Date
May 12, 2025, 11:48 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 19.089946] ================================================================== [ 19.090008] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.090753] Read of size 8 at addr fff00000c5f09c48 by task kunit_try_catch/261 [ 19.090837] [ 19.090960] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT [ 19.091107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.091174] Hardware name: linux,dummy-virt (DT) [ 19.091256] Call trace: [ 19.091284] show_stack+0x20/0x38 (C) [ 19.091634] dump_stack_lvl+0x8c/0xd0 [ 19.092323] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.094120] kthread+0x328/0x630 [ 19.094409] ret_from_fork+0x10/0x20 [ 19.094711] [ 19.094768] The buggy address belongs to the object at fff00000c5f09c40 [ 19.094768] which belongs to the cache kmalloc-16 of size 16 [ 19.095252] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.095769] page dumped because: kasan: bad access detected [ 19.096185] >fff00000c5f09c00: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.096910] ================================================================== [ 19.065257] ================================================================== [ 19.065340] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.065403] Write of size 8 at addr fff00000c5f09c48 by task kunit_try_catch/261 [ 19.066608] [ 19.066834] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT [ 19.066960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.067273] Hardware name: linux,dummy-virt (DT) [ 19.067520] Call trace: [ 19.067559] show_stack+0x20/0x38 (C) [ 19.067711] dump_stack_lvl+0x8c/0xd0 [ 19.067790] print_report+0x118/0x608 [ 19.067839] kasan_report+0xdc/0x128 [ 19.067886] kasan_check_range+0x100/0x1a8 [ 19.067933] __kasan_check_write+0x20/0x30 [ 19.068552] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.068732] kasan_bitops_generic+0x110/0x1c8 [ 19.068959] kunit_try_run_case+0x170/0x3f0 [ 19.069109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.069173] kthread+0x328/0x630 [ 19.069374] ret_from_fork+0x10/0x20 [ 19.069555] [ 19.069613] Allocated by task 261: [ 19.069652] kasan_save_stack+0x3c/0x68 [ 19.069723] kasan_save_track+0x20/0x40 [ 19.069942] kasan_save_alloc_info+0x40/0x58 [ 19.070116] __kasan_kmalloc+0xd4/0xd8 [ 19.070171] __kmalloc_cache_noprof+0x15c/0x3c0 [ 19.070214] kasan_bitops_generic+0xa0/0x1c8 [ 19.070261] kunit_try_run_case+0x170/0x3f0 [ 19.070305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.070501] kthread+0x328/0x630 [ 19.070661] ret_from_fork+0x10/0x20 [ 19.070715] [ 19.070742] The buggy address belongs to the object at fff00000c5f09c40 [ 19.070742] which belongs to the cache kmalloc-16 of size 16 [ 19.070804] The buggy address is located 8 bytes inside of [ 19.070804] allocated 9-byte region [fff00000c5f09c40, fff00000c5f09c49) [ 19.070864] [ 19.070887] The buggy address belongs to the physical page: [ 19.071080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f09 [ 19.071285] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.071655] page_type: f5(slab) [ 19.071745] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.071834] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.072184] page dumped because: kasan: bad access detected [ 19.072229] [ 19.072255] Memory state around the buggy address: [ 19.072375] fff00000c5f09b00: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 19.072580] fff00000c5f09b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.072760] >fff00000c5f09c00: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.072868] ^ [ 19.072913] fff00000c5f09c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.072958] fff00000c5f09d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.073185] ================================================================== [ 19.080965] ================================================================== [ 19.081029] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.081102] Write of size 8 at addr fff00000c5f09c48 by task kunit_try_catch/261 [ 19.081441] [ 19.081490] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT [ 19.081609] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.081645] Hardware name: linux,dummy-virt (DT) [ 19.081802] Call trace: [ 19.081838] show_stack+0x20/0x38 (C) [ 19.082364] dump_stack_lvl+0x8c/0xd0 [ 19.082587] print_report+0x118/0x608 [ 19.082696] kasan_report+0xdc/0x128 [ 19.082777] kasan_check_range+0x100/0x1a8 [ 19.082842] __kasan_check_write+0x20/0x30 [ 19.082892] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.082945] kasan_bitops_generic+0x110/0x1c8 [ 19.082992] kunit_try_run_case+0x170/0x3f0 [ 19.083375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.083470] kthread+0x328/0x630 [ 19.083520] ret_from_fork+0x10/0x20 [ 19.083865] [ 19.083946] Allocated by task 261: [ 19.083986] kasan_save_stack+0x3c/0x68 [ 19.084319] kasan_save_track+0x20/0x40 [ 19.084374] kasan_save_alloc_info+0x40/0x58 [ 19.084417] __kasan_kmalloc+0xd4/0xd8 [ 19.084455] __kmalloc_cache_noprof+0x15c/0x3c0 [ 19.084693] kasan_bitops_generic+0xa0/0x1c8 [ 19.085012] kunit_try_run_case+0x170/0x3f0 [ 19.085100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.085470] kthread+0x328/0x630 [ 19.085532] ret_from_fork+0x10/0x20 [ 19.085581] [ 19.085608] The buggy address belongs to the object at fff00000c5f09c40 [ 19.085608] which belongs to the cache kmalloc-16 of size 16 [ 19.085997] The buggy address is located 8 bytes inside of [ 19.085997] allocated 9-byte region [fff00000c5f09c40, fff00000c5f09c49) [ 19.086264] [ 19.086368] The buggy address belongs to the physical page: [ 19.086410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f09 [ 19.086539] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.086616] page_type: f5(slab) [ 19.086879] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.087110] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.087173] page dumped because: kasan: bad access detected [ 19.087332] [ 19.087463] Memory state around the buggy address: [ 19.087554] fff00000c5f09b00: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 19.087814] fff00000c5f09b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.088035] >fff00000c5f09c00: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.088101] ^ [ 19.088370] fff00000c5f09c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.088460] fff00000c5f09d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.088534] ================================================================== [ 19.075372] ================================================================== [ 19.075435] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.075496] Read of size 8 at addr fff00000c5f09c48 by task kunit_try_catch/261 [ 19.075548] [ 19.076053] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT [ 19.076572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.076636] Hardware name: linux,dummy-virt (DT) [ 19.076674] Call trace: [ 19.076699] show_stack+0x20/0x38 (C) [ 19.076759] dump_stack_lvl+0x8c/0xd0 [ 19.076809] print_report+0x118/0x608 [ 19.076894] kasan_report+0xdc/0x128 [ 19.076946] __asan_report_load8_noabort+0x20/0x30 [ 19.076997] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.077303] kasan_bitops_generic+0x110/0x1c8 [ 19.077437] kunit_try_run_case+0x170/0x3f0 [ 19.077493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.077743] kthread+0x328/0x630 [ 19.077838] ret_from_fork+0x10/0x20 [ 19.077891] [ 19.077938] Allocated by task 261: [ 19.077974] kasan_save_stack+0x3c/0x68 [ 19.078022] kasan_save_track+0x20/0x40 [ 19.078074] kasan_save_alloc_info+0x40/0x58 [ 19.078405] __kasan_kmalloc+0xd4/0xd8 [ 19.078703] __kmalloc_cache_noprof+0x15c/0x3c0 [ 19.078758] kasan_bitops_generic+0xa0/0x1c8 [ 19.078827] kunit_try_run_case+0x170/0x3f0 [ 19.078866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.078909] kthread+0x328/0x630 [ 19.078946] ret_from_fork+0x10/0x20 [ 19.078981] [ 19.079011] The buggy address belongs to the object at fff00000c5f09c40 [ 19.079011] which belongs to the cache kmalloc-16 of size 16 [ 19.079085] The buggy address is located 8 bytes inside of [ 19.079085] allocated 9-byte region [fff00000c5f09c40, fff00000c5f09c49) [ 19.079149] [ 19.079173] The buggy address belongs to the physical page: [ 19.079205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f09 [ 19.079259] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.079313] page_type: f5(slab) [ 19.079356] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.079411] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.079451] page dumped because: kasan: bad access detected [ 19.079482] [ 19.079518] Memory state around the buggy address: [ 19.079556] fff00000c5f09b00: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 19.079610] fff00000c5f09b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.079669] >fff00000c5f09c00: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.079709] ^ [ 19.079766] fff00000c5f09c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.079815] fff00000c5f09d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.079855] ==================================================================
[ 19.320612] ================================================================== [ 19.321021] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.321384] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.321639] [ 19.321803] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.321892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.321914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.321959] Call Trace: [ 19.321980] <TASK> [ 19.322014] dump_stack_lvl+0x73/0xb0 [ 19.322069] print_report+0xd1/0x650 [ 19.322114] ? __virt_addr_valid+0x1db/0x2d0 [ 19.322160] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.322255] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322324] kasan_report+0x141/0x180 [ 19.322369] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322465] kasan_check_range+0x10c/0x1c0 [ 19.322521] __kasan_check_write+0x18/0x20 [ 19.322554] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.322594] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.322637] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.322672] ? trace_hardirqs_on+0x37/0xe0 [ 19.322709] ? kasan_bitops_generic+0x92/0x1c0 [ 19.322752] kasan_bitops_generic+0x116/0x1c0 [ 19.322792] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.322834] ? __pfx_read_tsc+0x10/0x10 [ 19.322868] ? ktime_get_ts64+0x86/0x230 [ 19.322915] kunit_try_run_case+0x1a5/0x480 [ 19.322961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.323040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.323102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.323151] ? __kthread_parkme+0x82/0x180 [ 19.323198] ? preempt_count_sub+0x50/0x80 [ 19.323252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.323316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.323367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.323419] kthread+0x337/0x6f0 [ 19.323464] ? trace_preempt_on+0x20/0xc0 [ 19.323513] ? __pfx_kthread+0x10/0x10 [ 19.323556] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.323839] ? calculate_sigpending+0x7b/0xa0 [ 19.323899] ? __pfx_kthread+0x10/0x10 [ 19.323941] ret_from_fork+0x116/0x1d0 [ 19.323981] ? __pfx_kthread+0x10/0x10 [ 19.324009] ret_from_fork_asm+0x1a/0x30 [ 19.324050] </TASK> [ 19.324168] [ 19.340817] Allocated by task 278: [ 19.341080] kasan_save_stack+0x45/0x70 [ 19.341539] kasan_save_track+0x18/0x40 [ 19.342205] kasan_save_alloc_info+0x3b/0x50 [ 19.342579] __kasan_kmalloc+0xb7/0xc0 [ 19.342934] __kmalloc_cache_noprof+0x189/0x420 [ 19.343412] kasan_bitops_generic+0x92/0x1c0 [ 19.343939] kunit_try_run_case+0x1a5/0x480 [ 19.344223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.345015] kthread+0x337/0x6f0 [ 19.345411] ret_from_fork+0x116/0x1d0 [ 19.345683] ret_from_fork_asm+0x1a/0x30 [ 19.346275] [ 19.346508] The buggy address belongs to the object at ffff8881026fb960 [ 19.346508] which belongs to the cache kmalloc-16 of size 16 [ 19.347152] The buggy address is located 8 bytes inside of [ 19.347152] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.348101] [ 19.348736] The buggy address belongs to the physical page: [ 19.349172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.349586] flags: 0x200000000000000(node=0|zone=2) [ 19.349899] page_type: f5(slab) [ 19.350086] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.350678] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.351665] page dumped because: kasan: bad access detected [ 19.351916] [ 19.352314] Memory state around the buggy address: [ 19.353038] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.353648] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.354621] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.355290] ^ [ 19.355906] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356419] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357316] ================================================================== [ 19.134936] ================================================================== [ 19.135680] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.136611] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.137657] [ 19.137999] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.138096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.138118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.138155] Call Trace: [ 19.138180] <TASK> [ 19.138214] dump_stack_lvl+0x73/0xb0 [ 19.138290] print_report+0xd1/0x650 [ 19.138332] ? __virt_addr_valid+0x1db/0x2d0 [ 19.138372] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.138454] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138482] kasan_report+0x141/0x180 [ 19.138506] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138537] kasan_check_range+0x10c/0x1c0 [ 19.138562] __kasan_check_write+0x18/0x20 [ 19.138583] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.138610] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.138639] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.138667] ? trace_hardirqs_on+0x37/0xe0 [ 19.139000] ? kasan_bitops_generic+0x92/0x1c0 [ 19.139085] kasan_bitops_generic+0x116/0x1c0 [ 19.139175] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.139222] ? __pfx_read_tsc+0x10/0x10 [ 19.139272] ? ktime_get_ts64+0x86/0x230 [ 19.139317] kunit_try_run_case+0x1a5/0x480 [ 19.139360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.139387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.139412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.139437] ? __kthread_parkme+0x82/0x180 [ 19.139460] ? preempt_count_sub+0x50/0x80 [ 19.139485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.139510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.139535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.139560] kthread+0x337/0x6f0 [ 19.139581] ? trace_preempt_on+0x20/0xc0 [ 19.139606] ? __pfx_kthread+0x10/0x10 [ 19.139628] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.139649] ? calculate_sigpending+0x7b/0xa0 [ 19.139687] ? __pfx_kthread+0x10/0x10 [ 19.139733] ret_from_fork+0x116/0x1d0 [ 19.139754] ? __pfx_kthread+0x10/0x10 [ 19.139776] ret_from_fork_asm+0x1a/0x30 [ 19.139808] </TASK> [ 19.139821] [ 19.157015] Allocated by task 278: [ 19.157845] kasan_save_stack+0x45/0x70 [ 19.158150] kasan_save_track+0x18/0x40 [ 19.158539] kasan_save_alloc_info+0x3b/0x50 [ 19.159070] __kasan_kmalloc+0xb7/0xc0 [ 19.159483] __kmalloc_cache_noprof+0x189/0x420 [ 19.159877] kasan_bitops_generic+0x92/0x1c0 [ 19.160176] kunit_try_run_case+0x1a5/0x480 [ 19.160800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.161375] kthread+0x337/0x6f0 [ 19.161591] ret_from_fork+0x116/0x1d0 [ 19.161954] ret_from_fork_asm+0x1a/0x30 [ 19.163045] [ 19.163322] The buggy address belongs to the object at ffff8881026fb960 [ 19.163322] which belongs to the cache kmalloc-16 of size 16 [ 19.163952] The buggy address is located 8 bytes inside of [ 19.163952] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.165452] [ 19.165611] The buggy address belongs to the physical page: [ 19.166067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.167194] flags: 0x200000000000000(node=0|zone=2) [ 19.167618] page_type: f5(slab) [ 19.167965] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.168734] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.169328] page dumped because: kasan: bad access detected [ 19.169602] [ 19.169813] Memory state around the buggy address: [ 19.170324] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.170725] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.171807] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.172410] ^ [ 19.172889] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.173451] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.173862] ================================================================== [ 19.244216] ================================================================== [ 19.244897] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.246272] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.246982] [ 19.247371] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.247485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.247513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.247589] Call Trace: [ 19.247644] <TASK> [ 19.247686] dump_stack_lvl+0x73/0xb0 [ 19.247771] print_report+0xd1/0x650 [ 19.247819] ? __virt_addr_valid+0x1db/0x2d0 [ 19.247874] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.247939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.247990] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.248049] kasan_report+0x141/0x180 [ 19.248113] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.248178] kasan_check_range+0x10c/0x1c0 [ 19.248230] __kasan_check_write+0x18/0x20 [ 19.248414] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.248491] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.248559] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.248602] ? trace_hardirqs_on+0x37/0xe0 [ 19.248654] ? kasan_bitops_generic+0x92/0x1c0 [ 19.248734] kasan_bitops_generic+0x116/0x1c0 [ 19.248787] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.248840] ? __pfx_read_tsc+0x10/0x10 [ 19.248887] ? ktime_get_ts64+0x86/0x230 [ 19.248926] kunit_try_run_case+0x1a5/0x480 [ 19.248954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.248978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.249003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.249026] ? __kthread_parkme+0x82/0x180 [ 19.249057] ? preempt_count_sub+0x50/0x80 [ 19.249367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.249413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.249442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.249467] kthread+0x337/0x6f0 [ 19.249490] ? trace_preempt_on+0x20/0xc0 [ 19.249515] ? __pfx_kthread+0x10/0x10 [ 19.249537] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.249559] ? calculate_sigpending+0x7b/0xa0 [ 19.249584] ? __pfx_kthread+0x10/0x10 [ 19.249606] ret_from_fork+0x116/0x1d0 [ 19.249626] ? __pfx_kthread+0x10/0x10 [ 19.249646] ret_from_fork_asm+0x1a/0x30 [ 19.249723] </TASK> [ 19.249738] [ 19.263827] Allocated by task 278: [ 19.264391] kasan_save_stack+0x45/0x70 [ 19.264661] kasan_save_track+0x18/0x40 [ 19.265688] kasan_save_alloc_info+0x3b/0x50 [ 19.265935] __kasan_kmalloc+0xb7/0xc0 [ 19.266401] __kmalloc_cache_noprof+0x189/0x420 [ 19.266868] kasan_bitops_generic+0x92/0x1c0 [ 19.267145] kunit_try_run_case+0x1a5/0x480 [ 19.267395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.267712] kthread+0x337/0x6f0 [ 19.268160] ret_from_fork+0x116/0x1d0 [ 19.268529] ret_from_fork_asm+0x1a/0x30 [ 19.268963] [ 19.269569] The buggy address belongs to the object at ffff8881026fb960 [ 19.269569] which belongs to the cache kmalloc-16 of size 16 [ 19.270983] The buggy address is located 8 bytes inside of [ 19.270983] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.271688] [ 19.271818] The buggy address belongs to the physical page: [ 19.272038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.272807] flags: 0x200000000000000(node=0|zone=2) [ 19.273556] page_type: f5(slab) [ 19.274303] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.275002] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.275577] page