ 24.548773] krealloc_less_oob_helper+0x1aa/0x11d0 [ 24.549004] krealloc_less_oob+0x1c/0x30 [ 24.549682] kunit_try_run_case+0x1a5/0x480 [ 24.549829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.550177] kthread+0x337/0x6f0 [ 24.550332] ret_from_fork+0x116/0x1d0 [ 24.550498] ret_from_fork_asm+0x1a/0x30 [ 24.550699] [ 24.550767] The buggy address belongs to the object at ffff88810500d600 [ 24.550767] which belongs to the cache kmalloc-256 of size 256 [ 24.551368] The buggy address is located 34 bytes to the right of [ 24.551368] allocated 201-byte region [ffff88810500d600, ffff88810500d6c9) [ 24.552350] [ 24.552577] The buggy address belongs to the physical page: [ 24.553030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.553455] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.553986] flags: 0x200000000000040(head|node=0|zone=2) [ 24.554347] page_type: f5(slab) [ 24.554567] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.555061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.555373] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.555814] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.556301] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.556690] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.557153] page dumped because: kasan: bad access detected [ 24.557353] [ 24.557442] Memory state around the buggy address: [ 24.557653] ffff88810500d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.557913] ffff88810500d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.558224] >ffff88810500d680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.558502] ^ [ 24.558764] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.559045] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.559865] ================================================================== [ 24.507396] ================================================================== [ 24.507719] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 24.508058] Write of size 1 at addr ffff88810500d6ea by task kunit_try_catch/206 [ 24.508382] [ 24.508475] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.508520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.508532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.508553] Call Trace: [ 24.508571] <TASK> [ 24.508588] dump_stack_lvl+0x73/0xb0 [ 24.508618] print_report+0xd1/0x640 [ 24.508639] ? __virt_addr_valid+0x1db/0x2d0 [ 24.508662] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 24.508684] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.508709] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 24.508731] kasan_report+0x141/0x180 [ 24.508751] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 24.508777] __asan_report_store1_noabort+0x1b/0x30 [ 24.508800] krealloc_less_oob_helper+0xe90/0x11d0 [ 24.508824] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.508846] ? finish_task_switch.isra.0+0x153/0x700 [ 24.508866] ? __switch_to+0x47/0xf80 [ 24.508891] ? __schedule+0x10da/0x2b60 [ 24.508913] ? __pfx_read_tsc+0x10/0x10 [ 24.508937] krealloc_less_oob+0x1c/0x30 [ 24.508957] kunit_try_run_case+0x1a5/0x480 [ 24.508980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.509001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.509033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.509064] ? __kthread_parkme+0x82/0x180 [ 24.509083] ? preempt_count_sub+0x50/0x80 [ 24.509104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.509126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.509147] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.509169] kthread+0x337/0x6f0 [ 24.509687] ? trace_preempt_on+0x20/0xc0 [ 24.509723] ? __pfx_kthread+0x10/0x10 [ 24.509744] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.509775] ? calculate_sigpending+0x7b/0xa0 [ 24.509945] ? __pfx_kthread+0x10/0x10 [ 24.509970] ret_from_fork+0x116/0x1d0 [ 24.509989] ? __pfx_kthread+0x10/0x10 [ 24.510008] ret_from_fork_asm+0x1a/0x30 [ 24.510038] </TASK> [ 24.510049] [ 24.521145] Allocated by task 206: [ 24.521327] kasan_save_stack+0x45/0x70 [ 24.521523] kasan_save_track+0x18/0x40 [ 24.521700] kasan_save_alloc_info+0x3b/0x50 [ 24.522259] __kasan_krealloc+0x190/0x1f0 [ 24.522429] krealloc_noprof+0xf3/0x340 [ 24.522660] krealloc_less_oob_helper+0x1aa/0x11d0 [ 24.522911] krealloc_less_oob+0x1c/0x30 [ 24.523114] kunit_try_run_case+0x1a5/0x480 [ 24.523323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.523493] kthread+0x337/0x6f0 [ 24.523997] ret_from_fork+0x116/0x1d0 [ 24.524208] ret_from_fork_asm+0x1a/0x30 [ 24.524541] [ 24.524625] The buggy address belongs to the object at ffff88810500d600 [ 24.524625] which belongs to the cache kmalloc-256 of size 256 [ 24.525258] The buggy address is located 33 bytes to the right of [ 24.525258] allocated 201-byte region [ffff88810500d600, ffff88810500d6c9) [ 24.525760] [ 24.525862] The buggy address belongs to the physical page: [ 24.526127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.526457] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.526765] flags: 0x200000000000040(head|node=0|zone=2) [ 24.526996] page_type: f5(slab) [ 24.527149] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.528302] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.528705] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.529215] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.529636] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.530053] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.530362] page dumped because: kasan: bad access detected [ 24.530770] [ 24.530905] Memory state around the buggy address: [ 24.531385] ffff88810500d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.531642] ffff88810500d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.531942] >ffff88810500d680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.532580] ^ [ 24.532943] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.533197] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.533515] ================================================================== [ 24.412479] ================================================================== [ 24.413160] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 24.414163] Write of size 1 at addr ffff88810500d6c9 by task kunit_try_catch/206 [ 24.414966] [ 24.415077] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.415327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.415340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.415363] Call Trace: [ 24.415377] <TASK> [ 24.415394] dump_stack_lvl+0x73/0xb0 [ 24.415429] print_report+0xd1/0x640 [ 24.415451] ? __virt_addr_valid+0x1db/0x2d0 [ 24.415477] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 24.415500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.415526] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 24.415548] kasan_report+0x141/0x180 [ 24.415569] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 24.415595] __asan_report_store1_noabort+0x1b/0x30 [ 24.415618] krealloc_less_oob_helper+0xd70/0x11d0 [ 24.415643] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 24.415665] ? finish_task_switch.isra.0+0x153/0x700 [ 24.415687] ? __switch_to+0x47/0xf80 [ 24.415713] ? __schedule+0x10da/0x2b60 [ 24.415736] ? __pfx_read_tsc+0x10/0x10 [ 24.415760] krealloc_less_oob+0x1c/0x30 [ 24.415804] kunit_try_run_case+0x1a5/0x480 [ 24.415846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.415868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.415902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.415933] ? __kthread_parkme+0x82/0x180 [ 24.415953] ? preempt_count_sub+0x50/0x80 [ 24.415974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.415996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.416018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.416040] kthread+0x337/0x6f0 [ 24.416058] ? trace_preempt_on+0x20/0xc0 [ 24.416082] ? __pfx_kthread+0x10/0x10 [ 24.416102] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.416131] ? calculate_sigpending+0x7b/0xa0 [ 24.416154] ? __pfx_kthread+0x10/0x10 [ 24.416176] ret_from_fork+0x116/0x1d0 [ 24.416204] ? __pfx_kthread+0x10/0x10 [ 24.416224] ret_from_fork_asm+0x1a/0x30 [ 24.416254] </TASK> [ 24.416265] [ 24.430658] Allocated by task 206: [ 24.431198] kasan_save_stack+0x45/0x70 [ 24.431730] kasan_save_track+0x18/0x40 [ 24.432332] kasan_save_alloc_info+0x3b/0x50 [ 24.432694] __kasan_krealloc+0x190/0x1f0 [ 24.432840] krealloc_noprof+0xf3/0x340 [ 24.432972] krealloc_less_oob_helper+0x1aa/0x11d0 [ 24.433123] krealloc_less_oob+0x1c/0x30 [ 24.433268] kunit_try_run_case+0x1a5/0x480 [ 24.433414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.433664] kthread+0x337/0x6f0 [ 24.433831] ret_from_fork+0x116/0x1d0 [ 24.433983] ret_from_fork_asm+0x1a/0x30 [ 24.434151] [ 24.434768] The buggy address belongs to the object at ffff88810500d600 [ 24.434768] which belongs to the cache kmalloc-256 of size 256 [ 24.435777] The buggy address is located 0 bytes to the right of [ 24.435777] allocated 201-byte region [ffff88810500d600, ffff88810500d6c9) [ 24.436394] [ 24.436714] The buggy address belongs to the physical page: [ 24.437166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10500c [ 24.437654] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.438195] flags: 0x200000000000040(head|node=0|zone=2) [ 24.438450] page_type: f5(slab) [ 24.438602] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.439384] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.439678] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 24.440283] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.440759] head: 0200000000000001 ffffea0004140301 00000000ffffffff 00000000ffffffff [ 24.441296] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.441744] page dumped because: kasan: bad access detected [ 24.442213] [ 24.442296] Memory state around the buggy address: [ 24.442715] ffff88810500d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.443375] ffff88810500d600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.443907] >ffff88810500d680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 24.444162] ^ [ 24.444666] ffff88810500d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.445106] ffff88810500d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.445442] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu: Failure
Automatically assigned
[ 61.247985] ================================================================== [ 61.248401] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 61.248401] [ 61.248748] Use-after-free read at 0x(____ptrval____) (in kfence-#157): [ 61.249443] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 61.249937] kunit_try_run_case+0x1a5/0x480 [ 61.250219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 61.250389] kthread+0x337/0x6f0 [ 61.250510] ret_from_fork+0x116/0x1d0 [ 61.250644] ret_from_fork_asm+0x1a/0x30 [ 61.250780] [ 61.250849] kfence-#157: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 61.250849] [ 61.252017] allocated by task 383 on cpu 1 at 61.226012s (0.026002s ago): [ 61.252295] test_alloc+0x2a6/0x10f0 [ 61.252486] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 61.252737] kunit_try_run_case+0x1a5/0x480 [ 61.252925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 61.253113] kthread+0x337/0x6f0 [ 61.253231] ret_from_fork+0x116/0x1d0 [ 61.253359] ret_from_fork_asm+0x1a/0x30 [ 61.253496] [ 61.253561] freed by task 383 on cpu 1 at 61.226127s (0.027432s ago): [ 61.253770] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 61.253934] kunit_try_run_case+0x1a5/0x480 [ 61.255291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 61.255863] kthread+0x337/0x6f0 [ 61.256349] ret_from_fork+0x116/0x1d0 [ 61.256848] ret_from_fork_asm+0x1a/0x30 [ 61.257358] [ 61.257509] CPU: 1 UID: 0 PID: 383 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 61.257870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 61.258008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 61.258289] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access: Failure
Automatically assigned
[ 36.278836] ================================================================== [ 36.279403] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 36.279403] [ 36.280320] Invalid read at 0x(____ptrval____): [ 36.280944] test_invalid_access+0xf0/0x210 [ 36.281178] kunit_try_run_case+0x1a5/0x480 [ 36.281435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.281664] kthread+0x337/0x6f0 [ 36.281957] ret_from_fork+0x116/0x1d0 [ 36.282108] ret_from_fork_asm+0x1a/0x30 [ 36.282322] [ 36.282444] CPU: 1 UID: 0 PID: 379 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 36.283096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.283265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.283617] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write: Failure
Automatically assigned
[ 36.058333] ================================================================== [ 36.058741] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 36.058741] [ 36.059084] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#153): [ 36.059654] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 36.059871] kunit_try_run_case+0x1a5/0x480 [ 36.060082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.060268] kthread+0x337/0x6f0 [ 36.060388] ret_from_fork+0x116/0x1d0 [ 36.060544] ret_from_fork_asm+0x1a/0x30 [ 36.060737] [ 36.060825] kfence-#153: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 36.060825] [ 36.061238] allocated by task 373 on cpu 0 at 36.058119s (0.003116s ago): [ 36.061496] test_alloc+0x364/0x10f0 [ 36.061673] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 36.061890] kunit_try_run_case+0x1a5/0x480 [ 36.062082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.062299] kthread+0x337/0x6f0 [ 36.062450] ret_from_fork+0x116/0x1d0 [ 36.062614] ret_from_fork_asm+0x1a/0x30 [ 36.062782] [ 36.062871] freed by task 373 on cpu 0 at 36.058252s (0.004617s ago): [ 36.063143] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 36.063359] kunit_try_run_case+0x1a5/0x480 [ 36.063541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 36.063758] kthread+0x337/0x6f0 [ 36.063909] ret_from_fork+0x116/0x1d0 [ 36.064047] ret_from_fork_asm+0x1a/0x30 [ 36.064241] [ 36.064353] CPU: 0 UID: 0 PID: 373 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 36.064719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 36.064854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 36.065128] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read: Failure
Automatically assigned
[ 35.746319] ================================================================== [ 35.746709] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 35.746709] [ 35.747127] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#150): [ 35.747475] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 35.747684] kunit_try_run_case+0x1a5/0x480 [ 35.747893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.748146] kthread+0x337/0x6f0 [ 35.748301] ret_from_fork+0x116/0x1d0 [ 35.748989] ret_from_fork_asm+0x1a/0x30 [ 35.749360] [ 35.749468] kfence-#150: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 35.749468] [ 35.749982] allocated by task 371 on cpu 1 at 35.746094s (0.003885s ago): [ 35.750289] test_alloc+0x364/0x10f0 [ 35.750465] test_kmalloc_aligned_oob_read+0x105/0x560 [ 35.750683] kunit_try_run_case+0x1a5/0x480 [ 35.750879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 35.751105] kthread+0x337/0x6f0 [ 35.751249] ret_from_fork+0x116/0x1d0 [ 35.751411] ret_from_fork_asm+0x1a/0x30 [ 35.752062] [ 35.752174] CPU: 1 UID: 0 PID: 371 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 35.752903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 35.753059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 35.753579] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption: Failure
Automatically assigned
[ 30.754359] ================================================================== [ 30.754764] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 30.754764] [ 30.755127] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#102): [ 30.755773] test_corruption+0x2d2/0x3e0 [ 30.755931] kunit_try_run_case+0x1a5/0x480 [ 30.756143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.756413] kthread+0x337/0x6f0 [ 30.756574] ret_from_fork+0x116/0x1d0 [ 30.756792] ret_from_fork_asm+0x1a/0x30 [ 30.756993] [ 30.757086] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.757086] [ 30.757497] allocated by task 359 on cpu 1 at 30.754117s (0.003378s ago): [ 30.757807] test_alloc+0x364/0x10f0 [ 30.757978] test_corruption+0xe6/0x3e0 [ 30.758105] kunit_try_run_case+0x1a5/0x480 [ 30.758286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.758563] kthread+0x337/0x6f0 [ 30.758733] ret_from_fork+0x116/0x1d0 [ 30.758916] ret_from_fork_asm+0x1a/0x30 [ 30.759060] [ 30.759164] freed by task 359 on cpu 1 at 30.754211s (0.004950s ago): [ 30.759489] test_corruption+0x2d2/0x3e0 [ 30.759654] kunit_try_run_case+0x1a5/0x480 [ 30.759807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.759973] kthread+0x337/0x6f0 [ 30.760108] ret_from_fork+0x116/0x1d0 [ 30.760286] ret_from_fork_asm+0x1a/0x30 [ 30.760507] [ 30.760621] CPU: 1 UID: 0 PID: 359 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.761048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.761175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.761580] ================================================================== [ 30.858417] ================================================================== [ 30.858812] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 30.858812] [ 30.859187] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#103): [ 30.859644] test_corruption+0x2df/0x3e0 [ 30.859831] kunit_try_run_case+0x1a5/0x480 [ 30.860004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.860280] kthread+0x337/0x6f0 [ 30.860474] ret_from_fork+0x116/0x1d0 [ 30.860638] ret_from_fork_asm+0x1a/0x30 [ 30.860854] [ 30.860945] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.860945] [ 30.861327] allocated by task 359 on cpu 1 at 30.858164s (0.003161s ago): [ 30.861631] test_alloc+0x364/0x10f0 [ 30.861810] test_corruption+0x1cb/0x3e0 [ 30.862004] kunit_try_run_case+0x1a5/0x480 [ 30.862203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.862445] kthread+0x337/0x6f0 [ 30.862561] ret_from_fork+0x116/0x1d0 [ 30.862749] ret_from_fork_asm+0x1a/0x30 [ 30.862964] [ 30.863051] freed by task 359 on cpu 1 at 30.858260s (0.004789s ago): [ 30.863317] test_corruption+0x2df/0x3e0 [ 30.863515] kunit_try_run_case+0x1a5/0x480 [ 30.863706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.863935] kthread+0x337/0x6f0 [ 30.864091] ret_from_fork+0x116/0x1d0 [ 30.864281] ret_from_fork_asm+0x1a/0x30 [ 30.864472] [ 30.864604] CPU: 1 UID: 0 PID: 359 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.865087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.865239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.865513] ================================================================== [ 31.586242] ================================================================== [ 31.586632] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 31.586632] [ 31.586964] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#110): [ 31.587349] test_corruption+0x216/0x3e0 [ 31.587527] kunit_try_run_case+0x1a5/0x480 [ 31.587692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.587954] kthread+0x337/0x6f0 [ 31.588101] ret_from_fork+0x116/0x1d0 [ 31.588298] ret_from_fork_asm+0x1a/0x30 [ 31.588480] [ 31.588576] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.588576] [ 31.588923] allocated by task 361 on cpu 1 at 31.586123s (0.002798s ago): [ 31.589218] test_alloc+0x2a6/0x10f0 [ 31.589375] test_corruption+0x1cb/0x3e0 [ 31.589572] kunit_try_run_case+0x1a5/0x480 [ 31.589746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.589994] kthread+0x337/0x6f0 [ 31.590124] ret_from_fork+0x116/0x1d0 [ 31.590311] ret_from_fork_asm+0x1a/0x30 [ 31.590498] [ 31.590584] freed by task 361 on cpu 1 at 31.586169s (0.004414s ago): [ 31.590802] test_corruption+0x216/0x3e0 [ 31.590936] kunit_try_run_case+0x1a5/0x480 [ 31.591077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.591324] kthread+0x337/0x6f0 [ 31.591499] ret_from_fork+0x116/0x1d0 [ 31.591679] ret_from_fork_asm+0x1a/0x30 [ 31.591870] [ 31.591963] CPU: 1 UID: 0 PID: 361 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 31.592341] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.592547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.592946] ================================================================== [ 31.482200] ================================================================== [ 31.482614] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 31.482614] [ 31.482969] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#109): [ 31.483580] test_corruption+0x131/0x3e0 [ 31.483767] kunit_try_run_case+0x1a5/0x480 [ 31.483962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.484195] kthread+0x337/0x6f0 [ 31.484359] ret_from_fork+0x116/0x1d0 [ 31.484548] ret_from_fork_asm+0x1a/0x30 [ 31.484728] [ 31.484819] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 31.484819] [ 31.485179] allocated by task 361 on cpu 1 at 31.482077s (0.003100s ago): [ 31.485477] test_alloc+0x2a6/0x10f0 [ 31.485621] test_corruption+0xe6/0x3e0 [ 31.485814] kunit_try_run_case+0x1a5/0x480 [ 31.485987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.486166] kthread+0x337/0x6f0 [ 31.486282] ret_from_fork+0x116/0x1d0 [ 31.486410] ret_from_fork_asm+0x1a/0x30 [ 31.486582] [ 31.486673] freed by task 361 on cpu 1 at 31.482121s (0.004549s ago): [ 31.486985] test_corruption+0x131/0x3e0 [ 31.487185] kunit_try_run_case+0x1a5/0x480 [ 31.487365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.487576] kthread+0x337/0x6f0 [ 31.487702] ret_from_fork+0x116/0x1d0 [ 31.487889] ret_from_fork_asm+0x1a/0x30 [ 31.488090] [ 31.488204] CPU: 1 UID: 0 PID: 361 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 31.488688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.488888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.489209] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free: Failure
Automatically assigned
[ 30.650248] ================================================================== [ 30.650646] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 30.650646] [ 30.651005] Invalid free of 0x(____ptrval____) (in kfence-#101): [ 30.651397] test_invalid_addr_free+0xfb/0x260 [ 30.651601] kunit_try_run_case+0x1a5/0x480 [ 30.651748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.652001] kthread+0x337/0x6f0 [ 30.652173] ret_from_fork+0x116/0x1d0 [ 30.652343] ret_from_fork_asm+0x1a/0x30 [ 30.652513] [ 30.652580] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.652580] [ 30.652977] allocated by task 357 on cpu 0 at 30.650114s (0.002859s ago): [ 30.653255] test_alloc+0x2a6/0x10f0 [ 30.653429] test_invalid_addr_free+0xdb/0x260 [ 30.653572] kunit_try_run_case+0x1a5/0x480 [ 30.653711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.653925] kthread+0x337/0x6f0 [ 30.654084] ret_from_fork+0x116/0x1d0 [ 30.654265] ret_from_fork_asm+0x1a/0x30 [ 30.654467] [ 30.654584] CPU: 0 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.655072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.655209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.655559] ================================================================== [ 30.546191] ================================================================== [ 30.546578] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 30.546578] [ 30.546874] Invalid free of 0x(____ptrval____) (in kfence-#100): [ 30.547189] test_invalid_addr_free+0x1e1/0x260 [ 30.547377] kunit_try_run_case+0x1a5/0x480 [ 30.547543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.547804] kthread+0x337/0x6f0 [ 30.547979] ret_from_fork+0x116/0x1d0 [ 30.548137] ret_from_fork_asm+0x1a/0x30 [ 30.548324] [ 30.548397] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.548397] [ 30.548732] allocated by task 355 on cpu 0 at 30.546078s (0.002652s ago): [ 30.548978] test_alloc+0x364/0x10f0 [ 30.549151] test_invalid_addr_free+0xdb/0x260 [ 30.549353] kunit_try_run_case+0x1a5/0x480 [ 30.549526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.549693] kthread+0x337/0x6f0 [ 30.549821] ret_from_fork+0x116/0x1d0 [ 30.550002] ret_from_fork_asm+0x1a/0x30 [ 30.550198] [ 30.550313] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.550826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.550989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.551352] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper: Failure
Automatically assigned
[ 24.564470] ================================================================== [ 24.564877] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 24.565131] Write of size 1 at addr ffff888102b3e0eb by task kunit_try_catch/208 [ 24.565467] [ 24.565578] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.565627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.565638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.565660] Call Trace: [ 24.565674] <TASK> [ 24.565692] dump_stack_lvl+0x73/0xb0 [ 24.565723] print_report+0xd1/0x640 [ 24.565744] ? __virt_addr_valid+0x1db/0x2d0 [ 24.565832] ? krealloc_more_oob_helper+0x821/0x930 [ 24.565856] ? kasan_addr_to_slab+0x11/0xa0 [ 24.565875] ? krealloc_more_oob_helper+0x821/0x930 [ 24.565911] kasan_report+0x141/0x180 [ 24.565931] ? krealloc_more_oob_helper+0x821/0x930 [ 24.565958] __asan_report_store1_noabort+0x1b/0x30 [ 24.565981] krealloc_more_oob_helper+0x821/0x930 [ 24.566002] ? __schedule+0x10da/0x2b60 [ 24.566025] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.566048] ? finish_task_switch.isra.0+0x153/0x700 [ 24.566069] ? __switch_to+0x47/0xf80 [ 24.566094] ? __schedule+0x10da/0x2b60 [ 24.566115] ? __pfx_read_tsc+0x10/0x10 [ 24.566173] krealloc_large_more_oob+0x1c/0x30 [ 24.566205] kunit_try_run_case+0x1a5/0x480 [ 24.566229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.566261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.566294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.566359] ? __kthread_parkme+0x82/0x180 [ 24.566379] ? preempt_count_sub+0x50/0x80 [ 24.566400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.566433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.566455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.566476] kthread+0x337/0x6f0 [ 24.566528] ? trace_preempt_on+0x20/0xc0 [ 24.566554] ? __pfx_kthread+0x10/0x10 [ 24.566573] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.566618] ? calculate_sigpending+0x7b/0xa0 [ 24.566688] ? __pfx_kthread+0x10/0x10 [ 24.566709] ret_from_fork+0x116/0x1d0 [ 24.566728] ? __pfx_kthread+0x10/0x10 [ 24.566758] ret_from_fork_asm+0x1a/0x30 [ 24.566800] </TASK> [ 24.566811] [ 24.578064] The buggy address belongs to the physical page: [ 24.578465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.578753] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.579200] flags: 0x200000000000040(head|node=0|zone=2) [ 24.579374] page_type: f8(unknown) [ 24.579546] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.580000] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.580347] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.580660] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.580942] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.581313] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.581539] page dumped because: kasan: bad access detected [ 24.581794] [ 24.582087] Memory state around the buggy address: [ 24.582341] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.582617] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.582963] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.583288] ^ [ 24.583535] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.583912] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.584197] ================================================================== [ 24.341210] ================================================================== [ 24.342798] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 24.343974] Write of size 1 at addr ffff888105937ceb by task kunit_try_catch/204 [ 24.344224] [ 24.344318] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.344369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.344380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.344403] Call Trace: [ 24.344415] <TASK> [ 24.344433] dump_stack_lvl+0x73/0xb0 [ 24.344468] print_report+0xd1/0x640 [ 24.344493] ? __virt_addr_valid+0x1db/0x2d0 [ 24.344520] ? krealloc_more_oob_helper+0x821/0x930 [ 24.344542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.344569] ? krealloc_more_oob_helper+0x821/0x930 [ 24.344592] kasan_report+0x141/0x180 [ 24.344613] ? krealloc_more_oob_helper+0x821/0x930 [ 24.344640] __asan_report_store1_noabort+0x1b/0x30 [ 24.344664] krealloc_more_oob_helper+0x821/0x930 [ 24.344688] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.344709] ? irqentry_exit+0x2a/0x60 [ 24.344732] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.344760] ? __pfx_krealloc_more_oob+0x10/0x10 [ 24.344784] krealloc_more_oob+0x1c/0x30 [ 24.344804] kunit_try_run_case+0x1a5/0x480 [ 24.344830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.344851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.344884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.344916] ? __kthread_parkme+0x82/0x180 [ 24.344936] ? preempt_count_sub+0x50/0x80 [ 24.344959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.344981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.345003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.345025] kthread+0x337/0x6f0 [ 24.345044] ? trace_preempt_on+0x20/0xc0 [ 24.345068] ? __pfx_kthread+0x10/0x10 [ 24.345087] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.345118] ? calculate_sigpending+0x7b/0xa0 [ 24.345141] ? __pfx_kthread+0x10/0x10 [ 24.345161] ret_from_fork+0x116/0x1d0 [ 24.345208] ? __pfx_kthread+0x10/0x10 [ 24.345228] ret_from_fork_asm+0x1a/0x30 [ 24.345258] </TASK> [ 24.345270] [ 24.361648] Allocated by task 204: [ 24.362065] kasan_save_stack+0x45/0x70 [ 24.362551] kasan_save_track+0x18/0x40 [ 24.362879] kasan_save_alloc_info+0x3b/0x50 [ 24.363031] __kasan_krealloc+0x190/0x1f0 [ 24.363159] krealloc_noprof+0xf3/0x340 [ 24.363982] krealloc_more_oob_helper+0x1a9/0x930 [ 24.364635] krealloc_more_oob+0x1c/0x30 [ 24.365142] kunit_try_run_case+0x1a5/0x480 [ 24.365712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.365988] kthread+0x337/0x6f0 [ 24.366163] ret_from_fork+0x116/0x1d0 [ 24.366347] ret_from_fork_asm+0x1a/0x30 [ 24.366527] [ 24.366615] The buggy address belongs to the object at ffff888105937c00 [ 24.366615] which belongs to the cache kmalloc-256 of size 256 [ 24.367098] The buggy address is located 0 bytes to the right of [ 24.367098] allocated 235-byte region [ffff888105937c00, ffff888105937ceb) [ 24.367597] [ 24.367684] The buggy address belongs to the physical page: [ 24.367912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105936 [ 24.368884] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.369315] flags: 0x200000000000040(head|node=0|zone=2) [ 24.369702] page_type: f5(slab) [ 24.370155] raw: 0200000000000040 ffff888100041b40 dead000000000100 dead000000000122 [ 24.370881] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.371231] head: 0200000000000040 ffff888100041b40 dead000000000100 dead000000000122 [ 24.371542] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.372410] head: 0200000000000001 ffffea0004164d81 00000000ffffffff 00000000ffffffff [ 24.373098] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.373649] page dumped because: kasan: bad access detected [ 24.374327] [ 24.374430] Memory state around the buggy address: [ 24.374866] ffff888105937b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.375167] ffff888105937c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.375753] >ffff888105937c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.376280] ^ [ 24.376553] ffff888105937d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.377399] ffff888105937d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.378139] ================================================================== [ 24.584615] ================================================================== [ 24.584942] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 24.585250] Write of size 1 at addr ffff888102b3e0f0 by task kunit_try_catch/208 [ 24.585561] [ 24.585647] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.585693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.585704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.585726] Call Trace: [ 24.585744] <TASK> [ 24.585759] dump_stack_lvl+0x73/0xb0 [ 24.585789] print_report+0xd1/0x640 [ 24.585810] ? __virt_addr_valid+0x1db/0x2d0 [ 24.585833] ? krealloc_more_oob_helper+0x7eb/0x930 [ 24.585855] ? kasan_addr_to_slab+0x11/0xa0 [ 24.585874] ? krealloc_more_oob_helper+0x7eb/0x930 [ 24.585897] kasan_report+0x141/0x180 [ 24.585918] ? krealloc_more_oob_helper+0x7eb/0x930 [ 24.585944] __asan_report_store1_noabort+0x1b/0x30 [ 24.585968] krealloc_more_oob_helper+0x7eb/0x930 [ 24.585989] ? __schedule+0x10da/0x2b60 [ 24.586012] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.586035] ? finish_task_switch.isra.0+0x153/0x700 [ 24.586055] ? __switch_to+0x47/0xf80 [ 24.586080] ? __schedule+0x10da/0x2b60 [ 24.586102] ? __pfx_read_tsc+0x10/0x10 [ 24.586125] krealloc_large_more_oob+0x1c/0x30 [ 24.586146] kunit_try_run_case+0x1a5/0x480 [ 24.586170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.586201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.586234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.586265] ? __kthread_parkme+0x82/0x180 [ 24.586285] ? preempt_count_sub+0x50/0x80 [ 24.586307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.586329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.586352] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.586373] kthread+0x337/0x6f0 [ 24.586392] ? trace_preempt_on+0x20/0xc0 [ 24.586415] ? __pfx_kthread+0x10/0x10 [ 24.586434] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.586463] ? calculate_sigpending+0x7b/0xa0 [ 24.586486] ? __pfx_kthread+0x10/0x10 [ 24.586506] ret_from_fork+0x116/0x1d0 [ 24.586525] ? __pfx_kthread+0x10/0x10 [ 24.586544] ret_from_fork_asm+0x1a/0x30 [ 24.586575] </TASK> [ 24.586586] [ 24.594334] The buggy address belongs to the physical page: [ 24.594558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b3c [ 24.594992] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.595292] flags: 0x200000000000040(head|node=0|zone=2) [ 24.595505] page_type: f8(unknown) [ 24.595680] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.596023] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.596310] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.596812] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.597075] head: 0200000000000002 ffffea00040acf01 00000000ffffffff 00000000ffffffff [ 24.597416] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.597709] page dumped because: kasan: bad access detected [ 24.597903] [ 24.597966] Memory state around the buggy address: [ 24.598115] ffff888102b3df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.598412] ffff888102b3e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.598932] >ffff888102b3e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 24.599153] ^ [ 24.599471] ffff888102b3e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.599778] ffff888102b3e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.600048] ================================================================== [ 24.379199] ================================================================== [ 24.379514] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 24.380038] Write of size 1 at addr ffff888105937cf0 by task kunit_try_catch/204 [ 24.380716] [ 24.381026] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.381080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.381092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.381234] Call Trace: [ 24.381257] <TASK> [ 24.381275] dump_stack_lvl+0x73/0xb0 [ 24.381311] print_report+0xd1/0x640 [ 24.381335] ? __virt_addr_valid+0x1db/0x2d0 [ 24.381359] ? krealloc_more_oob_helper+0x7eb/0x930 [ 24.381416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.381441] ? krealloc_more_oob_helper+0x7eb/0x930 [ 24.381464] kasan_report+0x141/0x180 [ 24.381485] ? krealloc_more_oob_helper+0x7eb/0x930 [ 24.381512] __asan_report_store1_noabort+0x1b/0x30 [ 24.381535] krealloc_more_oob_helper+0x7eb/0x930 [ 24.381558] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 24.381580] ? irqentry_exit+0x2a/0x60 [ 24.381602] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.381631] ? __pfx_krealloc_more_oob+0x10/0x10 [ 24.381655] krealloc_more_oob+0x1c/0x30 [ 24.381675] kunit_try_run_case+0x1a5/0x480 [ 24.381699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.381721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.381755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.381866] ? __kthread_parkme+0x82/0x180 [ 24.381889] ? preempt_count_sub+0x50/0x80 [ 24.381912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.381934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.381957] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.381979] kthread+0x337/0x6f0 [ 24.381997] ? trace_preempt_on+0x20/0xc0 [ 24.382020] ? __pfx_kthread+0x10/0x10 [ 24.382040] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.382069] ? calculate_sigpending+0x7b/0xa0 [ 24.382092] ? __pfx_kthread+0x10/0x10 [ 24.382113] ret_from_fork+0x116/0x1d0 [ 24.382132] ? __pfx_kthread+0x10/0x10 [ 24.382151] ret_from_fork_asm+0x1a/0x30 [ 24.382193] </TASK> [ 24.382204] [ 24.394127] Allocated by task 204: [ 24.394645] kasan_save_stack+0x45/0x70 [ 24.394898] kasan_save_track+0x18/0x40 [ 24.395233] kasan_save_alloc_info+0x3b/0x50 [ 24.395487] __kasan_krealloc+0x190/0x1f0 [ 24.395660] krealloc_noprof+0xf3/0x340 [ 24.396105] krealloc_more_oob_helper+0x1a9/0x930 [ 24.396404] krealloc_more_oob+0x1c/0x30 [ 24.396891] kunit_try_run_case+0x1a5/0x480 [ 24.397248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.397498] kthread+0x337/0x6f0 [ 24.397659] ret_from_fork+0x116/0x1d0 [ 24.398066] ret_from_fork_asm+0x1a/0x30 [ 24.398522] [ 24.398633] The buggy address belongs to the object at ffff888105937c00 [ 24.398633] which belongs to the cache kmalloc-256 of size 256 [ 24.399609] The buggy address is located 5 bytes to the right of [ 24.399609] allocated 235-byte region [ffff888105937c00, ffff888105937ceb) [ 24.400581] [ 24.400842] The buggy address belongs to the physical page: [ 24.401098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105936 [ 24.401430] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.401731] flags: 0x200000000000040(head|node=0|zone=2) [ 24.402285] page_type: f5(slab) [ 24.402585] raw: 0200000000000040 ffff888100041b40 dead000000000100 dead000000000122 [ 24.403260] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.403711] head: 0200000000000040 ffff888100041b40 dead000000000100 dead000000000122 [ 24.404214] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.404534] head: 0200000000000001 ffffea0004164d81 00000000ffffffff 00000000ffffffff [ 24.405061] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 24.405564] page dumped because: kasan: bad access detected [ 24.405932] [ 24.406160] Memory state around the buggy address: [ 24.406370] ffff888105937b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.406667] ffff888105937c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.407416] >ffff888105937c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 24.407898] ^ [ 24.408236] ffff888105937d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.408734] ffff888105937d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.409273] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free: Failure
Automatically assigned
[ 30.442199] ================================================================== [ 30.442600] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 30.442600] [ 30.442863] Invalid free of 0x(____ptrval____) (in kfence-#99): [ 30.443134] test_double_free+0x112/0x260 [ 30.443307] kunit_try_run_case+0x1a5/0x480 [ 30.443530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.443711] kthread+0x337/0x6f0 [ 30.443832] ret_from_fork+0x116/0x1d0 [ 30.444018] ret_from_fork_asm+0x1a/0x30 [ 30.444219] [ 30.444311] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.444311] [ 30.444677] allocated by task 353 on cpu 1 at 30.442033s (0.002641s ago): [ 30.444950] test_alloc+0x2a6/0x10f0 [ 30.445130] test_double_free+0xdb/0x260 [ 30.445286] kunit_try_run_case+0x1a5/0x480 [ 30.445484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.445704] kthread+0x337/0x6f0 [ 30.445868] ret_from_fork+0x116/0x1d0 [ 30.446026] ret_from_fork_asm+0x1a/0x30 [ 30.446175] [ 30.446267] freed by task 353 on cpu 1 at 30.442087s (0.004178s ago): [ 30.446524] test_double_free+0xfa/0x260 [ 30.446656] kunit_try_run_case+0x1a5/0x480 [ 30.446801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.446970] kthread+0x337/0x6f0 [ 30.447135] ret_from_fork+0x116/0x1d0 [ 30.447320] ret_from_fork_asm+0x1a/0x30 [ 30.447519] [ 30.447633] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.448154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.448341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.448635] ================================================================== [ 30.338308] ================================================================== [ 30.338761] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 30.338761] [ 30.339122] Invalid free of 0x(____ptrval____) (in kfence-#98): [ 30.339444] test_double_free+0x1d3/0x260 [ 30.339647] kunit_try_run_case+0x1a5/0x480 [ 30.339794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.340052] kthread+0x337/0x6f0 [ 30.340225] ret_from_fork+0x116/0x1d0 [ 30.340382] ret_from_fork_asm+0x1a/0x30 [ 30.340577] [ 30.340644] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 30.340644] [ 30.341013] allocated by task 351 on cpu 1 at 30.338098s (0.002914s ago): [ 30.341308] test_alloc+0x364/0x10f0 [ 30.341469] test_double_free+0xdb/0x260 [ 30.341651] kunit_try_run_case+0x1a5/0x480 [ 30.341830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.342042] kthread+0x337/0x6f0 [ 30.342160] ret_from_fork+0x116/0x1d0 [ 30.342347] ret_from_fork_asm+0x1a/0x30 [ 30.342554] [ 30.342644] freed by task 351 on cpu 1 at 30.338165s (0.004478s ago): [ 30.342922] test_double_free+0x1e0/0x260 [ 30.343076] kunit_try_run_case+0x1a5/0x480 [ 30.343285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.343486] kthread+0x337/0x6f0 [ 30.343603] ret_from_fork+0x116/0x1d0 [ 30.343731] ret_from_fork_asm+0x1a/0x30 [ 30.343866] [ 30.343972] CPU: 1 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.344511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.344681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.344949] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read: Failure
Automatically assigned
[ 30.026274] ================================================================== [ 30.026692] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 30.026692] [ 30.027057] Use-after-free read at 0x(____ptrval____) (in kfence-#95): [ 30.027374] test_use_after_free_read+0x129/0x270 [ 30.027566] kunit_try_run_case+0x1a5/0x480 [ 30.027731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.027987] kthread+0x337/0x6f0 [ 30.028153] ret_from_fork+0x116/0x1d0 [ 30.028343] ret_from_fork_asm+0x1a/0x30 [ 30.028517] [ 30.028586] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 30.028586] [ 30.028976] allocated by task 345 on cpu 0 at 30.026119s (0.002855s ago): [ 30.029255] test_alloc+0x2a6/0x10f0 [ 30.029429] test_use_after_free_read+0xdc/0x270 [ 30.029627] kunit_try_run_case+0x1a5/0x480 [ 30.029809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.029977] kthread+0x337/0x6f0 [ 30.030090] ret_from_fork+0x116/0x1d0 [ 30.030215] ret_from_fork_asm+0x1a/0x30 [ 30.030414] [ 30.030503] freed by task 345 on cpu 0 at 30.026181s (0.004320s ago): [ 30.030817] test_use_after_free_read+0xfb/0x270 [ 30.030971] kunit_try_run_case+0x1a5/0x480 [ 30.031113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.031363] kthread+0x337/0x6f0 [ 30.031539] ret_from_fork+0x116/0x1d0 [ 30.031726] ret_from_fork_asm+0x1a/0x30 [ 30.031921] [ 30.032030] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 30.032493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.032668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.033030] ================================================================== [ 29.922262] ================================================================== [ 29.922702] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 29.922702] [ 29.923248] Use-after-free read at 0x(____ptrval____) (in kfence-#94): [ 29.923502] test_use_after_free_read+0x129/0x270 [ 29.923726] kunit_try_run_case+0x1a5/0x480 [ 29.923937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.924171] kthread+0x337/0x6f0 [ 29.924292] ret_from_fork+0x116/0x1d0 [ 29.924460] ret_from_fork_asm+0x1a/0x30 [ 29.924657] [ 29.924753] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.924753] [ 29.925080] allocated by task 343 on cpu 1 at 29.922055s (0.003022s ago): [ 29.925383] test_alloc+0x364/0x10f0 [ 29.925571] test_use_after_free_read+0xdc/0x270 [ 29.925790] kunit_try_run_case+0x1a5/0x480 [ 29.925974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.926163] kthread+0x337/0x6f0 [ 29.926279] ret_from_fork+0x116/0x1d0 [ 29.926416] ret_from_fork_asm+0x1a/0x30 [ 29.926564] [ 29.926654] freed by task 343 on cpu 1 at 29.922104s (0.004548s ago): [ 29.926954] test_use_after_free_read+0x1e7/0x270 [ 29.927173] kunit_try_run_case+0x1a5/0x480 [ 29.927339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.927544] kthread+0x337/0x6f0 [ 29.927685] ret_from_fork+0x116/0x1d0 [ 29.927871] ret_from_fork_asm+0x1a/0x30 [ 29.928060] [ 29.928155] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 29.928634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.928810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.929143] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write: Failure
Automatically assigned
[ 29.818207] ================================================================== [ 29.818614] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 29.818614] [ 29.819001] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#93): [ 29.819351] test_out_of_bounds_write+0x10d/0x260 [ 29.819558] kunit_try_run_case+0x1a5/0x480 [ 29.819723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.819986] kthread+0x337/0x6f0 [ 29.820147] ret_from_fork+0x116/0x1d0 [ 29.820303] ret_from_fork_asm+0x1a/0x30 [ 29.820492] [ 29.820563] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.820563] [ 29.820937] allocated by task 341 on cpu 1 at 29.818141s (0.002794s ago): [ 29.821170] test_alloc+0x2a6/0x10f0 [ 29.821348] test_out_of_bounds_write+0xd4/0x260 [ 29.821581] kunit_try_run_case+0x1a5/0x480 [ 29.821755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.821931] kthread+0x337/0x6f0 [ 29.822087] ret_from_fork+0x116/0x1d0 [ 29.822278] ret_from_fork_asm+0x1a/0x30 [ 29.822486] [ 29.822602] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 29.823101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.823293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.823629] ================================================================== [ 29.714205] ================================================================== [ 29.714616] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 29.714616] [ 29.715034] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#92): [ 29.715407] test_out_of_bounds_write+0x10d/0x260 [ 29.715566] kunit_try_run_case+0x1a5/0x480 [ 29.715778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.716054] kthread+0x337/0x6f0 [ 29.716240] ret_from_fork+0x116/0x1d0 [ 29.716431] ret_from_fork_asm+0x1a/0x30 [ 29.716612] [ 29.716695] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.716695] [ 29.717126] allocated by task 339 on cpu 0 at 29.714077s (0.003047s ago): [ 29.717434] test_alloc+0x364/0x10f0 [ 29.717555] test_out_of_bounds_write+0xd4/0x260 [ 29.717740] kunit_try_run_case+0x1a5/0x480 [ 29.717945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.718212] kthread+0x337/0x6f0 [ 29.718386] ret_from_fork+0x116/0x1d0 [ 29.718572] ret_from_fork_asm+0x1a/0x30 [ 29.718737] [ 29.718855] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 29.719401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.719593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.719937] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
KNOWN ISSUE - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read: Failure
Automatically assigned
[ 29.506181] ================================================================== [ 29.506594] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 29.506594] [ 29.506960] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#90): [ 29.507296] test_out_of_bounds_read+0x216/0x4e0 [ 29.507538] kunit_try_run_case+0x1a5/0x480 [ 29.507733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.507905] kthread+0x337/0x6f0 [ 29.508056] ret_from_fork+0x116/0x1d0 [ 29.508246] ret_from_fork_asm+0x1a/0x30 [ 29.508455] [ 29.508546] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.508546] [ 29.508820] allocated by task 337 on cpu 0 at 29.506129s (0.002689s ago): [ 29.509118] test_alloc+0x2a6/0x10f0 [ 29.509297] test_out_of_bounds_read+0x1e2/0x4e0 [ 29.509519] kunit_try_run_case+0x1a5/0x480 [ 29.509664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.509832] kthread+0x337/0x6f0 [ 29.509997] ret_from_fork+0x116/0x1d0 [ 29.510182] ret_from_fork_asm+0x1a/0x30 [ 29.510382] [ 29.510495] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 29.510977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.511164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.511517] ================================================================== [ 28.986289] ================================================================== [ 28.986699] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 28.986699] [ 28.987067] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#85): [ 28.987568] test_out_of_bounds_read+0x216/0x4e0 [ 28.987773] kunit_try_run_case+0x1a5/0x480 [ 28.987953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.988147] kthread+0x337/0x6f0 [ 28.988299] ret_from_fork+0x116/0x1d0 [ 28.988502] ret_from_fork_asm+0x1a/0x30 [ 28.988685] [ 28.988771] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.988771] [ 28.989141] allocated by task 335 on cpu 0 at 28.986118s (0.003021s ago): [ 28.989468] test_alloc+0x364/0x10f0 [ 28.989617] test_out_of_bounds_read+0x1e2/0x4e0 [ 28.989803] kunit_try_run_case+0x1a5/0x480 [ 28.990010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.990222] kthread+0x337/0x6f0 [ 28.990389] ret_from_fork+0x116/0x1d0 [ 28.990537] ret_from_fork_asm+0x1a/0x30 [ 28.990739] [ 28.990853] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.991299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.991466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.991729] ================================================================== [ 29.194221] ================================================================== [ 29.194624] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 29.194624] [ 29.195007] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#87): [ 29.195368] test_out_of_bounds_read+0x126/0x4e0 [ 29.195599] kunit_try_run_case+0x1a5/0x480 [ 29.195805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.196013] kthread+0x337/0x6f0 [ 29.196137] ret_from_fork+0x116/0x1d0 [ 29.196324] ret_from_fork_asm+0x1a/0x30 [ 29.196529] [ 29.196614] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.196614] [ 29.196880] allocated by task 337 on cpu 0 at 29.194165s (0.002713s ago): [ 29.197258] test_alloc+0x2a6/0x10f0 [ 29.197454] test_out_of_bounds_read+0xed/0x4e0 [ 29.197670] kunit_try_run_case+0x1a5/0x480 [ 29.197826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.198041] kthread+0x337/0x6f0 [ 29.198204] ret_from_fork+0x116/0x1d0 [ 29.198398] ret_from_fork_asm+0x1a/0x30 [ 29.198566] [ 29.198683] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 29.199143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.199324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.199648] ================================================================== [ 28.779173] ================================================================== [ 28.779552] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 28.779552] [ 28.779991] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#83): [ 28.780324] test_out_of_bounds_read+0x126/0x4e0 [ 28.780546] kunit_try_run_case+0x1a5/0x480 [ 28.780736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.780943] kthread+0x337/0x6f0 [ 28.781093] ret_from_fork+0x116/0x1d0 [ 28.781257] ret_from_fork_asm+0x1a/0x30 [ 28.781422] [ 28.781514] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.781514] [ 28.781871] allocated by task 335 on cpu 0 at 28.778062s (0.003807s ago): [ 28.782156] test_alloc+0x364/0x10f0 [ 28.782315] test_out_of_bounds_read+0xed/0x4e0 [ 28.782507] kunit_try_run_case+0x1a5/0x480 [ 28.782678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.782890] kthread+0x337/0x6f0 [ 28.783035] ret_from_fork+0x116/0x1d0 [ 28.783212] ret_from_fork_asm+0x1a/0x30 [ 28.783393] [ 28.783486] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.783865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.784063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.784447] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf: Failure
Automatically assigned
[ 24.323436] ================================================================== [ 24.325036] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 24.325586] Read of size 1 at addr ffff888106310000 by task kunit_try_catch/202 [ 24.325807] [ 24.325891] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.325939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.325950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.325972] Call Trace: [ 24.325984] <TASK> [ 24.326001] dump_stack_lvl+0x73/0xb0 [ 24.326034] print_report+0xd1/0x640 [ 24.326056] ? __virt_addr_valid+0x1db/0x2d0 [ 24.326080] ? page_alloc_uaf+0x356/0x3d0 [ 24.326100] ? kasan_addr_to_slab+0x11/0xa0 [ 24.326120] ? page_alloc_uaf+0x356/0x3d0 [ 24.326141] kasan_report+0x141/0x180 [ 24.326161] ? page_alloc_uaf+0x356/0x3d0 [ 24.326197] __asan_report_load1_noabort+0x18/0x20 [ 24.326220] page_alloc_uaf+0x356/0x3d0 [ 24.326240] ? __pfx_page_alloc_uaf+0x10/0x10 [ 24.326262] ? __schedule+0x10da/0x2b60 [ 24.326287] ? __pfx_read_tsc+0x10/0x10 [ 24.326308] ? ktime_get_ts64+0x86/0x230 [ 24.326333] kunit_try_run_case+0x1a5/0x480 [ 24.326357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.326378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.326411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.326444] ? __kthread_parkme+0x82/0x180 [ 24.326463] ? preempt_count_sub+0x50/0x80 [ 24.326486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.326508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.326530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.326552] kthread+0x337/0x6f0 [ 24.326570] ? trace_preempt_on+0x20/0xc0 [ 24.326593] ? __pfx_kthread+0x10/0x10 [ 24.326616] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.326645] ? calculate_sigpending+0x7b/0xa0 [ 24.326667] ? __pfx_kthread+0x10/0x10 [ 24.326688] ret_from_fork+0x116/0x1d0 [ 24.326706] ? __pfx_kthread+0x10/0x10 [ 24.326725] ret_from_fork_asm+0x1a/0x30 [ 24.326756] </TASK> [ 24.326767] [ 24.333601] The buggy address belongs to the physical page: [ 24.333782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106310 [ 24.334020] flags: 0x200000000000000(node=0|zone=2) [ 24.334197] page_type: f0(buddy) [ 24.334366] raw: 0200000000000000 ffff88817fffb460 ffff88817fffb460 0000000000000000 [ 24.334704] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 24.335029] page dumped because: kasan: bad access detected [ 24.335510] [ 24.335584] Memory state around the buggy address: [ 24.335851] ffff88810630ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.336116] ffff88810630ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.336344] >ffff888106310000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.336657] ^ [ 24.336846] ffff888106310080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.337159] ffff888106310100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.337478] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kasan_bitops_generic
[ 26.901810] ================================================================== [ 26.903135] BUG: KFENCE: memory corruption in kasan_bitops_generic+0x129/0x1c0 [ 26.903135] [ 26.903959] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#78): [ 26.905262] kasan_bitops_generic+0x129/0x1c0 [ 26.905709] kunit_try_run_case+0x1a5/0x480 [ 26.906114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.906571] kthread+0x337/0x6f0 [ 26.906699] ret_from_fork+0x116/0x1d0 [ 26.906828] ret_from_fork_asm+0x1a/0x30 [ 26.906974] [ 26.907190] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=9, cache=kmalloc-16 [ 26.907190] [ 26.908167] allocated by task 309 on cpu 1 at 26.874061s (0.034034s ago): [ 26.908891] kasan_bitops_generic+0x92/0x1c0 [ 26.909329] kunit_try_run_case+0x1a5/0x480 [ 26.909726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.910207] kthread+0x337/0x6f0 [ 26.910529] ret_from_fork+0x116/0x1d0 [ 26.910888] ret_from_fork_asm+0x1a/0x30 [ 26.911259] [ 26.911436] freed by task 309 on cpu 1 at 26.901353s (0.010013s ago): [ 26.911663] kasan_bitops_generic+0x129/0x1c0 [ 26.911807] kunit_try_run_case+0x1a5/0x480 [ 26.911944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.912116] kthread+0x337/0x6f0 [ 26.912232] ret_from_fork+0x116/0x1d0 [ 26.912620] ret_from_fork_asm+0x1a/0x30 [ 26.913007] [ 26.913211] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.914255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.914638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.915431] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user: Failure
Automatically assigned
[ 28.732489] ================================================================== [ 28.732831] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 28.733255] Write of size 1 at addr ffff8881053b7a78 by task kunit_try_catch/333 [ 28.733590] [ 28.733673] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.733719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.733733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.733756] Call Trace: [ 28.733774] <TASK> [ 28.733789] dump_stack_lvl+0x73/0xb0 [ 28.733820] print_report+0xd1/0x640 [ 28.733843] ? __virt_addr_valid+0x1db/0x2d0 [ 28.733867] ? strncpy_from_user+0x1a5/0x1d0 [ 28.733890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.733917] ? strncpy_from_user+0x1a5/0x1d0 [ 28.733940] kasan_report+0x141/0x180 [ 28.733963] ? strncpy_from_user+0x1a5/0x1d0 [ 28.733990] __asan_report_store1_noabort+0x1b/0x30 [ 28.734015] strncpy_from_user+0x1a5/0x1d0 [ 28.734040] copy_user_test_oob+0x760/0x10f0 [ 28.734065] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.734088] ? finish_task_switch.isra.0+0x153/0x700 [ 28.734110] ? __switch_to+0x47/0xf80 [ 28.734136] ? __schedule+0x10da/0x2b60 [ 28.734159] ? __pfx_read_tsc+0x10/0x10 [ 28.734181] ? ktime_get_ts64+0x86/0x230 [ 28.734206] kunit_try_run_case+0x1a5/0x480 [ 28.734231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.734254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.734289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.734323] ? __kthread_parkme+0x82/0x180 [ 28.734353] ? preempt_count_sub+0x50/0x80 [ 28.734377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.734401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.734424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.734448] kthread+0x337/0x6f0 [ 28.734469] ? trace_preempt_on+0x20/0xc0 [ 28.734492] ? __pfx_kthread+0x10/0x10 [ 28.734514] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.734544] ? calculate_sigpending+0x7b/0xa0 [ 28.734569] ? __pfx_kthread+0x10/0x10 [ 28.734591] ret_from_fork+0x116/0x1d0 [ 28.734611] ? __pfx_kthread+0x10/0x10 [ 28.734632] ret_from_fork_asm+0x1a/0x30 [ 28.734663] </TASK> [ 28.734678] [ 28.741431] Allocated by task 333: [ 28.741579] kasan_save_stack+0x45/0x70 [ 28.741766] kasan_save_track+0x18/0x40 [ 28.741924] kasan_save_alloc_info+0x3b/0x50 [ 28.742110] __kasan_kmalloc+0xb7/0xc0 [ 28.742258] __kmalloc_noprof+0x1ca/0x510 [ 28.742441] kunit_kmalloc_array+0x25/0x60 [ 28.742608] copy_user_test_oob+0xab/0x10f0 [ 28.742801] kunit_try_run_case+0x1a5/0x480 [ 28.742969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.743188] kthread+0x337/0x6f0 [ 28.743321] ret_from_fork+0x116/0x1d0 [ 28.743512] ret_from_fork_asm+0x1a/0x30 [ 28.743683] [ 28.743764] The buggy address belongs to the object at ffff8881053b7a00 [ 28.743764] which belongs to the cache kmalloc-128 of size 128 [ 28.744114] The buggy address is located 0 bytes to the right of [ 28.744114] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.744607] [ 28.744698] The buggy address belongs to the physical page: [ 28.744939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.745280] flags: 0x200000000000000(node=0|zone=2) [ 28.745455] page_type: f5(slab) [ 28.745571] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.745843] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.746171] page dumped because: kasan: bad access detected [ 28.746427] [ 28.746517] Memory state around the buggy address: [ 28.746725] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.746993] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.747239] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.747556] ^ [ 28.747896] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.748211] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.748648] ================================================================== [ 28.714181] ================================================================== [ 28.714528] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 28.714940] Write of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.715321] [ 28.715408] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.715453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.715486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.715509] Call Trace: [ 28.715524] <TASK> [ 28.715539] dump_stack_lvl+0x73/0xb0 [ 28.715568] print_report+0xd1/0x640 [ 28.715591] ? __virt_addr_valid+0x1db/0x2d0 [ 28.715614] ? strncpy_from_user+0x2e/0x1d0 [ 28.715636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.715662] ? strncpy_from_user+0x2e/0x1d0 [ 28.715686] kasan_report+0x141/0x180 [ 28.715708] ? strncpy_from_user+0x2e/0x1d0 [ 28.715734] kasan_check_range+0x10c/0x1c0 [ 28.715759] __kasan_check_write+0x18/0x20 [ 28.715783] strncpy_from_user+0x2e/0x1d0 [ 28.715805] ? __kasan_check_read+0x15/0x20 [ 28.715830] copy_user_test_oob+0x760/0x10f0 [ 28.715855] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.715878] ? finish_task_switch.isra.0+0x153/0x700 [ 28.715899] ? __switch_to+0x47/0xf80 [ 28.715925] ? __schedule+0x10da/0x2b60 [ 28.715950] ? __pfx_read_tsc+0x10/0x10 [ 28.715971] ? ktime_get_ts64+0x86/0x230 [ 28.715996] kunit_try_run_case+0x1a5/0x480 [ 28.716019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.716042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.716078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.716111] ? __kthread_parkme+0x82/0x180 [ 28.716132] ? preempt_count_sub+0x50/0x80 [ 28.716154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.716178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.716202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.716226] kthread+0x337/0x6f0 [ 28.716246] ? trace_preempt_on+0x20/0xc0 [ 28.716270] ? __pfx_kthread+0x10/0x10 [ 28.716291] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.716321] ? calculate_sigpending+0x7b/0xa0 [ 28.716359] ? __pfx_kthread+0x10/0x10 [ 28.716381] ret_from_fork+0x116/0x1d0 [ 28.716401] ? __pfx_kthread+0x10/0x10 [ 28.716422] ret_from_fork_asm+0x1a/0x30 [ 28.716452] </TASK> [ 28.716463] [ 28.725094] Allocated by task 333: [ 28.725292] kasan_save_stack+0x45/0x70 [ 28.725452] kasan_save_track+0x18/0x40 [ 28.725585] kasan_save_alloc_info+0x3b/0x50 [ 28.725786] __kasan_kmalloc+0xb7/0xc0 [ 28.725962] __kmalloc_noprof+0x1ca/0x510 [ 28.726175] kunit_kmalloc_array+0x25/0x60 [ 28.726382] copy_user_test_oob+0xab/0x10f0 [ 28.726550] kunit_try_run_case+0x1a5/0x480 [ 28.726756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.726932] kthread+0x337/0x6f0 [ 28.727047] ret_from_fork+0x116/0x1d0 [ 28.727198] ret_from_fork_asm+0x1a/0x30 [ 28.727398] [ 28.727487] The buggy address belongs to the object at ffff8881053b7a00 [ 28.727487] which belongs to the cache kmalloc-128 of size 128 [ 28.727967] The buggy address is located 0 bytes inside of [ 28.727967] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.728447] [ 28.728546] The buggy address belongs to the physical page: [ 28.728762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.729063] flags: 0x200000000000000(node=0|zone=2) [ 28.729239] page_type: f5(slab) [ 28.729412] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.729714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.729984] page dumped because: kasan: bad access detected [ 28.730213] [ 28.730287] Memory state around the buggy address: [ 28.730494] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.730728] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.730938] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.731175] ^ [ 28.731487] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.731793] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.732003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob: Failure
Automatically assigned
[ 28.633908] ================================================================== [ 28.634233] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 28.634680] Write of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.635320] [ 28.635467] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.635524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.635538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.635709] Call Trace: [ 28.635730] <TASK> [ 28.635829] dump_stack_lvl+0x73/0xb0 [ 28.635871] print_report+0xd1/0x640 [ 28.635896] ? __virt_addr_valid+0x1db/0x2d0 [ 28.635921] ? copy_user_test_oob+0x3fd/0x10f0 [ 28.635944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.635970] ? copy_user_test_oob+0x3fd/0x10f0 [ 28.635994] kasan_report+0x141/0x180 [ 28.636016] ? copy_user_test_oob+0x3fd/0x10f0 [ 28.636044] kasan_check_range+0x10c/0x1c0 [ 28.636068] __kasan_check_write+0x18/0x20 [ 28.636091] copy_user_test_oob+0x3fd/0x10f0 [ 28.636117] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.636140] ? finish_task_switch.isra.0+0x153/0x700 [ 28.636162] ? __switch_to+0x47/0xf80 [ 28.636188] ? __schedule+0x10da/0x2b60 [ 28.636212] ? __pfx_read_tsc+0x10/0x10 [ 28.636235] ? ktime_get_ts64+0x86/0x230 [ 28.636260] kunit_try_run_case+0x1a5/0x480 [ 28.636285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.636308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.636358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.636393] ? __kthread_parkme+0x82/0x180 [ 28.636413] ? preempt_count_sub+0x50/0x80 [ 28.636436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.636461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.636485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.636508] kthread+0x337/0x6f0 [ 28.636528] ? trace_preempt_on+0x20/0xc0 [ 28.636552] ? __pfx_kthread+0x10/0x10 [ 28.636573] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.636604] ? calculate_sigpending+0x7b/0xa0 [ 28.636629] ? __pfx_kthread+0x10/0x10 [ 28.636650] ret_from_fork+0x116/0x1d0 [ 28.636669] ? __pfx_kthread+0x10/0x10 [ 28.636690] ret_from_fork_asm+0x1a/0x30 [ 28.636721] </TASK> [ 28.636733] [ 28.645596] Allocated by task 333: [ 28.645777] kasan_save_stack+0x45/0x70 [ 28.645932] kasan_save_track+0x18/0x40 [ 28.646114] kasan_save_alloc_info+0x3b/0x50 [ 28.646294] __kasan_kmalloc+0xb7/0xc0 [ 28.647005] __kmalloc_noprof+0x1ca/0x510 [ 28.647159] kunit_kmalloc_array+0x25/0x60 [ 28.647528] copy_user_test_oob+0xab/0x10f0 [ 28.647815] kunit_try_run_case+0x1a5/0x480 [ 28.647966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.648214] kthread+0x337/0x6f0 [ 28.648360] ret_from_fork+0x116/0x1d0 [ 28.648528] ret_from_fork_asm+0x1a/0x30 [ 28.648704] [ 28.648776] The buggy address belongs to the object at ffff8881053b7a00 [ 28.648776] which belongs to the cache kmalloc-128 of size 128 [ 28.649261] The buggy address is located 0 bytes inside of [ 28.649261] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.650114] [ 28.650379] The buggy address belongs to the physical page: [ 28.650706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.651083] flags: 0x200000000000000(node=0|zone=2) [ 28.651414] page_type: f5(slab) [ 28.651545] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.651987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.652383] page dumped because: kasan: bad access detected [ 28.652696] [ 28.652768] Memory state around the buggy address: [ 28.652978] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.653262] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.653541] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.653817] ^ [ 28.654082] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.654705] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.654965] ================================================================== [ 28.697938] ================================================================== [ 28.698517] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 28.698843] Read of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.699149] [ 28.699234] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.699281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.699294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.699317] Call Trace: [ 28.699332] <TASK> [ 28.699358] dump_stack_lvl+0x73/0xb0 [ 28.699389] print_report+0xd1/0x640 [ 28.699412] ? __virt_addr_valid+0x1db/0x2d0 [ 28.699435] ? copy_user_test_oob+0x604/0x10f0 [ 28.699458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.699484] ? copy_user_test_oob+0x604/0x10f0 [ 28.699508] kasan_report+0x141/0x180 [ 28.699530] ? copy_user_test_oob+0x604/0x10f0 [ 28.699558] kasan_check_range+0x10c/0x1c0 [ 28.699582] __kasan_check_read+0x15/0x20 [ 28.699606] copy_user_test_oob+0x604/0x10f0 [ 28.699631] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.699654] ? finish_task_switch.isra.0+0x153/0x700 [ 28.699675] ? __switch_to+0x47/0xf80 [ 28.699701] ? __schedule+0x10da/0x2b60 [ 28.699724] ? __pfx_read_tsc+0x10/0x10 [ 28.699746] ? ktime_get_ts64+0x86/0x230 [ 28.699770] kunit_try_run_case+0x1a5/0x480 [ 28.699795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.699817] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.699851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.699885] ? __kthread_parkme+0x82/0x180 [ 28.699906] ? preempt_count_sub+0x50/0x80 [ 28.699930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.699954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.699977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.700001] kthread+0x337/0x6f0 [ 28.700021] ? trace_preempt_on+0x20/0xc0 [ 28.700045] ? __pfx_kthread+0x10/0x10 [ 28.700065] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.700096] ? calculate_sigpending+0x7b/0xa0 [ 28.700119] ? __pfx_kthread+0x10/0x10 [ 28.700141] ret_from_fork+0x116/0x1d0 [ 28.700160] ? __pfx_kthread+0x10/0x10 [ 28.700181] ret_from_fork_asm+0x1a/0x30 [ 28.700212] </TASK> [ 28.700223] [ 28.706732] Allocated by task 333: [ 28.706862] kasan_save_stack+0x45/0x70 [ 28.706996] kasan_save_track+0x18/0x40 [ 28.707184] kasan_save_alloc_info+0x3b/0x50 [ 28.707395] __kasan_kmalloc+0xb7/0xc0 [ 28.707575] __kmalloc_noprof+0x1ca/0x510 [ 28.707768] kunit_kmalloc_array+0x25/0x60 [ 28.707950] copy_user_test_oob+0xab/0x10f0 [ 28.708088] kunit_try_run_case+0x1a5/0x480 [ 28.708227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.708404] kthread+0x337/0x6f0 [ 28.708568] ret_from_fork+0x116/0x1d0 [ 28.708749] ret_from_fork_asm+0x1a/0x30 [ 28.708949] [ 28.709038] The buggy address belongs to the object at ffff8881053b7a00 [ 28.709038] which belongs to the cache kmalloc-128 of size 128 [ 28.709594] The buggy address is located 0 bytes inside of [ 28.709594] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.710017] [ 28.710100] The buggy address belongs to the physical page: [ 28.710364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.710679] flags: 0x200000000000000(node=0|zone=2) [ 28.710873] page_type: f5(slab) [ 28.710988] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.711215] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.711443] page dumped because: kasan: bad access detected [ 28.711611] [ 28.711673] Memory state around the buggy address: [ 28.711838] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.712161] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.712480] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.712786] ^ [ 28.713090] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.713411] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.713674] ================================================================== [ 28.676135] ================================================================== [ 28.677027] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 28.677320] Write of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.677772] [ 28.677942] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.678045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.678059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.678081] Call Trace: [ 28.678151] <TASK> [ 28.678166] dump_stack_lvl+0x73/0xb0 [ 28.678252] print_report+0xd1/0x640 [ 28.678278] ? __virt_addr_valid+0x1db/0x2d0 [ 28.678301] ? copy_user_test_oob+0x557/0x10f0 [ 28.678324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.678362] ? copy_user_test_oob+0x557/0x10f0 [ 28.678385] kasan_report+0x141/0x180 [ 28.678408] ? copy_user_test_oob+0x557/0x10f0 [ 28.678436] kasan_check_range+0x10c/0x1c0 [ 28.678460] __kasan_check_write+0x18/0x20 [ 28.678485] copy_user_test_oob+0x557/0x10f0 [ 28.678510] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.678534] ? finish_task_switch.isra.0+0x153/0x700 [ 28.678555] ? __switch_to+0x47/0xf80 [ 28.678581] ? __schedule+0x10da/0x2b60 [ 28.678605] ? __pfx_read_tsc+0x10/0x10 [ 28.678627] ? ktime_get_ts64+0x86/0x230 [ 28.678650] kunit_try_run_case+0x1a5/0x480 [ 28.678681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.678703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.678738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.678771] ? __kthread_parkme+0x82/0x180 [ 28.678791] ? preempt_count_sub+0x50/0x80 [ 28.678814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.678837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.678861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.678884] kthread+0x337/0x6f0 [ 28.678904] ? trace_preempt_on+0x20/0xc0 [ 28.678927] ? __pfx_kthread+0x10/0x10 [ 28.678948] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.678978] ? calculate_sigpending+0x7b/0xa0 [ 28.679002] ? __pfx_kthread+0x10/0x10 [ 28.679023] ret_from_fork+0x116/0x1d0 [ 28.679042] ? __pfx_kthread+0x10/0x10 [ 28.679062] ret_from_fork_asm+0x1a/0x30 [ 28.679093] </TASK> [ 28.679105] [ 28.687965] Allocated by task 333: [ 28.688124] kasan_save_stack+0x45/0x70 [ 28.688307] kasan_save_track+0x18/0x40 [ 28.688620] kasan_save_alloc_info+0x3b/0x50 [ 28.688888] __kasan_kmalloc+0xb7/0xc0 [ 28.689158] __kmalloc_noprof+0x1ca/0x510 [ 28.689363] kunit_kmalloc_array+0x25/0x60 [ 28.689666] copy_user_test_oob+0xab/0x10f0 [ 28.689858] kunit_try_run_case+0x1a5/0x480 [ 28.690165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.690378] kthread+0x337/0x6f0 [ 28.690618] ret_from_fork+0x116/0x1d0 [ 28.690844] ret_from_fork_asm+0x1a/0x30 [ 28.691127] [ 28.691325] The buggy address belongs to the object at ffff8881053b7a00 [ 28.691325] which belongs to the cache kmalloc-128 of size 128 [ 28.691933] The buggy address is located 0 bytes inside of [ 28.691933] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.692548] [ 28.692654] The buggy address belongs to the physical page: [ 28.692989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.693362] flags: 0x200000000000000(node=0|zone=2) [ 28.693544] page_type: f5(slab) [ 28.693714] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.694143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.694558] page dumped because: kasan: bad access detected [ 28.694789] [ 28.694940] Memory state around the buggy address: [ 28.695175] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.695616] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.695870] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.696157] ^ [ 28.696585] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.696952] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.697200] ================================================================== [ 28.655772] ================================================================== [ 28.656369] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 28.656713] Read of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.657016] [ 28.657097] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.657145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.657158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.657182] Call Trace: [ 28.657200] <TASK> [ 28.657215] dump_stack_lvl+0x73/0xb0 [ 28.657246] print_report+0xd1/0x640 [ 28.657472] ? __virt_addr_valid+0x1db/0x2d0 [ 28.657504] ? copy_user_test_oob+0x4aa/0x10f0 [ 28.657614] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.657644] ? copy_user_test_oob+0x4aa/0x10f0 [ 28.657668] kasan_report+0x141/0x180 [ 28.657691] ? copy_user_test_oob+0x4aa/0x10f0 [ 28.657719] kasan_check_range+0x10c/0x1c0 [ 28.657743] __kasan_check_read+0x15/0x20 [ 28.657768] copy_user_test_oob+0x4aa/0x10f0 [ 28.657793] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.657816] ? finish_task_switch.isra.0+0x153/0x700 [ 28.657838] ? __switch_to+0x47/0xf80 [ 28.657863] ? __schedule+0x10da/0x2b60 [ 28.657888] ? __pfx_read_tsc+0x10/0x10 [ 28.657910] ? ktime_get_ts64+0x86/0x230 [ 28.657934] kunit_try_run_case+0x1a5/0x480 [ 28.657959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.657982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.658017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.658049] ? __kthread_parkme+0x82/0x180 [ 28.658071] ? preempt_count_sub+0x50/0x80 [ 28.658094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.658118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.658141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.658164] kthread+0x337/0x6f0 [ 28.658184] ? trace_preempt_on+0x20/0xc0 [ 28.658208] ? __pfx_kthread+0x10/0x10 [ 28.658229] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.658260] ? calculate_sigpending+0x7b/0xa0 [ 28.658284] ? __pfx_kthread+0x10/0x10 [ 28.658306] ret_from_fork+0x116/0x1d0 [ 28.658325] ? __pfx_kthread+0x10/0x10 [ 28.658356] ret_from_fork_asm+0x1a/0x30 [ 28.658387] </TASK> [ 28.658398] [ 28.666871] Allocated by task 333: [ 28.667224] kasan_save_stack+0x45/0x70 [ 28.667491] kasan_save_track+0x18/0x40 [ 28.667666] kasan_save_alloc_info+0x3b/0x50 [ 28.667967] __kasan_kmalloc+0xb7/0xc0 [ 28.668145] __kmalloc_noprof+0x1ca/0x510 [ 28.668312] kunit_kmalloc_array+0x25/0x60 [ 28.668503] copy_user_test_oob+0xab/0x10f0 [ 28.668676] kunit_try_run_case+0x1a5/0x480 [ 28.668852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.669072] kthread+0x337/0x6f0 [ 28.669219] ret_from_fork+0x116/0x1d0 [ 28.669694] ret_from_fork_asm+0x1a/0x30 [ 28.669868] [ 28.669934] The buggy address belongs to the object at ffff8881053b7a00 [ 28.669934] which belongs to the cache kmalloc-128 of size 128 [ 28.670573] The buggy address is located 0 bytes inside of [ 28.670573] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.671211] [ 28.671286] The buggy address belongs to the physical page: [ 28.671665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.672023] flags: 0x200000000000000(node=0|zone=2) [ 28.672248] page_type: f5(slab) [ 28.672498] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.672850] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.673205] page dumped because: kasan: bad access detected [ 28.673408] [ 28.673567] Memory state around the buggy address: [ 28.673877] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.674119] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.674425] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.674711] ^ [ 28.674986] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.675260] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.675553] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user: Failure
Automatically assigned
[ 28.603193] ================================================================== [ 28.603516] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 28.603991] Read of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.604653] [ 28.604774] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.604827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.604841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.604864] Call Trace: [ 28.604879] <TASK> [ 28.604894] dump_stack_lvl+0x73/0xb0 [ 28.604926] print_report+0xd1/0x640 [ 28.605089] ? __virt_addr_valid+0x1db/0x2d0 [ 28.605122] ? _copy_to_user+0x3c/0x70 [ 28.605159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.605186] ? _copy_to_user+0x3c/0x70 [ 28.605210] kasan_report+0x141/0x180 [ 28.605233] ? _copy_to_user+0x3c/0x70 [ 28.605260] kasan_check_range+0x10c/0x1c0 [ 28.605293] __kasan_check_read+0x15/0x20 [ 28.605316] _copy_to_user+0x3c/0x70 [ 28.605355] copy_user_test_oob+0x364/0x10f0 [ 28.605382] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.605404] ? finish_task_switch.isra.0+0x153/0x700 [ 28.605427] ? __switch_to+0x47/0xf80 [ 28.605453] ? __schedule+0x10da/0x2b60 [ 28.605477] ? __pfx_read_tsc+0x10/0x10 [ 28.605499] ? ktime_get_ts64+0x86/0x230 [ 28.605525] kunit_try_run_case+0x1a5/0x480 [ 28.605548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.605571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.605605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.605639] ? __kthread_parkme+0x82/0x180 [ 28.605659] ? preempt_count_sub+0x50/0x80 [ 28.605682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.605706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.605729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.605752] kthread+0x337/0x6f0 [ 28.605772] ? trace_preempt_on+0x20/0xc0 [ 28.605811] ? __pfx_kthread+0x10/0x10 [ 28.605848] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.605879] ? calculate_sigpending+0x7b/0xa0 [ 28.605904] ? __pfx_kthread+0x10/0x10 [ 28.605926] ret_from_fork+0x116/0x1d0 [ 28.605945] ? __pfx_kthread+0x10/0x10 [ 28.605965] ret_from_fork_asm+0x1a/0x30 [ 28.605996] </TASK> [ 28.606007] [ 28.617095] Allocated by task 333: [ 28.617268] kasan_save_stack+0x45/0x70 [ 28.617847] kasan_save_track+0x18/0x40 [ 28.618287] kasan_save_alloc_info+0x3b/0x50 [ 28.618612] __kasan_kmalloc+0xb7/0xc0 [ 28.618766] __kmalloc_noprof+0x1ca/0x510 [ 28.619206] kunit_kmalloc_array+0x25/0x60 [ 28.619663] copy_user_test_oob+0xab/0x10f0 [ 28.619895] kunit_try_run_case+0x1a5/0x480 [ 28.620220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.620788] kthread+0x337/0x6f0 [ 28.621048] ret_from_fork+0x116/0x1d0 [ 28.621314] ret_from_fork_asm+0x1a/0x30 [ 28.621512] [ 28.621609] The buggy address belongs to the object at ffff8881053b7a00 [ 28.621609] which belongs to the cache kmalloc-128 of size 128 [ 28.622387] The buggy address is located 0 bytes inside of [ 28.622387] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.623216] [ 28.623324] The buggy address belongs to the physical page: [ 28.623668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.624217] flags: 0x200000000000000(node=0|zone=2) [ 28.624463] page_type: f5(slab) [ 28.624619] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.625203] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.625634] page dumped because: kasan: bad access detected [ 28.625874] [ 28.625967] Memory state around the buggy address: [ 28.626167] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.626844] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.627238] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.627713] ^ [ 28.628190] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.628546] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.628810] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user: Failure
Automatically assigned
[ 28.574189] ================================================================== [ 28.574852] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 28.575483] Write of size 121 at addr ffff8881053b7a00 by task kunit_try_catch/333 [ 28.576164] [ 28.576310] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.576406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.576420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.576445] Call Trace: [ 28.576604] <TASK> [ 28.576632] dump_stack_lvl+0x73/0xb0 [ 28.576672] print_report+0xd1/0x640 [ 28.576700] ? __virt_addr_valid+0x1db/0x2d0 [ 28.576727] ? _copy_from_user+0x32/0x90 [ 28.576752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.576805] ? _copy_from_user+0x32/0x90 [ 28.576842] kasan_report+0x141/0x180 [ 28.576866] ? _copy_from_user+0x32/0x90 [ 28.576894] kasan_check_range+0x10c/0x1c0 [ 28.576918] __kasan_check_write+0x18/0x20 [ 28.576942] _copy_from_user+0x32/0x90 [ 28.576967] copy_user_test_oob+0x2be/0x10f0 [ 28.576994] ? __pfx_copy_user_test_oob+0x10/0x10 [ 28.577017] ? finish_task_switch.isra.0+0x153/0x700 [ 28.577040] ? __switch_to+0x47/0xf80 [ 28.577068] ? __schedule+0x10da/0x2b60 [ 28.577094] ? __pfx_read_tsc+0x10/0x10 [ 28.577116] ? ktime_get_ts64+0x86/0x230 [ 28.577143] kunit_try_run_case+0x1a5/0x480 [ 28.577167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.577189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.577224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.577258] ? __kthread_parkme+0x82/0x180 [ 28.577280] ? preempt_count_sub+0x50/0x80 [ 28.577302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.577326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.577360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.577384] kthread+0x337/0x6f0 [ 28.577404] ? trace_preempt_on+0x20/0xc0 [ 28.577428] ? __pfx_kthread+0x10/0x10 [ 28.577450] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.577481] ? calculate_sigpending+0x7b/0xa0 [ 28.577506] ? __pfx_kthread+0x10/0x10 [ 28.577528] ret_from_fork+0x116/0x1d0 [ 28.577548] ? __pfx_kthread+0x10/0x10 [ 28.577569] ret_from_fork_asm+0x1a/0x30 [ 28.577600] </TASK> [ 28.577614] [ 28.588282] Allocated by task 333: [ 28.588484] kasan_save_stack+0x45/0x70 [ 28.589016] kasan_save_track+0x18/0x40 [ 28.589372] kasan_save_alloc_info+0x3b/0x50 [ 28.589665] __kasan_kmalloc+0xb7/0xc0 [ 28.589877] __kmalloc_noprof+0x1ca/0x510 [ 28.590101] kunit_kmalloc_array+0x25/0x60 [ 28.590470] copy_user_test_oob+0xab/0x10f0 [ 28.590744] kunit_try_run_case+0x1a5/0x480 [ 28.590938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.591491] kthread+0x337/0x6f0 [ 28.591642] ret_from_fork+0x116/0x1d0 [ 28.591986] ret_from_fork_asm+0x1a/0x30 [ 28.592235] [ 28.592350] The buggy address belongs to the object at ffff8881053b7a00 [ 28.592350] which belongs to the cache kmalloc-128 of size 128 [ 28.592855] The buggy address is located 0 bytes inside of [ 28.592855] allocated 120-byte region [ffff8881053b7a00, ffff8881053b7a78) [ 28.593706] [ 28.593788] The buggy address belongs to the physical page: [ 28.594022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.594559] flags: 0x200000000000000(node=0|zone=2) [ 28.594882] page_type: f5(slab) [ 28.595139] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.595538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.595975] page dumped because: kasan: bad access detected [ 28.596149] [ 28.596353] Memory state around the buggy address: [ 28.596536] ffff8881053b7900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.596862] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.597477] >ffff8881053b7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.597718] ^ [ 28.598251] ffff8881053b7a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.598728] ffff8881053b7b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.599484] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault: Failure
Automatically assigned
[ 28.537054] ================================================================== [ 28.537369] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 28.537717] Write of size 8 at addr ffff8881053b7978 by task kunit_try_catch/329 [ 28.537955] [ 28.538371] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.538501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.538515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.538539] Call Trace: [ 28.538553] <TASK> [ 28.538570] dump_stack_lvl+0x73/0xb0 [ 28.538604] print_report+0xd1/0x640 [ 28.538628] ? __virt_addr_valid+0x1db/0x2d0 [ 28.538652] ? copy_to_kernel_nofault+0x99/0x260 [ 28.538681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.538708] ? copy_to_kernel_nofault+0x99/0x260 [ 28.538731] kasan_report+0x141/0x180 [ 28.538754] ? copy_to_kernel_nofault+0x99/0x260 [ 28.538782] kasan_check_range+0x10c/0x1c0 [ 28.538830] __kasan_check_write+0x18/0x20 [ 28.538873] copy_to_kernel_nofault+0x99/0x260 [ 28.538898] copy_to_kernel_nofault_oob+0x288/0x560 [ 28.538922] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 28.538945] ? finish_task_switch.isra.0+0x153/0x700 [ 28.538968] ? __schedule+0x10da/0x2b60 [ 28.538991] ? trace_hardirqs_on+0x37/0xe0 [ 28.539023] ? __pfx_read_tsc+0x10/0x10 [ 28.539046] ? ktime_get_ts64+0x86/0x230 [ 28.539071] kunit_try_run_case+0x1a5/0x480 [ 28.539095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.539117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.539151] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.539185] ? __kthread_parkme+0x82/0x180 [ 28.539206] ? preempt_count_sub+0x50/0x80 [ 28.539229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.539253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.539276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.539301] kthread+0x337/0x6f0 [ 28.539321] ? trace_preempt_on+0x20/0xc0 [ 28.539354] ? __pfx_kthread+0x10/0x10 [ 28.539375] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.539405] ? calculate_sigpending+0x7b/0xa0 [ 28.539429] ? __pfx_kthread+0x10/0x10 [ 28.539451] ret_from_fork+0x116/0x1d0 [ 28.539471] ? __pfx_kthread+0x10/0x10 [ 28.539491] ret_from_fork_asm+0x1a/0x30 [ 28.539522] </TASK> [ 28.539533] [ 28.551153] Allocated by task 329: [ 28.551356] kasan_save_stack+0x45/0x70 [ 28.551553] kasan_save_track+0x18/0x40 [ 28.551716] kasan_save_alloc_info+0x3b/0x50 [ 28.551921] __kasan_kmalloc+0xb7/0xc0 [ 28.552089] __kmalloc_cache_noprof+0x189/0x420 [ 28.552292] copy_to_kernel_nofault_oob+0x12f/0x560 [ 28.553172] kunit_try_run_case+0x1a5/0x480 [ 28.553377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.553629] kthread+0x337/0x6f0 [ 28.554075] ret_from_fork+0x116/0x1d0 [ 28.554261] ret_from_fork_asm+0x1a/0x30 [ 28.554474] [ 28.554694] The buggy address belongs to the object at ffff8881053b7900 [ 28.554694] which belongs to the cache kmalloc-128 of size 128 [ 28.555604] The buggy address is located 0 bytes to the right of [ 28.555604] allocated 120-byte region [ffff8881053b7900, ffff8881053b7978) [ 28.556303] [ 28.556521] The buggy address belongs to the physical page: [ 28.556771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.557115] flags: 0x200000000000000(node=0|zone=2) [ 28.557329] page_type: f5(slab) [ 28.557493] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.557810] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.558112] page dumped because: kasan: bad access detected [ 28.558855] [ 28.558975] Memory state around the buggy address: [ 28.559162] ffff8881053b7800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.559618] ffff8881053b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.560059] >ffff8881053b7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.560396] ^ [ 28.560803] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.561318] ffff8881053b7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.561739] ================================================================== [ 28.508649] ================================================================== [ 28.509309] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 28.509998] Read of size 8 at addr ffff8881053b7978 by task kunit_try_catch/329 [ 28.510383] [ 28.510947] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.511011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.511026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.511050] Call Trace: [ 28.511100] <TASK> [ 28.511120] dump_stack_lvl+0x73/0xb0 [ 28.511158] print_report+0xd1/0x640 [ 28.511185] ? __virt_addr_valid+0x1db/0x2d0 [ 28.511209] ? copy_to_kernel_nofault+0x225/0x260 [ 28.511234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.511260] ? copy_to_kernel_nofault+0x225/0x260 [ 28.511284] kasan_report+0x141/0x180 [ 28.511307] ? copy_to_kernel_nofault+0x225/0x260 [ 28.511346] __asan_report_load8_noabort+0x18/0x20 [ 28.511371] copy_to_kernel_nofault+0x225/0x260 [ 28.511397] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 28.511421] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 28.511445] ? finish_task_switch.isra.0+0x153/0x700 [ 28.511469] ? __schedule+0x10da/0x2b60 [ 28.511494] ? trace_hardirqs_on+0x37/0xe0 [ 28.511525] ? __pfx_read_tsc+0x10/0x10 [ 28.511548] ? ktime_get_ts64+0x86/0x230 [ 28.511574] kunit_try_run_case+0x1a5/0x480 [ 28.511600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.511623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.511657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.511690] ? __kthread_parkme+0x82/0x180 [ 28.511711] ? preempt_count_sub+0x50/0x80 [ 28.511734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.511758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.511782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.511814] kthread+0x337/0x6f0 [ 28.511849] ? trace_preempt_on+0x20/0xc0 [ 28.511872] ? __pfx_kthread+0x10/0x10 [ 28.511893] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.511924] ? calculate_sigpending+0x7b/0xa0 [ 28.511949] ? __pfx_kthread+0x10/0x10 [ 28.511970] ret_from_fork+0x116/0x1d0 [ 28.511990] ? __pfx_kthread+0x10/0x10 [ 28.512011] ret_from_fork_asm+0x1a/0x30 [ 28.512043] </TASK> [ 28.512056] [ 28.524255] Allocated by task 329: [ 28.524481] kasan_save_stack+0x45/0x70 [ 28.524695] kasan_save_track+0x18/0x40 [ 28.524866] kasan_save_alloc_info+0x3b/0x50 [ 28.525358] __kasan_kmalloc+0xb7/0xc0 [ 28.525656] __kmalloc_cache_noprof+0x189/0x420 [ 28.525903] copy_to_kernel_nofault_oob+0x12f/0x560 [ 28.526482] kunit_try_run_case+0x1a5/0x480 [ 28.526954] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.527228] kthread+0x337/0x6f0 [ 28.527438] ret_from_fork+0x116/0x1d0 [ 28.527831] ret_from_fork_asm+0x1a/0x30 [ 28.528011] [ 28.528105] The buggy address belongs to the object at ffff8881053b7900 [ 28.528105] which belongs to the cache kmalloc-128 of size 128 [ 28.528610] The buggy address is located 0 bytes to the right of [ 28.528610] allocated 120-byte region [ffff8881053b7900, ffff8881053b7978) [ 28.529455] [ 28.529727] The buggy address belongs to the physical page: [ 28.530025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 28.530685] flags: 0x200000000000000(node=0|zone=2) [ 28.531071] page_type: f5(slab) [ 28.531318] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 28.531971] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 28.532490] page dumped because: kasan: bad access detected [ 28.532767] [ 28.532907] Memory state around the buggy address: [ 28.533141] ffff8881053b7800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.533667] ffff8881053b7880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.534111] >ffff8881053b7900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 28.534408] ^ [ 28.534720] ffff8881053b7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.535206] ffff8881053b7a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.535589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper: Failure
Automatically assigned
[ 27.711638] ================================================================== [ 27.712293] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 27.712642] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.713199] [ 27.713325] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.713377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.713391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.713416] Call Trace: [ 27.713436] <TASK> [ 27.713454] dump_stack_lvl+0x73/0xb0 [ 27.713487] print_report+0xd1/0x640 [ 27.713776] ? __virt_addr_valid+0x1db/0x2d0 [ 27.713808] ? kasan_atomics_helper+0x12e6/0x5450 [ 27.713840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.713868] ? kasan_atomics_helper+0x12e6/0x5450 [ 27.713890] kasan_report+0x141/0x180 [ 27.714126] ? kasan_atomics_helper+0x12e6/0x5450 [ 27.714157] kasan_check_range+0x10c/0x1c0 [ 27.714182] __kasan_check_write+0x18/0x20 [ 27.714207] kasan_atomics_helper+0x12e6/0x5450 [ 27.714231] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.714254] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.714279] ? kasan_atomics+0x152/0x310 [ 27.714318] kasan_atomics+0x1dc/0x310 [ 27.714344] ? __pfx_kasan_atomics+0x10/0x10 [ 27.714368] ? __pfx_read_tsc+0x10/0x10 [ 27.714391] ? ktime_get_ts64+0x86/0x230 [ 27.714417] kunit_try_run_case+0x1a5/0x480 [ 27.714443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.714466] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.714502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.714536] ? __kthread_parkme+0x82/0x180 [ 27.714557] ? preempt_count_sub+0x50/0x80 [ 27.714582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.714607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.714635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.714665] kthread+0x337/0x6f0 [ 27.714686] ? trace_preempt_on+0x20/0xc0 [ 27.714711] ? __pfx_kthread+0x10/0x10 [ 27.714733] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.714763] ? calculate_sigpending+0x7b/0xa0 [ 27.714788] ? __pfx_kthread+0x10/0x10 [ 27.714825] ret_from_fork+0x116/0x1d0 [ 27.714860] ? __pfx_kthread+0x10/0x10 [ 27.714881] ret_from_fork_asm+0x1a/0x30 [ 27.714914] </TASK> [ 27.714926] [ 27.726883] Allocated by task 313: [ 27.727227] kasan_save_stack+0x45/0x70 [ 27.727622] kasan_save_track+0x18/0x40 [ 27.727917] kasan_save_alloc_info+0x3b/0x50 [ 27.728240] __kasan_kmalloc+0xb7/0xc0 [ 27.728438] __kmalloc_cache_noprof+0x189/0x420 [ 27.728636] kasan_atomics+0x95/0x310 [ 27.728802] kunit_try_run_case+0x1a5/0x480 [ 27.729351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.729786] kthread+0x337/0x6f0 [ 27.730142] ret_from_fork+0x116/0x1d0 [ 27.730333] ret_from_fork_asm+0x1a/0x30 [ 27.730518] [ 27.730606] The buggy address belongs to the object at ffff8881053c7b80 [ 27.730606] which belongs to the cache kmalloc-64 of size 64 [ 27.731738] The buggy address is located 0 bytes to the right of [ 27.731738] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.732649] [ 27.732878] The buggy address belongs to the physical page: [ 27.733428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.734290] flags: 0x200000000000000(node=0|zone=2) [ 27.734549] page_type: f5(slab) [ 27.734713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.735336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.735838] page dumped because: kasan: bad access detected [ 27.736210] [ 27.736299] Memory state around the buggy address: [ 27.736508] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.737058] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.737480] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.738037] ^ [ 27.738419] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.738730] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.739289] ================================================================== [ 27.296070] ================================================================== [ 27.297034] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 27.297335] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.297929] [ 27.298257] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.298326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.298398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.298421] Call Trace: [ 27.298440] <TASK> [ 27.298459] dump_stack_lvl+0x73/0xb0 [ 27.298493] print_report+0xd1/0x640 [ 27.298516] ? __virt_addr_valid+0x1db/0x2d0 [ 27.298540] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.298560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.298585] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.298606] kasan_report+0x141/0x180 [ 27.298627] ? kasan_atomics_helper+0xa2b/0x5450 [ 27.298657] kasan_check_range+0x10c/0x1c0 [ 27.298680] __kasan_check_write+0x18/0x20 [ 27.298702] kasan_atomics_helper+0xa2b/0x5450 [ 27.298724] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.298745] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.298769] ? kasan_atomics+0x152/0x310 [ 27.298846] kasan_atomics+0x1dc/0x310 [ 27.298873] ? __pfx_kasan_atomics+0x10/0x10 [ 27.298896] ? __pfx_read_tsc+0x10/0x10 [ 27.298917] ? ktime_get_ts64+0x86/0x230 [ 27.298943] kunit_try_run_case+0x1a5/0x480 [ 27.298970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.298993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.299028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.299061] ? __kthread_parkme+0x82/0x180 [ 27.299082] ? preempt_count_sub+0x50/0x80 [ 27.299105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.299128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.299151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.299173] kthread+0x337/0x6f0 [ 27.299193] ? trace_preempt_on+0x20/0xc0 [ 27.299216] ? __pfx_kthread+0x10/0x10 [ 27.299236] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.299266] ? calculate_sigpending+0x7b/0xa0 [ 27.299301] ? __pfx_kthread+0x10/0x10 [ 27.299322] ret_from_fork+0x116/0x1d0 [ 27.299342] ? __pfx_kthread+0x10/0x10 [ 27.299361] ret_from_fork_asm+0x1a/0x30 [ 27.299392] </TASK> [ 27.299403] [ 27.310615] Allocated by task 313: [ 27.310877] kasan_save_stack+0x45/0x70 [ 27.311281] kasan_save_track+0x18/0x40 [ 27.311454] kasan_save_alloc_info+0x3b/0x50 [ 27.311670] __kasan_kmalloc+0xb7/0xc0 [ 27.311814] __kmalloc_cache_noprof+0x189/0x420 [ 27.312511] kasan_atomics+0x95/0x310 [ 27.312682] kunit_try_run_case+0x1a5/0x480 [ 27.312898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.313381] kthread+0x337/0x6f0 [ 27.313544] ret_from_fork+0x116/0x1d0 [ 27.313713] ret_from_fork_asm+0x1a/0x30 [ 27.314309] [ 27.314407] The buggy address belongs to the object at ffff8881053c7b80 [ 27.314407] which belongs to the cache kmalloc-64 of size 64 [ 27.314832] The buggy address is located 0 bytes to the right of [ 27.314832] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.315537] [ 27.315611] The buggy address belongs to the physical page: [ 27.315845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.316175] flags: 0x200000000000000(node=0|zone=2) [ 27.316391] page_type: f5(slab) [ 27.316547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.316840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.317147] page dumped because: kasan: bad access detected [ 27.317996] [ 27.318092] Memory state around the buggy address: [ 27.318250] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.318721] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.319184] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.319443] ^ [ 27.319909] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.320338] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.320713] ================================================================== [ 28.183375] ================================================================== [ 28.183608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 28.183910] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.184198] [ 28.184380] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.184432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.184445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.184469] Call Trace: [ 28.184487] <TASK> [ 28.184503] dump_stack_lvl+0x73/0xb0 [ 28.184537] print_report+0xd1/0x640 [ 28.184560] ? __virt_addr_valid+0x1db/0x2d0 [ 28.184585] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.184606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.184632] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.184653] kasan_report+0x141/0x180 [ 28.184677] ? kasan_atomics_helper+0x1e12/0x5450 [ 28.184703] kasan_check_range+0x10c/0x1c0 [ 28.184726] __kasan_check_write+0x18/0x20 [ 28.184750] kasan_atomics_helper+0x1e12/0x5450 [ 28.184798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.184822] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.184847] ? kasan_atomics+0x152/0x310 [ 28.184885] kasan_atomics+0x1dc/0x310 [ 28.184907] ? __pfx_kasan_atomics+0x10/0x10 [ 28.184931] ? __pfx_read_tsc+0x10/0x10 [ 28.184983] ? ktime_get_ts64+0x86/0x230 [ 28.185008] kunit_try_run_case+0x1a5/0x480 [ 28.185043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.185066] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.185102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.185136] ? __kthread_parkme+0x82/0x180 [ 28.185156] ? preempt_count_sub+0x50/0x80 [ 28.185200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.185224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.185248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.185271] kthread+0x337/0x6f0 [ 28.185291] ? trace_preempt_on+0x20/0xc0 [ 28.185316] ? __pfx_kthread+0x10/0x10 [ 28.185346] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.185377] ? calculate_sigpending+0x7b/0xa0 [ 28.185434] ? __pfx_kthread+0x10/0x10 [ 28.185459] ret_from_fork+0x116/0x1d0 [ 28.185479] ? __pfx_kthread+0x10/0x10 [ 28.185511] ret_from_fork_asm+0x1a/0x30 [ 28.185543] </TASK> [ 28.185554] [ 28.200115] Allocated by task 313: [ 28.200313] kasan_save_stack+0x45/0x70 [ 28.200785] kasan_save_track+0x18/0x40 [ 28.201076] kasan_save_alloc_info+0x3b/0x50 [ 28.201252] __kasan_kmalloc+0xb7/0xc0 [ 28.201431] __kmalloc_cache_noprof+0x189/0x420 [ 28.201617] kasan_atomics+0x95/0x310 [ 28.201785] kunit_try_run_case+0x1a5/0x480 [ 28.202408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.202896] kthread+0x337/0x6f0 [ 28.203185] ret_from_fork+0x116/0x1d0 [ 28.203359] ret_from_fork_asm+0x1a/0x30 [ 28.203495] [ 28.203562] The buggy address belongs to the object at ffff8881053c7b80 [ 28.203562] which belongs to the cache kmalloc-64 of size 64 [ 28.204044] The buggy address is located 0 bytes to the right of [ 28.204044] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.204624] [ 28.204796] The buggy address belongs to the physical page: [ 28.205090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.205506] flags: 0x200000000000000(node=0|zone=2) [ 28.205671] page_type: f5(slab) [ 28.205888] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.206198] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.206541] page dumped because: kasan: bad access detected [ 28.206712] [ 28.206775] Memory state around the buggy address: [ 28.206921] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.207335] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.207726] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.207924] ^ [ 28.208185] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.208879] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.209142] ================================================================== [ 28.469618] ================================================================== [ 28.469997] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 28.470327] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.470623] [ 28.470728] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.470776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.470789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.470830] Call Trace: [ 28.470847] <TASK> [ 28.470863] dump_stack_lvl+0x73/0xb0 [ 28.470894] print_report+0xd1/0x640 [ 28.470916] ? __virt_addr_valid+0x1db/0x2d0 [ 28.470940] ? kasan_atomics_helper+0x5115/0x5450 [ 28.470962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.470988] ? kasan_atomics_helper+0x5115/0x5450 [ 28.471010] kasan_report+0x141/0x180 [ 28.471050] ? kasan_atomics_helper+0x5115/0x5450 [ 28.471077] __asan_report_load8_noabort+0x18/0x20 [ 28.471115] kasan_atomics_helper+0x5115/0x5450 [ 28.471138] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.471174] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.471211] ? kasan_atomics+0x152/0x310 [ 28.471251] kasan_atomics+0x1dc/0x310 [ 28.471288] ? __pfx_kasan_atomics+0x10/0x10 [ 28.471325] ? __pfx_read_tsc+0x10/0x10 [ 28.471372] ? ktime_get_ts64+0x86/0x230 [ 28.471410] kunit_try_run_case+0x1a5/0x480 [ 28.471449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.471485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.471535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.471569] ? __kthread_parkme+0x82/0x180 [ 28.471590] ? preempt_count_sub+0x50/0x80 [ 28.471614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.471641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.471667] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.471692] kthread+0x337/0x6f0 [ 28.471712] ? trace_preempt_on+0x20/0xc0 [ 28.471736] ? __pfx_kthread+0x10/0x10 [ 28.471757] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.471788] ? calculate_sigpending+0x7b/0xa0 [ 28.471812] ? __pfx_kthread+0x10/0x10 [ 28.471834] ret_from_fork+0x116/0x1d0 [ 28.471855] ? __pfx_kthread+0x10/0x10 [ 28.471875] ret_from_fork_asm+0x1a/0x30 [ 28.471907] </TASK> [ 28.471919] [ 28.479088] Allocated by task 313: [ 28.479257] kasan_save_stack+0x45/0x70 [ 28.479429] kasan_save_track+0x18/0x40 [ 28.479556] kasan_save_alloc_info+0x3b/0x50 [ 28.479695] __kasan_kmalloc+0xb7/0xc0 [ 28.479845] __kmalloc_cache_noprof+0x189/0x420 [ 28.480060] kasan_atomics+0x95/0x310 [ 28.480260] kunit_try_run_case+0x1a5/0x480 [ 28.480485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.480680] kthread+0x337/0x6f0 [ 28.480842] ret_from_fork+0x116/0x1d0 [ 28.481020] ret_from_fork_asm+0x1a/0x30 [ 28.481207] [ 28.481304] The buggy address belongs to the object at ffff8881053c7b80 [ 28.481304] which belongs to the cache kmalloc-64 of size 64 [ 28.481788] The buggy address is located 0 bytes to the right of [ 28.481788] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.482282] [ 28.482379] The buggy address belongs to the physical page: [ 28.482596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.482929] flags: 0x200000000000000(node=0|zone=2) [ 28.483155] page_type: f5(slab) [ 28.483315] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.483615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.483970] page dumped because: kasan: bad access detected [ 28.484247] [ 28.484347] Memory state around the buggy address: [ 28.484553] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.484894] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.485201] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.485514] ^ [ 28.485724] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.486024] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.486260] ================================================================== [ 28.150398] ================================================================== [ 28.151504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 28.151766] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.152074] [ 28.152164] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.152215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.152228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.152252] Call Trace: [ 28.152273] <TASK> [ 28.152292] dump_stack_lvl+0x73/0xb0 [ 28.152338] print_report+0xd1/0x640 [ 28.152381] ? __virt_addr_valid+0x1db/0x2d0 [ 28.152405] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.152427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.152453] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.152475] kasan_report+0x141/0x180 [ 28.152498] ? kasan_atomics_helper+0x1d7a/0x5450 [ 28.152524] kasan_check_range+0x10c/0x1c0 [ 28.152548] __kasan_check_write+0x18/0x20 [ 28.152572] kasan_atomics_helper+0x1d7a/0x5450 [ 28.152595] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.152617] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.152642] ? kasan_atomics+0x152/0x310 [ 28.152668] kasan_atomics+0x1dc/0x310 [ 28.152691] ? __pfx_kasan_atomics+0x10/0x10 [ 28.152715] ? __pfx_read_tsc+0x10/0x10 [ 28.152737] ? ktime_get_ts64+0x86/0x230 [ 28.152763] kunit_try_run_case+0x1a5/0x480 [ 28.152788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.152811] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.152847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.152921] ? __kthread_parkme+0x82/0x180 [ 28.152968] ? preempt_count_sub+0x50/0x80 [ 28.152992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.153016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.153040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.153064] kthread+0x337/0x6f0 [ 28.153084] ? trace_preempt_on+0x20/0xc0 [ 28.153108] ? __pfx_kthread+0x10/0x10 [ 28.153129] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.153160] ? calculate_sigpending+0x7b/0xa0 [ 28.153185] ? __pfx_kthread+0x10/0x10 [ 28.153207] ret_from_fork+0x116/0x1d0 [ 28.153227] ? __pfx_kthread+0x10/0x10 [ 28.153248] ret_from_fork_asm+0x1a/0x30 [ 28.153280] </TASK> [ 28.153293] [ 28.168043] Allocated by task 313: [ 28.168293] kasan_save_stack+0x45/0x70 [ 28.168660] kasan_save_track+0x18/0x40 [ 28.169100] kasan_save_alloc_info+0x3b/0x50 [ 28.169662] __kasan_kmalloc+0xb7/0xc0 [ 28.170061] __kmalloc_cache_noprof+0x189/0x420 [ 28.170547] kasan_atomics+0x95/0x310 [ 28.170826] kunit_try_run_case+0x1a5/0x480 [ 28.171332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.171592] kthread+0x337/0x6f0 [ 28.171941] ret_from_fork+0x116/0x1d0 [ 28.172408] ret_from_fork_asm+0x1a/0x30 [ 28.172587] [ 28.172658] The buggy address belongs to the object at ffff8881053c7b80 [ 28.172658] which belongs to the cache kmalloc-64 of size 64 [ 28.173606] The buggy address is located 0 bytes to the right of [ 28.173606] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.174634] [ 28.174818] The buggy address belongs to the physical page: [ 28.175438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.176122] flags: 0x200000000000000(node=0|zone=2) [ 28.176631] page_type: f5(slab) [ 28.176913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.177579] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.177803] page dumped because: kasan: bad access detected [ 28.177970] [ 28.178127] Memory state around the buggy address: [ 28.178596] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.179591] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.180455] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.181237] ^ [ 28.181677] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.182258] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.182972] ================================================================== [ 27.617442] ================================================================== [ 27.618062] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 27.618407] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.618962] [ 27.619044] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.619092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.619105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.619129] Call Trace: [ 27.619145] <TASK> [ 27.619161] dump_stack_lvl+0x73/0xb0 [ 27.619191] print_report+0xd1/0x640 [ 27.619214] ? __virt_addr_valid+0x1db/0x2d0 [ 27.619237] ? kasan_atomics_helper+0x1148/0x5450 [ 27.619258] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.619285] ? kasan_atomics_helper+0x1148/0x5450 [ 27.619319] kasan_report+0x141/0x180 [ 27.619341] ? kasan_atomics_helper+0x1148/0x5450 [ 27.619367] kasan_check_range+0x10c/0x1c0 [ 27.619391] __kasan_check_write+0x18/0x20 [ 27.619415] kasan_atomics_helper+0x1148/0x5450 [ 27.619438] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.619461] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.619487] ? kasan_atomics+0x152/0x310 [ 27.619513] kasan_atomics+0x1dc/0x310 [ 27.619536] ? __pfx_kasan_atomics+0x10/0x10 [ 27.619560] ? __pfx_read_tsc+0x10/0x10 [ 27.619582] ? ktime_get_ts64+0x86/0x230 [ 27.619608] kunit_try_run_case+0x1a5/0x480 [ 27.619632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.619655] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.619690] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.619724] ? __kthread_parkme+0x82/0x180 [ 27.619745] ? preempt_count_sub+0x50/0x80 [ 27.619769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.619793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.619816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.619841] kthread+0x337/0x6f0 [ 27.619861] ? trace_preempt_on+0x20/0xc0 [ 27.619885] ? __pfx_kthread+0x10/0x10 [ 27.619906] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.619936] ? calculate_sigpending+0x7b/0xa0 [ 27.619961] ? __pfx_kthread+0x10/0x10 [ 27.619983] ret_from_fork+0x116/0x1d0 [ 27.620037] ? __pfx_kthread+0x10/0x10 [ 27.620059] ret_from_fork_asm+0x1a/0x30 [ 27.620090] </TASK> [ 27.620102] [ 27.628555] Allocated by task 313: [ 27.628732] kasan_save_stack+0x45/0x70 [ 27.628946] kasan_save_track+0x18/0x40 [ 27.629139] kasan_save_alloc_info+0x3b/0x50 [ 27.629353] __kasan_kmalloc+0xb7/0xc0 [ 27.629536] __kmalloc_cache_noprof+0x189/0x420 [ 27.629750] kasan_atomics+0x95/0x310 [ 27.629931] kunit_try_run_case+0x1a5/0x480 [ 27.630131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.630366] kthread+0x337/0x6f0 [ 27.630482] ret_from_fork+0x116/0x1d0 [ 27.630610] ret_from_fork_asm+0x1a/0x30 [ 27.630827] [ 27.630921] The buggy address belongs to the object at ffff8881053c7b80 [ 27.630921] which belongs to the cache kmalloc-64 of size 64 [ 27.631634] The buggy address is located 0 bytes to the right of [ 27.631634] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.632138] [ 27.632232] The buggy address belongs to the physical page: [ 27.632423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.632779] flags: 0x200000000000000(node=0|zone=2) [ 27.633052] page_type: f5(slab) [ 27.633198] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.633545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.633854] page dumped because: kasan: bad access detected [ 27.634044] [ 27.634133] Memory state around the buggy address: [ 27.634342] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.634613] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.634879] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.635183] ^ [ 27.635412] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.635656] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.635865] ================================================================== [ 28.299063] ================================================================== [ 28.299763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 28.300446] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.301087] [ 28.301270] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.301334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.301360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.301383] Call Trace: [ 28.301400] <TASK> [ 28.301417] dump_stack_lvl+0x73/0xb0 [ 28.301449] print_report+0xd1/0x640 [ 28.301472] ? __virt_addr_valid+0x1db/0x2d0 [ 28.301495] ? kasan_atomics_helper+0x2006/0x5450 [ 28.301516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.301542] ? kasan_atomics_helper+0x2006/0x5450 [ 28.301573] kasan_report+0x141/0x180 [ 28.301596] ? kasan_atomics_helper+0x2006/0x5450 [ 28.301622] kasan_check_range+0x10c/0x1c0 [ 28.301646] __kasan_check_write+0x18/0x20 [ 28.301670] kasan_atomics_helper+0x2006/0x5450 [ 28.301693] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.301714] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.301739] ? kasan_atomics+0x152/0x310 [ 28.301765] kasan_atomics+0x1dc/0x310 [ 28.301787] ? __pfx_kasan_atomics+0x10/0x10 [ 28.301812] ? __pfx_read_tsc+0x10/0x10 [ 28.301862] ? ktime_get_ts64+0x86/0x230 [ 28.301904] kunit_try_run_case+0x1a5/0x480 [ 28.301930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.301953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.301990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.302025] ? __kthread_parkme+0x82/0x180 [ 28.302045] ? preempt_count_sub+0x50/0x80 [ 28.302070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.302094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.302118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.302142] kthread+0x337/0x6f0 [ 28.302161] ? trace_preempt_on+0x20/0xc0 [ 28.302185] ? __pfx_kthread+0x10/0x10 [ 28.302206] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.302236] ? calculate_sigpending+0x7b/0xa0 [ 28.302261] ? __pfx_kthread+0x10/0x10 [ 28.302282] ret_from_fork+0x116/0x1d0 [ 28.302301] ? __pfx_kthread+0x10/0x10 [ 28.302321] ret_from_fork_asm+0x1a/0x30 [ 28.302362] </TASK> [ 28.302373] [ 28.315572] Allocated by task 313: [ 28.315948] kasan_save_stack+0x45/0x70 [ 28.316320] kasan_save_track+0x18/0x40 [ 28.316706] kasan_save_alloc_info+0x3b/0x50 [ 28.317139] __kasan_kmalloc+0xb7/0xc0 [ 28.317638] __kmalloc_cache_noprof+0x189/0x420 [ 28.317846] kasan_atomics+0x95/0x310 [ 28.317980] kunit_try_run_case+0x1a5/0x480 [ 28.318353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.318851] kthread+0x337/0x6f0 [ 28.319186] ret_from_fork+0x116/0x1d0 [ 28.319577] ret_from_fork_asm+0x1a/0x30 [ 28.319978] [ 28.320134] The buggy address belongs to the object at ffff8881053c7b80 [ 28.320134] which belongs to the cache kmalloc-64 of size 64 [ 28.321246] The buggy address is located 0 bytes to the right of [ 28.321246] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.322205] [ 28.322369] The buggy address belongs to the physical page: [ 28.322845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.323141] flags: 0x200000000000000(node=0|zone=2) [ 28.323562] page_type: f5(slab) [ 28.323858] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.324622] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.325297] page dumped because: kasan: bad access detected [ 28.325496] [ 28.325560] Memory state around the buggy address: [ 28.325789] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.326277] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.326519] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.326731] ^ [ 28.326880] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.327105] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.327364] ================================================================== [ 27.429460] ================================================================== [ 27.429692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 27.430217] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.430573] [ 27.430764] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.430841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.430854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.430877] Call Trace: [ 27.430896] <TASK> [ 27.430913] dump_stack_lvl+0x73/0xb0 [ 27.430946] print_report+0xd1/0x640 [ 27.430970] ? __virt_addr_valid+0x1db/0x2d0 [ 27.430995] ? kasan_atomics_helper+0xde0/0x5450 [ 27.431016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.431043] ? kasan_atomics_helper+0xde0/0x5450 [ 27.431065] kasan_report+0x141/0x180 [ 27.431087] ? kasan_atomics_helper+0xde0/0x5450 [ 27.431114] kasan_check_range+0x10c/0x1c0 [ 27.431138] __kasan_check_write+0x18/0x20 [ 27.431162] kasan_atomics_helper+0xde0/0x5450 [ 27.431389] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.431424] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.431450] ? kasan_atomics+0x152/0x310 [ 27.431477] kasan_atomics+0x1dc/0x310 [ 27.431500] ? __pfx_kasan_atomics+0x10/0x10 [ 27.431569] ? __pfx_read_tsc+0x10/0x10 [ 27.431593] ? ktime_get_ts64+0x86/0x230 [ 27.431619] kunit_try_run_case+0x1a5/0x480 [ 27.431644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.431667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.431735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.431768] ? __kthread_parkme+0x82/0x180 [ 27.431789] ? preempt_count_sub+0x50/0x80 [ 27.431927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.431953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.431977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.432001] kthread+0x337/0x6f0 [ 27.432021] ? trace_preempt_on+0x20/0xc0 [ 27.432045] ? __pfx_kthread+0x10/0x10 [ 27.432097] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.432129] ? calculate_sigpending+0x7b/0xa0 [ 27.432154] ? __pfx_kthread+0x10/0x10 [ 27.432176] ret_from_fork+0x116/0x1d0 [ 27.432196] ? __pfx_kthread+0x10/0x10 [ 27.432245] ret_from_fork_asm+0x1a/0x30 [ 27.432278] </TASK> [ 27.432289] [ 27.441387] Allocated by task 313: [ 27.441608] kasan_save_stack+0x45/0x70 [ 27.441927] kasan_save_track+0x18/0x40 [ 27.442195] kasan_save_alloc_info+0x3b/0x50 [ 27.442416] __kasan_kmalloc+0xb7/0xc0 [ 27.442560] __kmalloc_cache_noprof+0x189/0x420 [ 27.442710] kasan_atomics+0x95/0x310 [ 27.442833] kunit_try_run_case+0x1a5/0x480 [ 27.443029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.443284] kthread+0x337/0x6f0 [ 27.443683] ret_from_fork+0x116/0x1d0 [ 27.443881] ret_from_fork_asm+0x1a/0x30 [ 27.444085] [ 27.444174] The buggy address belongs to the object at ffff8881053c7b80 [ 27.444174] which belongs to the cache kmalloc-64 of size 64 [ 27.444558] The buggy address is located 0 bytes to the right of [ 27.444558] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.444935] [ 27.445022] The buggy address belongs to the physical page: [ 27.445261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.445997] flags: 0x200000000000000(node=0|zone=2) [ 27.446285] page_type: f5(slab) [ 27.446418] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.446679] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.447279] page dumped because: kasan: bad access detected [ 27.447757] [ 27.447971] Memory state around the buggy address: [ 27.448247] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.448891] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.449180] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.449478] ^ [ 27.449676] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.449957] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.450229] ================================================================== [ 27.653773] ================================================================== [ 27.654102] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 27.654419] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.654667] [ 27.654743] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.654789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.654802] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.654824] Call Trace: [ 27.654839] <TASK> [ 27.654853] dump_stack_lvl+0x73/0xb0 [ 27.654882] print_report+0xd1/0x640 [ 27.654904] ? __virt_addr_valid+0x1db/0x2d0 [ 27.654927] ? kasan_atomics_helper+0x1217/0x5450 [ 27.654947] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.654973] ? kasan_atomics_helper+0x1217/0x5450 [ 27.654994] kasan_report+0x141/0x180 [ 27.655016] ? kasan_atomics_helper+0x1217/0x5450 [ 27.655041] kasan_check_range+0x10c/0x1c0 [ 27.655064] __kasan_check_write+0x18/0x20 [ 27.655088] kasan_atomics_helper+0x1217/0x5450 [ 27.655110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.655131] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.655155] ? kasan_atomics+0x152/0x310 [ 27.655181] kasan_atomics+0x1dc/0x310 [ 27.655203] ? __pfx_kasan_atomics+0x10/0x10 [ 27.655226] ? __pfx_read_tsc+0x10/0x10 [ 27.655248] ? ktime_get_ts64+0x86/0x230 [ 27.655272] kunit_try_run_case+0x1a5/0x480 [ 27.655296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.655350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.655388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.655422] ? __kthread_parkme+0x82/0x180 [ 27.655443] ? preempt_count_sub+0x50/0x80 [ 27.655466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.655490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.655514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.655538] kthread+0x337/0x6f0 [ 27.655558] ? trace_preempt_on+0x20/0xc0 [ 27.655581] ? __pfx_kthread+0x10/0x10 [ 27.655602] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.655633] ? calculate_sigpending+0x7b/0xa0 [ 27.655658] ? __pfx_kthread+0x10/0x10 [ 27.655680] ret_from_fork+0x116/0x1d0 [ 27.655699] ? __pfx_kthread+0x10/0x10 [ 27.655720] ret_from_fork_asm+0x1a/0x30 [ 27.655752] </TASK> [ 27.655762] [ 27.668264] Allocated by task 313: [ 27.668413] kasan_save_stack+0x45/0x70 [ 27.669334] kasan_save_track+0x18/0x40 [ 27.669618] kasan_save_alloc_info+0x3b/0x50 [ 27.670262] __kasan_kmalloc+0xb7/0xc0 [ 27.670534] __kmalloc_cache_noprof+0x189/0x420 [ 27.671006] kasan_atomics+0x95/0x310 [ 27.671406] kunit_try_run_case+0x1a5/0x480 [ 27.671732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.672197] kthread+0x337/0x6f0 [ 27.672500] ret_from_fork+0x116/0x1d0 [ 27.672963] ret_from_fork_asm+0x1a/0x30 [ 27.673365] [ 27.673455] The buggy address belongs to the object at ffff8881053c7b80 [ 27.673455] which belongs to the cache kmalloc-64 of size 64 [ 27.674583] The buggy address is located 0 bytes to the right of [ 27.674583] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.675540] [ 27.675776] The buggy address belongs to the physical page: [ 27.676390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.677125] flags: 0x200000000000000(node=0|zone=2) [ 27.677515] page_type: f5(slab) [ 27.677674] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.678492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.678956] page dumped because: kasan: bad access detected [ 27.679406] [ 27.679497] Memory state around the buggy address: [ 27.679982] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.680588] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.681080] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.681527] ^ [ 27.681743] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.682475] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.683001] ================================================================== [ 27.784187] ================================================================== [ 27.784528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 27.784851] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.785120] [ 27.785200] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.785248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.785262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.785284] Call Trace: [ 27.785303] <TASK> [ 27.785329] dump_stack_lvl+0x73/0xb0 [ 27.785359] print_report+0xd1/0x640 [ 27.785383] ? __virt_addr_valid+0x1db/0x2d0 [ 27.785406] ? kasan_atomics_helper+0x4eae/0x5450 [ 27.785426] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.785453] ? kasan_atomics_helper+0x4eae/0x5450 [ 27.785475] kasan_report+0x141/0x180 [ 27.785497] ? kasan_atomics_helper+0x4eae/0x5450 [ 27.785523] __asan_report_load8_noabort+0x18/0x20 [ 27.785548] kasan_atomics_helper+0x4eae/0x5450 [ 27.785570] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.785591] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.785616] ? kasan_atomics+0x152/0x310 [ 27.785642] kasan_atomics+0x1dc/0x310 [ 27.785664] ? __pfx_kasan_atomics+0x10/0x10 [ 27.785688] ? __pfx_read_tsc+0x10/0x10 [ 27.785710] ? ktime_get_ts64+0x86/0x230 [ 27.785735] kunit_try_run_case+0x1a5/0x480 [ 27.785777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.785809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.785845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.785906] ? __kthread_parkme+0x82/0x180 [ 27.785930] ? preempt_count_sub+0x50/0x80 [ 27.785955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.785980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.786003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.786046] kthread+0x337/0x6f0 [ 27.786067] ? trace_preempt_on+0x20/0xc0 [ 27.786102] ? __pfx_kthread+0x10/0x10 [ 