dumped because: kasan: bad access detected [ 19.275999] [ 19.276328] Memory state around the buggy address: [ 19.276758] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.277525] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.277970] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.278245] ^ [ 19.279415] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.279978] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.281064] ================================================================== [ 19.175029] ================================================================== [ 19.175944] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.176614] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.176912] [ 19.177145] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.177501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.177533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.177578] Call Trace: [ 19.177619] <TASK> [ 19.177658] dump_stack_lvl+0x73/0xb0 [ 19.177721] print_report+0xd1/0x650 [ 19.177765] ? __virt_addr_valid+0x1db/0x2d0 [ 19.177833] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.177882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.177929] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.177976] kasan_report+0x141/0x180 [ 19.178018] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.178184] kasan_check_range+0x10c/0x1c0 [ 19.178239] __kasan_check_write+0x18/0x20 [ 19.178292] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.178342] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.178391] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.178430] ? trace_hardirqs_on+0x37/0xe0 [ 19.178470] ? kasan_bitops_generic+0x92/0x1c0 [ 19.178520] kasan_bitops_generic+0x116/0x1c0 [ 19.178557] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.178597] ? __pfx_read_tsc+0x10/0x10 [ 19.178637] ? ktime_get_ts64+0x86/0x230 [ 19.178679] kunit_try_run_case+0x1a5/0x480 [ 19.178751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.178799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.178835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.178860] ? __kthread_parkme+0x82/0x180 [ 19.178884] ? preempt_count_sub+0x50/0x80 [ 19.178909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.178935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.178960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.178985] kthread+0x337/0x6f0 [ 19.179020] ? trace_preempt_on+0x20/0xc0 [ 19.179053] ? __pfx_kthread+0x10/0x10 [ 19.179359] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.179393] ? calculate_sigpending+0x7b/0xa0 [ 19.179421] ? __pfx_kthread+0x10/0x10 [ 19.179444] ret_from_fork+0x116/0x1d0 [ 19.179468] ? __pfx_kthread+0x10/0x10 [ 19.179490] ret_from_fork_asm+0x1a/0x30 [ 19.179522] </TASK> [ 19.179536] [ 19.194950] Allocated by task 278: [ 19.195813] kasan_save_stack+0x45/0x70 [ 19.196342] kasan_save_track+0x18/0x40 [ 19.196731] kasan_save_alloc_info+0x3b/0x50 [ 19.197029] __kasan_kmalloc+0xb7/0xc0 [ 19.197624] __kmalloc_cache_noprof+0x189/0x420 [ 19.198029] kasan_bitops_generic+0x92/0x1c0 [ 19.198611] kunit_try_run_case+0x1a5/0x480 [ 19.199021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.199880] kthread+0x337/0x6f0 [ 19.200131] ret_from_fork+0x116/0x1d0 [ 19.200480] ret_from_fork_asm+0x1a/0x30 [ 19.200873] [ 19.201269] The buggy address belongs to the object at ffff8881026fb960 [ 19.201269] which belongs to the cache kmalloc-16 of size 16 [ 19.201997] The buggy address is located 8 bytes inside of [ 19.201997] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.202939] [ 19.203515] The buggy address belongs to the physical page: [ 19.203905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.204353] flags: 0x200000000000000(node=0|zone=2) [ 19.204923] page_type: f5(slab) [ 19.205430] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.206269] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.206833] page dumped because: kasan: bad access detected [ 19.207156] [ 19.207279] Memory state around the buggy address: [ 19.207670] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.208552] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.209341] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.209862] ^ [ 19.210379] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211170] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211663] ================================================================== [ 19.282132] ================================================================== [ 19.282629] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.283351] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.284490] [ 19.284682] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.284792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.284820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.284865] Call Trace: [ 19.284902] <TASK> [ 19.284956] dump_stack_lvl+0x73/0xb0 [ 19.285382] print_report+0xd1/0x650 [ 19.285435] ? __virt_addr_valid+0x1db/0x2d0 [ 