27.786123] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.786154] ? calculate_sigpending+0x7b/0xa0 [ 27.786196] ? __pfx_kthread+0x10/0x10 [ 27.786217] ret_from_fork+0x116/0x1d0 [ 27.786249] ? __pfx_kthread+0x10/0x10 [ 27.786270] ret_from_fork_asm+0x1a/0x30 [ 27.786302] </TASK> [ 27.786342] [ 27.795687] Allocated by task 313: [ 27.797131] kasan_save_stack+0x45/0x70 [ 27.797330] kasan_save_track+0x18/0x40 [ 27.797466] kasan_save_alloc_info+0x3b/0x50 [ 27.797611] __kasan_kmalloc+0xb7/0xc0 [ 27.797739] __kmalloc_cache_noprof+0x189/0x420 [ 27.798108] kasan_atomics+0x95/0x310 [ 27.798429] kunit_try_run_case+0x1a5/0x480 [ 27.798790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.799030] kthread+0x337/0x6f0 [ 27.799235] ret_from_fork+0x116/0x1d0 [ 27.799912] ret_from_fork_asm+0x1a/0x30 [ 27.800348] [ 27.800610] The buggy address belongs to the object at ffff8881053c7b80 [ 27.800610] which belongs to the cache kmalloc-64 of size 64 [ 27.801530] The buggy address is located 0 bytes to the right of [ 27.801530] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.802440] [ 27.802684] The buggy address belongs to the physical page: [ 27.802931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.803481] flags: 0x200000000000000(node=0|zone=2) [ 27.803931] page_type: f5(slab) [ 27.804286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.804620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.805121] page dumped because: kasan: bad access detected [ 27.805534] [ 27.805632] Memory state around the buggy address: [ 27.806003] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.806605] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.807027] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.807351] ^ [ 27.807565] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.808071] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.808568] ================================================================== [ 27.321621] ================================================================== [ 27.321954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 27.322456] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.322757] [ 27.323263] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.323331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.323344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.323368] Call Trace: [ 27.323386] <TASK> [ 27.323403] dump_stack_lvl+0x73/0xb0 [ 27.323437] print_report+0xd1/0x640 [ 27.323459] ? __virt_addr_valid+0x1db/0x2d0 [ 27.323641] ? kasan_atomics_helper+0xac7/0x5450 [ 27.323666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.323692] ? kasan_atomics_helper+0xac7/0x5450 [ 27.323713] kasan_report+0x141/0x180 [ 27.323735] ? kasan_atomics_helper+0xac7/0x5450 [ 27.323760] kasan_check_range+0x10c/0x1c0 [ 27.323782] __kasan_check_write+0x18/0x20 [ 27.323865] kasan_atomics_helper+0xac7/0x5450 [ 27.323887] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.323908] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.323932] ? kasan_atomics+0x152/0x310 [ 27.323958] kasan_atomics+0x1dc/0x310 [ 27.323979] ? __pfx_kasan_atomics+0x10/0x10 [ 27.324002] ? __pfx_read_tsc+0x10/0x10 [ 27.324024] ? ktime_get_ts64+0x86/0x230 [ 27.324049] kunit_try_run_case+0x1a5/0x480 [ 27.324073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.324094] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.324128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.324161] ? __kthread_parkme+0x82/0x180 [ 27.324181] ? preempt_count_sub+0x50/0x80 [ 27.324204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.324227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.324249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.324272] kthread+0x337/0x6f0 [ 27.324306] ? trace_preempt_on+0x20/0xc0 [ 27.324329] ? __pfx_kthread+0x10/0x10 [ 27.324348] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.324378] ? calculate_sigpending+0x7b/0xa0 [ 27.324402] ? __pfx_kthread+0x10/0x10 [ 27.324422] ret_from_fork+0x116/0x1d0 [ 27.324441] ? __pfx_kthread+0x10/0x10 [ 27.324461] ret_from_fork_asm+0x1a/0x30 [ 27.324491] </TASK> [ 27.324501] [ 27.335499] Allocated by task 313: [ 27.335691] kasan_save_stack+0x45/0x70 [ 27.335839] kasan_save_track+0x18/0x40 [ 27.335967] kasan_save_alloc_info+0x3b/0x50 [ 27.336338] __kasan_kmalloc+0xb7/0xc0 [ 27.336665] __kmalloc_cache_noprof+0x189/0x420 [ 27.336879] kasan_atomics+0x95/0x310 [ 27.337121] kunit_try_run_case+0x1a5/0x480 [ 27.337324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.337560] kthread+0x337/0x6f0 [ 27.337676] ret_from_fork+0x116/0x1d0 [ 27.337808] ret_from_fork_asm+0x1a/0x30 [ 27.337999] [ 27.338156] The buggy address belongs to the object at ffff8881053c7b80 [ 27.338156] which belongs to the cache kmalloc-64 of size 64 [ 27.338688] The buggy address is located 0 bytes to the right of [ 27.338688] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.339314] [ 27.339380] The buggy address belongs to the physical page: [ 27.339544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.340073] flags: 0x200000000000000(node=0|zone=2) [ 27.340336] page_type: f5(slab) [ 27.340495] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.340856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.341100] page dumped because: kasan: bad access detected [ 27.341363] [ 27.341451] Memory state around the buggy address: [ 27.341670] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.342021] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.342330] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.342612] ^ [ 27.342784] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.343064] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.343270] ================================================================== [ 27.051937] ================================================================== [ 27.052274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 27.053438] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.053788] [ 27.054097] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.054163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.054175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.054197] Call Trace: [ 27.054220] <TASK> [ 27.054235] dump_stack_lvl+0x73/0xb0 [ 27.054267] print_report+0xd1/0x640 [ 27.054298] ? __virt_addr_valid+0x1db/0x2d0 [ 27.054322] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.054342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.054366] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.054386] kasan_report+0x141/0x180 [ 27.054408] ? kasan_atomics_helper+0x4b54/0x5450 [ 27.054432] __asan_report_load4_noabort+0x18/0x20 [ 27.054456] kasan_atomics_helper+0x4b54/0x5450 [ 27.054477] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.054498] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.054522] ? kasan_atomics+0x152/0x310 [ 27.054547] kasan_atomics+0x1dc/0x310 [ 27.054568] ? __pfx_kasan_atomics+0x10/0x10 [ 27.054591] ? __pfx_read_tsc+0x10/0x10 [ 27.054612] ? ktime_get_ts64+0x86/0x230 [ 27.054636] kunit_try_run_case+0x1a5/0x480 [ 27.054665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.054686] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.054721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.054763] ? __kthread_parkme+0x82/0x180 [ 27.054783] ? preempt_count_sub+0x50/0x80 [ 27.054831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.054854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.054876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.054898] kthread+0x337/0x6f0 [ 27.054917] ? trace_preempt_on+0x20/0xc0 [ 27.054941] ? __pfx_kthread+0x10/0x10 [ 27.054960] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.054990] ? calculate_sigpending+0x7b/0xa0 [ 27.055014] ? __pfx_kthread+0x10/0x10 [ 27.055034] ret_from_fork+0x116/0x1d0 [ 27.055052] ? __pfx_kthread+0x10/0x10 [ 27.055072] ret_from_fork_asm+0x1a/0x30 [ 27.055101] </TASK> [ 27.055111] [ 27.063581] Allocated by task 313: [ 27.063795] kasan_save_stack+0x45/0x70 [ 27.063996] kasan_save_track+0x18/0x40 [ 27.064263] kasan_save_alloc_info+0x3b/0x50 [ 27.064477] __kasan_kmalloc+0xb7/0xc0 [ 27.064674] __kmalloc_cache_noprof+0x189/0x420 [ 27.064919] kasan_atomics+0x95/0x310 [ 27.065101] kunit_try_run_case+0x1a5/0x480 [ 27.065462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.065690] kthread+0x337/0x6f0 [ 27.066032] ret_from_fork+0x116/0x1d0 [ 27.066231] ret_from_fork_asm+0x1a/0x30 [ 27.066423] [ 27.066510] The buggy address belongs to the object at ffff8881053c7b80 [ 27.066510] which belongs to the cache kmalloc-64 of size 64 [ 27.066995] The buggy address is located 0 bytes to the right of [ 27.066995] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.067524] [ 27.067591] The buggy address belongs to the physical page: [ 27.067755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.067986] flags: 0x200000000000000(node=0|zone=2) [ 27.068139] page_type: f5(slab) [ 27.068252] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.068921] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.069407] page dumped because: kasan: bad access detected [ 27.069651] [ 27.069734] Memory state around the buggy address: [ 27.070130] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.070402] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.070613] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.070884] ^ [ 27.071097] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.071653] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.071952] ================================================================== [ 27.136256] ================================================================== [ 27.136597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 27.137118] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.137390] [ 27.137481] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.137528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.137539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.137562] Call Trace: [ 27.137579] <TASK> [ 27.137593] dump_stack_lvl+0x73/0xb0 [ 27.137625] print_report+0xd1/0x640 [ 27.137659] ? __virt_addr_valid+0x1db/0x2d0 [ 27.137682] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.137702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.137739] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.137760] kasan_report+0x141/0x180 [ 27.137781] ? kasan_atomics_helper+0x5fe/0x5450 [ 27.137865] kasan_check_range+0x10c/0x1c0 [ 27.137890] __kasan_check_write+0x18/0x20 [ 27.137913] kasan_atomics_helper+0x5fe/0x5450 [ 27.137934] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.137955] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.137979] ? kasan_atomics+0x152/0x310 [ 27.138004] kasan_atomics+0x1dc/0x310 [ 27.138026] ? __pfx_kasan_atomics+0x10/0x10 [ 27.138049] ? __pfx_read_tsc+0x10/0x10 [ 27.138070] ? ktime_get_ts64+0x86/0x230 [ 27.138094] kunit_try_run_case+0x1a5/0x480 [ 27.138118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.138140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.138174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.138207] ? __kthread_parkme+0x82/0x180 [ 27.138226] ? preempt_count_sub+0x50/0x80 [ 27.138249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.138272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.138307] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.138329] kthread+0x337/0x6f0 [ 27.138359] ? trace_preempt_on+0x20/0xc0 [ 27.138381] ? __pfx_kthread+0x10/0x10 [ 27.138401] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.138441] ? calculate_sigpending+0x7b/0xa0 [ 27.138466] ? __pfx_kthread+0x10/0x10 [ 27.138486] ret_from_fork+0x116/0x1d0 [ 27.138504] ? __pfx_kthread+0x10/0x10 [ 27.138524] ret_from_fork_asm+0x1a/0x30 [ 27.138554] </TASK> [ 27.138565] [ 27.146975] Allocated by task 313: [ 27.147290] kasan_save_stack+0x45/0x70 [ 27.147511] kasan_save_track+0x18/0x40 [ 27.147713] kasan_save_alloc_info+0x3b/0x50 [ 27.148064] __kasan_kmalloc+0xb7/0xc0 [ 27.148300] __kmalloc_cache_noprof+0x189/0x420 [ 27.148554] kasan_atomics+0x95/0x310 [ 27.148755] kunit_try_run_case+0x1a5/0x480 [ 27.149120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.149404] kthread+0x337/0x6f0 [ 27.149555] ret_from_fork+0x116/0x1d0 [ 27.149727] ret_from_fork_asm+0x1a/0x30 [ 27.149940] [ 27.150025] The buggy address belongs to the object at ffff8881053c7b80 [ 27.150025] which belongs to the cache kmalloc-64 of size 64 [ 27.150630] The buggy address is located 0 bytes to the right of [ 27.150630] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.151256] [ 27.151362] The buggy address belongs to the physical page: [ 27.151599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.152002] flags: 0x200000000000000(node=0|zone=2) [ 27.152237] page_type: f5(slab) [ 27.152392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.152697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.153213] page dumped because: kasan: bad access detected [ 27.153479] [ 27.153568] Memory state around the buggy address: [ 27.153773] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.154143] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.154467] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.154684] ^ [ 27.154834] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.155041] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.155246] ================================================================== [ 27.247039] ================================================================== [ 27.247581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 27.248304] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.248744] [ 27.249109] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.249164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.249241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.249265] Call Trace: [ 27.249279] <TASK> [ 27.249308] dump_stack_lvl+0x73/0xb0 [ 27.249344] print_report+0xd1/0x640 [ 27.249367] ? __virt_addr_valid+0x1db/0x2d0 [ 27.249390] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.249410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.249435] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.249455] kasan_report+0x141/0x180 [ 27.249476] ? kasan_atomics_helper+0x8f9/0x5450 [ 27.249501] kasan_check_range+0x10c/0x1c0 [ 27.249525] __kasan_check_write+0x18/0x20 [ 27.249551] kasan_atomics_helper+0x8f9/0x5450 [ 27.249573] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.249594] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.249618] ? kasan_atomics+0x152/0x310 [ 27.249644] kasan_atomics+0x1dc/0x310 [ 27.249666] ? __pfx_kasan_atomics+0x10/0x10 [ 27.249689] ? __pfx_read_tsc+0x10/0x10 [ 27.249710] ? ktime_get_ts64+0x86/0x230 [ 27.249735] kunit_try_run_case+0x1a5/0x480 [ 27.249759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.249780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.249815] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.249848] ? __kthread_parkme+0x82/0x180 [ 27.249868] ? preempt_count_sub+0x50/0x80 [ 27.249890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.249912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.249935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.249957] kthread+0x337/0x6f0 [ 27.249976] ? trace_preempt_on+0x20/0xc0 [ 27.249999] ? __pfx_kthread+0x10/0x10 [ 27.250018] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.250063] ? calculate_sigpending+0x7b/0xa0 [ 27.250088] ? __pfx_kthread+0x10/0x10 [ 27.250109] ret_from_fork+0x116/0x1d0 [ 27.250127] ? __pfx_kthread+0x10/0x10 [ 27.250147] ret_from_fork_asm+0x1a/0x30 [ 27.250177] </TASK> [ 27.250187] [ 27.260667] Allocated by task 313: [ 27.260992] kasan_save_stack+0x45/0x70 [ 27.261154] kasan_save_track+0x18/0x40 [ 27.261532] kasan_save_alloc_info+0x3b/0x50 [ 27.261732] __kasan_kmalloc+0xb7/0xc0 [ 27.262006] __kmalloc_cache_noprof+0x189/0x420 [ 27.262442] kasan_atomics+0x95/0x310 [ 27.262595] kunit_try_run_case+0x1a5/0x480 [ 27.262785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.263442] kthread+0x337/0x6f0 [ 27.263582] ret_from_fork+0x116/0x1d0 [ 27.264057] ret_from_fork_asm+0x1a/0x30 [ 27.264214] [ 27.264323] The buggy address belongs to the object at ffff8881053c7b80 [ 27.264323] which belongs to the cache kmalloc-64 of size 64 [ 27.264903] The buggy address is located 0 bytes to the right of [ 27.264903] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.265661] [ 27.265755] The buggy address belongs to the physical page: [ 27.266264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.266628] flags: 0x200000000000000(node=0|zone=2) [ 27.267139] page_type: f5(slab) [ 27.267314] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.267633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.267955] page dumped because: kasan: bad access detected [ 27.268172] [ 27.268260] Memory state around the buggy address: [ 27.268893] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.269206] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.269509] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.269796] ^ [ 27.270371] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.270635] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.271170] ================================================================== [ 28.027265] ================================================================== [ 28.027606] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 28.027935] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.028308] [ 28.028438] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.028486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.028499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.028522] Call Trace: [ 28.028541] <TASK> [ 28.028556] dump_stack_lvl+0x73/0xb0 [ 28.028586] print_report+0xd1/0x640 [ 28.028609] ? __virt_addr_valid+0x1db/0x2d0 [ 28.028634] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.028655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.028682] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.028704] kasan_report+0x141/0x180 [ 28.028726] ? kasan_atomics_helper+0x19e3/0x5450 [ 28.028752] kasan_check_range+0x10c/0x1c0 [ 28.028777] __kasan_check_write+0x18/0x20 [ 28.028801] kasan_atomics_helper+0x19e3/0x5450 [ 28.028824] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.028847] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.028873] ? kasan_atomics+0x152/0x310 [ 28.028899] kasan_atomics+0x1dc/0x310 [ 28.028922] ? __pfx_kasan_atomics+0x10/0x10 [ 28.028946] ? __pfx_read_tsc+0x10/0x10 [ 28.028968] ? ktime_get_ts64+0x86/0x230 [ 28.028994] kunit_try_run_case+0x1a5/0x480 [ 28.029018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.029041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.029077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.029111] ? __kthread_parkme+0x82/0x180 [ 28.029132] ? preempt_count_sub+0x50/0x80 [ 28.029156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.029180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.029204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.029227] kthread+0x337/0x6f0 [ 28.029248] ? trace_preempt_on+0x20/0xc0 [ 28.029271] ? __pfx_kthread+0x10/0x10 [ 28.029293] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.029333] ? calculate_sigpending+0x7b/0xa0 [ 28.029357] ? __pfx_kthread+0x10/0x10 [ 28.029379] ret_from_fork+0x116/0x1d0 [ 28.029399] ? __pfx_kthread+0x10/0x10 [ 28.029420] ret_from_fork_asm+0x1a/0x30 [ 28.029452] </TASK> [ 28.029463] [ 28.037738] Allocated by task 313: [ 28.038074] kasan_save_stack+0x45/0x70 [ 28.038272] kasan_save_track+0x18/0x40 [ 28.038475] kasan_save_alloc_info+0x3b/0x50 [ 28.038683] __kasan_kmalloc+0xb7/0xc0 [ 28.038838] __kmalloc_cache_noprof+0x189/0x420 [ 28.039025] kasan_atomics+0x95/0x310 [ 28.039178] kunit_try_run_case+0x1a5/0x480 [ 28.039604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.039924] kthread+0x337/0x6f0 [ 28.040085] ret_from_fork+0x116/0x1d0 [ 28.040249] ret_from_fork_asm+0x1a/0x30 [ 28.040463] [ 28.040559] The buggy address belongs to the object at ffff8881053c7b80 [ 28.040559] which belongs to the cache kmalloc-64 of size 64 [ 28.041239] The buggy address is located 0 bytes to the right of [ 28.041239] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.041731] [ 28.041817] The buggy address belongs to the physical page: [ 28.042052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.042384] flags: 0x200000000000000(node=0|zone=2) [ 28.042614] page_type: f5(slab) [ 28.042744] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.043010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.043644] page dumped because: kasan: bad access detected [ 28.043997] [ 28.044074] Memory state around the buggy address: [ 28.044266] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.044573] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.044820] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.045027] ^ [ 28.045178] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.045399] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.045608] ================================================================== [ 27.175733] ================================================================== [ 27.175954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 27.176236] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.176569] [ 27.176802] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.176854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.176867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.176889] Call Trace: [ 27.176906] <TASK> [ 27.176921] dump_stack_lvl+0x73/0xb0 [ 27.176952] print_report+0xd1/0x640 [ 27.176974] ? __virt_addr_valid+0x1db/0x2d0 [ 27.176997] ? kasan_atomics_helper+0x72f/0x5450 [ 27.177017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.177042] ? kasan_atomics_helper+0x72f/0x5450 [ 27.177063] kasan_report+0x141/0x180 [ 27.177084] ? kasan_atomics_helper+0x72f/0x5450 [ 27.177110] kasan_check_range+0x10c/0x1c0 [ 27.177133] __kasan_check_write+0x18/0x20 [ 27.177155] kasan_atomics_helper+0x72f/0x5450 [ 27.177177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.177197] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.177222] ? kasan_atomics+0x152/0x310 [ 27.177247] kasan_atomics+0x1dc/0x310 [ 27.177269] ? __pfx_kasan_atomics+0x10/0x10 [ 27.177303] ? __pfx_read_tsc+0x10/0x10 [ 27.177325] ? ktime_get_ts64+0x86/0x230 [ 27.177349] kunit_try_run_case+0x1a5/0x480 [ 27.177372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.177393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.177472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.177510] ? __kthread_parkme+0x82/0x180 [ 27.177530] ? preempt_count_sub+0x50/0x80 [ 27.177553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.177577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.177599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.177622] kthread+0x337/0x6f0 [ 27.177652] ? trace_preempt_on+0x20/0xc0 [ 27.177675] ? __pfx_kthread+0x10/0x10 [ 27.177694] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.177736] ? calculate_sigpending+0x7b/0xa0 [ 27.177760] ? __pfx_kthread+0x10/0x10 [ 27.177780] ret_from_fork+0x116/0x1d0 [ 27.177847] ? __pfx_kthread+0x10/0x10 [ 27.177870] ret_from_fork_asm+0x1a/0x30 [ 27.177900] </TASK> [ 27.177911] [ 27.186202] Allocated by task 313: [ 27.186404] kasan_save_stack+0x45/0x70 [ 27.186704] kasan_save_track+0x18/0x40 [ 27.187009] kasan_save_alloc_info+0x3b/0x50 [ 27.187273] __kasan_kmalloc+0xb7/0xc0 [ 27.187462] __kmalloc_cache_noprof+0x189/0x420 [ 27.187680] kasan_atomics+0x95/0x310 [ 27.187922] kunit_try_run_case+0x1a5/0x480 [ 27.188172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.188455] kthread+0x337/0x6f0 [ 27.188601] ret_from_fork+0x116/0x1d0 [ 27.188977] ret_from_fork_asm+0x1a/0x30 [ 27.189253] [ 27.189356] The buggy address belongs to the object at ffff8881053c7b80 [ 27.189356] which belongs to the cache kmalloc-64 of size 64 [ 27.190044] The buggy address is located 0 bytes to the right of [ 27.190044] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.190610] [ 27.190688] The buggy address belongs to the physical page: [ 27.190893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.191576] flags: 0x200000000000000(node=0|zone=2) [ 27.191948] page_type: f5(slab) [ 27.192145] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.192392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.192614] page dumped because: kasan: bad access detected [ 27.192779] [ 27.192841] Memory state around the buggy address: [ 27.192989] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.193291] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.193950] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.194308] ^ [ 27.194535] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.195158] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.195580] ================================================================== [ 27.568604] ================================================================== [ 27.569167] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 27.569612] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.570119] [ 27.570249] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.570307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.570321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.570344] Call Trace: [ 27.570576] <TASK> [ 27.570597] dump_stack_lvl+0x73/0xb0 [ 27.570633] print_report+0xd1/0x640 [ 27.570664] ? __virt_addr_valid+0x1db/0x2d0 [ 27.570689] ? kasan_atomics_helper+0x1079/0x5450 [ 27.570915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.570946] ? kasan_atomics_helper+0x1079/0x5450 [ 27.570968] kasan_report+0x141/0x180 [ 27.571005] ? kasan_atomics_helper+0x1079/0x5450 [ 27.571031] kasan_check_range+0x10c/0x1c0 [ 27.571064] __kasan_check_write+0x18/0x20 [ 27.571088] kasan_atomics_helper+0x1079/0x5450 [ 27.571110] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.571133] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.571158] ? kasan_atomics+0x152/0x310 [ 27.571184] kasan_atomics+0x1dc/0x310 [ 27.571207] ? __pfx_kasan_atomics+0x10/0x10 [ 27.571231] ? __pfx_read_tsc+0x10/0x10 [ 27.571254] ? ktime_get_ts64+0x86/0x230 [ 27.571280] kunit_try_run_case+0x1a5/0x480 [ 27.571317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.571340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.571376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.571410] ? __kthread_parkme+0x82/0x180 [ 27.571431] ? preempt_count_sub+0x50/0x80 [ 27.571455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.571479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.571503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.571527] kthread+0x337/0x6f0 [ 27.571548] ? trace_preempt_on+0x20/0xc0 [ 27.571572] ? __pfx_kthread+0x10/0x10 [ 27.571595] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.571626] ? calculate_sigpending+0x7b/0xa0 [ 27.571652] ? __pfx_kthread+0x10/0x10 [ 27.571675] ret_from_fork+0x116/0x1d0 [ 27.571695] ? __pfx_kthread+0x10/0x10 [ 27.571716] ret_from_fork_asm+0x1a/0x30 [ 27.571749] </TASK> [ 27.571760] [ 27.584697] Allocated by task 313: [ 27.584997] kasan_save_stack+0x45/0x70 [ 27.585433] kasan_save_track+0x18/0x40 [ 27.585781] kasan_save_alloc_info+0x3b/0x50 [ 27.586157] __kasan_kmalloc+0xb7/0xc0 [ 27.586541] __kmalloc_cache_noprof+0x189/0x420 [ 27.586748] kasan_atomics+0x95/0x310 [ 27.587133] kunit_try_run_case+0x1a5/0x480 [ 27.587620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.587971] kthread+0x337/0x6f0 [ 27.588397] ret_from_fork+0x116/0x1d0 [ 27.588707] ret_from_fork_asm+0x1a/0x30 [ 27.589068] [ 27.589218] The buggy address belongs to the object at ffff8881053c7b80 [ 27.589218] which belongs to the cache kmalloc-64 of size 64 [ 27.590190] The buggy address is located 0 bytes to the right of [ 27.590190] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.590971] [ 27.591061] The buggy address belongs to the physical page: [ 27.591549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.592155] flags: 0x200000000000000(node=0|zone=2) [ 27.592587] page_type: f5(slab) [ 27.592873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.593551] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.593950] page dumped because: kasan: bad access detected [ 27.594317] [ 27.594408] Memory state around the buggy address: [ 27.594611] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.595192] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.595691] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.596354] ^ [ 27.596740] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.597328] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.597810] ================================================================== [ 27.852411] ================================================================== [ 27.853120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 27.853580] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.854471] [ 27.854586] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.854636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.854651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.854680] Call Trace: [ 27.854697] <TASK> [ 27.854711] dump_stack_lvl+0x73/0xb0 [ 27.854744] print_report+0xd1/0x640 [ 27.854766] ? __virt_addr_valid+0x1db/0x2d0 [ 27.854790] ? kasan_atomics_helper+0x151d/0x5450 [ 27.854811] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.854837] ? kasan_atomics_helper+0x151d/0x5450 [ 27.854858] kasan_report+0x141/0x180 [ 27.854880] ? kasan_atomics_helper+0x151d/0x5450 [ 27.854906] kasan_check_range+0x10c/0x1c0 [ 27.854949] __kasan_check_write+0x18/0x20 [ 27.855087] kasan_atomics_helper+0x151d/0x5450 [ 27.855122] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.855145] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.855171] ? kasan_atomics+0x152/0x310 [ 27.855198] kasan_atomics+0x1dc/0x310 [ 27.855220] ? __pfx_kasan_atomics+0x10/0x10 [ 27.855244] ? __pfx_read_tsc+0x10/0x10 [ 27.855266] ? ktime_get_ts64+0x86/0x230 [ 27.855292] kunit_try_run_case+0x1a5/0x480 [ 27.855330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.855353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.855387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.855421] ? __kthread_parkme+0x82/0x180 [ 27.855442] ? preempt_count_sub+0x50/0x80 [ 27.855466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.855489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.855513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.855536] kthread+0x337/0x6f0 [ 27.855555] ? trace_preempt_on+0x20/0xc0 [ 27.855580] ? __pfx_kthread+0x10/0x10 [ 27.855601] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.855632] ? calculate_sigpending+0x7b/0xa0 [ 27.855656] ? __pfx_kthread+0x10/0x10 [ 27.855677] ret_from_fork+0x116/0x1d0 [ 27.855697] ? __pfx_kthread+0x10/0x10 [ 27.855717] ret_from_fork_asm+0x1a/0x30 [ 27.855748] </TASK> [ 27.855760] [ 27.866236] Allocated by task 313: [ 27.866495] kasan_save_stack+0x45/0x70 [ 27.866651] kasan_save_track+0x18/0x40 [ 27.867135] kasan_save_alloc_info+0x3b/0x50 [ 27.867448] __kasan_kmalloc+0xb7/0xc0 [ 27.867669] __kmalloc_cache_noprof+0x189/0x420 [ 27.867860] kasan_atomics+0x95/0x310 [ 27.868089] kunit_try_run_case+0x1a5/0x480 [ 27.868518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.868893] kthread+0x337/0x6f0 [ 27.869046] ret_from_fork+0x116/0x1d0 [ 27.869376] ret_from_fork_asm+0x1a/0x30 [ 27.869549] [ 27.869642] The buggy address belongs to the object at ffff8881053c7b80 [ 27.869642] which belongs to the cache kmalloc-64 of size 64 [ 27.870492] The buggy address is located 0 bytes to the right of [ 27.870492] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.871281] [ 27.871411] The buggy address belongs to the physical page: [ 27.871781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.872178] flags: 0x200000000000000(node=0|zone=2) [ 27.872589] page_type: f5(slab) [ 27.873022] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.873402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.873705] page dumped because: kasan: bad access detected [ 27.874056] [ 27.874137] Memory state around the buggy address: [ 27.874504] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.874977] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.875324] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.875601] ^ [ 27.875785] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.876325] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.876779] ================================================================== [ 27.683774] ================================================================== [ 27.684469] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 27.684782] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.685284] [ 27.685396] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.685448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.685462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.685486] Call Trace: [ 27.685508] <TASK> [ 27.685528] dump_stack_lvl+0x73/0xb0 [ 27.685563] print_report+0xd1/0x640 [ 27.685586] ? __virt_addr_valid+0x1db/0x2d0 [ 27.685610] ? kasan_atomics_helper+0x49e8/0x5450 [ 27.685634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.685660] ? kasan_atomics_helper+0x49e8/0x5450 [ 27.685682] kasan_report+0x141/0x180 [ 27.685706] ? kasan_atomics_helper+0x49e8/0x5450 [ 27.685733] __asan_report_load4_noabort+0x18/0x20 [ 27.685760] kasan_atomics_helper+0x49e8/0x5450 [ 27.685785] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.686100] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.686128] ? kasan_atomics+0x152/0x310 [ 27.686156] kasan_atomics+0x1dc/0x310 [ 27.686181] ? __pfx_kasan_atomics+0x10/0x10 [ 27.686205] ? __pfx_read_tsc+0x10/0x10 [ 27.686274] ? ktime_get_ts64+0x86/0x230 [ 27.686311] kunit_try_run_case+0x1a5/0x480 [ 27.686338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.686361] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.686398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.686434] ? __kthread_parkme+0x82/0x180 [ 27.686457] ? preempt_count_sub+0x50/0x80 [ 27.686481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.686506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.686529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.686553] kthread+0x337/0x6f0 [ 27.686573] ? trace_preempt_on+0x20/0xc0 [ 27.686597] ? __pfx_kthread+0x10/0x10 [ 27.686618] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.686648] ? calculate_sigpending+0x7b/0xa0 [ 27.686677] ? __pfx_kthread+0x10/0x10 [ 27.686698] ret_from_fork+0x116/0x1d0 [ 27.686718] ? __pfx_kthread+0x10/0x10 [ 27.686739] ret_from_fork_asm+0x1a/0x30 [ 27.686770] </TASK> [ 27.686781] [ 27.698715] Allocated by task 313: [ 27.699165] kasan_save_stack+0x45/0x70 [ 27.699499] kasan_save_track+0x18/0x40 [ 27.699795] kasan_save_alloc_info+0x3b/0x50 [ 27.700186] __kasan_kmalloc+0xb7/0xc0 [ 27.700384] __kmalloc_cache_noprof+0x189/0x420 [ 27.700587] kasan_atomics+0x95/0x310 [ 27.700754] kunit_try_run_case+0x1a5/0x480 [ 27.701300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.701664] kthread+0x337/0x6f0 [ 27.702041] ret_from_fork+0x116/0x1d0 [ 27.702377] ret_from_fork_asm+0x1a/0x30 [ 27.702738] [ 27.702877] The buggy address belongs to the object at ffff8881053c7b80 [ 27.702877] which belongs to the cache kmalloc-64 of size 64 [ 27.703541] The buggy address is located 0 bytes to the right of [ 27.703541] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.704513] [ 27.704736] The buggy address belongs to the physical page: [ 27.705218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.705727] flags: 0x200000000000000(node=0|zone=2) [ 27.706188] page_type: f5(slab) [ 27.706521] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.707051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.707465] page dumped because: kasan: bad access detected [ 27.707703] [ 27.707784] Memory state around the buggy address: [ 27.708210] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.708515] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.709036] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.709484] ^ [ 27.709856] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.710417] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.710720] ================================================================== [ 27.945904] ================================================================== [ 27.946206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 27.946533] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.946968] [ 27.947069] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.947120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.947133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.947157] Call Trace: [ 27.947173] <TASK> [ 27.947189] dump_stack_lvl+0x73/0xb0 [ 27.947221] print_report+0xd1/0x640 [ 27.947244] ? __virt_addr_valid+0x1db/0x2d0 [ 27.947267] ? kasan_atomics_helper+0x177f/0x5450 [ 27.947291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.947332] ? kasan_atomics_helper+0x177f/0x5450 [ 27.947354] kasan_report+0x141/0x180 [ 27.947377] ? kasan_atomics_helper+0x177f/0x5450 [ 27.947403] kasan_check_range+0x10c/0x1c0 [ 27.947427] __kasan_check_write+0x18/0x20 [ 27.947451] kasan_atomics_helper+0x177f/0x5450 [ 27.947474] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.947497] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.947522] ? kasan_atomics+0x152/0x310 [ 27.947549] kasan_atomics+0x1dc/0x310 [ 27.947573] ? __pfx_kasan_atomics+0x10/0x10 [ 27.947597] ? __pfx_read_tsc+0x10/0x10 [ 27.947619] ? ktime_get_ts64+0x86/0x230 [ 27.947645] kunit_try_run_case+0x1a5/0x480 [ 27.947669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.947692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.947727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.947761] ? __kthread_parkme+0x82/0x180 [ 27.947782] ? preempt_count_sub+0x50/0x80 [ 27.947967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.947992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.948018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.948041] kthread+0x337/0x6f0 [ 27.948063] ? trace_preempt_on+0x20/0xc0 [ 27.948086] ? __pfx_kthread+0x10/0x10 [ 27.948108] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.948139] ? calculate_sigpending+0x7b/0xa0 [ 27.948164] ? __pfx_kthread+0x10/0x10 [ 27.948186] ret_from_fork+0x116/0x1d0 [ 27.948206] ? __pfx_kthread+0x10/0x10 [ 27.948226] ret_from_fork_asm+0x1a/0x30 [ 27.948258] </TASK> [ 27.948269] [ 27.955763] Allocated by task 313: [ 27.955944] kasan_save_stack+0x45/0x70 [ 27.956162] kasan_save_track+0x18/0x40 [ 27.956524] kasan_save_alloc_info+0x3b/0x50 [ 27.956748] __kasan_kmalloc+0xb7/0xc0 [ 27.956935] __kmalloc_cache_noprof+0x189/0x420 [ 27.957125] kasan_atomics+0x95/0x310 [ 27.957251] kunit_try_run_case+0x1a5/0x480 [ 27.957635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.958030] kthread+0x337/0x6f0 [ 27.958228] ret_from_fork+0x116/0x1d0 [ 27.958419] ret_from_fork_asm+0x1a/0x30 [ 27.958591] [ 27.958689] The buggy address belongs to the object at ffff8881053c7b80 [ 27.958689] which belongs to the cache kmalloc-64 of size 64 [ 27.959298] The buggy address is located 0 bytes to the right of [ 27.959298] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.959790] [ 27.959894] The buggy address belongs to the physical page: [ 27.960060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.960297] flags: 0x200000000000000(node=0|zone=2) [ 27.960465] page_type: f5(slab) [ 27.960580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.960806] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.961119] page dumped because: kasan: bad access detected [ 27.961565] [ 27.961662] Memory state around the buggy address: [ 27.961972] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.962297] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.962594] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.965319] ^ [ 27.965548] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.965814] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.966104] ================================================================== [ 28.210202] ================================================================== [ 28.210827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 28.211411] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.211639] [ 28.211726] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.211776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.211789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.211813] Call Trace: [ 28.211833] <TASK> [ 28.211852] dump_stack_lvl+0x73/0xb0 [ 28.211885] print_report+0xd1/0x640 [ 28.211908] ? __virt_addr_valid+0x1db/0x2d0 [ 28.211933] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.211954] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.212375] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.212397] kasan_report+0x141/0x180 [ 28.212421] ? kasan_atomics_helper+0x1eaa/0x5450 [ 28.212447] kasan_check_range+0x10c/0x1c0 [ 28.212470] __kasan_check_write+0x18/0x20 [ 28.212493] kasan_atomics_helper+0x1eaa/0x5450 [ 28.212515] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.212539] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.212564] ? kasan_atomics+0x152/0x310 [ 28.212590] kasan_atomics+0x1dc/0x310 [ 28.212613] ? __pfx_kasan_atomics+0x10/0x10 [ 28.212637] ? __pfx_read_tsc+0x10/0x10 [ 28.212661] ? ktime_get_ts64+0x86/0x230 [ 28.212687] kunit_try_run_case+0x1a5/0x480 [ 28.212711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.212734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.212770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.212822] ? __kthread_parkme+0x82/0x180 [ 28.212844] ? preempt_count_sub+0x50/0x80 [ 28.212868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.212893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.212917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.212941] kthread+0x337/0x6f0 [ 28.212961] ? trace_preempt_on+0x20/0xc0 [ 28.212986] ? __pfx_kthread+0x10/0x10 [ 28.213007] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.213038] ? calculate_sigpending+0x7b/0xa0 [ 28.213063] ? __pfx_kthread+0x10/0x10 [ 28.213086] ret_from_fork+0x116/0x1d0 [ 28.213105] ? __pfx_kthread+0x10/0x10 [ 28.213126] ret_from_fork_asm+0x1a/0x30 [ 28.213158] </TASK> [ 28.213169] [ 28.227717] Allocated by task 313: [ 28.228146] kasan_save_stack+0x45/0x70 [ 28.228849] kasan_save_track+0x18/0x40 [ 28.229249] kasan_save_alloc_info+0x3b/0x50 [ 28.229537] __kasan_kmalloc+0xb7/0xc0 [ 28.229667] __kmalloc_cache_noprof+0x189/0x420 [ 28.229814] kasan_atomics+0x95/0x310 [ 28.230080] kunit_try_run_case+0x1a5/0x480 [ 28.230738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.231413] kthread+0x337/0x6f0 [ 28.231863] ret_from_fork+0x116/0x1d0 [ 28.232387] ret_from_fork_asm+0x1a/0x30 [ 28.232897] [ 28.233067] The buggy address belongs to the object at ffff8881053c7b80 [ 28.233067] which belongs to the cache kmalloc-64 of size 64 [ 28.233826] The buggy address is located 0 bytes to the right of [ 28.233826] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.234204] [ 28.234274] The buggy address belongs to the physical page: [ 28.234479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.234746] flags: 0x200000000000000(node=0|zone=2) [ 28.235221] page_type: f5(slab) [ 28.235510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.236584] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.237031] page dumped because: kasan: bad access detected [ 28.237466] [ 28.237804] Memory state around the buggy address: [ 28.238247] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.238599] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.239120] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.239422] ^ [ 28.239720] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.240212] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.240683] ================================================================== [ 28.447398] ================================================================== [ 28.448075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 28.448553] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.449920] [ 28.450435] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.450496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.450779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.450818] Call Trace: [ 28.450836] <TASK> [ 28.450855] dump_stack_lvl+0x73/0xb0 [ 28.450893] print_report+0xd1/0x640 [ 28.450918] ? __virt_addr_valid+0x1db/0x2d0 [ 28.450943] ? kasan_atomics_helper+0x224c/0x5450 [ 28.450967] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.450993] ? kasan_atomics_helper+0x224c/0x5450 [ 28.451015] kasan_report+0x141/0x180 [ 28.451037] ? kasan_atomics_helper+0x224c/0x5450 [ 28.451063] kasan_check_range+0x10c/0x1c0 [ 28.451087] __kasan_check_write+0x18/0x20 [ 28.451110] kasan_atomics_helper+0x224c/0x5450 [ 28.451133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.451155] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.451180] ? kasan_atomics+0x152/0x310 [ 28.451206] kasan_atomics+0x1dc/0x310 [ 28.451229] ? __pfx_kasan_atomics+0x10/0x10 [ 28.451253] ? __pfx_read_tsc+0x10/0x10 [ 28.451274] ? ktime_get_ts64+0x86/0x230 [ 28.451299] kunit_try_run_case+0x1a5/0x480 [ 28.451324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.451362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.451397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.451431] ? __kthread_parkme+0x82/0x180 [ 28.451452] ? preempt_count_sub+0x50/0x80 [ 28.451475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.451499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.451523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.451546] kthread+0x337/0x6f0 [ 28.451566] ? trace_preempt_on+0x20/0xc0 [ 28.451590] ? __pfx_kthread+0x10/0x10 [ 28.451611] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.451641] ? calculate_sigpending+0x7b/0xa0 [ 28.451666] ? __pfx_kthread+0x10/0x10 [ 28.451687] ret_from_fork+0x116/0x1d0 [ 28.451707] ? __pfx_kthread+0x10/0x10 [ 28.451728] ret_from_fork_asm+0x1a/0x30 [ 28.451758] </TASK> [ 28.451770] [ 28.461122] Allocated by task 313: [ 28.461245] kasan_save_stack+0x45/0x70 [ 28.461423] kasan_save_track+0x18/0x40 [ 28.461611] kasan_save_alloc_info+0x3b/0x50 [ 28.461865] __kasan_kmalloc+0xb7/0xc0 [ 28.462068] __kmalloc_cache_noprof+0x189/0x420 [ 28.462319] kasan_atomics+0x95/0x310 [ 28.462550] kunit_try_run_case+0x1a5/0x480 [ 28.462781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.463041] kthread+0x337/0x6f0 [ 28.463209] ret_from_fork+0x116/0x1d0 [ 28.463404] ret_from_fork_asm+0x1a/0x30 [ 28.463536] [ 28.463598] The buggy address belongs to the object at ffff8881053c7b80 [ 28.463598] which belongs to the cache kmalloc-64 of size 64 [ 28.463933] The buggy address is located 0 bytes to the right of [ 28.463933] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.464408] [ 28.464522] The buggy address belongs to the physical page: [ 28.464769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.465133] flags: 0x200000000000000(node=0|zone=2) [ 28.465375] page_type: f5(slab) [ 28.465561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.465917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.466220] page dumped because: kasan: bad access detected [ 28.466404] [ 28.466466] Memory state around the buggy address: [ 28.466683] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.467022] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.467296] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.467643] ^ [ 28.467866] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.468160] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.468408] ================================================================== [ 28.100619] ================================================================== [ 28.100840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 28.101062] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.101277] [ 28.101382] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.101443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.101456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.101477] Call Trace: [ 28.101491] <TASK> [ 28.101505] dump_stack_lvl+0x73/0xb0 [ 28.101534] print_report+0xd1/0x640 [ 28.101556] ? __virt_addr_valid+0x1db/0x2d0 [ 28.101579] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.101600] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.101626] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.101648] kasan_report+0x141/0x180 [ 28.101671] ? kasan_atomics_helper+0x4f30/0x5450 [ 28.101696] __asan_report_load8_noabort+0x18/0x20 [ 28.101721] kasan_atomics_helper+0x4f30/0x5450 [ 28.101745] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.101767] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.101791] ? kasan_atomics+0x152/0x310 [ 28.101817] kasan_atomics+0x1dc/0x310 [ 28.101840] ? __pfx_kasan_atomics+0x10/0x10 [ 28.101864] ? __pfx_read_tsc+0x10/0x10 [ 28.101886] ? ktime_get_ts64+0x86/0x230 [ 28.101910] kunit_try_run_case+0x1a5/0x480 [ 28.101934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.101957] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.101992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.102026] ? __kthread_parkme+0x82/0x180 [ 28.102046] ? preempt_count_sub+0x50/0x80 [ 28.102070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.102094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.102118] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.102142] kthread+0x337/0x6f0 [ 28.102162] ? trace_preempt_on+0x20/0xc0 [ 28.102185] ? __pfx_kthread+0x10/0x10 [ 28.102207] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.102237] ? calculate_sigpending+0x7b/0xa0 [ 28.102261] ? __pfx_kthread+0x10/0x10 [ 28.102282] ret_from_fork+0x116/0x1d0 [ 28.102302] ? __pfx_kthread+0x10/0x10 [ 28.102332] ret_from_fork_asm+0x1a/0x30 [ 28.102364] </TASK> [ 28.102375] [ 28.110585] Allocated by task 313: [ 28.110719] kasan_save_stack+0x45/0x70 [ 28.110883] kasan_save_track+0x18/0x40 [ 28.111150] kasan_save_alloc_info+0x3b/0x50 [ 28.111367] __kasan_kmalloc+0xb7/0xc0 [ 28.111548] __kmalloc_cache_noprof+0x189/0x420 [ 28.111774] kasan_atomics+0x95/0x310 [ 28.111957] kunit_try_run_case+0x1a5/0x480 [ 28.112153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.112620] kthread+0x337/0x6f0 [ 28.112800] ret_from_fork+0x116/0x1d0 [ 28.113033] ret_from_fork_asm+0x1a/0x30 [ 28.113173] [ 28.113263] The buggy address belongs to the object at ffff8881053c7b80 [ 28.113263] which belongs to the cache kmalloc-64 of size 64 [ 28.113786] The buggy address is located 0 bytes to the right of [ 28.113786] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.114415] [ 28.114515] The buggy address belongs to the physical page: [ 28.114823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.115164] flags: 0x200000000000000(node=0|zone=2) [ 28.115386] page_type: f5(slab) [ 28.115526] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.115839] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.116125] page dumped because: kasan: bad access detected [ 28.116341] [ 28.116442] Memory state around the buggy address: [ 28.116591] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.116802] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.117011] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.117217] ^ [ 28.117375] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.117583] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.117789] ================================================================== [ 27.092081] ================================================================== [ 27.092393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 27.092717] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.093192] [ 27.093313] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.093381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.093405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.093426] Call Trace: [ 27.093441] <TASK> [ 27.093455] dump_stack_lvl+0x73/0xb0 [ 27.093486] print_report+0xd1/0x640 [ 27.093507] ? __virt_addr_valid+0x1db/0x2d0 [ 27.093530] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.093552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.093577] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.093598] kasan_report+0x141/0x180 [ 27.093619] ? kasan_atomics_helper+0x4b3a/0x5450 [ 27.093644] __asan_report_store4_noabort+0x1b/0x30 [ 27.093668] kasan_atomics_helper+0x4b3a/0x5450 [ 27.093689] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.093711] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.093734] ? kasan_atomics+0x152/0x310 [ 27.093759] kasan_atomics+0x1dc/0x310 [ 27.093780] ? __pfx_kasan_atomics+0x10/0x10 [ 27.093803] ? __pfx_read_tsc+0x10/0x10 [ 27.093833] ? ktime_get_ts64+0x86/0x230 [ 27.093858] kunit_try_run_case+0x1a5/0x480 [ 27.093882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.093914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.093948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.093980] ? __kthread_parkme+0x82/0x180 [ 27.093999] ? preempt_count_sub+0x50/0x80 [ 27.094022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.094046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.094068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.094091] kthread+0x337/0x6f0 [ 27.094110] ? trace_preempt_on+0x20/0xc0 [ 27.094132] ? __pfx_kthread+0x10/0x10 [ 27.094152] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.094182] ? calculate_sigpending+0x7b/0xa0 [ 27.094206] ? __pfx_kthread+0x10/0x10 [ 27.094329] ret_from_fork+0x116/0x1d0 [ 27.094349] ? __pfx_kthread+0x10/0x10 [ 27.094369] ret_from_fork_asm+0x1a/0x30 [ 27.094399] </TASK> [ 27.094410] [ 27.103060] Allocated by task 313: [ 27.103237] kasan_save_stack+0x45/0x70 [ 27.103448] kasan_save_track+0x18/0x40 [ 27.103624] kasan_save_alloc_info+0x3b/0x50 [ 27.103843] __kasan_kmalloc+0xb7/0xc0 [ 27.104002] __kmalloc_cache_noprof+0x189/0x420 [ 27.104319] kasan_atomics+0x95/0x310 [ 27.104459] kunit_try_run_case+0x1a5/0x480 [ 27.104598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.104765] kthread+0x337/0x6f0 [ 27.105013] ret_from_fork+0x116/0x1d0 [ 27.105405] ret_from_fork_asm+0x1a/0x30 [ 27.105595] [ 27.105682] The buggy address belongs to the object at ffff8881053c7b80 [ 27.105682] which belongs to the cache kmalloc-64 of size 64 [ 27.106185] The buggy address is located 0 bytes to the right of [ 27.106185] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.108366] [ 27.108678] The buggy address belongs to the physical page: [ 27.109263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.109613] flags: 0x200000000000000(node=0|zone=2) [ 27.109821] page_type: f5(slab) [ 27.109971] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.110261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.111447] page dumped because: kasan: bad access detected [ 27.111681] [ 27.111760] Memory state around the buggy address: [ 27.112506] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.113353] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.113842] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.114141] ^ [ 27.114351] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.114633] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.115412] ================================================================== [ 27.155773] ================================================================== [ 27.156503] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 27.156896] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.157328] [ 27.157413] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.157462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.157474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.157496] Call Trace: [ 27.157513] <TASK> [ 27.157528] dump_stack_lvl+0x73/0xb0 [ 27.157558] print_report+0xd1/0x640 [ 27.157581] ? __virt_addr_valid+0x1db/0x2d0 [ 27.157604] ? kasan_atomics_helper+0x697/0x5450 [ 27.157625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.157649] ? kasan_atomics_helper+0x697/0x5450 [ 27.157669] kasan_report+0x141/0x180 [ 27.157690] ? kasan_atomics_helper+0x697/0x5450 [ 27.157728] kasan_check_range+0x10c/0x1c0 [ 27.157752] __kasan_check_write+0x18/0x20 [ 27.157774] kasan_atomics_helper+0x697/0x5450 [ 27.157810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.157831] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.157856] ? kasan_atomics+0x152/0x310 [ 27.157880] kasan_atomics+0x1dc/0x310 [ 27.157902] ? __pfx_kasan_atomics+0x10/0x10 [ 27.157935] ? __pfx_read_tsc+0x10/0x10 [ 27.157956] ? ktime_get_ts64+0x86/0x230 [ 27.157980] kunit_try_run_case+0x1a5/0x480 [ 27.158069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.158092] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.158142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.158175] ? __kthread_parkme+0x82/0x180 [ 27.158195] ? preempt_count_sub+0x50/0x80 [ 27.158229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.158251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.158274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.158305] kthread+0x337/0x6f0 [ 27.158333] ? trace_preempt_on+0x20/0xc0 [ 27.158356] ? __pfx_kthread+0x10/0x10 [ 27.158376] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.158415] ? calculate_sigpending+0x7b/0xa0 [ 27.158440] ? __pfx_kthread+0x10/0x10 [ 27.158461] ret_from_fork+0x116/0x1d0 [ 27.158479] ? __pfx_kthread+0x10/0x10 [ 27.158499] ret_from_fork_asm+0x1a/0x30 [ 27.158540] </TASK> [ 27.158550] [ 27.166954] Allocated by task 313: [ 27.167135] kasan_save_stack+0x45/0x70 [ 27.167308] kasan_save_track+0x18/0x40 [ 27.167437] kasan_save_alloc_info+0x3b/0x50 [ 27.167637] __kasan_kmalloc+0xb7/0xc0 [ 27.167829] __kmalloc_cache_noprof+0x189/0x420 [ 27.168131] kasan_atomics+0x95/0x310 [ 27.168265] kunit_try_run_case+0x1a5/0x480 [ 27.168416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.168584] kthread+0x337/0x6f0 [ 27.168696] ret_from_fork+0x116/0x1d0 [ 27.168839] ret_from_fork_asm+0x1a/0x30 [ 27.169118] [ 27.169208] The buggy address belongs to the object at ffff8881053c7b80 [ 27.169208] which belongs to the cache kmalloc-64 of size 64 [ 27.170065] The buggy address is located 0 bytes to the right of [ 27.170065] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.170497] [ 27.170588] The buggy address belongs to the physical page: [ 27.170840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.171485] flags: 0x200000000000000(node=0|zone=2) [ 27.171725] page_type: f5(slab) [ 27.172052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.172400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.172734] page dumped because: kasan: bad access detected [ 27.173023] [ 27.173140] Memory state around the buggy address: [ 27.173339] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.173659] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.174025] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.174341] ^ [ 27.174557] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.175032] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.175368] ================================================================== [ 27.481941] ================================================================== [ 27.482609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 27.483179] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.483480] [ 27.483684] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.483734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.483748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.483772] Call Trace: [ 27.483786] <TASK> [ 27.484137] dump_stack_lvl+0x73/0xb0 [ 27.484177] print_report+0xd1/0x640 [ 27.484203] ? __virt_addr_valid+0x1db/0x2d0 [ 27.484230] ? kasan_atomics_helper+0xf10/0x5450 [ 27.484252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.484330] ? kasan_atomics_helper+0xf10/0x5450 [ 27.484352] kasan_report+0x141/0x180 [ 27.484376] ? kasan_atomics_helper+0xf10/0x5450 [ 27.484401] kasan_check_range+0x10c/0x1c0 [ 27.484425] __kasan_check_write+0x18/0x20 [ 27.484449] kasan_atomics_helper+0xf10/0x5450 [ 27.484472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.484495] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.484520] ? kasan_atomics+0x152/0x310 [ 27.484547] kasan_atomics+0x1dc/0x310 [ 27.484570] ? __pfx_kasan_atomics+0x10/0x10 [ 27.484594] ? __pfx_read_tsc+0x10/0x10 [ 27.484616] ? ktime_get_ts64+0x86/0x230 [ 27.484642] kunit_try_run_case+0x1a5/0x480 [ 27.484666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.484689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.484725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.484758] ? __kthread_parkme+0x82/0x180 [ 27.484779] ? preempt_count_sub+0x50/0x80 [ 27.484816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.484840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.484864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.484897] kthread+0x337/0x6f0 [ 27.484917] ? trace_preempt_on+0x20/0xc0 [ 27.484942] ? __pfx_kthread+0x10/0x10 [ 27.484963] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.484994] ? calculate_sigpending+0x7b/0xa0 [ 27.485020] ? __pfx_kthread+0x10/0x10 [ 27.485043] ret_from_fork+0x116/0x1d0 [ 27.485064] ? __pfx_kthread+0x10/0x10 [ 27.485085] ret_from_fork_asm+0x1a/0x30 [ 27.485116] </TASK> [ 27.485128] [ 27.497049] Allocated by task 313: [ 27.497664] kasan_save_stack+0x45/0x70 [ 27.498081] kasan_save_track+0x18/0x40 [ 27.498557] kasan_save_alloc_info+0x3b/0x50 [ 27.498928] __kasan_kmalloc+0xb7/0xc0 [ 27.499257] __kmalloc_cache_noprof+0x189/0x420 [ 27.499606] kasan_atomics+0x95/0x310 [ 27.499780] kunit_try_run_case+0x1a5/0x480 [ 27.500213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.500466] kthread+0x337/0x6f0 [ 27.500611] ret_from_fork+0x116/0x1d0 [ 27.500783] ret_from_fork_asm+0x1a/0x30 [ 27.501274] [ 27.501545] The buggy address belongs to the object at ffff8881053c7b80 [ 27.501545] which belongs to the cache kmalloc-64 of size 64 [ 27.502402] The buggy address is located 0 bytes to the right of [ 27.502402] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.503424] [ 27.503658] The buggy address belongs to the physical page: [ 27.504255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.504768] flags: 0x200000000000000(node=0|zone=2) [ 27.505153] page_type: f5(slab) [ 27.505328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.505628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.506200] page dumped because: kasan: bad access detected [ 27.506596] [ 27.506827] Memory state around the buggy address: [ 27.507251] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.507685] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.508127] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.508430] ^ [ 27.508640] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.509200] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.509712] ================================================================== [ 27.004258] ================================================================== [ 27.005086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 27.005384] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.005835] [ 27.006171] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.006225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.006238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.006386] Call Trace: [ 27.006409] <TASK> [ 27.006427] dump_stack_lvl+0x73/0xb0 [ 27.006462] print_report+0xd1/0x640 [ 27.006485] ? __virt_addr_valid+0x1db/0x2d0 [ 27.006508] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.006529] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.006554] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.006574] kasan_report+0x141/0x180 [ 27.006596] ? kasan_atomics_helper+0x4b6e/0x5450 [ 27.006621] __asan_report_store4_noabort+0x1b/0x30 [ 27.006644] kasan_atomics_helper+0x4b6e/0x5450 [ 27.006674] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.006695] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.006721] ? kasan_atomics+0x152/0x310 [ 27.006746] kasan_atomics+0x1dc/0x310 [ 27.006769] ? __pfx_kasan_atomics+0x10/0x10 [ 27.006792] ? __pfx_read_tsc+0x10/0x10 [ 27.006870] ? ktime_get_ts64+0x86/0x230 [ 27.006897] kunit_try_run_case+0x1a5/0x480 [ 27.006921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.006943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.006978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.007010] ? __kthread_parkme+0x82/0x180 [ 27.007030] ? preempt_count_sub+0x50/0x80 [ 27.007053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.007076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.007098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.007120] kthread+0x337/0x6f0 [ 27.007139] ? trace_preempt_on+0x20/0xc0 [ 27.007162] ? __pfx_kthread+0x10/0x10 [ 27.007182] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.007211] ? calculate_sigpending+0x7b/0xa0 [ 27.007235] ? __pfx_kthread+0x10/0x10 [ 27.007255] ret_from_fork+0x116/0x1d0 [ 27.007274] ? __pfx_kthread+0x10/0x10 [ 27.007305] ret_from_fork_asm+0x1a/0x30 [ 27.007336] </TASK> [ 27.007347] [ 27.017310] Allocated by task 313: [ 27.018030] kasan_save_stack+0x45/0x70 [ 27.018472] kasan_save_track+0x18/0x40 [ 27.019092] kasan_save_alloc_info+0x3b/0x50 [ 27.019430] __kasan_kmalloc+0xb7/0xc0 [ 27.019659] __kmalloc_cache_noprof+0x189/0x420 [ 27.020146] kasan_atomics+0x95/0x310 [ 27.020289] kunit_try_run_case+0x1a5/0x480 [ 27.020427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.020591] kthread+0x337/0x6f0 [ 27.020700] ret_from_fork+0x116/0x1d0 [ 27.021040] ret_from_fork_asm+0x1a/0x30 [ 27.021438] [ 27.021593] The buggy address belongs to the object at ffff8881053c7b80 [ 27.021593] which belongs to the cache kmalloc-64 of size 64 [ 27.022991] The buggy address is located 0 bytes to the right of [ 27.022991] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.024195] [ 27.024368] The buggy address belongs to the physical page: [ 27.024738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.025290] flags: 0x200000000000000(node=0|zone=2) [ 27.025457] page_type: f5(slab) [ 27.025574] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.025915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.026605] page dumped because: kasan: bad access detected [ 27.027248] [ 27.027420] Memory state around the buggy address: [ 27.027935] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.028572] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.029139] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.029403] ^ [ 