19.285478] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285530] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.285574] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285652] kasan_report+0x141/0x180 [ 19.285714] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285776] kasan_check_range+0x10c/0x1c0 [ 19.285844] __kasan_check_write+0x18/0x20 [ 19.285885] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.285930] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.285982] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.286026] ? trace_hardirqs_on+0x37/0xe0 [ 19.286069] ? kasan_bitops_generic+0x92/0x1c0 [ 19.286124] kasan_bitops_generic+0x116/0x1c0 [ 19.286168] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.286349] ? __pfx_read_tsc+0x10/0x10 [ 19.286375] ? ktime_get_ts64+0x86/0x230 [ 19.286402] kunit_try_run_case+0x1a5/0x480 [ 19.286430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.286454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.286479] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.286503] ? __kthread_parkme+0x82/0x180 [ 19.286525] ? preempt_count_sub+0x50/0x80 [ 19.286550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.286575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.286599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.286624] kthread+0x337/0x6f0 [ 19.286644] ? trace_preempt_on+0x20/0xc0 [ 19.286695] ? __pfx_kthread+0x10/0x10 [ 19.286722] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.286745] ? calculate_sigpending+0x7b/0xa0 [ 19.286771] ? __pfx_kthread+0x10/0x10 [ 19.286794] ret_from_fork+0x116/0x1d0 [ 19.286814] ? __pfx_kthread+0x10/0x10 [ 19.286836] ret_from_fork_asm+0x1a/0x30 [ 19.286869] </TASK> [ 19.286882] [ 19.302040] Allocated by task 278: [ 19.302418] kasan_save_stack+0x45/0x70 [ 19.302897] kasan_save_track+0x18/0x40 [ 19.303442] kasan_save_alloc_info+0x3b/0x50 [ 19.303992] __kasan_kmalloc+0xb7/0xc0 [ 19.304402] __kmalloc_cache_noprof+0x189/0x420 [ 19.304988] kasan_bitops_generic+0x92/0x1c0 [ 19.305720] kunit_try_run_case+0x1a5/0x480 [ 19.306323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.306920] kthread+0x337/0x6f0 [ 19.307435] ret_from_fork+0x116/0x1d0 [ 19.307715] ret_from_fork_asm+0x1a/0x30 [ 19.308095] [ 19.308431] The buggy address belongs to the object at ffff8881026fb960 [ 19.308431] which belongs to the cache kmalloc-16 of size 16 [ 19.309213] The buggy address is located 8 bytes inside of [ 19.309213] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.310150] [ 19.310786] The buggy address belongs to the physical page: [ 19.311461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.312093] flags: 0x200000000000000(node=0|zone=2) [ 19.312459] page_type: f5(slab) [ 19.312832] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.313831] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.314105] page dumped because: kasan: bad access detected [ 19.314688] [ 19.314880] Memory state around the buggy address: [ 19.315241] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.315568] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.316001] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.316459] ^ [ 19.317139] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.318019] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.318778] ================================================================== [ 19.358549] ================================================================== [ 19.359079] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.359763] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.360362] [ 19.361203] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.361515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.361545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.361572] Call Trace: [ 19.361595] <TASK> [ 19.361620] dump_stack_lvl+0x73/0xb0 [ 19.361675] print_report+0xd1/0x650 [ 19.361734] ? __virt_addr_valid+0x1db/0x2d0 [ 19.361778] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.361826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.361908] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.361998] kasan_report+0x141/0x180 [ 19.362168] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.362240] kasan_check_range+0x10c/0x1c0 [ 19.362302] __kasan_check_write+0x18/0x20 [ 19.362329] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.362357] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.362386] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.362409] ? trace_hardirqs_on+0x37/0xe0 [ 19.362435] ? kasan_bitops_generic+0x92/0x1c0 [ 19.362464] kasan_bitops_generic+0x116/0x1c0 [ 19.362489] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.362516] ? __pfx_read_tsc+0x10/0x10 [ 19.362539] ? ktime_get_ts64+0x86/0x230 [ 19.362564] kunit_try_run_case+0x1a5/0x480 [ 19.362590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.362614] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.362638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.362667] ? __kthread_parkme+0x82/0x180 [ 19.362713] ? preempt_count_sub+0x50/0x80 [ 