27.029904] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.030338] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.030546] ================================================================== [ 27.199241] ================================================================== [ 27.199668] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 27.200702] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.201524] [ 27.201860] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.201920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.201933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.201956] Call Trace: [ 27.201976] <TASK> [ 27.201995] dump_stack_lvl+0x73/0xb0 [ 27.202030] print_report+0xd1/0x640 [ 27.202054] ? __virt_addr_valid+0x1db/0x2d0 [ 27.202078] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.202098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.202125] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.202147] kasan_report+0x141/0x180 [ 27.202168] ? kasan_atomics_helper+0x7c7/0x5450 [ 27.202193] kasan_check_range+0x10c/0x1c0 [ 27.202217] __kasan_check_write+0x18/0x20 [ 27.202240] kasan_atomics_helper+0x7c7/0x5450 [ 27.202262] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.202299] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.202450] ? kasan_atomics+0x152/0x310 [ 27.202481] kasan_atomics+0x1dc/0x310 [ 27.202505] ? __pfx_kasan_atomics+0x10/0x10 [ 27.202529] ? __pfx_read_tsc+0x10/0x10 [ 27.202551] ? ktime_get_ts64+0x86/0x230 [ 27.202575] kunit_try_run_case+0x1a5/0x480 [ 27.202640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.202668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.202706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.202738] ? __kthread_parkme+0x82/0x180 [ 27.202758] ? preempt_count_sub+0x50/0x80 [ 27.202781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.202827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.202865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.202887] kthread+0x337/0x6f0 [ 27.202906] ? trace_preempt_on+0x20/0xc0 [ 27.202929] ? __pfx_kthread+0x10/0x10 [ 27.202948] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.202978] ? calculate_sigpending+0x7b/0xa0 [ 27.203002] ? __pfx_kthread+0x10/0x10 [ 27.203022] ret_from_fork+0x116/0x1d0 [ 27.203041] ? __pfx_kthread+0x10/0x10 [ 27.203060] ret_from_fork_asm+0x1a/0x30 [ 27.203091] </TASK> [ 27.203101] [ 27.213685] Allocated by task 313: [ 27.213833] kasan_save_stack+0x45/0x70 [ 27.213985] kasan_save_track+0x18/0x40 [ 27.214252] kasan_save_alloc_info+0x3b/0x50 [ 27.214598] __kasan_kmalloc+0xb7/0xc0 [ 27.214791] __kmalloc_cache_noprof+0x189/0x420 [ 27.215116] kasan_atomics+0x95/0x310 [ 27.215331] kunit_try_run_case+0x1a5/0x480 [ 27.215477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.215688] kthread+0x337/0x6f0 [ 27.216041] ret_from_fork+0x116/0x1d0 [ 27.216267] ret_from_fork_asm+0x1a/0x30 [ 27.216476] [ 27.216567] The buggy address belongs to the object at ffff8881053c7b80 [ 27.216567] which belongs to the cache kmalloc-64 of size 64 [ 27.217154] The buggy address is located 0 bytes to the right of [ 27.217154] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.217656] [ 27.217770] The buggy address belongs to the physical page: [ 27.218147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.218465] flags: 0x200000000000000(node=0|zone=2) [ 27.218708] page_type: f5(slab) [ 27.218935] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.219237] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.219606] page dumped because: kasan: bad access detected [ 27.219855] [ 27.219944] Memory state around the buggy address: [ 27.220163] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.220737] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.221377] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.221589] ^ [ 27.221848] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.222194] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.222519] ================================================================== [ 27.343766] ================================================================== [ 27.344096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 27.344598] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.344975] [ 27.345084] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.345132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.345144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.345167] Call Trace: [ 27.345185] <TASK> [ 27.345201] dump_stack_lvl+0x73/0xb0 [ 27.345232] print_report+0xd1/0x640 [ 27.345253] ? __virt_addr_valid+0x1db/0x2d0 [ 27.345276] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.345311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.345337] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.345359] kasan_report+0x141/0x180 [ 27.345381] ? kasan_atomics_helper+0xb6a/0x5450 [ 27.345405] kasan_check_range+0x10c/0x1c0 [ 27.345428] __kasan_check_write+0x18/0x20 [ 27.345450] kasan_atomics_helper+0xb6a/0x5450 [ 27.345471] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.345493] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.345517] ? kasan_atomics+0x152/0x310 [ 27.345542] kasan_atomics+0x1dc/0x310 [ 27.345564] ? __pfx_kasan_atomics+0x10/0x10 [ 27.345587] ? __pfx_read_tsc+0x10/0x10 [ 27.345609] ? ktime_get_ts64+0x86/0x230 [ 27.345633] kunit_try_run_case+0x1a5/0x480 [ 27.345656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.345678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.345711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.345744] ? __kthread_parkme+0x82/0x180 [ 27.345764] ? preempt_count_sub+0x50/0x80 [ 27.345787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.345821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.345844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.345866] kthread+0x337/0x6f0 [ 27.345885] ? trace_preempt_on+0x20/0xc0 [ 27.345909] ? __pfx_kthread+0x10/0x10 [ 27.345929] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.345964] ? calculate_sigpending+0x7b/0xa0 [ 27.345989] ? __pfx_kthread+0x10/0x10 [ 27.346011] ret_from_fork+0x116/0x1d0 [ 27.346030] ? __pfx_kthread+0x10/0x10 [ 27.346051] ret_from_fork_asm+0x1a/0x30 [ 27.346082] </TASK> [ 27.346094] [ 27.353798] Allocated by task 313: [ 27.353970] kasan_save_stack+0x45/0x70 [ 27.354144] kasan_save_track+0x18/0x40 [ 27.354309] kasan_save_alloc_info+0x3b/0x50 [ 27.354512] __kasan_kmalloc+0xb7/0xc0 [ 27.354697] __kmalloc_cache_noprof+0x189/0x420 [ 27.354905] kasan_atomics+0x95/0x310 [ 27.355058] kunit_try_run_case+0x1a5/0x480 [ 27.356640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.356824] kthread+0x337/0x6f0 [ 27.356938] ret_from_fork+0x116/0x1d0 [ 27.357063] ret_from_fork_asm+0x1a/0x30 [ 27.357196] [ 27.357262] The buggy address belongs to the object at ffff8881053c7b80 [ 27.357262] which belongs to the cache kmalloc-64 of size 64 [ 27.357792] The buggy address is located 0 bytes to the right of [ 27.357792] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.358632] [ 27.358733] The buggy address belongs to the physical page: [ 27.359129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.359451] flags: 0x200000000000000(node=0|zone=2) [ 27.359612] page_type: f5(slab) [ 27.359763] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.360216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.360557] page dumped because: kasan: bad access detected [ 27.360724] [ 27.360786] Memory state around the buggy address: [ 27.361286] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.361622] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.362013] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.362326] ^ [ 27.362643] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.363052] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.363362] ================================================================== [ 27.386694] ================================================================== [ 27.387260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 27.387514] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.388188] [ 27.388318] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.388367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.388381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.388405] Call Trace: [ 27.388423] <TASK> [ 27.388440] dump_stack_lvl+0x73/0xb0 [ 27.388474] print_report+0xd1/0x640 [ 27.388498] ? __virt_addr_valid+0x1db/0x2d0 [ 27.388523] ? kasan_atomics_helper+0x4a84/0x5450 [ 27.388544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.388571] ? kasan_atomics_helper+0x4a84/0x5450 [ 27.388592] kasan_report+0x141/0x180 [ 27.388615] ? kasan_atomics_helper+0x4a84/0x5450 [ 27.388641] __asan_report_load4_noabort+0x18/0x20 [ 27.388666] kasan_atomics_helper+0x4a84/0x5450 [ 27.388689] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.388711] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.388736] ? kasan_atomics+0x152/0x310 [ 27.388762] kasan_atomics+0x1dc/0x310 [ 27.388786] ? __pfx_kasan_atomics+0x10/0x10 [ 27.388849] ? __pfx_read_tsc+0x10/0x10 [ 27.388871] ? ktime_get_ts64+0x86/0x230 [ 27.388897] kunit_try_run_case+0x1a5/0x480 [ 27.388923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.388946] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.388981] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.389015] ? __kthread_parkme+0x82/0x180 [ 27.389036] ? preempt_count_sub+0x50/0x80 [ 27.389061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.389085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.389108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.389131] kthread+0x337/0x6f0 [ 27.389152] ? trace_preempt_on+0x20/0xc0 [ 27.389187] ? __pfx_kthread+0x10/0x10 [ 27.389208] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.389239] ? calculate_sigpending+0x7b/0xa0 [ 27.389263] ? __pfx_kthread+0x10/0x10 [ 27.389329] ret_from_fork+0x116/0x1d0 [ 27.389349] ? __pfx_kthread+0x10/0x10 [ 27.389370] ret_from_fork_asm+0x1a/0x30 [ 27.389402] </TASK> [ 27.389414] [ 27.398258] Allocated by task 313: [ 27.398488] kasan_save_stack+0x45/0x70 [ 27.398697] kasan_save_track+0x18/0x40 [ 27.399063] kasan_save_alloc_info+0x3b/0x50 [ 27.399224] __kasan_kmalloc+0xb7/0xc0 [ 27.399426] __kmalloc_cache_noprof+0x189/0x420 [ 27.399598] kasan_atomics+0x95/0x310 [ 27.399724] kunit_try_run_case+0x1a5/0x480 [ 27.399885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.400136] kthread+0x337/0x6f0 [ 27.400505] ret_from_fork+0x116/0x1d0 [ 27.400839] ret_from_fork_asm+0x1a/0x30 [ 27.401155] [ 27.401250] The buggy address belongs to the object at ffff8881053c7b80 [ 27.401250] which belongs to the cache kmalloc-64 of size 64 [ 27.401810] The buggy address is located 0 bytes to the right of [ 27.401810] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.402259] [ 27.402546] The buggy address belongs to the physical page: [ 27.402967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.403395] flags: 0x200000000000000(node=0|zone=2) [ 27.403604] page_type: f5(slab) [ 27.403798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.404261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.404751] page dumped because: kasan: bad access detected [ 27.405052] [ 27.405147] Memory state around the buggy address: [ 27.405439] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.405775] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.406189] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.406548] ^ [ 27.406748] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.407232] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.407625] ================================================================== [ 27.116781] ================================================================== [ 27.117401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 27.117875] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.118554] [ 27.118677] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.118728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.118740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.118763] Call Trace: [ 27.118781] <TASK> [ 27.118798] dump_stack_lvl+0x73/0xb0 [ 27.118833] print_report+0xd1/0x640 [ 27.118856] ? __virt_addr_valid+0x1db/0x2d0 [ 27.118879] ? kasan_atomics_helper+0x565/0x5450 [ 27.118899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.118924] ? kasan_atomics_helper+0x565/0x5450 [ 27.118944] kasan_report+0x141/0x180 [ 27.118965] ? kasan_atomics_helper+0x565/0x5450 [ 27.118990] kasan_check_range+0x10c/0x1c0 [ 27.119013] __kasan_check_write+0x18/0x20 [ 27.119035] kasan_atomics_helper+0x565/0x5450 [ 27.119056] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.119077] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.119101] ? kasan_atomics+0x152/0x310 [ 27.119126] kasan_atomics+0x1dc/0x310 [ 27.119148] ? __pfx_kasan_atomics+0x10/0x10 [ 27.119170] ? __pfx_read_tsc+0x10/0x10 [ 27.119192] ? ktime_get_ts64+0x86/0x230 [ 27.119216] kunit_try_run_case+0x1a5/0x480 [ 27.119240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.119262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.119308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.119340] ? __kthread_parkme+0x82/0x180 [ 27.119361] ? preempt_count_sub+0x50/0x80 [ 27.119384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.119407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.119430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.119465] kthread+0x337/0x6f0 [ 27.119484] ? trace_preempt_on+0x20/0xc0 [ 27.119507] ? __pfx_kthread+0x10/0x10 [ 27.119540] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.119569] ? calculate_sigpending+0x7b/0xa0 [ 27.119593] ? __pfx_kthread+0x10/0x10 [ 27.119614] ret_from_fork+0x116/0x1d0 [ 27.119633] ? __pfx_kthread+0x10/0x10 [ 27.119662] ret_from_fork_asm+0x1a/0x30 [ 27.119693] </TASK> [ 27.119703] [ 27.127904] Allocated by task 313: [ 27.128084] kasan_save_stack+0x45/0x70 [ 27.128230] kasan_save_track+0x18/0x40 [ 27.128413] kasan_save_alloc_info+0x3b/0x50 [ 27.128622] __kasan_kmalloc+0xb7/0xc0 [ 27.128802] __kmalloc_cache_noprof+0x189/0x420 [ 27.128982] kasan_atomics+0x95/0x310 [ 27.129376] kunit_try_run_case+0x1a5/0x480 [ 27.129575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.129846] kthread+0x337/0x6f0 [ 27.130054] ret_from_fork+0x116/0x1d0 [ 27.130204] ret_from_fork_asm+0x1a/0x30 [ 27.130421] [ 27.130492] The buggy address belongs to the object at ffff8881053c7b80 [ 27.130492] which belongs to the cache kmalloc-64 of size 64 [ 27.130850] The buggy address is located 0 bytes to the right of [ 27.130850] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.131210] [ 27.131332] The buggy address belongs to the physical page: [ 27.131586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.131931] flags: 0x200000000000000(node=0|zone=2) [ 27.132154] page_type: f5(slab) [ 27.132324] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.132987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.133226] page dumped because: kasan: bad access detected [ 27.133465] [ 27.133552] Memory state around the buggy address: [ 27.133783] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.134114] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.134461] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.134767] ^ [ 27.135005] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.135327] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.135635] ================================================================== [ 27.408128] ================================================================== [ 27.408929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 27.409255] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.409607] [ 27.409710] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.409758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.409772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.409955] Call Trace: [ 27.409979] <TASK> [ 27.410033] dump_stack_lvl+0x73/0xb0 [ 27.410068] print_report+0xd1/0x640 [ 27.410091] ? __virt_addr_valid+0x1db/0x2d0 [ 27.410115] ? kasan_atomics_helper+0xd47/0x5450 [ 27.410136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.410192] ? kasan_atomics_helper+0xd47/0x5450 [ 27.410214] kasan_report+0x141/0x180 [ 27.410236] ? kasan_atomics_helper+0xd47/0x5450 [ 27.410262] kasan_check_range+0x10c/0x1c0 [ 27.410287] __kasan_check_write+0x18/0x20 [ 27.410322] kasan_atomics_helper+0xd47/0x5450 [ 27.410345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.410367] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.410393] ? kasan_atomics+0x152/0x310 [ 27.410419] kasan_atomics+0x1dc/0x310 [ 27.410442] ? __pfx_kasan_atomics+0x10/0x10 [ 27.410501] ? __pfx_read_tsc+0x10/0x10 [ 27.410524] ? ktime_get_ts64+0x86/0x230 [ 27.410550] kunit_try_run_case+0x1a5/0x480 [ 27.410576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.410598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.410665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.410745] ? __kthread_parkme+0x82/0x180 [ 27.410767] ? preempt_count_sub+0x50/0x80 [ 27.410791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.410838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.410863] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.410910] kthread+0x337/0x6f0 [ 27.410993] ? trace_preempt_on+0x20/0xc0 [ 27.411018] ? __pfx_kthread+0x10/0x10 [ 27.411039] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.411070] ? calculate_sigpending+0x7b/0xa0 [ 27.411096] ? __pfx_kthread+0x10/0x10 [ 27.411118] ret_from_fork+0x116/0x1d0 [ 27.411137] ? __pfx_kthread+0x10/0x10 [ 27.411158] ret_from_fork_asm+0x1a/0x30 [ 27.411189] </TASK> [ 27.411201] [ 27.420272] Allocated by task 313: [ 27.420469] kasan_save_stack+0x45/0x70 [ 27.420618] kasan_save_track+0x18/0x40 [ 27.420877] kasan_save_alloc_info+0x3b/0x50 [ 27.421080] __kasan_kmalloc+0xb7/0xc0 [ 27.421258] __kmalloc_cache_noprof+0x189/0x420 [ 27.421570] kasan_atomics+0x95/0x310 [ 27.421718] kunit_try_run_case+0x1a5/0x480 [ 27.422008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.422253] kthread+0x337/0x6f0 [ 27.422380] ret_from_fork+0x116/0x1d0 [ 27.422503] ret_from_fork_asm+0x1a/0x30 [ 27.422632] [ 27.422702] The buggy address belongs to the object at ffff8881053c7b80 [ 27.422702] which belongs to the cache kmalloc-64 of size 64 [ 27.423163] The buggy address is located 0 bytes to the right of [ 27.423163] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.423813] [ 27.423908] The buggy address belongs to the physical page: [ 27.424378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.424942] flags: 0x200000000000000(node=0|zone=2) [ 27.425349] page_type: f5(slab) [ 27.425469] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.425716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.426394] page dumped because: kasan: bad access detected [ 27.426631] [ 27.426700] Memory state around the buggy address: [ 27.426845] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.427077] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.427632] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.427959] ^ [ 27.428356] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.428669] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.429059] ================================================================== [ 28.082691] ================================================================== [ 28.083191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 28.083446] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.083782] [ 28.083939] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.083986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.083999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.084020] Call Trace: [ 28.084036] <TASK> [ 28.084049] dump_stack_lvl+0x73/0xb0 [ 28.084079] print_report+0xd1/0x640 [ 28.084101] ? __virt_addr_valid+0x1db/0x2d0 [ 28.084124] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.084145] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.084171] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.084194] kasan_report+0x141/0x180 [ 28.084216] ? kasan_atomics_helper+0x1c18/0x5450 [ 28.084241] kasan_check_range+0x10c/0x1c0 [ 28.084266] __kasan_check_write+0x18/0x20 [ 28.084289] kasan_atomics_helper+0x1c18/0x5450 [ 28.084312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.084348] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.084372] ? kasan_atomics+0x152/0x310 [ 28.084399] kasan_atomics+0x1dc/0x310 [ 28.084423] ? __pfx_kasan_atomics+0x10/0x10 [ 28.084447] ? __pfx_read_tsc+0x10/0x10 [ 28.084469] ? ktime_get_ts64+0x86/0x230 [ 28.084494] kunit_try_run_case+0x1a5/0x480 [ 28.084521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.084543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.084579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.084613] ? __kthread_parkme+0x82/0x180 [ 28.084633] ? preempt_count_sub+0x50/0x80 [ 28.084657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.084681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.084704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.084728] kthread+0x337/0x6f0 [ 28.084749] ? trace_preempt_on+0x20/0xc0 [ 28.084771] ? __pfx_kthread+0x10/0x10 [ 28.084793] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.084824] ? calculate_sigpending+0x7b/0xa0 [ 28.084848] ? __pfx_kthread+0x10/0x10 [ 28.084869] ret_from_fork+0x116/0x1d0 [ 28.084889] ? __pfx_kthread+0x10/0x10 [ 28.084910] ret_from_fork_asm+0x1a/0x30 [ 28.084942] </TASK> [ 28.084953] [ 28.092993] Allocated by task 313: [ 28.093167] kasan_save_stack+0x45/0x70 [ 28.093309] kasan_save_track+0x18/0x40 [ 28.093457] kasan_save_alloc_info+0x3b/0x50 [ 28.093599] __kasan_kmalloc+0xb7/0xc0 [ 28.093725] __kmalloc_cache_noprof+0x189/0x420 [ 28.093920] kasan_atomics+0x95/0x310 [ 28.094176] kunit_try_run_case+0x1a5/0x480 [ 28.094392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.094637] kthread+0x337/0x6f0 [ 28.094806] ret_from_fork+0x116/0x1d0 [ 28.094987] ret_from_fork_asm+0x1a/0x30 [ 28.095177] [ 28.095265] The buggy address belongs to the object at ffff8881053c7b80 [ 28.095265] which belongs to the cache kmalloc-64 of size 64 [ 28.095661] The buggy address is located 0 bytes to the right of [ 28.095661] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.096202] [ 28.096280] The buggy address belongs to the physical page: [ 28.096663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.097097] flags: 0x200000000000000(node=0|zone=2) [ 28.097314] page_type: f5(slab) [ 28.097493] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.097778] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.098070] page dumped because: kasan: bad access detected [ 28.098274] [ 28.098368] Memory state around the buggy address: [ 28.098565] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.098793] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.099104] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.099439] ^ [ 28.099665] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.100087] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.100304] ================================================================== [ 28.328176] ================================================================== [ 28.329054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 28.329605] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.329819] [ 28.329897] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.329942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.329955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.329978] Call Trace: [ 28.329996] <TASK> [ 28.330011] dump_stack_lvl+0x73/0xb0 [ 28.330042] print_report+0xd1/0x640 [ 28.330081] ? __virt_addr_valid+0x1db/0x2d0 [ 28.330105] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.330126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.330152] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.330174] kasan_report+0x141/0x180 [ 28.330197] ? kasan_atomics_helper+0x4f98/0x5450 [ 28.330223] __asan_report_load8_noabort+0x18/0x20 [ 28.330260] kasan_atomics_helper+0x4f98/0x5450 [ 28.330284] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.330305] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.330340] ? kasan_atomics+0x152/0x310 [ 28.330366] kasan_atomics+0x1dc/0x310 [ 28.330389] ? __pfx_kasan_atomics+0x10/0x10 [ 28.330413] ? __pfx_read_tsc+0x10/0x10 [ 28.330435] ? ktime_get_ts64+0x86/0x230 [ 28.330460] kunit_try_run_case+0x1a5/0x480 [ 28.330484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.330507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.330542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.330576] ? __kthread_parkme+0x82/0x180 [ 28.330596] ? preempt_count_sub+0x50/0x80 [ 28.330619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.330643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.330672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.330695] kthread+0x337/0x6f0 [ 28.330715] ? trace_preempt_on+0x20/0xc0 [ 28.330739] ? __pfx_kthread+0x10/0x10 [ 28.330760] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.330790] ? calculate_sigpending+0x7b/0xa0 [ 28.330826] ? __pfx_kthread+0x10/0x10 [ 28.330859] ret_from_fork+0x116/0x1d0 [ 28.330878] ? __pfx_kthread+0x10/0x10 [ 28.331140] ret_from_fork_asm+0x1a/0x30 [ 28.331171] </TASK> [ 28.331182] [ 28.339720] Allocated by task 313: [ 28.339847] kasan_save_stack+0x45/0x70 [ 28.339990] kasan_save_track+0x18/0x40 [ 28.340182] kasan_save_alloc_info+0x3b/0x50 [ 28.340487] __kasan_kmalloc+0xb7/0xc0 [ 28.341343] __kmalloc_cache_noprof+0x189/0x420 [ 28.341533] kasan_atomics+0x95/0x310 [ 28.341720] kunit_try_run_case+0x1a5/0x480 [ 28.342031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.342365] kthread+0x337/0x6f0 [ 28.342537] ret_from_fork+0x116/0x1d0 [ 28.342815] ret_from_fork_asm+0x1a/0x30 [ 28.343160] [ 28.343317] The buggy address belongs to the object at ffff8881053c7b80 [ 28.343317] which belongs to the cache kmalloc-64 of size 64 [ 28.343791] The buggy address is located 0 bytes to the right of [ 28.343791] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.344576] [ 28.344658] The buggy address belongs to the physical page: [ 28.344901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.345663] flags: 0x200000000000000(node=0|zone=2) [ 28.345958] page_type: f5(slab) [ 28.346118] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.346432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.346801] page dumped because: kasan: bad access detected [ 28.347056] [ 28.347146] Memory state around the buggy address: [ 28.347573] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.348056] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.348391] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.348808] ^ [ 28.349153] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.349893] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.350534] ================================================================== [ 28.008528] ================================================================== [ 28.008831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 28.009180] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.009450] [ 28.009555] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.009613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.009626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.009649] Call Trace: [ 28.009664] <TASK> [ 28.009678] dump_stack_lvl+0x73/0xb0 [ 28.009708] print_report+0xd1/0x640 [ 28.009731] ? __virt_addr_valid+0x1db/0x2d0 [ 28.009754] ? kasan_atomics_helper+0x194a/0x5450 [ 28.009775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.009943] ? kasan_atomics_helper+0x194a/0x5450 [ 28.009972] kasan_report+0x141/0x180 [ 28.009995] ? kasan_atomics_helper+0x194a/0x5450 [ 28.010022] kasan_check_range+0x10c/0x1c0 [ 28.010046] __kasan_check_write+0x18/0x20 [ 28.010070] kasan_atomics_helper+0x194a/0x5450 [ 28.010093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.010115] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.010140] ? kasan_atomics+0x152/0x310 [ 28.010166] kasan_atomics+0x1dc/0x310 [ 28.010188] ? __pfx_kasan_atomics+0x10/0x10 [ 28.010214] ? __pfx_read_tsc+0x10/0x10 [ 28.010235] ? ktime_get_ts64+0x86/0x230 [ 28.010260] kunit_try_run_case+0x1a5/0x480 [ 28.010284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.010307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.010359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.010393] ? __kthread_parkme+0x82/0x180 [ 28.010413] ? preempt_count_sub+0x50/0x80 [ 28.010439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.010462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.010486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.010509] kthread+0x337/0x6f0 [ 28.010530] ? trace_preempt_on+0x20/0xc0 [ 28.010553] ? __pfx_kthread+0x10/0x10 [ 28.010574] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.010604] ? calculate_sigpending+0x7b/0xa0 [ 28.010628] ? __pfx_kthread+0x10/0x10 [ 28.010650] ret_from_fork+0x116/0x1d0 [ 28.010673] ? __pfx_kthread+0x10/0x10 [ 28.010694] ret_from_fork_asm+0x1a/0x30 [ 28.010725] </TASK> [ 28.010736] [ 28.019371] Allocated by task 313: [ 28.019537] kasan_save_stack+0x45/0x70 [ 28.019715] kasan_save_track+0x18/0x40 [ 28.019907] kasan_save_alloc_info+0x3b/0x50 [ 28.020168] __kasan_kmalloc+0xb7/0xc0 [ 28.020370] __kmalloc_cache_noprof+0x189/0x420 [ 28.020541] kasan_atomics+0x95/0x310 [ 28.020669] kunit_try_run_case+0x1a5/0x480 [ 28.020808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.020977] kthread+0x337/0x6f0 [ 28.021095] ret_from_fork+0x116/0x1d0 [ 28.021291] ret_from_fork_asm+0x1a/0x30 [ 28.021491] [ 28.021582] The buggy address belongs to the object at ffff8881053c7b80 [ 28.021582] which belongs to the cache kmalloc-64 of size 64 [ 28.022078] The buggy address is located 0 bytes to the right of [ 28.022078] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.022774] [ 28.022877] The buggy address belongs to the physical page: [ 28.023058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.023410] flags: 0x200000000000000(node=0|zone=2) [ 28.023627] page_type: f5(slab) [ 28.023758] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.024034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.024255] page dumped because: kasan: bad access detected [ 28.024707] [ 28.024808] Memory state around the buggy address: [ 28.025096] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.025426] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.025739] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.026277] ^ [ 28.026471] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.026691] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.026898] ================================================================== [ 28.118148] ================================================================== [ 28.118494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 28.119225] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.119558] [ 28.119663] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.119709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.119722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.119744] Call Trace: [ 28.119760] <TASK> [ 28.119776] dump_stack_lvl+0x73/0xb0 [ 28.119805] print_report+0xd1/0x640 [ 28.119827] ? __virt_addr_valid+0x1db/0x2d0 [ 28.119850] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.119872] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.119899] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.119920] kasan_report+0x141/0x180 [ 28.119943] ? kasan_atomics_helper+0x1ce1/0x5450 [ 28.119969] kasan_check_range+0x10c/0x1c0 [ 28.119993] __kasan_check_write+0x18/0x20 [ 28.120016] kasan_atomics_helper+0x1ce1/0x5450 [ 28.120039] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.120062] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.120087] ? kasan_atomics+0x152/0x310 [ 28.120113] kasan_atomics+0x1dc/0x310 [ 28.120137] ? __pfx_kasan_atomics+0x10/0x10 [ 28.120161] ? __pfx_read_tsc+0x10/0x10 [ 28.120183] ? ktime_get_ts64+0x86/0x230 [ 28.120209] kunit_try_run_case+0x1a5/0x480 [ 28.120233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.120256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.120292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.120336] ? __kthread_parkme+0x82/0x180 [ 28.120356] ? preempt_count_sub+0x50/0x80 [ 28.120379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.120403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.120427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.120450] kthread+0x337/0x6f0 [ 28.120470] ? trace_preempt_on+0x20/0xc0 [ 28.120494] ? __pfx_kthread+0x10/0x10 [ 28.120515] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.120546] ? calculate_sigpending+0x7b/0xa0 [ 28.120570] ? __pfx_kthread+0x10/0x10 [ 28.120592] ret_from_fork+0x116/0x1d0 [ 28.120611] ? __pfx_kthread+0x10/0x10 [ 28.120632] ret_from_fork_asm+0x1a/0x30 [ 28.120663] </TASK> [ 28.120674] [ 28.132371] Allocated by task 313: [ 28.132530] kasan_save_stack+0x45/0x70 [ 28.132723] kasan_save_track+0x18/0x40 [ 28.132927] kasan_save_alloc_info+0x3b/0x50 [ 28.133901] __kasan_kmalloc+0xb7/0xc0 [ 28.134048] __kmalloc_cache_noprof+0x189/0x420 [ 28.134285] kasan_atomics+0x95/0x310 [ 28.134492] kunit_try_run_case+0x1a5/0x480 [ 28.134696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.135674] kthread+0x337/0x6f0 [ 28.136000] ret_from_fork+0x116/0x1d0 [ 28.136132] ret_from_fork_asm+0x1a/0x30 [ 28.136348] [ 28.136441] The buggy address belongs to the object at ffff8881053c7b80 [ 28.136441] which belongs to the cache kmalloc-64 of size 64 [ 28.137181] The buggy address is located 0 bytes to the right of [ 28.137181] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.137570] [ 28.137639] The buggy address belongs to the physical page: [ 28.137806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.138047] flags: 0x200000000000000(node=0|zone=2) [ 28.139446] page_type: f5(slab) [ 28.140159] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.141407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.142793] page dumped because: kasan: bad access detected [ 28.143916] [ 28.144307] Memory state around the buggy address: [ 28.144929] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.145165] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.145833] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.146908] ^ [ 28.147736] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.148700] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.149503] ================================================================== [ 27.511054] ================================================================== [ 27.511390] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 27.511702] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.512376] [ 27.512610] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.512667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.512681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.512808] Call Trace: [ 27.512831] <TASK> [ 27.512849] dump_stack_lvl+0x73/0xb0 [ 27.512885] print_report+0xd1/0x640 [ 27.512908] ? __virt_addr_valid+0x1db/0x2d0 [ 27.512934] ? kasan_atomics_helper+0xfa9/0x5450 [ 27.512964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.512990] ? kasan_atomics_helper+0xfa9/0x5450 [ 27.513026] kasan_report+0x141/0x180 [ 27.513050] ? kasan_atomics_helper+0xfa9/0x5450 [ 27.513076] kasan_check_range+0x10c/0x1c0 [ 27.513100] __kasan_check_write+0x18/0x20 [ 27.513124] kasan_atomics_helper+0xfa9/0x5450 [ 27.513146] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.513169] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.513194] ? kasan_atomics+0x152/0x310 [ 27.513220] kasan_atomics+0x1dc/0x310 [ 27.513243] ? __pfx_kasan_atomics+0x10/0x10 [ 27.513268] ? __pfx_read_tsc+0x10/0x10 [ 27.513292] ? ktime_get_ts64+0x86/0x230 [ 27.513327] kunit_try_run_case+0x1a5/0x480 [ 27.513353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.513376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.513412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.513446] ? __kthread_parkme+0x82/0x180 [ 27.513468] ? preempt_count_sub+0x50/0x80 [ 27.513493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.513518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.513541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.513566] kthread+0x337/0x6f0 [ 27.513586] ? trace_preempt_on+0x20/0xc0 [ 27.513610] ? __pfx_kthread+0x10/0x10 [ 27.513631] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.513662] ? calculate_sigpending+0x7b/0xa0 [ 27.513686] ? __pfx_kthread+0x10/0x10 [ 27.513709] ret_from_fork+0x116/0x1d0 [ 27.513728] ? __pfx_kthread+0x10/0x10 [ 27.513749] ret_from_fork_asm+0x1a/0x30 [ 27.513780] </TASK> [ 27.513793] [ 27.526156] Allocated by task 313: [ 27.526364] kasan_save_stack+0x45/0x70 [ 27.526560] kasan_save_track+0x18/0x40 [ 27.526741] kasan_save_alloc_info+0x3b/0x50 [ 27.527284] __kasan_kmalloc+0xb7/0xc0 [ 27.527659] __kmalloc_cache_noprof+0x189/0x420 [ 27.527996] kasan_atomics+0x95/0x310 [ 27.528372] kunit_try_run_case+0x1a5/0x480 [ 27.528569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.528789] kthread+0x337/0x6f0 [ 27.529205] ret_from_fork+0x116/0x1d0 [ 27.529498] ret_from_fork_asm+0x1a/0x30 [ 27.529827] [ 27.530075] The buggy address belongs to the object at ffff8881053c7b80 [ 27.530075] which belongs to the cache kmalloc-64 of size 64 [ 27.530557] The buggy address is located 0 bytes to the right of [ 27.530557] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.531535] [ 27.531772] The buggy address belongs to the physical page: [ 27.532257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.532845] flags: 0x200000000000000(node=0|zone=2) [ 27.533196] page_type: f5(slab) [ 27.533514] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.534037] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.534442] page dumped because: kasan: bad access detected [ 27.534803] [ 27.534982] Memory state around the buggy address: [ 27.535407] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.535696] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.536486] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.536956] ^ [ 27.537438] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.537944] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.538621] ================================================================== [ 27.988248] ================================================================== [ 27.988561] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 27.988846] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.989164] [ 27.989242] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.989287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.989300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.989334] Call Trace: [ 27.989352] <TASK> [ 27.989368] dump_stack_lvl+0x73/0xb0 [ 27.989398] print_report+0xd1/0x640 [ 27.989421] ? __virt_addr_valid+0x1db/0x2d0 [ 27.989445] ? kasan_atomics_helper+0x18b1/0x5450 [ 27.989466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.989493] ? kasan_atomics_helper+0x18b1/0x5450 [ 27.989515] kasan_report+0x141/0x180 [ 27.989538] ? kasan_atomics_helper+0x18b1/0x5450 [ 27.989564] kasan_check_range+0x10c/0x1c0 [ 27.989589] __kasan_check_write+0x18/0x20 [ 27.989613] kasan_atomics_helper+0x18b1/0x5450 [ 27.989636] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.989658] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.989683] ? kasan_atomics+0x152/0x310 [ 27.989709] kasan_atomics+0x1dc/0x310 [ 27.989732] ? __pfx_kasan_atomics+0x10/0x10 [ 27.989757] ? __pfx_read_tsc+0x10/0x10 [ 27.989779] ? ktime_get_ts64+0x86/0x230 [ 27.989803] kunit_try_run_case+0x1a5/0x480 [ 27.989828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.989851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.989887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.989933] ? __kthread_parkme+0x82/0x180 [ 27.989954] ? preempt_count_sub+0x50/0x80 [ 27.989978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.990013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.990037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.990060] kthread+0x337/0x6f0 [ 27.990081] ? trace_preempt_on+0x20/0xc0 [ 27.990105] ? __pfx_kthread+0x10/0x10 [ 27.990126] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.990157] ? calculate_sigpending+0x7b/0xa0 [ 27.990182] ? __pfx_kthread+0x10/0x10 [ 27.990203] ret_from_fork+0x116/0x1d0 [ 27.990224] ? __pfx_kthread+0x10/0x10 [ 27.990244] ret_from_fork_asm+0x1a/0x30 [ 27.990275] </TASK> [ 27.990286] [ 27.998261] Allocated by task 313: [ 27.998398] kasan_save_stack+0x45/0x70 [ 27.998538] kasan_save_track+0x18/0x40 [ 27.998669] kasan_save_alloc_info+0x3b/0x50 [ 27.998882] __kasan_kmalloc+0xb7/0xc0 [ 27.999368] __kmalloc_cache_noprof+0x189/0x420 [ 27.999587] kasan_atomics+0x95/0x310 [ 27.999766] kunit_try_run_case+0x1a5/0x480 [ 27.999967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.000209] kthread+0x337/0x6f0 [ 28.000388] ret_from_fork+0x116/0x1d0 [ 28.000568] ret_from_fork_asm+0x1a/0x30 [ 28.000758] [ 28.000846] The buggy address belongs to the object at ffff8881053c7b80 [ 28.000846] which belongs to the cache kmalloc-64 of size 64 [ 28.002633] The buggy address is located 0 bytes to the right of [ 28.002633] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.003714] [ 28.003956] The buggy address belongs to the physical page: [ 28.004209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.004513] flags: 0x200000000000000(node=0|zone=2) [ 28.004745] page_type: f5(slab) [ 28.005036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.005338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.005611] page dumped because: kasan: bad access detected [ 28.006065] [ 28.006148] Memory state around the buggy address: [ 28.006349] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.006651] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.007000] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.007305] ^ [ 28.007509] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.007791] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.008064] ================================================================== [ 28.269632] ================================================================== [ 28.270381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 28.271169] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.271881] [ 28.272057] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.272105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.272119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.272141] Call Trace: [ 28.272171] <TASK> [ 28.272185] dump_stack_lvl+0x73/0xb0 [ 28.272238] print_report+0xd1/0x640 [ 28.272262] ? __virt_addr_valid+0x1db/0x2d0 [ 28.272285] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.272305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.272341] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.272362] kasan_report+0x141/0x180 [ 28.272385] ? kasan_atomics_helper+0x4f71/0x5450 [ 28.272411] __asan_report_load8_noabort+0x18/0x20 [ 28.272444] kasan_atomics_helper+0x4f71/0x5450 [ 28.272467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.272490] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.272521] ? kasan_atomics+0x152/0x310 [ 28.272547] kasan_atomics+0x1dc/0x310 [ 28.272570] ? __pfx_kasan_atomics+0x10/0x10 [ 28.272594] ? __pfx_read_tsc+0x10/0x10 [ 28.272616] ? ktime_get_ts64+0x86/0x230 [ 28.272642] kunit_try_run_case+0x1a5/0x480 [ 28.272667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.272690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.272729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.272765] ? __kthread_parkme+0x82/0x180 [ 28.272786] ? preempt_count_sub+0x50/0x80 [ 28.272810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.272834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.272859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.272882] kthread+0x337/0x6f0 [ 28.272902] ? trace_preempt_on+0x20/0xc0 [ 28.272925] ? __pfx_kthread+0x10/0x10 [ 28.272946] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.272977] ? calculate_sigpending+0x7b/0xa0 [ 28.273002] ? __pfx_kthread+0x10/0x10 [ 28.273045] ret_from_fork+0x116/0x1d0 [ 28.273066] ? __pfx_kthread+0x10/0x10 [ 28.273094] ret_from_fork_asm+0x1a/0x30 [ 28.273126] </TASK> [ 28.273137] [ 28.285916] Allocated by task 313: [ 28.286067] kasan_save_stack+0x45/0x70 [ 28.286209] kasan_save_track+0x18/0x40 [ 28.286347] kasan_save_alloc_info+0x3b/0x50 [ 28.286555] __kasan_kmalloc+0xb7/0xc0 [ 28.286777] __kmalloc_cache_noprof+0x189/0x420 [ 28.287138] kasan_atomics+0x95/0x310 [ 28.287443] kunit_try_run_case+0x1a5/0x480 [ 28.287694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.288252] kthread+0x337/0x6f0 [ 28.288593] ret_from_fork+0x116/0x1d0 [ 28.288929] ret_from_fork_asm+0x1a/0x30 [ 28.289315] [ 28.289449] The buggy address belongs to the object at ffff8881053c7b80 [ 28.289449] which belongs to the cache kmalloc-64 of size 64 [ 28.290349] The buggy address is located 0 bytes to the right of [ 28.290349] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.291312] [ 28.291474] The buggy address belongs to the physical page: [ 28.291731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.292211] flags: 0x200000000000000(node=0|zone=2) [ 28.292699] page_type: f5(slab) [ 28.293091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.293479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.293701] page dumped because: kasan: bad access detected [ 28.294451] [ 28.294603] Memory state around the buggy address: [ 28.295138] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.295881] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.296751] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.297437] ^ [ 28.297893] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.298481] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.298695] ================================================================== [ 27.364301] ================================================================== [ 27.364643] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 27.365186] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.365502] [ 27.365589] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.365639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.365652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.365676] Call Trace: [ 27.365689] <TASK> [ 27.365705] dump_stack_lvl+0x73/0xb0 [ 27.365737] print_report+0xd1/0x640 [ 27.365761] ? __virt_addr_valid+0x1db/0x2d0 [ 27.365785] ? kasan_atomics_helper+0xc70/0x5450 [ 27.365878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.365906] ? kasan_atomics_helper+0xc70/0x5450 [ 27.365928] kasan_report+0x141/0x180 [ 27.365951] ? kasan_atomics_helper+0xc70/0x5450 [ 27.365977] kasan_check_range+0x10c/0x1c0 [ 27.366003] __kasan_check_write+0x18/0x20 [ 27.366027] kasan_atomics_helper+0xc70/0x5450 [ 27.366050] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.366073] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.366098] ? kasan_atomics+0x152/0x310 [ 27.366125] kasan_atomics+0x1dc/0x310 [ 27.366148] ? __pfx_kasan_atomics+0x10/0x10 [ 27.366173] ? __pfx_read_tsc+0x10/0x10 [ 27.366196] ? ktime_get_ts64+0x86/0x230 [ 27.366222] kunit_try_run_case+0x1a5/0x480 [ 27.366247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.366271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.366321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.366405] ? __kthread_parkme+0x82/0x180 [ 27.366430] ? preempt_count_sub+0x50/0x80 [ 27.366455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.366479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.366505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.366529] kthread+0x337/0x6f0 [ 27.366550] ? trace_preempt_on+0x20/0xc0 [ 27.366574] ? __pfx_kthread+0x10/0x10 [ 27.366596] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.366627] ? calculate_sigpending+0x7b/0xa0 [ 27.366659] ? __pfx_kthread+0x10/0x10 [ 27.366681] ret_from_fork+0x116/0x1d0 [ 27.366701] ? __pfx_kthread+0x10/0x10 [ 27.366723] ret_from_fork_asm+0x1a/0x30 [ 27.366755] </TASK> [ 27.366768] [ 27.376722] Allocated by task 313: [ 27.377007] kasan_save_stack+0x45/0x70 [ 27.377256] kasan_save_track+0x18/0x40 [ 27.377477] kasan_save_alloc_info+0x3b/0x50 [ 27.377685] __kasan_kmalloc+0xb7/0xc0 [ 27.378077] __kmalloc_cache_noprof+0x189/0x420 [ 27.378275] kasan_atomics+0x95/0x310 [ 27.378452] kunit_try_run_case+0x1a5/0x480 [ 27.378595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.378770] kthread+0x337/0x6f0 [ 27.379144] ret_from_fork+0x116/0x1d0 [ 27.379364] ret_from_fork_asm+0x1a/0x30 [ 27.379564] [ 27.379655] The buggy address belongs to the object at ffff8881053c7b80 [ 27.379655] which belongs to the cache kmalloc-64 of size 64 [ 27.380341] The buggy address is located 0 bytes to the right of [ 27.380341] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.380799] [ 27.380916] The buggy address belongs to the physical page: [ 27.381166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.381764] flags: 0x200000000000000(node=0|zone=2) [ 27.382209] page_type: f5(slab) [ 27.382357] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.382735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.383265] page dumped because: kasan: bad access detected [ 27.383495] [ 27.383560] Memory state around the buggy address: [ 27.383705] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.384462] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.384752] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.385332] ^ [ 27.385572] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.385984] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.386239] ================================================================== [ 27.539489] ================================================================== [ 27.540223] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 27.540564] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.540947] [ 27.541242] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.541532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.541553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.541578] Call Trace: [ 27.541599] <TASK> [ 27.541617] dump_stack_lvl+0x73/0xb0 [ 27.541650] print_report+0xd1/0x640 [ 27.541716] ? __virt_addr_valid+0x1db/0x2d0 [ 27.541744] ? kasan_atomics_helper+0x4a36/0x5450 [ 27.541766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.541793] ? kasan_atomics_helper+0x4a36/0x5450 [ 27.541826] kasan_report+0x141/0x180 [ 27.541878] ? kasan_atomics_helper+0x4a36/0x5450 [ 27.541904] __asan_report_load4_noabort+0x18/0x20 [ 27.541929] kasan_atomics_helper+0x4a36/0x5450 [ 27.541951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.541974] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.542000] ? kasan_atomics+0x152/0x310 [ 27.542026] kasan_atomics+0x1dc/0x310 [ 27.542049] ? __pfx_kasan_atomics+0x10/0x10 [ 27.542074] ? __pfx_read_tsc+0x10/0x10 [ 27.542096] ? ktime_get_ts64+0x86/0x230 [ 27.542123] kunit_try_run_case+0x1a5/0x480 [ 27.542147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.542170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.542207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.542240] ? __kthread_parkme+0x82/0x180 [ 27.542261] ? preempt_count_sub+0x50/0x80 [ 27.542285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.542323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.542348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.542372] kthread+0x337/0x6f0 [ 27.542393] ? trace_preempt_on+0x20/0xc0 [ 27.542417] ? __pfx_kthread+0x10/0x10 [ 27.542438] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.542469] ? calculate_sigpending+0x7b/0xa0 [ 27.542494] ? __pfx_kthread+0x10/0x10 [ 27.542516] ret_from_fork+0x116/0x1d0 [ 27.542536] ? __pfx_kthread+0x10/0x10 [ 27.542557] ret_from_fork_asm+0x1a/0x30 [ 27.542589] </TASK> [ 27.542601] [ 27.554807] Allocated by task 313: [ 27.555162] kasan_save_stack+0x45/0x70 [ 27.555575] kasan_save_track+0x18/0x40 [ 27.555764] kasan_save_alloc_info+0x3b/0x50 [ 27.556110] __kasan_kmalloc+0xb7/0xc0 [ 27.556288] __kmalloc_cache_noprof+0x189/0x420 [ 27.556493] kasan_atomics+0x95/0x310 [ 27.556661] kunit_try_run_case+0x1a5/0x480 [ 27.557110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.557541] kthread+0x337/0x6f0 [ 27.557838] ret_from_fork+0x116/0x1d0 [ 27.558164] ret_from_fork_asm+0x1a/0x30 [ 27.558498] [ 27.558600] The buggy address belongs to the object at ffff8881053c7b80 [ 27.558600] which belongs to the cache kmalloc-64 of size 64 [ 27.559407] The buggy address is located 0 bytes to the right of [ 27.559407] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.560355] [ 27.560586] The buggy address belongs to the physical page: [ 27.561033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.561555] flags: 0x200000000000000(node=0|zone=2) [ 27.561778] page_type: f5(slab) [ 27.562105] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.562633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.563101] page dumped because: kasan: bad access detected [ 27.563499] [ 27.563589] Memory state around the buggy address: [ 27.564009] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.564446] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.564918] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.565604] ^ [ 27.566010] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.566605] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.567134] ================================================================== [ 27.877665] ================================================================== [ 27.878076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 27.878397] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.879170] [ 27.879276] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.879340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.879427] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.879452] Call Trace: [ 27.879468] <TASK> [ 27.879484] dump_stack_lvl+0x73/0xb0 [ 27.879517] print_report+0xd1/0x640 [ 27.879540] ? __virt_addr_valid+0x1db/0x2d0 [ 27.879564] ? kasan_atomics_helper+0x15b6/0x5450 [ 27.879586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.879616] ? kasan_atomics_helper+0x15b6/0x5450 [ 27.879639] kasan_report+0x141/0x180 [ 27.879661] ? kasan_atomics_helper+0x15b6/0x5450 [ 27.879687] kasan_check_range+0x10c/0x1c0 [ 27.879711] __kasan_check_write+0x18/0x20 [ 27.879735] kasan_atomics_helper+0x15b6/0x5450 [ 27.879757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.879780] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.879806] ? kasan_atomics+0x152/0x310 [ 27.879833] kasan_atomics+0x1dc/0x310 [ 27.879925] ? __pfx_kasan_atomics+0x10/0x10 [ 27.879951] ? __pfx_read_tsc+0x10/0x10 [ 27.879973] ? ktime_get_ts64+0x86/0x230 [ 27.879998] kunit_try_run_case+0x1a5/0x480 [ 27.880022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.880045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.880173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.880208] ? __kthread_parkme+0x82/0x180 [ 27.880228] ? preempt_count_sub+0x50/0x80 [ 27.880251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.880275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.880299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.880335] kthread+0x337/0x6f0 [ 27.880355] ? trace_preempt_on+0x20/0xc0 [ 27.880379] ? __pfx_kthread+0x10/0x10 [ 27.880402] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.880436] ? calculate_sigpending+0x7b/0xa0 [ 27.880462] ? __pfx_kthread+0x10/0x10 [ 27.880485] ret_from_fork+0x116/0x1d0 [ 27.880505] ? __pfx_kthread+0x10/0x10 [ 27.880525] ret_from_fork_asm+0x1a/0x30 [ 27.880558] </TASK> [ 27.880570] [ 27.890536] Allocated by task 313: [ 27.890722] kasan_save_stack+0x45/0x70 [ 27.890967] kasan_save_track+0x18/0x40 [ 27.891103] kasan_save_alloc_info+0x3b/0x50 [ 27.891288] __kasan_kmalloc+0xb7/0xc0 [ 27.891924] __kmalloc_cache_noprof+0x189/0x420 [ 27.892118] kasan_atomics+0x95/0x310 [ 27.892413] kunit_try_run_case+0x1a5/0x480 [ 27.892554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.892829] kthread+0x337/0x6f0 [ 27.892990] ret_from_fork+0x116/0x1d0 [ 27.893140] ret_from_fork_asm+0x1a/0x30 [ 27.893569] [ 27.893674] The buggy address belongs to the object at ffff8881053c7b80 [ 27.893674] which belongs to the cache kmalloc-64 of size 64 [ 27.894497] The buggy address is located 0 bytes to the right of [ 27.894497] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.895109] [ 27.895208] The buggy address belongs to the physical page: [ 27.895511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.896170] flags: 0x200000000000000(node=0|zone=2) [ 27.896397] page_type: f5(slab) [ 27.896571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.896938] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.897463] page dumped because: kasan: bad access detected [ 27.897697] [ 27.897782] Memory state around the buggy address: [ 27.898103] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.898577] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.898937] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.899364] ^ [ 27.899549] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.899951] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.900462] ================================================================== [ 27.452441] ================================================================== [ 27.452759] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 27.453316] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.453623] [ 27.453728] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.453780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.454136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.454173] Call Trace: [ 27.454194] <TASK> [ 27.454212] dump_stack_lvl+0x73/0xb0 [ 27.454247] print_report+0xd1/0x640 [ 27.454518] ? __virt_addr_valid+0x1db/0x2d0 [ 27.454551] ? kasan_atomics_helper+0xe78/0x5450 [ 27.454575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.454601] ? kasan_atomics_helper+0xe78/0x5450 [ 27.454623] kasan_report+0x141/0x180 [ 27.454646] ? kasan_atomics_helper+0xe78/0x5450 [ 27.454680] kasan_check_range+0x10c/0x1c0 [ 27.454704] __kasan_check_write+0x18/0x20 [ 27.454729] kasan_atomics_helper+0xe78/0x5450 [ 27.454753] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.454777] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.455014] ? kasan_atomics+0x152/0x310 [ 27.455045] kasan_atomics+0x1dc/0x310 [ 27.455069] ? __pfx_kasan_atomics+0x10/0x10 [ 27.455094] ? __pfx_read_tsc+0x10/0x10 [ 27.455116] ? ktime_get_ts64+0x86/0x230 [ 27.455142] kunit_try_run_case+0x1a5/0x480 [ 27.455167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.455191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.455227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.455260] ? __kthread_parkme+0x82/0x180 [ 27.455282] ? preempt_count_sub+0x50/0x80 [ 27.455322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.455346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.455370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.455394] kthread+0x337/0x6f0 [ 27.455414] ? trace_preempt_on+0x20/0xc0 [ 27.455438] ? __pfx_kthread+0x10/0x10 [ 27.455459] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.455490] ? calculate_sigpending+0x7b/0xa0 [ 27.455515] ? __pfx_kthread+0x10/0x10 [ 27.455537] ret_from_fork+0x116/0x1d0 [ 27.455556] ? __pfx_kthread+0x10/0x10 [ 27.455577] ret_from_fork_asm+0x1a/0x30 [ 27.455609] </TASK> [ 27.455621] [ 27.468403] Allocated by task 313: [ 27.468591] kasan_save_stack+0x45/0x70 [ 27.468786] kasan_save_track+0x18/0x40 [ 27.469627] kasan_save_alloc_info+0x3b/0x50 [ 27.470121] __kasan_kmalloc+0xb7/0xc0 [ 27.470389] __kmalloc_cache_noprof+0x189/0x420 [ 27.470609] kasan_atomics+0x95/0x310 [ 27.470784] kunit_try_run_case+0x1a5/0x480 [ 27.471365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.471602] kthread+0x337/0x6f0 [ 27.471755] ret_from_fork+0x116/0x1d0 [ 27.472074] ret_from_fork_asm+0x1a/0x30 [ 27.472252] [ 27.472346] The buggy address belongs to the object at ffff8881053c7b80 [ 27.472346] which belongs to the cache kmalloc-64 of size 64 [ 27.472821] The buggy address is located 0 bytes to the right of [ 27.472821] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.474079] [ 27.474181] The buggy address belongs to the physical page: [ 27.474669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.475371] flags: 0x200000000000000(node=0|zone=2) [ 27.475833] page_type: f5(slab) [ 27.476124] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.476786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.477385] page dumped because: kasan: bad access detected [ 27.477766] [ 27.478028] Memory state around the buggy address: [ 27.478230] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.478543] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.479091] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.479569] ^ [ 27.480039] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.480543] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.480992] ================================================================== [ 27.223183] ================================================================== [ 27.223471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 27.223800] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.224379] [ 27.224489] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.224558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.224584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.224608] Call Trace: [ 27.224639] <TASK> [ 27.224668] dump_stack_lvl+0x73/0xb0 [ 27.224700] print_report+0xd1/0x640 [ 27.224736] ? __virt_addr_valid+0x1db/0x2d0 [ 27.224759] ? kasan_atomics_helper+0x860/0x5450 [ 27.224779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.224805] ? kasan_atomics_helper+0x860/0x5450 [ 27.224825] kasan_report+0x141/0x180 [ 27.224846] ? kasan_atomics_helper+0x860/0x5450 [ 27.224871] kasan_check_range+0x10c/0x1c0 [ 27.224895] __kasan_check_write+0x18/0x20 [ 27.224937] kasan_atomics_helper+0x860/0x5450 [ 27.224960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.224981] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.225006] ? kasan_atomics+0x152/0x310 [ 27.225030] kasan_atomics+0x1dc/0x310 [ 27.225052] ? __pfx_kasan_atomics+0x10/0x10 [ 27.225075] ? __pfx_read_tsc+0x10/0x10 [ 27.225096] ? ktime_get_ts64+0x86/0x230 [ 27.225120] kunit_try_run_case+0x1a5/0x480 [ 27.225144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.225166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.225200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.225329] ? __kthread_parkme+0x82/0x180 [ 27.225352] ? preempt_count_sub+0x50/0x80 [ 27.225375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.225399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.225421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.225443] kthread+0x337/0x6f0 [ 27.225463] ? trace_preempt_on+0x20/0xc0 [ 27.225485] ? __pfx_kthread+0x10/0x10 [ 27.225507] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.225559] ? calculate_sigpending+0x7b/0xa0 [ 27.225585] ? __pfx_kthread+0x10/0x10 [ 27.225606] ret_from_fork+0x116/0x1d0 [ 27.225639] ? __pfx_kthread+0x10/0x10 [ 27.225659] ret_from_fork_asm+0x1a/0x30 [ 27.225703] </TASK> [ 27.225714] [ 27.235726] Allocated by task 313: [ 27.235980] kasan_save_stack+0x45/0x70 [ 27.236160] kasan_save_track+0x18/0x40 [ 27.236338] kasan_save_alloc_info+0x3b/0x50 [ 27.236547] __kasan_kmalloc+0xb7/0xc0 [ 27.236727] __kmalloc_cache_noprof+0x189/0x420 [ 27.236921] kasan_atomics+0x95/0x310 [ 27.237099] kunit_try_run_case+0x1a5/0x480 [ 27.238210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.238464] kthread+0x337/0x6f0 [ 27.238597] ret_from_fork+0x116/0x1d0 [ 27.239020] ret_from_fork_asm+0x1a/0x30 [ 27.239356] [ 27.239456] The buggy address belongs to the object at ffff8881053c7b80 [ 27.239456] which belongs to the cache kmalloc-64 of size 64 [ 27.240206] The buggy address is located 0 bytes to the right of [ 27.240206] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.241005] [ 27.241098] The buggy address belongs to the physical page: [ 27.241501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.241978] flags: 0x200000000000000(node=0|zone=2) [ 27.242325] page_type: f5(slab) [ 27.242458] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.242951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.243352] page dumped because: kasan: bad access detected [ 27.243596] [ 27.243666] Memory state around the buggy address: [ 27.244039] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.244352] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.244634] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.244920] ^ [ 27.245114] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.245901] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.246278] ================================================================== [ 26.920902] ================================================================== [ 26.922442] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 26.923094] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 26.923392] [ 26.923497] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.923548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.923560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.923583] Call Trace: [ 26.923597] <TASK> [ 26.923615] dump_stack_lvl+0x73/0xb0 [ 26.923649] print_report+0xd1/0x640 [ 26.923672] ? __virt_addr_valid+0x1db/0x2d0 [ 26.923697] ? kasan_atomics_helper+0x4bbc/0x5450 [ 26.923718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.923743] ? kasan_atomics_helper+0x4bbc/0x5450 [ 26.923764] kasan_report+0x141/0x180 [ 26.923786] ? kasan_atomics_helper+0x4bbc/0x5450 [ 26.923869] __asan_report_load4_noabort+0x18/0x20 [ 26.923896] kasan_atomics_helper+0x4bbc/0x5450 [ 26.923918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.923939] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.923964] ? kasan_atomics+0x152/0x310 [ 26.923990] kasan_atomics+0x1dc/0x310 [ 26.924013] ? __pfx_kasan_atomics+0x10/0x10 [ 26.924036] ? __pfx_read_tsc+0x10/0x10 [ 26.924057] ? ktime_get_ts64+0x86/0x230 [ 26.924082] kunit_try_run_case+0x1a5/0x480 [ 26.924107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.924128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.924163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.924196] ? __kthread_parkme+0x82/0x180 [ 26.924216] ? preempt_count_sub+0x50/0x80 [ 26.924239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.924262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.924297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.924320] kthread+0x337/0x6f0 [ 26.924338] ? trace_preempt_on+0x20/0xc0 [ 26.924361] ? __pfx_kthread+0x10/0x10 [ 26.924381] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.924411] ? calculate_sigpending+0x7b/0xa0 [ 26.924435] ? __pfx_kthread+0x10/0x10 [ 26.924456] ret_from_fork+0x116/0x1d0 [ 26.924474] ? __pfx_kthread+0x10/0x10 [ 26.924493] ret_from_fork_asm+0x1a/0x30 [ 26.924523] </TASK> [ 26.924535] [ 26.937467] Allocated by task 313: [ 26.937615] kasan_save_stack+0x45/0x70 [ 26.937762] kasan_save_track+0x18/0x40 [ 26.938523] kasan_save_alloc_info+0x3b/0x50 [ 26.938973] __kasan_kmalloc+0xb7/0xc0 [ 26.939408] __kmalloc_cache_noprof+0x189/0x420 [ 26.939817] kasan_atomics+0x95/0x310 [ 26.940250] kunit_try_run_case+0x1a5/0x480 [ 26.940482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.940658] kthread+0x337/0x6f0 [ 26.940772] ret_from_fork+0x116/0x1d0 [ 26.941162] ret_from_fork_asm+0x1a/0x30 [ 26.941591] [ 26.941741] The buggy address belongs to the object at ffff8881053c7b80 [ 26.941741] which belongs to the cache kmalloc-64 of size 64 [ 26.943102] The buggy address is located 0 bytes to the right of [ 26.943102] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 26.943689] [ 26.943763] The buggy address belongs to the physical page: [ 26.944225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 26.944939] flags: 0x200000000000000(node=0|zone=2) [ 26.945456] page_type: f5(slab) [ 26.945621] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.946026] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.946855] page dumped because: kasan: bad access detected [ 26.947435] [ 26.947591] Memory state around the buggy address: [ 26.948068] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.948297] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.948508] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.948714] ^ [ 26.948887] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.949257] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.949576] ================================================================== [ 27.636236] ================================================================== [ 27.636828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 27.637186] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.637523] [ 27.637627] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.637674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.637687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.637710] Call Trace: [ 27.637728] <TASK> [ 27.637744] dump_stack_lvl+0x73/0xb0 [ 27.637775] print_report+0xd1/0x640 [ 27.637822] ? __virt_addr_valid+0x1db/0x2d0 [ 27.637871] ? kasan_atomics_helper+0x4a02/0x5450 [ 27.637893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.637919] ? kasan_atomics_helper+0x4a02/0x5450 [ 27.637941] kasan_report+0x141/0x180 [ 27.637963] ? kasan_atomics_helper+0x4a02/0x5450 [ 27.637990] __asan_report_load4_noabort+0x18/0x20 [ 27.638013] kasan_atomics_helper+0x4a02/0x5450 [ 27.638036] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.638058] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.638083] ? kasan_atomics+0x152/0x310 [ 27.638109] kasan_atomics+0x1dc/0x310 [ 27.638132] ? __pfx_kasan_atomics+0x10/0x10 [ 27.638157] ? __pfx_read_tsc+0x10/0x10 [ 27.638179] ? ktime_get_ts64+0x86/0x230 [ 27.638205] kunit_try_run_case+0x1a5/0x480 [ 27.638231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.638253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.638289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.638335] ? __kthread_parkme+0x82/0x180 [ 27.638356] ? preempt_count_sub+0x50/0x80 [ 27.638379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.638406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.638430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.638454] kthread+0x337/0x6f0 [ 27.638475] ? trace_preempt_on+0x20/0xc0 [ 27.638499] ? __pfx_kthread+0x10/0x10 [ 27.638520] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.638551] ? calculate_sigpending+0x7b/0xa0 [ 27.638575] ? __pfx_kthread+0x10/0x10 [ 27.638598] ret_from_fork+0x116/0x1d0 [ 27.638617] ? __pfx_kthread+0x10/0x10 [ 27.638638] ret_from_fork_asm+0x1a/0x30 [ 27.638674] </TASK> [ 27.638686] [ 27.645910] Allocated by task 313: [ 27.646058] kasan_save_stack+0x45/0x70 [ 27.646255] kasan_save_track+0x18/0x40 [ 27.646431] kasan_save_alloc_info+0x3b/0x50 [ 27.646633] __kasan_kmalloc+0xb7/0xc0 [ 27.646793] __kmalloc_cache_noprof+0x189/0x420 [ 27.646992] kasan_atomics+0x95/0x310 [ 27.647152] kunit_try_run_case+0x1a5/0x480 [ 27.647379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.647592] kthread+0x337/0x6f0 [ 27.647760] ret_from_fork+0x116/0x1d0 [ 27.647940] ret_from_fork_asm+0x1a/0x30 [ 27.648125] [ 27.648213] The buggy address belongs to the object at ffff8881053c7b80 [ 27.648213] which belongs to the cache kmalloc-64 of size 64 [ 27.648673] The buggy address is located 0 bytes to the right of [ 27.648673] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.649158] [ 27.649251] The buggy address belongs to the physical page: [ 27.649547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.649792] flags: 0x200000000000000(node=0|zone=2) [ 27.649947] page_type: f5(slab) [ 27.650063] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.650318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.650651] page dumped because: kasan: bad access detected [ 27.650900] [ 27.650989] Memory state around the buggy address: [ 27.651207] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.651548] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.651860] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.652112] ^ [ 27.652260] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.652594] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.653250] ================================================================== [ 27.765914] ================================================================== [ 27.766634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 27.766984] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.767397] [ 27.767486] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.767536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.767549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.767573] Call Trace: [ 27.767594] <TASK> [ 27.767613] dump_stack_lvl+0x73/0xb0 [ 27.767645] print_report+0xd1/0x640 [ 27.767669] ? __virt_addr_valid+0x1db/0x2d0 [ 27.767693] ? kasan_atomics_helper+0x13b5/0x5450 [ 27.767715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.767741] ? kasan_atomics_helper+0x13b5/0x5450 [ 27.767763] kasan_report+0x141/0x180 [ 27.767786] ? kasan_atomics_helper+0x13b5/0x5450 [ 27.767822] kasan_check_range+0x10c/0x1c0 [ 27.767859] __kasan_check_read+0x15/0x20 [ 27.767884] kasan_atomics_helper+0x13b5/0x5450 [ 27.767908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.767930] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.767955] ? kasan_atomics+0x152/0x310 [ 27.767982] kasan_atomics+0x1dc/0x310 [ 27.768004] ? __pfx_kasan_atomics+0x10/0x10 [ 27.768029] ? __pfx_read_tsc+0x10/0x10 [ 27.768051] ? ktime_get_ts64+0x86/0x230 [ 27.768078] kunit_try_run_case+0x1a5/0x480 [ 27.768103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.768126] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.768169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.768203] ? __kthread_parkme+0x82/0x180 [ 27.768224] ? preempt_count_sub+0x50/0x80 [ 27.768248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.768272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.768296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.768333] kthread+0x337/0x6f0 [ 27.768353] ? trace_preempt_on+0x20/0xc0 [ 27.768377] ? __pfx_kthread+0x10/0x10 [ 27.768398] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.768429] ? calculate_sigpending+0x7b/0xa0 [ 27.768454] ? __pfx_kthread+0x10/0x10 [ 27.768476] ret_from_fork+0x116/0x1d0 [ 27.768497] ? __pfx_kthread+0x10/0x10 [ 27.768517] ret_from_fork_asm+0x1a/0x30 [ 27.768549] </TASK> [ 27.768561] [ 27.776213] Allocated by task 313: [ 27.776370] kasan_save_stack+0x45/0x70 [ 27.776509] kasan_save_track+0x18/0x40 [ 27.776633] kasan_save_alloc_info+0x3b/0x50 [ 27.776771] __kasan_kmalloc+0xb7/0xc0 [ 27.776963] __kmalloc_cache_noprof+0x189/0x420 [ 27.777178] kasan_atomics+0x95/0x310 [ 27.777375] kunit_try_run_case+0x1a5/0x480 [ 27.777593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.777910] kthread+0x337/0x6f0 [ 27.778022] ret_from_fork+0x116/0x1d0 [ 27.778143] ret_from_fork_asm+0x1a/0x30 [ 27.778273] [ 27.778397] The buggy address belongs to the object at ffff8881053c7b80 [ 27.778397] which belongs to the cache kmalloc-64 of size 64 [ 27.779216] The buggy address is located 0 bytes to the right of [ 27.779216] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.779844] [ 27.779996] The buggy address belongs to the physical page: [ 27.780231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.780569] flags: 0x200000000000000(node=0|zone=2) [ 27.780790] page_type: f5(slab) [ 27.780919] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.781137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.781552] page dumped because: kasan: bad access detected [ 27.781852] [ 27.781920] Memory state around the buggy address: [ 27.782221] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.782602] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.783007] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.783209] ^ [ 27.783365] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.783569] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.783768] ================================================================== [ 27.901056] ================================================================== [ 27.901459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 27.901912] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.902196] [ 27.902279] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.902337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.902351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.902374] Call Trace: [ 27.902653] <TASK> [ 27.902682] dump_stack_lvl+0x73/0xb0 [ 27.902716] print_report+0xd1/0x640 [ 27.902738] ? __virt_addr_valid+0x1db/0x2d0 [ 27.902763] ? kasan_atomics_helper+0x164f/0x5450 [ 27.902784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.902821] ? kasan_atomics_helper+0x164f/0x5450 [ 27.902843] kasan_report+0x141/0x180 [ 27.902865] ? kasan_atomics_helper+0x164f/0x5450 [ 27.902891] kasan_check_range+0x10c/0x1c0 [ 27.902914] __kasan_check_write+0x18/0x20 [ 27.902937] kasan_atomics_helper+0x164f/0x5450 [ 27.902961] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.903119] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.903147] ? kasan_atomics+0x152/0x310 [ 27.903173] kasan_atomics+0x1dc/0x310 [ 27.903196] ? __pfx_kasan_atomics+0x10/0x10 [ 27.903220] ? __pfx_read_tsc+0x10/0x10 [ 27.903243] ? ktime_get_ts64+0x86/0x230 [ 27.903269] kunit_try_run_case+0x1a5/0x480 [ 27.903293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.903329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.903365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.903399] ? __kthread_parkme+0x82/0x180 [ 27.903420] ? preempt_count_sub+0x50/0x80 [ 27.903444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.903468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.903491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.903515] kthread+0x337/0x6f0 [ 27.903535] ? trace_preempt_on+0x20/0xc0 [ 27.903559] ? __pfx_kthread+0x10/0x10 [ 27.903580] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.903611] ? calculate_sigpending+0x7b/0xa0 [ 27.903636] ? __pfx_kthread+0x10/0x10 [ 27.903661] ret_from_fork+0x116/0x1d0 [ 27.903681] ? __pfx_kthread+0x10/0x10 [ 27.903702] ret_from_fork_asm+0x1a/0x30 [ 27.903733] </TASK> [ 27.903744] [ 27.914532] Allocated by task 313: [ 27.914708] kasan_save_stack+0x45/0x70 [ 27.914875] kasan_save_track+0x18/0x40 [ 27.915163] kasan_save_alloc_info+0x3b/0x50 [ 27.915748] __kasan_kmalloc+0xb7/0xc0 [ 27.915978] __kmalloc_cache_noprof+0x189/0x420 [ 27.916279] kasan_atomics+0x95/0x310 [ 27.916510] kunit_try_run_case+0x1a5/0x480 [ 27.916712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.917070] kthread+0x337/0x6f0 [ 27.917375] ret_from_fork+0x116/0x1d0 [ 27.917828] ret_from_fork_asm+0x1a/0x30 [ 27.918024] [ 27.918090] The buggy address belongs to the object at ffff8881053c7b80 [ 27.918090] which belongs to the cache kmalloc-64 of size 64 [ 27.918602] The buggy address is located 0 bytes to the right of [ 27.918602] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.919481] [ 27.919649] The buggy address belongs to the physical page: [ 27.920042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.920495] flags: 0x200000000000000(node=0|zone=2) [ 27.920825] page_type: f5(slab) [ 27.921069] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.921742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.922188] page dumped because: kasan: bad access detected [ 27.922424] [ 27.922588] Memory state around the buggy address: [ 27.922775] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.923224] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.923666] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.924067] ^ [ 27.924277] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.924586] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.925197] ================================================================== [ 28.374616] ================================================================== [ 28.374926] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 28.375361] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.375598] [ 28.375969] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.376023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.376036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.376058] Call Trace: [ 28.376077] <TASK> [ 28.376094] dump_stack_lvl+0x73/0xb0 [ 28.376125] print_report+0xd1/0x640 [ 28.376148] ? __virt_addr_valid+0x1db/0x2d0 [ 28.376171] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.376192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.376218] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.376241] kasan_report+0x141/0x180 [ 28.376264] ? kasan_atomics_helper+0x4fb2/0x5450 [ 28.376289] __asan_report_load8_noabort+0x18/0x20 [ 28.376315] kasan_atomics_helper+0x4fb2/0x5450 [ 28.376351] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.376373] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.376398] ? kasan_atomics+0x152/0x310 [ 28.376423] kasan_atomics+0x1dc/0x310 [ 28.376446] ? __pfx_kasan_atomics+0x10/0x10 [ 28.376469] ? __pfx_read_tsc+0x10/0x10 [ 28.376491] ? ktime_get_ts64+0x86/0x230 [ 28.376515] kunit_try_run_case+0x1a5/0x480 [ 28.376540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.376562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.376596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.376630] ? __kthread_parkme+0x82/0x180 [ 28.376650] ? preempt_count_sub+0x50/0x80 [ 28.376673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.376696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.376720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.376743] kthread+0x337/0x6f0 [ 28.376763] ? trace_preempt_on+0x20/0xc0 [ 28.376786] ? __pfx_kthread+0x10/0x10 [ 28.376819] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.376850] ? calculate_sigpending+0x7b/0xa0 [ 28.376888] ? __pfx_kthread+0x10/0x10 [ 28.376909] ret_from_fork+0x116/0x1d0 [ 28.376928] ? __pfx_kthread+0x10/0x10 [ 28.376950] ret_from_fork_asm+0x1a/0x30 [ 28.376981] </TASK> [ 28.376992] [ 28.384576] Allocated by task 313: [ 28.384773] kasan_save_stack+0x45/0x70 [ 28.384973] kasan_save_track+0x18/0x40 [ 28.385185] kasan_save_alloc_info+0x3b/0x50 [ 28.385337] __kasan_kmalloc+0xb7/0xc0 [ 28.385464] __kmalloc_cache_noprof+0x189/0x420 [ 28.385613] kasan_atomics+0x95/0x310 [ 28.385739] kunit_try_run_case+0x1a5/0x480 [ 28.385889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.386223] kthread+0x337/0x6f0 [ 28.386405] ret_from_fork+0x116/0x1d0 [ 28.386589] ret_from_fork_asm+0x1a/0x30 [ 28.386797] [ 28.386886] The buggy address belongs to the object at ffff8881053c7b80 [ 28.386886] which belongs to the cache kmalloc-64 of size 64 [ 28.387268] The buggy address is located 0 bytes to the right of [ 28.387268] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.387639] [ 28.387707] The buggy address belongs to the physical page: [ 28.388051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.388424] flags: 0x200000000000000(node=0|zone=2) [ 28.388658] page_type: f5(slab) [ 28.388827] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.389452] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.389740] page dumped because: kasan: bad access detected [ 28.389912] [ 28.389974] Memory state around the buggy address: [ 28.390124] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.390344] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.390553] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.390920] ^ [ 28.391282] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.391601] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.391864] ================================================================== [ 27.925642] ================================================================== [ 27.926048] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 27.926422] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.926643] [ 27.926731] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.926777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.926791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.926814] Call Trace: [ 27.926830] <TASK> [ 27.926843] dump_stack_lvl+0x73/0xb0 [ 27.926884] print_report+0xd1/0x640 [ 27.926907] ? __virt_addr_valid+0x1db/0x2d0 [ 27.926930] ? kasan_atomics_helper+0x16e7/0x5450 [ 27.926952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.926979] ? kasan_atomics_helper+0x16e7/0x5450 [ 27.927000] kasan_report+0x141/0x180 [ 27.927022] ? kasan_atomics_helper+0x16e7/0x5450 [ 27.927048] kasan_check_range+0x10c/0x1c0 [ 27.927072] __kasan_check_write+0x18/0x20 [ 27.927096] kasan_atomics_helper+0x16e7/0x5450 [ 27.927119] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.927141] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.927165] ? kasan_atomics+0x152/0x310 [ 27.927192] kasan_atomics+0x1dc/0x310 [ 27.927215] ? __pfx_kasan_atomics+0x10/0x10 [ 27.927240] ? __pfx_read_tsc+0x10/0x10 [ 27.927261] ? ktime_get_ts64+0x86/0x230 [ 27.927286] kunit_try_run_case+0x1a5/0x480 [ 27.927320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.927343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.927379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.927413] ? __kthread_parkme+0x82/0x180 [ 27.927433] ? preempt_count_sub+0x50/0x80 [ 27.927456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.927480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.927502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.927527] kthread+0x337/0x6f0 [ 27.927546] ? trace_preempt_on+0x20/0xc0 [ 27.927569] ? __pfx_kthread+0x10/0x10 [ 27.927590] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.927620] ? calculate_sigpending+0x7b/0xa0 [ 27.927644] ? __pfx_kthread+0x10/0x10 [ 27.927666] ret_from_fork+0x116/0x1d0 [ 27.927686] ? __pfx_kthread+0x10/0x10 [ 27.927706] ret_from_fork_asm+0x1a/0x30 [ 27.927736] </TASK> [ 27.927748] [ 27.936089] Allocated by task 313: [ 27.936210] kasan_save_stack+0x45/0x70 [ 27.936354] kasan_save_track+0x18/0x40 [ 27.936544] kasan_save_alloc_info+0x3b/0x50 [ 27.936758] __kasan_kmalloc+0xb7/0xc0 [ 27.936936] __kmalloc_cache_noprof+0x189/0x420 [ 27.937151] kasan_atomics+0x95/0x310 [ 27.937355] kunit_try_run_case+0x1a5/0x480 [ 27.937557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.937753] kthread+0x337/0x6f0 [ 27.937868] ret_from_fork+0x116/0x1d0 [ 27.937995] ret_from_fork_asm+0x1a/0x30 [ 27.938144] [ 27.938235] The buggy address belongs to the object at ffff8881053c7b80 [ 27.938235] which belongs to the cache kmalloc-64 of size 64 [ 27.938761] The buggy address is located 0 bytes to the right of [ 27.938761] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.939250] [ 27.939342] The buggy address belongs to the physical page: [ 27.939567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.939883] flags: 0x200000000000000(node=0|zone=2) [ 27.940090] page_type: f5(slab) [ 27.940238] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.942151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.942471] page dumped because: kasan: bad access detected [ 27.942727] [ 27.942832] Memory state around the buggy address: [ 27.943427] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.943706] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.944303] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.944632] ^ [ 27.944912] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.945193] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.945461] ================================================================== [ 28.241478] ================================================================== [ 28.241772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 28.242212] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.243291] [ 28.243413] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.243580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.243598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.243623] Call Trace: [ 28.243642] <TASK> [ 28.243658] dump_stack_lvl+0x73/0xb0 [ 28.243809] print_report+0xd1/0x640 [ 28.243877] ? __virt_addr_valid+0x1db/0x2d0 [ 28.243902] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.243924] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.243950] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.243972] kasan_report+0x141/0x180 [ 28.243994] ? kasan_atomics_helper+0x1f43/0x5450 [ 28.244020] kasan_check_range+0x10c/0x1c0 [ 28.244043] __kasan_check_write+0x18/0x20 [ 28.244067] kasan_atomics_helper+0x1f43/0x5450 [ 28.244089] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.244111] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.244135] ? kasan_atomics+0x152/0x310 [ 28.244161] kasan_atomics+0x1dc/0x310 [ 28.244184] ? __pfx_kasan_atomics+0x10/0x10 [ 28.244208] ? __pfx_read_tsc+0x10/0x10 [ 28.244230] ? ktime_get_ts64+0x86/0x230 [ 28.244256] kunit_try_run_case+0x1a5/0x480 [ 28.244280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.244302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.244350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.244383] ? __kthread_parkme+0x82/0x180 [ 28.244404] ? preempt_count_sub+0x50/0x80 [ 28.244428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.244452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.244477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.244500] kthread+0x337/0x6f0 [ 28.244520] ? trace_preempt_on+0x20/0xc0 [ 28.244543] ? __pfx_kthread+0x10/0x10 [ 28.244564] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.244594] ? calculate_sigpending+0x7b/0xa0 [ 28.244620] ? __pfx_kthread+0x10/0x10 [ 28.244642] ret_from_fork+0x116/0x1d0 [ 28.244662] ? __pfx_kthread+0x10/0x10 [ 28.244683] ret_from_fork_asm+0x1a/0x30 [ 28.244714] </TASK> [ 28.244726] [ 28.255551] Allocated by task 313: [ 28.255682] kasan_save_stack+0x45/0x70 [ 28.255837] kasan_save_track+0x18/0x40 [ 28.255967] kasan_save_alloc_info+0x3b/0x50 [ 28.256112] __kasan_kmalloc+0xb7/0xc0 [ 28.256239] __kmalloc_cache_noprof+0x189/0x420 [ 28.256412] kasan_atomics+0x95/0x310 [ 28.256542] kunit_try_run_case+0x1a5/0x480 [ 28.256683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.256850] kthread+0x337/0x6f0 [ 28.256964] ret_from_fork+0x116/0x1d0 [ 28.257089] ret_from_fork_asm+0x1a/0x30 [ 28.257222] [ 28.257288] The buggy address belongs to the object at ffff8881053c7b80 [ 28.257288] which belongs to the cache kmalloc-64 of size 64 [ 28.258293] The buggy address is located 0 bytes to the right of [ 28.258293] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.259341] [ 28.259495] The buggy address belongs to the physical page: [ 28.260115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.261049] flags: 0x200000000000000(node=0|zone=2) [ 28.261534] page_type: f5(slab) [ 28.261836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.262626] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.263415] page dumped because: kasan: bad access detected [ 28.263967] [ 28.264131] Memory state around the buggy address: [ 28.264675] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.265412] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.266097] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.266816] ^ [ 28.267437] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.268096] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.268801] ================================================================== [ 28.350927] ================================================================== [ 28.351153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 28.351402] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.351713] [ 28.351801] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.352015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.352030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.352053] Call Trace: [ 28.352070] <TASK> [ 28.352084] dump_stack_lvl+0x73/0xb0 [ 28.352115] print_report+0xd1/0x640 [ 28.352137] ? __virt_addr_valid+0x1db/0x2d0 [ 28.352161] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.352182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.352208] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.352231] kasan_report+0x141/0x180 [ 28.352253] ? kasan_atomics_helper+0x20c8/0x5450 [ 28.352279] kasan_check_range+0x10c/0x1c0 [ 28.352303] __kasan_check_write+0x18/0x20 [ 28.352342] kasan_atomics_helper+0x20c8/0x5450 [ 28.352365] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.352388] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.352412] ? kasan_atomics+0x152/0x310 [ 28.352438] kasan_atomics+0x1dc/0x310 [ 28.352462] ? __pfx_kasan_atomics+0x10/0x10 [ 28.352486] ? __pfx_read_tsc+0x10/0x10 [ 28.352508] ? ktime_get_ts64+0x86/0x230 [ 28.352532] kunit_try_run_case+0x1a5/0x480 [ 28.352556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.352579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.352614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.352648] ? __kthread_parkme+0x82/0x180 [ 28.352668] ? preempt_count_sub+0x50/0x80 [ 28.352692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.352715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.352739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.352763] kthread+0x337/0x6f0 [ 28.352782] ? trace_preempt_on+0x20/0xc0 [ 28.352805] ? __pfx_kthread+0x10/0x10 [ 28.352827] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.353289] ? calculate_sigpending+0x7b/0xa0 [ 28.353320] ? __pfx_kthread+0x10/0x10 [ 28.353356] ret_from_fork+0x116/0x1d0 [ 28.353376] ? __pfx_kthread+0x10/0x10 [ 28.353397] ret_from_fork_asm+0x1a/0x30 [ 28.353427] </TASK> [ 28.353438] [ 28.363232] Allocated by task 313: [ 28.363557] kasan_save_stack+0x45/0x70 [ 28.363709] kasan_save_track+0x18/0x40 [ 28.363991] kasan_save_alloc_info+0x3b/0x50 [ 28.364484] __kasan_kmalloc+0xb7/0xc0 [ 28.364687] __kmalloc_cache_noprof+0x189/0x420 [ 28.364967] kasan_atomics+0x95/0x310 [ 28.365387] kunit_try_run_case+0x1a5/0x480 [ 28.365658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.366056] kthread+0x337/0x6f0 [ 28.366193] ret_from_fork+0x116/0x1d0 [ 28.366523] ret_from_fork_asm+0x1a/0x30 [ 28.366712] [ 28.366801] The buggy address belongs to the object at ffff8881053c7b80 [ 28.366801] which belongs to the cache kmalloc-64 of size 64 [ 28.367574] The buggy address is located 0 bytes to the right of [ 28.367574] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.368288] [ 28.368459] The buggy address belongs to the physical page: [ 28.368755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.369359] flags: 0x200000000000000(node=0|zone=2) [ 28.369535] page_type: f5(slab) [ 28.369705] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.370134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.370571] page dumped because: kasan: bad access detected [ 28.370871] [ 28.371085] Memory state around the buggy address: [ 28.371451] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.371915] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.372260] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.372757] ^ [ 28.372964] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.373462] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.373920] ================================================================== [ 27.031149] ================================================================== [ 27.031875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 27.032556] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.033248] [ 27.033437] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.033487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.033510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.033532] Call Trace: [ 27.033551] <TASK> [ 27.033567] dump_stack_lvl+0x73/0xb0 [ 27.033619] print_report+0xd1/0x640 [ 27.033642] ? __virt_addr_valid+0x1db/0x2d0 [ 27.033665] ? kasan_atomics_helper+0x3df/0x5450 [ 27.033695] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.033720] ? kasan_atomics_helper+0x3df/0x5450 [ 27.033741] kasan_report+0x141/0x180 [ 27.033762] ? kasan_atomics_helper+0x3df/0x5450 [ 27.033858] kasan_check_range+0x10c/0x1c0 [ 27.033885] __kasan_check_read+0x15/0x20 [ 27.033908] kasan_atomics_helper+0x3df/0x5450 [ 27.033930] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.033954] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.033977] ? kasan_atomics+0x152/0x310 [ 27.034003] kasan_atomics+0x1dc/0x310 [ 27.034024] ? __pfx_kasan_atomics+0x10/0x10 [ 27.034047] ? __pfx_read_tsc+0x10/0x10 [ 27.034068] ? ktime_get_ts64+0x86/0x230 [ 27.034093] kunit_try_run_case+0x1a5/0x480 [ 27.034117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.034138] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.034173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.034205] ? __kthread_parkme+0x82/0x180 [ 27.034225] ? preempt_count_sub+0x50/0x80 [ 27.034247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.034270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.034304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.034326] kthread+0x337/0x6f0 [ 27.034346] ? trace_preempt_on+0x20/0xc0 [ 27.034368] ? __pfx_kthread+0x10/0x10 [ 27.034388] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.034418] ? calculate_sigpending+0x7b/0xa0 [ 27.034441] ? __pfx_kthread+0x10/0x10 [ 27.034462] ret_from_fork+0x116/0x1d0 [ 27.034480] ? __pfx_kthread+0x10/0x10 [ 27.034500] ret_from_fork_asm+0x1a/0x30 [ 27.034530] </TASK> [ 27.034541] [ 27.043434] Allocated by task 313: [ 27.043624] kasan_save_stack+0x45/0x70 [ 27.043940] kasan_save_track+0x18/0x40 [ 27.044138] kasan_save_alloc_info+0x3b/0x50 [ 27.044325] __kasan_kmalloc+0xb7/0xc0 [ 27.044507] __kmalloc_cache_noprof+0x189/0x420 [ 27.044655] kasan_atomics+0x95/0x310 [ 27.044778] kunit_try_run_case+0x1a5/0x480 [ 27.044935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.045191] kthread+0x337/0x6f0 [ 27.045378] ret_from_fork+0x116/0x1d0 [ 27.045633] ret_from_fork_asm+0x1a/0x30 [ 27.045976] [ 27.046083] The buggy address belongs to the object at ffff8881053c7b80 [ 27.046083] which belongs to the cache kmalloc-64 of size 64 [ 27.046514] The buggy address is located 0 bytes to the right of [ 27.046514] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.047215] [ 27.047313] The buggy address belongs to the physical page: [ 27.047593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.048093] flags: 0x200000000000000(node=0|zone=2) [ 27.048319] page_type: f5(slab) [ 27.048438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.048662] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.048879] page dumped because: kasan: bad access detected [ 27.049041] [ 27.049102] Memory state around the buggy address: [ 27.049553] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.050263] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.050580] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.050793] ^ [ 27.050941] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.051147] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.051412] ================================================================== [ 28.417050] ================================================================== [ 28.417382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 28.417687] Read of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.418592] [ 28.418825] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.418878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.418901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.418924] Call Trace: [ 28.418941] <TASK> [ 28.419059] dump_stack_lvl+0x73/0xb0 [ 28.419097] print_report+0xd1/0x640 [ 28.419120] ? __virt_addr_valid+0x1db/0x2d0 [ 28.419145] ? kasan_atomics_helper+0x4fa5/0x5450 [ 28.419166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.419201] ? kasan_atomics_helper+0x4fa5/0x5450 [ 28.419224] kasan_report+0x141/0x180 [ 28.419247] ? kasan_atomics_helper+0x4fa5/0x5450 [ 28.419273] __asan_report_load8_noabort+0x18/0x20 [ 28.419297] kasan_atomics_helper+0x4fa5/0x5450 [ 28.419321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.419352] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.419377] ? kasan_atomics+0x152/0x310 [ 28.419403] kasan_atomics+0x1dc/0x310 [ 28.419426] ? __pfx_kasan_atomics+0x10/0x10 [ 28.419451] ? __pfx_read_tsc+0x10/0x10 [ 28.419473] ? ktime_get_ts64+0x86/0x230 [ 28.419498] kunit_try_run_case+0x1a5/0x480 [ 28.419523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.419545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.419581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.419614] ? __kthread_parkme+0x82/0x180 [ 28.419635] ? preempt_count_sub+0x50/0x80 [ 28.419659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.419684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.419709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.419733] kthread+0x337/0x6f0 [ 28.419754] ? trace_preempt_on+0x20/0xc0 [ 28.419777] ? __pfx_kthread+0x10/0x10 [ 28.419834] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.419865] ? calculate_sigpending+0x7b/0xa0 [ 28.419890] ? __pfx_kthread+0x10/0x10 [ 28.419912] ret_from_fork+0x116/0x1d0 [ 28.419932] ? __pfx_kthread+0x10/0x10 [ 28.419954] ret_from_fork_asm+0x1a/0x30 [ 28.419986] </TASK> [ 28.419997] [ 28.432300] Allocated by task 313: [ 28.432664] kasan_save_stack+0x45/0x70 [ 28.433137] kasan_save_track+0x18/0x40 [ 28.433522] kasan_save_alloc_info+0x3b/0x50 [ 28.433693] __kasan_kmalloc+0xb7/0xc0 [ 28.434055] __kmalloc_cache_noprof+0x189/0x420 [ 28.434496] kasan_atomics+0x95/0x310 [ 28.434901] kunit_try_run_case+0x1a5/0x480 [ 28.435055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.435225] kthread+0x337/0x6f0 [ 28.435352] ret_from_fork+0x116/0x1d0 [ 28.435479] ret_from_fork_asm+0x1a/0x30 [ 28.435614] [ 28.435679] The buggy address belongs to the object at ffff8881053c7b80 [ 28.435679] which belongs to the cache kmalloc-64 of size 64 [ 28.436985] The buggy address is located 0 bytes to the right of [ 28.436985] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.438179] [ 28.438353] The buggy address belongs to the physical page: [ 28.438904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.439650] flags: 0x200000000000000(node=0|zone=2) [ 28.440262] page_type: f5(slab) [ 28.440596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.441008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.441224] page dumped because: kasan: bad access detected [ 28.441601] [ 28.441762] Memory state around the buggy address: [ 28.442271] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.442956] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.443579] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.444224] ^ [ 28.444406] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.444614] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.444980] ================================================================== [ 27.828641] ================================================================== [ 27.828973] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 27.829556] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.829876] [ 27.829979] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.830025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.830038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.830060] Call Trace: [ 27.830078] <TASK> [ 27.830094] dump_stack_lvl+0x73/0xb0 [ 27.830124] print_report+0xd1/0x640 [ 27.830145] ? __virt_addr_valid+0x1db/0x2d0 [ 27.830168] ? kasan_atomics_helper+0x50d4/0x5450 [ 27.830188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.830215] ? kasan_atomics_helper+0x50d4/0x5450 [ 27.830236] kasan_report+0x141/0x180 [ 27.830258] ? kasan_atomics_helper+0x50d4/0x5450 [ 27.830283] __asan_report_store8_noabort+0x1b/0x30 [ 27.830318] kasan_atomics_helper+0x50d4/0x5450 [ 27.830341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.830362] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.830386] ? kasan_atomics+0x152/0x310 [ 27.830411] kasan_atomics+0x1dc/0x310 [ 27.830434] ? __pfx_kasan_atomics+0x10/0x10 [ 27.830457] ? __pfx_read_tsc+0x10/0x10 [ 27.830479] ? ktime_get_ts64+0x86/0x230 [ 27.830506] kunit_try_run_case+0x1a5/0x480 [ 27.830530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.830552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.830588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.830620] ? __kthread_parkme+0x82/0x180 [ 27.830640] ? preempt_count_sub+0x50/0x80 [ 27.830669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.830693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.830716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.830739] kthread+0x337/0x6f0 [ 27.830759] ? trace_preempt_on+0x20/0xc0 [ 27.830782] ? __pfx_kthread+0x10/0x10 [ 27.830802] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.830832] ? calculate_sigpending+0x7b/0xa0 [ 27.830857] ? __pfx_kthread+0x10/0x10 [ 27.830878] ret_from_fork+0x116/0x1d0 [ 27.830898] ? __pfx_kthread+0x10/0x10 [ 27.830937] ret_from_fork_asm+0x1a/0x30 [ 27.830970] </TASK> [ 27.830981] [ 27.838719] Allocated by task 313: [ 27.838917] kasan_save_stack+0x45/0x70 [ 27.839288] kasan_save_track+0x18/0x40 [ 27.839503] kasan_save_alloc_info+0x3b/0x50 [ 27.839737] __kasan_kmalloc+0xb7/0xc0 [ 27.839917] __kmalloc_cache_noprof+0x189/0x420 [ 27.840296] kasan_atomics+0x95/0x310 [ 27.840439] kunit_try_run_case+0x1a5/0x480 [ 27.840627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.840794] kthread+0x337/0x6f0 [ 27.841045] ret_from_fork+0x116/0x1d0 [ 27.841371] ret_from_fork_asm+0x1a/0x30 [ 27.841544] [ 27.841613] The buggy address belongs to the object at ffff8881053c7b80 [ 27.841613] which belongs to the cache kmalloc-64 of size 64 [ 27.841959] The buggy address is located 0 bytes to the right of [ 27.841959] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.843671] [ 27.843831] The buggy address belongs to the physical page: [ 27.844105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.845730] flags: 0x200000000000000(node=0|zone=2) [ 27.846391] page_type: f5(slab) [ 27.846588] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.847117] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.847674] page dumped because: kasan: bad access detected [ 27.848026] [ 27.848215] Memory state around the buggy address: [ 27.848719] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.849356] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.849770] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.850242] ^ [ 27.850625] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.851138] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.851636] ================================================================== [ 28.392294] ================================================================== [ 28.392540] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 28.392766] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.393372] [ 28.393478] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.393525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.393538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.393560] Call Trace: [ 28.393579] <TASK> [ 28.393593] dump_stack_lvl+0x73/0xb0 [ 28.393643] print_report+0xd1/0x640 [ 28.393666] ? __virt_addr_valid+0x1db/0x2d0 [ 28.393690] ? kasan_atomics_helper+0x218a/0x5450 [ 28.393711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.393738] ? kasan_atomics_helper+0x218a/0x5450 [ 28.393759] kasan_report+0x141/0x180 [ 28.393781] ? kasan_atomics_helper+0x218a/0x5450 [ 28.393807] kasan_check_range+0x10c/0x1c0 [ 28.393832] __kasan_check_write+0x18/0x20 [ 28.393855] kasan_atomics_helper+0x218a/0x5450 [ 28.393878] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.393900] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.393925] ? kasan_atomics+0x152/0x310 [ 28.393951] kasan_atomics+0x1dc/0x310 [ 28.393973] ? __pfx_kasan_atomics+0x10/0x10 [ 28.393998] ? __pfx_read_tsc+0x10/0x10 [ 28.394020] ? ktime_get_ts64+0x86/0x230 [ 28.394045] kunit_try_run_case+0x1a5/0x480 [ 28.394070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.394093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.394129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.394162] ? __kthread_parkme+0x82/0x180 [ 28.394183] ? preempt_count_sub+0x50/0x80 [ 28.394207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.394231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.394255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.394278] kthread+0x337/0x6f0 [ 28.394298] ? trace_preempt_on+0x20/0xc0 [ 28.394322] ? __pfx_kthread+0x10/0x10 [ 28.394356] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.394386] ? calculate_sigpending+0x7b/0xa0 [ 28.394411] ? __pfx_kthread+0x10/0x10 [ 28.394433] ret_from_fork+0x116/0x1d0 [ 28.394453] ? __pfx_kthread+0x10/0x10 [ 28.394474] ret_from_fork_asm+0x1a/0x30 [ 28.394506] </TASK> [ 28.394517] [ 28.403057] Allocated by task 313: [ 28.403194] kasan_save_stack+0x45/0x70 [ 28.403362] kasan_save_track+0x18/0x40 [ 28.403715] kasan_save_alloc_info+0x3b/0x50 [ 28.404136] __kasan_kmalloc+0xb7/0xc0 [ 28.405033] __kmalloc_cache_noprof+0x189/0x420 [ 28.405417] kasan_atomics+0x95/0x310 [ 28.405602] kunit_try_run_case+0x1a5/0x480 [ 28.405798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.406307] kthread+0x337/0x6f0 [ 28.406760] ret_from_fork+0x116/0x1d0 [ 28.406962] ret_from_fork_asm+0x1a/0x30 [ 28.407107] [ 28.407176] The buggy address belongs to the object at ffff8881053c7b80 [ 28.407176] which belongs to the cache kmalloc-64 of size 64 [ 28.408582] The buggy address is located 0 bytes to the right of [ 28.408582] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.409525] [ 28.409632] The buggy address belongs to the physical page: [ 28.410075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.410562] flags: 0x200000000000000(node=0|zone=2) [ 28.410791] page_type: f5(slab) [ 28.411219] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.411692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.412325] page dumped because: kasan: bad access detected [ 28.412872] [ 28.413102] Memory state around the buggy address: [ 28.413464] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.413759] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.414406] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.414729] ^ [ 28.414935] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.415785] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.416274] ================================================================== [ 26.972653] ================================================================== [ 26.973291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 26.973803] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 26.974226] [ 26.974650] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.974778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.974793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.974817] Call Trace: [ 26.974837] <TASK> [ 26.974855] dump_stack_lvl+0x73/0xb0 [ 26.974891] print_report+0xd1/0x640 [ 26.974914] ? __virt_addr_valid+0x1db/0x2d0 [ 26.974938] ? kasan_atomics_helper+0x4b88/0x5450 [ 26.974958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.974984] ? kasan_atomics_helper+0x4b88/0x5450 [ 26.975004] kasan_report+0x141/0x180 [ 26.975025] ? kasan_atomics_helper+0x4b88/0x5450 [ 26.975050] __asan_report_load4_noabort+0x18/0x20 [ 26.975074] kasan_atomics_helper+0x4b88/0x5450 [ 26.975095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.975118] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.975144] ? kasan_atomics+0x152/0x310 [ 26.975168] kasan_atomics+0x1dc/0x310 [ 26.975190] ? __pfx_kasan_atomics+0x10/0x10 [ 26.975213] ? __pfx_read_tsc+0x10/0x10 [ 26.975236] ? ktime_get_ts64+0x86/0x230 [ 26.975261] kunit_try_run_case+0x1a5/0x480 [ 26.975313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.975335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.975385] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.975419] ? __kthread_parkme+0x82/0x180 [ 26.975439] ? preempt_count_sub+0x50/0x80 [ 26.975462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.975485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.975508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.975530] kthread+0x337/0x6f0 [ 26.975549] ? trace_preempt_on+0x20/0xc0 [ 26.975572] ? __pfx_kthread+0x10/0x10 [ 26.975591] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.975621] ? calculate_sigpending+0x7b/0xa0 [ 26.975645] ? __pfx_kthread+0x10/0x10 [ 26.975666] ret_from_fork+0x116/0x1d0 [ 26.975684] ? __pfx_kthread+0x10/0x10 [ 26.975703] ret_from_fork_asm+0x1a/0x30 [ 26.975734] </TASK> [ 26.975744] [ 26.991572] Allocated by task 313: [ 26.991713] kasan_save_stack+0x45/0x70 [ 26.992413] kasan_save_track+0x18/0x40 [ 26.992768] kasan_save_alloc_info+0x3b/0x50 [ 26.993334] __kasan_kmalloc+0xb7/0xc0 [ 26.993743] __kmalloc_cache_noprof+0x189/0x420 [ 26.994224] kasan_atomics+0x95/0x310 [ 26.994427] kunit_try_run_case+0x1a5/0x480 [ 26.994619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.995036] kthread+0x337/0x6f0 [ 26.995183] ret_from_fork+0x116/0x1d0 [ 26.995364] ret_from_fork_asm+0x1a/0x30 [ 26.995557] [ 26.995631] The buggy address belongs to the object at ffff8881053c7b80 [ 26.995631] which belongs to the cache kmalloc-64 of size 64 [ 26.996691] The buggy address is located 0 bytes to the right of [ 26.996691] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 26.997456] [ 26.997543] The buggy address belongs to the physical page: [ 26.997760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 26.998098] flags: 0x200000000000000(node=0|zone=2) [ 26.998324] page_type: f5(slab) [ 26.998464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.998783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.999078] page dumped because: kasan: bad access detected [ 26.999802] [ 26.999897] Memory state around the buggy address: [ 27.000057] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.000723] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.001025] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.001664] ^ [ 27.001828] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.002039] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.002245] ================================================================== [ 27.739965] ================================================================== [ 27.740277] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 27.740602] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.741204] [ 27.741841] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.741898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.741913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.742049] Call Trace: [ 27.742072] <TASK> [ 27.742090] dump_stack_lvl+0x73/0xb0 [ 27.742125] print_report+0xd1/0x640 [ 27.742149] ? __virt_addr_valid+0x1db/0x2d0 [ 27.742215] ? kasan_atomics_helper+0x49ce/0x5450 [ 27.742239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.742265] ? kasan_atomics_helper+0x49ce/0x5450 [ 27.742287] kasan_report+0x141/0x180 [ 27.742319] ? kasan_atomics_helper+0x49ce/0x5450 [ 27.742346] __asan_report_load4_noabort+0x18/0x20 [ 27.742370] kasan_atomics_helper+0x49ce/0x5450 [ 27.742393] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.742415] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.742441] ? kasan_atomics+0x152/0x310 [ 27.742467] kasan_atomics+0x1dc/0x310 [ 27.742490] ? __pfx_kasan_atomics+0x10/0x10 [ 27.742514] ? __pfx_read_tsc+0x10/0x10 [ 27.742537] ? ktime_get_ts64+0x86/0x230 [ 27.742564] kunit_try_run_case+0x1a5/0x480 [ 27.742590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.742614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.742650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.742689] ? __kthread_parkme+0x82/0x180 [ 27.742711] ? preempt_count_sub+0x50/0x80 [ 27.742735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.742759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.742783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.742820] kthread+0x337/0x6f0 [ 27.742849] ? trace_preempt_on+0x20/0xc0 [ 27.742873] ? __pfx_kthread+0x10/0x10 [ 27.742895] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.742927] ? calculate_sigpending+0x7b/0xa0 [ 27.742952] ? __pfx_kthread+0x10/0x10 [ 27.742974] ret_from_fork+0x116/0x1d0 [ 27.742994] ? __pfx_kthread+0x10/0x10 [ 27.743014] ret_from_fork_asm+0x1a/0x30 [ 27.743046] </TASK> [ 27.743058] [ 27.754558] Allocated by task 313: [ 27.754739] kasan_save_stack+0x45/0x70 [ 27.755015] kasan_save_track+0x18/0x40 [ 27.755204] kasan_save_alloc_info+0x3b/0x50 [ 27.755420] __kasan_kmalloc+0xb7/0xc0 [ 27.755571] __kmalloc_cache_noprof+0x189/0x420 [ 27.756103] kasan_atomics+0x95/0x310 [ 27.756354] kunit_try_run_case+0x1a5/0x480 [ 27.756535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.756757] kthread+0x337/0x6f0 [ 27.757073] ret_from_fork+0x116/0x1d0 [ 27.757210] ret_from_fork_asm+0x1a/0x30 [ 27.757753] [ 27.757928] The buggy address belongs to the object at ffff8881053c7b80 [ 27.757928] which belongs to the cache kmalloc-64 of size 64 [ 27.758646] The buggy address is located 0 bytes to the right of [ 27.758646] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.759572] [ 27.759737] The buggy address belongs to the physical page: [ 27.760119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.760591] flags: 0x200000000000000(node=0|zone=2) [ 27.760898] page_type: f5(slab) [ 27.761102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.761566] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.761882] page dumped because: kasan: bad access detected [ 27.762235] [ 27.762547] Memory state around the buggy address: [ 27.762718] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.763030] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.763550] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.764032] ^ [ 27.764255] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.764717] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.765196] ================================================================== [ 27.272283] ================================================================== [ 27.272602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 27.273076] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.273566] [ 27.273665] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.273779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.273794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.273818] Call Trace: [ 27.273832] <TASK> [ 27.273848] dump_stack_lvl+0x73/0xb0 [ 27.273882] print_report+0xd1/0x640 [ 27.273903] ? __virt_addr_valid+0x1db/0x2d0 [ 27.273927] ? kasan_atomics_helper+0x992/0x5450 [ 27.274017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.274043] ? kasan_atomics_helper+0x992/0x5450 [ 27.274064] kasan_report+0x141/0x180 [ 27.274086] ? kasan_atomics_helper+0x992/0x5450 [ 27.274111] kasan_check_range+0x10c/0x1c0 [ 27.274134] __kasan_check_write+0x18/0x20 [ 27.274157] kasan_atomics_helper+0x992/0x5450 [ 27.274178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.274199] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.274223] ? kasan_atomics+0x152/0x310 [ 27.274248] kasan_atomics+0x1dc/0x310 [ 27.274270] ? __pfx_kasan_atomics+0x10/0x10 [ 27.274305] ? __pfx_read_tsc+0x10/0x10 [ 27.274328] ? ktime_get_ts64+0x86/0x230 [ 27.274352] kunit_try_run_case+0x1a5/0x480 [ 27.274376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.274397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.274431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.274463] ? __kthread_parkme+0x82/0x180 [ 27.274483] ? preempt_count_sub+0x50/0x80 [ 27.274505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.274528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.274551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.274573] kthread+0x337/0x6f0 [ 27.274593] ? trace_preempt_on+0x20/0xc0 [ 27.274615] ? __pfx_kthread+0x10/0x10 [ 27.274634] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.274667] ? calculate_sigpending+0x7b/0xa0 [ 27.274691] ? __pfx_kthread+0x10/0x10 [ 27.274712] ret_from_fork+0x116/0x1d0 [ 27.274730] ? __pfx_kthread+0x10/0x10 [ 27.274750] ret_from_fork_asm+0x1a/0x30 [ 27.274780] </TASK> [ 27.274790] [ 27.285435] Allocated by task 313: [ 27.285632] kasan_save_stack+0x45/0x70 [ 27.285812] kasan_save_track+0x18/0x40 [ 27.285946] kasan_save_alloc_info+0x3b/0x50 [ 27.286153] __kasan_kmalloc+0xb7/0xc0 [ 27.286327] __kmalloc_cache_noprof+0x189/0x420 [ 27.286524] kasan_atomics+0x95/0x310 [ 27.286695] kunit_try_run_case+0x1a5/0x480 [ 27.286865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.287107] kthread+0x337/0x6f0 [ 27.287257] ret_from_fork+0x116/0x1d0 [ 27.288209] ret_from_fork_asm+0x1a/0x30 [ 27.288380] [ 27.288714] The buggy address belongs to the object at ffff8881053c7b80 [ 27.288714] which belongs to the cache kmalloc-64 of size 64 [ 27.289633] The buggy address is located 0 bytes to the right of [ 27.289633] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.290206] [ 27.290323] The buggy address belongs to the physical page: [ 27.290776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.291301] flags: 0x200000000000000(node=0|zone=2) [ 27.291536] page_type: f5(slab) [ 27.292053] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.292534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.292991] page dumped because: kasan: bad access detected [ 27.293193] [ 27.293436] Memory state around the buggy address: [ 27.293701] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.294167] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.294469] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.294759] ^ [ 27.294954] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.295243] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.295554] ================================================================== [ 27.966558] ================================================================== [ 27.967136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 27.967464] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.967758] [ 27.967914] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.967960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.967973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.968051] Call Trace: [ 27.968070] <TASK> [ 27.968086] dump_stack_lvl+0x73/0xb0 [ 27.968116] print_report+0xd1/0x640 [ 27.968139] ? __virt_addr_valid+0x1db/0x2d0 [ 27.968163] ? kasan_atomics_helper+0x1818/0x5450 [ 27.968184] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.968211] ? kasan_atomics_helper+0x1818/0x5450 [ 27.968234] kasan_report+0x141/0x180 [ 27.968255] ? kasan_atomics_helper+0x1818/0x5450 [ 27.968282] kasan_check_range+0x10c/0x1c0 [ 27.968310] __kasan_check_write+0x18/0x20 [ 27.968350] kasan_atomics_helper+0x1818/0x5450 [ 27.968373] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.968396] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.968421] ? kasan_atomics+0x152/0x310 [ 27.968448] kasan_atomics+0x1dc/0x310 [ 27.968471] ? __pfx_kasan_atomics+0x10/0x10 [ 27.968495] ? __pfx_read_tsc+0x10/0x10 [ 27.968517] ? ktime_get_ts64+0x86/0x230 [ 27.968542] kunit_try_run_case+0x1a5/0x480 [ 27.968567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.968590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.968625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.968658] ? __kthread_parkme+0x82/0x180 [ 27.968679] ? preempt_count_sub+0x50/0x80 [ 27.968703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.968727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.968751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.968774] kthread+0x337/0x6f0 [ 27.968878] ? trace_preempt_on+0x20/0xc0 [ 27.968905] ? __pfx_kthread+0x10/0x10 [ 27.968927] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.968959] ? calculate_sigpending+0x7b/0xa0 [ 27.968984] ? __pfx_kthread+0x10/0x10 [ 27.969007] ret_from_fork+0x116/0x1d0 [ 27.969027] ? __pfx_kthread+0x10/0x10 [ 27.969048] ret_from_fork_asm+0x1a/0x30 [ 27.969079] </TASK> [ 27.969090] [ 27.980160] Allocated by task 313: [ 27.980353] kasan_save_stack+0x45/0x70 [ 27.980543] kasan_save_track+0x18/0x40 [ 27.980716] kasan_save_alloc_info+0x3b/0x50 [ 27.980898] __kasan_kmalloc+0xb7/0xc0 [ 27.981063] __kmalloc_cache_noprof+0x189/0x420 [ 27.981215] kasan_atomics+0x95/0x310 [ 27.981354] kunit_try_run_case+0x1a5/0x480 [ 27.981497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.981678] kthread+0x337/0x6f0 [ 27.982114] ret_from_fork+0x116/0x1d0 [ 27.982307] ret_from_fork_asm+0x1a/0x30 [ 27.982512] [ 27.982602] The buggy address belongs to the object at ffff8881053c7b80 [ 27.982602] which belongs to the cache kmalloc-64 of size 64 [ 27.983096] The buggy address is located 0 bytes to the right of [ 27.983096] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.983764] [ 27.983919] The buggy address belongs to the physical page: [ 27.984155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.984448] flags: 0x200000000000000(node=0|zone=2) [ 27.984626] page_type: f5(slab) [ 27.984791] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.985216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.985537] page dumped because: kasan: bad access detected [ 27.985725] [ 27.985790] Memory state around the buggy address: [ 27.986066] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.986362] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.986631] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.987045] ^ [ 27.987249] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.987530] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.987807] ================================================================== [ 27.598451] ================================================================== [ 27.598693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 27.599038] Read of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.599334] [ 27.599449] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.599778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.599793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.599817] Call Trace: [ 27.599835] <TASK> [ 27.599850] dump_stack_lvl+0x73/0xb0 [ 27.599881] print_report+0xd1/0x640 [ 27.599904] ? __virt_addr_valid+0x1db/0x2d0 [ 27.599928] ? kasan_atomics_helper+0x4a1c/0x5450 [ 27.599949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.599976] ? kasan_atomics_helper+0x4a1c/0x5450 [ 27.599998] kasan_report+0x141/0x180 [ 27.600042] ? kasan_atomics_helper+0x4a1c/0x5450 [ 27.600075] __asan_report_load4_noabort+0x18/0x20 [ 27.600100] kasan_atomics_helper+0x4a1c/0x5450 [ 27.600123] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.600146] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.600172] ? kasan_atomics+0x152/0x310 [ 27.600198] kasan_atomics+0x1dc/0x310 [ 27.600221] ? __pfx_kasan_atomics+0x10/0x10 [ 27.600245] ? __pfx_read_tsc+0x10/0x10 [ 27.600268] ? ktime_get_ts64+0x86/0x230 [ 27.600294] kunit_try_run_case+0x1a5/0x480 [ 27.600331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.600354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.600390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.600423] ? __kthread_parkme+0x82/0x180 [ 27.600444] ? preempt_count_sub+0x50/0x80 [ 27.600468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.600492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.600515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.600539] kthread+0x337/0x6f0 [ 27.600559] ? trace_preempt_on+0x20/0xc0 [ 27.600582] ? __pfx_kthread+0x10/0x10 [ 27.600605] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.600635] ? calculate_sigpending+0x7b/0xa0 [ 27.600660] ? __pfx_kthread+0x10/0x10 [ 27.600682] ret_from_fork+0x116/0x1d0 [ 27.600701] ? __pfx_kthread+0x10/0x10 [ 27.600722] ret_from_fork_asm+0x1a/0x30 [ 27.600754] </TASK> [ 27.600766] [ 27.609219] Allocated by task 313: [ 27.609443] kasan_save_stack+0x45/0x70 [ 27.609587] kasan_save_track+0x18/0x40 [ 27.609716] kasan_save_alloc_info+0x3b/0x50 [ 27.609859] __kasan_kmalloc+0xb7/0xc0 [ 27.610203] __kmalloc_cache_noprof+0x189/0x420 [ 27.610523] kasan_atomics+0x95/0x310 [ 27.610701] kunit_try_run_case+0x1a5/0x480 [ 27.611017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.611247] kthread+0x337/0x6f0 [ 27.611397] ret_from_fork+0x116/0x1d0 [ 27.611624] ret_from_fork_asm+0x1a/0x30 [ 27.611785] [ 27.611917] The buggy address belongs to the object at ffff8881053c7b80 [ 27.611917] which belongs to the cache kmalloc-64 of size 64 [ 27.612462] The buggy address is located 0 bytes to the right of [ 27.612462] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.612872] [ 27.612938] The buggy address belongs to the physical page: [ 27.613104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.613644] flags: 0x200000000000000(node=0|zone=2) [ 27.613889] page_type: f5(slab) [ 27.614143] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.614405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.614907] page dumped because: kasan: bad access detected [ 27.615128] [ 27.615215] Memory state around the buggy address: [ 27.615395] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.615604] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.615810] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.616015] ^ [ 27.616161] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.616375] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.616950] ================================================================== [ 27.072520] ================================================================== [ 27.073109] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 27.073468] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.073839] [ 27.073946] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.073994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.074005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.074121] Call Trace: [ 27.074140] <TASK> [ 27.074154] dump_stack_lvl+0x73/0xb0 [ 27.074187] print_report+0xd1/0x640 [ 27.074210] ? __virt_addr_valid+0x1db/0x2d0 [ 27.074233] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.074253] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.074291] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.074313] kasan_report+0x141/0x180 [ 27.074334] ? kasan_atomics_helper+0x4a0/0x5450 [ 27.074359] kasan_check_range+0x10c/0x1c0 [ 27.074381] __kasan_check_write+0x18/0x20 [ 27.074404] kasan_atomics_helper+0x4a0/0x5450 [ 27.074425] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.074446] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.074470] ? kasan_atomics+0x152/0x310 [ 27.074495] kasan_atomics+0x1dc/0x310 [ 27.074517] ? __pfx_kasan_atomics+0x10/0x10 [ 27.074540] ? __pfx_read_tsc+0x10/0x10 [ 27.074561] ? ktime_get_ts64+0x86/0x230 [ 27.074586] kunit_try_run_case+0x1a5/0x480 [ 27.074609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.074630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.074679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.074712] ? __kthread_parkme+0x82/0x180 [ 27.074731] ? preempt_count_sub+0x50/0x80 [ 27.074773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.074797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.074819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.074895] kthread+0x337/0x6f0 [ 27.074919] ? trace_preempt_on+0x20/0xc0 [ 27.074941] ? __pfx_kthread+0x10/0x10 [ 27.074961] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.075005] ? calculate_sigpending+0x7b/0xa0 [ 27.075030] ? __pfx_kthread+0x10/0x10 [ 27.075051] ret_from_fork+0x116/0x1d0 [ 27.075080] ? __pfx_kthread+0x10/0x10 [ 27.075100] ret_from_fork_asm+0x1a/0x30 [ 27.075132] </TASK> [ 27.075143] [ 27.083445] Allocated by task 313: [ 27.083623] kasan_save_stack+0x45/0x70 [ 27.083801] kasan_save_track+0x18/0x40 [ 27.083969] kasan_save_alloc_info+0x3b/0x50 [ 27.084164] __kasan_kmalloc+0xb7/0xc0 [ 27.084327] __kmalloc_cache_noprof+0x189/0x420 [ 27.084534] kasan_atomics+0x95/0x310 [ 27.084683] kunit_try_run_case+0x1a5/0x480 [ 27.084885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.085093] kthread+0x337/0x6f0 [ 27.085242] ret_from_fork+0x116/0x1d0 [ 27.085572] ret_from_fork_asm+0x1a/0x30 [ 27.085767] [ 27.086000] The buggy address belongs to the object at ffff8881053c7b80 [ 27.086000] which belongs to the cache kmalloc-64 of size 64 [ 27.086394] The buggy address is located 0 bytes to the right of [ 27.086394] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.086759] [ 27.086844] The buggy address belongs to the physical page: [ 27.087085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.087606] flags: 0x200000000000000(node=0|zone=2) [ 27.087878] page_type: f5(slab) [ 27.088054] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.088634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.088851] page dumped because: kasan: bad access detected [ 27.089012] [ 27.089168] Memory state around the buggy address: [ 