19.362739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.362764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.362789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.362813] kthread+0x337/0x6f0 [ 19.362835] ? trace_preempt_on+0x20/0xc0 [ 19.362858] ? __pfx_kthread+0x10/0x10 [ 19.362881] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.362903] ? calculate_sigpending+0x7b/0xa0 [ 19.362929] ? __pfx_kthread+0x10/0x10 [ 19.362952] ret_from_fork+0x116/0x1d0 [ 19.362972] ? __pfx_kthread+0x10/0x10 [ 19.363004] ret_from_fork_asm+0x1a/0x30 [ 19.363050] </TASK> [ 19.363071] [ 19.380220] Allocated by task 278: [ 19.380617] kasan_save_stack+0x45/0x70 [ 19.380907] kasan_save_track+0x18/0x40 [ 19.381165] kasan_save_alloc_info+0x3b/0x50 [ 19.381484] __kasan_kmalloc+0xb7/0xc0 [ 19.381730] __kmalloc_cache_noprof+0x189/0x420 [ 19.381979] kasan_bitops_generic+0x92/0x1c0 [ 19.382244] kunit_try_run_case+0x1a5/0x480 [ 19.383238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.383576] kthread+0x337/0x6f0 [ 19.383882] ret_from_fork+0x116/0x1d0 [ 19.384071] ret_from_fork_asm+0x1a/0x30 [ 19.384280] [ 19.384401] The buggy address belongs to the object at ffff8881026fb960 [ 19.384401] which belongs to the cache kmalloc-16 of size 16 [ 19.385247] The buggy address is located 8 bytes inside of [ 19.385247] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.386186] [ 19.386387] The buggy address belongs to the physical page: [ 19.386827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.388313] flags: 0x200000000000000(node=0|zone=2) [ 19.389069] page_type: f5(slab) [ 19.389316] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.389867] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.390600] page dumped because: kasan: bad access detected [ 19.391084] [ 19.391798] Memory state around the buggy address: [ 19.392022] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.392494] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.393415] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.393743] ^ [ 19.394443] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.395350] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.395816] ================================================================== [ 19.098851] ================================================================== [ 19.100099] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.100586] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.101353] [ 19.101971] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.102105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.102134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.102165] Call Trace: [ 19.102184] <TASK> [ 19.102208] dump_stack_lvl+0x73/0xb0 [ 19.102251] print_report+0xd1/0x650 [ 19.102303] ? __virt_addr_valid+0x1db/0x2d0 [ 19.102328] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.102381] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102409] kasan_report+0x141/0x180 [ 19.102433] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102465] kasan_check_range+0x10c/0x1c0 [ 19.102491] __kasan_check_write+0x18/0x20 [ 19.102512] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.102540] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.102569] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.102592] ? trace_hardirqs_on+0x37/0xe0 [ 19.102617] ? kasan_bitops_generic+0x92/0x1c0 [ 19.102646] kasan_bitops_generic+0x116/0x1c0 [ 19.102685] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.102727] ? __pfx_read_tsc+0x10/0x10 [ 19.102770] ? ktime_get_ts64+0x86/0x230 [ 19.102814] kunit_try_run_case+0x1a5/0x480 [ 19.102854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.102888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.102924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.102978] ? __kthread_parkme+0x82/0x180 [ 19.103017] ? preempt_count_sub+0x50/0x80 [ 19.103053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.103111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.103151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.103186] kthread+0x337/0x6f0 [ 19.103219] ? trace_preempt_on+0x20/0xc0 [ 19.103267] ? __pfx_kthread+0x10/0x10 [ 19.103304] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.103336] ? calculate_sigpending+0x7b/0xa0 [ 19.103377] ? __pfx_kthread+0x10/0x10 [ 19.103410] ret_from_fork+0x116/0x1d0 [ 19.103431] ? __pfx_kthread+0x10/0x10 [ 19.103453] ret_from_fork_asm+0x1a/0x30 [ 19.103486] </TASK> [ 19.103500] [ 19.116693] Allocated by task 278: [ 19.117408] kasan_save_stack+0x45/0x70 [ 19.117803] kasan_save_track+0x18/0x40 [ 19.118130] kasan_save_alloc_info+0x3b/0x50 [ 19.118342] __kasan_kmalloc+0xb7/0xc0 [ 19.119383] __kmalloc_cache_noprof+0x189/0x420 [ 19.119614] kasan_bitops_generic+0x92/0x1c0 [ 19.120277] kunit_try_run_case+0x1a5/0x480 [ 19.120522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.120915] kthread+0x337/0x6f0 [ 19.121439] ret_from_fork+0x116/0x1d0 [ 19.121875] ret_from_fork_asm+0x1a/0x30 [ 19.122762] [ 19.122879] The buggy address belongs to the object at ffff8881026fb960 [ 19.122879] which belongs to the cache kmalloc-16 of size 16 [ 