27.089395] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.090045] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.090396] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.090699] ^ [ 27.090906] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.091259] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.091563] ================================================================== [ 26.950165] ================================================================== [ 26.950530] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 26.951055] Write of size 4 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 26.951358] [ 26.951466] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.951514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.951526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.951549] Call Trace: [ 26.951562] <TASK> [ 26.951579] dump_stack_lvl+0x73/0xb0 [ 26.951610] print_report+0xd1/0x640 [ 26.951633] ? __virt_addr_valid+0x1db/0x2d0 [ 26.951656] ? kasan_atomics_helper+0x4ba2/0x5450 [ 26.951676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.951702] ? kasan_atomics_helper+0x4ba2/0x5450 [ 26.951723] kasan_report+0x141/0x180 [ 26.951744] ? kasan_atomics_helper+0x4ba2/0x5450 [ 26.951769] __asan_report_store4_noabort+0x1b/0x30 [ 26.951793] kasan_atomics_helper+0x4ba2/0x5450 [ 26.951877] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.951901] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.951927] ? kasan_atomics+0x152/0x310 [ 26.951952] kasan_atomics+0x1dc/0x310 [ 26.951974] ? __pfx_kasan_atomics+0x10/0x10 [ 26.951998] ? __pfx_read_tsc+0x10/0x10 [ 26.952020] ? ktime_get_ts64+0x86/0x230 [ 26.952045] kunit_try_run_case+0x1a5/0x480 [ 26.952069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.952093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.952128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.952160] ? __kthread_parkme+0x82/0x180 [ 26.952181] ? preempt_count_sub+0x50/0x80 [ 26.952205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.952229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.952250] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.952285] kthread+0x337/0x6f0 [ 26.952305] ? trace_preempt_on+0x20/0xc0 [ 26.952327] ? __pfx_kthread+0x10/0x10 [ 26.952348] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.952378] ? calculate_sigpending+0x7b/0xa0 [ 26.952403] ? __pfx_kthread+0x10/0x10 [ 26.952423] ret_from_fork+0x116/0x1d0 [ 26.952442] ? __pfx_kthread+0x10/0x10 [ 26.952461] ret_from_fork_asm+0x1a/0x30 [ 26.952491] </TASK> [ 26.952502] [ 26.960411] Allocated by task 313: [ 26.960555] kasan_save_stack+0x45/0x70 [ 26.960699] kasan_save_track+0x18/0x40 [ 26.960827] kasan_save_alloc_info+0x3b/0x50 [ 26.960969] __kasan_kmalloc+0xb7/0xc0 [ 26.961092] __kmalloc_cache_noprof+0x189/0x420 [ 26.961315] kasan_atomics+0x95/0x310 [ 26.961492] kunit_try_run_case+0x1a5/0x480 [ 26.961663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.961839] kthread+0x337/0x6f0 [ 26.961955] ret_from_fork+0x116/0x1d0 [ 26.962082] ret_from_fork_asm+0x1a/0x30 [ 26.962215] [ 26.962287] The buggy address belongs to the object at ffff8881053c7b80 [ 26.962287] which belongs to the cache kmalloc-64 of size 64 [ 26.962676] The buggy address is located 0 bytes to the right of [ 26.962676] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 26.964401] [ 26.964483] The buggy address belongs to the physical page: [ 26.964649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 26.964908] flags: 0x200000000000000(node=0|zone=2) [ 26.965067] page_type: f5(slab) [ 26.965186] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.967472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.968737] page dumped because: kasan: bad access detected [ 26.969204] [ 26.969321] Memory state around the buggy address: [ 26.969551] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.969953] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.970287] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.970552] ^ [ 26.970758] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.971047] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.972029] ================================================================== [ 28.064603] ================================================================== [ 28.064992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 28.065307] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.065603] [ 28.065697] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.065743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.065755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.065778] Call Trace: [ 28.065812] <TASK> [ 28.065826] dump_stack_lvl+0x73/0xb0 [ 28.065859] print_report+0xd1/0x640 [ 28.065881] ? __virt_addr_valid+0x1db/0x2d0 [ 28.065906] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.065927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.065954] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.065976] kasan_report+0x141/0x180 [ 28.065999] ? kasan_atomics_helper+0x1b22/0x5450 [ 28.066025] kasan_check_range+0x10c/0x1c0 [ 28.066049] __kasan_check_write+0x18/0x20 [ 28.066073] kasan_atomics_helper+0x1b22/0x5450 [ 28.066096] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.066118] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.066143] ? kasan_atomics+0x152/0x310 [ 28.066169] kasan_atomics+0x1dc/0x310 [ 28.066193] ? __pfx_kasan_atomics+0x10/0x10 [ 28.066217] ? __pfx_read_tsc+0x10/0x10 [ 28.066239] ? ktime_get_ts64+0x86/0x230 [ 28.066264] kunit_try_run_case+0x1a5/0x480 [ 28.066289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.066311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.066358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.066392] ? __kthread_parkme+0x82/0x180 [ 28.066412] ? preempt_count_sub+0x50/0x80 [ 28.066436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.066461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.066485] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.066509] kthread+0x337/0x6f0 [ 28.066529] ? trace_preempt_on+0x20/0xc0 [ 28.066553] ? __pfx_kthread+0x10/0x10 [ 28.066575] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.066605] ? calculate_sigpending+0x7b/0xa0 [ 28.066630] ? __pfx_kthread+0x10/0x10 [ 28.066653] ret_from_fork+0x116/0x1d0 [ 28.066677] ? __pfx_kthread+0x10/0x10 [ 28.066698] ret_from_fork_asm+0x1a/0x30 [ 28.066729] </TASK> [ 28.066740] [ 28.074696] Allocated by task 313: [ 28.074823] kasan_save_stack+0x45/0x70 [ 28.074961] kasan_save_track+0x18/0x40 [ 28.075089] kasan_save_alloc_info+0x3b/0x50 [ 28.075230] __kasan_kmalloc+0xb7/0xc0 [ 28.075391] __kmalloc_cache_noprof+0x189/0x420 [ 28.075776] kasan_atomics+0x95/0x310 [ 28.075981] kunit_try_run_case+0x1a5/0x480 [ 28.076181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.076439] kthread+0x337/0x6f0 [ 28.076601] ret_from_fork+0x116/0x1d0 [ 28.076783] ret_from_fork_asm+0x1a/0x30 [ 28.076973] [ 28.077065] The buggy address belongs to the object at ffff8881053c7b80 [ 28.077065] which belongs to the cache kmalloc-64 of size 64 [ 28.077608] The buggy address is located 0 bytes to the right of [ 28.077608] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.078182] [ 28.078277] The buggy address belongs to the physical page: [ 28.078501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.078784] flags: 0x200000000000000(node=0|zone=2) [ 28.079164] page_type: f5(slab) [ 28.079345] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.079606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.079913] page dumped because: kasan: bad access detected [ 28.080223] [ 28.080313] Memory state around the buggy address: [ 28.080547] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.080771] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.081168] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.081410] ^ [ 28.081560] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.081849] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.082160] ================================================================== [ 27.809591] ================================================================== [ 27.810442] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 27.810771] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 27.811515] [ 27.811630] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 27.811690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.811704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.811729] Call Trace: [ 27.811750] <TASK> [ 27.811768] dump_stack_lvl+0x73/0xb0 [ 27.811804] print_report+0xd1/0x640 [ 27.811828] ? __virt_addr_valid+0x1db/0x2d0 [ 27.811986] ? kasan_atomics_helper+0x1467/0x5450 [ 27.812010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.812037] ? kasan_atomics_helper+0x1467/0x5450 [ 27.812059] kasan_report+0x141/0x180 [ 27.812117] ? kasan_atomics_helper+0x1467/0x5450 [ 27.812146] kasan_check_range+0x10c/0x1c0 [ 27.812173] __kasan_check_write+0x18/0x20 [ 27.812197] kasan_atomics_helper+0x1467/0x5450 [ 27.812219] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 27.812242] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.812267] ? kasan_atomics+0x152/0x310 [ 27.812293] kasan_atomics+0x1dc/0x310 [ 27.812328] ? __pfx_kasan_atomics+0x10/0x10 [ 27.812352] ? __pfx_read_tsc+0x10/0x10 [ 27.812375] ? ktime_get_ts64+0x86/0x230 [ 27.812401] kunit_try_run_case+0x1a5/0x480 [ 27.812427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.812451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.812487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.812521] ? __kthread_parkme+0x82/0x180 [ 27.812542] ? preempt_count_sub+0x50/0x80 [ 27.812566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.812591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.812614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.812638] kthread+0x337/0x6f0 [ 27.812659] ? trace_preempt_on+0x20/0xc0 [ 27.812683] ? __pfx_kthread+0x10/0x10 [ 27.812704] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.812738] ? calculate_sigpending+0x7b/0xa0 [ 27.812765] ? __pfx_kthread+0x10/0x10 [ 27.812789] ret_from_fork+0x116/0x1d0 [ 27.812822] ? __pfx_kthread+0x10/0x10 [ 27.812851] ret_from_fork_asm+0x1a/0x30 [ 27.812884] </TASK> [ 27.812896] [ 27.820372] Allocated by task 313: [ 27.820562] kasan_save_stack+0x45/0x70 [ 27.820759] kasan_save_track+0x18/0x40 [ 27.820945] kasan_save_alloc_info+0x3b/0x50 [ 27.821217] __kasan_kmalloc+0xb7/0xc0 [ 27.821630] __kmalloc_cache_noprof+0x189/0x420 [ 27.821857] kasan_atomics+0x95/0x310 [ 27.821987] kunit_try_run_case+0x1a5/0x480 [ 27.822129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.822684] kthread+0x337/0x6f0 [ 27.822958] ret_from_fork+0x116/0x1d0 [ 27.823122] ret_from_fork_asm+0x1a/0x30 [ 27.823327] [ 27.823410] The buggy address belongs to the object at ffff8881053c7b80 [ 27.823410] which belongs to the cache kmalloc-64 of size 64 [ 27.823758] The buggy address is located 0 bytes to the right of [ 27.823758] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 27.824260] [ 27.824365] The buggy address belongs to the physical page: [ 27.824612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 27.824965] flags: 0x200000000000000(node=0|zone=2) [ 27.825200] page_type: f5(slab) [ 27.825517] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 27.825961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 27.826371] page dumped because: kasan: bad access detected [ 27.826538] [ 27.826625] Memory state around the buggy address: [ 27.826849] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.827202] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 27.827470] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 27.827708] ^ [ 27.827857] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.828064] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.828271] ================================================================== [ 28.046022] ================================================================== [ 28.046357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 28.046692] Write of size 8 at addr ffff8881053c7bb0 by task kunit_try_catch/313 [ 28.047550] [ 28.047717] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 28.047771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.047784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.047864] Call Trace: [ 28.047884] <TASK> [ 28.047901] dump_stack_lvl+0x73/0xb0 [ 28.047934] print_report+0xd1/0x640 [ 28.047958] ? __virt_addr_valid+0x1db/0x2d0 [ 28.047981] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.048003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.048029] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.048053] kasan_report+0x141/0x180 [ 28.048076] ? kasan_atomics_helper+0x1a7f/0x5450 [ 28.048102] kasan_check_range+0x10c/0x1c0 [ 28.048126] __kasan_check_write+0x18/0x20 [ 28.048150] kasan_atomics_helper+0x1a7f/0x5450 [ 28.048176] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 28.048200] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.048228] ? kasan_atomics+0x152/0x310 [ 28.048256] kasan_atomics+0x1dc/0x310 [ 28.048278] ? __pfx_kasan_atomics+0x10/0x10 [ 28.048303] ? __pfx_read_tsc+0x10/0x10 [ 28.048340] ? ktime_get_ts64+0x86/0x230 [ 28.048367] kunit_try_run_case+0x1a5/0x480 [ 28.048392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.048416] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.048453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.048487] ? __kthread_parkme+0x82/0x180 [ 28.048509] ? preempt_count_sub+0x50/0x80 [ 28.048533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.048557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.048581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.048606] kthread+0x337/0x6f0 [ 28.048627] ? trace_preempt_on+0x20/0xc0 [ 28.048651] ? __pfx_kthread+0x10/0x10 [ 28.048673] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.048704] ? calculate_sigpending+0x7b/0xa0 [ 28.048729] ? __pfx_kthread+0x10/0x10 [ 28.048752] ret_from_fork+0x116/0x1d0 [ 28.048772] ? __pfx_kthread+0x10/0x10 [ 28.048894] ret_from_fork_asm+0x1a/0x30 [ 28.048929] </TASK> [ 28.048942] [ 28.056749] Allocated by task 313: [ 28.056963] kasan_save_stack+0x45/0x70 [ 28.057132] kasan_save_track+0x18/0x40 [ 28.057332] kasan_save_alloc_info+0x3b/0x50 [ 28.057507] __kasan_kmalloc+0xb7/0xc0 [ 28.057676] __kmalloc_cache_noprof+0x189/0x420 [ 28.057861] kasan_atomics+0x95/0x310 [ 28.058025] kunit_try_run_case+0x1a5/0x480 [ 28.058223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.058404] kthread+0x337/0x6f0 [ 28.058521] ret_from_fork+0x116/0x1d0 [ 28.058648] ret_from_fork_asm+0x1a/0x30 [ 28.058788] [ 28.058853] The buggy address belongs to the object at ffff8881053c7b80 [ 28.058853] which belongs to the cache kmalloc-64 of size 64 [ 28.059201] The buggy address is located 0 bytes to the right of [ 28.059201] allocated 48-byte region [ffff8881053c7b80, ffff8881053c7bb0) [ 28.059875] [ 28.059976] The buggy address belongs to the physical page: [ 28.060225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c7 [ 28.060587] flags: 0x200000000000000(node=0|zone=2) [ 28.060816] page_type: f5(slab) [ 28.060976] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 28.061309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 28.061608] page dumped because: kasan: bad access detected [ 28.061774] [ 28.061837] Memory state around the buggy address: [ 28.061985] ffff8881053c7a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.062514] ffff8881053c7b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 28.062788] >ffff8881053c7b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 28.063256] ^ [ 28.063456] ffff8881053c7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.063753] ffff8881053c7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.064132] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen: Failure
Automatically assigned
[ 26.844557] ================================================================== [ 26.844889] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 26.845182] Read of size 1 at addr ffff8881053c84d0 by task kunit_try_catch/307 [ 26.845509] [ 26.845618] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.845668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.845680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.845703] Call Trace: [ 26.845722] <TASK> [ 26.845740] dump_stack_lvl+0x73/0xb0 [ 26.845770] print_report+0xd1/0x640 [ 26.845793] ? __virt_addr_valid+0x1db/0x2d0 [ 26.845816] ? strnlen+0x73/0x80 [ 26.845834] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.845860] ? strnlen+0x73/0x80 [ 26.845878] kasan_report+0x141/0x180 [ 26.845899] ? strnlen+0x73/0x80 [ 26.845922] __asan_report_load1_noabort+0x18/0x20 [ 26.845946] strnlen+0x73/0x80 [ 26.845967] kasan_strings+0x615/0xe80 [ 26.845986] ? trace_hardirqs_on+0x37/0xe0 [ 26.846021] ? __pfx_kasan_strings+0x10/0x10 [ 26.846108] ? finish_task_switch.isra.0+0x153/0x700 [ 26.846134] ? __switch_to+0x47/0xf80 [ 26.846160] ? __schedule+0x10da/0x2b60 [ 26.846185] ? __pfx_read_tsc+0x10/0x10 [ 26.846205] ? ktime_get_ts64+0x86/0x230 [ 26.846230] kunit_try_run_case+0x1a5/0x480 [ 26.846254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.846285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.846320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.846352] ? __kthread_parkme+0x82/0x180 [ 26.846371] ? preempt_count_sub+0x50/0x80 [ 26.846395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.846418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.846442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.846464] kthread+0x337/0x6f0 [ 26.846483] ? trace_preempt_on+0x20/0xc0 [ 26.846505] ? __pfx_kthread+0x10/0x10 [ 26.846536] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.846567] ? calculate_sigpending+0x7b/0xa0 [ 26.846603] ? __pfx_kthread+0x10/0x10 [ 26.846628] ret_from_fork+0x116/0x1d0 [ 26.846655] ? __pfx_kthread+0x10/0x10 [ 26.846677] ret_from_fork_asm+0x1a/0x30 [ 26.846717] </TASK> [ 26.846728] [ 26.854686] Allocated by task 307: [ 26.855014] kasan_save_stack+0x45/0x70 [ 26.855208] kasan_save_track+0x18/0x40 [ 26.855406] kasan_save_alloc_info+0x3b/0x50 [ 26.855783] __kasan_kmalloc+0xb7/0xc0 [ 26.856047] __kmalloc_cache_noprof+0x189/0x420 [ 26.856267] kasan_strings+0xc0/0xe80 [ 26.856405] kunit_try_run_case+0x1a5/0x480 [ 26.856581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.856846] kthread+0x337/0x6f0 [ 26.857013] ret_from_fork+0x116/0x1d0 [ 26.857279] ret_from_fork_asm+0x1a/0x30 [ 26.857540] [ 26.857617] Freed by task 307: [ 26.857729] kasan_save_stack+0x45/0x70 [ 26.858008] kasan_save_track+0x18/0x40 [ 26.858193] kasan_save_free_info+0x3f/0x60 [ 26.858391] __kasan_slab_free+0x56/0x70 [ 26.858596] kfree+0x222/0x3f0 [ 26.858750] kasan_strings+0x2aa/0xe80 [ 26.858946] kunit_try_run_case+0x1a5/0x480 [ 26.859195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.859432] kthread+0x337/0x6f0 [ 26.859579] ret_from_fork+0x116/0x1d0 [ 26.859768] ret_from_fork_asm+0x1a/0x30 [ 26.860217] [ 26.860325] The buggy address belongs to the object at ffff8881053c84c0 [ 26.860325] which belongs to the cache kmalloc-32 of size 32 [ 26.860933] The buggy address is located 16 bytes inside of [ 26.860933] freed 32-byte region [ffff8881053c84c0, ffff8881053c84e0) [ 26.861412] [ 26.861527] The buggy address belongs to the physical page: [ 26.861696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c8 [ 26.861933] flags: 0x200000000000000(node=0|zone=2) [ 26.862089] page_type: f5(slab) [ 26.862206] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.862525] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.863062] page dumped because: kasan: bad access detected [ 26.863313] [ 26.863397] Memory state around the buggy address: [ 26.863585] ffff8881053c8380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.863792] ffff8881053c8400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.863997] >ffff8881053c8480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.864397] ^ [ 26.864665] ffff8881053c8500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.865109] ffff8881053c8580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.865464] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen: Failure
Automatically assigned
[ 26.819461] ================================================================== [ 26.819763] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 26.820095] Read of size 1 at addr ffff8881053c84d0 by task kunit_try_catch/307 [ 26.820327] [ 26.820412] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.820462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.820475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.820842] Call Trace: [ 26.820862] <TASK> [ 26.820879] dump_stack_lvl+0x73/0xb0 [ 26.820926] print_report+0xd1/0x640 [ 26.820951] ? __virt_addr_valid+0x1db/0x2d0 [ 26.820974] ? strlen+0x8f/0xb0 [ 26.821006] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.821031] ? strlen+0x8f/0xb0 [ 26.821050] kasan_report+0x141/0x180 [ 26.821084] ? strlen+0x8f/0xb0 [ 26.821107] __asan_report_load1_noabort+0x18/0x20 [ 26.821131] strlen+0x8f/0xb0 [ 26.821163] kasan_strings+0x57b/0xe80 [ 26.821182] ? trace_hardirqs_on+0x37/0xe0 [ 26.821205] ? __pfx_kasan_strings+0x10/0x10 [ 26.821235] ? finish_task_switch.isra.0+0x153/0x700 [ 26.821259] ? __switch_to+0x47/0xf80 [ 26.821302] ? __schedule+0x10da/0x2b60 [ 26.821325] ? __pfx_read_tsc+0x10/0x10 [ 26.821347] ? ktime_get_ts64+0x86/0x230 [ 26.821383] kunit_try_run_case+0x1a5/0x480 [ 26.821408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.821430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.821476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.821509] ? __kthread_parkme+0x82/0x180 [ 26.821541] ? preempt_count_sub+0x50/0x80 [ 26.821564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.821587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.821638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.821661] kthread+0x337/0x6f0 [ 26.821693] ? trace_preempt_on+0x20/0xc0 [ 26.821714] ? __pfx_kthread+0x10/0x10 [ 26.821735] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.821764] ? calculate_sigpending+0x7b/0xa0 [ 26.821788] ? __pfx_kthread+0x10/0x10 [ 26.821874] ret_from_fork+0x116/0x1d0 [ 26.821895] ? __pfx_kthread+0x10/0x10 [ 26.821915] ret_from_fork_asm+0x1a/0x30 [ 26.821946] </TASK> [ 26.821958] [ 26.830047] Allocated by task 307: [ 26.830238] kasan_save_stack+0x45/0x70 [ 26.830426] kasan_save_track+0x18/0x40 [ 26.830556] kasan_save_alloc_info+0x3b/0x50 [ 26.830705] __kasan_kmalloc+0xb7/0xc0 [ 26.830858] __kmalloc_cache_noprof+0x189/0x420 [ 26.831073] kasan_strings+0xc0/0xe80 [ 26.831256] kunit_try_run_case+0x1a5/0x480 [ 26.831582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.831902] kthread+0x337/0x6f0 [ 26.832207] ret_from_fork+0x116/0x1d0 [ 26.832409] ret_from_fork_asm+0x1a/0x30 [ 26.832548] [ 26.832611] Freed by task 307: [ 26.832717] kasan_save_stack+0x45/0x70 [ 26.833023] kasan_save_track+0x18/0x40 [ 26.833465] kasan_save_free_info+0x3f/0x60 [ 26.833724] __kasan_slab_free+0x56/0x70 [ 26.834009] kfree+0x222/0x3f0 [ 26.834128] kasan_strings+0x2aa/0xe80 [ 26.834254] kunit_try_run_case+0x1a5/0x480 [ 26.834476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.834739] kthread+0x337/0x6f0 [ 26.834934] ret_from_fork+0x116/0x1d0 [ 26.835299] ret_from_fork_asm+0x1a/0x30 [ 26.835547] [ 26.835666] The buggy address belongs to the object at ffff8881053c84c0 [ 26.835666] which belongs to the cache kmalloc-32 of size 32 [ 26.836137] The buggy address is located 16 bytes inside of [ 26.836137] freed 32-byte region [ffff8881053c84c0, ffff8881053c84e0) [ 26.836709] [ 26.836803] The buggy address belongs to the physical page: [ 26.837071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c8 [ 26.837319] flags: 0x200000000000000(node=0|zone=2) [ 26.837517] page_type: f5(slab) [ 26.837866] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.838360] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.839175] page dumped because: kasan: bad access detected [ 26.839393] [ 26.839480] Memory state around the buggy address: [ 26.839698] ffff8881053c8380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.840505] ffff8881053c8400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.841548] >ffff8881053c8480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.842242] ^ [ 26.842740] ffff8881053c8500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.843382] ffff8881053c8580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.843686] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings: Failure
Automatically assigned
[ 26.794769] ================================================================== [ 26.795180] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 26.795469] Read of size 1 at addr ffff8881053c84d0 by task kunit_try_catch/307 [ 26.795788] [ 26.795954] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.796005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.796018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.796041] Call Trace: [ 26.796060] <TASK> [ 26.796078] dump_stack_lvl+0x73/0xb0 [ 26.796109] print_report+0xd1/0x640 [ 26.796133] ? __virt_addr_valid+0x1db/0x2d0 [ 26.796156] ? kasan_strings+0xcbc/0xe80 [ 26.796178] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.796204] ? kasan_strings+0xcbc/0xe80 [ 26.796224] kasan_report+0x141/0x180 [ 26.796246] ? kasan_strings+0xcbc/0xe80 [ 26.796281] __asan_report_load1_noabort+0x18/0x20 [ 26.796306] kasan_strings+0xcbc/0xe80 [ 26.796325] ? trace_hardirqs_on+0x37/0xe0 [ 26.796349] ? __pfx_kasan_strings+0x10/0x10 [ 26.796369] ? finish_task_switch.isra.0+0x153/0x700 [ 26.796392] ? __switch_to+0x47/0xf80 [ 26.796419] ? __schedule+0x10da/0x2b60 [ 26.796443] ? __pfx_read_tsc+0x10/0x10 [ 26.796464] ? ktime_get_ts64+0x86/0x230 [ 26.796488] kunit_try_run_case+0x1a5/0x480 [ 26.796513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.796535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.796568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.796601] ? __kthread_parkme+0x82/0x180 [ 26.796620] ? preempt_count_sub+0x50/0x80 [ 26.796644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.796667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.796689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.796712] kthread+0x337/0x6f0 [ 26.796731] ? trace_preempt_on+0x20/0xc0 [ 26.796752] ? __pfx_kthread+0x10/0x10 [ 26.796772] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.796852] ? calculate_sigpending+0x7b/0xa0 [ 26.796879] ? __pfx_kthread+0x10/0x10 [ 26.796900] ret_from_fork+0x116/0x1d0 [ 26.796920] ? __pfx_kthread+0x10/0x10 [ 26.796939] ret_from_fork_asm+0x1a/0x30 [ 26.796970] </TASK> [ 26.796980] [ 26.804313] Allocated by task 307: [ 26.804467] kasan_save_stack+0x45/0x70 [ 26.804658] kasan_save_track+0x18/0x40 [ 26.804829] kasan_save_alloc_info+0x3b/0x50 [ 26.805021] __kasan_kmalloc+0xb7/0xc0 [ 26.805174] __kmalloc_cache_noprof+0x189/0x420 [ 26.805390] kasan_strings+0xc0/0xe80 [ 26.805570] kunit_try_run_case+0x1a5/0x480 [ 26.805715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.805884] kthread+0x337/0x6f0 [ 26.805999] ret_from_fork+0x116/0x1d0 [ 26.806126] ret_from_fork_asm+0x1a/0x30 [ 26.806265] [ 26.806338] Freed by task 307: [ 26.806442] kasan_save_stack+0x45/0x70 [ 26.806573] kasan_save_track+0x18/0x40 [ 26.806706] kasan_save_free_info+0x3f/0x60 [ 26.806844] __kasan_slab_free+0x56/0x70 [ 26.806975] kfree+0x222/0x3f0 [ 26.807083] kasan_strings+0x2aa/0xe80 [ 26.807208] kunit_try_run_case+0x1a5/0x480 [ 26.807460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.807727] kthread+0x337/0x6f0 [ 26.808013] ret_from_fork+0x116/0x1d0 [ 26.808687] ret_from_fork_asm+0x1a/0x30 [ 26.809036] [ 26.809187] The buggy address belongs to the object at ffff8881053c84c0 [ 26.809187] which belongs to the cache kmalloc-32 of size 32 [ 26.809737] The buggy address is located 16 bytes inside of [ 26.809737] freed 32-byte region [ffff8881053c84c0, ffff8881053c84e0) [ 26.811280] [ 26.811389] The buggy address belongs to the physical page: [ 26.811636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c8 [ 26.813033] flags: 0x200000000000000(node=0|zone=2) [ 26.814491] page_type: f5(slab) [ 26.814744] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.815526] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.816023] page dumped because: kasan: bad access detected [ 26.816355] [ 26.816420] Memory state around the buggy address: [ 26.816620] ffff8881053c8380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.817023] ffff8881053c8400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.817449] >ffff8881053c8480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.817829] ^ [ 26.818058] ffff8881053c8500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.818406] ffff8881053c8580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.818728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp: Failure
Automatically assigned
[ 26.773667] ================================================================== [ 26.774633] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 26.774943] Read of size 1 at addr ffff8881053c84d0 by task kunit_try_catch/307 [ 26.775324] [ 26.775501] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.775557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.775570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.775594] Call Trace: [ 26.775607] <TASK> [ 26.775627] dump_stack_lvl+0x73/0xb0 [ 26.775660] print_report+0xd1/0x640 [ 26.775687] ? __virt_addr_valid+0x1db/0x2d0 [ 26.775714] ? strcmp+0xb0/0xc0 [ 26.775732] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.775758] ? strcmp+0xb0/0xc0 [ 26.775776] kasan_report+0x141/0x180 [ 26.775798] ? strcmp+0xb0/0xc0 [ 26.775832] __asan_report_load1_noabort+0x18/0x20 [ 26.775855] strcmp+0xb0/0xc0 [ 26.775875] kasan_strings+0x431/0xe80 [ 26.775895] ? trace_hardirqs_on+0x37/0xe0 [ 26.775921] ? __pfx_kasan_strings+0x10/0x10 [ 26.775941] ? finish_task_switch.isra.0+0x153/0x700 [ 26.775963] ? __switch_to+0x47/0xf80 [ 26.775991] ? __schedule+0x10da/0x2b60 [ 26.776013] ? __pfx_read_tsc+0x10/0x10 [ 26.776035] ? ktime_get_ts64+0x86/0x230 [ 26.776060] kunit_try_run_case+0x1a5/0x480 [ 26.776087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.776109] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.776142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.776175] ? __kthread_parkme+0x82/0x180 [ 26.776194] ? preempt_count_sub+0x50/0x80 [ 26.776218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.776241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.776263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.776299] kthread+0x337/0x6f0 [ 26.776319] ? trace_preempt_on+0x20/0xc0 [ 26.776340] ? __pfx_kthread+0x10/0x10 [ 26.776360] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.776389] ? calculate_sigpending+0x7b/0xa0 [ 26.776413] ? __pfx_kthread+0x10/0x10 [ 26.776433] ret_from_fork+0x116/0x1d0 [ 26.776452] ? __pfx_kthread+0x10/0x10 [ 26.776471] ret_from_fork_asm+0x1a/0x30 [ 26.776502] </TASK> [ 26.776513] [ 26.784025] Allocated by task 307: [ 26.784156] kasan_save_stack+0x45/0x70 [ 26.784308] kasan_save_track+0x18/0x40 [ 26.784471] kasan_save_alloc_info+0x3b/0x50 [ 26.784673] __kasan_kmalloc+0xb7/0xc0 [ 26.784850] __kmalloc_cache_noprof+0x189/0x420 [ 26.785063] kasan_strings+0xc0/0xe80 [ 26.785241] kunit_try_run_case+0x1a5/0x480 [ 26.785512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.785851] kthread+0x337/0x6f0 [ 26.785979] ret_from_fork+0x116/0x1d0 [ 26.786209] ret_from_fork_asm+0x1a/0x30 [ 26.786424] [ 26.786503] Freed by task 307: [ 26.786626] kasan_save_stack+0x45/0x70 [ 26.786787] kasan_save_track+0x18/0x40 [ 26.787000] kasan_save_free_info+0x3f/0x60 [ 26.787168] __kasan_slab_free+0x56/0x70 [ 26.787333] kfree+0x222/0x3f0 [ 26.787490] kasan_strings+0x2aa/0xe80 [ 26.787677] kunit_try_run_case+0x1a5/0x480 [ 26.787899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.788102] kthread+0x337/0x6f0 [ 26.788280] ret_from_fork+0x116/0x1d0 [ 26.788411] ret_from_fork_asm+0x1a/0x30 [ 26.788602] [ 26.788689] The buggy address belongs to the object at ffff8881053c84c0 [ 26.788689] which belongs to the cache kmalloc-32 of size 32 [ 26.789165] The buggy address is located 16 bytes inside of [ 26.789165] freed 32-byte region [ffff8881053c84c0, ffff8881053c84e0) [ 26.789637] [ 26.789718] The buggy address belongs to the physical page: [ 26.789951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c8 [ 26.790590] flags: 0x200000000000000(node=0|zone=2) [ 26.790897] page_type: f5(slab) [ 26.791028] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.791309] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.791638] page dumped because: kasan: bad access detected [ 26.791980] [ 26.792050] Memory state around the buggy address: [ 26.792202] ffff8881053c8380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.792513] ffff8881053c8400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.792820] >ffff8881053c8480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.793081] ^ [ 26.793295] ffff8881053c8500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 26.793609] ffff8881053c8580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 26.793892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp: Failure
Automatically assigned
[ 26.745666] ================================================================== [ 26.747419] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 26.748285] Read of size 1 at addr ffff8881053c8398 by task kunit_try_catch/305 [ 26.748519] [ 26.748606] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.748659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.748671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.748694] Call Trace: [ 26.748709] <TASK> [ 26.748726] dump_stack_lvl+0x73/0xb0 [ 26.748760] print_report+0xd1/0x640 [ 26.748786] ? __virt_addr_valid+0x1db/0x2d0 [ 26.748812] ? memcmp+0x1b4/0x1d0 [ 26.748831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.748856] ? memcmp+0x1b4/0x1d0 [ 26.748877] kasan_report+0x141/0x180 [ 26.748899] ? memcmp+0x1b4/0x1d0 [ 26.748923] __asan_report_load1_noabort+0x18/0x20 [ 26.748947] memcmp+0x1b4/0x1d0 [ 26.748968] kasan_memcmp+0x18f/0x390 [ 26.748988] ? trace_hardirqs_on+0x37/0xe0 [ 26.749013] ? __pfx_kasan_memcmp+0x10/0x10 [ 26.749032] ? finish_task_switch.isra.0+0x153/0x700 [ 26.749055] ? __switch_to+0x47/0xf80 [ 26.749085] ? __pfx_read_tsc+0x10/0x10 [ 26.749107] ? ktime_get_ts64+0x86/0x230 [ 26.749133] kunit_try_run_case+0x1a5/0x480 [ 26.749158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.749180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.749215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.749247] ? __kthread_parkme+0x82/0x180 [ 26.749279] ? preempt_count_sub+0x50/0x80 [ 26.749303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.749326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.749350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.749373] kthread+0x337/0x6f0 [ 26.749392] ? trace_preempt_on+0x20/0xc0 [ 26.749414] ? __pfx_kthread+0x10/0x10 [ 26.749435] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.749464] ? calculate_sigpending+0x7b/0xa0 [ 26.749488] ? __pfx_kthread+0x10/0x10 [ 26.749510] ret_from_fork+0x116/0x1d0 [ 26.749529] ? __pfx_kthread+0x10/0x10 [ 26.749559] ret_from_fork_asm+0x1a/0x30 [ 26.749599] </TASK> [ 26.749611] [ 26.757021] Allocated by task 305: [ 26.757208] kasan_save_stack+0x45/0x70 [ 26.757397] kasan_save_track+0x18/0x40 [ 26.757565] kasan_save_alloc_info+0x3b/0x50 [ 26.757768] __kasan_kmalloc+0xb7/0xc0 [ 26.757925] __kmalloc_cache_noprof+0x189/0x420 [ 26.758121] kasan_memcmp+0xb7/0x390 [ 26.758329] kunit_try_run_case+0x1a5/0x480 [ 26.758529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.758738] kthread+0x337/0x6f0 [ 26.758856] ret_from_fork+0x116/0x1d0 [ 26.758984] ret_from_fork_asm+0x1a/0x30 [ 26.759117] [ 26.759208] The buggy address belongs to the object at ffff8881053c8380 [ 26.759208] which belongs to the cache kmalloc-32 of size 32 [ 26.759739] The buggy address is located 0 bytes to the right of [ 26.759739] allocated 24-byte region [ffff8881053c8380, ffff8881053c8398) [ 26.760278] [ 26.760346] The buggy address belongs to the physical page: [ 26.760869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c8 [ 26.761205] flags: 0x200000000000000(node=0|zone=2) [ 26.761391] page_type: f5(slab) [ 26.761510] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 26.761736] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 26.761953] page dumped because: kasan: bad access detected [ 26.762117] [ 26.762180] Memory state around the buggy address: [ 26.762458] ffff8881053c8280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 26.762785] ffff8881053c8300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 26.763103] >ffff8881053c8380: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.763484] ^ [ 26.763869] ffff8881053c8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.764181] ffff8881053c8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.764463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right: Failure
Automatically assigned
[ 26.721085] ================================================================== [ 26.722287] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 26.723602] Read of size 1 at addr ffff888106337c4a by task kunit_try_catch/301 [ 26.724040] [ 26.724137] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.724189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.724201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.724224] Call Trace: [ 26.724240] <TASK> [ 26.724257] dump_stack_lvl+0x73/0xb0 [ 26.724305] print_report+0xd1/0x640 [ 26.724329] ? __virt_addr_valid+0x1db/0x2d0 [ 26.724355] ? kasan_alloca_oob_right+0x329/0x390 [ 26.724379] ? kasan_addr_to_slab+0x11/0xa0 [ 26.724400] ? kasan_alloca_oob_right+0x329/0x390 [ 26.724423] kasan_report+0x141/0x180 [ 26.724445] ? kasan_alloca_oob_right+0x329/0x390 [ 26.724472] __asan_report_load1_noabort+0x18/0x20 [ 26.724496] kasan_alloca_oob_right+0x329/0x390 [ 26.724517] ? __kasan_check_write+0x18/0x20 [ 26.724540] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.724563] ? finish_task_switch.isra.0+0x153/0x700 [ 26.724586] ? __ww_mutex_lock.constprop.0+0x13ce/0x2570 [ 26.724615] ? trace_hardirqs_on+0x37/0xe0 [ 26.724640] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 26.724665] ? __schedule+0x10da/0x2b60 [ 26.724687] ? __pfx_read_tsc+0x10/0x10 [ 26.724709] ? ktime_get_ts64+0x86/0x230 [ 26.724734] kunit_try_run_case+0x1a5/0x480 [ 26.724759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.724781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.724985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.725020] ? __kthread_parkme+0x82/0x180 [ 26.725041] ? preempt_count_sub+0x50/0x80 [ 26.725066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.725090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.725115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.725137] kthread+0x337/0x6f0 [ 26.725157] ? trace_preempt_on+0x20/0xc0 [ 26.725179] ? __pfx_kthread+0x10/0x10 [ 26.725199] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.725229] ? calculate_sigpending+0x7b/0xa0 [ 26.725253] ? __pfx_kthread+0x10/0x10 [ 26.725289] ret_from_fork+0x116/0x1d0 [ 26.725308] ? __pfx_kthread+0x10/0x10 [ 26.725328] ret_from_fork_asm+0x1a/0x30 [ 26.725360] </TASK> [ 26.725372] [ 26.734652] The buggy address belongs to stack of task kunit_try_catch/301 [ 26.734918] [ 26.734983] The buggy address belongs to the physical page: [ 26.735149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106337 [ 26.735581] flags: 0x200000000000000(node=0|zone=2) [ 26.735874] raw: 0200000000000000 ffffea000418cdc8 ffffea000418cdc8 0000000000000000 [ 26.736392] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.736616] page dumped because: kasan: bad access detected [ 26.736839] [ 26.736925] Memory state around the buggy address: [ 26.737149] ffff888106337b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.737470] ffff888106337b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.737787] >ffff888106337c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 26.738067] ^ [ 26.738447] ffff888106337c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 26.738754] ffff888106337d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 26.739121] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left: Failure
Automatically assigned
[ 26.699563] ================================================================== [ 26.700923] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 26.701876] Read of size 1 at addr ffff8881062ffc3f by task kunit_try_catch/299 [ 26.703023] [ 26.703129] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.703185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.703198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.703220] Call Trace: [ 26.703234] <TASK> [ 26.703252] dump_stack_lvl+0x73/0xb0 [ 26.703303] print_report+0xd1/0x640 [ 26.703326] ? __virt_addr_valid+0x1db/0x2d0 [ 26.703352] ? kasan_alloca_oob_left+0x320/0x380 [ 26.703374] ? kasan_addr_to_slab+0x11/0xa0 [ 26.703394] ? kasan_alloca_oob_left+0x320/0x380 [ 26.703415] kasan_report+0x141/0x180 [ 26.703436] ? kasan_alloca_oob_left+0x320/0x380 [ 26.703462] __asan_report_load1_noabort+0x18/0x20 [ 26.703485] kasan_alloca_oob_left+0x320/0x380 [ 26.703506] ? __kasan_check_write+0x18/0x20 [ 26.703528] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.703551] ? finish_task_switch.isra.0+0x153/0x700 [ 26.703573] ? __ww_mutex_lock.constprop.0+0x13ce/0x2570 [ 26.703602] ? trace_hardirqs_on+0x37/0xe0 [ 26.703628] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 26.703652] ? __schedule+0x10da/0x2b60 [ 26.703674] ? __pfx_read_tsc+0x10/0x10 [ 26.703696] ? ktime_get_ts64+0x86/0x230 [ 26.703721] kunit_try_run_case+0x1a5/0x480 [ 26.703746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.703768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.703810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.703842] ? __kthread_parkme+0x82/0x180 [ 26.703862] ? preempt_count_sub+0x50/0x80 [ 26.703884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.703906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.703929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.703951] kthread+0x337/0x6f0 [ 26.703971] ? trace_preempt_on+0x20/0xc0 [ 26.703993] ? __pfx_kthread+0x10/0x10 [ 26.704012] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.704042] ? calculate_sigpending+0x7b/0xa0 [ 26.704066] ? __pfx_kthread+0x10/0x10 [ 26.704087] ret_from_fork+0x116/0x1d0 [ 26.704106] ? __pfx_kthread+0x10/0x10 [ 26.704126] ret_from_fork_asm+0x1a/0x30 [ 26.704157] </TASK> [ 26.704169] [ 26.712778] The buggy address belongs to stack of task kunit_try_catch/299 [ 26.713116] [ 26.713203] The buggy address belongs to the physical page: [ 26.713459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1062ff [ 26.713807] flags: 0x200000000000000(node=0|zone=2) [ 26.714050] raw: 0200000000000000 ffffea000418bfc8 ffffea000418bfc8 0000000000000000 [ 26.714391] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.714625] page dumped because: kasan: bad access detected [ 26.714793] [ 26.714855] Memory state around the buggy address: [ 26.715003] ffff8881062ffb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.715481] ffff8881062ffb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.715875] >ffff8881062ffc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 26.716199] ^ [ 26.716410] ffff8881062ffc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 26.716623] ffff8881062ffd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 26.716921] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob: Failure
Automatically assigned
[ 26.672095] ================================================================== [ 26.672600] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 26.672849] Read of size 1 at addr ffff88810635fd02 by task kunit_try_catch/297 [ 26.673068] [ 26.673154] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.673206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.673219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.673242] Call Trace: [ 26.673255] <TASK> [ 26.673312] dump_stack_lvl+0x73/0xb0 [ 26.673348] print_report+0xd1/0x640 [ 26.673371] ? __virt_addr_valid+0x1db/0x2d0 [ 26.673398] ? kasan_stack_oob+0x2b5/0x300 [ 26.673417] ? kasan_addr_to_slab+0x11/0xa0 [ 26.673466] ? kasan_stack_oob+0x2b5/0x300 [ 26.673486] kasan_report+0x141/0x180 [ 26.673507] ? kasan_stack_oob+0x2b5/0x300 [ 26.673531] __asan_report_load1_noabort+0x18/0x20 [ 26.673555] kasan_stack_oob+0x2b5/0x300 [ 26.673574] ? __pfx_kasan_stack_oob+0x10/0x10 [ 26.673593] ? finish_task_switch.isra.0+0x153/0x700 [ 26.673615] ? __switch_to+0x47/0xf80 [ 26.673643] ? __schedule+0x10da/0x2b60 [ 26.673726] ? __pfx_read_tsc+0x10/0x10 [ 26.673749] ? ktime_get_ts64+0x86/0x230 [ 26.673776] kunit_try_run_case+0x1a5/0x480 [ 26.673815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.673837] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.673872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.673905] ? __kthread_parkme+0x82/0x180 [ 26.673926] ? preempt_count_sub+0x50/0x80 [ 26.673948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.673971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.673994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.674016] kthread+0x337/0x6f0 [ 26.674036] ? trace_preempt_on+0x20/0xc0 [ 26.674059] ? __pfx_kthread+0x10/0x10 [ 26.674079] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.674109] ? calculate_sigpending+0x7b/0xa0 [ 26.674171] ? __pfx_kthread+0x10/0x10 [ 26.674192] ret_from_fork+0x116/0x1d0 [ 26.674211] ? __pfx_kthread+0x10/0x10 [ 26.674243] ret_from_fork_asm+0x1a/0x30 [ 26.674303] </TASK> [ 26.674316] [ 26.687118] The buggy address belongs to stack of task kunit_try_catch/297 [ 26.687786] and is located at offset 138 in frame: [ 26.688102] kasan_stack_oob+0x0/0x300 [ 26.688442] [ 26.688538] This frame has 4 objects: [ 26.688738] [48, 49) '__assertion' [ 26.688764] [64, 72) 'array' [ 26.688959] [96, 112) '__assertion' [ 26.689128] [128, 138) 'stack_array' [ 26.689332] [ 26.689556] The buggy address belongs to the physical page: [ 26.689800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10635f [ 26.690091] flags: 0x200000000000000(node=0|zone=2) [ 26.690287] raw: 0200000000000000 ffffea000418d7c8 ffffea000418d7c8 0000000000000000 [ 26.690618] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 26.690908] page dumped because: kasan: bad access detected [ 26.691076] [ 26.691162] Memory state around the buggy address: [ 26.691466] ffff88810635fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 26.691786] ffff88810635fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 26.692096] >ffff88810635fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 26.692367] ^ [ 26.692528] ffff88810635fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 26.692879] ffff88810635fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.693162] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right: Failure
Automatically assigned
[ 26.635767] ================================================================== [ 26.637191] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 26.638085] Read of size 1 at addr ffffffffb7ec4f8d by task kunit_try_catch/293 [ 26.639030] [ 26.639380] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.639521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.639537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.639561] Call Trace: [ 26.639577] <TASK> [ 26.639595] dump_stack_lvl+0x73/0xb0 [ 26.639630] print_report+0xd1/0x640 [ 26.639653] ? __virt_addr_valid+0x1db/0x2d0 [ 26.639677] ? kasan_global_oob_right+0x286/0x2d0 [ 26.639698] ? kasan_addr_to_slab+0x11/0xa0 [ 26.639718] ? kasan_global_oob_right+0x286/0x2d0 [ 26.639740] kasan_report+0x141/0x180 [ 26.639761] ? kasan_global_oob_right+0x286/0x2d0 [ 26.639786] __asan_report_load1_noabort+0x18/0x20 [ 26.639809] kasan_global_oob_right+0x286/0x2d0 [ 26.639831] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 26.639854] ? __schedule+0x10da/0x2b60 [ 26.639877] ? __pfx_read_tsc+0x10/0x10 [ 26.639898] ? ktime_get_ts64+0x86/0x230 [ 26.639924] kunit_try_run_case+0x1a5/0x480 [ 26.639949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.639971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.639993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.640037] ? __kthread_parkme+0x82/0x180 [ 26.640058] ? preempt_count_sub+0x50/0x80 [ 26.640091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.640115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.640138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.640160] kthread+0x337/0x6f0 [ 26.640180] ? trace_preempt_on+0x20/0xc0 [ 26.640203] ? __pfx_kthread+0x10/0x10 [ 26.640222] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.640256] ? calculate_sigpending+0x7b/0xa0 [ 26.640291] ? __pfx_kthread+0x10/0x10 [ 26.640311] ret_from_fork+0x116/0x1d0 [ 26.640330] ? __pfx_kthread+0x10/0x10 [ 26.640350] ret_from_fork_asm+0x1a/0x30 [ 26.640382] </TASK> [ 26.640393] [ 26.655740] The buggy address belongs to the variable: [ 26.655961] global_array+0xd/0x40 [ 26.656147] [ 26.656465] The buggy address belongs to the physical page: [ 26.656662] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x304c4 [ 26.656998] flags: 0x100000000002000(reserved|node=0|zone=1) [ 26.657261] raw: 0100000000002000 ffffea0000c13108 ffffea0000c13108 0000000000000000 [ 26.657602] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.657926] page dumped because: kasan: bad access detected [ 26.658148] [ 26.658219] Memory state around the buggy address: [ 26.659209] ffffffffb7ec4e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.659614] ffffffffb7ec4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.660062] >ffffffffb7ec4f80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 26.660474] ^ [ 26.660741] ffffffffb7ec5000: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 26.661281] ffffffffb7ec5080: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 26.661648] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper: Failure
Automatically assigned
[ 26.611513] ================================================================== [ 26.612158] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.612532] Free of addr ffff88810622c001 by task kunit_try_catch/291 [ 26.612802] [ 26.612912] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.612964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.612977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.613000] Call Trace: [ 26.613014] <TASK> [ 26.613031] dump_stack_lvl+0x73/0xb0 [ 26.613064] print_report+0xd1/0x640 [ 26.613088] ? __virt_addr_valid+0x1db/0x2d0 [ 26.613114] ? kasan_addr_to_slab+0x11/0xa0 [ 26.613134] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.613159] kasan_report_invalid_free+0x10a/0x130 [ 26.613182] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.613209] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.613232] __kasan_mempool_poison_object+0x102/0x1d0 [ 26.613256] mempool_free+0x2ec/0x380 [ 26.613295] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.613321] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 26.613346] ? dequeue_entities+0x23f/0x1630 [ 26.613370] ? __kasan_check_write+0x18/0x20 [ 26.613394] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.613416] ? finish_task_switch.isra.0+0x153/0x700 [ 26.613442] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 26.613466] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 26.613493] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.613516] ? __pfx_mempool_kfree+0x10/0x10 [ 26.613540] ? __pfx_read_tsc+0x10/0x10 [ 26.613562] ? ktime_get_ts64+0x86/0x230 [ 26.613588] kunit_try_run_case+0x1a5/0x480 [ 26.613613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.613635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.613671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.613703] ? __kthread_parkme+0x82/0x180 [ 26.613724] ? preempt_count_sub+0x50/0x80 [ 26.613745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.613768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.613791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.613813] kthread+0x337/0x6f0 [ 26.613832] ? trace_preempt_on+0x20/0xc0 [ 26.613856] ? __pfx_kthread+0x10/0x10 [ 26.613876] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.613907] ? calculate_sigpending+0x7b/0xa0 [ 26.613930] ? __pfx_kthread+0x10/0x10 [ 26.613951] ret_from_fork+0x116/0x1d0 [ 26.613970] ? __pfx_kthread+0x10/0x10 [ 26.613989] ret_from_fork_asm+0x1a/0x30 [ 26.614020] </TASK> [ 26.614033] [ 26.623628] The buggy address belongs to the physical page: [ 26.624004] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10622c [ 26.625244] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.626161] flags: 0x200000000000040(head|node=0|zone=2) [ 26.626606] page_type: f8(unknown) [ 26.626749] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.627611] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.628539] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.629124] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.629370] head: 0200000000000002 ffffea0004188b01 00000000ffffffff 00000000ffffffff [ 26.629588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.629800] page dumped because: kasan: bad access detected [ 26.629959] [ 26.630021] Memory state around the buggy address: [ 26.630167] ffff88810622bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.630381] ffff88810622bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.630584] >ffff88810622c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.630791] ^ [ 26.630900] ffff88810622c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.631101] ffff88810622c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.631699] ================================================================== [ 26.580592] ================================================================== [ 26.581201] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.581662] Free of addr ffff888102b06f01 by task kunit_try_catch/289 [ 26.581919] [ 26.582029] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.582081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.582093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.582117] Call Trace: [ 26.582129] <TASK> [ 26.582148] dump_stack_lvl+0x73/0xb0 [ 26.582181] print_report+0xd1/0x640 [ 26.582306] ? __virt_addr_valid+0x1db/0x2d0 [ 26.582337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.582363] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.582387] kasan_report_invalid_free+0x10a/0x130 [ 26.582411] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.582438] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.582461] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.582484] check_slab_allocation+0x11f/0x130 [ 26.582506] __kasan_mempool_poison_object+0x91/0x1d0 [ 26.582529] mempool_free+0x2ec/0x380 [ 26.582556] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 26.582580] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 26.582605] ? update_load_avg+0x1be/0x21b0 [ 26.582631] ? finish_task_switch.isra.0+0x153/0x700 [ 26.582663] mempool_kmalloc_invalid_free+0xed/0x140 [ 26.582686] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 26.582712] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.582733] ? __pfx_mempool_kfree+0x10/0x10 [ 26.582757] ? __pfx_read_tsc+0x10/0x10 [ 26.582779] ? ktime_get_ts64+0x86/0x230 [ 26.582804] kunit_try_run_case+0x1a5/0x480 [ 26.582831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.582854] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.582879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.582953] ? __kthread_parkme+0x82/0x180 [ 26.582989] ? preempt_count_sub+0x50/0x80 [ 26.583011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.583034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.583057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.583079] kthread+0x337/0x6f0 [ 26.583099] ? trace_preempt_on+0x20/0xc0 [ 26.583122] ? __pfx_kthread+0x10/0x10 [ 26.583142] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.583165] ? calculate_sigpending+0x7b/0xa0 [ 26.583188] ? __pfx_kthread+0x10/0x10 [ 26.583208] ret_from_fork+0x116/0x1d0 [ 26.583227] ? __pfx_kthread+0x10/0x10 [ 26.583247] ret_from_fork_asm+0x1a/0x30 [ 26.583296] </TASK> [ 26.583307] [ 26.594949] Allocated by task 289: [ 26.595140] kasan_save_stack+0x45/0x70 [ 26.595365] kasan_save_track+0x18/0x40 [ 26.595528] kasan_save_alloc_info+0x3b/0x50 [ 26.595725] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.595946] remove_element+0x11e/0x190 [ 26.596119] mempool_alloc_preallocated+0x4d/0x90 [ 26.596872] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 26.597095] mempool_kmalloc_invalid_free+0xed/0x140 [ 26.597598] kunit_try_run_case+0x1a5/0x480 [ 26.598036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.598239] kthread+0x337/0x6f0 [ 26.598558] ret_from_fork+0x116/0x1d0 [ 26.598914] ret_from_fork_asm+0x1a/0x30 [ 26.599188] [ 26.599285] The buggy address belongs to the object at ffff888102b06f00 [ 26.599285] which belongs to the cache kmalloc-128 of size 128 [ 26.599933] The buggy address is located 1 bytes inside of [ 26.599933] 128-byte region [ffff888102b06f00, ffff888102b06f80) [ 26.600548] [ 26.600644] The buggy address belongs to the physical page: [ 26.600874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 26.601220] flags: 0x200000000000000(node=0|zone=2) [ 26.602003] page_type: f5(slab) [ 26.602161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.602674] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 26.603152] page dumped because: kasan: bad access detected [ 26.603521] [ 26.603606] Memory state around the buggy address: [ 26.604015] ffff888102b06e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.604330] ffff888102b06e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.604641] >ffff888102b06f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.604940] ^ [ 26.605092] ffff888102b06f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.605921] ffff888102b07000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.606415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper: Failure
Automatically assigned