19.123642] The buggy address is located 8 bytes inside of [ 19.123642] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.124484] [ 19.125208] The buggy address belongs to the physical page: [ 19.126027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.126368] flags: 0x200000000000000(node=0|zone=2) [ 19.127004] page_type: f5(slab) [ 19.127908] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.128329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.129250] page dumped because: kasan: bad access detected [ 19.129585] [ 19.129745] Memory state around the buggy address: [ 19.130132] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.130606] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.131698] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.132182] ^ [ 19.132909] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.133673] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.134031] ================================================================== [ 19.212824] ================================================================== [ 19.213230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.214486] Write of size 8 at addr ffff8881026fb968 by task kunit_try_catch/278 [ 19.215199] [ 19.215467] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250512 #1 PREEMPT(voluntary) [ 19.215575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.215604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.215650] Call Trace: [ 19.215724] <TASK> [ 19.215765] dump_stack_lvl+0x73/0xb0 [ 19.215824] print_report+0xd1/0x650 [ 19.215865] ? __virt_addr_valid+0x1db/0x2d0 [ 19.215910] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.215963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.216013] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.216099] kasan_report+0x141/0x180 [ 19.216148] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.216203] kasan_check_range+0x10c/0x1c0 [ 19.216242] __kasan_check_write+0x18/0x20 [ 19.216289] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.216333] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.216375] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.216408] ? trace_hardirqs_on+0x37/0xe0 [ 19.216446] ? kasan_bitops_generic+0x92/0x1c0 [ 19.216491] kasan_bitops_generic+0x116/0x1c0 [ 19.216529] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.216570] ? __pfx_read_tsc+0x10/0x10 [ 19.216598] ? ktime_get_ts64+0x86/0x230 [ 19.216623] kunit_try_run_case+0x1a5/0x480 [ 19.216650] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.216720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.216748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.216772] ? __kthread_parkme+0x82/0x180 [ 19.216794] ? preempt_count_sub+0x50/0x80 [ 19.216819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.216843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.216867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.216891] kthread+0x337/0x6f0 [ 19.216912] ? trace_preempt_on+0x20/0xc0 [ 19.216935] ? __pfx_kthread+0x10/0x10 [ 19.216958] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.216979] ? calculate_sigpending+0x7b/0xa0 [ 19.217005] ? __pfx_kthread+0x10/0x10 [ 19.217027] ret_from_fork+0x116/0x1d0 [ 19.217055] ? __pfx_kthread+0x10/0x10 [ 19.217112] ret_from_fork_asm+0x1a/0x30 [ 19.217162] </TASK> [ 19.217180] [ 19.227697] Allocated by task 278: [ 19.227892] kasan_save_stack+0x45/0x70 [ 19.228102] kasan_save_track+0x18/0x40 [ 19.228966] kasan_save_alloc_info+0x3b/0x50 [ 19.229619] __kasan_kmalloc+0xb7/0xc0 [ 19.229975] __kmalloc_cache_noprof+0x189/0x420 [ 19.230581] kasan_bitops_generic+0x92/0x1c0 [ 19.231197] kunit_try_run_case+0x1a5/0x480 [ 19.231584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.232590] kthread+0x337/0x6f0 [ 19.232818] ret_from_fork+0x116/0x1d0 [ 19.233336] ret_from_fork_asm+0x1a/0x30 [ 19.233602] [ 19.233826] The buggy address belongs to the object at ffff8881026fb960 [ 19.233826] which belongs to the cache kmalloc-16 of size 16 [ 19.234644] The buggy address is located 8 bytes inside of [ 19.234644] allocated 9-byte region [ffff8881026fb960, ffff8881026fb969) [ 19.235522] [ 19.235662] The buggy address belongs to the physical page: [ 19.236011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026fb [ 19.236361] flags: 0x200000000000000(node=0|zone=2) [ 19.237176] page_type: f5(slab) [ 19.237537] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.238131] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.238628] page dumped because: kasan: bad access detected [ 19.238941] [ 19.239239] Memory state around the buggy address: [ 19.239642] ffff8881026fb800: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 19.239973] ffff8881026fb880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 19.240246] >ffff8881026fb900: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.240521] ^ [ 19.240769] ffff8881026fb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.241289] ffff8881026fba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.242107] ==================================================================