[ 26.548712] ================================================================== [ 26.549269] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 26.549515] Free of addr ffff88810622c000 by task kunit_try_catch/287 [ 26.549707] [ 26.549794] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.549846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.549867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.549891] Call Trace: [ 26.549904] <TASK> [ 26.549922] dump_stack_lvl+0x73/0xb0 [ 26.549955] print_report+0xd1/0x640 [ 26.549978] ? __virt_addr_valid+0x1db/0x2d0 [ 26.550004] ? kasan_addr_to_slab+0x11/0xa0 [ 26.550024] ? mempool_double_free_helper+0x184/0x370 [ 26.550048] kasan_report_invalid_free+0x10a/0x130 [ 26.550072] ? mempool_double_free_helper+0x184/0x370 [ 26.550098] ? mempool_double_free_helper+0x184/0x370 [ 26.550120] __kasan_mempool_poison_pages+0x115/0x130 [ 26.550144] mempool_free+0x290/0x380 [ 26.550171] mempool_double_free_helper+0x184/0x370 [ 26.550194] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.550218] ? dequeue_entities+0x23f/0x1630 [ 26.550244] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.550274] ? finish_task_switch.isra.0+0x153/0x700 [ 26.550300] mempool_page_alloc_double_free+0xe8/0x140 [ 26.550324] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 26.550351] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 26.550373] ? __pfx_mempool_free_pages+0x10/0x10 [ 26.550398] ? __pfx_read_tsc+0x10/0x10 [ 26.550420] ? ktime_get_ts64+0x86/0x230 [ 26.550446] kunit_try_run_case+0x1a5/0x480 [ 26.550471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.550493] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.550529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.550561] ? __kthread_parkme+0x82/0x180 [ 26.550582] ? preempt_count_sub+0x50/0x80 [ 26.550604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.550627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.550656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.550679] kthread+0x337/0x6f0 [ 26.550698] ? trace_preempt_on+0x20/0xc0 [ 26.550722] ? __pfx_kthread+0x10/0x10 [ 26.550742] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.550772] ? calculate_sigpending+0x7b/0xa0 [ 26.550795] ? __pfx_kthread+0x10/0x10 [ 26.550816] ret_from_fork+0x116/0x1d0 [ 26.550835] ? __pfx_kthread+0x10/0x10 [ 26.550855] ret_from_fork_asm+0x1a/0x30 [ 26.550885] </TASK> [ 26.550896] [ 26.571302] The buggy address belongs to the physical page: [ 26.571557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10622c [ 26.572297] flags: 0x200000000000000(node=0|zone=2) [ 26.572517] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.573119] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.573578] page dumped because: kasan: bad access detected [ 26.574193] [ 26.574310] Memory state around the buggy address: [ 26.574523] ffff88810622bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.575115] ffff88810622bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.575605] >ffff88810622c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.576198] ^ [ 26.576443] ffff88810622c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.576947] ffff88810622c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.577240] ================================================================== [ 26.493824] ================================================================== [ 26.494231] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 26.494523] Free of addr ffff888102b06b00 by task kunit_try_catch/283 [ 26.494827] [ 26.494942] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.494993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.495004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.495028] Call Trace: [ 26.495040] <TASK> [ 26.495059] dump_stack_lvl+0x73/0xb0 [ 26.495092] print_report+0xd1/0x640 [ 26.495115] ? __virt_addr_valid+0x1db/0x2d0 [ 26.495141] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.495193] ? mempool_double_free_helper+0x184/0x370 [ 26.495218] kasan_report_invalid_free+0x10a/0x130 [ 26.495242] ? mempool_double_free_helper+0x184/0x370 [ 26.495276] ? mempool_double_free_helper+0x184/0x370 [ 26.495299] ? mempool_double_free_helper+0x184/0x370 [ 26.495321] check_slab_allocation+0x101/0x130 [ 26.495342] __kasan_mempool_poison_object+0x91/0x1d0 [ 26.495366] mempool_free+0x2ec/0x380 [ 26.495394] mempool_double_free_helper+0x184/0x370 [ 26.495418] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.495444] ? finish_task_switch.isra.0+0x153/0x700 [ 26.495471] mempool_kmalloc_double_free+0xed/0x140 [ 26.495493] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 26.495518] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.495554] ? __pfx_mempool_kfree+0x10/0x10 [ 26.495579] ? __pfx_read_tsc+0x10/0x10 [ 26.495622] ? ktime_get_ts64+0x86/0x230 [ 26.495647] kunit_try_run_case+0x1a5/0x480 [ 26.495673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.495694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.495729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.495762] ? __kthread_parkme+0x82/0x180 [ 26.495799] ? preempt_count_sub+0x50/0x80 [ 26.495822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.495845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.495868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.495890] kthread+0x337/0x6f0 [ 26.495909] ? trace_preempt_on+0x20/0xc0 [ 26.495933] ? __pfx_kthread+0x10/0x10 [ 26.495953] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.495982] ? calculate_sigpending+0x7b/0xa0 [ 26.496007] ? __pfx_kthread+0x10/0x10 [ 26.496027] ret_from_fork+0x116/0x1d0 [ 26.496059] ? __pfx_kthread+0x10/0x10 [ 26.496103] ret_from_fork_asm+0x1a/0x30 [ 26.496135] </TASK> [ 26.496146] [ 26.504631] Allocated by task 283: [ 26.504876] kasan_save_stack+0x45/0x70 [ 26.505078] kasan_save_track+0x18/0x40 [ 26.505277] kasan_save_alloc_info+0x3b/0x50 [ 26.505462] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.505630] remove_element+0x11e/0x190 [ 26.505896] mempool_alloc_preallocated+0x4d/0x90 [ 26.506126] mempool_double_free_helper+0x8a/0x370 [ 26.506350] mempool_kmalloc_double_free+0xed/0x140 [ 26.506555] kunit_try_run_case+0x1a5/0x480 [ 26.506743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.507140] kthread+0x337/0x6f0 [ 26.507320] ret_from_fork+0x116/0x1d0 [ 26.507491] ret_from_fork_asm+0x1a/0x30 [ 26.507659] [ 26.507747] Freed by task 283: [ 26.507981] kasan_save_stack+0x45/0x70 [ 26.508153] kasan_save_track+0x18/0x40 [ 26.508342] kasan_save_free_info+0x3f/0x60 [ 26.508520] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.508682] mempool_free+0x2ec/0x380 [ 26.508881] mempool_double_free_helper+0x109/0x370 [ 26.509046] mempool_kmalloc_double_free+0xed/0x140 [ 26.509202] kunit_try_run_case+0x1a5/0x480 [ 26.509354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.509598] kthread+0x337/0x6f0 [ 26.509760] ret_from_fork+0x116/0x1d0 [ 26.510010] ret_from_fork_asm+0x1a/0x30 [ 26.510201] [ 26.510298] The buggy address belongs to the object at ffff888102b06b00 [ 26.510298] which belongs to the cache kmalloc-128 of size 128 [ 26.511050] The buggy address is located 0 bytes inside of [ 26.511050] 128-byte region [ffff888102b06b00, ffff888102b06b80) [ 26.511557] [ 26.511629] The buggy address belongs to the physical page: [ 26.511904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 26.512269] flags: 0x200000000000000(node=0|zone=2) [ 26.512507] page_type: f5(slab) [ 26.512677] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.513051] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.513354] page dumped because: kasan: bad access detected [ 26.513581] [ 26.513664] Memory state around the buggy address: [ 26.513933] ffff888102b06a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.514191] ffff888102b06a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.514501] >ffff888102b06b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.514948] ^ [ 26.515122] ffff888102b06b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.515392] ffff888102b06c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.515689] ================================================================== [ 26.520726] ================================================================== [ 26.521618] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 26.521934] Free of addr ffff88810622c000 by task kunit_try_catch/285 [ 26.522195] [ 26.522313] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.522365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.522377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.522401] Call Trace: [ 26.522415] <TASK> [ 26.522434] dump_stack_lvl+0x73/0xb0 [ 26.522467] print_report+0xd1/0x640 [ 26.522491] ? __virt_addr_valid+0x1db/0x2d0 [ 26.522518] ? kasan_addr_to_slab+0x11/0xa0 [ 26.522539] ? mempool_double_free_helper+0x184/0x370 [ 26.522563] kasan_report_invalid_free+0x10a/0x130 [ 26.522587] ? mempool_double_free_helper+0x184/0x370 [ 26.522614] ? mempool_double_free_helper+0x184/0x370 [ 26.522636] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 26.522666] mempool_free+0x2ec/0x380 [ 26.522693] mempool_double_free_helper+0x184/0x370 [ 26.522717] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 26.522742] ? dequeue_entities+0x23f/0x1630 [ 26.522768] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.522790] ? finish_task_switch.isra.0+0x153/0x700 [ 26.522816] mempool_kmalloc_large_double_free+0xed/0x140 [ 26.522841] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 26.522868] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.522890] ? __pfx_mempool_kfree+0x10/0x10 [ 26.522914] ? __pfx_read_tsc+0x10/0x10 [ 26.522937] ? ktime_get_ts64+0x86/0x230 [ 26.522962] kunit_try_run_case+0x1a5/0x480 [ 26.522986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.523008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.523044] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.523078] ? __kthread_parkme+0x82/0x180 [ 26.523099] ? preempt_count_sub+0x50/0x80 [ 26.523122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.523145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.523168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.523190] kthread+0x337/0x6f0 [ 26.523209] ? trace_preempt_on+0x20/0xc0 [ 26.523233] ? __pfx_kthread+0x10/0x10 [ 26.523254] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.523724] ? calculate_sigpending+0x7b/0xa0 [ 26.523754] ? __pfx_kthread+0x10/0x10 [ 26.524046] ret_from_fork+0x116/0x1d0 [ 26.524070] ? __pfx_kthread+0x10/0x10 [ 26.524091] ret_from_fork_asm+0x1a/0x30 [ 26.524123] </TASK> [ 26.524135] [ 26.537762] The buggy address belongs to the physical page: [ 26.538017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10622c [ 26.538360] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.538671] flags: 0x200000000000040(head|node=0|zone=2) [ 26.538908] page_type: f8(unknown) [ 26.539069] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.539421] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.539654] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.539974] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.540332] head: 0200000000000002 ffffea0004188b01 00000000ffffffff 00000000ffffffff [ 26.540671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.541068] page dumped because: kasan: bad access detected [ 26.541318] [ 26.541384] Memory state around the buggy address: [ 26.541537] ffff88810622bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.541912] ffff88810622bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.542236] >ffff88810622c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.542513] ^ [ 26.542668] ffff88810622c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.542928] ffff88810622c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.543229] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 26.472030] ================================================================== [ 26.472454] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 26.473292] Read of size 1 at addr ffff88810622c000 by task kunit_try_catch/281 [ 26.474155] [ 26.474426] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.474485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.474498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.474522] Call Trace: [ 26.474536] <TASK> [ 26.474556] dump_stack_lvl+0x73/0xb0 [ 26.474593] print_report+0xd1/0x640 [ 26.474617] ? __virt_addr_valid+0x1db/0x2d0 [ 26.474648] ? mempool_uaf_helper+0x392/0x400 [ 26.474670] ? kasan_addr_to_slab+0x11/0xa0 [ 26.474691] ? mempool_uaf_helper+0x392/0x400 [ 26.474712] kasan_report+0x141/0x180 [ 26.474734] ? mempool_uaf_helper+0x392/0x400 [ 26.474759] __asan_report_load1_noabort+0x18/0x20 [ 26.474838] mempool_uaf_helper+0x392/0x400 [ 26.474863] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.474885] ? dequeue_entities+0x23f/0x1630 [ 26.474912] ? __kasan_check_write+0x18/0x20 [ 26.474948] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.474970] ? finish_task_switch.isra.0+0x153/0x700 [ 26.474997] mempool_page_alloc_uaf+0xed/0x140 [ 26.475019] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 26.475045] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 26.475071] ? __pfx_mempool_free_pages+0x10/0x10 [ 26.475096] ? __pfx_read_tsc+0x10/0x10 [ 26.475118] ? ktime_get_ts64+0x86/0x230 [ 26.475143] kunit_try_run_case+0x1a5/0x480 [ 26.475171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.475192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.475228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.475270] ? __kthread_parkme+0x82/0x180 [ 26.475292] ? preempt_count_sub+0x50/0x80 [ 26.475316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.475339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.475361] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.475383] kthread+0x337/0x6f0 [ 26.475403] ? trace_preempt_on+0x20/0xc0 [ 26.475426] ? __pfx_kthread+0x10/0x10 [ 26.475447] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.475476] ? calculate_sigpending+0x7b/0xa0 [ 26.475501] ? __pfx_kthread+0x10/0x10 [ 26.475523] ret_from_fork+0x116/0x1d0 [ 26.475541] ? __pfx_kthread+0x10/0x10 [ 26.475561] ret_from_fork_asm+0x1a/0x30 [ 26.475593] </TASK> [ 26.475605] [ 26.485033] The buggy address belongs to the physical page: [ 26.485308] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10622c [ 26.485692] flags: 0x200000000000000(node=0|zone=2) [ 26.486080] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 26.486439] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 26.486840] page dumped because: kasan: bad access detected [ 26.487120] [ 26.487194] Memory state around the buggy address: [ 26.487422] ffff88810622bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.487731] ffff88810622bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.488069] >ffff88810622c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.488284] ^ [ 26.488394] ffff88810622c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.488675] ffff88810622c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.488993] ================================================================== [ 26.405957] ================================================================== [ 26.406415] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 26.406708] Read of size 1 at addr ffff888106250000 by task kunit_try_catch/277 [ 26.407077] [ 26.407162] CPU: 1 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.407224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.407236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.407269] Call Trace: [ 26.407282] <TASK> [ 26.407299] dump_stack_lvl+0x73/0xb0 [ 26.407330] print_report+0xd1/0x640 [ 26.407352] ? __virt_addr_valid+0x1db/0x2d0 [ 26.407376] ? mempool_uaf_helper+0x392/0x400 [ 26.407397] ? kasan_addr_to_slab+0x11/0xa0 [ 26.407417] ? mempool_uaf_helper+0x392/0x400 [ 26.407440] kasan_report+0x141/0x180 [ 26.407463] ? mempool_uaf_helper+0x392/0x400 [ 26.407488] __asan_report_load1_noabort+0x18/0x20 [ 26.407512] mempool_uaf_helper+0x392/0x400 [ 26.407534] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.407559] ? finish_task_switch.isra.0+0x153/0x700 [ 26.407621] mempool_kmalloc_large_uaf+0xef/0x140 [ 26.407644] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 26.407681] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.407705] ? __pfx_mempool_kfree+0x10/0x10 [ 26.407729] ? __pfx_read_tsc+0x10/0x10 [ 26.407750] ? ktime_get_ts64+0x86/0x230 [ 26.407775] kunit_try_run_case+0x1a5/0x480 [ 26.407810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.407832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.407856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.407879] ? __kthread_parkme+0x82/0x180 [ 26.407899] ? preempt_count_sub+0x50/0x80 [ 26.407921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.407945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.407968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.407990] kthread+0x337/0x6f0 [ 26.408010] ? trace_preempt_on+0x20/0xc0 [ 26.408032] ? __pfx_kthread+0x10/0x10 [ 26.408052] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.408073] ? calculate_sigpending+0x7b/0xa0 [ 26.408097] ? __pfx_kthread+0x10/0x10 [ 26.408119] ret_from_fork+0x116/0x1d0 [ 26.408138] ? __pfx_kthread+0x10/0x10 [ 26.408392] ret_from_fork_asm+0x1a/0x30 [ 26.408423] </TASK> [ 26.408434] [ 26.416041] The buggy address belongs to the physical page: [ 26.416318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106250 [ 26.416684] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.417116] flags: 0x200000000000040(head|node=0|zone=2) [ 26.417311] page_type: f8(unknown) [ 26.417440] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.417782] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.418112] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.418394] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.418719] head: 0200000000000002 ffffea0004189401 00000000ffffffff 00000000ffffffff [ 26.419013] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.419239] page dumped because: kasan: bad access detected [ 26.419789] [ 26.419882] Memory state around the buggy address: [ 26.420114] ffff88810624ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.420602] ffff88810624ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.421009] >ffff888106250000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.421317] ^ [ 26.421433] ffff888106250080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.421643] ffff888106250100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 26.421846] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper: Failure
Automatically assigned
[ 26.428136] ================================================================== [ 26.429190] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 26.429553] Read of size 1 at addr ffff88810618b240 by task kunit_try_catch/279 [ 26.429835] [ 26.430011] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.430063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.430076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.430099] Call Trace: [ 26.430112] <TASK> [ 26.430131] dump_stack_lvl+0x73/0xb0 [ 26.430165] print_report+0xd1/0x640 [ 26.430188] ? __virt_addr_valid+0x1db/0x2d0 [ 26.430214] ? mempool_uaf_helper+0x392/0x400 [ 26.430235] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.430273] ? mempool_uaf_helper+0x392/0x400 [ 26.430295] kasan_report+0x141/0x180 [ 26.430316] ? mempool_uaf_helper+0x392/0x400 [ 26.430342] __asan_report_load1_noabort+0x18/0x20 [ 26.430367] mempool_uaf_helper+0x392/0x400 [ 26.430389] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.430413] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.430436] ? finish_task_switch.isra.0+0x153/0x700 [ 26.430461] mempool_slab_uaf+0xea/0x140 [ 26.430484] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 26.430508] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 26.430534] ? __pfx_mempool_free_slab+0x10/0x10 [ 26.430559] ? __pfx_read_tsc+0x10/0x10 [ 26.430581] ? ktime_get_ts64+0x86/0x230 [ 26.430607] kunit_try_run_case+0x1a5/0x480 [ 26.430632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.430659] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.430695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.430727] ? __kthread_parkme+0x82/0x180 [ 26.430749] ? preempt_count_sub+0x50/0x80 [ 26.430771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.430795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.430833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.430856] kthread+0x337/0x6f0 [ 26.430876] ? trace_preempt_on+0x20/0xc0 [ 26.430899] ? __pfx_kthread+0x10/0x10 [ 26.430919] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.430949] ? calculate_sigpending+0x7b/0xa0 [ 26.430972] ? __pfx_kthread+0x10/0x10 [ 26.430993] ret_from_fork+0x116/0x1d0 [ 26.431012] ? __pfx_kthread+0x10/0x10 [ 26.431032] ret_from_fork_asm+0x1a/0x30 [ 26.431063] </TASK> [ 26.431074] [ 26.440669] Allocated by task 279: [ 26.441116] kasan_save_stack+0x45/0x70 [ 26.441677] kasan_save_track+0x18/0x40 [ 26.442402] kasan_save_alloc_info+0x3b/0x50 [ 26.442689] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 26.443188] remove_element+0x11e/0x190 [ 26.443598] mempool_alloc_preallocated+0x4d/0x90 [ 26.444048] mempool_uaf_helper+0x96/0x400 [ 26.444490] mempool_slab_uaf+0xea/0x140 [ 26.445017] kunit_try_run_case+0x1a5/0x480 [ 26.445361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.445943] kthread+0x337/0x6f0 [ 26.446126] ret_from_fork+0x116/0x1d0 [ 26.446304] ret_from_fork_asm+0x1a/0x30 [ 26.446483] [ 26.446563] Freed by task 279: [ 26.446708] kasan_save_stack+0x45/0x70 [ 26.447384] kasan_save_track+0x18/0x40 [ 26.447574] kasan_save_free_info+0x3f/0x60 [ 26.447763] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.448087] mempool_free+0x2ec/0x380 [ 26.448272] mempool_uaf_helper+0x11a/0x400 [ 26.448454] mempool_slab_uaf+0xea/0x140 [ 26.448619] kunit_try_run_case+0x1a5/0x480 [ 26.449390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.449785] kthread+0x337/0x6f0 [ 26.450007] ret_from_fork+0x116/0x1d0 [ 26.450178] ret_from_fork_asm+0x1a/0x30 [ 26.450362] [ 26.450446] The buggy address belongs to the object at ffff88810618b240 [ 26.450446] which belongs to the cache test_cache of size 123 [ 26.451478] The buggy address is located 0 bytes inside of [ 26.451478] freed 123-byte region [ffff88810618b240, ffff88810618b2bb) [ 26.452484] [ 26.452603] The buggy address belongs to the physical page: [ 26.453101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10618b [ 26.453439] flags: 0x200000000000000(node=0|zone=2) [ 26.453654] page_type: f5(slab) [ 26.454163] raw: 0200000000000000 ffff8881012b1a00 dead000000000122 0000000000000000 [ 26.454528] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.455322] page dumped because: kasan: bad access detected [ 26.455655] [ 26.456000] Memory state around the buggy address: [ 26.456218] ffff88810618b100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.456523] ffff88810618b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.457204] >ffff88810618b200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 26.457614] ^ [ 26.458147] ffff88810618b280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.458625] ffff88810618b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.459476] ================================================================== [ 26.374545] ================================================================== [ 26.376208] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 26.376573] Read of size 1 at addr ffff888102b06700 by task kunit_try_catch/275 [ 26.377444] [ 26.377549] CPU: 1 UID: 0 PID: 275 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.377602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.377613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.377636] Call Trace: [ 26.377648] <TASK> [ 26.377666] dump_stack_lvl+0x73/0xb0 [ 26.377701] print_report+0xd1/0x640 [ 26.377724] ? __virt_addr_valid+0x1db/0x2d0 [ 26.377748] ? mempool_uaf_helper+0x392/0x400 [ 26.377770] ? kasan_complete_mode_report_info+0x64/0x200 [ 26.377795] ? mempool_uaf_helper+0x392/0x400 [ 26.377901] kasan_report+0x141/0x180 [ 26.377924] ? mempool_uaf_helper+0x392/0x400 [ 26.377949] __asan_report_load1_noabort+0x18/0x20 [ 26.377973] mempool_uaf_helper+0x392/0x400 [ 26.377995] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 26.378017] ? dequeue_entities+0x23f/0x1630 [ 26.378040] ? __kasan_check_write+0x18/0x20 [ 26.378062] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.378083] ? finish_task_switch.isra.0+0x153/0x700 [ 26.378108] mempool_kmalloc_uaf+0xef/0x140 [ 26.378129] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 26.378153] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.378177] ? __pfx_mempool_kfree+0x10/0x10 [ 26.378200] ? __pfx_read_tsc+0x10/0x10 [ 26.378222] ? ktime_get_ts64+0x86/0x230 [ 26.378246] kunit_try_run_case+0x1a5/0x480 [ 26.378286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.378307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.378331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.378354] ? __kthread_parkme+0x82/0x180 [ 26.378375] ? preempt_count_sub+0x50/0x80 [ 26.378397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.378420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.378443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.378465] kthread+0x337/0x6f0 [ 26.378484] ? trace_preempt_on+0x20/0xc0 [ 26.378507] ? __pfx_kthread+0x10/0x10 [ 26.378527] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.378548] ? calculate_sigpending+0x7b/0xa0 [ 26.378573] ? __pfx_kthread+0x10/0x10 [ 26.378593] ret_from_fork+0x116/0x1d0 [ 26.378612] ? __pfx_kthread+0x10/0x10 [ 26.378632] ret_from_fork_asm+0x1a/0x30 [ 26.378670] </TASK> [ 26.378681] [ 26.386834] Allocated by task 275: [ 26.386977] kasan_save_stack+0x45/0x70 [ 26.387123] kasan_save_track+0x18/0x40 [ 26.387309] kasan_save_alloc_info+0x3b/0x50 [ 26.387516] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.387762] remove_element+0x11e/0x190 [ 26.387954] mempool_alloc_preallocated+0x4d/0x90 [ 26.388183] mempool_uaf_helper+0x96/0x400 [ 26.388466] mempool_kmalloc_uaf+0xef/0x140 [ 26.388664] kunit_try_run_case+0x1a5/0x480 [ 26.388945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.389169] kthread+0x337/0x6f0 [ 26.389308] ret_from_fork+0x116/0x1d0 [ 26.389495] ret_from_fork_asm+0x1a/0x30 [ 26.389678] [ 26.389747] Freed by task 275: [ 26.389945] kasan_save_stack+0x45/0x70 [ 26.390126] kasan_save_track+0x18/0x40 [ 26.390301] kasan_save_free_info+0x3f/0x60 [ 26.390471] __kasan_mempool_poison_object+0x131/0x1d0 [ 26.390677] mempool_free+0x2ec/0x380 [ 26.390828] mempool_uaf_helper+0x11a/0x400 [ 26.390967] mempool_kmalloc_uaf+0xef/0x140 [ 26.391104] kunit_try_run_case+0x1a5/0x480 [ 26.391246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.391422] kthread+0x337/0x6f0 [ 26.391536] ret_from_fork+0x116/0x1d0 [ 26.391662] ret_from_fork_asm+0x1a/0x30 [ 26.391794] [ 26.391857] The buggy address belongs to the object at ffff888102b06700 [ 26.391857] which belongs to the cache kmalloc-128 of size 128 [ 26.392470] The buggy address is located 0 bytes inside of [ 26.392470] freed 128-byte region [ffff888102b06700, ffff888102b06780) [ 26.392987] [ 26.393077] The buggy address belongs to the physical page: [ 26.393366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 26.393757] flags: 0x200000000000000(node=0|zone=2) [ 26.393915] page_type: f5(slab) [ 26.394033] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.394263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.394522] page dumped because: kasan: bad access detected [ 26.394953] [ 26.395050] Memory state around the buggy address: [ 26.395281] ffff888102b06600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.395607] ffff888102b06680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.396138] >ffff888102b06700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.396463] ^ [ 26.396616] ffff888102b06780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.397040] ffff888102b06800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.397331] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper: Failure
Automatically assigned
[ 26.341750] ================================================================== [ 26.342322] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 26.342617] Read of size 1 at addr ffff8881053c52bb by task kunit_try_catch/273 [ 26.342932] [ 26.343042] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.343113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.343127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.343151] Call Trace: [ 26.343164] <TASK> [ 26.343194] dump_stack_lvl+0x73/0xb0 [ 26.343402] print_report+0xd1/0x640 [ 26.343431] ? __virt_addr_valid+0x1db/0x2d0 [ 26.343457] ? mempool_oob_right_helper+0x318/0x380 [ 26.343481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.343506] ? mempool_oob_right_helper+0x318/0x380 [ 26.343551] kasan_report+0x141/0x180 [ 26.343575] ? mempool_oob_right_helper+0x318/0x380 [ 26.343603] __asan_report_load1_noabort+0x18/0x20 [ 26.343629] mempool_oob_right_helper+0x318/0x380 [ 26.343652] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.343679] ? finish_task_switch.isra.0+0x153/0x700 [ 26.343704] mempool_slab_oob_right+0xed/0x140 [ 26.343727] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 26.343752] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 26.343778] ? __pfx_mempool_free_slab+0x10/0x10 [ 26.343818] ? __pfx_read_tsc+0x10/0x10 [ 26.343989] ? ktime_get_ts64+0x86/0x230 [ 26.344015] kunit_try_run_case+0x1a5/0x480 [ 26.344060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.344081] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.344117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.344149] ? __kthread_parkme+0x82/0x180 [ 26.344170] ? preempt_count_sub+0x50/0x80 [ 26.344193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.344216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.344241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.344273] kthread+0x337/0x6f0 [ 26.344293] ? trace_preempt_on+0x20/0xc0 [ 26.344316] ? __pfx_kthread+0x10/0x10 [ 26.344336] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.344367] ? calculate_sigpending+0x7b/0xa0 [ 26.344393] ? __pfx_kthread+0x10/0x10 [ 26.344414] ret_from_fork+0x116/0x1d0 [ 26.344432] ? __pfx_kthread+0x10/0x10 [ 26.344452] ret_from_fork_asm+0x1a/0x30 [ 26.344483] </TASK> [ 26.344494] [ 26.352805] Allocated by task 273: [ 26.352940] kasan_save_stack+0x45/0x70 [ 26.353323] kasan_save_track+0x18/0x40 [ 26.353518] kasan_save_alloc_info+0x3b/0x50 [ 26.354040] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 26.354321] remove_element+0x11e/0x190 [ 26.354505] mempool_alloc_preallocated+0x4d/0x90 [ 26.354720] mempool_oob_right_helper+0x8a/0x380 [ 26.355003] mempool_slab_oob_right+0xed/0x140 [ 26.355217] kunit_try_run_case+0x1a5/0x480 [ 26.355421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.355644] kthread+0x337/0x6f0 [ 26.355755] ret_from_fork+0x116/0x1d0 [ 26.355929] ret_from_fork_asm+0x1a/0x30 [ 26.356110] [ 26.356174] The buggy address belongs to the object at ffff8881053c5240 [ 26.356174] which belongs to the cache test_cache of size 123 [ 26.356520] The buggy address is located 0 bytes to the right of [ 26.356520] allocated 123-byte region [ffff8881053c5240, ffff8881053c52bb) [ 26.357498] [ 26.357573] The buggy address belongs to the physical page: [ 26.357733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053c5 [ 26.357959] flags: 0x200000000000000(node=0|zone=2) [ 26.358111] page_type: f5(slab) [ 26.358231] raw: 0200000000000000 ffff888100a0b8c0 dead000000000122 0000000000000000 [ 26.358582] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 26.358915] page dumped because: kasan: bad access detected [ 26.359161] [ 26.359246] Memory state around the buggy address: [ 26.359547] ffff8881053c5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.359882] ffff8881053c5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 26.360233] >ffff8881053c5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 26.360439] ^ [ 26.360906] ffff8881053c5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.361200] ffff8881053c5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.361484] ================================================================== [ 26.290184] ================================================================== [ 26.290663] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 26.290970] Read of size 1 at addr ffff8881053b7673 by task kunit_try_catch/269 [ 26.291344] [ 26.291455] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.291510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.291522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.291547] Call Trace: [ 26.291561] <TASK> [ 26.291581] dump_stack_lvl+0x73/0xb0 [ 26.291619] print_report+0xd1/0x640 [ 26.291687] ? __virt_addr_valid+0x1db/0x2d0 [ 26.291715] ? mempool_oob_right_helper+0x318/0x380 [ 26.291764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.291791] ? mempool_oob_right_helper+0x318/0x380 [ 26.291814] kasan_report+0x141/0x180 [ 26.291853] ? mempool_oob_right_helper+0x318/0x380 [ 26.291881] __asan_report_load1_noabort+0x18/0x20 [ 26.291904] mempool_oob_right_helper+0x318/0x380 [ 26.291928] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.291952] ? dequeue_entities+0x23f/0x1630 [ 26.291978] ? __kasan_check_write+0x18/0x20 [ 26.292002] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.292023] ? finish_task_switch.isra.0+0x153/0x700 [ 26.292049] mempool_kmalloc_oob_right+0xf2/0x150 [ 26.292072] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 26.292134] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.292159] ? __pfx_mempool_kfree+0x10/0x10 [ 26.292185] ? __pfx_read_tsc+0x10/0x10 [ 26.292207] ? ktime_get_ts64+0x86/0x230 [ 26.292235] kunit_try_run_case+0x1a5/0x480 [ 26.292311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.292335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.292372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.292406] ? __kthread_parkme+0x82/0x180 [ 26.292428] ? preempt_count_sub+0x50/0x80 [ 26.292453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.292476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.292499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.292522] kthread+0x337/0x6f0 [ 26.292542] ? trace_preempt_on+0x20/0xc0 [ 26.292567] ? __pfx_kthread+0x10/0x10 [ 26.292588] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.292618] ? calculate_sigpending+0x7b/0xa0 [ 26.292643] ? __pfx_kthread+0x10/0x10 [ 26.292663] ret_from_fork+0x116/0x1d0 [ 26.292683] ? __pfx_kthread+0x10/0x10 [ 26.292703] ret_from_fork_asm+0x1a/0x30 [ 26.292737] </TASK> [ 26.292749] [ 26.304769] Allocated by task 269: [ 26.304934] kasan_save_stack+0x45/0x70 [ 26.305174] kasan_save_track+0x18/0x40 [ 26.305353] kasan_save_alloc_info+0x3b/0x50 [ 26.305502] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 26.305753] remove_element+0x11e/0x190 [ 26.306090] mempool_alloc_preallocated+0x4d/0x90 [ 26.306299] mempool_oob_right_helper+0x8a/0x380 [ 26.306502] mempool_kmalloc_oob_right+0xf2/0x150 [ 26.306660] kunit_try_run_case+0x1a5/0x480 [ 26.306799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.307038] kthread+0x337/0x6f0 [ 26.307258] ret_from_fork+0x116/0x1d0 [ 26.307455] ret_from_fork_asm+0x1a/0x30 [ 26.307644] [ 26.307720] The buggy address belongs to the object at ffff8881053b7600 [ 26.307720] which belongs to the cache kmalloc-128 of size 128 [ 26.308174] The buggy address is located 0 bytes to the right of [ 26.308174] allocated 115-byte region [ffff8881053b7600, ffff8881053b7673) [ 26.308650] [ 26.308746] The buggy address belongs to the physical page: [ 26.308992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b7 [ 26.309375] flags: 0x200000000000000(node=0|zone=2) [ 26.309541] page_type: f5(slab) [ 26.309661] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.309926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.310419] page dumped because: kasan: bad access detected [ 26.310589] [ 26.310658] Memory state around the buggy address: [ 26.310808] ffff8881053b7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.311536] ffff8881053b7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.311834] >ffff8881053b7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.312110] ^ [ 26.312366] ffff8881053b7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.312634] ffff8881053b7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 26.312886] ================================================================== [ 26.318551] ================================================================== [ 26.319268] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 26.319662] Read of size 1 at addr ffff888106252001 by task kunit_try_catch/271 [ 26.320151] [ 26.320313] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 26.320412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.320426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.320450] Call Trace: [ 26.320512] <TASK> [ 26.320535] dump_stack_lvl+0x73/0xb0 [ 26.320585] print_report+0xd1/0x640 [ 26.320609] ? __virt_addr_valid+0x1db/0x2d0 [ 26.320635] ? mempool_oob_right_helper+0x318/0x380 [ 26.320657] ? kasan_addr_to_slab+0x11/0xa0 [ 26.320677] ? mempool_oob_right_helper+0x318/0x380 [ 26.320699] kasan_report+0x141/0x180 [ 26.320720] ? mempool_oob_right_helper+0x318/0x380 [ 26.320794] __asan_report_load1_noabort+0x18/0x20 [ 26.320819] mempool_oob_right_helper+0x318/0x380 [ 26.320854] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 26.320983] ? dequeue_entities+0x23f/0x1630 [ 26.321011] ? __kasan_check_write+0x18/0x20 [ 26.321035] ? __pfx_sched_clock_cpu+0x10/0x10 [ 26.321056] ? finish_task_switch.isra.0+0x153/0x700 [ 26.321081] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 26.321105] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 26.321131] ? __pfx_mempool_kmalloc+0x10/0x10 [ 26.321155] ? __pfx_mempool_kfree+0x10/0x10 [ 26.321179] ? __pfx_read_tsc+0x10/0x10 [ 26.321201] ? ktime_get_ts64+0x86/0x230 [ 26.321226] kunit_try_run_case+0x1a5/0x480 [ 26.321265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.321288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.321312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.321335] ? __kthread_parkme+0x82/0x180 [ 26.321355] ? preempt_count_sub+0x50/0x80 [ 26.321377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.321399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.321422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.321444] kthread+0x337/0x6f0 [ 26.321463] ? trace_preempt_on+0x20/0xc0 [ 26.321486] ? __pfx_kthread+0x10/0x10 [ 26.321508] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.321529] ? calculate_sigpending+0x7b/0xa0 [ 26.321553] ? __pfx_kthread+0x10/0x10 [ 26.321574] ret_from_fork+0x116/0x1d0 [ 26.321592] ? __pfx_kthread+0x10/0x10 [ 26.321612] ret_from_fork_asm+0x1a/0x30 [ 26.321643] </TASK> [ 26.321655] [ 26.330496] The buggy address belongs to the physical page: [ 26.330765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106250 [ 26.331094] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 26.331503] flags: 0x200000000000040(head|node=0|zone=2) [ 26.331689] page_type: f8(unknown) [ 26.331932] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.332311] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.332620] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 26.332937] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 26.333291] head: 0200000000000002 ffffea0004189401 00000000ffffffff 00000000ffffffff [ 26.333592] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 26.334041] page dumped because: kasan: bad access detected [ 26.334272] [ 26.334384] Memory state around the buggy address: [ 26.334594] ffff888106251f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.334813] ffff888106251f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 26.335023] >ffff888106252000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.335567] ^ [ 26.335993] ffff888106252080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.336220] ffff888106252100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 26.336438] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy: Failure
Automatically assigned
[ 25.714546] ================================================================== [ 25.715132] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 25.715572] Read of size 1 at addr ffff888100a0b640 by task kunit_try_catch/263 [ 25.715903] [ 25.715999] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.716051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.716063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.716086] Call Trace: [ 25.716100] <TASK> [ 25.716118] dump_stack_lvl+0x73/0xb0 [ 25.716151] print_report+0xd1/0x640 [ 25.716173] ? __virt_addr_valid+0x1db/0x2d0 [ 25.716199] ? kmem_cache_double_destroy+0x1bf/0x380 [ 25.716222] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.716258] ? kmem_cache_double_destroy+0x1bf/0x380 [ 25.716282] kasan_report+0x141/0x180 [ 25.716305] ? kmem_cache_double_destroy+0x1bf/0x380 [ 25.716332] ? kmem_cache_double_destroy+0x1bf/0x380 [ 25.716355] __kasan_check_byte+0x3d/0x50 [ 25.716376] kmem_cache_destroy+0x25/0x1d0 [ 25.716403] kmem_cache_double_destroy+0x1bf/0x380 [ 25.716427] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 25.716450] ? finish_task_switch.isra.0+0x153/0x700 [ 25.716473] ? __switch_to+0x47/0xf80 [ 25.716503] ? __pfx_read_tsc+0x10/0x10 [ 25.716525] ? ktime_get_ts64+0x86/0x230 [ 25.716549] kunit_try_run_case+0x1a5/0x480 [ 25.716575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.716596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.716631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.716663] ? __kthread_parkme+0x82/0x180 [ 25.716683] ? preempt_count_sub+0x50/0x80 [ 25.716706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.716728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.716751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.716773] kthread+0x337/0x6f0 [ 25.716793] ? trace_preempt_on+0x20/0xc0 [ 25.716818] ? __pfx_kthread+0x10/0x10 [ 25.716837] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.716867] ? calculate_sigpending+0x7b/0xa0 [ 25.716892] ? __pfx_kthread+0x10/0x10 [ 25.716914] ret_from_fork+0x116/0x1d0 [ 25.716933] ? __pfx_kthread+0x10/0x10 [ 25.716953] ret_from_fork_asm+0x1a/0x30 [ 25.716984] </TASK> [ 25.716995] [ 25.725940] Allocated by task 263: [ 25.726101] kasan_save_stack+0x45/0x70 [ 25.727020] kasan_save_track+0x18/0x40 [ 25.727190] kasan_save_alloc_info+0x3b/0x50 [ 25.727594] __kasan_slab_alloc+0x91/0xa0 [ 25.727788] kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.728271] __kmem_cache_create_args+0x169/0x240 [ 25.728458] kmem_cache_double_destroy+0xd5/0x380 [ 25.728815] kunit_try_run_case+0x1a5/0x480 [ 25.729169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.729422] kthread+0x337/0x6f0 [ 25.729579] ret_from_fork+0x116/0x1d0 [ 25.729749] ret_from_fork_asm+0x1a/0x30 [ 25.729929] [ 25.729999] Freed by task 263: [ 25.730152] kasan_save_stack+0x45/0x70 [ 25.730773] kasan_save_track+0x18/0x40 [ 25.731171] kasan_save_free_info+0x3f/0x60 [ 25.731365] __kasan_slab_free+0x56/0x70 [ 25.731707] kmem_cache_free+0x249/0x420 [ 25.732063] slab_kmem_cache_release+0x2e/0x40 [ 25.732388] kmem_cache_release+0x16/0x20 [ 25.732548] kobject_put+0x181/0x450 [ 25.732883] sysfs_slab_release+0x16/0x20 [ 25.733281] kmem_cache_destroy+0xf0/0x1d0 [ 25.733480] kmem_cache_double_destroy+0x14e/0x380 [ 25.733789] kunit_try_run_case+0x1a5/0x480 [ 25.734068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.734384] kthread+0x337/0x6f0 [ 25.734714] ret_from_fork+0x116/0x1d0 [ 25.734909] ret_from_fork_asm+0x1a/0x30 [ 25.735086] [ 25.735161] The buggy address belongs to the object at ffff888100a0b640 [ 25.735161] which belongs to the cache kmem_cache of size 208 [ 25.735668] The buggy address is located 0 bytes inside of [ 25.735668] freed 208-byte region [ffff888100a0b640, ffff888100a0b710) [ 25.736150] [ 25.736224] The buggy address belongs to the physical page: [ 25.737130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a0b [ 25.737579] flags: 0x200000000000000(node=0|zone=2) [ 25.737953] page_type: f5(slab) [ 25.738145] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 25.738679] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 25.739210] page dumped because: kasan: bad access detected [ 25.739554] [ 25.739652] Memory state around the buggy address: [ 25.739856] ffff888100a0b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.740344] ffff888100a0b580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 25.740646] >ffff888100a0b600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 25.740936] ^ [ 25.741155] ffff888100a0b680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.741745] ffff888100a0b700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.742202] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf: Failure
Automatically assigned
[ 25.656023] ================================================================== [ 25.656542] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 25.656891] Read of size 1 at addr ffff888102b0c000 by task kunit_try_catch/261 [ 25.657565] [ 25.657692] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.657745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.657757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.657779] Call Trace: [ 25.657815] <TASK> [ 25.657835] dump_stack_lvl+0x73/0xb0 [ 25.657870] print_report+0xd1/0x640 [ 25.657893] ? __virt_addr_valid+0x1db/0x2d0 [ 25.657919] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 25.657941] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.657967] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 25.657989] kasan_report+0x141/0x180 [ 25.658011] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 25.658037] __asan_report_load1_noabort+0x18/0x20 [ 25.658060] kmem_cache_rcu_uaf+0x3e3/0x510 [ 25.658083] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 25.658104] ? finish_task_switch.isra.0+0x153/0x700 [ 25.658126] ? __switch_to+0x47/0xf80 [ 25.658156] ? __pfx_read_tsc+0x10/0x10 [ 25.658178] ? ktime_get_ts64+0x86/0x230 [ 25.658203] kunit_try_run_case+0x1a5/0x480 [ 25.658241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.658263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.658287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.658310] ? __kthread_parkme+0x82/0x180 [ 25.658330] ? preempt_count_sub+0x50/0x80 [ 25.658352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.658375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.658398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.658421] kthread+0x337/0x6f0 [ 25.658439] ? trace_preempt_on+0x20/0xc0 [ 25.658463] ? __pfx_kthread+0x10/0x10 [ 25.658483] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.658504] ? calculate_sigpending+0x7b/0xa0 [ 25.658528] ? __pfx_kthread+0x10/0x10 [ 25.658548] ret_from_fork+0x116/0x1d0 [ 25.658567] ? __pfx_kthread+0x10/0x10 [ 25.658586] ret_from_fork_asm+0x1a/0x30 [ 25.658618] </TASK> [ 25.658633] [ 25.667674] Allocated by task 261: [ 25.667988] kasan_save_stack+0x45/0x70 [ 25.668165] kasan_save_track+0x18/0x40 [ 25.668354] kasan_save_alloc_info+0x3b/0x50 [ 25.668540] __kasan_slab_alloc+0x91/0xa0 [ 25.668717] kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.668901] kmem_cache_rcu_uaf+0x155/0x510 [ 25.669091] kunit_try_run_case+0x1a5/0x480 [ 25.669297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.669517] kthread+0x337/0x6f0 [ 25.669657] ret_from_fork+0x116/0x1d0 [ 25.669840] ret_from_fork_asm+0x1a/0x30 [ 25.669994] [ 25.670081] Freed by task 0: [ 25.670217] kasan_save_stack+0x45/0x70 [ 25.671115] kasan_save_track+0x18/0x40 [ 25.671278] kasan_save_free_info+0x3f/0x60 [ 25.671998] __kasan_slab_free+0x56/0x70 [ 25.672566] slab_free_after_rcu_debug+0xe4/0x310 [ 25.673271] rcu_core+0x66f/0x1c40 [ 25.673654] rcu_core_si+0x12/0x20 [ 25.673783] handle_softirqs+0x209/0x730 [ 25.674424] __irq_exit_rcu+0xc9/0x110 [ 25.675062] irq_exit_rcu+0x12/0x20 [ 25.675513] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.675700] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.676283] [ 25.676451] Last potentially related work creation: [ 25.676897] kasan_save_stack+0x45/0x70 [ 25.677111] kasan_record_aux_stack+0xb2/0xc0 [ 25.677321] kmem_cache_free+0x131/0x420 [ 25.677497] kmem_cache_rcu_uaf+0x194/0x510 [ 25.677688] kunit_try_run_case+0x1a5/0x480 [ 25.677880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.678114] kthread+0x337/0x6f0 [ 25.678274] ret_from_fork+0x116/0x1d0 [ 25.678450] ret_from_fork_asm+0x1a/0x30 [ 25.678631] [ 25.678701] The buggy address belongs to the object at ffff888102b0c000 [ 25.678701] which belongs to the cache test_cache of size 200 [ 25.679209] The buggy address is located 0 bytes inside of [ 25.679209] freed 200-byte region [ffff888102b0c000, ffff888102b0c0c8) [ 25.679873] [ 25.679949] The buggy address belongs to the physical page: [ 25.680199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b0c [ 25.680581] flags: 0x200000000000000(node=0|zone=2) [ 25.680908] page_type: f5(slab) [ 25.681108] raw: 0200000000000000 ffff8881012b1780 dead000000000122 0000000000000000 [ 25.681442] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.681767] page dumped because: kasan: bad access detected [ 25.682211] [ 25.682296] Memory state around the buggy address: [ 25.682492] ffff888102b0bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.683048] ffff888102b0bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.683359] >ffff888102b0c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.683645] ^ [ 25.683905] ffff888102b0c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.684213] ffff888102b0c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.684545] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free: Failure
Automatically assigned
[ 25.587707] ================================================================== [ 25.588289] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 25.588920] Free of addr ffff8881053be001 by task kunit_try_catch/259 [ 25.589209] [ 25.589383] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.589665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.589678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.589702] Call Trace: [ 25.589717] <TASK> [ 25.589735] dump_stack_lvl+0x73/0xb0 [ 25.589983] print_report+0xd1/0x640 [ 25.590008] ? __virt_addr_valid+0x1db/0x2d0 [ 25.590036] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.590061] ? kmem_cache_invalid_free+0x1d8/0x460 [ 25.590085] kasan_report_invalid_free+0x10a/0x130 [ 25.590109] ? kmem_cache_invalid_free+0x1d8/0x460 [ 25.590134] ? kmem_cache_invalid_free+0x1d8/0x460 [ 25.590157] check_slab_allocation+0x11f/0x130 [ 25.590178] __kasan_slab_pre_free+0x28/0x40 [ 25.590197] kmem_cache_free+0xed/0x420 [ 25.590217] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.590255] ? kmem_cache_invalid_free+0x1d8/0x460 [ 25.590280] kmem_cache_invalid_free+0x1d8/0x460 [ 25.590304] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 25.590326] ? finish_task_switch.isra.0+0x153/0x700 [ 25.590347] ? __switch_to+0x47/0xf80 [ 25.590376] ? __pfx_read_tsc+0x10/0x10 [ 25.590398] ? ktime_get_ts64+0x86/0x230 [ 25.590423] kunit_try_run_case+0x1a5/0x480 [ 25.590448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.590469] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.590503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.590535] ? __kthread_parkme+0x82/0x180 [ 25.590554] ? preempt_count_sub+0x50/0x80 [ 25.590575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.590598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.590621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.590650] kthread+0x337/0x6f0 [ 25.590672] ? trace_preempt_on+0x20/0xc0 [ 25.590696] ? __pfx_kthread+0x10/0x10 [ 25.590715] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.590745] ? calculate_sigpending+0x7b/0xa0 [ 25.590769] ? __pfx_kthread+0x10/0x10 [ 25.590789] ret_from_fork+0x116/0x1d0 [ 25.590808] ? __pfx_kthread+0x10/0x10 [ 25.590827] ret_from_fork_asm+0x1a/0x30 [ 25.590873] </TASK> [ 25.590884] [ 25.602389] Allocated by task 259: [ 25.602556] kasan_save_stack+0x45/0x70 [ 25.602749] kasan_save_track+0x18/0x40 [ 25.602916] kasan_save_alloc_info+0x3b/0x50 [ 25.603099] __kasan_slab_alloc+0x91/0xa0 [ 25.603990] kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.604360] kmem_cache_invalid_free+0x157/0x460 [ 25.604765] kunit_try_run_case+0x1a5/0x480 [ 25.605196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.605585] kthread+0x337/0x6f0 [ 25.605941] ret_from_fork+0x116/0x1d0 [ 25.606252] ret_from_fork_asm+0x1a/0x30 [ 25.606555] [ 25.606791] The buggy address belongs to the object at ffff8881053be000 [ 25.606791] which belongs to the cache test_cache of size 200 [ 25.607497] The buggy address is located 1 bytes inside of [ 25.607497] 200-byte region [ffff8881053be000, ffff8881053be0c8) [ 25.608483] [ 25.608718] The buggy address belongs to the physical page: [ 25.609297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053be [ 25.609899] flags: 0x200000000000000(node=0|zone=2) [ 25.610385] page_type: f5(slab) [ 25.610691] raw: 0200000000000000 ffff888100a0b500 dead000000000122 0000000000000000 [ 25.611268] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.611568] page dumped because: kasan: bad access detected [ 25.611784] [ 25.611863] Memory state around the buggy address: [ 25.612065] ffff8881053bdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.612868] ffff8881053bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.613552] >ffff8881053be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.614436] ^ [ 25.614764] ffff8881053be080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.615088] ffff8881053be100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.615397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free: Failure
Automatically assigned
[ 25.536611] ================================================================== [ 25.537773] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 25.538807] Free of addr ffff888102b09000 by task kunit_try_catch/257 [ 25.539416] [ 25.539728] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.539785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.539798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.539821] Call Trace: [ 25.539942] <TASK> [ 25.539968] dump_stack_lvl+0x73/0xb0 [ 25.540006] print_report+0xd1/0x640 [ 25.540030] ? __virt_addr_valid+0x1db/0x2d0 [ 25.540056] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.540092] ? kmem_cache_double_free+0x1e5/0x480 [ 25.540117] kasan_report_invalid_free+0x10a/0x130 [ 25.540140] ? kmem_cache_double_free+0x1e5/0x480 [ 25.540165] ? kmem_cache_double_free+0x1e5/0x480 [ 25.540187] check_slab_allocation+0x101/0x130 [ 25.540208] __kasan_slab_pre_free+0x28/0x40 [ 25.540237] kmem_cache_free+0xed/0x420 [ 25.540256] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.540280] ? kmem_cache_double_free+0x1e5/0x480 [ 25.540306] kmem_cache_double_free+0x1e5/0x480 [ 25.540328] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 25.540351] ? finish_task_switch.isra.0+0x153/0x700 [ 25.540373] ? __switch_to+0x47/0xf80 [ 25.540402] ? __pfx_read_tsc+0x10/0x10 [ 25.540423] ? ktime_get_ts64+0x86/0x230 [ 25.540448] kunit_try_run_case+0x1a5/0x480 [ 25.540473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.540494] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.540528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.540560] ? __kthread_parkme+0x82/0x180 [ 25.540579] ? preempt_count_sub+0x50/0x80 [ 25.540603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.540625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.540648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.540670] kthread+0x337/0x6f0 [ 25.540689] ? trace_preempt_on+0x20/0xc0 [ 25.540713] ? __pfx_kthread+0x10/0x10 [ 25.540732] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.540761] ? calculate_sigpending+0x7b/0xa0 [ 25.540785] ? __pfx_kthread+0x10/0x10 [ 25.540841] ret_from_fork+0x116/0x1d0 [ 25.540860] ? __pfx_kthread+0x10/0x10 [ 25.540879] ret_from_fork_asm+0x1a/0x30 [ 25.540910] </TASK> [ 25.540922] [ 25.556382] Allocated by task 257: [ 25.556513] kasan_save_stack+0x45/0x70 [ 25.556656] kasan_save_track+0x18/0x40 [ 25.556780] kasan_save_alloc_info+0x3b/0x50 [ 25.556916] __kasan_slab_alloc+0x91/0xa0 [ 25.557042] kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.557189] kmem_cache_double_free+0x14f/0x480 [ 25.557340] kunit_try_run_case+0x1a5/0x480 [ 25.557476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.557637] kthread+0x337/0x6f0 [ 25.557747] ret_from_fork+0x116/0x1d0 [ 25.557867] ret_from_fork_asm+0x1a/0x30 [ 25.557994] [ 25.558054] Freed by task 257: [ 25.558153] kasan_save_stack+0x45/0x70 [ 25.558403] kasan_save_track+0x18/0x40 [ 25.558737] kasan_save_free_info+0x3f/0x60 [ 25.559093] __kasan_slab_free+0x56/0x70 [ 25.559508] kmem_cache_free+0x249/0x420 [ 25.559850] kmem_cache_double_free+0x16a/0x480 [ 25.560244] kunit_try_run_case+0x1a5/0x480 [ 25.561047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.561701] kthread+0x337/0x6f0 [ 25.562328] ret_from_fork+0x116/0x1d0 [ 25.562796] ret_from_fork_asm+0x1a/0x30 [ 25.563321] [ 25.563616] The buggy address belongs to the object at ffff888102b09000 [ 25.563616] which belongs to the cache test_cache of size 200 [ 25.565053] The buggy address is located 0 bytes inside of [ 25.565053] 200-byte region [ffff888102b09000, ffff888102b090c8) [ 25.566528] [ 25.566859] The buggy address belongs to the physical page: [ 25.567586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b09 [ 25.568569] flags: 0x200000000000000(node=0|zone=2) [ 25.569268] page_type: f5(slab) [ 25.569757] raw: 0200000000000000 ffff8881012b1640 dead000000000122 0000000000000000 [ 25.570692] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.571701] page dumped because: kasan: bad access detected [ 25.572541] [ 25.572743] Memory state around the buggy address: [ 25.573355] ffff888102b08f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.574210] ffff888102b08f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.574738] >ffff888102b09000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.575219] ^ [ 25.575346] ffff888102b09080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 25.575554] ffff888102b09100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.575759] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob: Failure
Automatically assigned
[ 25.487388] ================================================================== [ 25.488593] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 25.489883] Read of size 1 at addr ffff8881053be0c8 by task kunit_try_catch/255 [ 25.490359] [ 25.490541] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.490647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.490660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.490683] Call Trace: [ 25.490723] <TASK> [ 25.490742] dump_stack_lvl+0x73/0xb0 [ 25.490778] print_report+0xd1/0x640 [ 25.490803] ? __virt_addr_valid+0x1db/0x2d0 [ 25.490948] ? kmem_cache_oob+0x402/0x530 [ 25.490981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.491006] ? kmem_cache_oob+0x402/0x530 [ 25.491028] kasan_report+0x141/0x180 [ 25.491049] ? kmem_cache_oob+0x402/0x530 [ 25.491075] __asan_report_load1_noabort+0x18/0x20 [ 25.491098] kmem_cache_oob+0x402/0x530 [ 25.491118] ? trace_hardirqs_on+0x37/0xe0 [ 25.491143] ? __pfx_kmem_cache_oob+0x10/0x10 [ 25.491163] ? finish_task_switch.isra.0+0x153/0x700 [ 25.491185] ? __switch_to+0x47/0xf80 [ 25.491215] ? __pfx_read_tsc+0x10/0x10 [ 25.491246] ? ktime_get_ts64+0x86/0x230 [ 25.491271] kunit_try_run_case+0x1a5/0x480 [ 25.491297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.491318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.491352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.491384] ? __kthread_parkme+0x82/0x180 [ 25.491404] ? preempt_count_sub+0x50/0x80 [ 25.491425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.491447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.491469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.491491] kthread+0x337/0x6f0 [ 25.491509] ? trace_preempt_on+0x20/0xc0 [ 25.491531] ? __pfx_kthread+0x10/0x10 [ 25.491550] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.491579] ? calculate_sigpending+0x7b/0xa0 [ 25.491602] ? __pfx_kthread+0x10/0x10 [ 25.491622] ret_from_fork+0x116/0x1d0 [ 25.491640] ? __pfx_kthread+0x10/0x10 [ 25.491659] ret_from_fork_asm+0x1a/0x30 [ 25.491689] </TASK> [ 25.491700] [ 25.503965] Allocated by task 255: [ 25.504100] kasan_save_stack+0x45/0x70 [ 25.504344] kasan_save_track+0x18/0x40 [ 25.504542] kasan_save_alloc_info+0x3b/0x50 [ 25.504860] __kasan_slab_alloc+0x91/0xa0 [ 25.505298] kmem_cache_alloc_noprof+0x123/0x3f0 [ 25.505639] kmem_cache_oob+0x157/0x530 [ 25.505775] kunit_try_run_case+0x1a5/0x480 [ 25.506257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.506741] kthread+0x337/0x6f0 [ 25.506948] ret_from_fork+0x116/0x1d0 [ 25.507477] ret_from_fork_asm+0x1a/0x30 [ 25.507755] [ 25.507958] The buggy address belongs to the object at ffff8881053be000 [ 25.507958] which belongs to the cache test_cache of size 200 [ 25.508619] The buggy address is located 0 bytes to the right of [ 25.508619] allocated 200-byte region [ffff8881053be000, ffff8881053be0c8) [ 25.509460] [ 25.509624] The buggy address belongs to the physical page: [ 25.510268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053be [ 25.510979] flags: 0x200000000000000(node=0|zone=2) [ 25.511146] page_type: f5(slab) [ 25.511278] raw: 0200000000000000 ffff888100a0b3c0 dead000000000122 0000000000000000 [ 25.511504] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 25.511721] page dumped because: kasan: bad access detected [ 25.511912] [ 25.512011] Memory state around the buggy address: [ 25.512427] ffff8881053bdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.512667] ffff8881053be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 25.512924] >ffff8881053be080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 25.513206] ^ [ 25.513385] ffff8881053be100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.513700] ffff8881053be180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.514021] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf: Failure
Automatically assigned
[ 25.437796] ================================================================== [ 25.438429] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 25.438730] Read of size 8 at addr ffff8881053b2fc0 by task kunit_try_catch/248 [ 25.439045] [ 25.439342] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.439397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.439567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.439594] Call Trace: [ 25.439608] <TASK> [ 25.439626] dump_stack_lvl+0x73/0xb0 [ 25.439662] print_report+0xd1/0x640 [ 25.439686] ? __virt_addr_valid+0x1db/0x2d0 [ 25.439711] ? workqueue_uaf+0x4d6/0x560 [ 25.439732] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.439758] ? workqueue_uaf+0x4d6/0x560 [ 25.439779] kasan_report+0x141/0x180 [ 25.439947] ? workqueue_uaf+0x4d6/0x560 [ 25.439974] __asan_report_load8_noabort+0x18/0x20 [ 25.440000] workqueue_uaf+0x4d6/0x560 [ 25.440022] ? __pfx_workqueue_uaf+0x10/0x10 [ 25.440044] ? __schedule+0x10da/0x2b60 [ 25.440067] ? __pfx_read_tsc+0x10/0x10 [ 25.440089] ? ktime_get_ts64+0x86/0x230 [ 25.440114] kunit_try_run_case+0x1a5/0x480 [ 25.440139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.440161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.440194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.440240] ? __kthread_parkme+0x82/0x180 [ 25.440260] ? preempt_count_sub+0x50/0x80 [ 25.440283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.440306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.440328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.440350] kthread+0x337/0x6f0 [ 25.440369] ? trace_preempt_on+0x20/0xc0 [ 25.440393] ? __pfx_kthread+0x10/0x10 [ 25.440412] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.440442] ? calculate_sigpending+0x7b/0xa0 [ 25.440465] ? __pfx_kthread+0x10/0x10 [ 25.440486] ret_from_fork+0x116/0x1d0 [ 25.440504] ? __pfx_kthread+0x10/0x10 [ 25.440523] ret_from_fork_asm+0x1a/0x30 [ 25.440554] </TASK> [ 25.440565] [ 25.452270] Allocated by task 248: [ 25.452642] kasan_save_stack+0x45/0x70 [ 25.453055] kasan_save_track+0x18/0x40 [ 25.453700] kasan_save_alloc_info+0x3b/0x50 [ 25.454130] __kasan_kmalloc+0xb7/0xc0 [ 25.454497] __kmalloc_cache_noprof+0x189/0x420 [ 25.454957] workqueue_uaf+0x152/0x560 [ 25.455409] kunit_try_run_case+0x1a5/0x480 [ 25.455559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.455727] kthread+0x337/0x6f0 [ 25.455981] ret_from_fork+0x116/0x1d0 [ 25.456319] ret_from_fork_asm+0x1a/0x30 [ 25.456664] [ 25.456825] Freed by task 9: [ 25.457175] kasan_save_stack+0x45/0x70 [ 25.457528] kasan_save_track+0x18/0x40 [ 25.458008] kasan_save_free_info+0x3f/0x60 [ 25.458264] __kasan_slab_free+0x56/0x70 [ 25.458399] kfree+0x222/0x3f0 [ 25.458509] workqueue_uaf_work+0x12/0x20 [ 25.458650] process_one_work+0x5ee/0xf60 [ 25.458784] worker_thread+0x758/0x1220 [ 25.459175] kthread+0x337/0x6f0 [ 25.459465] ret_from_fork+0x116/0x1d0 [ 25.459797] ret_from_fork_asm+0x1a/0x30 [ 25.460174] [ 25.460353] Last potentially related work creation: [ 25.460848] kasan_save_stack+0x45/0x70 [ 25.461238] kasan_record_aux_stack+0xb2/0xc0 [ 25.461615] __queue_work+0x61a/0xe70 [ 25.462000] queue_work_on+0xb6/0xc0 [ 25.462352] workqueue_uaf+0x26d/0x560 [ 25.462697] kunit_try_run_case+0x1a5/0x480 [ 25.463283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.463480] kthread+0x337/0x6f0 [ 25.463595] ret_from_fork+0x116/0x1d0 [ 25.463720] ret_from_fork_asm+0x1a/0x30 [ 25.464028] [ 25.464185] The buggy address belongs to the object at ffff8881053b2fc0 [ 25.464185] which belongs to the cache kmalloc-32 of size 32 [ 25.465363] The buggy address is located 0 bytes inside of [ 25.465363] freed 32-byte region [ffff8881053b2fc0, ffff8881053b2fe0) [ 25.466496] [ 25.466672] The buggy address belongs to the physical page: [ 25.466981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b2 [ 25.467307] flags: 0x200000000000000(node=0|zone=2) [ 25.467739] page_type: f5(slab) [ 25.468212] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 25.468884] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.469518] page dumped because: kasan: bad access detected [ 25.469687] [ 25.469749] Memory state around the buggy address: [ 25.470022] ffff8881053b2e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 25.470763] ffff8881053b2f00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.471490] >ffff8881053b2f80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 25.472264] ^ [ 25.472734] ffff8881053b3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 25.473446] ffff8881053b3080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 25.473669] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim: Failure
Automatically assigned
[ 25.398059] ================================================================== [ 25.398562] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 25.399051] Read of size 4 at addr ffff888102b41ac0 by task swapper/1/0 [ 25.399352] [ 25.399484] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 25.399533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.399545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.399567] Call Trace: [ 25.399595] <IRQ> [ 25.399611] dump_stack_lvl+0x73/0xb0 [ 25.399645] print_report+0xd1/0x640 [ 25.399691] ? __virt_addr_valid+0x1db/0x2d0 [ 25.399715] ? rcu_uaf_reclaim+0x50/0x60 [ 25.399734] ? kasan_complete_mode_report_info+0x64/0x200 [ 25.399777] ? rcu_uaf_reclaim+0x50/0x60 [ 25.399796] kasan_report+0x141/0x180 [ 25.399828] ? rcu_uaf_reclaim+0x50/0x60 [ 25.399852] __asan_report_load4_noabort+0x18/0x20 [ 25.399875] rcu_uaf_reclaim+0x50/0x60 [ 25.399895] rcu_core+0x66f/0x1c40 [ 25.399923] ? __pfx_rcu_core+0x10/0x10 [ 25.399944] ? ktime_get+0x6b/0x150 [ 25.399966] ? handle_softirqs+0x18e/0x730 [ 25.399989] rcu_core_si+0x12/0x20 [ 25.400009] handle_softirqs+0x209/0x730 [ 25.400028] ? hrtimer_interrupt+0x2fe/0x780 [ 25.400054] ? __pfx_handle_softirqs+0x10/0x10 [ 25.400153] __irq_exit_rcu+0xc9/0x110 [ 25.400179] irq_exit_rcu+0x12/0x20 [ 25.400198] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.400236] </IRQ> [ 25.400267] <TASK> [ 25.400280] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.400397] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 25.400627] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 63 b3 16 00 fb f4 <e9> bc 2a 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 25.400707] RSP: 0000:ffff88810087fdc8 EFLAGS: 00010212 [ 25.400795] RAX: ffff8881a3313000 RBX: ffff88810085b000 RCX: ffffffffb59209a5 [ 25.401014] RDX: ffffed102b626193 RSI: 0000000000000004 RDI: 000000000001e39c [ 25.401061] RBP: ffff88810087fdd0 R08: 0000000000000001 R09: ffffed102b626192 [ 25.401104] R10: ffff88815b130c93 R11: ffff88815b1363c8 R12: 0000000000000001 [ 25.401148] R13: ffffed102010b600 R14: ffffffffb75fb2d0 R15: 0000000000000000 [ 25.401206] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 25.401279] ? default_idle+0xd/0x20 [ 25.401299] arch_cpu_idle+0xd/0x20 [ 25.401317] default_idle_call+0x48/0x80 [ 25.401336] do_idle+0x379/0x4f0 [ 25.401362] ? __pfx_do_idle+0x10/0x10 [ 25.401382] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 25.401415] ? complete+0x15b/0x1d0 [ 25.401441] cpu_startup_entry+0x5c/0x70 [ 25.401464] start_secondary+0x211/0x290 [ 25.401486] ? __pfx_start_secondary+0x10/0x10 [ 25.401511] common_startup_64+0x13e/0x148 [ 25.401542] </TASK> [ 25.401553] [ 25.414419] Allocated by task 246: [ 25.414938] kasan_save_stack+0x45/0x70 [ 25.415447] kasan_save_track+0x18/0x40 [ 25.415614] kasan_save_alloc_info+0x3b/0x50 [ 25.415998] __kasan_kmalloc+0xb7/0xc0 [ 25.416162] __kmalloc_cache_noprof+0x189/0x420 [ 25.416630] rcu_uaf+0xb0/0x330 [ 25.417028] kunit_try_run_case+0x1a5/0x480 [ 25.417199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.417539] kthread+0x337/0x6f0 [ 25.417819] ret_from_fork+0x116/0x1d0 [ 25.418245] ret_from_fork_asm+0x1a/0x30 [ 25.418442] [ 25.418508] Freed by task 0: [ 25.418684] kasan_save_stack+0x45/0x70 [ 25.418905] kasan_save_track+0x18/0x40 [ 25.419435] kasan_save_free_info+0x3f/0x60 [ 25.419576] __kasan_slab_free+0x56/0x70 [ 25.419790] kfree+0x222/0x3f0 [ 25.420259] rcu_uaf_reclaim+0x1f/0x60 [ 25.420430] rcu_core+0x66f/0x1c40 [ 25.420601] rcu_core_si+0x12/0x20 [ 25.420799] handle_softirqs+0x209/0x730 [ 25.421048] __irq_exit_rcu+0xc9/0x110 [ 25.421469] irq_exit_rcu+0x12/0x20 [ 25.421641] sysvec_apic_timer_interrupt+0x81/0x90 [ 25.422091] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 25.422335] [ 25.422457] Last potentially related work creation: [ 25.422634] kasan_save_stack+0x45/0x70 [ 25.422824] kasan_record_aux_stack+0xb2/0xc0 [ 25.423172] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 25.423350] call_rcu+0x12/0x20 [ 25.423513] rcu_uaf+0x168/0x330 [ 25.423696] kunit_try_run_case+0x1a5/0x480 [ 25.423892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.424254] kthread+0x337/0x6f0 [ 25.424457] ret_from_fork+0x116/0x1d0 [ 25.424637] ret_from_fork_asm+0x1a/0x30 [ 25.425463] [ 25.425595] The buggy address belongs to the object at ffff888102b41ac0 [ 25.425595] which belongs to the cache kmalloc-32 of size 32 [ 25.426347] The buggy address is located 0 bytes inside of [ 25.426347] freed 32-byte region [ffff888102b41ac0, ffff888102b41ae0) [ 25.426847] [ 25.426923] The buggy address belongs to the physical page: [ 25.427138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b41 [ 25.427630] flags: 0x200000000000000(node=0|zone=2) [ 25.427911] page_type: f5(slab) [ 25.428139] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 25.428540] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 25.428845] page dumped because: kasan: bad access detected [ 25.429093] [ 25.429239] Memory state around the buggy address: [ 25.429483] ffff888102b41980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.429775] ffff888102b41a00: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 25.430335] >ffff888102b41a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 25.430642] ^ [ 25.430879] ffff888102b41b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.431261] ffff888102b41b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.431633] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf: Failure
Automatically assigned
[ 24.270091] ================================================================== [ 24.270584] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 24.271073] Read of size 1 at addr ffff888102b38000 by task kunit_try_catch/196 [ 24.271450] [ 24.271562] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.271610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.271622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.271644] Call Trace: [ 24.271656] <TASK> [ 24.271671] dump_stack_lvl+0x73/0xb0 [ 24.271701] print_report+0xd1/0x640 [ 24.271722] ? __virt_addr_valid+0x1db/0x2d0 [ 24.271746] ? kmalloc_large_uaf+0x2f1/0x340 [ 24.271765] ? kasan_addr_to_slab+0x11/0xa0 [ 24.271792] ? kmalloc_large_uaf+0x2f1/0x340 [ 24.271812] kasan_report+0x141/0x180 [ 24.271833] ? kmalloc_large_uaf+0x2f1/0x340 [ 24.271857] __asan_report_load1_noabort+0x18/0x20 [ 24.271880] kmalloc_large_uaf+0x2f1/0x340 [ 24.271900] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 24.271920] ? __schedule+0x10da/0x2b60 [ 24.271942] ? __pfx_read_tsc+0x10/0x10 [ 24.271963] ? ktime_get_ts64+0x86/0x230 [ 24.271987] kunit_try_run_case+0x1a5/0x480 [ 24.272010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.272031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.272053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.272076] ? __kthread_parkme+0x82/0x180 [ 24.272095] ? preempt_count_sub+0x50/0x80 [ 24.272117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.272139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.272161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.272192] kthread+0x337/0x6f0 [ 24.272211] ? trace_preempt_on+0x20/0xc0 [ 24.272233] ? __pfx_kthread+0x10/0x10 [ 24.272252] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.272273] ? calculate_sigpending+0x7b/0xa0 [ 24.272296] ? __pfx_kthread+0x10/0x10 [ 24.272316] ret_from_fork+0x116/0x1d0 [ 24.272334] ? __pfx_kthread+0x10/0x10 [ 24.272354] ret_from_fork_asm+0x1a/0x30 [ 24.272385] </TASK> [ 24.272397] [ 24.280247] The buggy address belongs to the physical page: [ 24.280528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b38 [ 24.280886] flags: 0x200000000000000(node=0|zone=2) [ 24.281161] raw: 0200000000000000 ffffea00040acf08 ffff88815b139fc0 0000000000000000 [ 24.281620] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 24.282007] page dumped because: kasan: bad access detected [ 24.282325] [ 24.282456] Memory state around the buggy address: [ 24.282677] ffff888102b37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.282954] ffff888102b37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.283167] >ffff888102b38000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.283407] ^ [ 24.283567] ffff888102b38080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.283880] ffff888102b38100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 24.284245] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right: Failure
Automatically assigned
[ 24.249532] ================================================================== [ 24.250068] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 24.250563] Write of size 1 at addr ffff888102b3a00a by task kunit_try_catch/194 [ 24.250866] [ 24.250980] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.251026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.251038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.251059] Call Trace: [ 24.251071] <TASK> [ 24.251085] dump_stack_lvl+0x73/0xb0 [ 24.251114] print_report+0xd1/0x640 [ 24.251136] ? __virt_addr_valid+0x1db/0x2d0 [ 24.251158] ? kmalloc_large_oob_right+0x2e9/0x330 [ 24.251189] ? kasan_addr_to_slab+0x11/0xa0 [ 24.251209] ? kmalloc_large_oob_right+0x2e9/0x330 [ 24.251230] kasan_report+0x141/0x180 [ 24.251251] ? kmalloc_large_oob_right+0x2e9/0x330 [ 24.251286] __asan_report_store1_noabort+0x1b/0x30 [ 24.251309] kmalloc_large_oob_right+0x2e9/0x330 [ 24.251341] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 24.251363] ? __schedule+0x10da/0x2b60 [ 24.251385] ? __pfx_read_tsc+0x10/0x10 [ 24.251405] ? ktime_get_ts64+0x86/0x230 [ 24.251429] kunit_try_run_case+0x1a5/0x480 [ 24.251452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.251473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.251495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.251517] ? __kthread_parkme+0x82/0x180 [ 24.251535] ? preempt_count_sub+0x50/0x80 [ 24.251557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.251579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.251601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.251623] kthread+0x337/0x6f0 [ 24.251641] ? trace_preempt_on+0x20/0xc0 [ 24.251672] ? __pfx_kthread+0x10/0x10 [ 24.251693] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.251714] ? calculate_sigpending+0x7b/0xa0 [ 24.251747] ? __pfx_kthread+0x10/0x10 [ 24.251767] ret_from_fork+0x116/0x1d0 [ 24.251785] ? __pfx_kthread+0x10/0x10 [ 24.251820] ret_from_fork_asm+0x1a/0x30 [ 24.251850] </TASK> [ 24.251861] [ 24.259405] The buggy address belongs to the physical page: [ 24.259637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b38 [ 24.260078] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.260383] flags: 0x200000000000040(head|node=0|zone=2) [ 24.260623] page_type: f8(unknown) [ 24.260789] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.261078] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.261370] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 24.261650] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000 [ 24.261876] head: 0200000000000002 ffffea00040ace01 00000000ffffffff 00000000ffffffff [ 24.262201] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 24.262546] page dumped because: kasan: bad access detected [ 24.262762] [ 24.262825] Memory state around the buggy address: [ 24.263106] ffff888102b39f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.263603] ffff888102b39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.263881] >ffff888102b3a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.264500] ^ [ 24.264682] ffff888102b3a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.265457] ffff888102b3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 24.265774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right: Failure
Automatically assigned
[ 24.225671] ================================================================== [ 24.226425] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 24.226771] Write of size 1 at addr ffff888106299f00 by task kunit_try_catch/192 [ 24.227152] [ 24.227294] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.227352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.227364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.227385] Call Trace: [ 24.227396] <TASK> [ 24.227419] dump_stack_lvl+0x73/0xb0 [ 24.227448] print_report+0xd1/0x640 [ 24.227469] ? __virt_addr_valid+0x1db/0x2d0 [ 24.227502] ? kmalloc_big_oob_right+0x316/0x370 [ 24.227523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.227547] ? kmalloc_big_oob_right+0x316/0x370 [ 24.227568] kasan_report+0x141/0x180 [ 24.227589] ? kmalloc_big_oob_right+0x316/0x370 [ 24.227622] __asan_report_store1_noabort+0x1b/0x30 [ 24.227645] kmalloc_big_oob_right+0x316/0x370 [ 24.227677] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 24.227699] ? __schedule+0x10da/0x2b60 [ 24.227721] ? __pfx_read_tsc+0x10/0x10 [ 24.227742] ? ktime_get_ts64+0x86/0x230 [ 24.227766] kunit_try_run_case+0x1a5/0x480 [ 24.227842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.227868] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.227891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.227913] ? __kthread_parkme+0x82/0x180 [ 24.227933] ? preempt_count_sub+0x50/0x80 [ 24.227955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.227988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.228010] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.228032] kthread+0x337/0x6f0 [ 24.228061] ? trace_preempt_on+0x20/0xc0 [ 24.228084] ? __pfx_kthread+0x10/0x10 [ 24.228103] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.228124] ? calculate_sigpending+0x7b/0xa0 [ 24.228146] ? __pfx_kthread+0x10/0x10 [ 24.228166] ret_from_fork+0x116/0x1d0 [ 24.228194] ? __pfx_kthread+0x10/0x10 [ 24.228214] ret_from_fork_asm+0x1a/0x30 [ 24.228243] </TASK> [ 24.228253] [ 24.235445] Allocated by task 192: [ 24.235568] kasan_save_stack+0x45/0x70 [ 24.235724] kasan_save_track+0x18/0x40 [ 24.235902] kasan_save_alloc_info+0x3b/0x50 [ 24.236103] __kasan_kmalloc+0xb7/0xc0 [ 24.236286] __kmalloc_cache_noprof+0x189/0x420 [ 24.236499] kmalloc_big_oob_right+0xa9/0x370 [ 24.236669] kunit_try_run_case+0x1a5/0x480 [ 24.236808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.236974] kthread+0x337/0x6f0 [ 24.237086] ret_from_fork+0x116/0x1d0 [ 24.237449] ret_from_fork_asm+0x1a/0x30 [ 24.237650] [ 24.237737] The buggy address belongs to the object at ffff888106298000 [ 24.237737] which belongs to the cache kmalloc-8k of size 8192 [ 24.238651] The buggy address is located 0 bytes to the right of [ 24.238651] allocated 7936-byte region [ffff888106298000, ffff888106299f00) [ 24.239253] [ 24.239343] The buggy address belongs to the physical page: [ 24.239590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106298 [ 24.240015] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.240346] flags: 0x200000000000040(head|node=0|zone=2) [ 24.240578] page_type: f5(slab) [ 24.240743] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.241135] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.241404] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 24.241629] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 24.241853] head: 0200000000000003 ffffea000418a601 00000000ffffffff 00000000ffffffff [ 24.242137] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 24.242484] page dumped because: kasan: bad access detected [ 24.242730] [ 24.242814] Memory state around the buggy address: [ 24.243028] ffff888106299e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.243606] ffff888106299e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.244027] >ffff888106299f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.244330] ^ [ 24.244443] ffff888106299f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.244659] ffff88810629a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.245206] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right: Failure
Automatically assigned
[ 24.179148] ================================================================== [ 24.180330] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 24.181279] Write of size 1 at addr ffff888102b06178 by task kunit_try_catch/190 [ 24.182083] [ 24.182311] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.182363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.182375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.182407] Call Trace: [ 24.182420] <TASK> [ 24.182435] dump_stack_lvl+0x73/0xb0 [ 24.182479] print_report+0xd1/0x640 [ 24.182501] ? __virt_addr_valid+0x1db/0x2d0 [ 24.182524] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 24.182547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.182572] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 24.182595] kasan_report+0x141/0x180 [ 24.182622] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 24.182650] __asan_report_store1_noabort+0x1b/0x30 [ 24.182673] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 24.182696] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 24.182719] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.182744] ? trace_hardirqs_on+0x37/0xe0 [ 24.182767] ? __pfx_read_tsc+0x10/0x10 [ 24.182787] ? ktime_get_ts64+0x86/0x230 [ 24.182826] kunit_try_run_case+0x1a5/0x480 [ 24.182850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.182873] ? queued_spin_lock_slowpath+0x116/0xb40 [ 24.182896] ? __kthread_parkme+0x82/0x180 [ 24.182915] ? preempt_count_sub+0x50/0x80 [ 24.182937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.182959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.182981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.183002] kthread+0x337/0x6f0 [ 24.183021] ? trace_preempt_on+0x20/0xc0 [ 24.183044] ? __pfx_kthread+0x10/0x10 [ 24.183064] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.183085] ? calculate_sigpending+0x7b/0xa0 [ 24.183108] ? __pfx_kthread+0x10/0x10 [ 24.183128] ret_from_fork+0x116/0x1d0 [ 24.183146] ? __pfx_kthread+0x10/0x10 [ 24.183166] ret_from_fork_asm+0x1a/0x30 [ 24.183210] </TASK> [ 24.183222] [ 24.194012] Allocated by task 190: [ 24.194218] kasan_save_stack+0x45/0x70 [ 24.194418] kasan_save_track+0x18/0x40 [ 24.194605] kasan_save_alloc_info+0x3b/0x50 [ 24.194796] __kasan_kmalloc+0xb7/0xc0 [ 24.195030] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 24.195295] kmalloc_track_caller_oob_right+0x99/0x520 [ 24.195534] kunit_try_run_case+0x1a5/0x480 [ 24.195675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.195841] kthread+0x337/0x6f0 [ 24.195954] ret_from_fork+0x116/0x1d0 [ 24.196134] ret_from_fork_asm+0x1a/0x30 [ 24.196330] [ 24.196617] The buggy address belongs to the object at ffff888102b06100 [ 24.196617] which belongs to the cache kmalloc-128 of size 128 [ 24.197383] The buggy address is located 0 bytes to the right of [ 24.197383] allocated 120-byte region [ffff888102b06100, ffff888102b06178) [ 24.197956] [ 24.198047] The buggy address belongs to the physical page: [ 24.198340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 24.198652] flags: 0x200000000000000(node=0|zone=2) [ 24.198812] page_type: f5(slab) [ 24.198927] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.199252] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.199589] page dumped because: kasan: bad access detected [ 24.199938] [ 24.200040] Memory state around the buggy address: [ 24.200249] ffff888102b06000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.200460] ffff888102b06080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.200717] >ffff888102b06100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.201027] ^ [ 24.201371] ffff888102b06180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.201710] ffff888102b06200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.202212] ================================================================== [ 24.203313] ================================================================== [ 24.203601] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 24.204251] Write of size 1 at addr ffff888102b06278 by task kunit_try_catch/190 [ 24.204791] [ 24.204946] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.204990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.205002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.205022] Call Trace: [ 24.205032] <TASK> [ 24.205045] dump_stack_lvl+0x73/0xb0 [ 24.205074] print_report+0xd1/0x640 [ 24.205095] ? __virt_addr_valid+0x1db/0x2d0 [ 24.205117] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 24.205140] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.205184] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 24.205209] kasan_report+0x141/0x180 [ 24.205230] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 24.205269] __asan_report_store1_noabort+0x1b/0x30 [ 24.205293] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 24.205316] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 24.205339] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 24.205364] ? trace_hardirqs_on+0x37/0xe0 [ 24.205386] ? __pfx_read_tsc+0x10/0x10 [ 24.205406] ? ktime_get_ts64+0x86/0x230 [ 24.205430] kunit_try_run_case+0x1a5/0x480 [ 24.205453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.205476] ? queued_spin_lock_slowpath+0x116/0xb40 [ 24.205500] ? __kthread_parkme+0x82/0x180 [ 24.205519] ? preempt_count_sub+0x50/0x80 [ 24.205543] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.205568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.205591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.205623] kthread+0x337/0x6f0 [ 24.205642] ? trace_preempt_on+0x20/0xc0 [ 24.205663] ? __pfx_kthread+0x10/0x10 [ 24.205701] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.205723] ? calculate_sigpending+0x7b/0xa0 [ 24.205745] ? __pfx_kthread+0x10/0x10 [ 24.205776] ret_from_fork+0x116/0x1d0 [ 24.205847] ? __pfx_kthread+0x10/0x10 [ 24.205870] ret_from_fork_asm+0x1a/0x30 [ 24.205900] </TASK> [ 24.205909] [ 24.213427] Allocated by task 190: [ 24.213551] kasan_save_stack+0x45/0x70 [ 24.213687] kasan_save_track+0x18/0x40 [ 24.213815] kasan_save_alloc_info+0x3b/0x50 [ 24.214042] __kasan_kmalloc+0xb7/0xc0 [ 24.214228] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 24.214484] kmalloc_track_caller_oob_right+0x19a/0x520 [ 24.214725] kunit_try_run_case+0x1a5/0x480 [ 24.214923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.215338] kthread+0x337/0x6f0 [ 24.215467] ret_from_fork+0x116/0x1d0 [ 24.215597] ret_from_fork_asm+0x1a/0x30 [ 24.215787] [ 24.215888] The buggy address belongs to the object at ffff888102b06200 [ 24.215888] which belongs to the cache kmalloc-128 of size 128 [ 24.216474] The buggy address is located 0 bytes to the right of [ 24.216474] allocated 120-byte region [ffff888102b06200, ffff888102b06278) [ 24.217112] [ 24.217191] The buggy address belongs to the physical page: [ 24.217451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b06 [ 24.217774] flags: 0x200000000000000(node=0|zone=2) [ 24.218030] page_type: f5(slab) [ 24.218222] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.218536] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.218950] page dumped because: kasan: bad access detected [ 24.219186] [ 24.219297] Memory state around the buggy address: [ 24.219454] ffff888102b06100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.219662] ffff888102b06180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.219869] >ffff888102b06200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.220072] ^ [ 24.220341] ffff888102b06280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.220990] ffff888102b06300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.221358] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right: Failure
Automatically assigned
[ 24.144384] ================================================================== [ 24.144867] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 24.145274] Read of size 1 at addr ffff888102b21000 by task kunit_try_catch/188 [ 24.145520] [ 24.145643] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.145694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.145707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.145729] Call Trace: [ 24.145741] <TASK> [ 24.145758] dump_stack_lvl+0x73/0xb0 [ 24.145790] print_report+0xd1/0x640 [ 24.145923] ? __virt_addr_valid+0x1db/0x2d0 [ 24.145948] ? kmalloc_node_oob_right+0x369/0x3c0 [ 24.145971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.145996] ? kmalloc_node_oob_right+0x369/0x3c0 [ 24.146018] kasan_report+0x141/0x180 [ 24.146039] ? kmalloc_node_oob_right+0x369/0x3c0 [ 24.146066] __asan_report_load1_noabort+0x18/0x20 [ 24.146096] kmalloc_node_oob_right+0x369/0x3c0 [ 24.146126] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 24.146149] ? __schedule+0x10da/0x2b60 [ 24.146457] ? __pfx_read_tsc+0x10/0x10 [ 24.146482] ? ktime_get_ts64+0x86/0x230 [ 24.146508] kunit_try_run_case+0x1a5/0x480 [ 24.146533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.146554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.146577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.146600] ? __kthread_parkme+0x82/0x180 [ 24.146627] ? preempt_count_sub+0x50/0x80 [ 24.146649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.146671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.146693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.146715] kthread+0x337/0x6f0 [ 24.146733] ? trace_preempt_on+0x20/0xc0 [ 24.146756] ? __pfx_kthread+0x10/0x10 [ 24.146775] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.146812] ? calculate_sigpending+0x7b/0xa0 [ 24.146847] ? __pfx_kthread+0x10/0x10 [ 24.146868] ret_from_fork+0x116/0x1d0 [ 24.146886] ? __pfx_kthread+0x10/0x10 [ 24.146905] ret_from_fork_asm+0x1a/0x30 [ 24.146934] </TASK> [ 24.146945] [ 24.160635] Allocated by task 188: [ 24.160767] kasan_save_stack+0x45/0x70 [ 24.161378] kasan_save_track+0x18/0x40 [ 24.161848] kasan_save_alloc_info+0x3b/0x50 [ 24.162315] __kasan_kmalloc+0xb7/0xc0 [ 24.162721] __kmalloc_cache_node_noprof+0x188/0x420 [ 24.163308] kmalloc_node_oob_right+0xab/0x3c0 [ 24.163761] kunit_try_run_case+0x1a5/0x480 [ 24.164202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.164383] kthread+0x337/0x6f0 [ 24.164501] ret_from_fork+0x116/0x1d0 [ 24.164629] ret_from_fork_asm+0x1a/0x30 [ 24.164762] [ 24.165200] The buggy address belongs to the object at ffff888102b20000 [ 24.165200] which belongs to the cache kmalloc-4k of size 4096 [ 24.166443] The buggy address is located 0 bytes to the right of [ 24.166443] allocated 4096-byte region [ffff888102b20000, ffff888102b21000) [ 24.167678] [ 24.167756] The buggy address belongs to the physical page: [ 24.168001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b20 [ 24.168430] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 24.168759] flags: 0x200000000000040(head|node=0|zone=2) [ 24.169119] page_type: f5(slab) [ 24.169474] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 24.169898] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 24.170223] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 24.170630] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 24.170973] head: 0200000000000003 ffffea00040ac801 00000000ffffffff 00000000ffffffff [ 24.171427] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 24.171768] page dumped because: kasan: bad access detected [ 24.172002] [ 24.172073] Memory state around the buggy address: [ 24.172289] ffff888102b20f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.172588] ffff888102b20f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.172897] >ffff888102b21000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.173429] ^ [ 24.173553] ffff888102b21080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.173793] ffff888102b21100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.174288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left: Failure
Automatically assigned
[ 24.100759] ================================================================== [ 24.101600] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 24.101857] Read of size 1 at addr ffff888102abfb3f by task kunit_try_catch/186 [ 24.102146] [ 24.102276] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.102329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.102341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.102363] Call Trace: [ 24.102376] <TASK> [ 24.102396] dump_stack_lvl+0x73/0xb0 [ 24.102438] print_report+0xd1/0x640 [ 24.102460] ? __virt_addr_valid+0x1db/0x2d0 [ 24.102485] ? kmalloc_oob_left+0x361/0x3c0 [ 24.102504] ? kasan_complete_mode_report_info+0x64/0x200 [ 24.102529] ? kmalloc_oob_left+0x361/0x3c0 [ 24.102549] kasan_report+0x141/0x180 [ 24.102570] ? kmalloc_oob_left+0x361/0x3c0 [ 24.102595] __asan_report_load1_noabort+0x18/0x20 [ 24.102625] kmalloc_oob_left+0x361/0x3c0 [ 24.102646] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 24.102666] ? __schedule+0x10da/0x2b60 [ 24.102690] ? __pfx_read_tsc+0x10/0x10 [ 24.102711] ? ktime_get_ts64+0x86/0x230 [ 24.102736] kunit_try_run_case+0x1a5/0x480 [ 24.102760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.102781] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.102828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.102851] ? __kthread_parkme+0x82/0x180 [ 24.102872] ? preempt_count_sub+0x50/0x80 [ 24.102895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.102936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.102959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.102982] kthread+0x337/0x6f0 [ 24.103001] ? trace_preempt_on+0x20/0xc0 [ 24.103024] ? __pfx_kthread+0x10/0x10 [ 24.103043] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.103064] ? calculate_sigpending+0x7b/0xa0 [ 24.103088] ? __pfx_kthread+0x10/0x10 [ 24.103108] ret_from_fork+0x116/0x1d0 [ 24.103126] ? __pfx_kthread+0x10/0x10 [ 24.103145] ret_from_fork_asm+0x1a/0x30 [ 24.103187] </TASK> [ 24.103198] [ 24.118469] Allocated by task 21: [ 24.118618] kasan_save_stack+0x45/0x70 [ 24.118766] kasan_save_track+0x18/0x40 [ 24.119537] kasan_save_alloc_info+0x3b/0x50 [ 24.120111] __kasan_kmalloc+0xb7/0xc0 [ 24.121277] __kmalloc_cache_node_noprof+0x188/0x420 [ 24.122222] build_sched_domains+0x38c/0x5d80 [ 24.122837] partition_sched_domains+0x471/0x9c0 [ 24.123113] rebuild_sched_domains_locked+0x97d/0xd50 [ 24.123340] cpuset_update_active_cpus+0x80f/0x1a90 [ 24.123556] sched_cpu_activate+0x2bf/0x330 [ 24.123703] cpuhp_invoke_callback+0x2a1/0xf00 [ 24.123860] cpuhp_thread_fun+0x2ce/0x5c0 [ 24.123994] smpboot_thread_fn+0x2bc/0x730 [ 24.124134] kthread+0x337/0x6f0 [ 24.124259] ret_from_fork+0x116/0x1d0 [ 24.124439] ret_from_fork_asm+0x1a/0x30 [ 24.124633] [ 24.124758] Freed by task 21: [ 24.124900] kasan_save_stack+0x45/0x70 [ 24.125091] kasan_save_track+0x18/0x40 [ 24.125473] kasan_save_free_info+0x3f/0x60 [ 24.125926] __kasan_slab_free+0x56/0x70 [ 24.126276] kfree+0x222/0x3f0 [ 24.127019] build_sched_domains+0x2072/0x5d80 [ 24.127436] partition_sched_domains+0x471/0x9c0 [ 24.128039] rebuild_sched_domains_locked+0x97d/0xd50 [ 24.128449] cpuset_update_active_cpus+0x80f/0x1a90 [ 24.128960] sched_cpu_activate+0x2bf/0x330 [ 24.129357] cpuhp_invoke_callback+0x2a1/0xf00 [ 24.129766] cpuhp_thread_fun+0x2ce/0x5c0 [ 24.130211] smpboot_thread_fn+0x2bc/0x730 [ 24.130593] kthread+0x337/0x6f0 [ 24.130964] ret_from_fork+0x116/0x1d0 [ 24.131324] ret_from_fork_asm+0x1a/0x30 [ 24.131709] [ 24.131960] The buggy address belongs to the object at ffff888102abfb20 [ 24.131960] which belongs to the cache kmalloc-16 of size 16 [ 24.133195] The buggy address is located 15 bytes to the right of [ 24.133195] allocated 16-byte region [ffff888102abfb20, ffff888102abfb30) [ 24.133919] [ 24.134097] The buggy address belongs to the physical page: [ 24.134598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102abf [ 24.135053] flags: 0x200000000000000(node=0|zone=2) [ 24.135395] page_type: f5(slab) [ 24.135725] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.136450] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.136925] page dumped because: kasan: bad access detected [ 24.137329] [ 24.137394] Memory state around the buggy address: [ 24.137544] ffff888102abfa00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 24.137752] ffff888102abfa80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.138561] >ffff888102abfb00: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 24.139255] ^ [ 24.139710] ffff888102abfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.140216] ffff888102abfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.140677] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
KNOWN ISSUE - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right: Failure
Automatically assigned
[ 24.047626] ================================================================== [ 24.048467] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 24.049131] Write of size 1 at addr ffff8881012bce78 by task kunit_try_catch/184 [ 24.049788] [ 24.049979] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.050027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.050038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.050060] Call Trace: [ 24.050073] <TASK> [ 24.050088] dump_stack_lvl+0x73/0xb0 [ 24.050282] print_report+0xd1/0x640 [ 24.050312] ? __virt_addr_valid+0x1db/0x2d0 [ 24.050335] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.050355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.050380] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.050401] kasan_report+0x141/0x180 [ 24.050422] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.050446] __asan_report_store1_noabort+0x1b/0x30 [ 24.050470] kmalloc_oob_right+0x6bd/0x7f0 [ 24.050491] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.050512] ? __schedule+0x10da/0x2b60 [ 24.050535] ? __pfx_read_tsc+0x10/0x10 [ 24.050556] ? ktime_get_ts64+0x86/0x230 [ 24.050581] kunit_try_run_case+0x1a5/0x480 [ 24.050611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.050632] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.050665] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.050697] ? __kthread_parkme+0x82/0x180 [ 24.050717] ? preempt_count_sub+0x50/0x80 [ 24.050739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.050762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.050785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.050864] kthread+0x337/0x6f0 [ 24.050884] ? trace_preempt_on+0x20/0xc0 [ 24.050907] ? __pfx_kthread+0x10/0x10 [ 24.050926] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.050956] ? calculate_sigpending+0x7b/0xa0 [ 24.050980] ? __pfx_kthread+0x10/0x10 [ 24.051000] ret_from_fork+0x116/0x1d0 [ 24.051019] ? __pfx_kthread+0x10/0x10 [ 24.051038] ret_from_fork_asm+0x1a/0x30 [ 24.051068] </TASK> [ 24.051079] [ 24.059722] Allocated by task 184: [ 24.059880] kasan_save_stack+0x45/0x70 [ 24.060064] kasan_save_track+0x18/0x40 [ 24.060263] kasan_save_alloc_info+0x3b/0x50 [ 24.060442] __kasan_kmalloc+0xb7/0xc0 [ 24.060567] __kmalloc_cache_noprof+0x189/0x420 [ 24.060716] kmalloc_oob_right+0xa9/0x7f0 [ 24.060848] kunit_try_run_case+0x1a5/0x480 [ 24.060987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.061152] kthread+0x337/0x6f0 [ 24.062286] ret_from_fork+0x116/0x1d0 [ 24.062429] ret_from_fork_asm+0x1a/0x30 [ 24.062764] [ 24.062899] The buggy address belongs to the object at ffff8881012bce00 [ 24.062899] which belongs to the cache kmalloc-128 of size 128 [ 24.063617] The buggy address is located 5 bytes to the right of [ 24.063617] allocated 115-byte region [ffff8881012bce00, ffff8881012bce73) [ 24.064421] [ 24.064505] The buggy address belongs to the physical page: [ 24.064804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1012bc [ 24.065535] flags: 0x200000000000000(node=0|zone=2) [ 24.065768] page_type: f5(slab) [ 24.066094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.066427] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.066763] page dumped because: kasan: bad access detected [ 24.067045] [ 24.067537] Memory state around the buggy address: [ 24.067733] ffff8881012bcd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.068198] ffff8881012bcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.069208] >ffff8881012bce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.069483] ^ [ 24.070025] ffff8881012bce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.070535] ffff8881012bcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.071023] ================================================================== [ 24.071500] ================================================================== [ 24.071727] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 24.071964] Read of size 1 at addr ffff8881012bce80 by task kunit_try_catch/184 [ 24.072671] [ 24.073581] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.073634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.073647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.073668] Call Trace: [ 24.073684] <TASK> [ 24.073699] dump_stack_lvl+0x73/0xb0 [ 24.073733] print_report+0xd1/0x640 [ 24.073757] ? __virt_addr_valid+0x1db/0x2d0 [ 24.073780] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.073860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.073885] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.073906] kasan_report+0x141/0x180 [ 24.073927] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.073951] __asan_report_load1_noabort+0x18/0x20 [ 24.073975] kmalloc_oob_right+0x68a/0x7f0 [ 24.073996] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.074016] ? __schedule+0x10da/0x2b60 [ 24.074039] ? __pfx_read_tsc+0x10/0x10 [ 24.074060] ? ktime_get_ts64+0x86/0x230 [ 24.074084] kunit_try_run_case+0x1a5/0x480 [ 24.074107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.074128] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.074160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.074208] ? __kthread_parkme+0x82/0x180 [ 24.074227] ? preempt_count_sub+0x50/0x80 [ 24.074250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.074272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.074293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.074317] kthread+0x337/0x6f0 [ 24.074335] ? trace_preempt_on+0x20/0xc0 [ 24.074358] ? __pfx_kthread+0x10/0x10 [ 24.074377] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.074406] ? calculate_sigpending+0x7b/0xa0 [ 24.074429] ? __pfx_kthread+0x10/0x10 [ 24.074449] ret_from_fork+0x116/0x1d0 [ 24.074467] ? __pfx_kthread+0x10/0x10 [ 24.074486] ret_from_fork_asm+0x1a/0x30 [ 24.074516] </TASK> [ 24.074526] [ 24.084454] Allocated by task 184: [ 24.084588] kasan_save_stack+0x45/0x70 [ 24.084732] kasan_save_track+0x18/0x40 [ 24.085115] kasan_save_alloc_info+0x3b/0x50 [ 24.085331] __kasan_kmalloc+0xb7/0xc0 [ 24.085494] __kmalloc_cache_noprof+0x189/0x420 [ 24.085676] kmalloc_oob_right+0xa9/0x7f0 [ 24.086711] kunit_try_run_case+0x1a5/0x480 [ 24.086875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.087435] kthread+0x337/0x6f0 [ 24.088193] ret_from_fork+0x116/0x1d0 [ 24.088622] ret_from_fork_asm+0x1a/0x30 [ 24.089081] [ 24.089164] The buggy address belongs to the object at ffff8881012bce00 [ 24.089164] which belongs to the cache kmalloc-128 of size 128 [ 24.089809] The buggy address is located 13 bytes to the right of [ 24.089809] allocated 115-byte region [ffff8881012bce00, ffff8881012bce73) [ 24.090719] [ 24.090823] The buggy address belongs to the physical page: [ 24.091399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1012bc [ 24.091931] flags: 0x200000000000000(node=0|zone=2) [ 24.092375] page_type: f5(slab) [ 24.092556] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.093286] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.093518] page dumped because: kasan: bad access detected [ 24.093684] [ 24.093749] Memory state around the buggy address: [ 24.094246] ffff8881012bcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.094554] ffff8881012bce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.095287] >ffff8881012bce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.095584] ^ [ 24.095751] ffff8881012bcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.096348] ffff8881012bcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.096777] ================================================================== [ 24.018523] ================================================================== [ 24.019188] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 24.019886] Write of size 1 at addr ffff8881012bce73 by task kunit_try_catch/184 [ 24.020303] [ 24.021494] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 24.021893] Tainted: [N]=TEST [ 24.021928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.022183] Call Trace: [ 24.022252] <TASK> [ 24.022393] dump_stack_lvl+0x73/0xb0 [ 24.022486] print_report+0xd1/0x640 [ 24.022516] ? __virt_addr_valid+0x1db/0x2d0 [ 24.022542] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.022562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.022587] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.022613] kasan_report+0x141/0x180 [ 24.022635] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.022659] __asan_report_store1_noabort+0x1b/0x30 [ 24.022683] kmalloc_oob_right+0x6f0/0x7f0 [ 24.022704] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.022725] ? __schedule+0x10da/0x2b60 [ 24.022749] ? __pfx_read_tsc+0x10/0x10 [ 24.022772] ? ktime_get_ts64+0x86/0x230 [ 24.022837] kunit_try_run_case+0x1a5/0x480 [ 24.022864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.022885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.022919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.022951] ? __kthread_parkme+0x82/0x180 [ 24.022972] ? preempt_count_sub+0x50/0x80 [ 24.022995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.023018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.023040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.023063] kthread+0x337/0x6f0 [ 24.023082] ? trace_preempt_on+0x20/0xc0 [ 24.023105] ? __pfx_kthread+0x10/0x10 [ 24.023125] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.023154] ? calculate_sigpending+0x7b/0xa0 [ 24.023187] ? __pfx_kthread+0x10/0x10 [ 24.023207] ret_from_fork+0x116/0x1d0 [ 24.023226] ? __pfx_kthread+0x10/0x10 [ 24.023245] ret_from_fork_asm+0x1a/0x30 [ 24.023301] </TASK> [ 24.023366] [ 24.030194] Allocated by task 184: [ 24.030845] kasan_save_stack+0x45/0x70 [ 24.031018] kasan_save_track+0x18/0x40 [ 24.031151] kasan_save_alloc_info+0x3b/0x50 [ 24.031534] __kasan_kmalloc+0xb7/0xc0 [ 24.031718] __kmalloc_cache_noprof+0x189/0x420 [ 24.031942] kmalloc_oob_right+0xa9/0x7f0 [ 24.032131] kunit_try_run_case+0x1a5/0x480 [ 24.032339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.032583] kthread+0x337/0x6f0 [ 24.032743] ret_from_fork+0x116/0x1d0 [ 24.032981] ret_from_fork_asm+0x1a/0x30 [ 24.033442] [ 24.033596] The buggy address belongs to the object at ffff8881012bce00 [ 24.033596] which belongs to the cache kmalloc-128 of size 128 [ 24.034314] The buggy address is located 0 bytes to the right of [ 24.034314] allocated 115-byte region [ffff8881012bce00, ffff8881012bce73) [ 24.035082] [ 24.035272] The buggy address belongs to the physical page: [ 24.036261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1012bc [ 24.037009] flags: 0x200000000000000(node=0|zone=2) [ 24.037695] page_type: f5(slab) [ 24.038434] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.038764] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.039683] page dumped because: kasan: bad access detected [ 24.040340] [ 24.040594] Memory state around the buggy address: [ 24.041439] ffff8881012bcd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.042184] ffff8881012bcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.042950] >ffff8881012bce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.043329] ^ [ 24.043579] ffff8881012bce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.044919] ffff8881012bcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.045188] ==================================================================
Failure - log-parser-boot/exception-warning-driversgpudrmdrm_rect-at-drm_rect_calc_vscale
------------[ cut here ]------------ [ 194.484635] WARNING: drivers/gpu/drm/drm_rect.c:137 at drm_rect_calc_vscale+0x130/0x190, CPU#0: kunit_try_catch/2942 [ 194.485384] Modules linked in: [ 194.485863] CPU: 0 UID: 0 PID: 2942 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 194.486902] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.487308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.487781] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 194.488273] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 74 23 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.489313] RSP: 0000:ffff88810b567c78 EFLAGS: 00010286 [ 194.489719] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 194.490272] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb5e62d5c [ 194.490570] RBP: ffff88810b567ca0 R08: 0000000000000000 R09: ffffed1020474e40 [ 194.491195] R10: ffff8881023a7207 R11: 0000000000000000 R12: ffffffffb5e62d48 [ 194.491677] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b567d38 [ 194.491994] FS: 0000000000000000(0000) GS:ffff8881a3213000(0000) knlGS:0000000000000000 [ 194.492592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.492775] CR2: ffffffffffffffff CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 194.493599] DR0: ffffffffb7eb3540 DR1: ffffffffb7eb3541 DR2: ffffffffb7eb3543 [ 194.494365] DR3: ffffffffb7eb3545 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.494586] Call Trace: [ 194.494679] <TASK> [ 194.494774] drm_test_rect_calc_vscale+0x108/0x270 [ 194.495405] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 194.496136] ? __schedule+0x10da/0x2b60 [ 194.496606] ? __pfx_read_tsc+0x10/0x10 [ 194.497046] ? ktime_get_ts64+0x86/0x230 [ 194.497533] kunit_try_run_case+0x1a5/0x480 [ 194.497959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.498437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.498604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.498768] ? __kthread_parkme+0x82/0x180 [ 194.499217] ? preempt_count_sub+0x50/0x80 [ 194.499657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.500150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.500653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.501040] kthread+0x337/0x6f0 [ 194.501191] ? trace_preempt_on+0x20/0xc0 [ 194.501334] ? __pfx_kthread+0x10/0x10 [ 194.501464] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.501610] ? calculate_sigpending+0x7b/0xa0 [ 194.501756] ? __pfx_kthread+0x10/0x10 [ 194.502271] ret_from_fork+0x116/0x1d0 [ 194.502643] ? __pfx_kthread+0x10/0x10 [ 194.503044] ret_from_fork_asm+0x1a/0x30 [ 194.503500] </TASK> [ 194.503714] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 194.509664] WARNING: drivers/gpu/drm/drm_rect.c:137 at drm_rect_calc_vscale+0x130/0x190, CPU#0: kunit_try_catch/2944 [ 194.510957] Modules linked in: [ 194.511203] CPU: 0 UID: 0 PID: 2944 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 194.511554] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.511725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.512482] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 194.513096] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 74 23 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.514754] RSP: 0000:ffff8881063b7c78 EFLAGS: 00010286 [ 194.515221] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 194.515437] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb5e62d94 [ 194.515640] RBP: ffff8881063b7ca0 R08: 0000000000000000 R09: ffffed1020595240 [ 194.515858] R10: ffff888102ca9207 R11: 0000000000000000 R12: ffffffffb5e62d80 [ 194.516140] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881063b7d38 [ 194.516502] FS: 0000000000000000(0000) GS:ffff8881a3213000(0000) knlGS:0000000000000000 [ 194.516764] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.517235] CR2: ffffffffffffffff CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 194.517456] DR0: ffffffffb7eb3540 DR1: ffffffffb7eb3541 DR2: ffffffffb7eb3543 [ 194.517746] DR3: ffffffffb7eb3545 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.518040] Call Trace: [ 194.518143] <TASK> [ 194.518519] drm_test_rect_calc_vscale+0x108/0x270 [ 194.518757] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 194.519057] ? __schedule+0x10da/0x2b60 [ 194.519413] ? __pfx_read_tsc+0x10/0x10 [ 194.519588] ? ktime_get_ts64+0x86/0x230 [ 194.519922] kunit_try_run_case+0x1a5/0x480 [ 194.520099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.520481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.520669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.520829] ? __kthread_parkme+0x82/0x180 [ 194.520971] ? preempt_count_sub+0x50/0x80 [ 194.521179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.521576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.521759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.523615] kthread+0x337/0x6f0 [ 194.523845] ? trace_preempt_on+0x20/0xc0 [ 194.524098] ? __pfx_kthread+0x10/0x10 [ 194.524228] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.524371] ? calculate_sigpending+0x7b/0xa0 [ 194.524514] ? __pfx_kthread+0x10/0x10 [ 194.524642] ret_from_fork+0x116/0x1d0 [ 194.524768] ? __pfx_kthread+0x10/0x10 [ 194.524895] ret_from_fork_asm+0x1a/0x30 [ 194.525035] </TASK> [ 194.526183] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-driversgpudrmdrm_rect-at-drm_rect_calc_hscale
------------[ cut here ]------------ [ 194.426472] WARNING: drivers/gpu/drm/drm_rect.c:137 at drm_rect_calc_hscale+0x125/0x190, CPU#1: kunit_try_catch/2930 [ 194.427690] Modules linked in: [ 194.428079] CPU: 1 UID: 0 PID: 2930 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 194.429317] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.429631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.430406] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 194.430943] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.432721] RSP: 0000:ffff88810b657c78 EFLAGS: 00010286 [ 194.433159] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 194.433572] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb5e62d60 [ 194.434022] RBP: ffff88810b657ca0 R08: 0000000000000000 R09: ffffed1020594960 [ 194.434686] R10: ffff888102ca4b07 R11: 0000000000000000 R12: ffffffffb5e62d48 [ 194.435323] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810b657d38 [ 194.435672] FS: 0000000000000000(0000) GS:ffff8881a3313000(0000) knlGS:0000000000000000 [ 194.436241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.436629] CR2: 00007ffff7ffe000 CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 194.437285] DR0: ffffffffb7eb3544 DR1: ffffffffb7eb3549 DR2: ffffffffb7eb354a [ 194.437753] DR3: ffffffffb7eb354b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.438385] Call Trace: [ 194.438673] <TASK> [ 194.439035] drm_test_rect_calc_hscale+0x108/0x270 [ 194.439295] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 194.439524] ? __schedule+0x10da/0x2b60 [ 194.439699] ? __pfx_read_tsc+0x10/0x10 [ 194.440484] ? ktime_get_ts64+0x86/0x230 [ 194.440714] kunit_try_run_case+0x1a5/0x480 [ 194.441232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.441433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 194.441637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 194.442251] ? __kthread_parkme+0x82/0x180 [ 194.442584] ? preempt_count_sub+0x50/0x80 [ 194.442784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.443359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.443743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.444513] kthread+0x337/0x6f0 [ 194.444687] ? trace_preempt_on+0x20/0xc0 [ 194.445176] ? __pfx_kthread+0x10/0x10 [ 194.445368] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.445552] ? calculate_sigpending+0x7b/0xa0 [ 194.445743] ? __pfx_kthread+0x10/0x10 [ 194.446164] ret_from_fork+0x116/0x1d0 [ 194.446679] ? __pfx_kthread+0x10/0x10 [ 194.447276] ret_from_fork_asm+0x1a/0x30 [ 194.447497] </TASK> [ 194.447613] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 194.455547] WARNING: drivers/gpu/drm/drm_rect.c:137 at drm_rect_calc_hscale+0x125/0x190, CPU#1: kunit_try_catch/2932 [ 194.456079] Modules linked in: [ 194.456617] CPU: 1 UID: 0 PID: 2932 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 194.457327] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 194.457649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 194.458111] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 194.458393] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 194.459321] RSP: 0000:ffff888105d67c78 EFLAGS: 00010286 [ 194.459948] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 194.460259] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb5e62d98 [ 194.460537] RBP: ffff888105d67ca0 R08: 0000000000000000 R09: ffffed1020594980 [ 194.460828] R10: ffff888102ca4c07 R11: 0000000000000000 R12: ffffffffb5e62d80 [ 194.461526] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105d67d38 [ 194.462053] FS: 0000000000000000(0000) GS:ffff8881a3313000(0000) knlGS:0000000000000000 [ 194.462528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 194.462966] CR2: 00007ffff7ffe000 CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 194.463487] DR0: ffffffffb7eb3544 DR1: ffffffffb7eb3549 DR2: ffffffffb7eb354a [ 194.463704] DR3: ffffffffb7eb354b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 194.464501] Call Trace: [ 194.464916] <TASK> [ 194.465428] drm_test_rect_calc_hscale+0x108/0x270 [ 194.466082] ? __kasan_check_write+0x18/0x20 [ 194.466341] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 194.466512] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 194.466674] ? trace_hardirqs_on+0x37/0xe0 [ 194.466818] ? __pfx_read_tsc+0x10/0x10 [ 194.467122] ? ktime_get_ts64+0x86/0x230 [ 194.467352] kunit_try_run_case+0x1a5/0x480 [ 194.467557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.467725] ? queued_spin_lock_slowpath+0x116/0xb40 [ 194.468254] ? __kthread_parkme+0x82/0x180 [ 194.468445] ? preempt_count_sub+0x50/0x80 [ 194.468656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 194.468878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 194.469139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 194.469638] kthread+0x337/0x6f0 [ 194.469928] ? trace_preempt_on+0x20/0xc0 [ 194.470173] ? __pfx_kthread+0x10/0x10 [ 194.470358] ? _raw_spin_unlock_irq+0x47/0x80 [ 194.470552] ? calculate_sigpending+0x7b/0xa0 [ 194.470744] ? __pfx_kthread+0x10/0x10 [ 194.471118] ret_from_fork+0x116/0x1d0 [ 194.471311] ? __pfx_kthread+0x10/0x10 [ 194.471500] ret_from_fork_asm+0x1a/0x30 [ 194.471671] </TASK> [ 194.471790] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count: Failure
Automatically assigned
------------[ cut here ]------------ [ 193.657946] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 193.658065] WARNING: drivers/gpu/drm/drm_gem_shmem_helper.c:180 at drm_gem_shmem_free+0x3ed/0x6c0, CPU#1: kunit_try_catch/2735 [ 193.661521] Modules linked in: [ 193.662335] CPU: 1 UID: 0 PID: 2735 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 193.663336] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.663523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.663843] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 193.664144] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 6d c8 81 00 48 c7 c1 c0 6c e1 b5 4c 89 f2 48 c7 c7 e0 68 e1 b5 48 89 c6 e8 24 ad 70 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 193.665837] RSP: 0000:ffff88810ab6fd18 EFLAGS: 00010286 [ 193.666368] RAX: 0000000000000000 RBX: ffff8881073f9c00 RCX: 1ffffffff6d64aac [ 193.667026] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 193.667630] RBP: ffff88810ab6fd48 R08: 0000000000000000 R09: fffffbfff6d64aac [ 193.668288] R10: 0000000000000003 R11: 000000000002ab98 R12: ffff88810afb3800 [ 193.669034] R13: ffff8881073f9cf8 R14: ffff888102e83280 R15: ffff8881003c7b48 [ 193.669701] FS: 0000000000000000(0000) GS:ffff8881a3313000(0000) knlGS:0000000000000000 [ 193.670287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.670565] CR2: 00007ffff7ffe000 CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 193.671256] DR0: ffffffffb7eb3544 DR1: ffffffffb7eb3549 DR2: ffffffffb7eb354a [ 193.672102] DR3: ffffffffb7eb354b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.672382] Call Trace: [ 193.672482] <TASK> [ 193.672567] ? trace_preempt_on+0x20/0xc0 [ 193.672727] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 193.672921] drm_gem_shmem_free_wrapper+0x12/0x20 [ 193.673221] __kunit_action_free+0x57/0x70 [ 193.673440] kunit_remove_resource+0x133/0x200 [ 193.673652] ? preempt_count_sub+0x50/0x80 [ 193.674154] kunit_cleanup+0x7a/0x120 [ 193.674363] kunit_try_run_case_cleanup+0xbd/0xf0 [ 193.674708] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 193.675214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.675458] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.675708] kthread+0x337/0x6f0 [ 193.676435] ? trace_preempt_on+0x20/0xc0 [ 193.676708] ? __pfx_kthread+0x10/0x10 [ 193.677244] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.677529] ? calculate_sigpending+0x7b/0xa0 [ 193.677732] ? __pfx_kthread+0x10/0x10 [ 193.678667] ret_from_fork+0x116/0x1d0 [ 193.678893] ? __pfx_kthread+0x10/0x10 [ 193.679426] ret_from_fork_asm+0x1a/0x30 [ 193.679638] </TASK> [ 193.679750] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-driversgpudrmdrm_framebuffer-at-drm_framebuffer_init
------------[ cut here ]------------ [ 193.516327] WARNING: drivers/gpu/drm/drm_framebuffer.c:870 at drm_framebuffer_init+0x49/0x8d0, CPU#0: kunit_try_catch/2716 [ 193.517218] Modules linked in: [ 193.517447] CPU: 0 UID: 0 PID: 2716 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 193.518129] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.518505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.519009] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 193.519377] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 193.520317] RSP: 0000:ffff88810ae9fb20 EFLAGS: 00010246 [ 193.520699] RAX: ffff88810ae9fba8 RBX: ffff88810ae9fc28 RCX: 1ffff110215d3f8e [ 193.521573] RDX: dffffc0000000000 RSI: ffff88810ad98000 RDI: ffff88810ad98000 [ 193.522220] RBP: ffff88810ae9fb70 R08: ffff88810ad98000 R09: ffffffffb5e06ae0 [ 193.522454] R10: 0000000000000003 R11: 000000008eb867ac R12: 1ffff110215d3f71 [ 193.522746] R13: ffff88810ae9fc70 R14: ffff88810ae9fdb8 R15: 0000000000000000 [ 193.523389] FS: 0000000000000000(0000) GS:ffff8881a3213000(0000) knlGS:0000000000000000 [ 193.523732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.524243] CR2: ffffffffffffffff CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 193.524718] DR0: ffffffffb7eb3540 DR1: ffffffffb7eb3541 DR2: ffffffffb7eb3543 [ 193.525361] DR3: ffffffffb7eb3545 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.525681] Call Trace: [ 193.525972] <TASK> [ 193.526115] ? trace_preempt_on+0x20/0xc0 [ 193.526326] ? add_dr+0xc1/0x1d0 [ 193.526489] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 193.526732] ? add_dr+0x148/0x1d0 [ 193.526994] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 193.527290] ? __drmm_add_action+0x1a4/0x280 [ 193.527520] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.527698] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.528022] ? __drmm_add_action_or_reset+0x22/0x50 [ 193.528371] ? __schedule+0x10da/0x2b60 [ 193.528629] ? __pfx_read_tsc+0x10/0x10 [ 193.528930] ? ktime_get_ts64+0x86/0x230 [ 193.529169] kunit_try_run_case+0x1a5/0x480 [ 193.529348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.529581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 193.530136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.530348] ? __kthread_parkme+0x82/0x180 [ 193.530501] ? preempt_count_sub+0x50/0x80 [ 193.530704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.531010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.531638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.532091] kthread+0x337/0x6f0 [ 193.532365] ? trace_preempt_on+0x20/0xc0 [ 193.532564] ? __pfx_kthread+0x10/0x10 [ 193.532740] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.533355] ? calculate_sigpending+0x7b/0xa0 [ 193.533540] ? __pfx_kthread+0x10/0x10 [ 193.533750] ret_from_fork+0x116/0x1d0 [ 193.534309] ? __pfx_kthread+0x10/0x10 [ 193.534531] ret_from_fork_asm+0x1a/0x30 [ 193.534720] </TASK> [ 193.534943] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
KNOWN ISSUE - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head: Failure
Automatically assigned
------------[ cut here ]------------ [ 193.478107] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 193.478429] WARNING: drivers/gpu/drm/drm_framebuffer.c:833 at drm_framebuffer_free+0x13f/0x1c0, CPU#0: kunit_try_catch/2712 [ 193.480128] Modules linked in: [ 193.480641] CPU: 0 UID: 0 PID: 2712 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 193.481652] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.482213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.482632] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 193.483021] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 5b 06 89 00 48 c7 c1 80 15 e0 b5 4c 89 fa 48 c7 c7 e0 15 e0 b5 48 89 c6 e8 12 eb 77 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 193.484633] RSP: 0000:ffff88810a5efb68 EFLAGS: 00010282 [ 193.485175] RAX: 0000000000000000 RBX: ffff88810a5efc40 RCX: 1ffffffff6d64aac [ 193.485965] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 193.486571] RBP: ffff88810a5efb90 R08: 0000000000000000 R09: fffffbfff6d64aac [ 193.487211] R10: 0000000000000003 R11: 00000000000292b0 R12: ffff88810a5efc18 [ 193.487640] R13: ffff888105010000 R14: ffff88810ade4000 R15: ffff8881046e7400 [ 193.488161] FS: 0000000000000000(0000) GS:ffff8881a3213000(0000) knlGS:0000000000000000 [ 193.488967] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.489301] CR2: ffffffffffffffff CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 193.489504] DR0: ffffffffb7eb3540 DR1: ffffffffb7eb3541 DR2: ffffffffb7eb3543 [ 193.489699] DR3: ffffffffb7eb3545 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.490355] Call Trace: [ 193.490629] <TASK> [ 193.490917] drm_test_framebuffer_free+0x1ab/0x610 [ 193.491501] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 193.492112] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.492714] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 193.493346] ? __drmm_add_action_or_reset+0x22/0x50 [ 193.493703] ? __schedule+0x10da/0x2b60 [ 193.494275] ? __pfx_read_tsc+0x10/0x10 [ 193.494428] ? ktime_get_ts64+0x86/0x230 [ 193.494566] kunit_try_run_case+0x1a5/0x480 [ 193.494707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.494863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 193.495011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.495181] ? __kthread_parkme+0x82/0x180 [ 193.495317] ? preempt_count_sub+0x50/0x80 [ 193.495494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.495720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.495970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.496419] kthread+0x337/0x6f0 [ 193.496599] ? trace_preempt_on+0x20/0xc0 [ 193.496747] ? __pfx_kthread+0x10/0x10 [ 193.496916] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.497093] ? calculate_sigpending+0x7b/0xa0 [ 193.497319] ? __pfx_kthread+0x10/0x10 [ 193.497576] ret_from_fork+0x116/0x1d0 [ 193.497759] ? __pfx_kthread+0x10/0x10 [ 193.498066] ret_from_fork_asm+0x1a/0x30 [ 193.498296] </TASK> [ 193.498414] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-driversgpudrmdrm_connector-at-drm_connector_dynamic_register
------------[ cut here ]------------ [ 192.219691] WARNING: drivers/gpu/drm/drm_connector.c:903 at drm_connector_dynamic_register+0xbf/0x110, CPU#1: kunit_try_catch/2160 [ 192.220957] Modules linked in: [ 192.221434] CPU: 1 UID: 0 PID: 2160 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 192.222218] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 192.222500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 192.223115] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 192.223544] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 192.224444] RSP: 0000:ffff8881068e7c90 EFLAGS: 00010246 [ 192.224750] RAX: dffffc0000000000 RBX: ffff88810388e000 RCX: 0000000000000000 [ 192.225448] RDX: 1ffff11020711c34 RSI: ffffffffb300b448 RDI: ffff88810388e1a0 [ 192.225780] RBP: ffff8881068e7ca0 R08: 1ffff11020078f6a R09: ffffed1020d1cf65 [ 192.226365] R10: 0000000000000003 R11: ffffffffb2583648 R12: 0000000000000000 [ 192.226771] R13: ffff8881068e7d38 R14: ffff8881003c7c58 R15: ffff8881003c7c60 [ 192.227306] FS: 0000000000000000(0000) GS:ffff8881a3313000(0000) knlGS:0000000000000000 [ 192.227766] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.228260] CR2: 00007ffff7ffe000 CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 192.228798] DR0: ffffffffb7eb3544 DR1: ffffffffb7eb3549 DR2: ffffffffb7eb354a [ 192.229257] DR3: ffffffffb7eb354b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 192.229665] Call Trace: [ 192.229801] <TASK> [ 192.229908] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 192.230348] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 192.230625] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 192.231130] kunit_try_run_case+0x1a5/0x480 [ 192.231472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 192.231708] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 192.232065] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 192.232434] ? __kthread_parkme+0x82/0x180 [ 192.232641] ? preempt_count_sub+0x50/0x80 [ 192.233015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 192.233232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 192.233475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 192.233730] kthread+0x337/0x6f0 [ 192.233957] ? trace_preempt_on+0x20/0xc0 [ 192.234481] ? __pfx_kthread+0x10/0x10 [ 192.234630] ? _raw_spin_unlock_irq+0x47/0x80 [ 192.234776] ? calculate_sigpending+0x7b/0xa0 [ 192.235283] ? __pfx_kthread+0x10/0x10 [ 192.235503] ret_from_fork+0x116/0x1d0 [ 192.235735] ? __pfx_kthread+0x10/0x10 [ 192.235908] ret_from_fork_asm+0x1a/0x30 [ 192.236294] </TASK> [ 192.236541] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 192.136923] WARNING: drivers/gpu/drm/drm_connector.c:903 at drm_connector_dynamic_register+0xbf/0x110, CPU#0: kunit_try_catch/2152 [ 192.138150] Modules linked in: [ 192.138506] CPU: 0 UID: 0 PID: 2152 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 192.139332] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 192.139684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 192.140421] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 192.140955] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 192.141605] RSP: 0000:ffff8881068e7c90 EFLAGS: 00010246 [ 192.141842] RAX: dffffc0000000000 RBX: ffff888103376000 RCX: 0000000000000000 [ 192.142454] RDX: 1ffff1102066ec34 RSI: ffffffffb300b448 RDI: ffff8881033761a0 [ 192.143169] RBP: ffff8881068e7ca0 R08: 1ffff11020078f6a R09: ffffed1020d1cf65 [ 192.143919] R10: 0000000000000003 R11: ffffffffb2583648 R12: 0000000000000000 [ 192.144548] R13: ffff8881068e7d38 R14: ffff8881003c7c58 R15: ffff8881003c7c60 [ 192.144762] FS: 0000000000000000(0000) GS:ffff8881a3213000(0000) knlGS:0000000000000000 [ 192.145507] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 192.145754] CR2: ffffffffffffffff CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 192.146437] DR0: ffffffffb7eb3540 DR1: ffffffffb7eb3541 DR2: ffffffffb7eb3543 [ 192.146667] DR3: ffffffffb7eb3545 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 192.147208] Call Trace: [ 192.147472] <TASK> [ 192.147684] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 192.148354] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 192.148768] ? __schedule+0x10da/0x2b60 [ 192.149220] ? __pfx_read_tsc+0x10/0x10 [ 192.149517] ? ktime_get_ts64+0x86/0x230 [ 192.149659] kunit_try_run_case+0x1a5/0x480 [ 192.149923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 192.150366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 192.150766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 192.151399] ? __kthread_parkme+0x82/0x180 [ 192.151636] ? preempt_count_sub+0x50/0x80 [ 192.152092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 192.152419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 192.152593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 192.152827] kthread+0x337/0x6f0 [ 192.153168] ? trace_preempt_on+0x20/0xc0 [ 192.153534] ? __pfx_kthread+0x10/0x10 [ 192.153910] ? _raw_spin_unlock_irq+0x47/0x80 [ 192.154333] ? calculate_sigpending+0x7b/0xa0 [ 192.154722] ? __pfx_kthread+0x10/0x10 [ 192.155012] ret_from_fork+0x116/0x1d0 [ 192.155458] ? __pfx_kthread+0x10/0x10 [ 192.155736] ret_from_fork_asm+0x1a/0x30 [ 192.156238] </TASK> [ 192.156455] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-libmathint_log-at-intlog10
------------[ cut here ]------------ [ 121.203410] WARNING: lib/math/int_log.c:120 at intlog10+0x2a/0x40, CPU#0: kunit_try_catch/706 [ 121.203912] Modules linked in: [ 121.204373] CPU: 0 UID: 0 PID: 706 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 121.205155] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 121.205364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 121.205737] RIP: 0010:intlog10+0x2a/0x40 [ 121.206351] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 121.207475] RSP: 0000:ffff8881052ffcb0 EFLAGS: 00010246 [ 121.207666] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11020a5ffb4 [ 121.208351] RDX: 1ffffffff6b934b0 RSI: 1ffff11020a5ffb3 RDI: 0000000000000000 [ 121.209218] RBP: ffff8881052ffd60 R08: 0000000000000000 R09: ffffed10202d4be0 [ 121.210124] R10: ffff8881016a5f07 R11: 0000000000000000 R12: 1ffff11020a5ff97 [ 121.210653] R13: ffffffffb5c9a580 R14: 0000000000000000 R15: ffff8881052ffd38 [ 121.211206] FS: 0000000000000000(0000) GS:ffff8881a3213000(0000) knlGS:0000000000000000 [ 121.211934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.212575] CR2: dffffc0000000000 CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 121.212857] DR0: ffffffffb7eb3540 DR1: ffffffffb7eb3541 DR2: ffffffffb7eb3543 [ 121.213623] DR3: ffffffffb7eb3545 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 121.213991] Call Trace: [ 121.214241] <TASK> [ 121.214467] ? intlog10_test+0xf2/0x220 [ 121.214744] ? __pfx_intlog10_test+0x10/0x10 [ 121.215277] ? __pfx_intlog10_test+0x10/0x10 [ 121.215617] kunit_try_run_case+0x1a5/0x480 [ 121.215806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 121.216384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 121.216776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 121.217160] ? __kthread_parkme+0x82/0x180 [ 121.217309] ? preempt_count_sub+0x50/0x80 [ 121.217451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 121.217605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 121.217775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 121.217970] kthread+0x337/0x6f0 [ 121.218088] ? trace_preempt_on+0x20/0xc0 [ 121.218228] ? __pfx_kthread+0x10/0x10 [ 121.218359] ? _raw_spin_unlock_irq+0x47/0x80 [ 121.218513] ? calculate_sigpending+0x7b/0xa0 [ 121.218659] ? __pfx_kthread+0x10/0x10 [ 121.218789] ret_from_fork+0x116/0x1d0 [ 121.218936] ? __pfx_kthread+0x10/0x10 [ 121.220039] ret_from_fork_asm+0x1a/0x30 [ 121.220502] </TASK> [ 121.220722] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-libmathint_log-at-intlog2
------------[ cut here ]------------ [ 121.163341] WARNING: lib/math/int_log.c:63 at intlog2+0xdf/0x110, CPU#1: kunit_try_catch/688 [ 121.163736] Modules linked in: [ 121.163993] CPU: 1 UID: 0 PID: 688 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6-next-20250718 #1 PREEMPT(voluntary) [ 121.164766] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 121.165310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 121.165687] RIP: 0010:intlog2+0xdf/0x110 [ 121.166193] Code: c9 b5 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 52 17 91 02 90 <0f> 0b 90 31 c0 e9 47 17 91 02 89 45 e4 e8 cf 5b 55 ff 8b 45 e4 eb [ 121.167385] RSP: 0000:ffff888106057cb0 EFLAGS: 00010246 [ 121.168155] RAX: 0000000000000000 RBX: ffff8881003c7ae8 RCX: 1ffff11020c0afb4 [ 121.168705] RDX: 1ffffffff6b93504 RSI: 1ffff11020c0afb3 RDI: 0000000000000000 [ 121.169378] RBP: ffff888106057d60 R08: 0000000000000000 R09: ffffed10202d4ac0 [ 121.169652] R10: ffff8881016a5607 R11: 0000000000000000 R12: 1ffff11020c0af97 [ 121.169875] R13: ffffffffb5c9a820 R14: 0000000000000000 R15: ffff888106057d38 [ 121.170561] FS: 0000000000000000(0000) GS:ffff8881a3313000(0000) knlGS:0000000000000000 [ 121.171306] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.171859] CR2: ffff88815a93e000 CR3: 000000002f0bc000 CR4: 00000000000006f0 [ 121.172443] DR0: ffffffffb7eb3544 DR1: ffffffffb7eb3549 DR2: ffffffffb7eb354a [ 121.172658] DR3: ffffffffb7eb354b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 121.173221] Call Trace: [ 121.173472] <TASK> [ 121.173674] ? intlog2_test+0xf2/0x220 [ 121.174171] ? __pfx_intlog2_test+0x10/0x10 [ 121.174646] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 121.175223] ? trace_hardirqs_on+0x37/0xe0 [ 121.175461] ? __pfx_read_tsc+0x10/0x10 [ 121.175602] ? ktime_get_ts64+0x86/0x230 [ 121.175742] kunit_try_run_case+0x1a5/0x480 [ 121.176358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 121.177019] ? queued_spin_lock_slowpath+0x116/0xb40 [ 121.177483] ? __kthread_parkme+0x82/0x180 [ 121.177877] ? preempt_count_sub+0x50/0x80 [ 121.178349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 121.178758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 121.179378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 121.179582] kthread+0x337/0x6f0 [ 121.179703] ? trace_preempt_on+0x20/0xc0 [ 121.180029] ? __pfx_kthread+0x10/0x10 [ 121.180391] ? _raw_spin_unlock_irq+0x47/0x80 [ 121.180785] ? calculate_sigpending+0x7b/0xa0 [ 121.181388] ? __pfx_kthread+0x10/0x10 [ 121.181749] ret_from_fork+0x116/0x1d0 [ 121.182017] ? __pfx_kthread+0x10/0x10 [ 121.182162] ret_from_fork_asm+0x1a/0x30 [ 121.182311] </TASK> [ 121.182439] ---[ end trace 0000000000000000 ]---